RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-30 01:52:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
haproxy public development tree
21,344 Commits 18 Branches 373 Tags 67 MiB
C 98.1%
Shell 0.8%
Makefile 0.6%
Python 0.2%
Lua 0.1%
d7964c52ce
Go to file
Aurelien DARRAGON d7964c52ce BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions 
Some regressions were introduced by 5fea59754b ("MEDIUM: map/acl:
Accelerate several functions using pat_ref_elt struct ->head list")

pat_ref_delete_by_id() fails to properly unlink and free the removed
reference because it bypasses the pat_ref_delete_by_ptr() made for
that purpose. This function is normally used everywhere the target
reference is set for removal, such as the pat_ref_delete() function
that matches pattern against a string. The call was probably skipped
by accident during the rewrite of the function.

With the above commit also comes another undesirable change:
both pat_ref_delete_by_id() and pat_ref_set_by_id() directly use the
<refelt> argument as a valid pointer (they do dereference it).

This is wrong, because <refelt> is unsafe and should be handled as an
ID, not a pointer (hence the function name). Indeed, the calling function
may directly pass user input from the CLI as <refelt> argument, so we must
first ensure that it points to a valid element before using it, else it is
probably invalid and we shouldn't touch it.

What this patch essentially does, is that it reverts pat_ref_set_by_id()
and pat_ref_delete_by_id() to pre 5fea59754b behavior. This seems like
it was the only optimization from the patch that doesn't apply.

Hopefully, after reviewing the changes with Fred, it seems that the 2
functions are only being involved in commands for manipulating maps or
acls on the cli, so the "missed" opportunity to improve their performance
shouldn't matter much. Nonetheless, if we wanted to speed up the reference
lookup by ID, we could consider adding an eb64 tree for that specific
purpose that contains all pattern references IDs (ie: pointers) so that
eb lookup functions may be used instead of linear list search.

The issue was raised by Marko Juraga as he failed to perform an an acl
removal by reference on the CLI on 2.9 which was known to work properly
on other versions.

It should be backported on 2.9.

Co-Authored-by: Frédéric Lécaille <flecaille@haproxy.com>
2023-12-08 14:26:06 +01:00
.github CI: github: switch to wolfssl git-c4b77ad for new PR 2023-12-08 12:08:22 +01:00
addons MINOR: promex: Export active/backup metrics per-server 2023-12-06 10:24:41 +01:00
admin MINOR: acme.sh: don't use '*' in the filename for wildcard domain 2023-12-04 11:53:50 +01:00
dev DEV: sslkeylogger: handle file opening error 2023-10-03 15:23:35 +02:00
doc DOC: configuration: typo req.ssl_hello_type 2023-12-07 15:00:58 +01:00
examples CLEANUP: assorted typo fixes in the code and comments 2023-11-23 16:23:14 +01:00
include BUG/MINOR: mworker/cli: fix set severity-output support 2023-12-07 17:37:23 +01:00
reg-tests BUG/MINOR: sample: Make the word converter compatible with -m found 2023-12-01 14:35:47 +01:00
scripts CI: ssl: add git id support for wolfssl download 2023-10-10 10:34:17 +02:00
src BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions 2023-12-08 14:26:06 +01:00
tests Revert "MAJOR: import: update mt_list to support exponential back-off" 2023-09-15 17:13:43 +02:00
.cirrus.yml CI: cirrus-ci: display gdb bt if any 2023-09-22 08:28:30 +02:00
.gitattributes
.gitignore CONTRIB: Add vi file extensions to .gitignore 2023-06-02 18:14:34 +02:00
.mailmap
.travis.yml
BRANCHES
BSDmakefile
CHANGELOG [RELEASE] Released version 3.0-dev0 2023-12-05 16:19:35 +01:00
CONTRIBUTING
INSTALL DOC: install: update the list of openssl versions 2023-11-23 16:29:42 +01:00
LICENSE
MAINTAINERS
Makefile REORG: quic: Add a new module for retransmissions 2023-11-28 15:47:18 +01:00
README
SUBVERS
VERDATE [RELEASE] Released version 2.9.0 2023-12-05 16:15:30 +01:00
VERSION [RELEASE] Released version 3.0-dev0 2023-12-05 16:19:35 +01:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)