sinjuginas/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts

Browse Source 
When a network error occurred on the server side, if it is not the first
request (in case of keep-alive), nothing is returned to the client and its
connexion is closed to be sure it may retry. However L7 retries on refused
early data (0rtt-rejected) must be performed first.

In addition, such L7 retries must also be performed before incrementing the
failed responses counter.

This patch must be backported as far as 2.0.
This commit is contained in:
Christopher Faulet 2021-05-26 12:15:37 +02:00
parent 552601d5fd
commit d976923ab2
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/http_ana.c
View File

@ -1380,6 +1380,16 @@ int http_wait_for_response(struct stream *s, struct channel *rep, int an_bit)
return 0;
}
/* Perform a L7 retry because server refuses the early data. */
if ((si_b->flags & SI_FL_L7_RETRY) &&
(s->be->retry_type & PR_RE_EARLY_ERROR) &&
conn && conn->err_code == CO_ER_SSL_EARLY_FAILED &&
do_l7_retry(s, si_b) == 0) {
DBG_TRACE_DEVEL("leaving on L7 retry",
STRM_EV_STRM_ANA|STRM_EV_HTTP_ANA, s, txn);
return 0;
}
if (txn->flags & TX_NOT_FIRST)
goto abort_keep_alive;
@ -1389,25 +1399,15 @@ int http_wait_for_response(struct stream *s, struct channel *rep, int an_bit)
health_adjust(__objt_server(s->target), HANA_STATUS_HTTP_READ_ERROR);
}
rep->analysers &= AN_RES_FLT_END;
txn->status = 502;
/* Check to see if the server refused the early data.
* If so, just send a 425
*/
if (conn && conn->err_code == CO_ER_SSL_EARLY_FAILED) {
if ((s->be->retry_type & PR_RE_EARLY_ERROR) &&
(si_b->flags & SI_FL_L7_RETRY) &&
do_l7_retry(s, si_b) == 0) {
DBG_TRACE_DEVEL("leaving on L7 retry",
STRM_EV_STRM_ANA|STRM_EV_HTTP_ANA, s, txn);
return 0;
}
/* if the server refused the early data, just send a 425 */
if (conn && conn->err_code == CO_ER_SSL_EARLY_FAILED)
txn->status = 425;
}
else
else {
txn->status = 502;
stream_inc_http_fail_ctr(s);
}
rep->analysers &= AN_RES_FLT_END;
s->si[1].flags |= SI_FL_NOLINGER;
http_reply_and_close(s, txn->status, http_error_message(s));