diff --git a/include/proto/acl.h b/include/proto/acl.h index fffce4815..b65a2b302 100644 --- a/include/proto/acl.h +++ b/include/proto/acl.h @@ -1,23 +1,23 @@ /* - include/proto/acl.h - This file provides interface definitions for ACL manipulation. - - Copyright (C) 2000-2008 Willy Tarreau - w@1wt.eu - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation, version 2.1 - exclusively. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ + * include/proto/acl.h + * This file provides interface definitions for ACL manipulation. + * + * Copyright (C) 2000-2010 Willy Tarreau - w@1wt.eu + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation, version 2.1 + * exclusively. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ #ifndef _PROTO_ACL_H #define _PROTO_ACL_H @@ -80,6 +80,14 @@ struct acl_cond *prune_acl_cond(struct acl_cond *cond); */ struct acl_cond *parse_acl_cond(const char **args, struct list *known_acl, int pol); +/* Builds an ACL condition starting at the if/unless keyword. The complete + * condition is returned. NULL is returned in case of error or if the first + * word is neither "if" nor "unless". It automatically sets the file name and + * the line number in the condition for better error reporting, and adds the + * ACL requirements to the proxy's acl_requires. + */ +struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, const char **args); + /* Execute condition and return either ACL_PAT_FAIL, ACL_PAT_MISS or * ACL_PAT_PASS depending on the test results. This function only computes the * condition, it does not apply the polarity required by IF/UNLESS, it's up to diff --git a/src/acl.c b/src/acl.c index c4942b209..344a91d4c 100644 --- a/src/acl.c +++ b/src/acl.c @@ -980,6 +980,39 @@ struct acl_cond *parse_acl_cond(const char **args, struct list *known_acl, int p return NULL; } +/* Builds an ACL condition starting at the if/unless keyword. The complete + * condition is returned. NULL is returned in case of error or if the first + * word is neither "if" nor "unless". It automatically sets the file name and + * the line number in the condition for better error reporting, and adds the + * ACL requirements to the proxy's acl_requires. + */ +struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, const char **args) +{ + int pol = ACL_COND_NONE; + struct acl_cond *cond = NULL; + + if (!strcmp(*args, "if")) { + pol = ACL_COND_IF; + args++; + } + else if (!strcmp(*args, "unless")) { + pol = ACL_COND_UNLESS; + args++; + } + else + return NULL; + + cond = parse_acl_cond(args, &px->acl, pol); + if (!cond) + return NULL; + + cond->file = file; + cond->line = line; + px->acl_requires |= cond->requires; + + return cond; +} + /* Execute condition and return either ACL_PAT_FAIL, ACL_PAT_MISS or * ACL_PAT_PASS depending on the test results. ACL_PAT_MISS may only be * returned if contains ACL_PARTIAL, indicating that incomplete data