pound/2.6/dynamic-backends.patch
changeset 35 00eb34bfe348
parent 34 87b508932fa3
--- a/pound/2.6/dynamic-backends.patch	Fri Oct 27 11:56:51 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,268 +0,0 @@
-diff --git a/debian/changelog b/debian/changelog
-index 689c84b..67ebb35 100644
---- a/debian/changelog
-+++ b/debian/changelog
-@@ -1,3 +1,10 @@
-+pound (2.6-2.1) wheezy; urgency=low
-+
-+  * Non-maintainer upload.
-+  * patched to deal with backend addresses on dynamic ips
-+
-+ -- Matthias Förste <foerste@schlittermann.de>  Fri, 28 Jun 2013 13:20:21 +0200
-+
- pound (2.6-2) unstable; urgency=low
- 
-   * Update anti_beast patch
-diff --git a/debian/patches/dyn_addr.patch b/debian/patches/dyn_addr.patch
-new file mode 100644
-index 0000000..c96b3c0
---- /dev/null
-+++ b/debian/patches/dyn_addr.patch
-@@ -0,0 +1,239 @@
-+diff --git a/config.c b/config.c
-+index 731b022..b19c78a 100755
-+--- a/config.c
-++++ b/config.c
-+@@ -77,7 +77,7 @@ static regex_t  Err414, Err500, Err501, Err503, MaxRequest, HeadRemove, RewriteL
-+ static regex_t  Service, ServiceName, URL, HeadRequire, HeadDeny, BackEnd, Emergency, Priority, HAport, HAportAddr;
-+ static regex_t  Redirect, RedirectN, TimeOut, Session, Type, TTL, ID, DynScale;
-+ static regex_t  ClientCert, AddHeader, SSLAllowClientRenegotiation, SSLHonorCipherOrder, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11;
-+-static regex_t  Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, Disabled, Threads, CNName;
-++static regex_t  Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, Disabled, Threads, CNName, DynamicAddress, DynamicHAAddress;
-+ 
-+ static regmatch_t   matches[5];
-+ 
-+@@ -183,7 +183,7 @@ parse_be(const int is_emergency)
-+     if((res = (BACKEND *)malloc(sizeof(BACKEND))) == NULL)
-+         conf_err("BackEnd config: out of memory - aborted");
-+     memset(res, 0, sizeof(BACKEND));
-+-    res->be_type = 0;
-++    res->be_type = res->dyn_addr = res->dyn_ha_addr = 0;
-+     res->addr.ai_socktype = SOCK_STREAM;
-+     res->to = is_emergency? 120: be_to;
-+     res->conn_to = is_emergency? 120: be_connto;
-+@@ -200,6 +200,9 @@ parse_be(const int is_emergency)
-+             lin[strlen(lin) - 1] = '\0';
-+         if(!regexec(&Address, lin, 4, matches, 0)) {
-+             lin[matches[1].rm_eo] = '\0';
-++            if((res->hostname = (char *)malloc(matches[1].rm_eo - matches[1].rm_so + 1)) == NULL)
-++                conf_err("out of memory");
-++            memcpy(res->hostname, lin + matches[1].rm_so, matches[1].rm_eo - matches[1].rm_so + 1);
-+             if(get_host(lin + matches[1].rm_so, &res->addr)) {
-+                 /* if we can't resolve it assume this is a UNIX domain socket */
-+                 res->addr.ai_socktype = SOCK_STREAM;
-+@@ -243,6 +246,7 @@ parse_be(const int is_emergency)
-+             if(is_emergency)
-+                 conf_err("HAport is not supported for Emergency back-ends");
-+             res->ha_addr = res->addr;
-++            res->ha_hostname = res->hostname;
-+             if((res->ha_addr.ai_addr = (struct sockaddr *)malloc(res->addr.ai_addrlen)) == NULL)
-+                 conf_err("out of memory");
-+             memcpy(res->ha_addr.ai_addr, res->addr.ai_addr, res->addr.ai_addrlen);
-+@@ -264,6 +268,9 @@ parse_be(const int is_emergency)
-+             if(is_emergency)
-+                 conf_err("HAportAddr is not supported for Emergency back-ends");
-+             lin[matches[1].rm_eo] = '\0';
-++            if((res->ha_hostname = (char *)malloc(matches[1].rm_eo - matches[1].rm_so + 1)) == NULL)
-++                conf_err("out of memory");
-++            memcpy(res->ha_hostname, lin + matches[1].rm_so, matches[1].rm_eo - matches[1].rm_so + 1);
-+             if(get_host(lin + matches[1].rm_so, &res->ha_addr)) {
-+                 /* if we can't resolve it assume this is a UNIX domain socket */
-+                 res->addr.ai_socktype = SOCK_STREAM;
-+@@ -321,6 +328,10 @@ parse_be(const int is_emergency)
-+             SSL_CTX_set_tmp_dh_callback(res->ctx, DH_tmp_callback);
-+         } else if(!regexec(&Disabled, lin, 4, matches, 0)) {
-+             res->disabled = atoi(lin + matches[1].rm_so);
-++        } else if(!regexec(&DynamicAddress, lin, 4, matches, 0)) {
-++            res->dyn_addr = 1;
-++        } else if(!regexec(&DynamicHAAddress, lin, 4, matches, 0)) {
-++            res->dyn_ha_addr = 1;
-+         } else if(!regexec(&End, lin, 4, matches, 0)) {
-+             if(!has_addr)
-+                 conf_err("BackEnd missing Address - aborted");
-+@@ -1348,6 +1359,8 @@ config_parse(const int argc, char **const argv)
-+     || regcomp(&IgnoreCase, "^[ \t]*IgnoreCase[ \t]+([01])[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-+     || regcomp(&HTTPS, "^[ \t]*HTTPS[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-+     || regcomp(&HTTPSCert, "^[ \t]*HTTPS[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-++    || regcomp(&DynamicAddress, "^[ \t]*DynamicAddress[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-++    || regcomp(&DynamicHAAddress, "^[ \t]*DynamicHAAddress[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-+     || regcomp(&Disabled, "^[ \t]*Disabled[ \t]+[01][ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-+     || regcomp(&CNName, ".*[Cc][Nn]=([-*.A-Za-z0-9]+).*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
-+     ) {
-+diff --git a/http.c b/http.c
-+index f6f1b8b..3946977 100755
-+--- a/http.c
-++++ b/http.c
-+@@ -817,6 +817,13 @@ do_http(thr_arg *arg)
-+                 clean_all();
-+                 return;
-+             }
-++            if (backend->dyn_addr && upd_addr(backend->hostname, &backend->addr)) {
-++                logmsg(LOG_WARNING, "(%lx) e503 backend: failed to resolve hostname '%s': %s", pthread_self(), backend->hostname, strerror(errno));
-++                err_reply(cl, h503, lstn->err503);
-++                free_headers(headers);
-++                clean_all();
-++                pthread_exit(NULL);
-++            }
-+             if((sock = socket(sock_proto, SOCK_STREAM, 0)) < 0) {
-+                 str_be(buf, MAXBUF - 1, backend);
-+                 logmsg(LOG_WARNING, "(%lx) e503 backend %s socket create: %s", pthread_self(), buf, strerror(errno));
-+diff --git a/pound.8 b/pound.8
-+index b95e794..8fd3457 100755
-+--- a/pound.8
-++++ b/pound.8
-+@@ -744,6 +744,24 @@ with this back-end disabled (1) or enabled (0). If started as disabled, the
-+ back-end can be later enabled with
-+ .I poundctl
-+ (8).
-++.TP
-++\fBDynamicAddress\fR
-++If this directive is present then the
-++.I Address
-++given for this
-++.I Backend
-++is considered a dynamic address. It is resolved whenever a connection attempt
-++to that
-++.I Address
-++is made.
-++.TP
-++\fBDynamicHAAddress\fR
-++This is the same as
-++.I DynamicAddress
-++except that it applies to the address given in the
-++.I HAPort
-++directive if any.
-++
-+ .SH "Emergency"
-+ The emergency server will be used once all existing back-ends are "dead".
-+ All configuration directives enclosed between
-+diff --git a/pound.h b/pound.h
-+index 5d0c880..a65a58c 100755
-+--- a/pound.h
-++++ b/pound.h
-+@@ -329,6 +329,10 @@ typedef struct _backend {
-+     int                 alive;      /* false if the back-end is dead */
-+     int                 resurrect;  /* this back-end is to be resurrected */
-+     int                 disabled;   /* true if the back-end is disabled */
-++    int                 dyn_addr;     /* true if the address of the backend may change over time (dynamic ip for example) */
-++    char                *hostname;    /* in case of a dynamic address we need to keep the hostname too */
-++    int                 dyn_ha_addr;  /* like dynaddr but for the ha addr */
-++    char                *ha_hostname; /* in case of a dynamic ha address we need to keep the hostname too */
-+     struct _backend     *next;
-+ }   BACKEND;
-+ 
-+@@ -631,3 +635,6 @@ extern void *thr_timer(void *);
-+  * listens to client requests and calls the appropriate functions
-+  */
-+ extern void *thr_control(void *);
-++
-++/* update address */
-++int upd_addr(char *hostname, struct addrinfo *ai);
-+diff --git a/svc.c b/svc.c
-+index 8c33a10..3551be3 100755
-+--- a/svc.c
-++++ b/svc.c
-+@@ -1022,6 +1022,9 @@ do_resurect(void)
-+         default:
-+             continue;
-+         }
-++        if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) {
-++            logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno));
-++        }
-+         if(connect_nb(sock, &be->ha_addr, be->conn_to) != 0) {
-+             kill_be(svc, be, BE_KILL);
-+             str_be(buf, MAXBUF - 1, be);
-+@@ -1058,6 +1061,9 @@ do_resurect(void)
-+         default:
-+             continue;
-+         }
-++        if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) {
-++            logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno));
-++        }
-+         if(connect_nb(sock, &be->ha_addr, be->conn_to) != 0) {
-+             kill_be(svc, be, BE_KILL);
-+             str_be(buf, MAXBUF - 1, be);
-+@@ -1093,6 +1099,9 @@ do_resurect(void)
-+                 default:
-+                     continue;
-+                 }
-++                if (be->dyn_addr && upd_addr(be->hostname, &be->addr)) {
-++                    logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->hostname, strerror(errno));
-++                }
-+                 addr = &be->addr;
-+             } else {
-+                 switch(be->ha_addr.ai_family) {
-+@@ -1111,6 +1120,9 @@ do_resurect(void)
-+                 default:
-+                     continue;
-+                 }
-++                if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) {
-++                    logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno));
-++                }
-+                 addr = &be->ha_addr;
-+             }
-+             if(connect_nb(sock, addr, be->conn_to) == 0) {
-+@@ -1162,6 +1174,9 @@ do_resurect(void)
-+                 default:
-+                     continue;
-+                 }
-++                if (be->dyn_addr && upd_addr(be->hostname, &be->addr)) {
-++                    logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->hostname, strerror(errno));
-++                }
-+                 addr = &be->addr;
-+             } else {
-+                 switch(be->ha_addr.ai_family) {
-+@@ -1180,6 +1195,9 @@ do_resurect(void)
-+                 default:
-+                     continue;
-+                 }
-++                if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) {
-++                    logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno));
-++                }
-+                 addr = &be->ha_addr;
-+             }
-+             if(connect_nb(sock, addr, be->conn_to) == 0) {
-+@@ -1828,3 +1846,35 @@ SSLINFO_callback(const SSL *ssl, int where, int rc)
-+     //else if (where & SSL_CB_ALERT) logmsg(LOG_DEBUG, "alert");
-+ }
-+ 
-++/* update address */
-++int
-++upd_addr(char *hostname, struct addrinfo *ai)
-++{
-++
-++    int r;
-++    in_port_t port;
-++
-++    /* get_host will set the port to zero */
-++    switch(ai->ai_family) {
-++        case AF_INET:
-++            port = ((struct sockaddr_in *)ai->ai_addr)->sin_port;
-++            break;
-++        case AF_INET6:
-++            port = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_port;
-++            break;
-++    }
-++
-++    r = get_host(hostname, ai);
-++
-++    switch(ai->ai_family) {
-++        case AF_INET:
-++            ((struct sockaddr_in *)ai->ai_addr)->sin_port = port;
-++            break;
-++        case AF_INET6:
-++            ((struct sockaddr_in6 *)ai->ai_addr)->sin6_port = port;
-++            break;
-++    }
-++
-++    return r;
-++
-++}
-diff --git a/debian/patches/series b/debian/patches/series
-index d9c96c5..ed63eb9 100644
---- a/debian/patches/series
-+++ b/debian/patches/series
-@@ -1,2 +1,3 @@
- anti_beast.patch
- xss_redirect_fix.patch
-+dyn_addr.patch