diff --git a/include/proto/acl.h b/include/proto/acl.h index 493b56e5a..3a7606b8e 100644 --- a/include/proto/acl.h +++ b/include/proto/acl.h @@ -94,7 +94,7 @@ struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, co * condition, it does not apply the polarity required by IF/UNLESS, it's up to * the caller to do this. */ -int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, void *l7, int dir); +int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, void *l7, unsigned int opt); /* Reports a pointer to the first ACL used in condition which requires * at least one of the USE_FLAGS in . Returns NULL if none matches. @@ -171,7 +171,7 @@ int acl_parse_reg(const char **text, struct acl_pattern *pattern, int *opaque); int acl_parse_ip(const char **text, struct acl_pattern *pattern, int *opaque); /* always fake a data retrieval */ -int acl_fetch_nothing(struct proxy *px, struct session *l4, void *l7, int dir, +int acl_fetch_nothing(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp); /* always return false */ diff --git a/include/proto/pattern.h b/include/proto/pattern.h index 5a9f9444a..f3250eccf 100644 --- a/include/proto/pattern.h +++ b/include/proto/pattern.h @@ -27,7 +27,7 @@ struct pattern_expr *pattern_parse_expr(char **str, int *idx, char *err, int err_size); struct sample *pattern_process(struct proxy *px, struct session *l4, - void *l7, int dir, struct pattern_expr *expr, + void *l7, unsigned int dir, struct pattern_expr *expr, struct sample *p); void pattern_register_fetches(struct pattern_fetch_kw_list *psl); void pattern_register_convs(struct pattern_conv_kw_list *psl); diff --git a/include/proto/proto_tcp.h b/include/proto/proto_tcp.h index 91573e959..947699bb4 100644 --- a/include/proto/proto_tcp.h +++ b/include/proto/proto_tcp.h @@ -34,7 +34,7 @@ int tcp_connect_server(struct stream_interface *si); int tcp_inspect_request(struct session *s, struct buffer *req, int an_bit); int tcp_inspect_response(struct session *s, struct buffer *rep, int an_bit); int tcp_exec_req_rules(struct session *s); -int smp_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, int dir, const struct arg *args, struct sample *smp); +int smp_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp); /* Converts the TCP source address to a stick_table key usable for table * lookups. Returns either NULL if the source cannot be converted (eg: not diff --git a/include/proto/stick_table.h b/include/proto/stick_table.h index 5da327ca6..7756623ba 100644 --- a/include/proto/stick_table.h +++ b/include/proto/stick_table.h @@ -47,7 +47,7 @@ struct stksess *stktable_lookup(struct stktable *t, struct stksess *ts); struct stksess *stktable_lookup_key(struct stktable *t, struct stktable_key *key); struct stksess *stktable_update_key(struct stktable *table, struct stktable_key *key); struct stktable_key *stktable_fetch_key(struct stktable *t, struct proxy *px, - struct session *l4, void *l7, int dir, + struct session *l4, void *l7, unsigned int opt, struct pattern_expr *expr); int stktable_compatible_pattern(struct pattern_expr *expr, unsigned long table_type); int stktable_get_data_type(char *name); diff --git a/include/types/acl.h b/include/types/acl.h index 564c4bbe7..cff3ae2c7 100644 --- a/include/types/acl.h +++ b/include/types/acl.h @@ -71,14 +71,6 @@ enum { ACL_COND_UNLESS, /* negative condition (after 'unless') */ }; -/* ACLs can be evaluated on requests and on responses, and on partial or complete data */ -enum { - ACL_DIR_REQ = 0, /* ACL evaluated on request */ - ACL_DIR_RTR = (1 << 0), /* ACL evaluated on response */ - ACL_DIR_MASK = (ACL_DIR_REQ | ACL_DIR_RTR), - ACL_PARTIAL = (1 << 1), /* partial data, return MISS if data are missing */ -}; - /* possible flags for expressions or patterns */ enum { ACL_PAT_F_IGNORE_CASE = 1 << 0, /* ignore case */ @@ -238,7 +230,7 @@ struct acl_expr; struct acl_keyword { const char *kw; int (*parse)(const char **text, struct acl_pattern *pattern, int *opaque); - int (*fetch)(struct proxy *px, struct session *l4, void *l7, int dir, + int (*fetch)(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp); int (*match)(struct sample *smp, struct acl_pattern *pattern); unsigned int requires; /* bit mask of all ACL_USE_* required to evaluate this keyword */ diff --git a/include/types/pattern.h b/include/types/pattern.h index d4d38382a..3ee18cb6b 100644 --- a/include/types/pattern.h +++ b/include/types/pattern.h @@ -41,6 +41,26 @@ enum { SMP_TYPES /* number of types, must always be last */ }; +/* Sample fetch capabilities are used to declare keywords. Right now only + * the supportd fetch directions are specified. + */ +enum { + SMP_CAP_REQ = 1 << 0, /* fetch supported on request */ + SMP_CAP_RES = 1 << 1, /* fetch supported on response */ +}; + +/* Sample fetch options are passed to sample fetch functions to add precision + * about what is desired : + * - fetch direction (req/resp) + * - intermediary / final fetch + */ +enum { + SMP_OPT_DIR_REQ = 0, /* direction = request */ + SMP_OPT_DIR_RES = 1, /* direction = response */ + SMP_OPT_DIR = (SMP_OPT_DIR_REQ|SMP_OPT_DIR_RES), /* mask to get direction */ + SMP_OPT_FINAL = 2, /* final fetch, contents won't change anymore */ +}; + /* Flags used to describe fetched samples. MAY_CHANGE indicates that the result * of the fetch might still evolve, for instance because of more data expected, * even if the fetch has failed. VOL_* indicates how long a result may be cached. @@ -56,11 +76,6 @@ enum { SMP_F_VOLATILE = (1<<2)|(1<<3)|(1<<4)|(1<<5)|(1<<6), /* any volatility condition */ }; -/* pattern fetch direction */ -#define PATTERN_FETCH_REQ 1 -#define PATTERN_FETCH_RTR 2 - - /* a sample context might be used by any sample fetch function in order to * store information needed across multiple calls (eg: restart point for a * next occurrence). By definition it may store up to 8 pointers, or any @@ -115,13 +130,14 @@ struct pattern_fetch { int (*process)(struct proxy *px, struct session *l4, void *l7, - int dir, const struct arg *arg_p, + unsigned int opt, /* fetch options (SMP_OPT_*) */ + const struct arg *arg_p, struct sample *smp); /* fetch processing function */ unsigned int arg_mask; /* arguments (ARG*()) */ int (*val_args)(struct arg *arg_p, char **err_msg); /* argument validation function */ unsigned long out_type; /* output pattern type */ - int dir; /* usable directions */ + unsigned int cap; /* fetch capabilities (SMP_CAP_*) */ }; /* pattern expression */ diff --git a/src/acl.c b/src/acl.c index 1eda948da..1267ec30b 100644 --- a/src/acl.c +++ b/src/acl.c @@ -65,7 +65,7 @@ static struct acl_kw_list acl_keywords = { /* force TRUE to be returned at the fetch level */ static int -acl_fetch_true(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_true(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->type = SMP_T_BOOL; @@ -77,10 +77,10 @@ acl_fetch_true(struct proxy *px, struct session *l4, void *l7, int dir, * used with content inspection. */ static int -acl_fetch_wait_end(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_wait_end(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { - if (dir & ACL_PARTIAL) { + if (!(opt & SMP_OPT_FINAL)) { smp->flags |= SMP_F_MAY_CHANGE; return 0; } @@ -91,7 +91,7 @@ acl_fetch_wait_end(struct proxy *px, struct session *l4, void *l7, int dir, /* force FALSE to be returned at the fetch level */ static int -acl_fetch_false(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_false(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->type = SMP_T_BOOL; @@ -101,7 +101,7 @@ acl_fetch_false(struct proxy *px, struct session *l4, void *l7, int dir, /* return the number of bytes in the request buffer */ static int -acl_fetch_req_len(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_req_len(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4 || !l4->req) @@ -115,7 +115,7 @@ acl_fetch_req_len(struct proxy *px, struct session *l4, void *l7, int dir, static int -acl_fetch_ssl_hello_type(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_ssl_hello_type(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int hs_len; @@ -126,7 +126,7 @@ acl_fetch_ssl_hello_type(struct proxy *px, struct session *l4, void *l7, int dir if (!l4) goto not_ssl_hello; - b = ((dir & ACL_DIR_MASK) == ACL_DIR_RTR) ? l4->rep : l4->req; + b = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? l4->rep : l4->req; bleft = b->i; data = (const unsigned char *)b->p; @@ -184,7 +184,7 @@ acl_fetch_ssl_hello_type(struct proxy *px, struct session *l4, void *l7, int dir * Note: this decoder only works with non-wrapping data. */ static int -acl_fetch_req_ssl_ver(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_req_ssl_ver(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int version, bleft, msg_len; @@ -320,7 +320,7 @@ acl_fetch_req_ssl_ver(struct proxy *px, struct session *l4, void *l7, int dir, * - opaque hostname[name_len bytes] */ static int -acl_fetch_ssl_hello_sni(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_ssl_hello_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int hs_len, ext_len, bleft; @@ -330,7 +330,7 @@ acl_fetch_ssl_hello_sni(struct proxy *px, struct session *l4, void *l7, int dir, if (!l4) goto not_ssl_hello; - b = ((dir & ACL_DIR_MASK) == ACL_DIR_RTR) ? l4->rep : l4->req; + b = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? l4->rep : l4->req; bleft = b->i; data = (unsigned char *)b->p; @@ -464,7 +464,7 @@ int acl_parse_nothing(const char **text, struct acl_pattern *pattern, int *opaqu } /* always fake a data retrieval */ -int acl_fetch_nothing(struct proxy *px, struct session *l4, void *l7, int dir, +int acl_fetch_nothing(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { return 1; @@ -1681,8 +1681,8 @@ struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, co /* Execute condition and return either ACL_PAT_FAIL, ACL_PAT_MISS or * ACL_PAT_PASS depending on the test results. ACL_PAT_MISS may only be - * returned if contains ACL_PARTIAL, indicating that incomplete data - * is being examined. + * returned if does not contain SMP_OPT_FINAL, indicating that incomplete + * data is being examined. * This function only computes the condition, it does not apply the polarity * required by IF/UNLESS, it's up to the caller to do this using something like * this : @@ -1693,7 +1693,7 @@ struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, co * if (cond->pol == ACL_COND_UNLESS) * res = !res; */ -int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, void *l7, int dir) +int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, void *l7, unsigned int opt) { __label__ fetch_next; struct acl_term_suite *suite; @@ -1733,9 +1733,9 @@ int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, v /* we need to reset context and flags */ memset(&smp, 0, sizeof(smp)); fetch_next: - if (!expr->kw->fetch(px, l4, l7, dir, expr->args, &smp)) { + if (!expr->kw->fetch(px, l4, l7, opt, expr->args, &smp)) { /* maybe we could not fetch because of missing data */ - if (smp.flags & SMP_F_MAY_CHANGE && dir & ACL_PARTIAL) + if (smp.flags & SMP_F_MAY_CHANGE && !(opt & SMP_OPT_FINAL)) acl_res |= ACL_PAT_MISS; continue; } @@ -1784,7 +1784,7 @@ int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, v * later and give another chance for a new match (eg: request * size, time, ...) */ - if (smp.flags & SMP_F_MAY_CHANGE && dir & ACL_PARTIAL) + if (smp.flags & SMP_F_MAY_CHANGE && !(opt & SMP_OPT_FINAL)) acl_res |= ACL_PAT_MISS; } /* diff --git a/src/backend.c b/src/backend.c index a9567070f..5bec608ff 100644 --- a/src/backend.c +++ b/src/backend.c @@ -416,7 +416,7 @@ struct server *get_server_rch(struct session *s) args[0].data.str.len = px->hh_len; args[1].type = ARGT_STOP; - ret = smp_fetch_rdp_cookie(px, s, NULL, ACL_DIR_REQ, args, &smp); + ret = smp_fetch_rdp_cookie(px, s, NULL, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, args, &smp); len = smp.data.str.len; if (ret == 0 || (smp.flags & SMP_F_MAY_CHANGE) || len == 0) @@ -1134,7 +1134,7 @@ int tcp_persist_rdp_cookie(struct session *s, struct buffer *req, int an_bit) args[0].data.str.len = s->be->rdp_cookie_len; args[1].type = ARGT_STOP; - ret = smp_fetch_rdp_cookie(px, s, NULL, ACL_DIR_REQ, args, &smp); + ret = smp_fetch_rdp_cookie(px, s, NULL, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, args, &smp); if (ret == 0 || (smp.flags & SMP_F_MAY_CHANGE) || smp.data.str.len == 0) goto no_cookie; @@ -1374,7 +1374,7 @@ int backend_parse_balance(const char **args, char *err, int errlen, struct proxy * undefined behaviour. */ static int -acl_fetch_nbsrv(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_nbsrv(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; @@ -1397,7 +1397,7 @@ acl_fetch_nbsrv(struct proxy *px, struct session *l4, void *l7, int dir, * undefined behaviour. */ static int -acl_fetch_srv_is_up(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_srv_is_up(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct server *srv = args->data.srv; @@ -1417,7 +1417,7 @@ acl_fetch_srv_is_up(struct proxy *px, struct session *l4, void *l7, int dir, * undefined behaviour. */ static int -acl_fetch_connslots(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_connslots(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct server *iterator; @@ -1445,7 +1445,7 @@ acl_fetch_connslots(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the id of the backend */ static int -acl_fetch_be_id(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_be_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TXN; @@ -1456,7 +1456,7 @@ acl_fetch_be_id(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the id of the server */ static int -acl_fetch_srv_id(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_srv_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!target_srv(&l4->target)) @@ -1473,7 +1473,7 @@ acl_fetch_srv_id(struct proxy *px, struct session *l4, void *l7, int dir, * undefined behaviour. */ static int -acl_fetch_be_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_be_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; @@ -1487,7 +1487,7 @@ acl_fetch_be_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, * undefined behaviour. */ static int -acl_fetch_be_conn(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_be_conn(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; @@ -1501,7 +1501,7 @@ acl_fetch_be_conn(struct proxy *px, struct session *l4, void *l7, int dir, * undefined behaviour. */ static int -acl_fetch_queue_size(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_queue_size(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; @@ -1519,7 +1519,7 @@ acl_fetch_queue_size(struct proxy *px, struct session *l4, void *l7, int dir, * undefined behaviour. */ static int -acl_fetch_avg_queue_size(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_avg_queue_size(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int nbsrv; @@ -1548,7 +1548,7 @@ acl_fetch_avg_queue_size(struct proxy *px, struct session *l4, void *l7, int dir * undefined behaviour. */ static int -acl_fetch_srv_conn(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_srv_conn(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; diff --git a/src/cfgparse.c b/src/cfgparse.c index 4719abbd3..a3ac66121 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -1120,7 +1120,7 @@ static int create_cond_regex_rule(const char *file, int line, goto err; } - if (dir == ACL_DIR_REQ) + if (dir == SMP_OPT_DIR_REQ) err_code |= warnif_cond_requires_resp(cond, file, line); else err_code |= warnif_cond_requires_req(cond, file, line); @@ -1138,7 +1138,7 @@ static int create_cond_regex_rule(const char *file, int line, goto err; } - err = chain_regex((dir == ACL_DIR_REQ) ? &px->req_exp : &px->rsp_exp, + err = chain_regex((dir == SMP_OPT_DIR_REQ) ? &px->req_exp : &px->rsp_exp, preg, action, repl ? strdup(repl) : NULL, cond); if (repl && err) { Alert("parsing [%s:%d] : '%s' : invalid character or unterminated sequence in replacement string near '%c'.\n", @@ -1147,7 +1147,7 @@ static int create_cond_regex_rule(const char *file, int line, goto err; } - if (dir == ACL_DIR_REQ && warnif_misplaced_reqxxx(px, file, line, cmd)) + if (dir == SMP_OPT_DIR_REQ && warnif_misplaced_reqxxx(px, file, line, cmd)) err_code |= ERR_WARN; return err_code; @@ -3005,7 +3005,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) } if (flags & STK_ON_RSP) { - if (!(expr->fetch->dir & PATTERN_FETCH_RTR)) { + if (!(expr->fetch->cap & SMP_CAP_RES)) { Alert("parsing [%s:%d] : '%s': fetch method '%s' can not be used on response.\n", file, linenum, args[0], expr->fetch->kw); err_code |= ERR_ALERT | ERR_FATAL; @@ -3013,7 +3013,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } } else { - if (!(expr->fetch->dir & PATTERN_FETCH_REQ)) { + if (!(expr->fetch->cap & SMP_CAP_REQ)) { Alert("parsing [%s:%d] : '%s': fetch method '%s' can not be used on request.\n", file, linenum, args[0], expr->fetch->kw); err_code |= ERR_ALERT | ERR_FATAL; @@ -4882,56 +4882,56 @@ stats_error_parsing: } err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_REPLACE, 0, + SMP_OPT_DIR_REQ, ACT_REPLACE, 0, args[0], args[1], args[2], (const char **)args+3); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqdel")) { /* delete request header from a regex */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_REMOVE, 0, + SMP_OPT_DIR_REQ, ACT_REMOVE, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqdeny")) { /* deny a request if a header matches this regex */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_DENY, 0, + SMP_OPT_DIR_REQ, ACT_DENY, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqpass")) { /* pass this header without allowing or denying the request */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_PASS, 0, + SMP_OPT_DIR_REQ, ACT_PASS, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqallow")) { /* allow a request if a header matches this regex */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_ALLOW, 0, + SMP_OPT_DIR_REQ, ACT_ALLOW, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqtarpit")) { /* tarpit a request if a header matches this regex */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_TARPIT, 0, + SMP_OPT_DIR_REQ, ACT_TARPIT, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqsetbe")) { /* switch the backend from a regex, respecting case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_SETBE, 0, + SMP_OPT_DIR_REQ, ACT_SETBE, 0, args[0], args[1], args[2], (const char **)args+3); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqisetbe")) { /* switch the backend from a regex, ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_SETBE, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_SETBE, REG_ICASE, args[0], args[1], args[2], (const char **)args+3); if (err_code & ERR_FATAL) goto out; @@ -4945,42 +4945,42 @@ stats_error_parsing: } err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_REPLACE, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_REPLACE, REG_ICASE, args[0], args[1], args[2], (const char **)args+3); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqidel")) { /* delete request header from a regex ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_REMOVE, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_REMOVE, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqideny")) { /* deny a request if a header matches this regex ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_DENY, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_DENY, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqipass")) { /* pass this header without allowing or denying the request */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_PASS, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_PASS, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqiallow")) { /* allow a request if a header matches this regex ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_ALLOW, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_ALLOW, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "reqitarpit")) { /* tarpit a request if a header matches this regex ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_REQ, ACT_TARPIT, REG_ICASE, + SMP_OPT_DIR_REQ, ACT_TARPIT, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; @@ -5033,21 +5033,21 @@ stats_error_parsing: } err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_RTR, ACT_REPLACE, 0, + SMP_OPT_DIR_RES, ACT_REPLACE, 0, args[0], args[1], args[2], (const char **)args+3); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "rspdel")) { /* delete response header from a regex */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_RTR, ACT_REMOVE, 0, + SMP_OPT_DIR_RES, ACT_REMOVE, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "rspdeny")) { /* block response header from a regex */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_RTR, ACT_DENY, 0, + SMP_OPT_DIR_RES, ACT_DENY, 0, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; @@ -5061,21 +5061,21 @@ stats_error_parsing: } err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_RTR, ACT_REPLACE, REG_ICASE, + SMP_OPT_DIR_RES, ACT_REPLACE, REG_ICASE, args[0], args[1], args[2], (const char **)args+3); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "rspidel")) { /* delete response header from a regex ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_RTR, ACT_REMOVE, REG_ICASE, + SMP_OPT_DIR_RES, ACT_REMOVE, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; } else if (!strcmp(args[0], "rspideny")) { /* block response header from a regex ignoring case */ err_code |= create_cond_regex_rule(file, linenum, curproxy, - ACL_DIR_RTR, ACT_DENY, REG_ICASE, + SMP_OPT_DIR_RES, ACT_DENY, REG_ICASE, args[0], args[1], NULL, (const char **)args+2); if (err_code & ERR_FATAL) goto out; diff --git a/src/frontend.c b/src/frontend.c index 8cd9de7a9..6485b0747 100644 --- a/src/frontend.c +++ b/src/frontend.c @@ -499,7 +499,7 @@ int make_proxy_line(char *buf, int buf_len, struct sockaddr_storage *src, struct /* set temp integer to the id of the frontend */ static int -acl_fetch_fe_id(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_fe_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_SESS; @@ -513,7 +513,7 @@ acl_fetch_fe_id(struct proxy *px, struct session *l4, void *l7, int dir, * an undefined behaviour. */ static int -acl_fetch_fe_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_fe_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; @@ -527,7 +527,7 @@ acl_fetch_fe_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, * an undefined behaviour. */ static int -acl_fetch_fe_conn(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_fe_conn(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; diff --git a/src/pattern.c b/src/pattern.c index 9787eccd0..f6afb9700 100644 --- a/src/pattern.c +++ b/src/pattern.c @@ -463,7 +463,7 @@ out_error: /* * Process a fetch + format conversion of defined by the pattern expression - * on request or response considering the parameter. + * on request or response considering the parameter. * Returns a pointer on a typed pattern structure containing the result or NULL if * pattern is not found or when format conversion failed. * If

is not null, function returns results in structure pointed by

. @@ -473,7 +473,8 @@ out_error: * conversion functions must do so too. However the cast functions do not need * to since they're made to cast mutiple types according to what is required. */ -struct sample *pattern_process(struct proxy *px, struct session *l4, void *l7, int dir, +struct sample *pattern_process(struct proxy *px, struct session *l4, void *l7, + unsigned int opt, struct pattern_expr *expr, struct sample *p) { struct pattern_conv_expr *conv_expr; @@ -482,7 +483,7 @@ struct sample *pattern_process(struct proxy *px, struct session *l4, void *l7, i p = &temp_smp; p->flags = 0; - if (!expr->fetch->process(px, l4, l7, dir, expr->arg_p, p)) + if (!expr->fetch->process(px, l4, l7, opt, expr->arg_p, p)) return NULL; list_for_each_entry(conv_expr, &expr->conv_exprs, list) { diff --git a/src/proto_http.c b/src/proto_http.c index 7421688d1..6302ea468 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -2355,7 +2355,7 @@ int http_wait_for_request(struct session *s, struct buffer *req, int an_bit) /* Check if we want to fail this monitor request or not */ list_for_each_entry(cond, &s->fe->mon_fail_cond, list) { - int ret = acl_exec_cond(cond, s->fe, s, txn, ACL_DIR_REQ); + int ret = acl_exec_cond(cond, s->fe, s, txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (cond->pol == ACL_COND_UNLESS) @@ -2735,7 +2735,7 @@ http_check_access_rule(struct proxy *px, struct list *rules, struct session *s, /* check condition, but only if attached */ if (rule->cond) { - ret = acl_exec_cond(rule->cond, px, s, txn, ACL_DIR_REQ); + ret = acl_exec_cond(rule->cond, px, s, txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) @@ -2789,7 +2789,7 @@ int http_process_req_common(struct session *s, struct buffer *req, int an_bit, s /* first check whether we have some ACLs set to block this request */ list_for_each_entry(cond, &px->block_cond, list) { - int ret = acl_exec_cond(cond, px, s, txn, ACL_DIR_REQ); + int ret = acl_exec_cond(cond, px, s, txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (cond->pol == ACL_COND_UNLESS) @@ -2944,7 +2944,7 @@ int http_process_req_common(struct session *s, struct buffer *req, int an_bit, s /* add request headers from the rule sets in the same order */ list_for_each_entry(wl, &px->req_add, list) { if (wl->cond) { - int ret = acl_exec_cond(wl->cond, px, s, txn, ACL_DIR_REQ); + int ret = acl_exec_cond(wl->cond, px, s, txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (((struct acl_cond *)wl->cond)->pol == ACL_COND_UNLESS) ret = !ret; @@ -2969,7 +2969,7 @@ int http_process_req_common(struct session *s, struct buffer *req, int an_bit, s int ret = 1; if (stats_admin_rule->cond) { - ret = acl_exec_cond(stats_admin_rule->cond, s->be, s, &s->txn, ACL_DIR_REQ); + ret = acl_exec_cond(stats_admin_rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (stats_admin_rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -3031,7 +3031,7 @@ int http_process_req_common(struct session *s, struct buffer *req, int an_bit, s int ret = ACL_PAT_PASS; if (rule->cond) { - ret = acl_exec_cond(rule->cond, px, s, txn, ACL_DIR_REQ); + ret = acl_exec_cond(rule->cond, px, s, txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -5004,7 +5004,7 @@ int http_process_res_common(struct session *t, struct buffer *rep, int an_bit, s if (txn->status < 200) break; if (wl->cond) { - int ret = acl_exec_cond(wl->cond, px, t, txn, ACL_DIR_RTR); + int ret = acl_exec_cond(wl->cond, px, t, txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL); ret = acl_pass(ret); if (((struct acl_cond *)wl->cond)->pol == ACL_COND_UNLESS) ret = !ret; @@ -5737,7 +5737,7 @@ int apply_filters_to_request(struct session *s, struct buffer *req, struct proxy * next filter if the condition does not match. */ if (exp->cond) { - ret = acl_exec_cond(exp->cond, px, s, txn, ACL_DIR_REQ); + ret = acl_exec_cond(exp->cond, px, s, txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (((struct acl_cond *)exp->cond)->pol == ACL_COND_UNLESS) ret = !ret; @@ -6577,7 +6577,7 @@ int apply_filters_to_response(struct session *s, struct buffer *rtr, struct prox * next filter if the condition does not match. */ if (exp->cond) { - ret = acl_exec_cond(exp->cond, px, s, txn, ACL_DIR_RTR); + ret = acl_exec_cond(exp->cond, px, s, txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL); ret = acl_pass(ret); if (((struct acl_cond *)exp->cond)->pol == ACL_COND_UNLESS) ret = !ret; @@ -7541,7 +7541,7 @@ req_error_parsing: * 1 if an HTTP message is ready */ static int -acl_prefetch_http(struct proxy *px, struct session *s, void *l7, int dir, +acl_prefetch_http(struct proxy *px, struct session *s, void *l7, unsigned int opt, const struct arg *args, struct sample *smp, int req_vol) { struct http_txn *txn = l7; @@ -7557,7 +7557,7 @@ acl_prefetch_http(struct proxy *px, struct session *s, void *l7, int dir, /* Check for a dependency on a request */ smp->type = SMP_T_BOOL; - if ((dir & ACL_DIR_MASK) == ACL_DIR_REQ) { + if ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) { if (unlikely(!s->req)) return 0; @@ -7612,10 +7612,10 @@ acl_prefetch_http(struct proxy *px, struct session *s, void *l7, int dir, } #define CHECK_HTTP_MESSAGE_FIRST() \ - do { int r = acl_prefetch_http(px, l4, l7, dir, args, smp, 1); if (r <= 0) return r; } while (0) + do { int r = acl_prefetch_http(px, l4, l7, opt, args, smp, 1); if (r <= 0) return r; } while (0) #define CHECK_HTTP_MESSAGE_FIRST_PERM() \ - do { int r = acl_prefetch_http(px, l4, l7, dir, args, smp, 0); if (r <= 0) return r; } while (0) + do { int r = acl_prefetch_http(px, l4, l7, opt, args, smp, 0); if (r <= 0) return r; } while (0) /* 1. Check on METHOD @@ -7648,7 +7648,7 @@ static int acl_parse_meth(const char **text, struct acl_pattern *pattern, int *o * This is intended to be used with acl_match_meth() only. */ static int -acl_fetch_meth(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_meth(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int meth; @@ -7712,7 +7712,7 @@ static int acl_parse_ver(const char **text, struct acl_pattern *pattern, int *op } static int -acl_fetch_rqver(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_rqver(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7737,7 +7737,7 @@ acl_fetch_rqver(struct proxy *px, struct session *l4, void *l7, int dir, } static int -acl_fetch_stver(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_stver(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7763,7 +7763,7 @@ acl_fetch_stver(struct proxy *px, struct session *l4, void *l7, int dir, /* 3. Check on Status Code. We manipulate integers here. */ static int -acl_fetch_stcode(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_stcode(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7783,7 +7783,7 @@ acl_fetch_stcode(struct proxy *px, struct session *l4, void *l7, int dir, /* 4. Check on URL/URI. A pointer to the URI is stored. */ static int -acl_fetch_url(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_url(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7798,7 +7798,7 @@ acl_fetch_url(struct proxy *px, struct session *l4, void *l7, int dir, } static int -acl_fetch_url_ip(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_url_ip(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7824,7 +7824,7 @@ acl_fetch_url_ip(struct proxy *px, struct session *l4, void *l7, int dir, } static int -acl_fetch_url_port(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_url_port(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7847,13 +7847,13 @@ acl_fetch_url_port(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type string. */ static int -acl_fetch_hdr(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_hdr(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; struct hdr_idx *idx = &txn->hdr_idx; struct hdr_ctx *ctx = (struct hdr_ctx *)smp->ctx.a; - const struct http_msg *msg = ((dir & ACL_DIR_MASK) == ACL_DIR_REQ) ? &txn->req : &txn->rsp; + const struct http_msg *msg = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) ? &txn->req : &txn->rsp; if (!args || args->type != ARGT_STR) return 0; @@ -7883,13 +7883,13 @@ acl_fetch_hdr(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type string. */ static int -acl_fetch_hdr_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_hdr_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; struct hdr_idx *idx = &txn->hdr_idx; struct hdr_ctx ctx; - const struct http_msg *msg = ((dir & ACL_DIR_MASK) == ACL_DIR_REQ) ? &txn->req : &txn->rsp; + const struct http_msg *msg = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) ? &txn->req : &txn->rsp; int cnt; if (!args || args->type != ARGT_STR) @@ -7912,10 +7912,10 @@ acl_fetch_hdr_cnt(struct proxy *px, struct session *l4, void *l7, int dir, * FIXME: the type is 'int', it may not be appropriate for everything. */ static int -acl_fetch_hdr_val(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_hdr_val(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { - int ret = acl_fetch_hdr(px, l4, l7, dir, args, smp); + int ret = acl_fetch_hdr(px, l4, l7, opt, args, smp); if (ret > 0) { smp->type = SMP_T_UINT; @@ -7928,12 +7928,12 @@ acl_fetch_hdr_val(struct proxy *px, struct session *l4, void *l7, int dir, /* 7. Check on HTTP header's IPv4 address value. The IPv4 address is returned. */ static int -acl_fetch_hdr_ip(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_hdr_ip(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int ret; - while ((ret = acl_fetch_hdr(px, l4, l7, dir, args, smp)) > 0) { + while ((ret = acl_fetch_hdr(px, l4, l7, opt, args, smp)) > 0) { smp->type = SMP_T_IPV4; if (url2ipv4((char *)smp->data.str.str, &smp->data.ipv4)) break; @@ -7946,7 +7946,7 @@ acl_fetch_hdr_ip(struct proxy *px, struct session *l4, void *l7, int dir, * the first '/' after the possible hostname, and ends before the possible '?'. */ static int -acl_fetch_path(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_path(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -7972,7 +7972,7 @@ acl_fetch_path(struct proxy *px, struct session *l4, void *l7, int dir, } static int -acl_fetch_proto_http(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_proto_http(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { /* Note: hdr_idx.v cannot be NULL in this ACL because the ACL is tagged @@ -7988,7 +7988,7 @@ acl_fetch_proto_http(struct proxy *px, struct session *l4, void *l7, int dir, /* return a valid test if the current request is the first one on the connection */ static int -acl_fetch_http_first_req(struct proxy *px, struct session *s, void *l7, int dir, +acl_fetch_http_first_req(struct proxy *px, struct session *s, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!s) @@ -8001,7 +8001,7 @@ acl_fetch_http_first_req(struct proxy *px, struct session *s, void *l7, int dir, /* Accepts exactly 1 argument of type userlist */ static int -acl_fetch_http_auth(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_http_auth(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { @@ -8121,7 +8121,7 @@ extract_cookie_value(char *hdr, const char *hdr_end, * Accepts exactly 1 argument of type string. */ static int -acl_fetch_cookie_value(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_cookie_value(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -8137,7 +8137,7 @@ acl_fetch_cookie_value(struct proxy *px, struct session *l4, void *l7, int dir, CHECK_HTTP_MESSAGE_FIRST(); - if ((dir & ACL_DIR_MASK) == ACL_DIR_REQ) { + if ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) { msg = &txn->req; hdr_name = "Cookie"; hdr_name_len = 6; @@ -8172,7 +8172,7 @@ acl_fetch_cookie_value(struct proxy *px, struct session *l4, void *l7, int dir, smp->type = SMP_T_CSTR; smp->ctx.a[0] = extract_cookie_value(smp->ctx.a[0], smp->ctx.a[1], args->data.str.str, args->data.str.len, - (dir & ACL_DIR_MASK) == ACL_DIR_REQ, + (opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ, &smp->data.str.str, &smp->data.str.len); if (smp->ctx.a[0]) { @@ -8195,7 +8195,7 @@ acl_fetch_cookie_value(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type string. */ static int -acl_fetch_cookie_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_cookie_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct http_txn *txn = l7; @@ -8213,7 +8213,7 @@ acl_fetch_cookie_cnt(struct proxy *px, struct session *l4, void *l7, int dir, CHECK_HTTP_MESSAGE_FIRST(); - if ((dir & ACL_DIR_MASK) == ACL_DIR_REQ) { + if ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ) { msg = &txn->req; hdr_name = "Cookie"; hdr_name_len = 6; @@ -8244,7 +8244,7 @@ acl_fetch_cookie_cnt(struct proxy *px, struct session *l4, void *l7, int dir, smp->type = SMP_T_CSTR; while ((val_beg = extract_cookie_value(val_beg, val_end, args->data.str.str, args->data.str.len, - (dir & ACL_DIR_MASK) == ACL_DIR_REQ, + (opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ, &smp->data.str.str, &smp->data.str.len))) { cnt++; @@ -8349,7 +8349,7 @@ static struct acl_kw_list acl_kws = {{ },{ /* Returns the last occurrence of specified header. */ static int -pattern_fetch_hdr(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_hdr(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { struct http_txn *txn = l7; @@ -8445,7 +8445,7 @@ find_url_param_value(char* path, size_t path_l, } static int -pattern_fetch_url_param(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_url_param(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { struct http_txn *txn = l7; @@ -8499,7 +8499,7 @@ find_cookie_value(struct http_msg *msg, struct http_txn *txn, } static int -pattern_fetch_cookie(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_cookie(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { struct http_txn *txn = l7; @@ -8522,7 +8522,7 @@ pattern_fetch_cookie(struct proxy *px, struct session *l4, void *l7, int dir, static int -pattern_fetch_set_cookie(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_set_cookie(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { struct http_txn *txn = l7; @@ -8548,10 +8548,10 @@ pattern_fetch_set_cookie(struct proxy *px, struct session *l4, void *l7, int dir /************************************************************************/ /* Note: must not be declared as its list will be overwritten */ static struct pattern_fetch_kw_list pattern_fetch_keywords = {{ },{ - { "hdr", pattern_fetch_hdr, ARG1(1,STR), NULL, SMP_T_CSTR, PATTERN_FETCH_REQ }, - { "url_param", pattern_fetch_url_param, ARG1(1,STR), NULL, SMP_T_CSTR, PATTERN_FETCH_REQ }, - { "cookie", pattern_fetch_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, PATTERN_FETCH_REQ }, - { "set-cookie", pattern_fetch_set_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, PATTERN_FETCH_RTR }, + { "hdr", pattern_fetch_hdr, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ }, + { "url_param", pattern_fetch_url_param, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ }, + { "cookie", pattern_fetch_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ }, + { "set-cookie", pattern_fetch_set_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_RES }, { NULL, NULL, 0, 0, 0 }, }}; diff --git a/src/proto_tcp.c b/src/proto_tcp.c index ff094c13b..6bc669e8f 100644 --- a/src/proto_tcp.c +++ b/src/proto_tcp.c @@ -690,15 +690,15 @@ int tcp_inspect_request(struct session *s, struct buffer *req, int an_bit) */ if (req->flags & (BF_SHUTR|BF_FULL) || !s->be->tcp_req.inspect_delay || tick_is_expired(req->analyse_exp, now_ms)) - partial = 0; + partial = SMP_OPT_FINAL; else - partial = ACL_PARTIAL; + partial = 0; list_for_each_entry(rule, &s->be->tcp_req.inspect_rules, list) { int ret = ACL_PAT_PASS; if (rule->cond) { - ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, ACL_DIR_REQ | partial); + ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_REQ | partial); if (ret == ACL_PAT_MISS) { buffer_dont_connect(req); /* just set the request timeout once at the beginning of the request */ @@ -808,15 +808,15 @@ int tcp_inspect_response(struct session *s, struct buffer *rep, int an_bit) */ if (rep->flags & BF_SHUTR || tick_is_expired(rep->analyse_exp, now_ms)) - partial = 0; + partial = SMP_OPT_FINAL; else - partial = ACL_PARTIAL; + partial = 0; list_for_each_entry(rule, &s->be->tcp_rep.inspect_rules, list) { int ret = ACL_PAT_PASS; if (rule->cond) { - ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, ACL_DIR_RTR | partial); + ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_RES | partial); if (ret == ACL_PAT_MISS) { /* just set the analyser timeout once at the beginning of the response */ if (!tick_isset(rep->analyse_exp) && s->be->tcp_rep.inspect_delay) @@ -880,7 +880,7 @@ int tcp_exec_req_rules(struct session *s) ret = ACL_PAT_PASS; if (rule->cond) { - ret = acl_exec_cond(rule->cond, s->fe, s, NULL, ACL_DIR_REQ); + ret = acl_exec_cond(rule->cond, s->fe, s, NULL, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -1257,7 +1257,7 @@ static int tcp_parse_tcp_req(char **args, int section_type, struct proxy *curpx, * is a string (cookie name), other types will lead to undefined behaviour. */ int -smp_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, int dir, +smp_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int bleft; @@ -1345,13 +1345,13 @@ smp_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, int dir, } static int -pattern_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { int ret; /* sample type set by smp_fetch_rdp_cookie() */ - ret = smp_fetch_rdp_cookie(px, l4, NULL, ACL_DIR_REQ, arg_p, smp); + ret = smp_fetch_rdp_cookie(px, l4, NULL, opt, arg_p, smp); if (ret == 0 || (smp->flags & SMP_F_MAY_CHANGE) || smp->data.str.len == 0) return 0; return 1; @@ -1363,12 +1363,12 @@ pattern_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, int dir /* returns either 1 or 0 depending on whether an RDP cookie is found or not */ static int -acl_fetch_rdp_cookie_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_rdp_cookie_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { int ret; - ret = smp_fetch_rdp_cookie(px, l4, l7, dir, args, smp); + ret = smp_fetch_rdp_cookie(px, l4, l7, opt, args, smp); if (smp->flags & SMP_F_MAY_CHANGE) return 0; @@ -1382,7 +1382,7 @@ acl_fetch_rdp_cookie_cnt(struct proxy *px, struct session *l4, void *l7, int dir /* copy the source IPv4/v6 address into temp_pattern */ static int -acl_fetch_src(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { switch (l4->si[0].addr.from.ss_family) { @@ -1404,7 +1404,7 @@ acl_fetch_src(struct proxy *px, struct session *l4, void *l7, int dir, /* extract the connection's source ipv4 address */ static int -pattern_fetch_src(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_src(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { if (l4->si[0].addr.from.ss_family != AF_INET ) @@ -1417,7 +1417,7 @@ pattern_fetch_src(struct proxy *px, struct session *l4, void *l7, int dir, /* extract the connection's source ipv6 address */ static int -pattern_fetch_src6(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_src6(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { if (l4->si[0].addr.from.ss_family != AF_INET6) @@ -1430,7 +1430,7 @@ pattern_fetch_src6(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the connection's source port */ static int -acl_fetch_sport(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sport(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->type = SMP_T_UINT; @@ -1444,7 +1444,7 @@ acl_fetch_sport(struct proxy *px, struct session *l4, void *l7, int dir, /* set test->ptr to point to the frontend's IPv4/IPv6 address and test->i to the family */ static int -acl_fetch_dst(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_dst(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { stream_sock_get_to_addr(&l4->si[0]); @@ -1469,7 +1469,7 @@ acl_fetch_dst(struct proxy *px, struct session *l4, void *l7, int dir, /* extract the connection's destination ipv4 address */ static int -pattern_fetch_dst(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_dst(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { stream_sock_get_to_addr(&l4->si[0]); @@ -1484,7 +1484,7 @@ pattern_fetch_dst(struct proxy *px, struct session *l4, void *l7, int dir, /* extract the connection's destination ipv6 address */ static int -pattern_fetch_dst6(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_dst6(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { stream_sock_get_to_addr(&l4->si[0]); @@ -1499,7 +1499,7 @@ pattern_fetch_dst6(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the frontend connexion's destination port */ static int -acl_fetch_dport(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_dport(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { stream_sock_get_to_addr(&l4->si[0]); @@ -1513,7 +1513,7 @@ acl_fetch_dport(struct proxy *px, struct session *l4, void *l7, int dir, } static int -pattern_fetch_dport(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_dport(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg, struct sample *smp) { smp->type = SMP_T_UINT; @@ -1526,7 +1526,7 @@ pattern_fetch_dport(struct proxy *px, struct session *l4, void *l7, int dir, } static int -pattern_fetch_payloadlv(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_payloadlv(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { int len_offset = arg_p[0].data.uint; @@ -1543,7 +1543,7 @@ pattern_fetch_payloadlv(struct proxy *px, struct session *l4, void *l7, int dir, if (!l4) return 0; - b = (dir & PATTERN_FETCH_RTR) ? l4->rep : l4->req; + b = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? l4->rep : l4->req; if (!b || !b->i) return 0; @@ -1576,7 +1576,7 @@ pattern_fetch_payloadlv(struct proxy *px, struct session *l4, void *l7, int dir, } static int -pattern_fetch_payload(struct proxy *px, struct session *l4, void *l7, int dir, +pattern_fetch_payload(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *arg_p, struct sample *smp) { int buf_offset = arg_p[0].data.uint; @@ -1586,7 +1586,7 @@ pattern_fetch_payload(struct proxy *px, struct session *l4, void *l7, int dir, if (!l4) return 0; - b = (dir & PATTERN_FETCH_RTR) ? l4->rep : l4->req; + b = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? l4->rep : l4->req; if (!b || !b->i) return 0; @@ -1666,14 +1666,14 @@ static struct acl_kw_list acl_kws = {{ },{ /* Note: must not be declared as its list will be overwritten */ static struct pattern_fetch_kw_list pattern_fetch_keywords = {{ },{ - { "src", pattern_fetch_src, 0, NULL, SMP_T_IPV4, PATTERN_FETCH_REQ }, - { "src6", pattern_fetch_src6, 0, NULL, SMP_T_IPV6, PATTERN_FETCH_REQ }, - { "dst", pattern_fetch_dst, 0, NULL, SMP_T_IPV4, PATTERN_FETCH_REQ }, - { "dst6", pattern_fetch_dst6, 0, NULL, SMP_T_IPV6, PATTERN_FETCH_REQ }, - { "dst_port", pattern_fetch_dport, 0, NULL, SMP_T_UINT, PATTERN_FETCH_REQ }, - { "payload", pattern_fetch_payload, ARG2(2,UINT,UINT), val_payload, SMP_T_CBIN, PATTERN_FETCH_REQ|PATTERN_FETCH_RTR }, - { "payload_lv", pattern_fetch_payloadlv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_CBIN, PATTERN_FETCH_REQ|PATTERN_FETCH_RTR }, - { "rdp_cookie", pattern_fetch_rdp_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, PATTERN_FETCH_REQ }, + { "src", pattern_fetch_src, 0, NULL, SMP_T_IPV4, SMP_CAP_REQ|SMP_CAP_RES }, + { "src6", pattern_fetch_src6, 0, NULL, SMP_T_IPV6, SMP_CAP_REQ|SMP_CAP_RES }, + { "dst", pattern_fetch_dst, 0, NULL, SMP_T_IPV4, SMP_CAP_REQ|SMP_CAP_RES }, + { "dst6", pattern_fetch_dst6, 0, NULL, SMP_T_IPV6, SMP_CAP_REQ|SMP_CAP_RES }, + { "dst_port", pattern_fetch_dport, 0, NULL, SMP_T_UINT, SMP_CAP_REQ|SMP_CAP_RES }, + { "payload", pattern_fetch_payload, ARG2(2,UINT,UINT), val_payload, SMP_T_CBIN, SMP_CAP_REQ|SMP_CAP_RES }, + { "payload_lv", pattern_fetch_payloadlv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_CBIN, SMP_CAP_REQ|SMP_CAP_RES }, + { "rdp_cookie", pattern_fetch_rdp_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ|SMP_CAP_RES }, { NULL, NULL, 0, 0, 0 }, }}; diff --git a/src/protocols.c b/src/protocols.c index 8a95c2db2..5b3e081cf 100644 --- a/src/protocols.c +++ b/src/protocols.c @@ -325,7 +325,7 @@ int protocol_disable_all(void) /* set temp integer to the number of connexions to the same listening socket */ static int -acl_fetch_dconn(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_dconn(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->type = SMP_T_UINT; @@ -335,7 +335,7 @@ acl_fetch_dconn(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the id of the socket (listener) */ static int -acl_fetch_so_id(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_so_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->type = SMP_T_UINT; diff --git a/src/session.c b/src/session.c index f381f9efc..9d1c9357c 100644 --- a/src/session.c +++ b/src/session.c @@ -982,7 +982,7 @@ static int process_switching_rules(struct session *s, struct buffer *req, int an list_for_each_entry(rule, &s->fe->switching_rules, list) { int ret; - ret = acl_exec_cond(rule->cond, s->fe, s, &s->txn, ACL_DIR_REQ); + ret = acl_exec_cond(rule->cond, s->fe, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -1017,7 +1017,7 @@ static int process_switching_rules(struct session *s, struct buffer *req, int an int ret = 1; if (prst_rule->cond) { - ret = acl_exec_cond(prst_rule->cond, s->be, s, &s->txn, ACL_DIR_REQ); + ret = acl_exec_cond(prst_rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (prst_rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -1074,7 +1074,7 @@ static int process_server_rules(struct session *s, struct buffer *req, int an_bi list_for_each_entry(rule, &px->server_rules, list) { int ret; - ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, ACL_DIR_REQ); + ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -1132,7 +1132,7 @@ static int process_sticking_rules(struct session *s, struct buffer *req, int an_ continue; if (rule->cond) { - ret = acl_exec_cond(rule->cond, px, s, &s->txn, ACL_DIR_REQ); + ret = acl_exec_cond(rule->cond, px, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -1141,7 +1141,7 @@ static int process_sticking_rules(struct session *s, struct buffer *req, int an_ if (ret) { struct stktable_key *key; - key = stktable_fetch_key(rule->table.t, px, s, &s->txn, PATTERN_FETCH_REQ, rule->expr); + key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->expr); if (!key) continue; @@ -1225,7 +1225,7 @@ static int process_store_rules(struct session *s, struct buffer *rep, int an_bit continue; if (rule->cond) { - ret = acl_exec_cond(rule->cond, px, s, &s->txn, ACL_DIR_RTR); + ret = acl_exec_cond(rule->cond, px, s, &s->txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; @@ -1234,7 +1234,7 @@ static int process_store_rules(struct session *s, struct buffer *rep, int an_bit if (ret) { struct stktable_key *key; - key = stktable_fetch_key(rule->table.t, px, s, &s->txn, PATTERN_FETCH_RTR, rule->expr); + key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL, rule->expr); if (!key) continue; @@ -2326,7 +2326,7 @@ acl_fetch_get_gpc0(struct stktable *table, struct sample *smp, struct stksess *t * frontend counters. */ static int -acl_fetch_sc1_get_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_get_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2338,7 +2338,7 @@ acl_fetch_sc1_get_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, * backend counters. */ static int -acl_fetch_sc2_get_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_get_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2351,7 +2351,7 @@ acl_fetch_sc2_get_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_get_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_get_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2386,7 +2386,7 @@ acl_fetch_inc_gpc0(struct stktable *table, struct sample *smp, struct stksess *t * frontend counters and return it into temp integer. */ static int -acl_fetch_sc1_inc_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2398,7 +2398,7 @@ acl_fetch_sc1_inc_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, * backend counters and return it into temp integer. */ static int -acl_fetch_sc2_inc_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2411,7 +2411,7 @@ acl_fetch_sc2_inc_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_inc_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2447,7 +2447,7 @@ acl_fetch_clr_gpc0(struct stktable *table, struct sample *smp, struct stksess *t * frontend counters and return its previous value into temp integer. */ static int -acl_fetch_sc1_clr_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2459,7 +2459,7 @@ acl_fetch_sc1_clr_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, * backend counters and return its previous value into temp integer. */ static int -acl_fetch_sc2_clr_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2472,7 +2472,7 @@ acl_fetch_sc2_clr_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_clr_gpc0(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2503,7 +2503,7 @@ acl_fetch_conn_cnt(struct stktable *table, struct sample *smp, struct stksess *t /* set temp integer to the cumulated number of connections from the session's tracked FE counters */ static int -acl_fetch_sc1_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2514,7 +2514,7 @@ acl_fetch_sc1_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the cumulated number of connections from the session's tracked BE counters */ static int -acl_fetch_sc2_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2528,7 +2528,7 @@ acl_fetch_sc2_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2562,7 +2562,7 @@ acl_fetch_conn_rate(struct stktable *table, struct sample *smp, struct stksess * * the configured period. */ static int -acl_fetch_sc1_conn_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_conn_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2575,7 +2575,7 @@ acl_fetch_sc1_conn_rate(struct proxy *px, struct session *l4, void *l7, int dir, * the configured period. */ static int -acl_fetch_sc2_conn_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_conn_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2589,7 +2589,7 @@ acl_fetch_sc2_conn_rate(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_conn_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_conn_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2607,7 +2607,7 @@ acl_fetch_src_conn_rate(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_updt_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_updt_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stksess *ts; @@ -2653,7 +2653,7 @@ acl_fetch_conn_cur(struct stktable *table, struct sample *smp, struct stksess *t /* set temp integer to the number of concurrent connections from the session's tracked FE counters */ static int -acl_fetch_sc1_conn_cur(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_conn_cur(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2664,7 +2664,7 @@ acl_fetch_sc1_conn_cur(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the number of concurrent connections from the session's tracked BE counters */ static int -acl_fetch_sc2_conn_cur(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_conn_cur(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2678,7 +2678,7 @@ acl_fetch_sc2_conn_cur(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_conn_cur(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_conn_cur(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2709,7 +2709,7 @@ acl_fetch_sess_cnt(struct stktable *table, struct sample *smp, struct stksess *t /* set temp integer to the cumulated number of sessions from the session's tracked FE counters */ static int -acl_fetch_sc1_sess_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_sess_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2720,7 +2720,7 @@ acl_fetch_sc1_sess_cnt(struct proxy *px, struct session *l4, void *l7, int dir, /* set temp integer to the cumulated number of sessions from the session's tracked BE counters */ static int -acl_fetch_sc2_sess_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_sess_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2734,7 +2734,7 @@ acl_fetch_sc2_sess_cnt(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_sess_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_sess_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2768,7 +2768,7 @@ acl_fetch_sess_rate(struct stktable *table, struct sample *smp, struct stksess * * the configured period. */ static int -acl_fetch_sc1_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2781,7 +2781,7 @@ acl_fetch_sc1_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, * the configured period. */ static int -acl_fetch_sc2_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2795,7 +2795,7 @@ acl_fetch_sc2_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2826,7 +2826,7 @@ acl_fetch_http_req_cnt(struct stktable *table, struct sample *smp, struct stkses /* set temp integer to the cumulated number of sessions from the session's tracked FE counters */ static int -acl_fetch_sc1_http_req_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_http_req_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2837,7 +2837,7 @@ acl_fetch_sc1_http_req_cnt(struct proxy *px, struct session *l4, void *l7, int d /* set temp integer to the cumulated number of sessions from the session's tracked BE counters */ static int -acl_fetch_sc2_http_req_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_http_req_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2851,7 +2851,7 @@ acl_fetch_sc2_http_req_cnt(struct proxy *px, struct session *l4, void *l7, int d * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_http_req_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_http_req_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2885,7 +2885,7 @@ acl_fetch_http_req_rate(struct stktable *table, struct sample *smp, struct stkse * the configured period. */ static int -acl_fetch_sc1_http_req_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_http_req_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2898,7 +2898,7 @@ acl_fetch_sc1_http_req_rate(struct proxy *px, struct session *l4, void *l7, int * the configured period. */ static int -acl_fetch_sc2_http_req_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_http_req_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2912,7 +2912,7 @@ acl_fetch_sc2_http_req_rate(struct proxy *px, struct session *l4, void *l7, int * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_http_req_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_http_req_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -2943,7 +2943,7 @@ acl_fetch_http_err_cnt(struct stktable *table, struct sample *smp, struct stkses /* set temp integer to the cumulated number of sessions from the session's tracked FE counters */ static int -acl_fetch_sc1_http_err_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_http_err_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -2954,7 +2954,7 @@ acl_fetch_sc1_http_err_cnt(struct proxy *px, struct session *l4, void *l7, int d /* set temp integer to the cumulated number of sessions from the session's tracked BE counters */ static int -acl_fetch_sc2_http_err_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_http_err_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -2968,7 +2968,7 @@ acl_fetch_sc2_http_err_cnt(struct proxy *px, struct session *l4, void *l7, int d * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_http_err_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_http_err_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -3002,7 +3002,7 @@ acl_fetch_http_err_rate(struct stktable *table, struct sample *smp, struct stkse * the configured period. */ static int -acl_fetch_sc1_http_err_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_http_err_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -3015,7 +3015,7 @@ acl_fetch_sc1_http_err_rate(struct proxy *px, struct session *l4, void *l7, int * the configured period. */ static int -acl_fetch_sc2_http_err_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_http_err_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -3029,7 +3029,7 @@ acl_fetch_sc2_http_err_rate(struct proxy *px, struct session *l4, void *l7, int * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_http_err_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_http_err_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -3063,7 +3063,7 @@ acl_fetch_kbytes_in(struct stktable *table, struct sample *smp, struct stksess * * session's tracked FE counters. */ static int -acl_fetch_sc1_kbytes_in(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_kbytes_in(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -3076,7 +3076,7 @@ acl_fetch_sc1_kbytes_in(struct proxy *px, struct session *l4, void *l7, int dir, * session's tracked BE counters. */ static int -acl_fetch_sc2_kbytes_in(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_kbytes_in(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -3090,7 +3090,7 @@ acl_fetch_sc2_kbytes_in(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_kbytes_in(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_kbytes_in(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -3126,7 +3126,7 @@ acl_fetch_bytes_in_rate(struct stktable *table, struct sample *smp, struct stkse * counters over the configured period. */ static int -acl_fetch_sc1_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -3139,7 +3139,7 @@ acl_fetch_sc1_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, int * counters over the configured period. */ static int -acl_fetch_sc2_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -3153,7 +3153,7 @@ acl_fetch_sc2_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, int * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -3187,7 +3187,7 @@ acl_fetch_kbytes_out(struct stktable *table, struct sample *smp, struct stksess * tracked FE counters. */ static int -acl_fetch_sc1_kbytes_out(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_kbytes_out(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -3200,7 +3200,7 @@ acl_fetch_sc1_kbytes_out(struct proxy *px, struct session *l4, void *l7, int dir * tracked BE counters. */ static int -acl_fetch_sc2_kbytes_out(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_kbytes_out(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -3214,7 +3214,7 @@ acl_fetch_sc2_kbytes_out(struct proxy *px, struct session *l4, void *l7, int dir * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_kbytes_out(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_kbytes_out(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -3250,7 +3250,7 @@ acl_fetch_bytes_out_rate(struct stktable *table, struct sample *smp, struct stks * over the configured period. */ static int -acl_fetch_sc1_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc1_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr1_entry) @@ -3263,7 +3263,7 @@ acl_fetch_sc1_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, int * over the configured period. */ static int -acl_fetch_sc2_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_sc2_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { if (!l4->stkctr2_entry) @@ -3277,7 +3277,7 @@ acl_fetch_sc2_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, int * Accepts exactly 1 argument of type table. */ static int -acl_fetch_src_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_src_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { struct stktable_key *key; @@ -3294,7 +3294,7 @@ acl_fetch_src_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, int * Accepts exactly 1 argument of type table. */ static int -acl_fetch_table_cnt(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_table_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { smp->flags = SMP_F_VOL_TEST; @@ -3307,7 +3307,7 @@ acl_fetch_table_cnt(struct proxy *px, struct session *l4, void *l7, int dir, * Accepts exactly 1 argument of type table. */ static int -acl_fetch_table_avl(struct proxy *px, struct session *l4, void *l7, int dir, +acl_fetch_table_avl(struct proxy *px, struct session *l4, void *l7, unsigned int opt, const struct arg *args, struct sample *smp) { px = args->data.prx; diff --git a/src/stick_table.c b/src/stick_table.c index 08a84f261..7bff124e9 100644 --- a/src/stick_table.c +++ b/src/stick_table.c @@ -586,16 +586,17 @@ static pattern_to_key_fct pattern_to_key[SMP_TYPES][STKTABLE_TYPES] = { /* * Process a fetch + format conversion as defined by the pattern expression - * on request or response considering the

parameter. Returns either NULL if + * on request or response considering the parameter. Returns either NULL if * no key could be extracted, or a pointer to the converted result stored in * static_table_key in format . */ -struct stktable_key *stktable_fetch_key(struct stktable *t, struct proxy *px, struct session *l4, void *l7, int dir, +struct stktable_key *stktable_fetch_key(struct stktable *t, struct proxy *px, struct session *l4, void *l7, + unsigned int opt, struct pattern_expr *expr) { struct sample *smp; - smp = pattern_process(px, l4, l7, dir, expr, NULL); + smp = pattern_process(px, l4, l7, opt, expr, NULL); if (!smp) return NULL;