RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-30 01:52:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: mworker/cli: the master CLI use its own applet

Browse Source 
Following the patch b4daee ("MINOR: sock: add a check against cross
worker<->master socket activities"), this patch adds a dedicated applet
for the master CLI. It ensures that the CLI connection can't be
used with the master rights in the case of bugs.
This commit is contained in:
William Lallemand 2020-11-05 10:28:53 +01:00
parent 21b9ff59b2
commit 99e0bb997f
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/cli.c
View File

@ -66,6 +66,7 @@
#define PAYLOAD_PATTERN "<<"
static struct applet cli_applet;
static struct applet mcli_applet;
static const char stats_sock_usage_msg[] =
"Unknown command. Please enter one of the following commands only :\n"
@ -110,11 +111,11 @@ static char *cli_gen_usage_msg(struct appctx *appctx)
while (kw->str_kw[0]) {
/* in a worker or normal process, don't display master only commands */
if (master == 0 && (kw->level & ACCESS_MASTER_ONLY))
if (appctx->applet == &cli_applet && (kw->level & ACCESS_MASTER_ONLY))
goto next_kw;
/* in master don't displays if we don't have the master bits */
if (master == 1 && !(kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)))
if (appctx->applet == &mcli_applet && !(kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)))
goto next_kw;
/* only show expert commands in expert mode */
@ -566,11 +567,11 @@ static int cli_parse_request(struct appctx *appctx)
return 0;
/* in a worker or normal process, don't display master only commands */
if (master == 0 && (kw->level & ACCESS_MASTER_ONLY))
if (appctx->applet == &cli_applet && (kw->level & ACCESS_MASTER_ONLY))
return 0;
/* in master don't displays if we don't have the master bits */
if (master == 1 && !(kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)))
if (appctx->applet == &mcli_applet && !(kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)))
return 0;
/* only accept expert commands in expert mode */
@ -1837,9 +1838,9 @@ static enum obj_type *pcli_pid_to_server(int proc_pid)
{
struct mworker_proc *child;
/* return the CLI applet of the master */
/* return the mCLI applet of the master */
if (proc_pid == 0)
return &cli_applet.obj_type;
return &mcli_applet.obj_type;
list_for_each_entry(child, &proc_list, list) {
if (child->pid == proc_pid){
@ -2695,6 +2696,14 @@ static struct applet cli_applet = {
.release = cli_release_handler,
};
/* master CLI */
static struct applet mcli_applet = {
.obj_type = OBJ_TYPE_APPLET,
.name = "<MCLI>", /* used for logging */
.fct = cli_io_handler,
.release = cli_release_handler,
};
/* register cli keywords */
static struct cli_kw_list cli_kws = {{ },{
{ { "help", NULL }, NULL, cli_parse_simple, NULL },