mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-13 23:14:46 +00:00
BUG/MEDIUM: session: do not report a failure when rejecting a session
In session_accept_fd() we can perform a synchronous call to conn_complete_session() and if it succeeds the connection is accepted and turned into a session. If it fails we take it as an error while it is not, in this case, it's just that a tcp-request rule has decided to reject the incoming connection. The problem with reporting such an event as an error is that the failed status is passed down to the listener code which decides to disable accept() for 100ms in order to leave some time for transient issues to vanish, and that's not what we want to do here. This fix must be backported as far as 1.7. In 1.7 the code is a bit different as tcp_exec_l5_rules() is called directly from within session_new_fd() and ret=0 must be assigned there.
This commit is contained in:
parent
584348be63
commit
e5891ca6c1
@ -288,6 +288,12 @@ int session_accept_fd(struct listener *l, int cfd, struct sockaddr_storage *addr
|
|||||||
if (conn_complete_session(cli_conn) >= 0)
|
if (conn_complete_session(cli_conn) >= 0)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
/* if we reach here we have deliberately decided not to keep this
|
||||||
|
* session (e.g. tcp-request rule), so that's not an error we should
|
||||||
|
* try to protect against.
|
||||||
|
*/
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
/* error unrolling */
|
/* error unrolling */
|
||||||
out_free_sess:
|
out_free_sess:
|
||||||
/* prevent call to listener_release during session_free. It will be
|
/* prevent call to listener_release during session_free. It will be
|
||||||
|
Loading…
Reference in New Issue
Block a user