From 1b421eab872384a56976059a8642f8a94aba367f Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Fri, 22 Sep 2017 14:38:56 +0200 Subject: [PATCH] MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond So it is possible to use anothers ACLs to build ACL conditions than those of proxies. --- include/proto/acl.h | 3 ++- src/acl.c | 5 +++-- src/cfgparse.c | 18 +++++++++--------- src/proto_http.c | 6 +++--- src/tcp_rules.c | 4 ++-- 5 files changed, 19 insertions(+), 17 deletions(-) diff --git a/include/proto/acl.h b/include/proto/acl.h index 6b94296bd..dd6dae507 100644 --- a/include/proto/acl.h +++ b/include/proto/acl.h @@ -90,7 +90,8 @@ struct acl_cond *parse_acl_cond(const char **args, struct list *known_acl, * HTTP initialization requirements in the proxy. If is not NULL, it will * be set to an error message upon errors, that the caller will have to free. */ -struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, const char **args, char **err); +struct acl_cond *build_acl_cond(const char *file, int line, struct list *known_acl, + struct proxy *px, const char **args, char **err); /* Execute condition and return either ACL_TEST_FAIL, ACL_TEST_MISS or * ACL_TEST_PASS depending on the test results. ACL_TEST_MISS may only be diff --git a/src/acl.c b/src/acl.c index 8417c1b5d..bc1f2e215 100644 --- a/src/acl.c +++ b/src/acl.c @@ -1054,7 +1054,8 @@ struct acl_cond *parse_acl_cond(const char **args, struct list *known_acl, * caller is responsible for freeing. The initial location must either be * freeable or NULL. */ -struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, const char **args, char **err) +struct acl_cond *build_acl_cond(const char *file, int line, struct list *known_acl, + struct proxy *px, const char **args, char **err) { enum acl_cond_pol pol = ACL_COND_NONE; struct acl_cond *cond = NULL; @@ -1075,7 +1076,7 @@ struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, co return NULL; } - cond = parse_acl_cond(args, &px->acl, pol, err, &px->conf.args, file, line); + cond = parse_acl_cond(args, known_acl, pol, err, &px->conf.args, file, line); if (!cond) { /* note that parse_acl_cond must have filled here */ return NULL; diff --git a/src/cfgparse.c b/src/cfgparse.c index 1f56b6e67..e7bca1897 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -1822,7 +1822,7 @@ static int create_cond_regex_rule(const char *file, int line, if (cond_start && (strcmp(*cond_start, "if") == 0 || strcmp(*cond_start, "unless") == 0)) { - if ((cond = build_acl_cond(file, line, px, cond_start, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, line, &px->acl, px, cond_start, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing a '%s' condition : %s.\n", file, line, cmd, errmsg); ret_code |= ERR_ALERT | ERR_FATAL; @@ -3841,7 +3841,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) } if (strcmp(args[2], "if") == 0 || strcmp(args[2], "unless") == 0) { - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + 2, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args + 2, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing switching rule : %s.\n", file, linenum, errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -3898,7 +3898,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + 2, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args + 2, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing switching rule : %s.\n", file, linenum, errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -3934,7 +3934,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + 1, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args + 1, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing a '%s' rule : %s.\n", file, linenum, args[0], errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -4209,7 +4209,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) } if (strcmp(args[myidx], "if") == 0 || strcmp(args[myidx], "unless") == 0) { - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + myidx, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args + myidx, &errmsg)) == NULL) { Alert("parsing [%s:%d] : '%s': error detected while parsing sticking condition : %s.\n", file, linenum, args[0], errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -4267,7 +4267,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) err_code |= ERR_ALERT | ERR_FATAL; goto out; } - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + 2, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args + 2, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing a '%s %s' rule : %s.\n", file, linenum, args[0], args[1], errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -5682,7 +5682,7 @@ stats_error_parsing: goto out; } - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + 2, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args + 2, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing a '%s %s' condition : %s.\n", file, linenum, args[0], args[1], errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -6431,7 +6431,7 @@ stats_error_parsing: } if ((strcmp(args[2], "if") == 0 || strcmp(args[2], "unless") == 0)) { - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args+2, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args+2, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing a '%s' condition : %s.\n", file, linenum, args[0], errmsg); err_code |= ERR_ALERT | ERR_FATAL; @@ -6528,7 +6528,7 @@ stats_error_parsing: } if ((strcmp(args[2], "if") == 0 || strcmp(args[2], "unless") == 0)) { - if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args+2, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &curproxy->acl, curproxy, (const char **)args+2, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing a '%s' condition : %s.\n", file, linenum, args[0], errmsg); err_code |= ERR_ALERT | ERR_FATAL; diff --git a/src/proto_http.c b/src/proto_http.c index 765146111..efbbc84bb 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -8592,7 +8592,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li struct acl_cond *cond; char *errmsg = NULL; - if ((cond = build_acl_cond(file, linenum, proxy, args+cur_arg, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &proxy->acl, proxy, args+cur_arg, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing an 'http-request %s' condition : %s.\n", file, linenum, args[0], errmsg); free(errmsg); @@ -9036,7 +9036,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li struct acl_cond *cond; char *errmsg = NULL; - if ((cond = build_acl_cond(file, linenum, proxy, args+cur_arg, &errmsg)) == NULL) { + if ((cond = build_acl_cond(file, linenum, &proxy->acl, proxy, args+cur_arg, &errmsg)) == NULL) { Alert("parsing [%s:%d] : error detected while parsing an 'http-response %s' condition : %s.\n", file, linenum, args[0], errmsg); free(errmsg); @@ -9137,7 +9137,7 @@ struct redirect_rule *http_parse_redirect_rule(const char *file, int linenum, st } else if (strcmp(args[cur_arg], "if") == 0 || strcmp(args[cur_arg], "unless") == 0) { - cond = build_acl_cond(file, linenum, curproxy, (const char **)args + cur_arg, errmsg); + cond = build_acl_cond(file, linenum, &proxy->acl, curproxy, (const char **)args + cur_arg, errmsg); if (!cond) { memprintf(errmsg, "error in condition: %s", *errmsg); return NULL; diff --git a/src/tcp_rules.c b/src/tcp_rules.c index f259d515c..bdf97c8a3 100644 --- a/src/tcp_rules.c +++ b/src/tcp_rules.c @@ -606,7 +606,7 @@ static int tcp_parse_response_rule(char **args, int arg, int section_type, } if (strcmp(args[arg], "if") == 0 || strcmp(args[arg], "unless") == 0) { - if ((rule->cond = build_acl_cond(file, line, curpx, (const char **)args+arg, err)) == NULL) { + if ((rule->cond = build_acl_cond(file, line, &curpx->acl, curpx, (const char **)args+arg, err)) == NULL) { memprintf(err, "'%s %s %s' : error detected in %s '%s' while parsing '%s' condition : %s", args[0], args[1], args[2], proxy_type_str(curpx), curpx->id, args[arg], *err); @@ -850,7 +850,7 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type, } if (strcmp(args[arg], "if") == 0 || strcmp(args[arg], "unless") == 0) { - if ((rule->cond = build_acl_cond(file, line, curpx, (const char **)args+arg, err)) == NULL) { + if ((rule->cond = build_acl_cond(file, line, &curpx->acl, curpx, (const char **)args+arg, err)) == NULL) { memprintf(err, "'%s %s %s' : error detected in %s '%s' while parsing '%s' condition : %s", args[0], args[1], args[2], proxy_type_str(curpx), curpx->id, args[arg], *err);