RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-01 09:42:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
haproxy public development tree
10,725 Commits 15 Branches 371 Tags 54 MiB
C 98.1%
Shell 0.9%
Makefile 0.5%
Python 0.2%
Lua 0.1%
5fdb5b36e1
Go to file
William Lallemand 5fdb5b36e1 BUG/MINOR: mworker/ssl: close openssl FDs unconditionally 
Patch 56996da ("BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload")
fixes a issue where the /dev/random FD was leaked by OpenSSL upon a
reload in master worker mode. Indeed the FD was not flagged with
CLOEXEC.

The fix was checking if ssl_used_frontend or ssl_used_backend were set
to close the FD. This is wrong, indeed the lua init code creates an SSL
server without increasing the backend value, so the deinit is never
done when you don't use SSL in your configuration.

To reproduce the problem you just need to build haproxy with openssl and
lua with an openssl which does not use the getrandom() syscall.  No
openssl nor lua configuration are required for haproxy.

This patch must be backported as far as 1.8.

Fix issue #314.
2019-10-17 11:36:22 +02:00
.github/ISSUE_TEMPLATE DOC: Add 'Question.md' issue template, discouraging asking questions 2019-08-02 19:11:41 +02:00
contrib DOC: fix typo in Prometheus exporter doc 2019-10-09 04:38:15 +02:00
doc MINOR: stats: make "show stat" and "show info" 2019-10-10 11:30:07 +02:00
ebtree BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const 2019-10-02 15:24:19 +02:00
examples CLEANUP: removed obsolete examples an move a few to better places 2019-06-15 21:25:06 +02:00
include MINOR: istbuf: add b_fromist() to make a buffer from an ist 2019-10-17 10:40:47 +02:00
reg-tests REGTESTS: Adapt proxy_protocol_random_fail.vtc to match normalized URI too 2019-10-14 22:28:50 +02:00
scripts BUILD: CI: install golang-1.13 when building BoringSSL 2019-09-17 13:52:39 +02:00
src BUG/MINOR: mworker/ssl: close openssl FDs unconditionally 2019-10-17 11:36:22 +02:00
tests TESTS: Add a stress-test for mt_lists. 2019-09-23 18:16:08 +02:00
.cirrus.yml BUILD: CI: skip reg-tests/connection/proxy_protocol_random_fail.vtc on CentOS 6 2019-09-08 12:10:32 +02:00
.gitignore DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
.travis.yml BUILD: travis-ci: limit build to branches "master" and "next" 2019-10-17 06:53:55 +02:00
BRANCHES DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
CHANGELOG [RELEASE] Released version 2.1-dev2 2019-10-01 18:13:09 +02:00
CONTRIBUTING DOC: improve the wording in CONTRIBUTING about how to document a bug fix 2019-07-26 15:46:21 +02:00
INSTALL MINOR: build: add linux-glibc-legacy build TARGET 2019-09-01 17:28:10 +02:00
LICENSE LICENSE: add licence exception for OpenSSL 2012-09-07 13:52:26 +02:00
MAINTAINERS DOC: wurfl: added point of contact in MAINTAINERS file 2019-04-23 11:00:23 +02:00
Makefile BUILD/MEDIUM: threads: enable cpu_affinity on osx 2019-10-17 07:20:58 +02:00
README DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
ROADMAP DOC: update the outdated ROADMAP file 2019-06-15 21:59:54 +02:00
SUBVERS BUILD: use format tags in VERDATE and SUBVERS files 2013-12-10 11:22:49 +01:00
VERDATE [RELEASE] Released version 2.1-dev2 2019-10-01 18:13:09 +02:00
VERSION [RELEASE] Released version 2.1-dev2 2019-10-01 18:13:09 +02:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)