MINOR: spoe: add force-set-var option in spoe-agent configuration

For security reasons, the spoe filter was only able to change values of existing variables. In specific cases (ex : with LUA code), the name of variables are unknown at the configuration parsing phase. The force-set-var option can be enabled to register all variables.
2025-01-26 15:33:00 +00:00 · 2017-12-14 09:36:40 +00:00 · 2017-12-14 09:36:40 +00:00 · aec8989e53
commit aec8989e53
parent 72fa1ec24e
3 changed files with 22 additions and 3 deletions
--- a/doc/SPOE.txt
+++ b/doc/SPOE.txt
@ -239,6 +239,15 @@ option continue-on-error
  When set, this option bypass this behaviour and only the current event will
  be ignored.

+option force-set-var
+  By default, SPOE filter only register already known variables (mainly from
+  parsing of the configuration). If you want that haproxy trusts the agent and
+  registers all variables (ex: can be useful for LUA workload), activate this
+  option.
+
+  Caution : this option opens to a variety of attacks such as a rogue SPOA that
+  asks to register too many variables.
+

 option pipelining
 no option pipelining
@ -310,8 +319,9 @@ option var-prefix <prefix>
  "myvar" in the "txn" scope, with the prefix "my_spoe_pfx", then you should
  use "txn.my_spoe_pfx.myvar" name in your HAProxy configuration.

-  An agent will never set new variables at runtime. It can only set new value
-  for existing ones.
+  By default, an agent will never set new variables at runtime: It can only set
+  new value for existing ones. If you want a different behaviour, see
+  force-set-var option


 timeout hello <timeout>
--- a/include/types/spoe.h
+++ b/include/types/spoe.h
@ -43,6 +43,7 @@
 #define SPOE_FL_ASYNC             0x00000004 /* Set when SPOE agent supports async (set by default) */
 #define SPOE_FL_SND_FRAGMENTATION 0x00000008 /* Set when SPOE agent supports sending fragmented payload */
 #define SPOE_FL_RCV_FRAGMENTATION 0x00000010 /* Set when SPOE agent supports receiving fragmented payload */
+#define SPOE_FL_FORCE_SET_VAR     0x00000020 /* Set when SPOE agent will set all variables from agent (and not only known variables) */

 /* Flags set on the SPOE context */
 #define SPOE_CTX_FL_CLI_CONNECTED 0x00000001 /* Set after that on-client-session event was processed */
--- a/src/flt_spoe.c
+++ b/src/flt_spoe.c
@ -2307,7 +2307,10 @@ spoe_set_var(struct spoe_context *ctx, char *scope, char *name, int len,
 	memset(varname, 0, sizeof(varname));
 	len = snprintf(varname, sizeof(varname), "%s.%s.%.*s",
 		       scope, agent->var_pfx, len, name);
-	vars_set_by_name_ifexist(varname, len, smp);
+	if (agent->flags & SPOE_FL_FORCE_SET_VAR)
+		vars_set_by_name(varname, len, smp);
+	else
+		vars_set_by_name_ifexist(varname, len, smp);
 }

 /* Helper function to unset a variable */
@ -3399,6 +3402,11 @@ cfg_parse_spoe_agent(const char *file, int linenum, char **args, int kwm)
 			}
 			curagent->var_pfx = strdup(args[2]);
 		}
+		else if (!strcmp(args[1], "force-set-var")) {
+			if (alertif_too_many_args(1, file, linenum, args, &err_code))
+				goto out;
+			curagent->flags |= SPOE_FL_FORCE_SET_VAR;
+		}
 		else if (!strcmp(args[1], "continue-on-error")) {
 			if (alertif_too_many_args(1, file, linenum, args, &err_code))
 				goto out;