1
0

0004-BUG-MEDIUM-ssl-sample-ssl_bc_-fetch-keywords-are-broken.patch 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103
  1. From 7ccf7c9791f2b2329f3940d1347618af3a77bebc Mon Sep 17 00:00:00 2001
  2. From: Emeric Brun <ebrun@haproxy.com>
  3. Date: Mon, 19 Feb 2018 15:59:48 +0100
  4. Subject: [PATCH] BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
  5. Since the split between connections and conn-stream objects, this
  6. keywords are broken.
  7. This patch must be backported in 1.8
  8. (cherry picked from commit eb8def9f34c37537d56a69fcd211d4c4c8006bea)
  9. Signed-off-by: Willy Tarreau <w@1wt.eu>
  10. ---
  11. src/ssl_sock.c | 31 ++++++++++++++-----------------
  12. 1 file changed, 14 insertions(+), 17 deletions(-)
  13. diff --git a/src/ssl_sock.c b/src/ssl_sock.c
  14. index 4d0d5db..d832d76 100644
  15. --- a/src/ssl_sock.c
  16. +++ b/src/ssl_sock.c
  17. @@ -6580,8 +6580,8 @@ smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *
  18. static int
  19. smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
  20. {
  21. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  22. - smp->strm ? smp->strm->si[1].end : NULL);
  23. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  24. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  25. smp->data.type = SMP_T_BOOL;
  26. smp->data.u.sint = (conn && conn->xprt == &ssl_sock);
  27. @@ -6625,8 +6625,8 @@ smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const ch
  28. static int
  29. smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
  30. {
  31. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  32. - smp->strm ? smp->strm->si[1].end : NULL);
  33. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  34. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  35. smp->flags = 0;
  36. if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
  37. @@ -6651,9 +6651,8 @@ smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *
  38. static int
  39. smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
  40. {
  41. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  42. - smp->strm ? smp->strm->si[1].end : NULL);
  43. -
  44. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  45. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  46. int sint;
  47. smp->flags = 0;
  48. @@ -6676,8 +6675,8 @@ smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const c
  49. static int
  50. smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
  51. {
  52. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  53. - smp->strm ? smp->strm->si[1].end : NULL);
  54. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  55. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  56. smp->flags = 0;
  57. if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
  58. @@ -6747,8 +6746,8 @@ smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw
  59. static int
  60. smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
  61. {
  62. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  63. - smp->strm ? smp->strm->si[1].end : NULL);
  64. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  65. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  66. smp->flags = 0;
  67. if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
  68. @@ -6773,9 +6772,8 @@ static int
  69. smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
  70. {
  71. #if OPENSSL_VERSION_NUMBER > 0x0090800fL
  72. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  73. - smp->strm ? smp->strm->si[1].end : NULL);
  74. -
  75. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  76. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  77. SSL_SESSION *ssl_sess;
  78. smp->flags = SMP_F_CONST;
  79. @@ -6917,9 +6915,8 @@ static int
  80. smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
  81. {
  82. #if OPENSSL_VERSION_NUMBER > 0x0090800fL
  83. - struct connection *conn = objt_conn((kw[4] != 'b') ? smp->sess->origin :
  84. - smp->strm ? smp->strm->si[1].end : NULL);
  85. -
  86. + struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
  87. + smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
  88. int finished_len;
  89. struct chunk *finished_trash;
  90. --
  91. 1.7.10.4