diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile index f67ed1227..85c655568 100644 --- a/net/haproxy/Makefile +++ b/net/haproxy/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=haproxy PKG_VERSION:=1.4.24 -PKG_RELEASE:=01 +PKG_RELEASE:=02 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.4/src diff --git a/net/haproxy/patches/0001-BUG-MAJOR-http-don-t-emit-the-send-name-header-when-.patch b/net/haproxy/patches/0001-BUG-MAJOR-http-don-t-emit-the-send-name-header-when-.patch new file mode 100644 index 000000000..010e035e9 --- /dev/null +++ b/net/haproxy/patches/0001-BUG-MAJOR-http-don-t-emit-the-send-name-header-when-.patch @@ -0,0 +1,41 @@ +From d362dc75f3dfa7062e5c2cb7822ad12ffb755389 Mon Sep 17 00:00:00 2001 +From: Willy Tarreau +Date: Thu, 4 Jul 2013 11:44:27 +0200 +Subject: [PATCH 1/2] BUG/MAJOR: http: don't emit the send-name-header when no + server is available + +Lukas Benes reported that http-send-name-header causes a segfault if no +server is available because we're dereferencing the session's target which +is NULL. The tiniest reproducer looks like this : + + listen foo + bind :1234 + mode http + http-send-name-header srv + +This obvious fix must be backported to 1.4 which is affected as well. +(cherry picked from commit 0fc36e3ae99ccbe6de88cf64093f3045e526d088) +--- + src/session.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/session.c b/src/session.c +index 6211a45..21ecb9f 100644 +--- a/src/session.c ++++ b/src/session.c +@@ -1428,9 +1428,9 @@ resync_stream_interface: + /* Now we can add the server name to a header (if requested) */ + /* check for HTTP mode and proxy server_name_hdr_name != NULL */ + if ((s->flags & SN_BE_ASSIGNED) && +- (s->be->mode == PR_MODE_HTTP) && +- (s->be->server_id_hdr_name != NULL)) { +- ++ (s->be->mode == PR_MODE_HTTP) && ++ (s->be->server_id_hdr_name != NULL) && ++ (s->srv)) { + http_send_name_header(&s->txn, + &s->txn.req, + s->req, +-- +1.8.1.5 + diff --git a/net/haproxy/patches/0002-BUG-MEDIUM-http-option-checkcache-fails-with-the-no-.patch b/net/haproxy/patches/0002-BUG-MEDIUM-http-option-checkcache-fails-with-the-no-.patch new file mode 100644 index 000000000..8d17beef1 --- /dev/null +++ b/net/haproxy/patches/0002-BUG-MEDIUM-http-option-checkcache-fails-with-the-no-.patch @@ -0,0 +1,37 @@ +From 9f2080114f79f64051e17b12957655e26c46bdf0 Mon Sep 17 00:00:00 2001 +From: Willy Tarreau +Date: Thu, 4 Jul 2013 12:46:56 +0200 +Subject: [PATCH 2/2] BUG/MEDIUM: http: "option checkcache" fails with the + no-cache header +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The checkcache option checks for cacheable responses with a set-cookie +header. Since the response processing code was refactored in 1.3.8 +(commit a15645d4), the check was broken because the no-cache value +is only checked as no-cache="set-cookie", and not alone. + +Thanks to Hervé Commowick for reporting this stupid bug! + +The fix should be backported to 1.4 and 1.3. +(cherry picked from commit 5b15f9004d13b8a7e5e665929cad97a2c0beebd3) +--- + src/proto_http.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/proto_http.c b/src/proto_http.c +index a63d65d..22a7737 100644 +--- a/src/proto_http.c ++++ b/src/proto_http.c +@@ -7373,6 +7373,7 @@ void check_response_for_cacheability(struct session *t, struct buffer *rtr) + + /* OK, so we know that either p2 points to the end of string or to a comma */ + if (((p2 - p1 == 7) && strncasecmp(p1, "private", 7) == 0) || ++ ((p2 - p1 == 8) && strncasecmp(p1, "no-cache", 8) == 0) || + ((p2 - p1 == 8) && strncasecmp(p1, "no-store", 8) == 0) || + ((p2 - p1 == 9) && strncasecmp(p1, "max-age=0", 9) == 0) || + ((p2 - p1 == 10) && strncasecmp(p1, "s-maxage=0", 10) == 0)) { +-- +1.8.1.5 +