diff -r 87b508932fa3 -r 00eb34bfe348 pound/2.6-6/dynamic-backends.patch --- a/pound/2.6-6/dynamic-backends.patch Fri Oct 27 11:56:51 2017 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,238 +0,0 @@ -diff -r 48d93349de4c config.c ---- a/config.c Tue Jun 21 13:13:30 2016 +0200 -+++ b/config.c Tue Jun 21 13:37:02 2016 +0200 -@@ -77,7 +77,7 @@ - static regex_t Service, ServiceName, URL, HeadRequire, HeadDeny, BackEnd, Emergency, Priority, HAport, HAportAddr; - static regex_t Redirect, RedirectN, TimeOut, Session, Type, TTL, ID, DynScale; - static regex_t ClientCert, AddHeader, DisableSSLv2, DisableSSLv3, SSLAllowClientRenegotiation, SSLHonorCipherOrder, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11; --static regex_t Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, Disabled, Threads, CNName; -+static regex_t Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, DynamicAddress, DynamicHAAddress, Disabled, Threads, CNName; - - static regmatch_t matches[5]; - -@@ -183,7 +183,7 @@ - if((res = (BACKEND *)malloc(sizeof(BACKEND))) == NULL) - conf_err("BackEnd config: out of memory - aborted"); - memset(res, 0, sizeof(BACKEND)); -- res->be_type = 0; -+ res->be_type = res->dyn_addr = res->dyn_ha_addr = 0; - res->addr.ai_socktype = SOCK_STREAM; - res->to = is_emergency? 120: be_to; - res->conn_to = is_emergency? 120: be_connto; -@@ -200,6 +200,9 @@ - lin[strlen(lin) - 1] = '\0'; - if(!regexec(&Address, lin, 4, matches, 0)) { - lin[matches[1].rm_eo] = '\0'; -+ if((res->hostname = (char *)malloc(matches[1].rm_eo - matches[1].rm_so + 1)) == NULL) -+ conf_err("out of memory"); -+ memcpy(res->hostname, lin + matches[1].rm_so, matches[1].rm_eo - matches[1].rm_so + 1); - if(get_host(lin + matches[1].rm_so, &res->addr)) { - /* if we can't resolve it assume this is a UNIX domain socket */ - res->addr.ai_socktype = SOCK_STREAM; -@@ -243,6 +246,7 @@ - if(is_emergency) - conf_err("HAport is not supported for Emergency back-ends"); - res->ha_addr = res->addr; -+ res->ha_hostname = res->hostname; - if((res->ha_addr.ai_addr = (struct sockaddr *)malloc(res->addr.ai_addrlen)) == NULL) - conf_err("out of memory"); - memcpy(res->ha_addr.ai_addr, res->addr.ai_addr, res->addr.ai_addrlen); -@@ -264,6 +268,9 @@ - if(is_emergency) - conf_err("HAportAddr is not supported for Emergency back-ends"); - lin[matches[1].rm_eo] = '\0'; -+ if((res->ha_hostname = (char *)malloc(matches[1].rm_eo - matches[1].rm_so + 1)) == NULL) -+ conf_err("out of memory"); -+ memcpy(res->ha_hostname, lin + matches[1].rm_so, matches[1].rm_eo - matches[1].rm_so + 1); - if(get_host(lin + matches[1].rm_so, &res->ha_addr)) { - /* if we can't resolve it assume this is a UNIX domain socket */ - res->addr.ai_socktype = SOCK_STREAM; -@@ -325,6 +332,10 @@ - SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin)); - SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback); - SSL_CTX_set_tmp_dh_callback(res->ctx, DH_tmp_callback); -+ } else if(!regexec(&DynamicAddress, lin, 4, matches, 0)) { -+ res->dyn_addr = 1; -+ } else if(!regexec(&DynamicHAAddress, lin, 4, matches, 0)) { -+ res->dyn_ha_addr = 1; - } else if(!regexec(&Disabled, lin, 4, matches, 0)) { - res->disabled = atoi(lin + matches[1].rm_so); - } else if(!regexec(&End, lin, 4, matches, 0)) { -@@ -1374,6 +1385,8 @@ - || regcomp(&IgnoreCase, "^[ \t]*IgnoreCase[ \t]+([01])[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) - || regcomp(&HTTPS, "^[ \t]*HTTPS[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) - || regcomp(&HTTPSCert, "^[ \t]*HTTPS[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) -+ || regcomp(&DynamicAddress, "^[ \t]*DynamicAddress[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) -+ || regcomp(&DynamicHAAddress, "^[ \t]*DynamicHAAddress[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) - || regcomp(&Disabled, "^[ \t]*Disabled[ \t]+[01][ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) - || regcomp(&CNName, ".*[Cc][Nn]=([-*.A-Za-z0-9]+).*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) - ) { -diff -r 48d93349de4c http.c ---- a/http.c Tue Jun 21 13:13:30 2016 +0200 -+++ b/http.c Tue Jun 21 13:37:02 2016 +0200 -@@ -846,6 +846,13 @@ - clean_all(); - return; - } -+ if (backend->dyn_addr && upd_addr(backend->hostname, &backend->addr)) { -+ logmsg(LOG_WARNING, "(%lx) e503 backend: failed to resolve hostname '%s': %s", pthread_self(), backend->hostname, strerror(errno)); -+ err_reply(cl, h503, lstn->err503); -+ free_headers(headers); -+ clean_all(); -+ pthread_exit(NULL); -+ } - if((sock = socket(sock_proto, SOCK_STREAM, 0)) < 0) { - str_be(buf, MAXBUF - 1, backend); - logmsg(LOG_WARNING, "(%lx) e503 backend %s socket create: %s", pthread_self(), buf, strerror(errno)); -diff -r 48d93349de4c pound.8 ---- a/pound.8 Tue Jun 21 13:13:30 2016 +0200 -+++ b/pound.8 Tue Jun 21 13:37:02 2016 +0200 -@@ -737,6 +737,24 @@ - uses the same address as the back-end server, but you may use a separate address - if you wish. This directive applies only to non Unix-domain servers. - .TP -+\fBDynamicAddress\fR -+If this directive is present then the -+.I Address -+given for this -+.I Backend -+is considered a dynamic address. It is resolved whenever a connection attempt -+to that -+.I Address -+is made. -+.TP -+\fBDynamicHAAddress\fR -+This is the same as -+.I DynamicAddress -+except that it applies to the address given in the -+.I HAPort -+directive if any. -+ -+.TP - \fBDisabled\fR 0|1 - Start - .B Pound -diff -r 48d93349de4c pound.h ---- a/pound.h Tue Jun 21 13:13:30 2016 +0200 -+++ b/pound.h Tue Jun 21 13:37:02 2016 +0200 -@@ -329,6 +329,10 @@ - int alive; /* false if the back-end is dead */ - int resurrect; /* this back-end is to be resurrected */ - int disabled; /* true if the back-end is disabled */ -+ int dyn_addr; /* true if the address of the backend may change over time (dynamic ip for example) */ -+ char *hostname; /* in case of a dynamic address we need to keep the hostname too */ -+ int dyn_ha_addr; /* like dynaddr but for the ha addr */ -+ char *ha_hostname; /* in case of a dynamic ha address we need to keep the hostname too */ - struct _backend *next; - } BACKEND; - -@@ -633,3 +637,6 @@ - * listens to client requests and calls the appropriate functions - */ - extern void *thr_control(void *); -+ -+/* update address */ -+int upd_addr(char *hostname, struct addrinfo *ai); -diff -r 48d93349de4c svc.c ---- a/svc.c Tue Jun 21 13:13:30 2016 +0200 -+++ b/svc.c Tue Jun 21 13:37:02 2016 +0200 -@@ -1022,6 +1022,9 @@ - default: - continue; - } -+ if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) { -+ logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno)); -+ } - if(connect_nb(sock, &be->ha_addr, be->conn_to) != 0) { - kill_be(svc, be, BE_KILL); - str_be(buf, MAXBUF - 1, be); -@@ -1058,6 +1061,9 @@ - default: - continue; - } -+ if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) { -+ logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno)); -+ } - if(connect_nb(sock, &be->ha_addr, be->conn_to) != 0) { - kill_be(svc, be, BE_KILL); - str_be(buf, MAXBUF - 1, be); -@@ -1093,6 +1099,9 @@ - default: - continue; - } -+ if (be->dyn_addr && upd_addr(be->hostname, &be->addr)) { -+ logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->hostname, strerror(errno)); -+ } - addr = &be->addr; - } else { - switch(be->ha_addr.ai_family) { -@@ -1111,6 +1120,9 @@ - default: - continue; - } -+ if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) { -+ logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno)); -+ } - addr = &be->ha_addr; - } - if(connect_nb(sock, addr, be->conn_to) == 0) { -@@ -1162,6 +1174,9 @@ - default: - continue; - } -+ if (be->dyn_addr && upd_addr(be->hostname, &be->addr)) { -+ logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->hostname, strerror(errno)); -+ } - addr = &be->addr; - } else { - switch(be->ha_addr.ai_family) { -@@ -1180,6 +1195,9 @@ - default: - continue; - } -+ if (be->dyn_ha_addr && upd_addr(be->ha_hostname, &be->ha_addr)) { -+ logmsg(LOG_NOTICE, "failed to resolve hostname '%s': %s", be->ha_hostname, strerror(errno)); -+ } - addr = &be->ha_addr; - } - if(connect_nb(sock, addr, be->conn_to) == 0) { -@@ -1798,6 +1816,39 @@ - } - } - -+/* update address */ -+int -+upd_addr(char *hostname, struct addrinfo *ai) -+{ -+ -+ int r; -+ in_port_t port; -+ -+ /* get_host will set the port to zero */ -+ switch(ai->ai_family) { -+ case AF_INET: -+ port = ((struct sockaddr_in *)ai->ai_addr)->sin_port; -+ break; -+ case AF_INET6: -+ port = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_port; -+ break; -+ } -+ -+ r = get_host(hostname, ai); -+ -+ switch(ai->ai_family) { -+ case AF_INET: -+ ((struct sockaddr_in *)ai->ai_addr)->sin_port = port; -+ break; -+ case AF_INET6: -+ ((struct sockaddr_in6 *)ai->ai_addr)->sin6_port = port; -+ break; -+ } -+ -+ return r; -+ -+} -+ - void - SSLINFO_callback(const SSL *ssl, int where, int rc) - {