RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-04-30 06:48:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: sample: Add common TLV types as constants for fc_pp_tlv

Browse Source 
This patch adds common TLV types as specified in the PPv2 spec.
We will use the suffix of the type, e.g., PP2_TYPE_AUTHORITY becomes AUTHORITY.
This commit is contained in:
Alexander Stephan 2023-08-16 16:32:13 +02:00 committed by Willy Tarreau
parent 0a4f6992e0
commit 2cc53ecc8f
2 changed files with 44 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/configuration.txt
View File

@ -20182,8 +20182,15 @@ fc_pp_unique_id : string
header, if any. header, if any.
fc_pp_tlv(<id>) : string fc_pp_tlv(<id>) : string
Returns the TLV value for the given TLV ID which must be a numeric Returns the TLV value for the given TLV ID. The ID must either be a numeric
value between 0 and 255. value between 0 and 255 or one of the following supported symbolic names
that correspond to the TLV constant suffixes in the PPv2 spec:
"ALPN": PP2_TYPE_ALPN, "AUTHORITY": PP2_TYPE_AUTHORITY,
"CRC32": PP2_TYPE_CRC32C, "NETNS": PP2_TYPE_NETNS, "NOOP: PP2_TYPE_NOOP",
"SSL": PP2_TYPE_SSL, "SSL_CIPHER": PP2_SUBTYPE_SSL_CIPHER,
"SSL_CN": PP2_SUBTYPE_SSL_CN, "SSL_KEY_ALG": PP2_SUBTYPE_SSL_KEY_ALG,
"SSL_SIG_ALG": PP2_SUBTYPE_SSL_SIG_ALG,
"SSL_VERSION": PP2_SUBTYPE_SSL_VERSION, "UNIQUE_ID": PP2_TYPE_UNIQUE_ID.
The received value must be smaller or equal to 1024 bytes. This is done to The received value must be smaller or equal to 1024 bytes. This is done to
prevent potential DoS attacks. Values smaller or equal to 256 bytes will be prevent potential DoS attacks. Values smaller or equal to 256 bytes will be

42
src/connection.c
View File

@ -2261,22 +2261,50 @@ int smp_fetch_fc_rcvd_proxy(const struct arg *args, struct sample *smp, const ch
/* /*
* This function checks the TLV type converter configuration. * This function checks the TLV type converter configuration.
* It expects the corresponding TLV type as a string representing the number. * It expects the corresponding TLV type as a string representing the number
* args[0] will be turned into the numerical value of the TLV type string. * or a constant. args[0] will be turned into the numerical value of the
* TLV type string.
*/ */
static int smp_check_tlv_type(struct arg *args, char **err) static int smp_check_tlv_type(struct arg *args, char **err)
{ {
int type; int type;
char *endp; char *endp;
struct ist input = ist2(args[0].data.str.area, args[0].data.str.data);
type = strtoul(args[0].data.str.area, &endp, 0); if (isteqi(input, ist("ALPN")) != 0)
if (endp && *endp != '\0') { type = PP2_TYPE_ALPN;
memprintf(err, "Could not convert type '%s'", args[0].data.str.area); else if (isteqi(input, ist("AUTHORITY")) != 0)
return 0; type = PP2_TYPE_AUTHORITY;
else if (isteqi(input, ist("CRC32C")) != 0)
type = PP2_TYPE_CRC32C;
else if (isteqi(input, ist("NOOP")) != 0)
type = PP2_TYPE_NOOP;
else if (isteqi(input, ist("UNIQUE_ID")) != 0)
type = PP2_TYPE_UNIQUE_ID;
else if (isteqi(input, ist("SSL")) != 0)
type = PP2_TYPE_SSL;
else if (isteqi(input, ist("SSL_VERSION")) != 0)
type = PP2_SUBTYPE_SSL_VERSION;
else if (isteqi(input, ist("SSL_CN")) != 0)
type = PP2_SUBTYPE_SSL_CN;
else if (isteqi(input, ist("SSL_CIPHER")) != 0)
type = PP2_SUBTYPE_SSL_CIPHER;
else if (isteqi(input, ist("SSL_SIG_ALG")) != 0)
type = PP2_SUBTYPE_SSL_SIG_ALG;
else if (isteqi(input, ist("SSL_KEY_ALG")) != 0)
type = PP2_SUBTYPE_SSL_KEY_ALG;
else if (isteqi(input, ist("NETNS")) != 0)
type = PP2_TYPE_NETNS;
else {
type = strtoul(input.ptr, &endp, 0);
if (endp && *endp != '\0') {
memprintf(err, "Could not convert type '%s'", input.ptr);
return 0;
}
} }
if (type < 0 || type > 255) { if (type < 0 || type > 255) {
memprintf(err, "Invalid TLV Type '%s'", args[0].data.str.area); memprintf(err, "Invalid TLV Type '%s'", input.ptr);
return 0; return 0;
} }