From a53abad42df7d25bc1496e1152ccd6d1843ecf6b Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Wed, 13 May 2020 08:12:22 +0200 Subject: [PATCH] CLEANUP: http_ana: Remove unused TXN flags TX_CLDENY, TX_CLALLOW, TX_SVDENY and TX_SVALLOW flags are unused. Only TX_CLTARPIT is used to make the difference between an http deny rule and an http tarpit rule. So these unused flags are removed. --- contrib/debug/flags.c | 4 ---- include/types/http_ana.h | 5 +---- src/http_ana.c | 9 ++------- 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/contrib/debug/flags.c b/contrib/debug/flags.c index ca7584e32..f38378f7d 100644 --- a/contrib/debug/flags.c +++ b/contrib/debug/flags.c @@ -323,10 +323,6 @@ void show_txn_flags(unsigned int f) } SHOW_FLAG(f, TX_CLTARPIT); - SHOW_FLAG(f, TX_SVALLOW); - SHOW_FLAG(f, TX_SVDENY); - SHOW_FLAG(f, TX_CLALLOW); - SHOW_FLAG(f, TX_CLDENY); if (f) { printf("EXTRA(0x%08x)", f); diff --git a/include/types/http_ana.h b/include/types/http_ana.h index 6740c0369..764ebc25b 100644 --- a/include/types/http_ana.h +++ b/include/types/http_ana.h @@ -30,10 +30,7 @@ /* These are the flags that are found in txn->flags */ /* action flags */ -#define TX_CLDENY 0x00000001 /* a client header matches a deny regex */ -#define TX_CLALLOW 0x00000002 /* a client header matches an allow regex */ -#define TX_SVDENY 0x00000004 /* a server header matches a deny regex */ -#define TX_SVALLOW 0x00000008 /* a server header matches an allow regex */ +/* Unusued: 0x00000001..0x00000008 */ #define TX_CLTARPIT 0x00000010 /* the transaction is tarpitted (anti-dos) */ /* transaction flags dedicated to cookies : bits values 0x20 to 0x80 (0-7 shift 5) */ diff --git a/src/http_ana.c b/src/http_ana.c index 5492b54fe..7fd371ea5 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -2886,7 +2886,6 @@ static enum rule_result http_req_get_intercept_rule(struct proxy *px, struct lis rule_ret = HTTP_RULE_RES_DONE; goto end; case ACT_RET_DENY: - txn->flags |= TX_CLDENY; if (txn->status == -1) txn->status = 403; rule_ret = HTTP_RULE_RES_DENY; @@ -2908,7 +2907,6 @@ static enum rule_result http_req_get_intercept_rule(struct proxy *px, struct lis goto end; case ACT_ACTION_DENY: - txn->flags |= TX_CLDENY; txn->status = rule->arg.http_deny.status; if (rule->arg.http_deny.errmsg) txn->errmsg = rule->arg.http_deny.errmsg; @@ -2992,9 +2990,8 @@ static enum rule_result http_req_get_intercept_rule(struct proxy *px, struct lis * is returned, the process can continue the evaluation of next rule list. If * *STOP or *DONE is returned, the process must stop the evaluation. If *BADREQ * is returned, it means the operation could not be processed and a server error - * must be returned. It may set the TX_SVDENY on txn->flags if it encounters a - * deny rule. If *YIELD is returned, the caller must call again the function - * with the same context. + * must be returned. If *YIELD is returned, the caller must call again the + * function with the same context. */ static enum rule_result http_res_get_intercept_rule(struct proxy *px, struct list *rules, struct stream *s) @@ -3067,7 +3064,6 @@ resume_execution: rule_ret = HTTP_RULE_RES_DONE; goto end; case ACT_RET_DENY: - txn->flags |= TX_CLDENY; if (txn->status == -1) txn->status = 502; rule_ret = HTTP_RULE_RES_DENY; @@ -3089,7 +3085,6 @@ resume_execution: goto end; case ACT_ACTION_DENY: - txn->flags |= TX_CLDENY; txn->status = rule->arg.http_deny.status; if (rule->arg.http_deny.errmsg) txn->errmsg = rule->arg.http_deny.errmsg;