BUG/MINOR: backend: do not overwrite srv dst address on reuse
authorAmaury Denoyelle <adenoyelle@haproxy.com>
Thu, 27 Mar 2025 16:06:06 +0000 (17:06 +0100)
committerAurelien DARRAGON <adarragon@haproxy.com>
Tue, 15 Apr 2025 18:12:03 +0000 (20:12 +0200)
Previously, destination address of backend connection was systematically
always reassigned. However, this step is unnecessary on connection
reuse. Indeed, reuse should only be conducted with connection using the
same destination address matching the stream requirements.

This patch removes this unnecessary assignment. It is now only performed
when reuse cannot be conducted and a new connection is instantiated.

Functionnally speaking, this patch should not change anything in theory,
as reuse is performed in conformance with the destination address.
However, it appears that it was not always properly enforced. The
systematic assignment of the destination address hides these issues, so
it is now remove. The identified bogus cases will then be fixed in the
following patches.would

This should be backported up to all stable versions.

(cherry picked from commit d7fa8e88c4cda6d115b05c65cded5acb4069ee97)
Signed-off-by: Aurelien DARRAGON <adarragon@haproxy.com>
(cherry picked from commit 00ada2c2806a007df77f0f4fa2aa85938ea0b19a)
Signed-off-by: Aurelien DARRAGON <adarragon@haproxy.com>

src/backend.c

index 8b70e5d..3a4a2f7 100644 (file)
@@ -1671,6 +1671,9 @@ skip_reuse:
                        srv_conn->src = bind_addr;
                        bind_addr = NULL;
 
+                       /* copy the target address into the connection */
+                       *srv_conn->dst = *s->scb->dst;
+
                        /* mark? */
                        if (s->flags & SF_BC_MARK) {
                                srv_conn->mark = s->bc_mark;
@@ -1694,10 +1697,6 @@ skip_reuse:
        if (!srv_conn)
                return SF_ERR_RESOURCE;
 
-       /* copy the target address into the connection */
-       if (s->scb->dst)
-               *srv_conn->dst = *s->scb->dst;
-
        /* Copy network namespace from client connection */
        srv_conn->proxy_netns = cli_conn ? cli_conn->proxy_netns : NULL;