BUG/MAJOR: thread: lua: Wrong SSL context initialization. When calling ->prepare_srv() callback for SSL server which depends on global "nbthread" value, this latter was not already parsed, so equal to 1 default value. This lead to bad memory accesses. Thank you to Pieter (PiBa-NL) for having reported this issue and for having provided a very helpful reg testing file to reproduce this issue (reg-test/lua/b00002.*). Must be backported to 1.8.

commit: 54f2bcf22bbf91090c4a1949fab76e9d7b8fd4ee [log] [tgz]
author: Frédéric Lécaille <flecaille@haproxy.com> Wed Aug 29 13:46:24 2018 +0200
committer: Willy Tarreau <w@1wt.eu> Thu Aug 30 10:06:45 2018 +0200
tree: 98600ad14c8d584a38edcf97c41708b21223b78c
parent: c7ffa91763de09b9adef197ca3d67395cc411fc2 [diff] [blame]
diff --git a/reg-tests/lua/b00002.vtc b/reg-tests/lua/b00002.vtc
new file mode 100644
index 0000000..6cb626e
--- /dev/null
+++ b/reg-tests/lua/b00002.vtc

@@ -0,0 +1,33 @@
+varnishtest "Lua: txn:get_priv() scope"
+feature ignore_unknown_macro
+
+haproxy h1 -conf {
+    global
+        nbthread 3
+        lua-load ${testdir}/b00002.lua
+        lua-load ${testdir}/b00002_print_r.lua
+
+    frontend fe1
+        mode http
+        bind "fd@${fe1}"
+        default_backend b1
+
+    frontend fe2
+        mode http
+        bind ":8443" ssl crt ${testdir}/common.pem
+        stats enable
+        stats uri /
+
+    backend b1
+        mode http
+        http-request use-service lua.fakeserv
+} -start
+
+client c0 -connect ${h1_fe1_sock} {
+    txreq -url "/"
+    rxresp
+    expect resp.status == 200
+    txreq -url "/"
+    rxresp
+    expect resp.status == 200
+} -run
commit	54f2bcf22bbf91090c4a1949fab76e9d7b8fd4ee	[log] [tgz]
author	Frédéric Lécaille <flecaille@haproxy.com>	Wed Aug 29 13:46:24 2018 +0200
committer	Willy Tarreau <w@1wt.eu>	Thu Aug 30 10:06:45 2018 +0200
tree	98600ad14c8d584a38edcf97c41708b21223b78c
parent	c7ffa91763de09b9adef197ca3d67395cc411fc2 [diff] [blame]