RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-04-11 03:31:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness

Browse Source 
It's unclear why the buffer length wasn't considered when tcp-response
rules were added in 1.5-dev3 with commit 97679e790 ("[MEDIUM] Implement
tcp inspect response rules"). But it's impossible to write working
tcp-response content rules as they're always waiting for the expiration
and do not consider the fact that the buffer is full. It's likely that
tcp-response content rules were only used with HTTP traffic.

This may be backported to stable versions, though it's not very
important considering that that nobody reported this in 10 years.
This commit is contained in:
Willy Tarreau 2020-06-15 18:08:07 +02:00
parent 9dc92b2650
commit 55ae1ab9e4
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/tcp_rules.c
View File

@ -260,8 +260,8 @@ int tcp_inspect_response(struct stream *s, struct channel *rep, int an_bit)
* - if one rule returns OK, then return OK
* - if one rule returns KO, then return KO
*/
if (rep->flags & CF_SHUTR || tick_is_expired(rep->analyse_exp, now_ms))
if ((rep->flags & CF_SHUTR) || channel_full(rep, global.tune.maxrewrite) ||
!s->be->tcp_rep.inspect_delay || tick_is_expired(rep->analyse_exp, now_ms))
partial = SMP_OPT_FINAL;
else
partial = 0;