81
90
"\x00" /* Compression Type : 0x00 = NULL compression */
93
/* various keyword modifiers */
95
KWM_STD = 0, /* normal */
96
KWM_NO, /* "no" prefixed before the keyword */
97
KWM_DEF, /* "default" prefixed before the keyword */
84
100
/* some of the most common options which are also the easiest to handle */
89
105
unsigned int checks;
92
109
/* proxy->options */
93
110
static const struct cfg_opt cfg_opts[] =
95
{ "abortonclose", PR_O_ABRT_CLOSE, PR_CAP_BE, 0 },
96
{ "allbackups", PR_O_USE_ALL_BK, PR_CAP_BE, 0 },
97
{ "checkcache", PR_O_CHK_CACHE, PR_CAP_BE, 0 },
98
{ "clitcpka", PR_O_TCP_CLI_KA, PR_CAP_FE, 0 },
99
{ "contstats", PR_O_CONTSTATS, PR_CAP_FE, 0 },
100
{ "dontlognull", PR_O_NULLNOLOG, PR_CAP_FE, 0 },
101
{ "forceclose", PR_O_FORCE_CLO, PR_CAP_BE, 0 },
102
{ "http_proxy", PR_O_HTTP_PROXY, PR_CAP_FE | PR_CAP_BE, 0 },
103
{ "httpclose", PR_O_HTTP_CLOSE, PR_CAP_FE | PR_CAP_BE, 0 },
104
{ "keepalive", PR_O_KEEPALIVE, PR_CAP_NONE, 0 },
105
{ "logasap", PR_O_LOGASAP, PR_CAP_FE, 0 },
106
{ "nolinger", PR_O_TCP_NOLING, PR_CAP_FE | PR_CAP_BE, 0 },
107
{ "persist", PR_O_PERSIST, PR_CAP_BE, 0 },
108
{ "redispatch", PR_O_REDISP, PR_CAP_BE, 0 },
109
{ "srvtcpka", PR_O_TCP_SRV_KA, PR_CAP_BE, 0 },
110
#ifdef CONFIG_HAP_TCPSPLICE
111
{ "tcpsplice", PR_O_TCPSPLICE, PR_CAP_BE|PR_CAP_FE, LSTCHK_TCPSPLICE|LSTCHK_NETADM },
112
{ "abortonclose", PR_O_ABRT_CLOSE, PR_CAP_BE, 0, 0 },
113
{ "allbackups", PR_O_USE_ALL_BK, PR_CAP_BE, 0, 0 },
114
{ "checkcache", PR_O_CHK_CACHE, PR_CAP_BE, 0, PR_MODE_HTTP },
115
{ "clitcpka", PR_O_TCP_CLI_KA, PR_CAP_FE, 0, 0 },
116
{ "contstats", PR_O_CONTSTATS, PR_CAP_FE, 0, 0 },
117
{ "dontlognull", PR_O_NULLNOLOG, PR_CAP_FE, 0, 0 },
118
{ "forceclose", PR_O_FORCE_CLO, PR_CAP_FE | PR_CAP_BE, 0, PR_MODE_HTTP },
119
{ "http_proxy", PR_O_HTTP_PROXY, PR_CAP_FE | PR_CAP_BE, 0, PR_MODE_HTTP },
120
{ "httpclose", PR_O_HTTP_CLOSE, PR_CAP_FE | PR_CAP_BE, 0, PR_MODE_HTTP },
121
{ "keepalive", PR_O_KEEPALIVE, PR_CAP_NONE, 0, PR_MODE_HTTP },
122
{ "http-server-close", PR_O_SERVER_CLO, PR_CAP_FE | PR_CAP_BE, 0, PR_MODE_HTTP },
123
{ "logasap", PR_O_LOGASAP, PR_CAP_FE, 0, 0 },
124
{ "nolinger", PR_O_TCP_NOLING, PR_CAP_FE | PR_CAP_BE, 0, 0 },
125
{ "persist", PR_O_PERSIST, PR_CAP_BE, 0, 0 },
126
{ "redispatch", PR_O_REDISP, PR_CAP_BE, 0, 0 },
127
{ "srvtcpka", PR_O_TCP_SRV_KA, PR_CAP_BE, 0, 0 },
114
{ "transparent", PR_O_TRANSP, PR_CAP_BE, 0 },
129
{ "transparent", PR_O_TRANSP, PR_CAP_BE, 0, 0 },
120
135
/* proxy->options2 */
121
136
static const struct cfg_opt cfg_opts2[] =
123
138
#ifdef CONFIG_HAP_LINUX_SPLICE
124
{ "splice-request", PR_O2_SPLIC_REQ, PR_CAP_FE|PR_CAP_BE, 0 },
125
{ "splice-response", PR_O2_SPLIC_RTR, PR_CAP_FE|PR_CAP_BE, 0 },
126
{ "splice-auto", PR_O2_SPLIC_AUT, PR_CAP_FE|PR_CAP_BE, 0 },
139
{ "splice-request", PR_O2_SPLIC_REQ, PR_CAP_FE|PR_CAP_BE, 0, 0 },
140
{ "splice-response", PR_O2_SPLIC_RTR, PR_CAP_FE|PR_CAP_BE, 0, 0 },
141
{ "splice-auto", PR_O2_SPLIC_AUT, PR_CAP_FE|PR_CAP_BE, 0, 0 },
128
{ "accept-invalid-http-request", PR_O2_REQBUG_OK, PR_CAP_FE, 0 },
129
{ "accept-invalid-http-response", PR_O2_RSPBUG_OK, PR_CAP_BE, 0 },
130
{ "dontlog-normal", PR_O2_NOLOGNORM, PR_CAP_FE, 0 },
131
{ "log-separate-errors", PR_O2_LOGERRORS, PR_CAP_FE, 0 },
132
{ "independant-streams", PR_O2_INDEPSTR, PR_CAP_FE|PR_CAP_BE, 0 },
143
{ "accept-invalid-http-request", PR_O2_REQBUG_OK, PR_CAP_FE, 0, PR_MODE_HTTP },
144
{ "accept-invalid-http-response", PR_O2_RSPBUG_OK, PR_CAP_BE, 0, PR_MODE_HTTP },
145
{ "dontlog-normal", PR_O2_NOLOGNORM, PR_CAP_FE, 0, 0 },
146
{ "log-separate-errors", PR_O2_LOGERRORS, PR_CAP_FE, 0, 0 },
147
{ "log-health-checks", PR_O2_LOGHCHKS, PR_CAP_BE, 0, 0 },
148
{ "socket-stats", PR_O2_SOCKSTAT, PR_CAP_FE, 0, 0 },
149
{ "tcp-smart-accept", PR_O2_SMARTACC, PR_CAP_FE, 0, 0 },
150
{ "tcp-smart-connect", PR_O2_SMARTCON, PR_CAP_BE, 0, 0 },
151
{ "independant-streams", PR_O2_INDEPSTR, PR_CAP_FE|PR_CAP_BE, 0, 0 },
152
{ "http-use-proxy-header", PR_O2_USE_PXHDR, PR_CAP_FE, 0, PR_MODE_HTTP },
153
{ "http-pretend-keepalive", PR_O2_FAKE_KA, PR_CAP_FE, 0, PR_MODE_HTTP },
133
154
{ NULL, 0, 0, 0 }
893
/* Perform the most basic initialization of a proxy :
894
* memset(), list_init(*), reset_timeouts(*).
896
static void init_new_proxy(struct proxy *p)
898
memset(p, 0, sizeof(struct proxy));
899
LIST_INIT(&p->pendconns);
901
LIST_INIT(&p->req_acl);
902
LIST_INIT(&p->block_cond);
903
LIST_INIT(&p->redirect_rules);
904
LIST_INIT(&p->mon_fail_cond);
905
LIST_INIT(&p->switching_rules);
906
LIST_INIT(&p->force_persist_rules);
907
LIST_INIT(&p->sticking_rules);
908
LIST_INIT(&p->storersp_rules);
909
LIST_INIT(&p->tcp_req.inspect_rules);
910
LIST_INIT(&p->req_add);
911
LIST_INIT(&p->rsp_add);
913
/* Timeouts are defined as -1 */
914
proxy_reset_timeouts(p);
752
917
void init_default_instance()
754
memset(&defproxy, 0, sizeof(defproxy));
919
init_new_proxy(&defproxy);
755
920
defproxy.mode = PR_MODE_TCP;
756
921
defproxy.state = PR_STNEW;
757
922
defproxy.maxconn = cfg_maxpconn;
758
923
defproxy.conn_retries = CONN_RETRIES;
759
924
defproxy.logfac1 = defproxy.logfac2 = -1; /* log disabled */
761
LIST_INIT(&defproxy.pendconns);
762
LIST_INIT(&defproxy.acl);
763
LIST_INIT(&defproxy.block_cond);
764
LIST_INIT(&defproxy.mon_fail_cond);
765
LIST_INIT(&defproxy.switching_rules);
767
proxy_reset_timeouts(&defproxy);
926
defproxy.defsrv.inter = DEF_CHKINTR;
927
defproxy.defsrv.fastinter = 0;
928
defproxy.defsrv.downinter = 0;
929
defproxy.defsrv.rise = DEF_RISETIME;
930
defproxy.defsrv.fall = DEF_FALLTIME;
931
defproxy.defsrv.check_port = 0;
932
defproxy.defsrv.maxqueue = 0;
933
defproxy.defsrv.minconn = 0;
934
defproxy.defsrv.maxconn = 0;
935
defproxy.defsrv.slowstart = 0;
936
defproxy.defsrv.onerror = DEF_HANA_ONERR;
937
defproxy.defsrv.consecutive_errors_limit = DEF_HANA_ERRLIMIT;
938
defproxy.defsrv.uweight = defproxy.defsrv.iweight = 1;
942
static int create_cond_regex_rule(const char *file, int line,
943
struct proxy *px, int dir, int action, int flags,
944
const char *cmd, const char *reg, const char *repl,
945
const char **cond_start)
947
regex_t *preg = NULL;
950
struct acl_cond *cond = NULL;
952
if (px == &defproxy) {
953
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, line, cmd);
954
err_code |= ERR_ALERT | ERR_FATAL;
959
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, line, cmd);
960
err_code |= ERR_ALERT | ERR_FATAL;
964
if (warnifnotcap(px, PR_CAP_RS, file, line, cmd, NULL))
965
err_code |= ERR_WARN;
968
(strcmp(*cond_start, "if") == 0 || strcmp(*cond_start, "unless") == 0)) {
969
if ((cond = build_acl_cond(file, line, px, cond_start)) == NULL) {
970
Alert("parsing [%s:%d] : error detected while parsing a '%s' condition.\n",
972
err_code |= ERR_ALERT | ERR_FATAL;
976
else if (cond_start && **cond_start) {
977
Alert("parsing [%s:%d] : '%s' : Expecting nothing, 'if', or 'unless', got '%s'.\n",
978
file, line, cmd, *cond_start);
979
err_code |= ERR_ALERT | ERR_FATAL;
983
if (dir == ACL_DIR_REQ)
984
err_code |= warnif_cond_requires_resp(cond, file, line);
986
err_code |= warnif_cond_requires_req(cond, file, line);
988
preg = calloc(1, sizeof(regex_t));
990
Alert("parsing [%s:%d] : '%s' : not enough memory to build regex.\n", file, line, cmd);
991
err_code = ERR_ALERT | ERR_FATAL;
995
if (regcomp(preg, reg, REG_EXTENDED | flags) != 0) {
996
Alert("parsing [%s:%d] : '%s' : bad regular expression '%s'.\n", file, line, cmd, reg);
997
err_code = ERR_ALERT | ERR_FATAL;
1001
err = chain_regex((dir == ACL_DIR_REQ) ? &px->req_exp : &px->rsp_exp,
1002
preg, action, repl ? strdup(repl) : NULL, cond);
1004
Alert("parsing [%s:%d] : '%s' : invalid character or unterminated sequence in replacement string near '%c'.\n",
1005
file, line, cmd, *err);
1006
err_code |= ERR_ALERT | ERR_FATAL;
1010
if (dir == ACL_DIR_REQ && warnif_misplaced_reqxxx(px, file, line, cmd))
1011
err_code |= ERR_WARN;
1685
2178
LIST_INIT(&rule->list);
1686
2179
LIST_ADDQ(&curproxy->switching_rules, &rule->list);
2181
else if (!strcmp(args[0], "force-persist")) {
2182
struct force_persist_rule *rule;
2184
if (curproxy == &defproxy) {
2185
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2186
err_code |= ERR_ALERT | ERR_FATAL;
2190
if (warnifnotcap(curproxy, PR_CAP_FE|PR_CAP_BE, file, linenum, args[0], NULL))
2191
err_code |= ERR_WARN;
2193
if (strcmp(args[1], "if") != 0 && strcmp(args[1], "unless") != 0) {
2194
Alert("parsing [%s:%d] : '%s' requires either 'if' or 'unless' followed by a condition.\n",
2195
file, linenum, args[0]);
2196
err_code |= ERR_ALERT | ERR_FATAL;
2200
if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + 1)) == NULL) {
2201
Alert("parsing [%s:%d] : error detected while parsing a 'force-persist' rule.\n",
2203
err_code |= ERR_ALERT | ERR_FATAL;
2207
err_code |= warnif_cond_requires_resp(cond, file, linenum);
2209
rule = (struct force_persist_rule *)calloc(1, sizeof(*rule));
2211
LIST_INIT(&rule->list);
2212
LIST_ADDQ(&curproxy->force_persist_rules, &rule->list);
2214
else if (!strcmp(args[0], "stick-table")) {
2217
curproxy->table.type = (unsigned int)-1;
2218
while (*args[myidx]) {
2221
if (strcmp(args[myidx], "size") == 0) {
2223
if (!*(args[myidx])) {
2224
Alert("parsing [%s:%d] : stick-table: missing argument after '%s'.\n",
2225
file, linenum, args[myidx-1]);
2226
err_code |= ERR_ALERT | ERR_FATAL;
2229
if ((err = parse_size_err(args[myidx], &curproxy->table.size))) {
2230
Alert("parsing [%s:%d] : stick-table: unexpected character '%c' in argument of '%s'.\n",
2231
file, linenum, *err, args[myidx-1]);
2232
err_code |= ERR_ALERT | ERR_FATAL;
2237
else if (strcmp(args[myidx], "expire") == 0) {
2239
if (!*(args[myidx])) {
2240
Alert("parsing [%s:%d] : stick-table: missing argument after '%s'.\n",
2241
file, linenum, args[myidx-1]);
2242
err_code |= ERR_ALERT | ERR_FATAL;
2245
err = parse_time_err(args[myidx], &val, TIME_UNIT_MS);
2247
Alert("parsing [%s:%d] : stick-table: unexpected character '%c' in argument of '%s'.\n",
2248
file, linenum, *err, args[myidx-1]);
2249
err_code |= ERR_ALERT | ERR_FATAL;
2252
curproxy->table.expire = val;
2255
else if (strcmp(args[myidx], "nopurge") == 0) {
2256
curproxy->table.nopurge = 1;
2259
else if (strcmp(args[myidx], "type") == 0) {
2261
if (stktable_parse_type(args, &myidx, &curproxy->table.type, &curproxy->table.key_size) != 0) {
2262
Alert("parsing [%s:%d] : stick-table: unknown type '%s'.\n",
2263
file, linenum, args[myidx]);
2264
err_code |= ERR_ALERT | ERR_FATAL;
2267
/* myidx already points to next arg */
2270
Alert("parsing [%s:%d] : stick-table: unknown argument '%s'.\n",
2271
file, linenum, args[myidx]);
2272
err_code |= ERR_ALERT | ERR_FATAL;
2277
if (!curproxy->table.size) {
2278
Alert("parsing [%s:%d] : stick-table: missing size.\n",
2280
err_code |= ERR_ALERT | ERR_FATAL;
2284
if (curproxy->table.type == (unsigned int)-1) {
2285
Alert("parsing [%s:%d] : stick-table: missing type.\n",
2287
err_code |= ERR_ALERT | ERR_FATAL;
2291
else if (!strcmp(args[0], "stick")) {
2292
struct sticking_rule *rule;
2293
struct pattern_expr *expr;
2295
const char *name = NULL;
2298
if (curproxy == &defproxy) {
2299
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2300
err_code |= ERR_ALERT | ERR_FATAL;
2304
if (warnifnotcap(curproxy, PR_CAP_BE, file, linenum, args[0], NULL)) {
2305
err_code |= ERR_WARN;
2310
if ((strcmp(args[myidx], "store") == 0) ||
2311
(strcmp(args[myidx], "store-request") == 0)) {
2313
flags = STK_IS_STORE;
2315
else if (strcmp(args[myidx], "store-response") == 0) {
2317
flags = STK_IS_STORE | STK_ON_RSP;
2319
else if (strcmp(args[myidx], "match") == 0) {
2321
flags = STK_IS_MATCH;
2323
else if (strcmp(args[myidx], "on") == 0) {
2325
flags = STK_IS_MATCH | STK_IS_STORE;
2328
Alert("parsing [%s:%d] : '%s' expects 'on', 'match', or 'store'.\n", file, linenum, args[0]);
2329
err_code |= ERR_ALERT | ERR_FATAL;
2333
if (*(args[myidx]) == 0) {
2334
Alert("parsing [%s:%d] : '%s' expects a fetch method.\n", file, linenum, args[0]);
2335
err_code |= ERR_ALERT | ERR_FATAL;
2339
expr = pattern_parse_expr(args, &myidx);
2341
Alert("parsing [%s:%d] : '%s': unknown fetch method '%s'.\n", file, linenum, args[0], args[myidx]);
2342
err_code |= ERR_ALERT | ERR_FATAL;
2346
if (flags & STK_ON_RSP) {
2347
if (!(expr->fetch->dir & PATTERN_FETCH_RTR)) {
2348
Alert("parsing [%s:%d] : '%s': fetch method '%s' can not be used on response.\n",
2349
file, linenum, args[0], expr->fetch->kw);
2350
err_code |= ERR_ALERT | ERR_FATAL;
2354
if (!(expr->fetch->dir & PATTERN_FETCH_REQ)) {
2355
Alert("parsing [%s:%d] : '%s': fetch method '%s' can not be used on request.\n",
2356
file, linenum, args[0], expr->fetch->kw);
2357
err_code |= ERR_ALERT | ERR_FATAL;
2362
if (strcmp(args[myidx], "table") == 0) {
2364
name = args[myidx++];
2367
if (strcmp(args[myidx], "if") == 0 || strcmp(args[myidx], "unless") == 0) {
2368
if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args + myidx)) == NULL) {
2369
Alert("parsing [%s:%d] : '%s': error detected while parsing sticking condition.\n",
2370
file, linenum, args[0]);
2371
err_code |= ERR_ALERT | ERR_FATAL;
2375
else if (*(args[myidx])) {
2376
Alert("parsing [%s:%d] : '%s': unknown keyword '%s'.\n",
2377
file, linenum, args[0], args[myidx]);
2378
err_code |= ERR_ALERT | ERR_FATAL;
2382
err_code |= warnif_cond_requires_resp(cond, file, linenum);
2384
rule = (struct sticking_rule *)calloc(1, sizeof(*rule));
2387
rule->flags = flags;
2388
rule->table.name = name ? strdup(name) : NULL;
2389
LIST_INIT(&rule->list);
2390
if (flags & STK_ON_RSP)
2391
LIST_ADDQ(&curproxy->storersp_rules, &rule->list);
2393
LIST_ADDQ(&curproxy->sticking_rules, &rule->list);
1688
2395
else if (!strcmp(args[0], "stats")) {
1689
2396
if (warnifnotcap(curproxy, PR_CAP_BE, file, linenum, args[0], NULL))
1690
2397
err_code |= ERR_WARN;
2832
3874
else if (!strcmp(args[0], "cliexp") || !strcmp(args[0], "reqrep")) { /* replace request header from a regex */
2834
if (curproxy == &defproxy) {
2835
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2836
err_code |= ERR_ALERT | ERR_FATAL;
2839
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
2840
err_code |= ERR_WARN;
2842
if (*(args[1]) == 0 || *(args[2]) == 0) {
3875
if (*(args[2]) == 0) {
2843
3876
Alert("parsing [%s:%d] : '%s' expects <search> and <replace> as arguments.\n",
2844
3877
file, linenum, args[0]);
2845
3878
err_code |= ERR_ALERT | ERR_FATAL;
2849
preg = calloc(1, sizeof(regex_t));
2850
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
2851
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
2852
err_code |= ERR_ALERT | ERR_FATAL;
3882
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3883
ACL_DIR_REQ, ACT_REPLACE, 0,
3884
args[0], args[1], args[2], (const char **)args+3);
3885
if (err_code & ERR_FATAL)
2856
err = chain_regex(&curproxy->req_exp, preg, ACT_REPLACE, strdup(args[2]));
2858
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
2859
file, linenum, *err);
2860
err_code |= ERR_ALERT | ERR_FATAL;
2862
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
2864
3888
else if (!strcmp(args[0], "reqdel")) { /* delete request header from a regex */
2866
if (curproxy == &defproxy) {
2867
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2868
err_code |= ERR_ALERT | ERR_FATAL;
2871
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
2872
err_code |= ERR_WARN;
2874
if (*(args[1]) == 0) {
2875
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
2876
err_code |= ERR_ALERT | ERR_FATAL;
2880
preg = calloc(1, sizeof(regex_t));
2881
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
2882
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
2883
err_code |= ERR_ALERT | ERR_FATAL;
2887
chain_regex(&curproxy->req_exp, preg, ACT_REMOVE, NULL);
2888
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3889
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3890
ACL_DIR_REQ, ACT_REMOVE, 0,
3891
args[0], args[1], NULL, (const char **)args+2);
3892
if (err_code & ERR_FATAL)
2890
3895
else if (!strcmp(args[0], "reqdeny")) { /* deny a request if a header matches this regex */
2892
if (curproxy == &defproxy) {
2893
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2894
err_code |= ERR_ALERT | ERR_FATAL;
2897
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
2898
err_code |= ERR_WARN;
2900
if (*(args[1]) == 0) {
2901
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
2902
err_code |= ERR_ALERT | ERR_FATAL;
2906
preg = calloc(1, sizeof(regex_t));
2907
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
2908
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
2909
err_code |= ERR_ALERT | ERR_FATAL;
2913
chain_regex(&curproxy->req_exp, preg, ACT_DENY, NULL);
2914
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3896
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3897
ACL_DIR_REQ, ACT_DENY, 0,
3898
args[0], args[1], NULL, (const char **)args+2);
3899
if (err_code & ERR_FATAL)
2916
3902
else if (!strcmp(args[0], "reqpass")) { /* pass this header without allowing or denying the request */
2918
if (curproxy == &defproxy) {
2919
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2920
err_code |= ERR_ALERT | ERR_FATAL;
2923
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
2924
err_code |= ERR_WARN;
2926
if (*(args[1]) == 0) {
2927
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
2928
err_code |= ERR_ALERT | ERR_FATAL;
2932
preg = calloc(1, sizeof(regex_t));
2933
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
2934
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
2935
err_code |= ERR_ALERT | ERR_FATAL;
2939
chain_regex(&curproxy->req_exp, preg, ACT_PASS, NULL);
2940
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3903
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3904
ACL_DIR_REQ, ACT_PASS, 0,
3905
args[0], args[1], NULL, (const char **)args+2);
3906
if (err_code & ERR_FATAL)
2942
3909
else if (!strcmp(args[0], "reqallow")) { /* allow a request if a header matches this regex */
2944
if (curproxy == &defproxy) {
2945
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2946
err_code |= ERR_ALERT | ERR_FATAL;
2949
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
2950
err_code |= ERR_WARN;
2952
if (*(args[1]) == 0) {
2953
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
2954
err_code |= ERR_ALERT | ERR_FATAL;
2958
preg = calloc(1, sizeof(regex_t));
2959
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
2960
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
2961
err_code |= ERR_ALERT | ERR_FATAL;
2965
chain_regex(&curproxy->req_exp, preg, ACT_ALLOW, NULL);
2966
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3910
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3911
ACL_DIR_REQ, ACT_ALLOW, 0,
3912
args[0], args[1], NULL, (const char **)args+2);
3913
if (err_code & ERR_FATAL)
2968
3916
else if (!strcmp(args[0], "reqtarpit")) { /* tarpit a request if a header matches this regex */
2970
if (curproxy == &defproxy) {
2971
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2972
err_code |= ERR_ALERT | ERR_FATAL;
2975
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
2976
err_code |= ERR_WARN;
2978
if (*(args[1]) == 0) {
2979
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
2980
err_code |= ERR_ALERT | ERR_FATAL;
2984
preg = calloc(1, sizeof(regex_t));
2985
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
2986
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
2987
err_code |= ERR_ALERT | ERR_FATAL;
2991
chain_regex(&curproxy->req_exp, preg, ACT_TARPIT, NULL);
2992
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3917
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3918
ACL_DIR_REQ, ACT_TARPIT, 0,
3919
args[0], args[1], NULL, (const char **)args+2);
3920
if (err_code & ERR_FATAL)
2994
3923
else if (!strcmp(args[0], "reqsetbe")) { /* switch the backend from a regex, respecting case */
2996
if (curproxy == &defproxy) {
2997
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2998
err_code |= ERR_ALERT | ERR_FATAL;
3001
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3002
err_code |= ERR_WARN;
3004
if (*(args[1]) == 0 || *(args[2]) == 0) {
3005
Alert("parsing [%s:%d] : '%s' expects <search> and <target> as arguments.\n",
3006
file, linenum, args[0]);
3007
err_code |= ERR_ALERT | ERR_FATAL;
3011
preg = calloc(1, sizeof(regex_t));
3012
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
3013
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3014
err_code |= ERR_ALERT | ERR_FATAL;
3018
chain_regex(&curproxy->req_exp, preg, ACT_SETBE, strdup(args[2]));
3019
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3924
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3925
ACL_DIR_REQ, ACT_SETBE, 0,
3926
args[0], args[1], args[2], (const char **)args+3);
3927
if (err_code & ERR_FATAL)
3021
3930
else if (!strcmp(args[0], "reqisetbe")) { /* switch the backend from a regex, ignoring case */
3023
if (curproxy == &defproxy) {
3024
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3025
err_code |= ERR_ALERT | ERR_FATAL;
3028
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3029
err_code |= ERR_WARN;
3031
if (*(args[1]) == 0 || *(args[2]) == 0) {
3032
Alert("parsing [%s:%d] : '%s' expects <search> and <target> as arguments.\n",
3033
file, linenum, args[0]);
3034
err_code |= ERR_ALERT | ERR_FATAL;
3038
preg = calloc(1, sizeof(regex_t));
3039
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3040
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3041
err_code |= ERR_ALERT | ERR_FATAL;
3045
chain_regex(&curproxy->req_exp, preg, ACT_SETBE, strdup(args[2]));
3046
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3931
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3932
ACL_DIR_REQ, ACT_SETBE, REG_ICASE,
3933
args[0], args[1], args[2], (const char **)args+3);
3934
if (err_code & ERR_FATAL)
3048
3937
else if (!strcmp(args[0], "reqirep")) { /* replace request header from a regex, ignoring case */
3050
if (curproxy == &defproxy) {
3051
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3052
err_code |= ERR_ALERT | ERR_FATAL;
3055
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3056
err_code |= ERR_WARN;
3058
if (*(args[1]) == 0 || *(args[2]) == 0) {
3938
if (*(args[2]) == 0) {
3059
3939
Alert("parsing [%s:%d] : '%s' expects <search> and <replace> as arguments.\n",
3060
3940
file, linenum, args[0]);
3061
3941
err_code |= ERR_ALERT | ERR_FATAL;
3065
preg = calloc(1, sizeof(regex_t));
3066
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3067
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3068
err_code |= ERR_ALERT | ERR_FATAL;
3072
err = chain_regex(&curproxy->req_exp, preg, ACT_REPLACE, strdup(args[2]));
3074
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3075
file, linenum, *err);
3076
err_code |= ERR_ALERT | ERR_FATAL;
3079
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3945
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3946
ACL_DIR_REQ, ACT_REPLACE, REG_ICASE,
3947
args[0], args[1], args[2], (const char **)args+3);
3948
if (err_code & ERR_FATAL)
3081
3951
else if (!strcmp(args[0], "reqidel")) { /* delete request header from a regex ignoring case */
3083
if (curproxy == &defproxy) {
3084
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3085
err_code |= ERR_ALERT | ERR_FATAL;
3088
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3089
err_code |= ERR_WARN;
3091
if (*(args[1]) == 0) {
3092
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
3093
err_code |= ERR_ALERT | ERR_FATAL;
3097
preg = calloc(1, sizeof(regex_t));
3098
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3099
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3100
err_code |= ERR_ALERT | ERR_FATAL;
3104
chain_regex(&curproxy->req_exp, preg, ACT_REMOVE, NULL);
3105
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3952
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3953
ACL_DIR_REQ, ACT_REMOVE, REG_ICASE,
3954
args[0], args[1], NULL, (const char **)args+2);
3955
if (err_code & ERR_FATAL)
3107
3958
else if (!strcmp(args[0], "reqideny")) { /* deny a request if a header matches this regex ignoring case */
3109
if (curproxy == &defproxy) {
3110
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3111
err_code |= ERR_ALERT | ERR_FATAL;
3114
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3115
err_code |= ERR_WARN;
3117
if (*(args[1]) == 0) {
3118
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
3119
err_code |= ERR_ALERT | ERR_FATAL;
3123
preg = calloc(1, sizeof(regex_t));
3124
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3125
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3126
err_code |= ERR_ALERT | ERR_FATAL;
3130
chain_regex(&curproxy->req_exp, preg, ACT_DENY, NULL);
3131
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3959
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3960
ACL_DIR_REQ, ACT_DENY, REG_ICASE,
3961
args[0], args[1], NULL, (const char **)args+2);
3962
if (err_code & ERR_FATAL)
3133
3965
else if (!strcmp(args[0], "reqipass")) { /* pass this header without allowing or denying the request */
3135
if (curproxy == &defproxy) {
3136
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3137
err_code |= ERR_ALERT | ERR_FATAL;
3140
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3141
err_code |= ERR_WARN;
3143
if (*(args[1]) == 0) {
3144
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
3145
err_code |= ERR_ALERT | ERR_FATAL;
3149
preg = calloc(1, sizeof(regex_t));
3150
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3151
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3152
err_code |= ERR_ALERT | ERR_FATAL;
3156
chain_regex(&curproxy->req_exp, preg, ACT_PASS, NULL);
3157
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3966
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3967
ACL_DIR_REQ, ACT_PASS, REG_ICASE,
3968
args[0], args[1], NULL, (const char **)args+2);
3969
if (err_code & ERR_FATAL)
3159
3972
else if (!strcmp(args[0], "reqiallow")) { /* allow a request if a header matches this regex ignoring case */
3161
if (curproxy == &defproxy) {
3162
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3163
err_code |= ERR_ALERT | ERR_FATAL;
3166
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3167
err_code |= ERR_WARN;
3169
if (*(args[1]) == 0) {
3170
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
3171
err_code |= ERR_ALERT | ERR_FATAL;
3175
preg = calloc(1, sizeof(regex_t));
3176
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3177
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3178
err_code |= ERR_ALERT | ERR_FATAL;
3182
chain_regex(&curproxy->req_exp, preg, ACT_ALLOW, NULL);
3183
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3973
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3974
ACL_DIR_REQ, ACT_ALLOW, REG_ICASE,
3975
args[0], args[1], NULL, (const char **)args+2);
3976
if (err_code & ERR_FATAL)
3185
3979
else if (!strcmp(args[0], "reqitarpit")) { /* tarpit a request if a header matches this regex ignoring case */
3187
if (curproxy == &defproxy) {
3188
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3189
err_code |= ERR_ALERT | ERR_FATAL;
3192
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3193
err_code |= ERR_WARN;
3195
if (*(args[1]) == 0) {
3196
Alert("parsing [%s:%d] : '%s' expects <regex> as an argument.\n", file, linenum, args[0]);
3197
err_code |= ERR_ALERT | ERR_FATAL;
3201
preg = calloc(1, sizeof(regex_t));
3202
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3203
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3204
err_code |= ERR_ALERT | ERR_FATAL;
3208
chain_regex(&curproxy->req_exp, preg, ACT_TARPIT, NULL);
3209
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
3980
err_code |= create_cond_regex_rule(file, linenum, curproxy,
3981
ACL_DIR_REQ, ACT_TARPIT, REG_ICASE,
3982
args[0], args[1], NULL, (const char **)args+2);
3983
if (err_code & ERR_FATAL)
3211
3986
else if (!strcmp(args[0], "reqadd")) { /* add request header */
3987
struct cond_wordlist *wl;
3212
3989
if (curproxy == &defproxy) {
3213
3990
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3214
3991
err_code |= ERR_ALERT | ERR_FATAL;
3217
3994
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3218
3995
err_code |= ERR_WARN;
3220
if (curproxy->nb_reqadd >= MAX_NEWHDR) {
3221
Alert("parsing [%s:%d] : too many '%s'. Continuing.\n", file, linenum, args[0]);
3222
err_code |= ERR_ALERT | ERR_FATAL;
3226
3997
if (*(args[1]) == 0) {
3227
3998
Alert("parsing [%s:%d] : '%s' expects <header> as an argument.\n", file, linenum, args[0]);
3228
3999
err_code |= ERR_ALERT | ERR_FATAL;
3232
curproxy->req_add[curproxy->nb_reqadd++] = strdup(args[1]);
4003
if ((strcmp(args[2], "if") == 0 || strcmp(args[2], "unless") == 0)) {
4004
if ((cond = build_acl_cond(file, linenum, curproxy, (const char **)args+2)) == NULL) {
4005
Alert("parsing [%s:%d] : error detected while parsing a '%s' condition.\n",
4006
file, linenum, args[0]);
4007
err_code |= ERR_ALERT | ERR_FATAL;
4010
err_code |= warnif_cond_requires_resp(cond, file, linenum);
4012
else if (*args[2]) {
4013
Alert("parsing [%s:%d] : '%s' : Expecting nothing, 'if', or 'unless', got '%s'.\n",
4014
file, linenum, args[0], args[2]);
4015
err_code |= ERR_ALERT | ERR_FATAL;
4019
wl = calloc(1, sizeof(*wl));
4021
wl->s = strdup(args[1]);
4022
LIST_ADDQ(&curproxy->req_add, &wl->list);
3233
4023
warnif_misplaced_reqadd(curproxy, file, linenum, args[0]);
3235
4025
else if (!strcmp(args[0], "srvexp") || !strcmp(args[0], "rsprep")) { /* replace response header from a regex */
3238
if (*(args[1]) == 0 || *(args[2]) == 0) {
4026
if (*(args[2]) == 0) {
3239
4027
Alert("parsing [%s:%d] : '%s' expects <search> and <replace> as arguments.\n",
3240
4028
file, linenum, args[0]);
3241
4029
err_code |= ERR_ALERT | ERR_FATAL;
3244
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3245
err_code |= ERR_WARN;
3247
preg = calloc(1, sizeof(regex_t));
3248
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
3249
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3250
err_code |= ERR_ALERT | ERR_FATAL;
3254
err = chain_regex(&curproxy->rsp_exp, preg, ACT_REPLACE, strdup(args[2]));
3256
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3257
file, linenum, *err);
3258
err_code |= ERR_ALERT | ERR_FATAL;
3261
warnif_misplaced_reqxxx(curproxy, file, linenum, args[0]);
4033
err_code |= create_cond_regex_rule(file, linenum, curproxy,
4034
ACL_DIR_RTR, ACT_REPLACE, 0,
4035
args[0], args[1], args[2], (const char **)args+3);
4036
if (err_code & ERR_FATAL)
3263
4039
else if (!strcmp(args[0], "rspdel")) { /* delete response header from a regex */
3265
if (curproxy == &defproxy) {
3266
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3267
err_code |= ERR_ALERT | ERR_FATAL;
3270
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3271
err_code |= ERR_WARN;
3273
if (*(args[1]) == 0) {
3274
Alert("parsing [%s:%d] : '%s' expects <search> as an argument.\n", file, linenum, args[0]);
3275
err_code |= ERR_ALERT | ERR_FATAL;
3279
preg = calloc(1, sizeof(regex_t));
3280
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
3281
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3282
err_code |= ERR_ALERT | ERR_FATAL;
3286
err = chain_regex(&curproxy->rsp_exp, preg, ACT_REMOVE, strdup(args[2]));
3288
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3289
file, linenum, *err);
3290
err_code |= ERR_ALERT | ERR_FATAL;
4040
err_code |= create_cond_regex_rule(file, linenum, curproxy,
4041
ACL_DIR_RTR, ACT_REMOVE, 0,
4042
args[0], args[1], NULL, (const char **)args+2);
4043
if (err_code & ERR_FATAL)
3294
4046
else if (!strcmp(args[0], "rspdeny")) { /* block response header from a regex */
3296
if (curproxy == &defproxy) {
3297
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3298
err_code |= ERR_ALERT | ERR_FATAL;
3301
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3302
err_code |= ERR_WARN;
3304
if (*(args[1]) == 0) {
3305
Alert("parsing [%s:%d] : '%s' expects <search> as an argument.\n", file, linenum, args[0]);
3306
err_code |= ERR_ALERT | ERR_FATAL;
3310
preg = calloc(1, sizeof(regex_t));
3311
if (regcomp(preg, args[1], REG_EXTENDED) != 0) {
3312
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3313
err_code |= ERR_ALERT | ERR_FATAL;
3317
err = chain_regex(&curproxy->rsp_exp, preg, ACT_DENY, strdup(args[2]));
3319
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3320
file, linenum, *err);
3321
err_code |= ERR_ALERT | ERR_FATAL;
4047
err_code |= create_cond_regex_rule(file, linenum, curproxy,
4048
ACL_DIR_RTR, ACT_DENY, 0,
4049
args[0], args[1], NULL, (const char **)args+2);
4050
if (err_code & ERR_FATAL)
3325
4053
else if (!strcmp(args[0], "rspirep")) { /* replace response header from a regex ignoring case */
3327
if (curproxy == &defproxy) {
3328
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3329
err_code |= ERR_ALERT | ERR_FATAL;
3332
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3333
err_code |= ERR_WARN;
3335
if (*(args[1]) == 0 || *(args[2]) == 0) {
4054
if (*(args[2]) == 0) {
3336
4055
Alert("parsing [%s:%d] : '%s' expects <search> and <replace> as arguments.\n",
3337
4056
file, linenum, args[0]);
3338
4057
err_code |= ERR_ALERT | ERR_FATAL;
3342
preg = calloc(1, sizeof(regex_t));
3343
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3344
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3345
err_code |= ERR_ALERT | ERR_FATAL;
3349
err = chain_regex(&curproxy->rsp_exp, preg, ACT_REPLACE, strdup(args[2]));
3351
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3352
file, linenum, *err);
3353
err_code |= ERR_ALERT | ERR_FATAL;
4061
err_code |= create_cond_regex_rule(file, linenum, curproxy,
4062
ACL_DIR_RTR, ACT_REPLACE, REG_ICASE,
4063
args[0], args[1], args[2], (const char **)args+3);
4064
if (err_code & ERR_FATAL)
3357
4067
else if (!strcmp(args[0], "rspidel")) { /* delete response header from a regex ignoring case */
3359
if (curproxy == &defproxy) {
3360
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3361
err_code |= ERR_ALERT | ERR_FATAL;
3364
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3365
err_code |= ERR_WARN;
3367
if (*(args[1]) == 0) {
3368
Alert("parsing [%s:%d] : '%s' expects <search> as an argument.\n", file, linenum, args[0]);
3369
err_code |= ERR_ALERT | ERR_FATAL;
3373
preg = calloc(1, sizeof(regex_t));
3374
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3375
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3376
err_code |= ERR_ALERT | ERR_FATAL;
3380
err = chain_regex(&curproxy->rsp_exp, preg, ACT_REMOVE, strdup(args[2]));
3382
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3383
file, linenum, *err);
3384
err_code |= ERR_ALERT | ERR_FATAL;
4068
err_code |= create_cond_regex_rule(file, linenum, curproxy,
4069
ACL_DIR_RTR, ACT_REMOVE, REG_ICASE,
4070
args[0], args[1], NULL, (const char **)args+2);
4071
if (err_code & ERR_FATAL)
3388
4074
else if (!strcmp(args[0], "rspideny")) { /* block response header from a regex ignoring case */
3390
if (curproxy == &defproxy) {
3391
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3392
err_code |= ERR_ALERT | ERR_FATAL;
3395
else if (warnifnotcap(curproxy, PR_CAP_RS, file, linenum, args[0], NULL))
3396
err_code |= ERR_WARN;
3398
if (*(args[1]) == 0) {
3399
Alert("parsing [%s:%d] : '%s' expects <search> as an argument.\n", file, linenum, args[0]);
3400
err_code |= ERR_ALERT | ERR_FATAL;
3404
preg = calloc(1, sizeof(regex_t));
3405
if (regcomp(preg, args[1], REG_EXTENDED | REG_ICASE) != 0) {
3406
Alert("parsing [%s:%d] : bad regular expression '%s'.\n", file, linenum, args[1]);
3407
err_code |= ERR_ALERT | ERR_FATAL;
3411
err = chain_regex(&curproxy->rsp_exp, preg, ACT_DENY, strdup(args[2]));
3413
Alert("parsing [%s:%d] : invalid character or unterminated sequence in replacement string near '%c'.\n",
3414
file, linenum, *err);
3415
err_code |= ERR_ALERT | ERR_FATAL;
4075
err_code |= create_cond_regex_rule(file, linenum, curproxy,
4076
ACL_DIR_RTR, ACT_DENY, REG_ICASE,
4077
args[0], args[1], NULL, (const char **)args+2);
4078
if (err_code & ERR_FATAL)
3419
4081
else if (!strcmp(args[0], "rspadd")) { /* add response header */
4082
struct cond_wordlist *wl;
3420
4084
if (curproxy == &defproxy) {
3421
4085
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
3422
4086
err_code |= ERR_ALERT | ERR_FATAL;
3576
4251
return err_code;
4255
cfg_parse_users(const char *file, int linenum, char **args, int kwm)
4261
if (!strcmp(args[0], "userlist")) { /* new userlist */
4262
struct userlist *newul;
4265
Alert("parsing [%s:%d]: '%s' expects <name> as arguments.\n",
4266
file, linenum, args[0]);
4267
err_code |= ERR_ALERT | ERR_FATAL;
4271
err = invalid_char(args[1]);
4273
Alert("parsing [%s:%d]: character '%c' is not permitted in '%s' name '%s'.\n",
4274
file, linenum, *err, args[0], args[1]);
4275
err_code |= ERR_ALERT | ERR_FATAL;
4279
for (newul = userlist; newul; newul = newul->next)
4280
if (!strcmp(newul->name, args[1])) {
4281
Warning("parsing [%s:%d]: ignoring duplicated userlist '%s'.\n",
4282
file, linenum, args[1]);
4283
err_code |= ERR_WARN;
4287
newul = (struct userlist *)calloc(1, sizeof(struct userlist));
4289
Alert("parsing [%s:%d]: out of memory.\n", file, linenum);
4290
err_code |= ERR_ALERT | ERR_ABORT;
4294
newul->groupusers = calloc(MAX_AUTH_GROUPS, sizeof(char *));
4295
newul->name = strdup(args[1]);
4297
if (!newul->groupusers | !newul->name) {
4298
Alert("parsing [%s:%d]: out of memory.\n", file, linenum);
4299
err_code |= ERR_ALERT | ERR_ABORT;
4303
newul->next = userlist;
4306
} else if (!strcmp(args[0], "group")) { /* new group */
4311
Alert("parsing [%s:%d]: '%s' expects <name> as arguments.\n",
4312
file, linenum, args[0]);
4313
err_code |= ERR_ALERT | ERR_FATAL;
4317
err = invalid_char(args[1]);
4319
Alert("parsing [%s:%d]: character '%c' is not permitted in '%s' name '%s'.\n",
4320
file, linenum, *err, args[0], args[1]);
4321
err_code |= ERR_ALERT | ERR_FATAL;
4325
for(i = 0; i < userlist->grpcnt; i++)
4326
if (!strcmp(userlist->groups[i], args[1])) {
4327
Warning("parsing [%s:%d]: ignoring duplicated group '%s' in userlist '%s'.\n",
4328
file, linenum, args[1], userlist->name);
4329
err_code |= ERR_ALERT;
4333
if (userlist->grpcnt >= MAX_AUTH_GROUPS) {
4334
Alert("parsing [%s:%d]: too many groups (%u) in in userlist '%s' while adding group '%s'.\n",
4335
file, linenum, MAX_AUTH_GROUPS, userlist->name, args[1]);
4336
err_code |= ERR_ALERT | ERR_FATAL;
4342
while (*args[cur_arg]) {
4343
if (!strcmp(args[cur_arg], "users")) {
4344
userlist->groupusers[userlist->grpcnt] = strdup(args[cur_arg + 1]);
4348
Alert("parsing [%s:%d]: '%s' only supports 'users' option.\n",
4349
file, linenum, args[0]);
4350
err_code |= ERR_ALERT | ERR_FATAL;
4355
userlist->groups[userlist->grpcnt++] = strdup(args[1]);
4356
} else if (!strcmp(args[0], "user")) { /* new user */
4357
struct auth_users *newuser;
4361
Alert("parsing [%s:%d]: '%s' expects <name> as arguments.\n",
4362
file, linenum, args[0]);
4363
err_code |= ERR_ALERT | ERR_FATAL;
4367
for (newuser = userlist->users; newuser; newuser = newuser->next)
4368
if (!strcmp(newuser->user, args[1])) {
4369
Warning("parsing [%s:%d]: ignoring duplicated user '%s' in userlist '%s'.\n",
4370
file, linenum, args[1], userlist->name);
4371
err_code |= ERR_ALERT;
4375
newuser = (struct auth_users *)calloc(1, sizeof(struct auth_users));
4377
Alert("parsing [%s:%d]: out of memory.\n", file, linenum);
4378
err_code |= ERR_ALERT | ERR_ABORT;
4382
newuser->user = strdup(args[1]);
4384
newuser->next = userlist->users;
4385
userlist->users = newuser;
4389
while (*args[cur_arg]) {
4390
if (!strcmp(args[cur_arg], "password")) {
4391
#ifndef CONFIG_HAP_CRYPT
4392
Warning("parsing [%s:%d]: no crypt(3) support compiled, encrypted passwords will not work.\n",
4394
err_code |= ERR_ALERT;
4396
newuser->pass = strdup(args[cur_arg + 1]);
4399
} else if (!strcmp(args[cur_arg], "insecure-password")) {
4400
newuser->pass = strdup(args[cur_arg + 1]);
4401
newuser->flags |= AU_O_INSECURE;
4404
} else if (!strcmp(args[cur_arg], "groups")) {
4405
newuser->u.groups = strdup(args[cur_arg + 1]);
4409
Alert("parsing [%s:%d]: '%s' only supports 'password', 'insecure-password' and 'groups' options.\n",
4410
file, linenum, args[0]);
4411
err_code |= ERR_ALERT | ERR_FATAL;
4416
Alert("parsing [%s:%d]: unknown keyword '%s' in '%s' section\n", file, linenum, args[0], "users");
4417
err_code |= ERR_ALERT | ERR_FATAL;
3581
4425
* This function reads and parses the configuration file given in the argument.