From 1a786d7f33267efbbd352b8fb0442f215ee97cfd Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Tue, 8 Mar 2016 15:20:25 +0100
Subject: [PATCH] BUG/MINOR: tcpcheck: fix incorrect list usage resulting in
 failure to load certain configs

Commit baf9794 ("BUG/MINOR: tcpcheck: conf parsing error when no port
configured on server and first rule(s) is (are) COMMENT") was wrong, it
incorrectly implemented a list access by dereferencing a pointer of an
incorrect type resulting in checking the next element in the list. The
consequence is that it stops before the last comment instead of at the
last one and skips the first rule. In the end, rules starting with
comments are not affected, but if a sequence of checks directly starts
with connect, it is then skipped and this is visible when no port is
configured on the server line as the config refuses to load.

There was another occurence of the same bug a few lines below, both
of them were fixed. Tests were made on different configs and confirm
the new fix is OK.

This fix must be backported to 1.6.
---
 src/server.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/server.c b/src/server.c
index 7941a48581..0405da28d0 100644
--- a/src/server.c
+++ b/src/server.c
@@ -1760,7 +1760,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
 			if (!newsrv->check.port &&
 			    (is_inet_addr(&newsrv->check.addr) ||
 			     (!is_addr(&newsrv->check.addr) && is_inet_addr(&newsrv->addr)))) {
-				struct tcpcheck_rule *n = NULL, *r = NULL;
+				struct tcpcheck_rule *r = NULL;
 				struct list *l;
 
 				r = (struct tcpcheck_rule *)newsrv->proxy->tcpcheck_rules.n;
@@ -1772,8 +1772,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
 				}
 				/* search the first action (connect / send / expect) in the list */
 				l = &newsrv->proxy->tcpcheck_rules;
-				list_for_each_entry(n, l, list) {
-					r = (struct tcpcheck_rule *)n->list.n;
+				list_for_each_entry(r, l, list) {
 					if (r->action != TCPCHK_ACT_COMMENT)
 						break;
 				}
@@ -1786,8 +1785,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
 				else {
 					/* scan the tcp-check ruleset to ensure a port has been configured */
 					l = &newsrv->proxy->tcpcheck_rules;
-					list_for_each_entry(n, l, list) {
-						r = (struct tcpcheck_rule *)n->list.n;
+					list_for_each_entry(r, l, list) {
 						if ((r->action == TCPCHK_ACT_CONNECT) && (!r->port)) {
 							Alert("parsing [%s:%d] : server %s has neither service port nor check port, and a tcp_check rule 'connect' with no port information. Check has been disabled.\n",
 							      file, linenum, newsrv->id);