Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / e9bad0a9361a761f2f304dcca8ddd997c05627c2^! / .
commite9bad0a9361a761f2f304dcca8ddd997c05627c2[log] [tgz]
authorOlivier Houchard <ohouchard@haproxy.com>Wed Jan 17 17:39:34 2018 +0100
committerWilly Tarreau <w@1wt.eu>Tue Jan 23 14:05:17 2018 +0100
tree6c9eba9b4c85b0e5b2554f615875c7384784452a
parent55482913956581223dc9b54e480675610e2e177e [diff]
MINOR: servers: Don't report duplicate dyncookies for disabled servers.

Especially with server-templates, it can happen servers starts with a
placeholder IP, in the disabled state. In this case, we don't want to report
that the same cookie was generated for multiple servers. So defer the test
until the server is enabled.

This should be backported to 1.8.

diff --git a/src/server.c b/src/server.c
index a37e919..3901e7d 100644
--- a/src/server.c
+++ b/src/server.c

@@ -86,10 +86,34 @@
 	return (check->fastinter)?(check->fastinter):(check->inter);
 }
 
-void srv_set_dyncookie(struct server *s)
+/*
+ * Check that we did not get a hash collision.
+ * Unlikely, but it can happen.
+ */
+static inline void srv_check_for_dup_dyncookie(struct server *s)
 {
 	struct proxy *p = s->proxy;
 	struct server *tmpserv;
+
+	for (tmpserv = p->srv; tmpserv != NULL;
+	    tmpserv = tmpserv->next) {
+		if (tmpserv == s)
+			continue;
+		if (tmpserv->next_admin & SRV_ADMF_FMAINT)
+			continue;
+		if (tmpserv->cookie &&
+		    strcmp(tmpserv->cookie, s->cookie) == 0) {
+			ha_warning("We generated two equal cookies for two different servers.\n"
+				   "Please change the secret key for '%s'.\n",
+				   s->proxy->id);
+		}
+	}
+
+}
+
+void srv_set_dyncookie(struct server *s)
+{
+	struct proxy *p = s->proxy;
 	char *tmpbuf;
 	unsigned long long hash_value;
 	size_t key_len;
@@ -136,21 +160,13 @@
 	if (!s->cookie)
 		return;
 	s->cklen = 16;
-	/*
-	 * Check that we did not get a hash collision.
-	 * Unlikely, but it can happen.
+
+	/* Don't bother checking if the dyncookie is duplicated if
+	 * the server is marked as "disabled", maybe it doesn't have
+	 * its real IP yet, but just a place holder.
 	 */
-	for (tmpserv = p->srv; tmpserv != NULL;
-	    tmpserv = tmpserv->next) {
-		if (tmpserv == s)
-			continue;
-		if (tmpserv->cookie &&
-		    strcmp(tmpserv->cookie, s->cookie) == 0) {
-			ha_warning("We generated two equal cookies for two different servers.\n"
-				   "Please change the secret key for '%s'.\n",
-				   s->proxy->id);
-		}
-	}
+	if (!(s->next_admin & SRV_ADMF_FMAINT))
+		srv_check_for_dup_dyncookie(s);
 }
 
 /*
@@ -4398,6 +4414,10 @@
 		return 1;
 
 	srv_adm_set_ready(sv);
+	if (!(sv->flags & SRV_F_COOKIESET)
+	    && (sv->proxy->ck_opts & PR_CK_DYNAMIC) &&
+	    sv->cookie)
+		srv_check_for_dup_dyncookie(sv);
 	return 1;
 }