From f1e98b86282280249b655b93d60a7cf24800b320 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Thu, 28 Jan 2010 17:59:39 +0100 Subject: [PATCH] [CLEANUP] config: use warnif_cond_requires_resp() to check for bad ACLs Factor out some repetitive copy-pasted code to check for request ACLs validity. --- include/proto/acl.h | 2 +- src/acl.c | 2 +- src/cfgparse.c | 53 +++++++++++++++++++-------------------------- 3 files changed, 24 insertions(+), 33 deletions(-) diff --git a/include/proto/acl.h b/include/proto/acl.h index b65a2b302..ec9963d50 100644 --- a/include/proto/acl.h +++ b/include/proto/acl.h @@ -98,7 +98,7 @@ int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, v /* Reports a pointer to the first ACL used in condition which requires * at least one of the USE_FLAGS in . Returns NULL if none matches. */ -struct acl *cond_find_require(struct acl_cond *cond, unsigned int require); +struct acl *cond_find_require(const struct acl_cond *cond, unsigned int require); /* Return a pointer to the ACL within the list starting at , or * NULL if not found. diff --git a/src/acl.c b/src/acl.c index 344a91d4c..08aac69f5 100644 --- a/src/acl.c +++ b/src/acl.c @@ -1150,7 +1150,7 @@ int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, v * through and never cached, because that way, this function can be used as a * late check. */ -struct acl *cond_find_require(struct acl_cond *cond, unsigned int require) +struct acl *cond_find_require(const struct acl_cond *cond, unsigned int require) { struct acl_term_suite *suite; struct acl_term *term; diff --git a/src/cfgparse.c b/src/cfgparse.c index 6dd7eb2d5..ab8287128 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -388,6 +388,24 @@ int warnif_misplaced_reqadd(struct proxy *proxy, const char *file, int line, cha warnif_rule_after_use_backend(proxy, file, line, arg); } +/* Report it if a request ACL condition uses some response-only parameters. It + * returns either 0 or ERR_WARN so that its result can be or'ed with err_code. + * Note that may be NULL and then will be ignored. + */ +static int warnif_cond_requires_resp(const struct acl_cond *cond, const char *file, int line) +{ + struct acl *acl; + + if (!cond || !(cond->requires & ACL_USE_RTR_ANY)) + return 0; + + acl = cond_find_require(cond, ACL_USE_RTR_ANY); + Warning("parsing [%s:%d] : acl '%s' involves some response-only criteria which will be ignored.\n", + file, line, acl ? acl->name : "(unknown)"); + return ERR_WARN; +} + + /* * parse a line in a section. Returns the error code, 0 if OK, or * any combination of : @@ -2012,16 +2030,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } - if (cond->requires & ACL_USE_RTR_ANY) { - struct acl *acl; - const char *name; - - acl = cond_find_require(cond, ACL_USE_RTR_ANY); - name = acl ? acl->name : "(unknown)"; - Warning("parsing [%s:%d] : acl '%s' involves some response-only criteria which will be ignored.\n", - file, linenum, name); - err_code |= ERR_WARN; - } + err_code |= warnif_cond_requires_resp(cond, file, linenum); rule = (struct switching_rule *)calloc(1, sizeof(*rule)); rule->cond = cond; @@ -2056,16 +2065,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } - if (cond->requires & ACL_USE_RTR_ANY) { - struct acl *acl; - const char *name; - - acl = cond_find_require(cond, ACL_USE_RTR_ANY); - name = acl ? acl->name : "(unknown)"; - Warning("parsing [%s:%d] : acl '%s' involves some response-only criteria which will be ignored.\n", - file, linenum, name); - err_code |= ERR_WARN; - } + err_code |= warnif_cond_requires_resp(cond, file, linenum); rule = (struct force_persist_rule *)calloc(1, sizeof(*rule)); rule->cond = cond; @@ -2233,17 +2233,6 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) err_code |= ERR_ALERT | ERR_FATAL; goto out; } - - if (cond->requires & ACL_USE_RTR_ANY) { - struct acl *acl; - const char *name; - - acl = cond_find_require(cond, ACL_USE_RTR_ANY); - name = acl ? acl->name : "(unknown)"; - Warning("parsing [%s:%d] : '%s' : acl '%s' involves some response-only criteria which will be ignored.\n", - file, linenum, args[0], name); - err_code |= ERR_WARN; - } } else if (*(args[myidx])) { Alert("parsing [%s:%d] : '%s': unknown keyword '%s'.\n", @@ -2252,6 +2241,8 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) goto out; } + err_code |= warnif_cond_requires_resp(cond, file, linenum); + rule = (struct sticking_rule *)calloc(1, sizeof(*rule)); rule->cond = cond; rule->expr = expr;