From 2364b39984e4fd4aa6a88148520d49fe0620c034 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Thu, 3 Nov 2022 16:41:46 +0100 Subject: [PATCH] BUG/MINOR: resolvers: Set port before IP address when processing SRV records For a server subject to SRV resolution, when the server's address is set, its dynamic cookie, if any, and its server key are computed. Both are based on the ip/port pair. However, this happens before the server's port is set. Thus the port is equal to 0 at this stage. It is a problem if several servers share the same IP but with different ports because they will share the same dynamic cookie and the same server key, disturbing this way the connection persistency and the session stickiness. This patch must be backported as far as 2.2. --- src/resolvers.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/resolvers.c b/src/resolvers.c index d93078003..9cb23113b 100644 --- a/src/resolvers.c +++ b/src/resolvers.c @@ -819,6 +819,9 @@ srv_found: srv->flags &= ~SRV_F_NO_RESOLUTION; srv->srvrq_check->expire = TICK_ETERNITY; + srv->svc_port = item->port; + srv->flags &= ~SRV_F_MAPPORTS; + /* Check if an Additional Record is associated to this SRV record. * Perform some sanity checks too to ensure the record can be used. * If all fine, we simply pick up the IP address found and associate @@ -873,9 +876,6 @@ srv_found: /* Update the server status */ srvrq_update_srv_status(srv, (srv->addr.ss_family != AF_INET && srv->addr.ss_family != AF_INET6)); - srv->svc_port = item->port; - srv->flags &= ~SRV_F_MAPPORTS; - if (!srv->resolv_opts.ignore_weight) { char weight[9]; int ha_weight;