Hi,
Here are 3 small patches to remember the status code when an error is
detected by HAProxy and have it in the SPOE logs (e.g. an unsupported
version).
Thanks,
--
Christopher Faulet
>From b84eeae6f11d856297ae433eedbda538acc6f211 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <[email protected]>
Date: Thu, 31 May 2018 15:59:32 +0200
Subject: [PATCH 1/3] BUG/MINOR: contrib/spoa_example: Don't reset the status
code during disconnect
When the connection is closed by HAProxy, the status code provided in the
DISCONNECT frame is lost. By retransmitting it in the agent's reply, we are sure
to have it in the SPOE logs.
This patch may be backported in 1.8.
---
contrib/spoa_example/spoa.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/contrib/spoa_example/spoa.c b/contrib/spoa_example/spoa.c
index d7486a41..7b40e81e 100644
--- a/contrib/spoa_example/spoa.c
+++ b/contrib/spoa_example/spoa.c
@@ -1474,7 +1474,6 @@ read_frame_cb(evutil_socket_t fd, short events, void *arg)
if (client->status_code != SPOE_FRM_ERR_NONE)
LOG(client->worker, "<%lu> Peer closed connection: %s",
client->id, spoe_frm_err_reasons[client->status_code]);
- client->status_code = SPOE_FRM_ERR_NONE;
goto disconnect;
}
--
2.17.0
>From d6050d4ec742e49c63467f553be7e8f375a2c8c0 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <[email protected]>
Date: Thu, 31 May 2018 16:04:53 +0200
Subject: [PATCH 2/3] BUG/MINOR: contrib/mod_defender: Don't reset the status
code during disconnect
When the connection is closed by HAProxy, the status code provided in the
DISCONNECT frame is lost. By retransmitting it in the agent's reply, we are sure
to have it in the SPOE logs.
This patch may be backported in 1.8.
---
contrib/mod_defender/spoa.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/contrib/mod_defender/spoa.c b/contrib/mod_defender/spoa.c
index 34b24f49..d2b333ce 100644
--- a/contrib/mod_defender/spoa.c
+++ b/contrib/mod_defender/spoa.c
@@ -1452,7 +1452,6 @@ read_frame_cb(evutil_socket_t fd, short events, void *arg)
if (client->status_code != SPOE_FRM_ERR_NONE)
LOG(client->worker, "<%lu> Peer closed connection: %s",
client->id, spoe_frm_err_reasons[client->status_code]);
- client->status_code = SPOE_FRM_ERR_NONE;
goto disconnect;
}
--
2.17.0
>From fd28f6d1082cf22a8ac09d52ea6cacfbc52513a0 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <[email protected]>
Date: Thu, 31 May 2018 16:05:21 +0200
Subject: [PATCH 3/3] BUG/MINOR: contrib/modsecurity: Don't reset the status
code during disconnect
When the connection is closed by HAProxy, the status code provided in the
DISCONNECT frame is lost. By retransmitting it in the agent's reply, we are sure
to have it in the SPOE logs.
This patch may be backported in 1.8.
---
contrib/modsecurity/spoa.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/contrib/modsecurity/spoa.c b/contrib/modsecurity/spoa.c
index 18ef1d24..81e31184 100644
--- a/contrib/modsecurity/spoa.c
+++ b/contrib/modsecurity/spoa.c
@@ -1481,7 +1481,6 @@ read_frame_cb(evutil_socket_t fd, short events, void *arg)
if (client->status_code != SPOE_FRM_ERR_NONE)
LOG(client->worker, "<%lu> Peer closed connection: %s",
client->id, spoe_frm_err_reasons[client->status_code]);
- client->status_code = SPOE_FRM_ERR_NONE;
goto disconnect;
}
--
2.17.0
