« back to all changes in this revision
Viewing changes to src/cfgparse.c
- browse files at revision 15
- compare with another revision
- download diff
- download tarball
- view history from revision 15
- Committer: Package Import Robot
- Author(s): Vincent Bernat, Apollon Oikonomopoulos, Vincent Bernat, Prach Pongpanich
- Date: 2013-05-06 20:02:14 UTC
- mfrom: (1.1.12)
- Revision ID: package-import@ubuntu.com-20130506200214-36s6p81fsa5zqybt
Tags: 1.4.23-1
[ Apollon Oikonomopoulos ]
* New upstream version (Closes: #643650, #678953)
+ This fixes CVE-2012-2942 (Closes: #674447)
+ This fixes CVE-2013-1912 (Closes: #704611)
* Ship vim addon as vim-haproxy (Closes: #702893)
* Check for the configuration file after sourcing /etc/default/haproxy
(Closes: #641762)
* Use /dev/log for logging by default (Closes: #649085)
[ Vincent Bernat ]
* debian/control:
+ add Vcs-* fields
+ switch maintenance to Debian HAProxy team. (Closes: #706890)
+ drop dependency to quilt: 3.0 (quilt) format is in use.
* debian/rules:
+ don't explicitly call dh_installchangelog.
+ use dh_installdirs to install directories.
+ use dh_install to install error and configuration files.
+ switch to `linux2628` Makefile target for Linux.
* debian/postrm:
+ remove haproxy user and group on purge.
* Ship a more minimal haproxy.cfg file: no `listen` blocks but `global`
and `defaults` block with appropriate configuration to use chroot and
logging in the expected way.
[ Prach Pongpanich ]
* debian/copyright:
+ add missing copyright holders
+ update years of copyright
* debian/rules:
+ build with -Wl,--as-needed to get rid of unnecessary depends
* Remove useless files in debian/haproxy.{docs,examples}
* Update debian/watch file, thanks to Bart Martens
* New upstream version (Closes: #643650, #678953)
+ This fixes CVE-2012-2942 (Closes: #674447)
+ This fixes CVE-2013-1912 (Closes: #704611)
* Ship vim addon as vim-haproxy (Closes: #702893)
* Check for the configuration file after sourcing /etc/default/haproxy
(Closes: #641762)
* Use /dev/log for logging by default (Closes: #649085)
[ Vincent Bernat ]
* debian/control:
+ add Vcs-* fields
+ switch maintenance to Debian HAProxy team. (Closes: #706890)
+ drop dependency to quilt: 3.0 (quilt) format is in use.
* debian/rules:
+ don't explicitly call dh_installchangelog.
+ use dh_installdirs to install directories.
+ use dh_install to install error and configuration files.
+ switch to `linux2628` Makefile target for Linux.
* debian/postrm:
+ remove haproxy user and group on purge.
* Ship a more minimal haproxy.cfg file: no `listen` blocks but `global`
and `defaults` block with appropriate configuration to use chroot and
logging in the expected way.
[ Prach Pongpanich ]
* debian/copyright:
+ add missing copyright holders
+ update years of copyright
* debian/rules:
+ build with -Wl,--as-needed to get rid of unnecessary depends
* Remove useless files in debian/haproxy.{docs,examples}
* Update debian/watch file, thanks to Bart Martens
- files added:
- .pc/.quilt_patches
- .pc/0001-Replace-bash-with-sh-and-fix-bashisms.patch
- .pc/0001-Replace-bash-with-sh-and-fix-bashisms.patch/examples
- .pc/0002-Fix-typo-in-src-haproxy.c.patch
- .pc/0002-Fix-typo-in-src-haproxy.c.patch/src
- contrib/iprange
- files removed:
- .pc/bashism
- .pc/bashism/examples
- files modified:
- .pc/applied-patches
added
removed
src/cfgparse.c
151
151
{ "independant-streams", PR_O2_INDEPSTR, PR_CAP_FE|PR_CAP_BE, 0, 0 },
152
152
{ "http-use-proxy-header", PR_O2_USE_PXHDR, PR_CAP_FE, 0, PR_MODE_HTTP },
153
153
{ "http-pretend-keepalive", PR_O2_FAKE_KA, PR_CAP_FE|PR_CAP_BE, 0, PR_MODE_HTTP },
154
{ "http-no-delay", PR_O2_NODELAY, PR_CAP_FE|PR_CAP_BE, 0, PR_MODE_HTTP },
154
155
{ NULL, 0, 0, 0 }
155
156
};
156
157
511
512
global.tune.bufsize = atol(args[1]);
512
513
if (global.tune.maxrewrite >= global.tune.bufsize / 2)
513
514
global.tune.maxrewrite = global.tune.bufsize / 2;
515
trashlen = global.tune.bufsize;
516
trash = realloc(trash, trashlen);
514
517
}
515
518
else if (!strcmp(args[0], "tune.maxrewrite")) {
516
519
if (*(args[1]) == 0) {
904
907
continue;
905
908
if (strcmp(kwl->kw[index].kw, args[0]) == 0) {
906
909
/* prepare error message just in case */
907
snprintf(trash, sizeof(trash),
910
snprintf(trash, trashlen,
908
911
"error near '%s' in '%s' section", args[0], "global");
909
rc = kwl->kw[index].parse(args, CFG_GLOBAL, NULL, NULL, trash, sizeof(trash));
912
rc = kwl->kw[index].parse(args, CFG_GLOBAL, NULL, NULL, trash, trashlen);
910
913
if (rc < 0) {
911
914
Alert("parsing [%s:%d] : %s\n", file, linenum, trash);
912
915
err_code |= ERR_ALERT | ERR_FATAL;
1133
1136
init_new_proxy(curproxy);
1134
1137
curproxy->next = proxy;
1135
1138
proxy = curproxy;
1136
curproxy->conf.file = file;
1139
curproxy->conf.file = strdup(file);
1137
1140
curproxy->conf.line = linenum;
1138
1141
curproxy->last_change = now.tv_sec;
1139
1142
curproxy->id = strdup(args[1]);
1181
1184
curproxy->orgto_hdr_name = strdup(defproxy.orgto_hdr_name);
1182
1185
}
1183
1186
1187
if (defproxy.server_id_hdr_len) {
1188
curproxy->server_id_hdr_len = defproxy.server_id_hdr_len;
1189
curproxy->server_id_hdr_name = strdup(defproxy.server_id_hdr_name);
1190
}
1191
1184
1192
if (curproxy->cap & PR_CAP_FE) {
1185
1193
curproxy->maxconn = defproxy.maxconn;
1186
1194
curproxy->backlog = defproxy.backlog;
1203
1211
}
1204
1212
curproxy->check_len = defproxy.check_len;
1205
1213
1214
if (defproxy.expect_str) {
1215
curproxy->expect_str = strdup(defproxy.expect_str);
1216
if (defproxy.expect_regex) {
1217
/* note: this regex is known to be valid */
1218
curproxy->expect_regex = calloc(1, sizeof(regex_t));
1219
regcomp(curproxy->expect_regex, defproxy.expect_str, REG_EXTENDED);
1220
}
1221
}
1222
1223
curproxy->ck_opts = defproxy.ck_opts;
1206
1224
if (defproxy.cookie_name)
1207
1225
curproxy->cookie_name = strdup(defproxy.cookie_name);
1208
1226
curproxy->cookie_len = defproxy.cookie_len;
1300
1318
defproxy.fwdfor_hdr_len = 0;
1301
1319
free(defproxy.orgto_hdr_name);
1302
1320
defproxy.orgto_hdr_len = 0;
1321
free(defproxy.server_id_hdr_name);
1322
defproxy.server_id_hdr_len = 0;
1323
free(defproxy.expect_str);
1324
if (defproxy.expect_regex) regfree(defproxy.expect_regex);
1303
1325
1304
1326
for (rc = 0; rc < HTTP_ERR_SIZE; rc++)
1305
1327
chunk_destroy(&defproxy.errmsg[rc]);
1688
1710
goto out;
1689
1711
}
1690
1712
1691
curproxy->options &= ~PR_O_COOK_ANY;
1692
curproxy->options2 &= ~PR_O2_COOK_PSV;
1713
curproxy->ck_opts = 0;
1693
1714
curproxy->cookie_maxidle = curproxy->cookie_maxlife = 0;
1694
1715
free(curproxy->cookie_domain); curproxy->cookie_domain = NULL;
1695
1716
free(curproxy->cookie_name);
1699
1720
cur_arg = 2;
1700
1721
while (*(args[cur_arg])) {
1701
1722
if (!strcmp(args[cur_arg], "rewrite")) {
1702
curproxy->options |= PR_O_COOK_RW;
1723
curproxy->ck_opts |= PR_CK_RW;
1703
1724
}
1704
1725
else if (!strcmp(args[cur_arg], "indirect")) {
1705
curproxy->options |= PR_O_COOK_IND;
1726
curproxy->ck_opts |= PR_CK_IND;
1706
1727
}
1707
1728
else if (!strcmp(args[cur_arg], "insert")) {
1708
curproxy->options |= PR_O_COOK_INS;
1729
curproxy->ck_opts |= PR_CK_INS;
1709
1730
}
1710
1731
else if (!strcmp(args[cur_arg], "nocache")) {
1711
curproxy->options |= PR_O_COOK_NOC;
1732
curproxy->ck_opts |= PR_CK_NOC;
1712
1733
}
1713
1734
else if (!strcmp(args[cur_arg], "postonly")) {
1714
curproxy->options |= PR_O_COOK_POST;
1735
curproxy->ck_opts |= PR_CK_POST;
1715
1736
}
1716
1737
else if (!strcmp(args[cur_arg], "preserve")) {
1717
curproxy->options2 |= PR_O2_COOK_PSV;
1738
curproxy->ck_opts |= PR_CK_PSV;
1718
1739
}
1719
1740
else if (!strcmp(args[cur_arg], "prefix")) {
1720
curproxy->options |= PR_O_COOK_PFX;
1741
curproxy->ck_opts |= PR_CK_PFX;
1742
}
1743
else if (!strcmp(args[cur_arg], "httponly")) {
1744
curproxy->ck_opts |= PR_CK_HTTPONLY;
1745
}
1746
else if (!strcmp(args[cur_arg], "secure")) {
1747
curproxy->ck_opts |= PR_CK_SECURE;
1721
1748
}
1722
1749
else if (!strcmp(args[cur_arg], "domain")) {
1723
1750
if (!*args[cur_arg + 1]) {
1811
1838
}
1812
1839
cur_arg++;
1813
1840
}
1814
if (!POWEROF2(curproxy->options & (PR_O_COOK_RW|PR_O_COOK_IND))) {
1841
if (!POWEROF2(curproxy->ck_opts & (PR_CK_RW|PR_CK_IND))) {
1815
1842
Alert("parsing [%s:%d] : cookie 'rewrite' and 'indirect' modes are incompatible.\n",
1816
1843
file, linenum);
1817
1844
err_code |= ERR_ALERT | ERR_FATAL;
1818
1845
}
1819
1846
1820
if (!POWEROF2(curproxy->options & (PR_O_COOK_RW|PR_O_COOK_INS|PR_O_COOK_PFX))) {
1847
if (!POWEROF2(curproxy->ck_opts & (PR_CK_RW|PR_CK_INS|PR_CK_PFX))) {
1821
1848
Alert("parsing [%s:%d] : cookie 'rewrite', 'insert' and 'prefix' modes are incompatible.\n",
1822
1849
file, linenum);
1823
1850
err_code |= ERR_ALERT | ERR_FATAL;
1824
1851
}
1825
1852
1826
if ((curproxy->options2 & PR_O2_COOK_PSV) && !(curproxy->options & (PR_O_COOK_INS|PR_O_COOK_IND))) {
1853
if ((curproxy->ck_opts & (PR_CK_PSV | PR_CK_INS | PR_CK_IND)) == PR_CK_PSV) {
1827
1854
Alert("parsing [%s:%d] : cookie 'preserve' requires at least 'insert' or 'indirect'.\n",
1828
1855
file, linenum);
1829
1856
err_code |= ERR_ALERT | ERR_FATAL;
2072
2099
err_code |= warnif_cond_requires_resp(req_acl->cond, file, linenum);
2073
2100
LIST_ADDQ(&curproxy->req_acl, &req_acl->list);
2074
2101
}
2102
else if (!strcmp(args[0], "http-send-name-header")) { /* send server name in request header */
2103
/* set the header name and length into the proxy structure */
2104
if (warnifnotcap(curproxy, PR_CAP_BE, file, linenum, args[0], NULL))
2105
err_code |= ERR_WARN;
2106
2107
if (!*args[1]) {
2108
Alert("parsing [%s:%d] : '%s' requires a header string.\n",
2109
file, linenum, args[0]);
2110
err_code |= ERR_ALERT | ERR_FATAL;
2111
goto out;
2112
}
2113
2114
/* set the desired header name */
2115
free(curproxy->server_id_hdr_name);
2116
curproxy->server_id_hdr_name = strdup(args[1]);
2117
curproxy->server_id_hdr_len = strlen(curproxy->server_id_hdr_name);
2118
}
2075
2119
else if (!strcmp(args[0], "block")) { /* early blocking based on ACLs */
2076
2120
if (curproxy == &defproxy) {
2077
2121
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
2171
2215
}
2172
2216
cur_arg++;
2173
2217
code = atol(args[cur_arg]);
2174
if (code < 301 || code > 303) {
2175
Alert("parsing [%s:%d] : '%s': unsupported HTTP code '%d'.\n",
2176
file, linenum, args[0], code);
2218
if (code < 301 || code > 308 || (code > 303 && code < 307)) {
2219
Alert("parsing [%s:%d] : '%s': unsupported HTTP code '%s' (must be one of 301, 302, 303, 307 or 308).\n",
2220
file, linenum, args[0], args[cur_arg]);
2177
2221
err_code |= ERR_ALERT | ERR_FATAL;
2178
2222
goto out;
2179
2223
}
2932
2976
((unsigned char) (packetlen >> 16) & 0xff));
2933
2977
2934
2978
curproxy->check_req[3] = 1;
2979
curproxy->check_req[5] = 128;
2935
2980
curproxy->check_req[8] = 1;
2936
2981
memcpy(&curproxy->check_req[9], mysqluser, userlen);
2937
2982
curproxy->check_req[9 + userlen + 1 + 1] = 1;
2969
3014
*/
2970
3015
2971
3016
curproxy->options |= PR_O_FWDFOR;
3017
curproxy->options2 |= PR_O2_FF_ALWAYS;
2972
3018
2973
3019
free(curproxy->fwdfor_hdr_name);
2974
3020
curproxy->fwdfor_hdr_name = strdup(DEF_XFORWARDFOR_HDR);
3000
3046
curproxy->fwdfor_hdr_name = strdup(args[cur_arg+1]);
3001
3047
curproxy->fwdfor_hdr_len = strlen(curproxy->fwdfor_hdr_name);
3002
3048
cur_arg += 2;
3049
} else if (!strcmp(args[cur_arg], "if-none")) {
3050
curproxy->options2 &= ~PR_O2_FF_ALWAYS;
3051
cur_arg += 1;
3003
3052
} else {
3004
3053
/* unknown suboption - catchall */
3005
Alert("parsing [%s:%d] : '%s %s' only supports optional values: 'except' and 'header'.\n",
3054
Alert("parsing [%s:%d] : '%s %s' only supports optional values: 'except', 'header' and 'if-none'.\n",
3006
3055
file, linenum, args[0], args[1]);
3007
3056
err_code |= ERR_ALERT | ERR_FATAL;
3008
3057
goto out;
3022
3071
curproxy->orgto_hdr_name = strdup(DEF_XORIGINALTO_HDR);
3023
3072
curproxy->orgto_hdr_len = strlen(DEF_XORIGINALTO_HDR);
3024
3073
3025
/* loop to go through arguments - start at 2, since 0+1 = "option" "forwardfor" */
3074
/* loop to go through arguments - start at 2, since 0+1 = "option" "originalto" */
3026
3075
cur_arg = 2;
3027
3076
while (*(args[cur_arg])) {
3028
3077
if (!strcmp(args[cur_arg], "except")) {
3130
3179
goto out;
3131
3180
}
3132
3181
curproxy->options2 |= PR_O2_EXP_STS;
3182
free(curproxy->expect_str);
3133
3183
curproxy->expect_str = strdup(args[cur_arg + 1]);
3134
3184
}
3135
3185
else if (strcmp(ptr_arg, "string") == 0) {
3140
3190
goto out;
3141
3191
}
3142
3192
curproxy->options2 |= PR_O2_EXP_STR;
3193
free(curproxy->expect_str);
3143
3194
curproxy->expect_str = strdup(args[cur_arg + 1]);
3144
3195
}
3145
3196
else if (strcmp(ptr_arg, "rstatus") == 0) {
3150
3201
goto out;
3151
3202
}
3152
3203
curproxy->options2 |= PR_O2_EXP_RSTS;
3204
free(curproxy->expect_str);
3205
if (curproxy->expect_regex) regfree(curproxy->expect_regex);
3206
curproxy->expect_str = strdup(args[cur_arg + 1]);
3153
3207
curproxy->expect_regex = calloc(1, sizeof(regex_t));
3154
3208
if (regcomp(curproxy->expect_regex, args[cur_arg + 1], REG_EXTENDED) != 0) {
3155
3209
Alert("parsing [%s:%d] : '%s %s %s' : bad regular expression '%s'.\n",
3166
3220
goto out;
3167
3221
}
3168
3222
curproxy->options2 |= PR_O2_EXP_RSTR;
3223
free(curproxy->expect_str);
3224
if (curproxy->expect_regex) regfree(curproxy->expect_regex);
3225
curproxy->expect_str = strdup(args[cur_arg + 1]);
3169
3226
curproxy->expect_regex = calloc(1, sizeof(regex_t));
3170
3227
if (regcomp(curproxy->expect_regex, args[cur_arg + 1], REG_EXTENDED) != 0) {
3171
3228
Alert("parsing [%s:%d] : '%s %s %s' : bad regular expression '%s'.\n",
3182
3239
}
3183
3240
}
3184
3241
else {
3185
Alert("parsing [%s:%d] : '%s' only supports 'disable-on-404', 'expect' .\n", file, linenum, args[0]);
3242
Alert("parsing [%s:%d] : '%s' only supports 'disable-on-404', 'send-state', 'expect'.\n", file, linenum, args[0]);
3186
3243
err_code |= ERR_ALERT | ERR_FATAL;
3187
3244
goto out;
3188
3245
}
3302
3359
err_code |= ERR_WARN;
3303
3360
3304
3361
memcpy(trash, "error near 'balance'", 21);
3305
if (backend_parse_balance((const char **)args + 1, trash, sizeof(trash), curproxy) < 0) {
3362
if (backend_parse_balance((const char **)args + 1, trash, trashlen, curproxy) < 0) {
3306
3363
Alert("parsing [%s:%d] : %s\n", file, linenum, trash);
3307
3364
err_code |= ERR_ALERT | ERR_FATAL;
3308
3365
goto out;
3368
3425
newsrv->next = curproxy->srv;
3369
3426
curproxy->srv = newsrv;
3370
3427
newsrv->proxy = curproxy;
3371
newsrv->conf.file = file;
3428
newsrv->conf.file = strdup(file);
3372
3429
newsrv->conf.line = linenum;
3373
3430
3374
3431
LIST_INIT(&newsrv->pendconns);
3612
3669
err_code |= ERR_ALERT | ERR_FATAL;
3613
3670
goto out;
3614
3671
}
3615
if (val < 0) {
3616
Alert("parsing [%s:%d]: invalid value %d for argument '%s' of server %s.\n",
3617
file, linenum, val, args[cur_arg], newsrv->id);
3618
err_code |= ERR_ALERT | ERR_FATAL;
3619
goto out;
3620
}
3621
3672
newsrv->slowstart = (val + 999) / 1000;
3622
3673
cur_arg += 2;
3623
3674
}
4529
4580
continue;
4530
4581
if (strcmp(kwl->kw[index].kw, args[0]) == 0) {
4531
4582
/* prepare error message just in case */
4532
snprintf(trash, sizeof(trash),
4583
snprintf(trash, trashlen,
4533
4584
"error near '%s' in %s section", args[0], cursection);
4534
rc = kwl->kw[index].parse(args, CFG_LISTEN, curproxy, &defproxy, trash, sizeof(trash));
4585
rc = kwl->kw[index].parse(args, CFG_LISTEN, curproxy, &defproxy, trash, trashlen);
4535
4586
if (rc < 0) {
4536
4587
Alert("parsing [%s:%d] : %s\n", file, linenum, trash);
4537
4588
err_code |= ERR_ALERT | ERR_FATAL;
5007
5058
5008
5059
case PR_MODE_HTTP:
5009
5060
curproxy->acl_requires |= ACL_USE_L7_ANY;
5010
if ((curproxy->cookie_name != NULL) && (curproxy->srv == NULL)) {
5011
Alert("config : HTTP proxy %s has a cookie but no server list !\n",
5012
curproxy->id);
5013
cfgerr++;
5014
}
5015
5061
break;
5016
5062
}
5017
5063
5310
5356
}
5311
5357
5312
5358
/* The small pools required for the capture lists */
5313
if (curproxy->nb_req_cap)
5314
curproxy->req_cap_pool = create_pool("ptrcap",
5315
curproxy->nb_req_cap * sizeof(char *),
5316
MEM_F_SHARED);
5317
if (curproxy->nb_rsp_cap)
5318
curproxy->rsp_cap_pool = create_pool("ptrcap",
5319
curproxy->nb_rsp_cap * sizeof(char *),
5320
MEM_F_SHARED);
5359
if (curproxy->nb_req_cap) {
5360
if (curproxy->mode == PR_MODE_HTTP) {
5361
curproxy->req_cap_pool = create_pool("ptrcap",
5362
curproxy->nb_req_cap * sizeof(char *),
5363
MEM_F_SHARED);
5364
} else {
5365
Warning("config : 'capture request header' ignored for %s '%s' as it requires HTTP mode.\n",
5366
proxy_type_str(curproxy), curproxy->id);
5367
err_code |= ERR_WARN;
5368
curproxy->to_log &= ~LW_REQHDR;
5369
curproxy->nb_req_cap = 0;
5370
}
5371
}
5372
5373
if (curproxy->nb_rsp_cap) {
5374
if (curproxy->mode == PR_MODE_HTTP) {
5375
curproxy->rsp_cap_pool = create_pool("ptrcap",
5376
curproxy->nb_rsp_cap * sizeof(char *),
5377
MEM_F_SHARED);
5378
} else {
5379
Warning("config : 'capture response header' ignored for %s '%s' as it requires HTTP mode.\n",
5380
proxy_type_str(curproxy), curproxy->id);
5381
err_code |= ERR_WARN;
5382
curproxy->to_log &= ~LW_REQHDR;
5383
curproxy->nb_rsp_cap = 0;
5384
}
5385
}
5321
5386
5322
5387
curproxy->hdr_idx_pool = create_pool("hdr_idx",
5323
5388
MAX_HTTP_HDR * sizeof(struct hdr_idx_elem),
5362
5427
curproxy->lbprm.wmult = 1; /* default weight multiplier */
5363
5428
curproxy->lbprm.wdiv = 1; /* default weight divider */
5364
5429
5430
/*
5431
* If this server supports a maxconn parameter, it needs a dedicated
5432
* tasks to fill the emptied slots when a connection leaves.
5433
* Also, resolve deferred tracking dependency if needed.
5434
*/
5435
newsrv = curproxy->srv;
5436
while (newsrv != NULL) {
5437
if (newsrv->minconn > newsrv->maxconn) {
5438
/* Only 'minconn' was specified, or it was higher than or equal
5439
* to 'maxconn'. Let's turn this into maxconn and clean it, as
5440
* this will avoid further useless expensive computations.
5441
*/
5442
newsrv->maxconn = newsrv->minconn;
5443
} else if (newsrv->maxconn && !newsrv->minconn) {
5444
/* minconn was not specified, so we set it to maxconn */
5445
newsrv->minconn = newsrv->maxconn;
5446
} else if (newsrv->minconn != newsrv->maxconn && !curproxy->fullconn) {
5447
Alert("config : %s '%s' : fullconn is mandatory when minconn is set on a server.\n",
5448
proxy_type_str(curproxy), curproxy->id);
5449
cfgerr++;
5450
}
5451
5452
if (newsrv->trackit) {
5453
struct proxy *px;
5454
struct server *srv;
5455
char *pname, *sname;
5456
5457
pname = newsrv->trackit;
5458
sname = strrchr(pname, '/');
5459
5460
if (sname)
5461
*sname++ = '\0';
5462
else {
5463
sname = pname;
5464
pname = NULL;
5465
}
5466
5467
if (pname) {
5468
px = findproxy(pname, PR_CAP_BE);
5469
if (!px) {
5470
Alert("config : %s '%s', server '%s': unable to find required proxy '%s' for tracking.\n",
5471
proxy_type_str(curproxy), curproxy->id,
5472
newsrv->id, pname);
5473
cfgerr++;
5474
goto next_srv;
5475
}
5476
} else
5477
px = curproxy;
5478
5479
srv = findserver(px, sname);
5480
if (!srv) {
5481
Alert("config : %s '%s', server '%s': unable to find required server '%s' for tracking.\n",
5482
proxy_type_str(curproxy), curproxy->id,
5483
newsrv->id, sname);
5484
cfgerr++;
5485
goto next_srv;
5486
}
5487
5488
if (!(srv->state & SRV_CHECKED)) {
5489
Alert("config : %s '%s', server '%s': unable to use %s/%s for "
5490
"tracking as it does not have checks enabled.\n",
5491
proxy_type_str(curproxy), curproxy->id,
5492
newsrv->id, px->id, srv->id);
5493
cfgerr++;
5494
goto next_srv;
5495
}
5496
5497
if (curproxy != px &&
5498
(curproxy->options & PR_O_DISABLE404) != (px->options & PR_O_DISABLE404)) {
5499
Alert("config : %s '%s', server '%s': unable to use %s/%s for"
5500
"tracking: disable-on-404 option inconsistency.\n",
5501
proxy_type_str(curproxy), curproxy->id,
5502
newsrv->id, px->id, srv->id);
5503
cfgerr++;
5504
goto next_srv;
5505
}
5506
5507
/* if the other server is forced disabled, we have to do the same here */
5508
if (srv->state & SRV_MAINTAIN) {
5509
newsrv->state |= SRV_MAINTAIN;
5510
newsrv->state &= ~SRV_RUNNING;
5511
newsrv->health = 0;
5512
}
5513
5514
newsrv->tracked = srv;
5515
newsrv->tracknext = srv->tracknext;
5516
srv->tracknext = newsrv;
5517
5518
free(newsrv->trackit);
5519
newsrv->trackit = NULL;
5520
}
5521
next_srv:
5522
newsrv = newsrv->next;
5523
}
5524
5365
5525
/* We have to initialize the server lookup mechanism depending
5366
5526
* on what LB algorithm was choosen.
5367
5527
*/
5407
5567
if (curproxy->mode != PR_MODE_HTTP) {
5408
5568
int optnum;
5409
5569
5410
if (curproxy->options & PR_O_COOK_ANY) {
5411
Warning("config : 'cookie' statement ignored for %s '%s' as it requires HTTP mode.\n",
5412
proxy_type_str(curproxy), curproxy->id);
5413
err_code |= ERR_WARN;
5414
}
5415
5416
5570
if (curproxy->uri_auth) {
5417
5571
Warning("config : 'stats' statement ignored for %s '%s' as it requires HTTP mode.\n",
5418
5572
proxy_type_str(curproxy), curproxy->id);
5425
5579
"forwardfor", proxy_type_str(curproxy), curproxy->id);
5426
5580
err_code |= ERR_WARN;
5427
5581
curproxy->options &= ~PR_O_FWDFOR;
5582
curproxy->options2 &= ~PR_O2_FF_ALWAYS;
5428
5583
}
5429
5584
5430
5585
if (curproxy->options & PR_O_ORGTO) {
5471
5626
*/
5472
5627
newsrv = curproxy->srv;
5473
5628
while (newsrv != NULL) {
5474
if ((curproxy->mode != PR_MODE_HTTP) && (newsrv->rdr_len || newsrv->cklen)) {
5629
if ((curproxy->mode != PR_MODE_HTTP) && newsrv->rdr_len) {
5475
5630
Alert("config : %s '%s' : server cannot have cookie or redirect prefix in non-HTTP mode.\n",
5476
5631
proxy_type_str(curproxy), curproxy->id);
5477
5632
cfgerr++;
5478
5633
}
5479
5634
5635
if ((curproxy->mode != PR_MODE_HTTP) && newsrv->cklen) {
5636
Warning("config : %s '%s' : ignoring cookie for server '%s' as HTTP mode is disabled.\n",
5637
proxy_type_str(curproxy), curproxy->id, newsrv->id);
5638
err_code |= ERR_WARN;
5639
}
5640
5480
5641
#if defined(CONFIG_HAP_CTTPROXY) || defined(CONFIG_HAP_LINUX_TPROXY)
5481
5642
if (curproxy->mode != PR_MODE_HTTP && newsrv->bind_hdr_occ) {
5482
5643
newsrv->bind_hdr_occ = 0;
5488
5649
newsrv = newsrv->next;
5489
5650
}
5490
5651
5491
/*
5492
* If this server supports a maxconn parameter, it needs a dedicated
5493
* tasks to fill the emptied slots when a connection leaves.
5494
* Also, resolve deferred tracking dependency if needed.
5495
*/
5496
newsrv = curproxy->srv;
5497
while (newsrv != NULL) {
5498
if (newsrv->minconn > newsrv->maxconn) {
5499
/* Only 'minconn' was specified, or it was higher than or equal
5500
* to 'maxconn'. Let's turn this into maxconn and clean it, as
5501
* this will avoid further useless expensive computations.
5502
*/
5503
newsrv->maxconn = newsrv->minconn;
5504
} else if (newsrv->maxconn && !newsrv->minconn) {
5505
/* minconn was not specified, so we set it to maxconn */
5506
newsrv->minconn = newsrv->maxconn;
5507
} else if (newsrv->minconn != newsrv->maxconn && !curproxy->fullconn) {
5508
Alert("config : %s '%s' : fullconn is mandatory when minconn is set on a server.\n",
5509
proxy_type_str(curproxy), curproxy->id);
5510
cfgerr++;
5511
}
5512
5513
if (newsrv->trackit) {
5514
struct proxy *px;
5515
struct server *srv;
5516
char *pname, *sname;
5517
5518
pname = newsrv->trackit;
5519
sname = strrchr(pname, '/');
5520
5521
if (sname)
5522
*sname++ = '\0';
5523
else {
5524
sname = pname;
5525
pname = NULL;
5526
}
5527
5528
if (pname) {
5529
px = findproxy(pname, PR_CAP_BE);
5530
if (!px) {
5531
Alert("config : %s '%s', server '%s': unable to find required proxy '%s' for tracking.\n",
5532
proxy_type_str(curproxy), curproxy->id,
5533
newsrv->id, pname);
5534
cfgerr++;
5535
goto next_srv;
5536
}
5537
} else
5538
px = curproxy;
5539
5540
srv = findserver(px, sname);
5541
if (!srv) {
5542
Alert("config : %s '%s', server '%s': unable to find required server '%s' for tracking.\n",
5543
proxy_type_str(curproxy), curproxy->id,
5544
newsrv->id, sname);
5545
cfgerr++;
5546
goto next_srv;
5547
}
5548
5549
if (!(srv->state & SRV_CHECKED)) {
5550
Alert("config : %s '%s', server '%s': unable to use %s/%s for "
5551
"tracking as it does not have checks enabled.\n",
5552
proxy_type_str(curproxy), curproxy->id,
5553
newsrv->id, px->id, srv->id);
5554
cfgerr++;
5555
goto next_srv;
5556
}
5557
5558
if (curproxy != px &&
5559
(curproxy->options & PR_O_DISABLE404) != (px->options & PR_O_DISABLE404)) {
5560
Alert("config : %s '%s', server '%s': unable to use %s/%s for"
5561
"tracking: disable-on-404 option inconsistency.\n",
5562
proxy_type_str(curproxy), curproxy->id,
5563
newsrv->id, px->id, srv->id);
5564
cfgerr++;
5565
goto next_srv;
5566
}
5567
5568
newsrv->tracked = srv;
5569
newsrv->tracknext = srv->tracknext;
5570
srv->tracknext = newsrv;
5571
5572
free(newsrv->trackit);
5573
}
5574
next_srv:
5575
newsrv = newsrv->next;
5576
}
5577
5578
5652
if (curproxy->cap & PR_CAP_FE) {
5579
5653
if (curproxy->tcp_req.inspect_delay ||
5580
5654
!LIST_ISEMPTY(&curproxy->tcp_req.inspect_rules))
Loggerhead is a web-based interface for Breezy
Version: 2.0.1