RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MINOR: cfgparse: Emit a warning for misplaced "tcp-response content" rules 

When a "tcp-response content" rule is placed after a "http-response" rule, a
warning is now emitted, just like for rules applied on the requests.
This commit is contained in:
Christopher Faulet 2024-11-21 09:55:03 +01:00
parent 5dcd3b0d99
commit e58a30d369
3 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/haproxy/cfgparse.h
View File

@ -131,6 +131,7 @@ void cfg_restore_sections(struct list *backup_sections);
int warnif_misplaced_tcp_req_conn(struct proxy *proxy, const char *file, int line, const char *arg1, const char *arg2); int warnif_misplaced_tcp_req_conn(struct proxy *proxy, const char *file, int line, const char *arg1, const char *arg2);
int warnif_misplaced_tcp_req_sess(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2); int warnif_misplaced_tcp_req_sess(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2);
int warnif_misplaced_tcp_req_cont(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2); int warnif_misplaced_tcp_req_cont(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2);
int warnif_misplaced_tcp_res_cont(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2);
int warnif_misplaced_quic_init(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2); int warnif_misplaced_quic_init(struct proxy *proxy, const char *file, int line, const char *arg, const char *arg2);
int warnif_cond_conflicts(const struct acl_cond *cond, unsigned int where, const char *file, int line); int warnif_cond_conflicts(const struct acl_cond *cond, unsigned int where, const char *file, int line);
int warnif_tcp_http_cond(const struct proxy *px, const struct acl_cond *cond); int warnif_tcp_http_cond(const struct proxy *px, const struct acl_cond *cond);

19
src/cfgparse-listen.c
View File

@ -132,6 +132,19 @@ static int warnif_rule_after_http_req(struct proxy *proxy, const char *file, int
return 0; return 0;
} }
/* Report a warning if a rule is placed after an 'http_response' rule.
* Return 1 if the warning has been emitted, otherwise 0.
*/
static int warnif_rule_after_http_res(struct proxy *proxy, const char *file, int line, const char *arg1, const char *arg2)
{
if (!LIST_ISEMPTY(&proxy->http_res_rules)) {
ha_warning("parsing [%s:%d] : a '%s%s%s' rule placed after an 'http-response' rule will still be processed before.\n",
file, line, arg1, (arg2 ? " ": ""), (arg2 ? arg2 : ""));
return 1;
}
return 0;
}
/* Report a warning if a rule is placed after a redirect rule. /* Report a warning if a rule is placed after a redirect rule.
* Return 1 if the warning has been emitted, otherwise 0. * Return 1 if the warning has been emitted, otherwise 0.
*/ */
@ -199,6 +212,12 @@ int warnif_misplaced_tcp_req_cont(struct proxy *proxy, const char *file, int lin
warnif_misplaced_monitor(proxy, file, line, arg1, arg2); warnif_misplaced_monitor(proxy, file, line, arg1, arg2);
} }
/* report a warning if a "tcp response content" rule is dangerously placed */
int warnif_misplaced_tcp_res_cont(struct proxy *proxy, const char *file, int line, const char *arg1, const char *arg2)
{
return warnif_rule_after_http_res(proxy, file, line, arg1, arg2);
}
/* report a warning if a "tcp request session" rule is dangerously placed */ /* report a warning if a "tcp request session" rule is dangerously placed */
int warnif_misplaced_tcp_req_sess(struct proxy *proxy, const char *file, int line, const char *arg1, const char *arg2) int warnif_misplaced_tcp_req_sess(struct proxy *proxy, const char *file, int line, const char *arg1, const char *arg2)
{ {

2
src/tcp_rules.c
View File

@ -1200,6 +1200,8 @@ static int tcp_parse_tcp_rep(char **args, int section_type, struct proxy *curpx,
warn++; warn++;
} }
/* the following function directly emits the warning */
warnif_misplaced_tcp_res_cont(curpx, file, line, args[0], args[1]);
LIST_APPEND(&curpx->tcp_rep.inspect_rules, &rule->list); LIST_APPEND(&curpx->tcp_rep.inspect_rules, &rule->list);
} }
else { else {