From: Willy Tarreau <w@1wt.eu>
Date: Thu, 10 Jan 2013 15:22:27 +0000 (+0100)
Subject: BUG/MINOR: log: temporary fix for lost SSL info in some situations
X-Git-Tag: v1.5-dev18~127
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1f31c73030727da96ccb971e62b4d55ef182e8a7;p=thirdparty%2Fhaproxy.git

BUG/MINOR: log: temporary fix for lost SSL info in some situations

When using log-format to log the result of sample fetch functions
which rely on the transport layer (eg: ssl*), we have no way to tell
the proxy not to release the connection before logs have caught the
necessary information. As a result, it happens that logging SSL fetch
functions sometimes doesn't return anything for example if the server
is not available and the connection is immediately aborted.

This issue will be fixed with the upcoming patches to finish handling
of sample fetches.

So for the moment, always mark the LW_XPRT flag on the proxy so that
when any fetch method is used, the proxy does not release the transport
layer too fast.
---

diff --git a/src/log.c b/src/log.c
index 709a66ab41..9e909e299c 100644
--- a/src/log.c
+++ b/src/log.c
@@ -346,6 +346,11 @@ void add_sample_to_logformat_list(char *text, char *arg, int arg_len, struct pro
 	if (expr->fetch->cap & SMP_CAP_L7)
 		curpx->acl_requires |= ACL_USE_L7_ANY;
 
+	/* FIXME: temporary workaround for missing LW_XPRT flag needed with some
+	 * sample fetches (eg: ssl*). We always set it for now on, but this will
+	 * leave with sample capabilities soon.
+	 */
+	curpx->to_log |= LW_XPRT;
 	LIST_ADDQ(list_format, &node->list);
 }