RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-22 04:10:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: rules: Forbid captures in defaults section if used by a backend

Browse Source 
Captures must only be defined in proxies with the frontend capabilities or
in defaults sections used by proxies with the frontend capabilities. Thus,
an extra check is added to be sure a defaults section defining a capture
will never be references by a backend.

Note that in this case, only named captures in "tcp-request content" or
"http-request" rules are possible. It is not possible in a defaults section
to decalre a capture slot. Not yet at least.

This patch must be backported to 2.5. It is releated to issue #1674.
This commit is contained in:
Christopher Faulet 2022-04-25 14:24:56 +02:00
parent 7586bef6d7
commit 6c10f5c7bc
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/cfgparse-listen.c
View File

@ -406,6 +406,13 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
proxy_ref_defaults(curproxy, curr_defproxy);
}
if ((rc & PR_CAP_BE) && curr_defproxy && (curr_defproxy->nb_req_cap || curr_defproxy->nb_rsp_cap)) {
ha_alert("parsing [%s:%d]: backend or defaults sections cannot inherit from a defaults section defining"
" capptures (defaults section at %s:%d).\n",
file, linenum, curr_defproxy->conf.file, curr_defproxy->conf.line);
err_code |= ERR_ALERT | ERR_ABORT;
}
if (rc & PR_CAP_DEF) {
/* last and current proxies must be updated to this one */
curr_defproxy = last_defproxy = curproxy;