gamzinav/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG/MINOR: acl: support built-in ACLs with acl() sample

Browse Source 
Built-in ACLs were not being searched by the acl() sample fetch. This
fixes that so they are searched if no other match is found.
This commit is contained in:
Patrick Hemmer 2023-08-01 10:43:02 -04:00 committed by Willy Tarreau
parent 7c6b410b35
commit 93d4e99714
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
reg-tests/sample_fetches/acl.vtc
View File

@ -18,7 +18,7 @@ haproxy h1 -conf {
acl ACL3 acl(!ACL2)
acl ACL4 acl(ACL2,!ACL3)
http-request return status 200 hdr x-acl "ACL1=%[acl(ACL1)] ACL2=%[acl(ACL2)] ACL3=%[acl(ACL3)] ACL4=%[acl(ACL4)]"
http-request return status 200 hdr x-acl "ACL1=%[acl(ACL1)] ACL2=%[acl(ACL2)] ACL3=%[acl(ACL3)] ACL4=%[acl(ACL4)] TRUE=%[acl(TRUE)]"
} -start
client c1 -connect ${h1_fe1_sock} {
@ -29,4 +29,5 @@ client c1 -connect ${h1_fe1_sock} {
expect resp.http.x-acl ~ "ACL2=1"
expect resp.http.x-acl ~ "ACL3=0"
expect resp.http.x-acl ~ "ACL4=1"
expect resp.http.x-acl ~ "TRUE=1"
} -run

6
src/acl.c
View File

@ -1350,7 +1350,11 @@ int smp_fetch_acl_parse(struct arg *args, char **err_msg)
name++;
}
if (!(acl_sample->terms[i].acl = find_acl_by_name(name, &curproxy->acl))) {
if (
!(acl_sample->terms[i].acl = find_acl_by_name(name, &curproxy->acl)) &&
!(acl_sample->terms[i].acl = find_acl_default(name, &curproxy->acl, err_msg, NULL, NULL, 0))
) {
memprintf(err_msg, "ACL '%s' not found", name);
goto err;
}