Closed TimWolla closed 4 years ago
Just for my understanding, what does this "*l" mean ?
See client:receive
here: http://w3.impa.br/~diego/software/luasocket/tcp.html
The socket class in HAProxy is modeled after that.
@TimWolla, I pushed a fix for this issue. I will backport it as far as 2.0 for now.
The reg-tests in my repository confirm that the patch works: https://github.com/TimWolla/haproxy-auth-request/runs/891438916. Thanks.
I hope I don't become too annoying with asking for backports and releases, but I'd appreciate if this patch could be backported to 1.8 soonish, so that I can merge the adjustments to my reg-tests with every branch green :smiley:
No need for proper release with all the bells and whistles, just the backport is sufficient. My reg-tests run on the newest snapshot of each branch anyway.
No Tim you're not annoying, however you're predictable :-) One hour ago I told Christopher "we've finally managed to issue 5 releases, you can be sure Tim will come back for 1.8" :-) 1.8 definitely needs another release, it's been without fix for almost 4 months now. It's just that it's materially impossible to work on all of them at once and we have to start with the latest ones. The problem is, when you spend 3 days in a row doing exclusively backports and builds (it's easy to build 300 times during such a series), fixing merges and running regtests and bisects, and you're getting terribly late on everything with people complaining, older releases that miss 200 patches require even harder motivation! We know we have to work on it, it's a matter of finding even more time :-( Hopefully next week, but this one will likely take the whole week and the person doing it will probably be found hung to a ceiling if not watched regularly... Actually we're too few to work on backports and fixes and this is seriously hindering progress because only a few percent of the time is spent improving the design for future versions, so we're duplicating issues over and over, adding more needs for backports over time. But anyway rest assured it's not forgotten!
No Tim you're not annoying, however you're predictable :-) One hour ago I told Christopher "we've finally managed to issue 5 releases, you can be sure Tim will come back for 1.8" :-)
Gotcha :grin:
it's easy to build 300 times during such a series
I did not realize that. Is each commit compiled separately?
older releases that miss 200 patches require even harder motivation
Yes, I totally understand that with the additional context. I am sure that you already optimized the process for you, but maybe it might make sense to backport all patches once a week (e.g. on Wednesday after Daniel's Bot sends the status update). Then only the patches from that week need to be tested, while they are still somewhat fresh in the brain.
Hopefully next week […] But anyway rest assured it's not forgotten!
Okay, that's a sufficient answer for me. I'm looking forward to it. It allows me to merge my tests and it allows to close a number of issues in the HAProxy tracker that only have the 1.8 label.
it's easy to build 300 times during such a series
I did not realize that. Is each commit compiled separately?
It depends. Sometimes yes, sometimes no. When you get a long series of patches applying without trouble it's not worth doing this, you just build once in a while to verify. With 1.8, it's simple, among the 86 patches I tried, probably less than 15 applied well (1.8 lacks HTX, HTTP files were renamed later, then includes, it uses the old buffer and chunks API, and the CLI was somewhat different, hence nothing applies). In this case you have to figure what conflicts, how the code used to work, then iteratively try to fix by hand and build. Once it builds, you run the reg-tests to be moderately sure. Sometimes I prefer to drop some patches than take risks.
older releases that miss 200 patches require even harder motivation
Yes, I totally understand that with the additional context. I am sure that you already optimized the process for you, but maybe it might make sense to backport all patches once a week (e.g. on Wednesday after Daniel's Bot sends the status update). Then only the patches from that week need to be tested, while they are still somewhat fresh in the brain.
That's what we try to do. Except that days are only 19 hours long and that it's not enough to deal with the big stuff and the backports. Plus when you work on backports, you're totally devasted afterwards and it's impossible to work on anything else. See it like an endurance run.
Okay, that's a sufficient answer for me. I'm looking forward to it. It allows me to merge my tests and it allows to close a number of issues in the HAProxy tracker that only have the 1.8 label.
I've done what I could backport for now, some are still missing but the one you needed above is among the merged ones. It's on the bkp-1.8.26-rc1 branch in the 1.8 repo. I'd appreciate it if you could give it a try with whatever you need 1.8 for.
Thanks!
I've done what I could backport for now, some are still missing but the one you needed above is among the merged ones. It's on the bkp-1.8.26-rc1 branch in the 1.8 repo. I'd appreciate it if you could give it a try with whatever you need 1.8 for.
I don't personally need 1.8, I run my important prod on 2.1 / 2.2. Less important prod is 1.8, though, because that's what Debian ships with.
1.8 is the lowest branch haproxy-auth-request is compatible with, though. I'd like to make sure that the Lua script runs properly with 1.8+ after I took the time writing reg-tests for it. Writing the reg-tests was already worth it for me, because it found this issue :smiley:
bkp-1.8.26-rc1 is looking good for me:
OK, thank you!
Output of
haproxy -vv
anduname -a
What's the configuration?
Steps to reproduce the behavior
haproxy -d -f ./crasher.cfg
printf "foo" |nc -l 127.0.0.1 9000
curl localhost:8080
Actual behavior
Expected behavior
Not crash.
Do you have any idea what may have caused this?
Socket.receive("*l")
does not properly handle responses not containing a single newline.Do you have an idea how to solve the issue?
No. But please see also:
haproxytech/haproxy-lua-http#5, https://github.com/TimWolla/haproxy-auth-request/runs/860809162?check_suite_focus=true and this regtest: https://github.com/TimWolla/haproxy-auth-request/blob/haproxy-lua-http/test/deny_garbage.vtc