mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-24 07:11:20 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: pattern/acl: Each pattern of each acl can be load with specified id

Browse Source 
This patch adds -u option on the acl pattern loading to force a unique ID
value.
This commit is contained in:
Thierry FOURNIER 2014-01-20 17:01:44 +01:00 committed by Willy Tarreau
parent af5a29d5f8
commit 3534d881bc
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/configuration.txt
View File

@ -8909,6 +8909,7 @@ The following ACL flags are currently supported :
-i : ignore case during matching of all subsequent patterns. -i : ignore case during matching of all subsequent patterns.
-f : load patterns from a file. -f : load patterns from a file.
-m : use a specific pattern matching method -m : use a specific pattern matching method
-u : force the unique id of the ACL
-- : force end of flags. Useful when a string looks like one of the flags. -- : force end of flags. Useful when a string looks like one of the flags.
The "-f" flag is followed by the name of a file from which all lines will be The "-f" flag is followed by the name of a file from which all lines will be
@ -8921,6 +8922,10 @@ a comment. Depending on the data type and match method, haproxy may load the
lines into a binary tree, allowing very fast lookups. This is true for IPv4 and lines into a binary tree, allowing very fast lookups. This is true for IPv4 and
exact string matching. In this case, duplicates will automatically be removed. exact string matching. In this case, duplicates will automatically be removed.
The "-u" flag forces the unique id of the ACL. This unique id is used with the
socket interface to identify ACL and dynamically change its values. Note that a
file is always identified by its name even if an id is set.
Also, note that the "-i" flag applies to subsequent entries and not to entries Also, note that the "-i" flag applies to subsequent entries and not to entries
loaded from files preceding it. For instance : loaded from files preceding it. For instance :

38
src/acl.c
View File

@ -155,6 +155,10 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
/* The following buffer contain two numbers, a ':' separator and the final \0. */ /* The following buffer contain two numbers, a ':' separator and the final \0. */
char buffer[NB_LLMAX_STR + 1 + NB_LLMAX_STR + 1]; char buffer[NB_LLMAX_STR + 1 + NB_LLMAX_STR + 1];
int is_loaded; int is_loaded;
int unique_id;
char *error;
struct pat_ref *ref;
struct pattern_expr *pattern_expr;
/* First, we look for an ACL keyword. And if we don't find one, then /* First, we look for an ACL keyword. And if we don't find one, then
* we look for a sample fetch expression starting with a sample fetch * we look for a sample fetch expression starting with a sample fetch
@ -416,13 +420,30 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
* -i : ignore case for all patterns by default * -i : ignore case for all patterns by default
* -f : read patterns from those files * -f : read patterns from those files
* -m : force matching method (must be used before -f) * -m : force matching method (must be used before -f)
* -u : force the unique id of the acl
* -- : everything after this is not an option * -- : everything after this is not an option
*/ */
patflags = 0; patflags = 0;
is_loaded = 0; is_loaded = 0;
unique_id = -1;
while (**args == '-') { while (**args == '-') {
if ((*args)[1] == 'i') if ((*args)[1] == 'i')
patflags |= PAT_F_IGNORE_CASE; patflags |= PAT_F_IGNORE_CASE;
else if ((*args)[1] == 'u') {
unique_id = strtol(args[1], &error, 10);
if (*error != '\0') {
memprintf(err, "the argument of -u must be an integer");
goto out_free_expr;
}
/* Check if this id is really unique. */
if (pat_ref_lookupid(unique_id)) {
memprintf(err, "the id is already used");
goto out_free_expr;
}
args++;
}
else if ((*args)[1] == 'f') { else if ((*args)[1] == 'f') {
if (!expr->pat.parse) { if (!expr->pat.parse) {
memprintf(err, "matching method must be specified first (using '-m') when using a sample fetch of this type ('%s')", expr->kw); memprintf(err, "matching method must be specified first (using '-m') when using a sample fetch of this type ('%s')", expr->kw);
@ -476,6 +497,18 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
goto out_free_expr; goto out_free_expr;
} }
/* Create new patern reference. */
ref = pat_ref_newid(unique_id, PAT_REF_ACL);
if (!ref) {
memprintf(err, "memory error");
goto out_free_expr;
}
/* Create new pattern expression associated to this reference. */
pattern_expr = pattern_new_expr(&expr->pat, ref, err);
if (!pattern_expr)
goto out_free_expr;
/* now parse all patterns */ /* now parse all patterns */
while (**args) { while (**args) {
arg = *args; arg = *args;
@ -598,7 +631,10 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
} }
} }
if (!pattern_register(&expr->pat, -1, PAT_REF_ACL, arg, NULL, patflags, err)) /* Add sample to the reference, and try to compile it fior each pattern
* using this value.
*/
if (!pat_ref_add(ref, arg, NULL, err))
goto out_free_expr; goto out_free_expr;
args++; args++;
} }