MEDIUM: connection: rename fc_conn_err and bc_conn_err to fc_err and bc_err

Commit 3d2093af9 ("MINOR: connection: Add a connection error code sample fetch") added these convenient sample-fetch functions but it appears that due to a misunderstanding the redundant "conn" part was kept in their name, causing confusion, since "fc" already stands for "front connection". Let's simply call them "fc_err" and "bc_err" to match all other related ones before they appear in a final release. The VTC they appeared in were also updated, and the alpha sort in the keywords table updated. Cc: William Lallemand <wlallemand@haproxy.org>
2025-02-23 06:06:54 +00:00 · 2021-11-05 17:07:03 +01:00 · 2021-11-05 17:07:03 +01:00 · 6f7497616e
commit 6f7497616e
parent 44d34bfbe7
5 changed files with 56 additions and 56 deletions
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@ -17976,17 +17976,6 @@ table may be specified with the "sc*" form, in which case the currently
 tracked key will be looked up into this alternate table instead of the table
 currently being tracked.

-bc_conn_err : integer
-  Returns the ID of the error that might have occurred on the current backend
-  connection. See the "fc_conn_err_str" fetch for a full list of error codes
-  and their corresponding error message.
-
-bc_conn_err_str : string
-  Returns an error message describing what problem happened on the current
-  backend connection, resulting in a connection failure. See the
-  "fc_conn_err_str" fetch for a full list of error codes and their
-  corresponding error message.
-
 bc_dst : ip
  This is the destination ip address of the connection on the server side,
  which is the server address HAProxy connected to. It is of type IP and works
@ -17997,6 +17986,17 @@ bc_dst_port : integer
  Returns an integer value corresponding to the destination TCP port of the
  connection on the server side, which is the port HAProxy connected to.

+bc_err : integer
+  Returns the ID of the error that might have occurred on the current backend
+  connection. See the "fc_err_str" fetch for a full list of error codes
+  and their corresponding error message.
+
+bc_err_str : string
+  Returns an error message describing what problem happened on the current
+  backend connection, resulting in a connection failure. See the
+  "fc_err_str" fetch for a full list of error codes and their
+  corresponding error message.
+
 bc_http_major : integer
  Returns the backend connection's HTTP major version encoding, which may be 1
  for HTTP/0.9 to HTTP/1.1 or 2 for HTTP/2. Note, this is based on the on-wire
@ -18083,14 +18083,29 @@ dst_port : integer
  application session, to stick all users to a same server, or to pass the
  destination port information to a server using an HTTP header.

-fc_conn_err : integer
+fc_dst : ip
+  This is the original destination IP address of the connection on the client
+  side. Only "tcp-request connection" rules may alter this address. See "dst"
+  for details.
+
+fc_dst_is_local : boolean
+  Returns true if the original destination address of the incoming connection
+  is local to the system, or false if the address doesn't exist on the
+  system. See "dst_is_local" for details.
+
+fc_dst_port : integer
+  Returns an integer value corresponding to the original destination TCP port
+  of the connection on the client side. Only "tcp-request connection" rules may
+  alter this address. See "dst-port" for details.
+
+fc_err : integer
  Returns the ID of the error that might have occurred on the current
  connection. Any strictly positive value of this fetch indicates that the
  connection did not succeed and would result in an error log being output (as
-  described in section 8.2.5). See the "fc_conn_err_str" fetch for a full list of
+  described in section 8.2.5). See the "fc_err_str" fetch for a full list of
  error codes and their corresponding error message.

-fc_conn_err_str : string
+fc_err_str : string
  Returns an error message describing what problem happened on the current
  connection, resulting in a connection failure. This string corresponds to the
  "message" part of the error log format (see section 8.2.5). See below for a
@ -18145,21 +18160,6 @@ fc_conn_err_str : string
  | 43 | "SSL fatal error"                                                         |
  +----+---------------------------------------------------------------------------+

-fc_dst : ip
-  This is the original destination IP address of the connection on the client
-  side. Only "tcp-request connection" rules may alter this address. See "dst"
-  for details.
-
-fc_dst_is_local : boolean
-  Returns true if the original destination address of the incoming connection
-  is local to the system, or false if the address doesn't exist on the
-  system. See "dst_is_local" for details.
-
-fc_dst_port : integer
-  Returns an integer value corresponding to the original destination TCP port
-  of the connection on the client side. Only "tcp-request connection" rules may
-  alter this address. See "dst-port" for details.
-
 fc_fackets : integer
  Returns the fack counter measured by the kernel for the client
  connection. If the server connection is not established, if the connection is
@ -21272,14 +21272,14 @@ HTTP ones, refer to the HTTP section.
     14   '{' captured_request_headers* '}'                     {haproxy.1wt.eu}
     15   '{' captured_response_headers* '}'                                  {}
     16   '"' http_request '"'                        "GET /index.html HTTP/1.1"
-     17   fc_conn_err '/' ssl_fc_err '/' ssl_c_err
+     17   fc_err '/' ssl_fc_err '/' ssl_c_err
          '/' ssl_c_ca_err '/' ssl_fc_is_resumed                       0/0/0/0/0
     18   ssl_version '/' ssl_ciphers             TLSv1.3/TLS_AES_256_GCM_SHA384

 Detailed fields description :
-  - "fc_conn_err" is the status of the connection on the frontend's side. It
-    corresponds to the "fc_conn_err" sample fetch. See the "fc_conn_err" and
-    "fc_conn_err_str" fetches for more information.
+  - "fc_err" is the status of the connection on the frontend's side. It
+    corresponds to the "fc_err" sample fetch. See the "fc_err" and "fc_err_str"
+    sample fetch functions for more information.

  - "ssl_fc_err" is the last error of the first SSL error stack that was
    raised on the connection from the frontend's perspective. It might be used
@ -21364,7 +21364,7 @@ the default HTTPS format is defined this way :

    log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \
               %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r \
-               %[fc_conn_err]/%[ssl_fc_err,hex]/%[ssl_c_err]/\
+               %[fc_err]/%[ssl_fc_err,hex]/%[ssl_c_err]/\
               %[ssl_c_ca_err]/%[ssl_fc_is_resumed] %sslv/%sslc"

 and the default TCP format is defined this way :
--- a/include/haproxy/connection-t.h
+++ b/include/haproxy/connection-t.h
@ -199,8 +199,8 @@ enum {

 /* Possible connection error codes.
 * Warning: Do not reorder the codes, they are fetchable through the
- * "fc_conn_err" sample fetch. If a new code is added, please add an error label
- * in conn_err_code_str and in the "fc_conn_err_str" sample fetch documentation.
+ * "fc_err" sample fetch. If a new code is added, please add an error label
+ * in conn_err_code_str and in the "fc_err_str" sample fetch documentation.
 */
 enum {
 	CO_ER_NONE,             /* no error */
--- a/reg-tests/ssl/ssl_errors.vtc
+++ b/reg-tests/ssl/ssl_errors.vtc
@ -105,33 +105,33 @@ syslog Slg_logconnerror -level info {

 syslog Slg_bcknd -level info {
    recv
-    expect ~ ".*bc_conn_err:0:\"Success\" ssl_bc_err:0:"
+    expect ~ ".*bc_err:0:\"Success\" ssl_bc_err:0:"

    barrier b2 sync

    recv
-    expect ~ ".*bc_conn_err:34:\"SSL handshake failure\" ssl_bc_err:134:.*:certificate verify failed"
+    expect ~ ".*bc_err:34:\"SSL handshake failure\" ssl_bc_err:134:.*:certificate verify failed"

    barrier b2 sync

    recv
-    expect ~ ".*bc_conn_err:32:\"Server presented an SSL certificate different from the configured one\" ssl_bc_err:134:.*:certificate verify failed"
+    expect ~ ".*bc_err:32:\"Server presented an SSL certificate different from the configured one\" ssl_bc_err:134:.*:certificate verify failed"

    barrier b2 sync

    # Verify errors on the server side cannot be caught when using TLSv1.3 but it works for TLSv1.2
    recv
-    expect ~ ".*bc_conn_err:34:\"SSL handshake failure\" ssl_bc_err:1048:.*:tlsv1 alert unknown ca"
+    expect ~ ".*bc_err:34:\"SSL handshake failure\" ssl_bc_err:1048:.*:tlsv1 alert unknown ca"

    barrier b2 sync

    recv
-    expect ~ ".*bc_conn_err:34:\"SSL handshake failure\" ssl_bc_err:1040:.*:sslv3 alert handshake failure"
+    expect ~ ".*bc_err:34:\"SSL handshake failure\" ssl_bc_err:1040:.*:sslv3 alert handshake failure"

    barrier b2 sync

    recv
-    expect ~ ".*bc_conn_err:34:\"SSL handshake failure\" ssl_bc_err:1040:.*:sslv3 alert handshake failure"
+    expect ~ ".*bc_err:34:\"SSL handshake failure\" ssl_bc_err:1040:.*:sslv3 alert handshake failure"
 } -start


@ -172,12 +172,12 @@ haproxy h1 -conf {
        server logconnerror "${tmpdir}/logconnerror_ssl.sock"


-    # This listener will be used to test backend fetches (bc_conn_err and ssl_bc_err)
+    # This listener will be used to test backend fetches (bc_err and ssl_bc_err)
    listen clear_backend_errors_lst
        bind "fd@${backenderrorslst}"
        log ${Slg_bcknd_addr}:${Slg_bcknd_port} local0
-        log-format "bc_conn_err:%[bc_conn_err]:%{+Q}[bc_conn_err_str]\ ssl_bc_err:%[ssl_bc_err,and(proc.ssl_error_mask)]:%{+Q}[ssl_bc_err_str]"
-        error-log-format "ERROR bc_conn_err:%[bc_conn_err]:%{+Q}[bc_conn_err_str]\ ssl_bc_err:%[ssl_bc_err,and(proc.ssl_error_mask)]:%[ssl_bc_err_str]"
+        log-format "bc_err:%[bc_err]:%{+Q}[bc_err_str]\ ssl_bc_err:%[ssl_bc_err,and(proc.ssl_error_mask)]:%{+Q}[ssl_bc_err_str]"
+        error-log-format "ERROR bc_err:%[bc_err]:%{+Q}[bc_err_str]\ ssl_bc_err:%[ssl_bc_err,and(proc.ssl_error_mask)]:%[ssl_bc_err_str]"

        balance roundrobin
        server no_err "${tmpdir}/no_err_ssl.sock" ssl crt ${testdir}/set_cafile_client.pem ca-file ${testdir}/set_cafile_interCA2.crt verify required
@ -203,8 +203,8 @@ haproxy h1 -conf {
    listen cust_logfmt_ssl_lst
        log ${Slg_cust_fmt_addr}:${Slg_cust_fmt_port} local0
        mode http
-        log-format "conn_status:\"%[fc_conn_err]:%[fc_conn_err_str]\" hsk_err:\"%[ssl_fc_err]:%[ssl_fc_err_str]\" CN=%{+Q}[ssl_c_s_dn],serial=%[ssl_c_serial,hex],hash=%[ssl_c_sha1,hex]"
-        error-log-format "ERROR conn_status:\"%[fc_conn_err]:%[fc_conn_err_str]\" hsk_err:\"%[ssl_fc_err,and(proc.ssl_error_mask)]:%[ssl_fc_err_str]\" CN=%{+Q}[ssl_c_s_dn],serial=%[ssl_c_serial,hex],hash=%[ssl_c_sha1,hex]"
+        log-format "conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:\"%[ssl_fc_err]:%[ssl_fc_err_str]\" CN=%{+Q}[ssl_c_s_dn],serial=%[ssl_c_serial,hex],hash=%[ssl_c_sha1,hex]"
+        error-log-format "ERROR conn_status:\"%[fc_err]:%[fc_err_str]\" hsk_err:\"%[ssl_fc_err,and(proc.ssl_error_mask)]:%[ssl_fc_err_str]\" CN=%{+Q}[ssl_c_s_dn],serial=%[ssl_c_serial,hex],hash=%[ssl_c_sha1,hex]"
        bind "${tmpdir}/cust_logfmt_ssl.sock" ssl crt ${testdir}/set_cafile_server.pem ca-verify-file ${testdir}/set_cafile_rootCA.crt ca-file ${testdir}/set_cafile_interCA1.crt verify required ciphers "kRSA"
        server s1 ${s1_addr}:${s1_port}

@ -214,7 +214,7 @@ haproxy h1 -conf {
        option log-separate-errors
        mode http
        option httpslog
-        error-log-format "ERROR %ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %[fc_conn_err]/%[ssl_fc_err,and(proc.ssl_error_mask),hex]/%[ssl_c_err]/%[ssl_c_ca_err]/%[ssl_fc_is_resumed] %sslv/%sslc"
+        error-log-format "ERROR %ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %[fc_err]/%[ssl_fc_err,and(proc.ssl_error_mask),hex]/%[ssl_c_err]/%[ssl_c_ca_err]/%[ssl_fc_is_resumed] %sslv/%sslc"
        bind "${tmpdir}/https_logfmt_ssl.sock" ssl crt ${testdir}/set_cafile_server.pem ca-verify-file ${testdir}/set_cafile_rootCA.crt ca-file ${testdir}/set_cafile_interCA1.crt verify required ciphers "kRSA"
        server s1 ${s1_addr}:${s1_port}

--- a/src/connection.c
+++ b/src/connection.c
@ -2131,7 +2131,7 @@ int smp_fetch_fc_pp_unique_id(const struct arg *args, struct sample *smp, const
 }

 /* fetch the error code of a connection */
-int smp_fetch_fc_conn_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
+int smp_fetch_fc_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
 {
 	struct connection *conn;

@ -2157,7 +2157,7 @@ int smp_fetch_fc_conn_err(const struct arg *args, struct sample *smp, const char
 }

 /* fetch a string representation of the error code of a connection */
-int smp_fetch_fc_conn_err_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
+int smp_fetch_fc_err_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
 {
 	struct connection *conn;
 	const char *err_code_str;
@ -2195,15 +2195,15 @@ int smp_fetch_fc_conn_err_str(const struct arg *args, struct sample *smp, const
 * instance v4/v6 must be declared v4.
 */
 static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
-	{ "fc_http_major", smp_fetch_fc_http_major, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI },
+	{ "bc_err", smp_fetch_fc_err, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
+	{ "bc_err_str", smp_fetch_fc_err_str, 0, NULL, SMP_T_STR, SMP_USE_L4SRV },
 	{ "bc_http_major", smp_fetch_fc_http_major, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
+	{ "fc_err", smp_fetch_fc_err, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI },
+	{ "fc_err_str", smp_fetch_fc_err_str, 0, NULL, SMP_T_STR, SMP_USE_L4CLI },
+	{ "fc_http_major", smp_fetch_fc_http_major, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI },
 	{ "fc_rcvd_proxy", smp_fetch_fc_rcvd_proxy, 0, NULL, SMP_T_BOOL, SMP_USE_L4CLI },
 	{ "fc_pp_authority", smp_fetch_fc_pp_authority, 0, NULL, SMP_T_STR, SMP_USE_L4CLI },
 	{ "fc_pp_unique_id", smp_fetch_fc_pp_unique_id, 0, NULL, SMP_T_STR, SMP_USE_L4CLI },
-	{ "fc_conn_err", smp_fetch_fc_conn_err, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI },
-	{ "fc_conn_err_str", smp_fetch_fc_conn_err_str, 0, NULL, SMP_T_STR, SMP_USE_L4CLI },
-	{ "bc_conn_err", smp_fetch_fc_conn_err, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
-	{ "bc_conn_err_str", smp_fetch_fc_conn_err_str, 0, NULL, SMP_T_STR, SMP_USE_L4SRV },
 	{ /* END */ },
 }};

--- a/src/log.c
+++ b/src/log.c
@ -195,7 +195,7 @@ static const struct logformat_type logformat_keywords[] = {
 };

 char default_http_log_format[] = "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"; // default format
-char default_https_log_format[] = "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %[fc_conn_err]/%[ssl_fc_err,hex]/%[ssl_c_err]/%[ssl_c_ca_err]/%[ssl_fc_is_resumed] %sslv/%sslc";
+char default_https_log_format[] = "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %[fc_err]/%[ssl_fc_err,hex]/%[ssl_c_err]/%[ssl_c_ca_err]/%[ssl_fc_is_resumed] %sslv/%sslc";
 char clf_http_log_format[] = "%{+Q}o %{-Q}ci - - [%trg] %r %ST %B \"\" \"\" %cp %ms %ft %b %s %TR %Tw %Tc %Tr %Ta %tsc %ac %fc %bc %sc %rc %sq %bq %CC %CS %hrl %hsl";
 char default_tcp_log_format[] = "%ci:%cp [%t] %ft %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq";
 char *log_format = NULL;