BUG/MEDIUM: config: don't pick unset values from last defaults section

Since commit 1.3.14 with commit 1fa3126ec ("[MEDIUM] introduce separation
between contimeout, and tarpit + queue"), check_config_validity() looks
at the last defaults section to update all proxies' queue and tarpit
timeouts if they were not set!

This was apparently an attempt to properly set them on the fallback values,
except that the fallback values were taken from the default proxy before
looking at the current proxy itself. The worst part of it is that it might
have randomly worked by accident for some configurations when there was a
single defaults section, but has certainly caused too short queue
expirations once another defaults section was added later in the file with
these explicitly defined.

Let's remove the defproxy part and keep only the curproxy ones. This could
be backported everywhere, the bug has been there for 13 years.

(cherry picked from commit 937c3ead34becd6851572a8280831d760f612a09)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 5d17b9f..85e36a1 100644 (file)
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -2982,33 +2982,10 @@ out_uri_auth_compat:
                 * We must still support older configurations, so let's find out whether those
                 * parameters have been set or must be copied from contimeouts.
                 */
-               if (curproxy != &defproxy) {
-                       if (!curproxy->timeout.tarpit ||
-                           curproxy->timeout.tarpit == defproxy.timeout.tarpit) {
-                               /* tarpit timeout not set. We search in the following order:
-                                * default.tarpit, curr.connect, default.connect.
-                                */
-                               if (defproxy.timeout.tarpit)
-                                       curproxy->timeout.tarpit = defproxy.timeout.tarpit;
-                               else if (curproxy->timeout.connect)
-                                       curproxy->timeout.tarpit = curproxy->timeout.connect;
-                               else if (defproxy.timeout.connect)
-                                       curproxy->timeout.tarpit = defproxy.timeout.connect;
-                       }
-                       if ((curproxy->cap & PR_CAP_BE) &&
-                           (!curproxy->timeout.queue ||
-                            curproxy->timeout.queue == defproxy.timeout.queue)) {
-                               /* queue timeout not set. We search in the following order:
-                                * default.queue, curr.connect, default.connect.
-                                */
-                               if (defproxy.timeout.queue)
-                                       curproxy->timeout.queue = defproxy.timeout.queue;
-                               else if (curproxy->timeout.connect)
-                                       curproxy->timeout.queue = curproxy->timeout.connect;
-                               else if (defproxy.timeout.connect)
-                                       curproxy->timeout.queue = defproxy.timeout.connect;
-                       }
-               }
+               if (!curproxy->timeout.tarpit)
+                       curproxy->timeout.tarpit = curproxy->timeout.connect;
+               if ((curproxy->cap & PR_CAP_BE) && !curproxy->timeout.queue)
+                       curproxy->timeout.queue = curproxy->timeout.connect;
 
                if ((curproxy->tcpcheck_rules.flags & TCPCHK_RULES_UNUSED_TCP_RS)) {
                        ha_warning("config : %s '%s' uses tcp-check rules without 'option tcp-check', so the rules are ignored.\n",