BUG/MEDIUM: peers: prevent learning expiration too far in futur from unsync node

This patch sets the expire of the entry to the max value in
configuration if the value showed in the peer update message
is too far in futur.

This should be backported an all supported branches.

(cherry picked from commit b02b8453d15dfe2c45d132484e381c27f63d2fb1)
Signed-off-by: Aurelien DARRAGON <adarragon@haproxy.com>

diff --git a/src/peers.c b/src/peers.c
index e9a54cc..095cb71 100644 (file)
--- a/src/peers.c
+++ b/src/peers.c
@@ -1740,6 +1740,9 @@ static int peer_treat_updatemsg(struct appctx *appctx, struct peer *p, int updt,
                memcpy(&expire, *msg_cur, expire_sz);
                *msg_cur += expire_sz;
                expire = ntohl(expire);
+               /* Protocol contains expire in MS, check if value is less than table config */
+               if (expire > table->expire)
+                       expire = table->expire;
                /* the rest of the code considers expire as ticks and not MS */
                expire = MS_TO_TICKS(expire);
        }