upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-03-29 05:43:58 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
haproxy/src/sample.c

3471 lines
105 KiB
C
Raw Normal View History

[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
* Sample management functions.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*
* Copyright 2009-2010 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
* Copyright (C) 2012 Willy Tarreau <w@1wt.eu>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
#include <ctype.h>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
#include <string.h>
#include <arpa/inet.h>
CLEANUP: includes: fix includes for a number of users of fd.h It appears that fd.h includes a number of unneeded files and was included from standard.h, and as such served as an intermediary to provide almost everything to everyone. By removing its useless includes, a long dependency chain broke but could easily be fixed.
2012-09-02 16:34:23 -04:00
#include <stdio.h>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions Sample conversions rely on two alternative buffers which were previously allocated as static bufs of size BUFSIZE. Now they're initialized to the global buffer size. It was the same for HTTP authentication. Note that it seems that none of them was prone to any mistake when dealing with the buffer size, but better stay on the safe side by maintaining the old assumption that a trash buffer is always "large enough".
2012-10-29 15:44:36 -04:00
#include <types/global.h>
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
#include <common/chunk.h>
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
#include <common/hash.h>
REORG: http: move the HTTP semantics definitions to http.h/http.c It's a bit painful to have to deal with HTTP semantics for each protocol version (H1 and H2), and working on the version-agnostic code further emphasizes the problem. This patch creates http.h and http.c which are agnostic to the version in use, and which borrow a few parts from proto_http and from h1. For example the once thought h1-specific h1_char_classes array is in fact dictated by RFC7231 and is used to parse HTTP headers. A few changes were made to a few files which were including proto_http.h while they only needed http.h. Certain string definitions pre-dated the introduction of indirect strings (ist) so some were used to simplify the definition of the known HTTP methods. The current lookup code saves 2 kB of a heavily used table and is faster than the previous table based lookup (typ. 14 ns vs 16 before).
2018-09-10 09:38:55 -04:00
#include <common/http.h>
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
#include <common/initcall.h>
CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask There were 8 strict aliasing warnings there due to the dereferences casting to uint32_t of input and output. We can achieve the same using two write_u64() and four read_u64() which do not cause this issue and even let the compiler use 64-bit operations.
2020-02-25 03:43:22 -05:00
#include <common/net_helper.h>
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
#include <common/standard.h>
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
#include <common/uri_auth.h>
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
#include <common/base64.h>
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
MEDIUM: pattern: use the standard arg parser We don't need the pattern-specific args parsers anymore, make use of the common parser instead. We still need to improve this by adding a validation function to report abnormal argument values or combinations. We don't report precise parsing errors yet but this was not previously done either.
2012-04-20 08:45:49 -04:00
#include <proto/arg.h>
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
#include <proto/auth.h>
#include <proto/log.h>
#include <proto/proxy.h>
MINOR: sample: Add two sample converters for protocol buffers. Add "varint" to convert all the protocol buffers binary varints excepted the signed ones ("sint32" and "sint64") to an integer. The binary signed varints may be converted to an integer with "svarint" converter implemented by this patch. These two new converters do not take any argument.
2019-02-26 08:09:08 -05:00
#include <proto/protocol_buffers.h>
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
#include <proto/sample.h>
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
#include <proto/sink.h>
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
#include <proto/stick_table.h>
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
#include <proto/vars.h>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
#include <import/sha1.h>
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
#include <import/xxhash.h>
MINOR: sample: move smp_to_type to sample.c This way it can be exported and reused anywhere else to report type names.
2014-02-07 06:14:54 -05:00
/* sample type names */
const char *smp_to_type[SMP_TYPES] = {
MEDIUM: sample: Add type any This type is used to accept any type of sample as input, and prevent any automatic "cast". It runs like the type "ADDR" which accept the type "IPV4" and "IPV6".
2015-06-03 14:12:35 -04:00
[SMP_T_ANY] = "any",
MINOR: sample: move smp_to_type to sample.c This way it can be exported and reused anywhere else to report type names.
2014-02-07 06:14:54 -05:00
[SMP_T_BOOL] = "bool",
[SMP_T_SINT] = "sint",
[SMP_T_ADDR] = "addr",
[SMP_T_IPV4] = "ipv4",
[SMP_T_IPV6] = "ipv6",
[SMP_T_STR] = "str",
[SMP_T_BIN] = "bin",
BUG/MINOR: debug: display (null) in place of "meth" The array which contains names of types, miss the METH entry. [wt: should be backported to 1.5 as well]
2015-06-03 14:12:04 -04:00
[SMP_T_METH] = "meth",
MINOR: sample: move smp_to_type to sample.c This way it can be exported and reused anywhere else to report type names.
2014-02-07 06:14:54 -05:00
};
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* static sample used in sample_process() when <p> is NULL */
MINOR: threads/sample: Change temp_smp into a thread local variable
2017-06-14 08:15:36 -04:00
static THREAD_LOCAL struct sample temp_smp;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* list head of all known sample fetch keywords */
static struct sample_fetch_kw_list sample_fetches = {
.list = LIST_HEAD_INIT(sample_fetches.list)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
};
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* list head of all known sample format conversion keywords */
static struct sample_conv_kw_list sample_convs = {
.list = LIST_HEAD_INIT(sample_convs.list)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
};
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
const unsigned int fetch_cap[SMP_SRC_ENTRIES] = {
[SMP_SRC_INTRN] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_LISTN] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_FTEND] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L4CLI] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L5CLI] = (SMP_VAL___________ | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_TRACK] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L6REQ] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL___________ | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRQHV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL___________ | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRQHP] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRQBO] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL___________ | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_BKEND] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_SERVR] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L4SRV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L5SRV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L6RES] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL___________ | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRSHV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL___________ | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRSHP] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRSBO] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL___________ | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_RQFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_RSFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_TXFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_SSFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
SMP_VAL_FE_LOG_END | SMP_VAL___________),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
};
static const char *fetch_src_names[SMP_SRC_ENTRIES] = {
[SMP_SRC_INTRN] = "internal state",
[SMP_SRC_LISTN] = "listener",
[SMP_SRC_FTEND] = "frontend",
[SMP_SRC_L4CLI] = "client address",
[SMP_SRC_L5CLI] = "client-side connection",
[SMP_SRC_TRACK] = "track counters",
[SMP_SRC_L6REQ] = "request buffer",
[SMP_SRC_HRQHV] = "HTTP request headers",
[SMP_SRC_HRQHP] = "HTTP request",
[SMP_SRC_HRQBO] = "HTTP request body",
[SMP_SRC_BKEND] = "backend",
[SMP_SRC_SERVR] = "server",
[SMP_SRC_L4SRV] = "server address",
[SMP_SRC_L5SRV] = "server-side connection",
[SMP_SRC_L6RES] = "response buffer",
[SMP_SRC_HRSHV] = "HTTP response headers",
[SMP_SRC_HRSHP] = "HTTP response",
[SMP_SRC_HRSBO] = "HTTP response body",
[SMP_SRC_RQFIN] = "request buffer statistics",
[SMP_SRC_RSFIN] = "response buffer statistics",
[SMP_SRC_TXFIN] = "transaction statistics",
[SMP_SRC_SSFIN] = "session statistics",
};
MINOR: sample: provide a function to report the name of a sample check point We need to put names on places where samples are used in order to emit warnings and errors. Let's do that now.
2013-03-25 09:52:41 -04:00
static const char *fetch_ckp_names[SMP_CKP_ENTRIES] = {
[SMP_CKP_FE_CON_ACC] = "frontend tcp-request connection rule",
[SMP_CKP_FE_SES_ACC] = "frontend tcp-request session rule",
[SMP_CKP_FE_REQ_CNT] = "frontend tcp-request content rule",
[SMP_CKP_FE_HRQ_HDR] = "frontend http-request header rule",
[SMP_CKP_FE_HRQ_BDY] = "frontend http-request body rule",
[SMP_CKP_FE_SET_BCK] = "frontend use-backend rule",
[SMP_CKP_BE_REQ_CNT] = "backend tcp-request content rule",
[SMP_CKP_BE_HRQ_HDR] = "backend http-request header rule",
[SMP_CKP_BE_HRQ_BDY] = "backend http-request body rule",
[SMP_CKP_BE_SET_SRV] = "backend use-server, balance or stick-match rule",
[SMP_CKP_BE_SRV_CON] = "server source selection",
[SMP_CKP_BE_RES_CNT] = "backend tcp-response content rule",
[SMP_CKP_BE_HRS_HDR] = "backend http-response header rule",
[SMP_CKP_BE_HRS_BDY] = "backend http-response body rule",
[SMP_CKP_BE_STO_RUL] = "backend stick-store rule",
[SMP_CKP_FE_RES_CNT] = "frontend tcp-response content rule",
[SMP_CKP_FE_HRS_HDR] = "frontend http-response header rule",
[SMP_CKP_FE_HRS_BDY] = "frontend http-response body rule",
[SMP_CKP_FE_LOG_END] = "logs",
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
[SMP_CKP_BE_CHK_RUL] = "backend tcp-check rule",
MINOR: sample: provide a function to report the name of a sample check point We need to put names on places where samples are used in order to emit warnings and errors. Let's do that now.
2013-03-25 09:52:41 -04:00
};
MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword If the acl keyword is a "fetch", the dedicated parsing function "sample_parse_expr()" is used. Otherwise, the acl parsing function "parse_acl_expr()" is extended to understand the syntax of a series of converters placed after the "fetch" keyword. Before this patch, each acl uses a "struct sample_fetch" and executes it with the "<fetch>->process()" function. Now, the dedicated function "sample_process()" is called. These syntax are now avalaible: acl bad req.hdr(host),lower -m str www http-request redirect prefix /go-away if bad acl bad hdr_beg(host),lower www http-request redirect prefix /go-away if bad
2013-11-21 04:50:10 -05:00
/* This function returns the type of the data returned by the sample_expr.
* It assumes that the <expr> and all of its converters are properly
* initialized.
*/
inline
int smp_expr_output_type(struct sample_expr *expr)
{
struct sample_conv_expr *smp_expr;
if (!LIST_ISEMPTY(&expr->conv_exprs)) {
smp_expr = LIST_PREV(&expr->conv_exprs, struct sample_conv_expr *, list);
return smp_expr->conv->out_type;
}
return expr->fetch->out_type;
}
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
/* fill the trash with a comma-delimited list of source names for the <use> bit
* field which must be composed of a non-null set of SMP_USE_* flags. The return
* value is the pointer to the string in the trash buffer.
*/
const char *sample_src_names(unsigned int use)
{
int bit;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash.data = 0;
trash.area[0] = '\0';
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
for (bit = 0; bit < SMP_SRC_ENTRIES; bit++) {
if (!(use & ~((1 << bit) - 1)))
break; /* no more bits */
if (!(use & (1 << bit)))
continue; /* bit not set */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash.data += snprintf(trash.area + trash.data,
trash.size - trash.data, "%s%s",
(use & ((1 << bit) - 1)) ? "," : "",
fetch_src_names[bit]);
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
return trash.area;
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
}
MINOR: sample: provide a function to report the name of a sample check point We need to put names on places where samples are used in order to emit warnings and errors. Let's do that now.
2013-03-25 09:52:41 -04:00
/* return a pointer to the correct sample checkpoint name, or "unknown" when
* the flags are invalid. Only the lowest bit is used, higher bits are ignored
* if set.
*/
const char *sample_ckp_names(unsigned int use)
{
int bit;
for (bit = 0; bit < SMP_CKP_ENTRIES; bit++)
if (use & (1 << bit))
return fetch_ckp_names[bit];
return "unknown sample check place, please report this bug";
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
* Registers the sample fetch keyword list <kwl> as a list of valid keywords
* for next parsing sessions. The fetch keywords capabilities are also computed
* from their ->use field.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*/
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
void sample_register_fetches(struct sample_fetch_kw_list *kwl)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
struct sample_fetch *sf;
int bit;
for (sf = kwl->kw; sf->kw != NULL; sf++) {
for (bit = 0; bit < SMP_SRC_ENTRIES; bit++)
if (sf->use & (1 << bit))
sf->val |= fetch_cap[bit];
}
LIST_ADDQ(&sample_fetches.list, &kwl->list);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Registers the sample format coverstion keyword list <pckl> as a list of valid keywords for next
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* parsing sessions.
*/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
void sample_register_convs(struct sample_conv_kw_list *pckl)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
LIST_ADDQ(&sample_convs.list, &pckl->list);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns the pointer on sample fetch keyword structure identified by
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* string of <len> in buffer <kw>.
*
*/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_fetch *find_sample_fetch(const char *kw, int len)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int index;
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_fetch_kw_list *kwl;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
list_for_each_entry(kwl, &sample_fetches.list, list) {
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
for (index = 0; kwl->kw[index].kw != NULL; index++) {
if (strncmp(kwl->kw[index].kw, kw, len) == 0 &&
kwl->kw[index].kw[len] == '\0')
return &kwl->kw[index];
}
}
return NULL;
}
CLEANUP: sample: Fix comment encoding of sample.c The file contained an 'e' with an gravis accent and thus was not US-ASCII, but ISO-8859-1. Also correct the spelling in the incorrect comment. The incorrect character was introduced in commit: 4d9a1d1a5c4720a169654ee47f9a4364261ffab4 v1.6-dev1 is the first tag containing this comment, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:44 -05:00
/* This function browses the list of available sample fetches. <current> is
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
* the last used sample fetch. If it is the first call, it must set to NULL.
CLEANUP: sample: Fix comment encoding of sample.c The file contained an 'e' with an gravis accent and thus was not US-ASCII, but ISO-8859-1. Also correct the spelling in the incorrect comment. The incorrect character was introduced in commit: 4d9a1d1a5c4720a169654ee47f9a4364261ffab4 v1.6-dev1 is the first tag containing this comment, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:44 -05:00
* <idx> is the index of the next sample fetch entry. It is used as private
* value. It is useless to initiate it.
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
*
CLEANUP: sample: Fix comment encoding of sample.c The file contained an 'e' with an gravis accent and thus was not US-ASCII, but ISO-8859-1. Also correct the spelling in the incorrect comment. The incorrect character was introduced in commit: 4d9a1d1a5c4720a169654ee47f9a4364261ffab4 v1.6-dev1 is the first tag containing this comment, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:44 -05:00
* It returns always the new fetch_sample entry, and NULL when the end of
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
* the list is reached.
*/
struct sample_fetch *sample_fetch_getnext(struct sample_fetch *current, int *idx)
{
struct sample_fetch_kw_list *kwl;
struct sample_fetch *base;
if (!current) {
/* Get first kwl entry. */
kwl = LIST_NEXT(&sample_fetches.list, struct sample_fetch_kw_list *, list);
(*idx) = 0;
} else {
/* Get kwl corresponding to the curret entry. */
base = current + 1 - (*idx);
kwl = container_of(base, struct sample_fetch_kw_list, kw);
}
while (1) {
/* Check if kwl is the last entry. */
if (&kwl->list == &sample_fetches.list)
return NULL;
/* idx contain the next keyword. If it is available, return it. */
if (kwl->kw[*idx].kw) {
(*idx)++;
return &kwl->kw[(*idx)-1];
}
/* get next entry in the main list, and return NULL if the end is reached. */
kwl = LIST_NEXT(&kwl->list, struct sample_fetch_kw_list *, list);
/* Set index to 0, ans do one other loop. */
(*idx) = 0;
}
}
MINOR: converters: add function to browse converters This patch adds a fucntion to browse each converter. This is used with Lua for using the converters with a wrapper.
2015-03-10 18:56:48 -04:00
/* This function browses the list of available converters. <current> is
* the last used converter. If it is the first call, it must set to NULL.
* <idx> is the index of the next converter entry. It is used as private
* value. It is useless to initiate it.
*
* It returns always the next sample_conv entry, and NULL when the end of
* the list is reached.
*/
struct sample_conv *sample_conv_getnext(struct sample_conv *current, int *idx)
{
struct sample_conv_kw_list *kwl;
struct sample_conv *base;
if (!current) {
/* Get first kwl entry. */
kwl = LIST_NEXT(&sample_convs.list, struct sample_conv_kw_list *, list);
(*idx) = 0;
} else {
/* Get kwl corresponding to the curret entry. */
base = current + 1 - (*idx);
kwl = container_of(base, struct sample_conv_kw_list, kw);
}
while (1) {
/* Check if kwl is the last entry. */
if (&kwl->list == &sample_convs.list)
return NULL;
/* idx contain the next keyword. If it is available, return it. */
if (kwl->kw[*idx].kw) {
(*idx)++;
return &kwl->kw[(*idx)-1];
}
/* get next entry in the main list, and return NULL if the end is reached. */
kwl = LIST_NEXT(&kwl->list, struct sample_conv_kw_list *, list);
/* Set index to 0, ans do one other loop. */
(*idx) = 0;
}
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns the pointer on sample format conversion keyword structure identified by
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* string of <len> in buffer <kw>.
*
*/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv *find_sample_conv(const char *kw, int len)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int index;
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv_kw_list *kwl;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
list_for_each_entry(kwl, &sample_convs.list, list) {
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
for (index = 0; kwl->kw[index].kw != NULL; index++) {
if (strncmp(kwl->kw[index].kw, kw, len) == 0 &&
kwl->kw[index].kw[len] == '\0')
return &kwl->kw[index];
}
}
return NULL;
}
/******************************************************************/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* Sample casts functions */
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/******************************************************************/
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ip2int(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = ntohl(smp->data.u.ipv4.s_addr);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ip2str(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!inet_ntop(AF_INET, (void *)&smp->data.u.ipv4, trash->area, trash->size))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = strlen(trash->area);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ip2ipv6(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
v4tov6(&smp->data.u.ipv6, &smp->data.u.ipv4);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 1;
}
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
static int c_ipv62ip(struct sample *smp)
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (!v6tov4(&smp->data.u.ipv4, &smp->data.u.ipv6))
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
return 0;
BUG/MINOR: sample: Fix output type of c_ipv62ip c_ipv62ip failed to set the output type of the cast to SMP_T_IPV4 even for a successful conversion. This bug exists as of commit cc4d1716a2e72516c2505a6459a9ddbbfb186da2 which is the first commit adding this function. v1.6-dev4 is the first tag containing this commit, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:46 -05:00
smp->data.type = SMP_T_IPV4;
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ipv62str(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!inet_ntop(AF_INET6, (void *)&smp->data.u.ipv6, trash->area, trash->size))
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = strlen(trash->area);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 1;
}
/*
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ipv62ip(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
return v6tov4(&smp->data.u.ipv4, &smp->data.u.ipv6);
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
}
*/
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_int2ip(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv4.s_addr = htonl((unsigned int)smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
return 1;
}
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
static int c_int2ipv6(struct sample *smp)
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv4.s_addr = htonl((unsigned int)smp->data.u.sint);
v4tov6(&smp->data.u.ipv6, &smp->data.u.ipv4);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
return 1;
}
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
static int c_str2addr(struct sample *smp)
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!buf2ip(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv4)) {
if (!buf2ip6(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv6))
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 1;
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
}
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_str2ip(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!buf2ip(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv4))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_str2ipv6(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!buf2ip6(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv6))
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 1;
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
}
BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-03 12:17:10 -05:00
/*
* The NULL char always enforces the end of string if it is met.
* Data is never changed, so we can ignore the CONST case
MEDIUM: sample: change the behavior of the bin2str cast The bin2str cast gives the hexadecimal representation of the binary content when it is used as string. This was inherited from the stick-table casts without realizing that it was a mistake. Indeed, it breaks string processing on binary contents, preventing any _reg, _beg, etc from working. For example, with an HTTP GET request, the fetch "req.payload(0,3)" returns the 3 bytes "G", "E", and "T" in binary. If this fetch is used with regex, it is automatically converted to "474554" and the regex is applied on this string, so it never matches. This commit changes the cast so that bin2str does not convert the contents anymore, and returns a string type. The contents can thus be matched as is, and the NULL character continues to mark the end of the string to avoid any issue with some string-based functions. This commit could almost have been marked as a bug fix since it does what the doc says. Note that in case someone would rely on the hex encoding, then the same behaviour could be achieved by appending ",hex" after the sample fetch function (brought by previous patch).
2014-03-12 10:07:59 -04:00
*/
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
static int c_bin2str(struct sample *smp)
{
BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-03 12:17:10 -05:00
int i;
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if (!smp->data.u.str.area[i]) {
smp->data.u.str.data = i;
MEDIUM: sample: change the behavior of the bin2str cast The bin2str cast gives the hexadecimal representation of the binary content when it is used as string. This was inherited from the stick-table casts without realizing that it was a mistake. Indeed, it breaks string processing on binary contents, preventing any _reg, _beg, etc from working. For example, with an HTTP GET request, the fetch "req.payload(0,3)" returns the 3 bytes "G", "E", and "T" in binary. If this fetch is used with regex, it is automatically converted to "474554" and the regex is applied on this string, so it never matches. This commit changes the cast so that bin2str does not convert the contents anymore, and returns a string type. The contents can thus be matched as is, and the NULL character continues to mark the end of the string to avoid any issue with some string-based functions. This commit could almost have been marked as a bug fix since it does what the doc says. Note that in case someone would rely on the hex encoding, then the same behaviour could be achieved by appending ",hex" after the sample fetch function (brought by previous patch).
2014-03-12 10:07:59 -04:00
break;
BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-03 12:17:10 -05:00
}
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
}
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_int2str(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
char *pos;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
pos = lltoa_r(smp->data.u.sint, trash->area, trash->size);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
if (!pos)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->size = trash->size - (pos - trash->area);
trash->area = pos;
trash->data = strlen(pos);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
/* This function unconditionally duplicates data and removes the "const" flag.
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
* For strings and binary blocks, it also provides a known allocated size with
* a length that is capped to the size, and ensures a trailing zero is always
* appended for strings. This is necessary for some operations which may
* require to extend the length. It returns 0 if it fails, 1 on success.
*/
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
int smp_dup(struct sample *smp)
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
switch (smp->data.type) {
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
case SMP_T_BOOL:
case SMP_T_SINT:
case SMP_T_ADDR:
case SMP_T_IPV4:
case SMP_T_IPV6:
/* These type are not const. */
break;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup First, the type SMP_T_METH was not handled by smp_dup function. It was never called with this kind of samples, so it's not really a problem. But, this could be useful in future. For all known HTTP methods (GET, POST...), there is no extra space allocated for a sample of type SMP_T_METH. But for unkown methods, it uses a chunk. So, like for strings, we duplicate data, using a trash chunk.
2017-07-24 09:38:41 -04:00
case SMP_T_METH:
if (smp->data.u.meth.meth != HTTP_METH_OTHER)
break;
/* Fall through */
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
case SMP_T_STR:
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
trash = get_trash_chunk();
BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. In smp_dup(), don't consider a SMP_T_METH with an unknown method the same as SMP_T_STR. The string and string length aren't stored at the same place. This should be backported to 1.8.
2018-12-07 09:23:41 -05:00
trash->data = smp->data.type == SMP_T_STR ?
smp->data.u.str.data : smp->data.u.meth.str.data;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (trash->data > trash->size - 1)
trash->data = trash->size - 1;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. In smp_dup(), don't consider a SMP_T_METH with an unknown method the same as SMP_T_STR. The string and string length aren't stored at the same place. This should be backported to 1.8.
2018-12-07 09:23:41 -05:00
memcpy(trash->area, smp->data.type == SMP_T_STR ?
smp->data.u.str.area : smp->data.u.meth.str.area,
trash->data);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->area[trash->data] = 0;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
smp->data.u.str = *trash;
break;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
case SMP_T_BIN:
trash = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = smp->data.u.str.data;
if (trash->data > trash->size)
trash->data = trash->size;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area, smp->data.u.str.area, trash->data);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
break;
MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup First, the type SMP_T_METH was not handled by smp_dup function. It was never called with this kind of samples, so it's not really a problem. But, this could be useful in future. For all known HTTP methods (GET, POST...), there is no extra space allocated for a sample of type SMP_T_METH. But for unkown methods, it uses a chunk. So, like for strings, we duplicate data, using a trash chunk.
2017-07-24 09:38:41 -04:00
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
default:
/* Other cases are unexpected. */
return 0;
}
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
/* remove const flag */
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
return 1;
}
MINOR: sample: dont call the sample cast function "c_none" If the cast function to execute is c_none, dont execute it and return true. The function c_none, do nothing. This save a call.
2013-12-14 08:55:04 -05:00
int c_none(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_str2int(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
const char *str;
const char *end;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (smp->data.u.str.data == 0)
BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer If the string not start with a number, the converter fails. In other, it converts a maximum of characters to a number and stop to the first character that not match a number.
2014-01-27 12:20:48 -05:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
str = smp->data.u.str.area;
end = smp->data.u.str.area + smp->data.u.str.data;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_int64(&str, end);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
static int c_str2meth(struct sample *smp)
{
enum http_meth_t meth;
int len;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
meth = find_http_meth(smp->data.u.str.area, smp->data.u.str.data);
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
if (meth == HTTP_METH_OTHER) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
len = smp->data.u.str.data;
smp->data.u.meth.str.area = smp->data.u.str.area;
smp->data.u.meth.str.data = len;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
}
else
smp->flags &= ~SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.meth.meth = meth;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_METH;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
return 1;
}
static int c_meth2str(struct sample *smp)
{
int len;
enum http_meth_t meth;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.meth.meth == HTTP_METH_OTHER) {
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
/* The method is unknown. Copy the original pointer. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
len = smp->data.u.meth.str.data;
smp->data.u.str.area = smp->data.u.meth.str.area;
smp->data.u.str.data = len;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
else if (smp->data.u.meth.meth < HTTP_METH_OTHER) {
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
/* The method is known, copy the pointer containing the string. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
meth = smp->data.u.meth.meth;
REORG: http: move the HTTP semantics definitions to http.h/http.c It's a bit painful to have to deal with HTTP semantics for each protocol version (H1 and H2), and working on the version-agnostic code further emphasizes the problem. This patch creates http.h and http.c which are agnostic to the version in use, and which borrow a few parts from proto_http and from h1. For example the once thought h1-specific h1_char_classes array is in fact dictated by RFC7231 and is used to parse HTTP headers. A few changes were made to a few files which were including proto_http.h while they only needed http.h. Certain string definitions pre-dated the introduction of indirect strings (ist) so some were used to simplify the definition of the known HTTP methods. The current lookup code saves 2 kB of a heavily used table and is faster than the previous table based lookup (typ. 14 ns vs 16 before).
2018-09-10 09:38:55 -04:00
smp->data.u.str.area = http_known_methods[meth].ptr;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = http_known_methods[meth].len;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
smp->flags |= SMP_F_CONST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
}
else {
/* Unknown method */
return 0;
}
return 1;
}
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
static int c_addr2bin(struct sample *smp)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *chk = get_trash_chunk();
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (smp->data.type == SMP_T_IPV4) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
chk->data = 4;
memcpy(chk->area, &smp->data.u.ipv4, chk->data);
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
}
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
else if (smp->data.type == SMP_T_IPV6) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
chk->data = 16;
memcpy(chk->area, &smp->data.u.ipv6, chk->data);
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
}
else
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *chk;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BIN;
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
return 1;
}
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
static int c_int2bin(struct sample *smp)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *chk = get_trash_chunk();
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
*(unsigned long long int *) chk->area = my_htonll(smp->data.u.sint);
chk->data = 8;
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *chk;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BIN;
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
return 1;
}
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* Sample casts matrix: */
/* sample_casts[from type][to type] */
/* NULL pointer used for impossible sample casts */
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
MINOR: sample: export sample_casts just export the sample cast matrix "sample_casts" to prepare the generic sample conversion parser.
2013-11-21 04:53:12 -05:00
sample_cast_fct sample_casts[SMP_TYPES][SMP_TYPES] = {
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* to: ANY BOOL SINT ADDR IPV4 IPV6 STR BIN METH */
/* from: ANY */ { c_none, c_none, c_none, c_none, c_none, c_none, c_none, c_none, c_none, },
/* BOOL */ { c_none, c_none, c_none, NULL, NULL, NULL, c_int2str, NULL, NULL, },
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
/* SINT */ { c_none, c_none, c_none, c_int2ip, c_int2ip, c_int2ipv6, c_int2str, c_int2bin, NULL, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* ADDR */ { c_none, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, },
/* IPV4 */ { c_none, NULL, c_ip2int, c_none, c_none, c_ip2ipv6, c_ip2str, c_addr2bin, NULL, },
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
/* IPV6 */ { c_none, NULL, NULL, c_none, c_ipv62ip,c_none, c_ipv62str, c_addr2bin, NULL, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* STR */ { c_none, c_str2int, c_str2int, c_str2addr, c_str2ip, c_str2ipv6, c_none, c_none, c_str2meth, },
/* BIN */ { c_none, NULL, NULL, NULL, NULL, NULL, c_bin2str, c_none, c_str2meth, },
/* METH */ { c_none, NULL, NULL, NULL, NULL, NULL, c_meth2str, c_meth2str, c_none, }
[CLEANUP] stick_table: move pattern to key functions to stick_table.c pattern.c depended on stick_table while in fact it should be the opposite. So we move from pattern.c everything related to stick_tables and invert the dependency. That way the code becomes more logical and intuitive.
2010-06-06 07:22:23 -04:00
};
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Parse a sample expression configuration:
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* fetch keyword followed by format conversion keywords.
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns a pointer on allocated sample expression structure.
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
* The caller must have set al->ctx.
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
* If <endptr> is non-nul, it will be set to the first unparsed character
* (which may be the final '\0') on success. If it is nul, the expression
* must be properly terminated by a '\0' otherwise an error is reported.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*/
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
struct sample_expr *sample_parse_expr(char **str, int *idx, const char *file, int line, char **err_msg, struct arg_list *al, char **endptr)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
const char *begw; /* beginning of word */
const char *endw; /* end of word */
const char *endt; /* end of term */
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_expr *expr;
struct sample_fetch *fetch;
struct sample_conv *conv;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
unsigned long prev_type;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
char *fkw = NULL;
char *ckw = NULL;
BUG/MEDIUM: sample: simplify and fix the argument parsing Some errors may be reported about missing mandatory arguments when some sample fetch arguments are marked as mandatory and implicit (eg: proxy names such as in table_cnt or be_conn). In practice the argument parser already handles all the situations very well, it's just that the sample fetch parser want to go beyond its role and starts some controls that it should not do. Simply removing these useless controls lets make_arg_list() create the correct argument types when such types are encountered. This regression was introduced by the recent use of sample_parse_expr() in ACLs which makes use of its own argument parser, while previously the arguments were parsed in the ACL function itself. No backport is needed.
2013-12-12 18:40:11 -05:00
int err_arg;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
begw = str[*idx];
MINOR: sample/acl: use is_idchar() to locate the fetch/conv name Instead of scanning a string looking for an end of line, ')' or ',', let's only accept characters which are actually valid identifier characters. This will let the parser know that in %[src], only "src" is the sample fetch name, not "src]". This was done both for samples and ACLs since they are the same here.
2020-02-14 12:27:10 -05:00
for (endw = begw; is_idchar(*endw); endw++)
;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (endw == begw) {
MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors Doing so ensures that we're consistent between all the functions in the whole chain. This is important so that we can extract the argument parsing from this function.
2013-12-12 17:16:54 -05:00
memprintf(err_msg, "missing fetch method");
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
/* keep a copy of the current fetch keyword for error reporting */
fkw = my_strndup(begw, endw - begw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
fetch = find_sample_fetch(begw, endw - begw);
if (!fetch) {
MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors Doing so ensures that we're consistent between all the functions in the whole chain. This is important so that we can extract the argument parsing from this function.
2013-12-12 17:16:54 -05:00
memprintf(err_msg, "unknown fetch method '%s'", fkw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
/* At this point, we have :
* - begw : beginning of the keyword
BUG/MEDIUM: sample: simplify and fix the argument parsing Some errors may be reported about missing mandatory arguments when some sample fetch arguments are marked as mandatory and implicit (eg: proxy names such as in table_cnt or be_conn). In practice the argument parser already handles all the situations very well, it's just that the sample fetch parser want to go beyond its role and starts some controls that it should not do. Simply removing these useless controls lets make_arg_list() create the correct argument types when such types are encountered. This regression was introduced by the recent use of sample_parse_expr() in ACLs which makes use of its own argument parser, while previously the arguments were parsed in the ACL function itself. No backport is needed.
2013-12-12 18:40:11 -05:00
* - endw : end of the keyword, first character not part of keyword
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
*/
if (fetch->out_type >= SMP_TYPES) {
MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors Doing so ensures that we're consistent between all the functions in the whole chain. This is important so that we can extract the argument parsing from this function.
2013-12-12 17:16:54 -05:00
memprintf(err_msg, "returns type of fetch method '%s' is unknown", fkw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
prev_type = fetch->out_type;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
CLEANUP: uniformize last argument of malloc/calloc Instead of repeating the type of the LHS argument (sizeof(struct ...)) in calls to malloc/calloc, we directly use the pointer name (sizeof(*...)). The following Coccinelle patch was used: @@ type T; T *x; @@ x = malloc( - sizeof(T) + sizeof(*x) ) @@ type T; T *x; @@ x = calloc(1, - sizeof(T) + sizeof(*x) ) When the LHS is not just a variable name, no change is made. Moreover, the following patch was used to ensure that "1" is consistently used as a first argument of calloc, not the last one: @@ @@ calloc( + 1, ... - ,1 )
2016-04-03 07:48:43 -04:00
expr = calloc(1, sizeof(*expr));
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
if (!expr)
goto out_error;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
LIST_INIT(&(expr->conv_exprs));
expr->fetch = fetch;
MEDIUM: sample: pass an empty list instead of a null for fetch args ACL and sample fetches use args list and it is really not convenient to check for null args everywhere. Now for empty args we pass a constant list of end of lists. It will allow us to remove many useless checks.
2012-10-19 13:49:09 -04:00
expr->arg_p = empty_arg_list;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
BUG/MEDIUM: sample: simplify and fix the argument parsing Some errors may be reported about missing mandatory arguments when some sample fetch arguments are marked as mandatory and implicit (eg: proxy names such as in table_cnt or be_conn). In practice the argument parser already handles all the situations very well, it's just that the sample fetch parser want to go beyond its role and starts some controls that it should not do. Simply removing these useless controls lets make_arg_list() create the correct argument types when such types are encountered. This regression was introduced by the recent use of sample_parse_expr() in ACLs which makes use of its own argument parser, while previously the arguments were parsed in the ACL function itself. No backport is needed.
2013-12-12 18:40:11 -05:00
/* Note that we call the argument parser even with an empty string,
* this allows it to automatically create entries for mandatory
* implicit arguments (eg: local proxy name).
*/
al->kw = expr->fetch->kw;
al->conv = NULL;
MEDIUM: arg: make make_arg_list() stop after its own arguments The main problem we're having with argument parsing is that at the moment the caller looks for the first character looking like an end of arguments (')') and calls make_arg_list() on the sub-string inside the parenthesis. Let's first change the way it works so that make_arg_list() also consumes the parenthesis and returns the pointer to the first char not consumed. This will later permit to refine each argument parsing. For now there is no functional change.
2020-02-14 02:40:37 -05:00
if (make_arg_list(endw, -1, fetch->arg_mask, &expr->arg_p, err_msg, &endt, &err_arg, al) < 0) {
BUG/MEDIUM: sample: simplify and fix the argument parsing Some errors may be reported about missing mandatory arguments when some sample fetch arguments are marked as mandatory and implicit (eg: proxy names such as in table_cnt or be_conn). In practice the argument parser already handles all the situations very well, it's just that the sample fetch parser want to go beyond its role and starts some controls that it should not do. Simply removing these useless controls lets make_arg_list() create the correct argument types when such types are encountered. This regression was introduced by the recent use of sample_parse_expr() in ACLs which makes use of its own argument parser, while previously the arguments were parsed in the ACL function itself. No backport is needed.
2013-12-12 18:40:11 -05:00
memprintf(err_msg, "fetch method '%s' : %s", fkw, *err_msg);
goto out_error;
}
MEDIUM: sample: pass an empty list instead of a null for fetch args ACL and sample fetches use args list and it is really not convenient to check for null args everywhere. Now for empty args we pass a constant list of end of lists. It will allow us to remove many useless checks.
2012-10-19 13:49:09 -04:00
MEDIUM: arg: make make_arg_list() stop after its own arguments The main problem we're having with argument parsing is that at the moment the caller looks for the first character looking like an end of arguments (')') and calls make_arg_list() on the sub-string inside the parenthesis. Let's first change the way it works so that make_arg_list() also consumes the parenthesis and returns the pointer to the first char not consumed. This will later permit to refine each argument parsing. For now there is no functional change.
2020-02-14 02:40:37 -05:00
/* now endt is our first char not part of the arg list, typically the
* comma after the sample fetch name or after the closing parenthesis,
* or the NUL char.
*/
BUG/MEDIUM: sample: simplify and fix the argument parsing Some errors may be reported about missing mandatory arguments when some sample fetch arguments are marked as mandatory and implicit (eg: proxy names such as in table_cnt or be_conn). In practice the argument parser already handles all the situations very well, it's just that the sample fetch parser want to go beyond its role and starts some controls that it should not do. Simply removing these useless controls lets make_arg_list() create the correct argument types when such types are encountered. This regression was introduced by the recent use of sample_parse_expr() in ACLs which makes use of its own argument parser, while previously the arguments were parsed in the ACL function itself. No backport is needed.
2013-12-12 18:40:11 -05:00
if (!expr->arg_p) {
expr->arg_p = empty_arg_list;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
BUG/MEDIUM: sample: simplify and fix the argument parsing Some errors may be reported about missing mandatory arguments when some sample fetch arguments are marked as mandatory and implicit (eg: proxy names such as in table_cnt or be_conn). In practice the argument parser already handles all the situations very well, it's just that the sample fetch parser want to go beyond its role and starts some controls that it should not do. Simply removing these useless controls lets make_arg_list() create the correct argument types when such types are encountered. This regression was introduced by the recent use of sample_parse_expr() in ACLs which makes use of its own argument parser, while previously the arguments were parsed in the ACL function itself. No backport is needed.
2013-12-12 18:40:11 -05:00
else if (fetch->val_args && !fetch->val_args(expr->arg_p, err_msg)) {
memprintf(err_msg, "invalid args in fetch method '%s' : %s", fkw, *err_msg);
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
goto out_error;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
/* Now process the converters if any. We have two supported syntaxes
* for the converters, which can be combined :
* - comma-delimited list of converters just after the keyword and args ;
* - one converter per keyword
* The combination allows to have each keyword being a comma-delimited
* series of converters.
*
* We want to process the former first, then the latter. For this we start
* from the beginning of the supposed place in the exiting conv chain, which
* starts at the last comma (endt).
*/
while (1) {
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv_expr *conv_expr;
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
int err_arg;
int argcnt;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (*endt && *endt != ',') {
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
if (endptr) {
/* end found, let's stop here */
break;
}
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (ckw)
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "missing comma after converter '%s'", ckw);
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
else
MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors Doing so ensures that we're consistent between all the functions in the whole chain. This is important so that we can extract the argument parsing from this function.
2013-12-12 17:16:54 -05:00
memprintf(err_msg, "missing comma after fetch keyword '%s'", fkw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: arg: make make_arg_list() stop after its own arguments The main problem we're having with argument parsing is that at the moment the caller looks for the first character looking like an end of arguments (')') and calls make_arg_list() on the sub-string inside the parenthesis. Let's first change the way it works so that make_arg_list() also consumes the parenthesis and returns the pointer to the first char not consumed. This will later permit to refine each argument parsing. For now there is no functional change.
2020-02-14 02:40:37 -05:00
/* FIXME: how long should we support such idiocies ? Maybe we
* should already warn ?
*/
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
while (*endt == ',') /* then trailing commas */
endt++;
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
begw = endt; /* start of converter */
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (!*begw) {
/* none ? skip to next string */
(*idx)++;
begw = str[*idx];
if (!begw || !*begw)
break;
}
MINOR: sample/acl: use is_idchar() to locate the fetch/conv name Instead of scanning a string looking for an end of line, ')' or ',', let's only accept characters which are actually valid identifier characters. This will let the parser know that in %[src], only "src" is the sample fetch name, not "src]". This was done both for samples and ACLs since they are the same here.
2020-02-14 12:27:10 -05:00
for (endw = begw; is_idchar(*endw); endw++)
;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
free(ckw);
ckw = my_strndup(begw, endw - begw);
conv = find_sample_conv(begw, endw - begw);
if (!conv) {
/* we found an isolated keyword that we don't know, it's not ours */
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
if (begw == str[*idx]) {
endt = begw;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
break;
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
}
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "unknown converter '%s'", ckw);
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
goto out_error;
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (conv->in_type >= SMP_TYPES || conv->out_type >= SMP_TYPES) {
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "returns type of converter '%s' is unknown", ckw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/* If impossible type conversion */
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
if (!sample_casts[prev_type][conv->in_type]) {
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "converter '%s' cannot be applied", ckw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
prev_type = conv->out_type;
CLEANUP: uniformize last argument of malloc/calloc Instead of repeating the type of the LHS argument (sizeof(struct ...)) in calls to malloc/calloc, we directly use the pointer name (sizeof(*...)). The following Coccinelle patch was used: @@ type T; T *x; @@ x = malloc( - sizeof(T) + sizeof(*x) ) @@ type T; T *x; @@ x = calloc(1, - sizeof(T) + sizeof(*x) ) When the LHS is not just a variable name, no change is made. Moreover, the following patch was used to ensure that "1" is consistently used as a first argument of calloc, not the last one: @@ @@ calloc( + 1, ... - ,1 )
2016-04-03 07:48:43 -04:00
conv_expr = calloc(1, sizeof(*conv_expr));
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
if (!conv_expr)
goto out_error;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
LIST_ADDQ(&(expr->conv_exprs), &(conv_expr->list));
conv_expr->conv = conv;
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
al->kw = expr->fetch->kw;
al->conv = conv_expr->conv->kw;
MEDIUM: arg: make make_arg_list() stop after its own arguments The main problem we're having with argument parsing is that at the moment the caller looks for the first character looking like an end of arguments (')') and calls make_arg_list() on the sub-string inside the parenthesis. Let's first change the way it works so that make_arg_list() also consumes the parenthesis and returns the pointer to the first char not consumed. This will later permit to refine each argument parsing. For now there is no functional change.
2020-02-14 02:40:37 -05:00
argcnt = make_arg_list(endw, -1, conv->arg_mask, &conv_expr->arg_p, err_msg, &endt, &err_arg, al);
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (argcnt < 0) {
memprintf(err_msg, "invalid arg %d in converter '%s' : %s", err_arg+1, ckw, *err_msg);
goto out_error;
}
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (argcnt && !conv->arg_mask) {
memprintf(err_msg, "converter '%s' does not support any args", ckw);
goto out_error;
}
MEDIUM: pattern: add an argument validation callback to pattern descriptors This is used to validate that arguments are coherent. For instance, payload_lv expects that the last arg (if any) is not more negative than the sum of the first two. The error is reported if any.
2012-04-20 09:52:36 -04:00
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (!conv_expr->arg_p)
conv_expr->arg_p = empty_arg_list;
MEDIUM: sample: pass an empty list instead of a null for fetch args ACL and sample fetches use args list and it is really not convenient to check for null args everywhere. Now for empty args we pass a constant list of end of lists. It will allow us to remove many useless checks.
2012-10-19 13:49:09 -04:00
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (conv->val_args && !conv->val_args(conv_expr->arg_p, conv, file, line, err_msg)) {
memprintf(err_msg, "invalid args in converter '%s' : %s", ckw, *err_msg);
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
goto out_error;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
}
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
if (endptr) {
/* end found, let's stop here */
*endptr = (char *)endt;
}
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
out:
free(fkw);
free(ckw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return expr;
out_error:
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* TODO: prune_sample_expr(expr); */
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
expr = NULL;
goto out;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Process a fetch + format conversion of defined by the sample expression <expr>
MEDIUM: acl/pattern: use the same direction scheme Patterns were using a bitmask to indicate if request or response was desired in fetch functions and keywords. ACLs were using a bitmask in fetch keywords and a single bit in fetch functions. ACLs were also using an ACL_PARTIAL bit in fetch functions indicating that a non-final fetch was performed, which was an abuse of the existing direction flag. The change now consists in using : - a capabilities field for fetch keywords => SMP_CAP_REQ/RES to indicate if a keyword supports requests, responses, both, etc... - an option field for fetch functions to indicate what the caller expects (request/response, final/non-final) The ACL_PARTIAL bit was reversed to get SMP_OPT_FINAL as it's more explicit to know we're working on a final buffer than on a non-final one. ACL_DIR_* were removed, as well as PATTERN_FETCH_*. L4 fetches were improved to support being called on responses too since they're still available. The <dir> field of all fetch functions was changed to <opt> which is now unsigned. The patch is large but mostly made of cosmetic changes to accomodate this, as almost no logic change happened.
2012-04-25 04:13:36 -04:00
* on request or response considering the <opt> parameter.
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns a pointer on a typed sample structure containing the result or NULL if
* sample is not found or when format conversion failed.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* If <p> is not null, function returns results in structure pointed by <p>.
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* If <p> is null, functions returns a pointer on a static sample structure.
MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description We need the pattern fetchers and converters to correctly set the output type so that they can be used by ACL fetchers. By using the sample type instead of the keyword type, we also open the possibility to create some multi-type pattern fetch methods later (eg: "src" being v4/v6). Right now the type in the keyword is used to validate the configuration.
2012-04-23 16:38:26 -04:00
*
* Note: the fetch functions are required to properly set the return type. The
* conversion functions must do so too. However the cast functions do not need
* to since they're made to cast mutiple types according to what is required.
BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* As a consequence of various recent changes on the sample conversion, a corner case has emerged where it is possible to wait forever for a sample in track-sc*. The issue is caused by the fact that functions relying on sample_process() don't all exactly work the same regarding the SMP_F_MAY_CHANGE flag and the output result. Here it was possible to wait forever for an output sample from stktable_fetch_key() without checking the SMP_OPT_FINAL flag. As a result, if the client connects and closes without sending the data and haproxy expects a sample which is capable of coming, it will ignore this impossible case and will continue to wait. This change adds control for SMP_OPT_FINAL before waiting for extra data. The various relevant functions have been better documented regarding their output values. This fix must be backported to 1.5 since it appeared there.
2014-07-30 02:56:35 -04:00
*
* The caller may indicate in <opt> if it considers the result final or not.
* The caller needs to check the SMP_F_MAY_CHANGE flag in p->flags to verify
* if the result is stable or not, according to the following table :
*
* return MAY_CHANGE FINAL Meaning for the sample
* NULL 0 * Not present and will never be (eg: header)
* NULL 1 0 Not present yet, could change (eg: POST param)
* NULL 1 1 Not present yet, will not change anymore
* smp 0 * Present and will not change (eg: header)
* smp 1 0 Present, may change (eg: request length)
* smp 1 1 Present, last known value (eg: request length)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*/
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct sample *sample_process(struct proxy *px, struct session *sess,
struct stream *strm, unsigned int opt,
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_expr *expr, struct sample *p)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv_expr *conv_expr;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: sample: fix sample_process handling of unstable data sample_process() used to return NULL on changing data, regardless of the SMP_OPT_FINAL flag. Let's change this so that it is now possible to include such data in logs or HTTP headers. Also, one unconvenient thing was that it used to always set the sample flags to zero, making it incompatible with ACLs which may need to call it multiple times. Only do this for locally-allocated samples.
2013-07-25 06:02:38 -04:00
if (p == NULL) {
MINOR: pattern: replace struct pattern with struct sample This change is pretty minor. Struct pattern is only used for pattern_process() now so changing it to use the common type is quite obvious. It's worth noting that the last argument of pattern_process() is never used so the function is self-sufficient. Note that pattern_process() does not initialize the pattern at all before calling fetch->process(), and that minimal initialization will be required when we later change the argument for the sample.
2012-04-23 15:35:11 -04:00
p = &temp_smp;
BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() We used to only clear flags when reusing the static sample before calling sample_process(), but that's not enough because there's a context in samples that can be used by some fetch functions such as auth, headers and cookies, and not reinitializing it risks that a pointer of a different type is used in the wrong context. An example configuration which triggers the case consists in mixing hdr() and http_auth_group() which both make use of contexts : http-request add-header foo2 %[hdr(host)],%[http_auth_group(foo)] The solution is simple, initialize all the sample and not just the flags. This fix must be backported into 1.5 since it was introduced in 1.5-dev19.
2014-06-25 10:56:41 -04:00
memset(p, 0, sizeof(*p));
MINOR: sample: fix sample_process handling of unstable data sample_process() used to return NULL on changing data, regardless of the SMP_OPT_FINAL flag. Let's change this so that it is now possible to include such data in logs or HTTP headers. Also, one unconvenient thing was that it used to always set the sample flags to zero, making it incompatible with ACLs which may need to call it multiple times. Only do this for locally-allocated samples.
2013-07-25 06:02:38 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: sample: add a new helper to initialize the owner of a sample Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. This requires from a lot of call places to initialize 4 fields, and it was even forgotten at a few places. This patch provides a convenient helper to initialize all these fields at once, making it easy to prepare a new sample from a previous one for example. A few call places were cleaned up to make use of it. It will be needed by further fixes. At one place in the Lua code, it was moved earlier because we used to call sample casts with a non completely initialized sample, which is not clean eventhough at the moment there are no consequences.
2016-03-10 10:15:46 -05:00
smp_set_owner(p, px, sess, strm, opt);
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
if (!expr->fetch->process(expr->arg_p, p, expr->fetch->kw, expr->fetch->private))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return NULL;
list_for_each_entry(conv_expr, &expr->conv_exprs, list) {
MEDIUM: pattern: ensure that sample types always cast into other types. We want to ensure that a dynamically returned type will always have a cast before calling the cast function. This is done in pattern_process() and in stktable_fetch_key().
2012-04-25 11:21:49 -04:00
/* we want to ensure that p->type can be casted into
* conv_expr->conv->in_type. We have 3 possibilities :
* - NULL => not castable.
* - c_none => nothing to do (let's optimize it)
* - other => apply cast and prepare to fail
*/
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (!sample_casts[p->data.type][conv_expr->conv->in_type])
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return NULL;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (sample_casts[p->data.type][conv_expr->conv->in_type] != c_none &&
!sample_casts[p->data.type][conv_expr->conv->in_type](p))
MEDIUM: pattern: ensure that sample types always cast into other types. We want to ensure that a dynamically returned type will always have a cast before calling the cast function. This is done in pattern_process() and in stktable_fetch_key().
2012-04-25 11:21:49 -04:00
return NULL;
/* OK cast succeeded */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
if (!conv_expr->conv->process(conv_expr->arg_p, p, conv_expr->conv->private))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return NULL;
}
return p;
}
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
/*
* Resolve all remaining arguments in proxy <p>. Returns the number of
* errors or 0 if everything is fine.
*/
int smp_resolve_args(struct proxy *p)
{
struct arg_list *cur, *bak;
const char *ctx, *where;
const char *conv_ctx, *conv_pre, *conv_pos;
struct userlist *ul;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
struct my_regex *reg;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
struct arg *arg;
int cfgerr = 0;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
int rflags;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
list_for_each_entry_safe(cur, bak, &p->conf.args.list, list) {
struct proxy *px;
struct server *srv;
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
struct stktable *t;
char *pname, *sname, *stktname;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
char *err;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg = cur->arg;
/* prepare output messages */
conv_pre = conv_pos = conv_ctx = "";
if (cur->conv) {
conv_ctx = cur->conv;
conv_pre = "conversion keyword '";
conv_pos = "' for ";
}
where = "in";
ctx = "sample fetch keyword";
switch (cur->ctx) {
MEDIUM: logs: add a new RFC5424 log-format for the structured-data This patch adds a new RFC5424-specific log-format for the structured-data that is automatically send by __send_log() when the sender is in RFC5424 mode. A new statement "log-format-sd" should be used in order to set log-format for the structured-data part in RFC5424 formatted syslog messages. Example: log-format-sd [exampleSDID@1234\ bytes=\"%B\"\ status=\"%ST\"]
2015-09-25 13:17:44 -04:00
case ARGC_STK: where = "in stick rule in"; break;
case ARGC_TRK: where = "in tracking rule in"; break;
case ARGC_LOG: where = "in log-format string in"; break;
case ARGC_LOGSD: where = "in log-format-sd string in"; break;
case ARGC_HRQ: where = "in http-request header format string in"; break;
case ARGC_HRS: where = "in http-response header format string in"; break;
case ARGC_UIF: where = "in unique-id-format string in"; break;
case ARGC_RDR: where = "in redirect format string in"; break;
case ARGC_CAP: where = "in capture rule in"; break;
case ARGC_ACL: ctx = "ACL keyword"; break;
case ARGC_SRV: where = "in server directive in"; break;
MAJOR: spoe: Add an experimental Stream Processing Offload Engine SPOE makes possible the communication with external components to retrieve some info using an in-house binary protocol, the Stream Processing Offload Protocol (SPOP). In the long term, its aim is to allow any kind of offloading on the streams. This first version, besides being experimental, won't do lot of things. The most important today is to validate the protocol design and lay the foundations of what will, one day, be a full offload engine for the stream processing. So, for now, the SPOE can offload the stream processing before "tcp-request content", "tcp-response content", "http-request" and "http-response" rules. And it only supports variables creation/suppression. But, in spite of these limited features, we can easily imagine to implement a SSO solution, an ip reputation service or an ip geolocation service. Internally, the SPOE is implemented as a filter. So, to use it, you must use following line in a proxy proxy section: frontend my-front ... filter spoe [engine <name>] config <file> ... It uses its own configuration file to keep the HAProxy configuration clean. It is also a easy way to disable it by commenting out the filter line. See "doc/SPOE.txt" for all details about the SPOE configuration.
2016-10-27 16:29:49 -04:00
case ARGC_SPOE: where = "in spoe-message directive in"; break;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
/* set a few default settings */
px = p;
pname = p->id;
switch (arg->type) {
case ARGT_SRV:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : missing server name in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
continue;
}
/* we support two formats : "bck/srv" and "srv" */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
sname = strrchr(arg->data.str.area, '/');
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (sname) {
*sname++ = '\0';
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
pname = arg->data.str.area;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
px = proxy_be_by_name(pname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (!px) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : unable to find proxy '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line, pname,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
}
else
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
sname = arg->data.str.area;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
srv = findserver(px, sname);
if (!srv) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : unable to find server '%s' in proxy '%s', referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line, sname, pname,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(arg->data.str.area);
arg->data.str.area = NULL;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.srv = srv;
break;
case ARGT_FE:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (arg->data.str.data) {
pname = arg->data.str.area;
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
px = proxy_fe_by_name(pname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
if (!px) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : unable to find frontend '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line, pname,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
if (!(px->cap & PR_CAP_FE)) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : proxy '%s', referenced in arg %d of %s%s%s%s '%s' %s proxy '%s', has not frontend capability.\n",
cur->file, cur->line, pname,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(arg->data.str.area);
arg->data.str.area = NULL;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.prx = px;
break;
case ARGT_BE:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (arg->data.str.data) {
pname = arg->data.str.area;
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
px = proxy_be_by_name(pname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
if (!px) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : unable to find backend '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line, pname,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
if (!(px->cap & PR_CAP_BE)) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : proxy '%s', referenced in arg %d of %s%s%s%s '%s' %s proxy '%s', has not backend capability.\n",
cur->file, cur->line, pname,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(arg->data.str.area);
arg->data.str.area = NULL;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.prx = px;
break;
case ARGT_TAB:
BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. This bug was introduced by 1b8e68e commit which supposed the stick-table was always stored in struct arg at parsing time. This is never the case with the usage of "if/unless" conditions in stick-table declared as backends. In this case, this is the name of the proxy which must be considered as the stick-table name. This must be backported to 2.0.
2019-06-20 03:31:04 -04:00
if (arg->data.str.data)
stktname = arg->data.str.area;
else
stktname = px->id;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
t = stktable_find_by_name(stktname);
if (!t) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : unable to find table '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
cur->file, cur->line, stktname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
if (!t->size) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : no table in proxy '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
cur->file, cur->line, stktname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
if (t->proxy && (p->bind_proc & ~t->proxy->bind_proc)) {
BUG/MAJOR: config: verify that targets of track-sc and stick rules are present Stick and track-sc rules may optionally designate a table in a different proxy. In this case, a number of verifications are made such as validating that this proxy actually exists. However, in multi-process mode, the target table might indeed exist but not be bound to the set of processes the rules will execute on. This will definitely result in a random behaviour especially if these tables do require peer synchronization, because some tasks will be started to try to synchronize form uninitialized areas. The typical issue looks like this : peers my-peers peer foo ... listen proxy bind-process 1 stick on src table ip ... backend ip bind-process 2 stick-table type ip size 1k peers my-peers While it appears obvious that the example above will not work, there are less obvious situations, such as having bind-process in a defaults section and having a larger set of processes for the referencing proxy than the referenced one. The present patch adds checks for such situations by verifying that all processes from the referencing proxy are present on the other one in all track-sc* and stick-* rules, and in sample fetch / converters referencing another table so that sc_inc_gpc0() and similar are safe as well. This fix must be backported to all maintained versions. It may potentially disrupt configurations which already randomly crash. There hardly is any intermediary solution though, such configurations need to be fixed.
2019-02-05 05:38:38 -05:00
ha_alert("parsing [%s:%d] : stick-table '%s' not present on all processes covered by proxy '%s'.\n",
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
cur->file, cur->line, t->proxy->id, p->id);
BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules When commit 151e1ca98 ("BUG/MAJOR: config: verify that targets of track-sc and stick rules are present") added a check for some process inconsistencies between rules and their stick tables, some errors resulted in a "return 0" statement, which is taken as "no error" in some cases. Let's fix this. This must be backported to all versions using the above commit.
2019-02-06 04:25:07 -05:00
cfgerr++;
break;
BUG/MAJOR: config: verify that targets of track-sc and stick rules are present Stick and track-sc rules may optionally designate a table in a different proxy. In this case, a number of verifications are made such as validating that this proxy actually exists. However, in multi-process mode, the target table might indeed exist but not be bound to the set of processes the rules will execute on. This will definitely result in a random behaviour especially if these tables do require peer synchronization, because some tasks will be started to try to synchronize form uninitialized areas. The typical issue looks like this : peers my-peers peer foo ... listen proxy bind-process 1 stick on src table ip ... backend ip bind-process 2 stick-table type ip size 1k peers my-peers While it appears obvious that the example above will not work, there are less obvious situations, such as having bind-process in a defaults section and having a larger set of processes for the referencing proxy than the referenced one. The present patch adds checks for such situations by verifying that all processes from the referencing proxy are present on the other one in all track-sc* and stick-* rules, and in sample fetch / converters referencing another table so that sc_inc_gpc0() and similar are safe as well. This fix must be backported to all maintained versions. It may potentially disrupt configurations which already randomly crash. There hardly is any intermediary solution though, such configurations need to be fixed.
2019-02-05 05:38:38 -05:00
}
BUG/MEDIUM: stick-table: Wrong stick-table backends parsing. When parsing references to stick-tables declared as backends, they are added to a list of proxies (they are proxies!) which refer to this stick-tables. Before this patch we added them to these list without checking they were already present, making the silly hypothesis the actions/sample were checked/resolved in the same order the proxies are parsed. This patch implement a simple inline function to in_proxies_list() to test the presence of a proxy in a list of proxies. We use this function when resolving /checking samples/actions. This bug was introduced by 015e4d7 commit. Must be backported to 2.0.
2019-08-07 03:28:39 -04:00
if (!in_proxies_list(t->proxies_list, p)) {
MINOR: stick-tables: Add peers process binding computing. Add a list of proxies for all the stick-tables (->proxies_list struct stktable member) so that to be able to compute the process bindings of the peers after having parsed the configuration file. The proxies are added to the stick-tables they reference when parsing stick-tables lines in proxy sections, when checking the actions in check_trk_action() and when resolving samples args for stick-tables without checking is they are duplicates. We check only there is no loop. Then, after having parsed everything, we add the proxy bindings to the peers frontend bindings with stick-tables they reference.
2019-03-19 09:55:01 -04:00
p->next_stkt_ref = t->proxies_list;
t->proxies_list = p;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(arg->data.str.area);
arg->data.str.area = NULL;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
arg->data.t = t;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
break;
case ARGT_USR:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : missing userlist name in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
if (p->uri_auth && p->uri_auth->userlist &&
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
!strcmp(p->uri_auth->userlist->name, arg->data.str.area))
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
ul = p->uri_auth->userlist;
else
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
ul = auth_find_userlist(arg->data.str.area);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (!ul) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : unable to find userlist '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
cur->file, cur->line,
arg->data.str.area,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(arg->data.str.area);
arg->data.str.area = NULL;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.usr = ul;
break;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
case ARGT_REG:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : missing regex in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
cur->file, cur->line,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
cfgerr++;
continue;
}
rflags = 0;
rflags |= (arg->type_flags & ARGF_REG_ICASE) ? REG_ICASE : 0;
err = NULL;
MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct Now we atomically allocate the my_regex struct within function regex_comp() and compile the regex or free both in case of failure. The pointer to the allocated my_regex struct is returned directly. The my_regex* argument to regex_comp() is removed. Function regex_free() was modified so that it systematically frees the my_regex entry. The function does nothing when called with a NULL as argument (like free()). It will avoid existing risk of not properly freeing the initialized area. Other structures are also updated in order to be compatible (the ones related to Lua and action rules).
2019-04-30 09:54:36 -04:00
if (!(reg = regex_comp(arg->data.str.area, !(rflags & REG_ICASE), 1 /* capture substr */, &err))) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_alert("parsing [%s:%d] : error in regex '%s' in arg %d of %s%s%s%s '%s' %s proxy '%s' : %s.\n",
cur->file, cur->line,
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
arg->data.str.area,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id, err);
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
cfgerr++;
continue;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(arg->data.str.area);
arg->data.str.area = NULL;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
arg->unresolved = 0;
arg->data.reg = reg;
break;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
LIST_DEL(&cur->list);
free(cur);
} /* end of args processing */
return cfgerr;
}
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
/*
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
* Process a fetch + format conversion as defined by the sample expression
* <expr> on request or response considering the <opt> parameter. The output is
CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() This modification makes possible to use sample_fetch_string() in more places, where we might need to fetch sample values which are not plain strings. This way we don't need to fetch string, and convert it into another type afterwards. When using aliased types, the caller should explicitly check which exact type was returned (e.g. SMP_T_IPV4 or SMP_T_IPV6 for SMP_T_ADDR). All usages of sample_fetch_string() are converted to use new function.
2015-07-06 09:41:02 -04:00
* not explicitly set to <smp_type>, but shall be compatible with it as
* specified by 'sample_casts' table. If a stable sample can be fetched, or an
* unstable one when <opt> contains SMP_OPT_FINAL, the sample is converted and
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
* returned without the SMP_F_MAY_CHANGE flag. If an unstable sample is found
* and <opt> does not contain SMP_OPT_FINAL, then the sample is returned as-is
* with its SMP_F_MAY_CHANGE flag so that the caller can check it and decide to
* take actions (eg: wait longer). If a sample could not be found or could not
BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* As a consequence of various recent changes on the sample conversion, a corner case has emerged where it is possible to wait forever for a sample in track-sc*. The issue is caused by the fact that functions relying on sample_process() don't all exactly work the same regarding the SMP_F_MAY_CHANGE flag and the output result. Here it was possible to wait forever for an output sample from stktable_fetch_key() without checking the SMP_OPT_FINAL flag. As a result, if the client connects and closes without sending the data and haproxy expects a sample which is capable of coming, it will ignore this impossible case and will continue to wait. This change adds control for SMP_OPT_FINAL before waiting for extra data. The various relevant functions have been better documented regarding their output values. This fix must be backported to 1.5 since it appeared there.
2014-07-30 02:56:35 -04:00
* be converted, NULL is returned. The caller MUST NOT use the sample if the
* SMP_F_MAY_CHANGE flag is present, as it is used only as a hint that there is
* still hope to get it after waiting longer, and is not converted to string.
* The possible output combinations are the following :
*
* return MAY_CHANGE FINAL Meaning for the sample
* NULL * * Not present and will never be (eg: header)
* smp 0 * Final value converted (eg: header)
* smp 1 0 Not present yet, may appear later (eg: header)
* smp 1 1 never happens (either flag is cleared on output)
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
*/
CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() This modification makes possible to use sample_fetch_string() in more places, where we might need to fetch sample values which are not plain strings. This way we don't need to fetch string, and convert it into another type afterwards. When using aliased types, the caller should explicitly check which exact type was returned (e.g. SMP_T_IPV4 or SMP_T_IPV6 for SMP_T_ADDR). All usages of sample_fetch_string() are converted to use new function.
2015-07-06 09:41:02 -04:00
struct sample *sample_fetch_as_type(struct proxy *px, struct session *sess,
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct stream *strm, unsigned int opt,
CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() This modification makes possible to use sample_fetch_string() in more places, where we might need to fetch sample values which are not plain strings. This way we don't need to fetch string, and convert it into another type afterwards. When using aliased types, the caller should explicitly check which exact type was returned (e.g. SMP_T_IPV4 or SMP_T_IPV6 for SMP_T_ADDR). All usages of sample_fetch_string() are converted to use new function.
2015-07-06 09:41:02 -04:00
struct sample_expr *expr, int smp_type)
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
{
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
struct sample *smp = &temp_smp;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() We used to only clear flags when reusing the static sample before calling sample_process(), but that's not enough because there's a context in samples that can be used by some fetch functions such as auth, headers and cookies, and not reinitializing it risks that a pointer of a different type is used in the wrong context. An example configuration which triggers the case consists in mixing hdr() and http_auth_group() which both make use of contexts : http-request add-header foo2 %[hdr(host)],%[http_auth_group(foo)] The solution is simple, initialize all the sample and not just the flags. This fix must be backported into 1.5 since it was introduced in 1.5-dev19.
2014-06-25 10:56:41 -04:00
memset(smp, 0, sizeof(*smp));
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
if (!sample_process(px, sess, strm, opt, expr, smp)) {
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
if ((smp->flags & SMP_F_MAY_CHANGE) && !(opt & SMP_OPT_FINAL))
return smp;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
return NULL;
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
}
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (!sample_casts[smp->data.type][smp_type])
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
return NULL;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (!sample_casts[smp->data.type][smp_type](smp))
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
return NULL;
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
smp->flags &= ~SMP_F_MAY_CHANGE;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
return smp;
}
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
static void release_sample_arg(struct arg *p)
{
struct arg *p_back = p;
if (!p)
return;
while (p->type != ARGT_STOP) {
if (p->type == ARGT_STR || p->unresolved) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
free(p->data.str.area);
p->data.str.area = NULL;
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
p->unresolved = 0;
}
else if (p->type == ARGT_REG) {
MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct Now we atomically allocate the my_regex struct within function regex_comp() and compile the regex or free both in case of failure. The pointer to the allocated my_regex struct is returned directly. The my_regex* argument to regex_comp() is removed. Function regex_free() was modified so that it systematically frees the my_regex entry. The function does nothing when called with a NULL as argument (like free()). It will avoid existing risk of not properly freeing the initialized area. Other structures are also updated in order to be compatible (the ones related to Lua and action rules).
2019-04-30 09:54:36 -04:00
regex_free(p->data.reg);
p->data.reg = NULL;
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
}
p++;
}
if (p_back != empty_arg_list)
free(p_back);
}
void release_sample_expr(struct sample_expr *expr)
{
struct sample_conv_expr *conv_expr, *conv_exprb;
if (!expr)
return;
list_for_each_entry_safe(conv_expr, conv_exprb, &expr->conv_exprs, list)
release_sample_arg(conv_expr->arg_p);
release_sample_arg(expr->arg_p);
free(expr);
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* Sample format convert functions */
MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description We need the pattern fetchers and converters to correctly set the output type so that they can be used by ACL fetchers. By using the sample type instead of the keyword type, we also open the possibility to create some multi-type pattern fetch methods later (eg: "src" being v4/v6). Right now the type in the keyword is used to validate the configuration.
2012-04-23 16:38:26 -04:00
/* These functions set the data type on return. */
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
static int sample_conv_debug(const struct arg *arg_p, struct sample *smp, void *private)
{
int i;
struct sample tmp;
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
struct buffer *buf;
struct sink *sink;
struct ist line;
char *pfx;
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
buf = alloc_trash_chunk();
if (!buf)
goto end;
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
sink = (struct sink *)arg_p[1].data.str.area;
BUG_ON(!sink);
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
pfx = arg_p[0].data.str.area;
BUG_ON(!pfx);
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
chunk_printf(buf, "[debug] %s: type=%s ", pfx, smp_to_type[smp->data.type]);
if (!sample_casts[smp->data.type][SMP_T_STR])
goto nocast;
/* Copy sample fetch. This puts the sample as const, the
* cast will copy data if a transformation is required.
*/
memcpy(&tmp, smp, sizeof(struct sample));
tmp.flags = SMP_F_CONST;
if (!sample_casts[smp->data.type][SMP_T_STR](&tmp))
goto nocast;
/* Display the displayable chars*. */
b_putchr(buf, '<');
for (i = 0; i < tmp.data.u.str.data; i++) {
BUILD: general: always pass unsigned chars to is* functions The isalnum(), isalpha(), isdigit() etc functions from ctype.h are supposed to take an int in argument which must either reflect an unsigned char or EOF. In practice on some platforms they're implemented as macros referencing an array, and when passed a char, they either cause a warning "array subscript has type 'char'" when lucky, or cause random segfaults when unlucky. It's quite unconvenient by the way since none of them may return true for negative values. The recent introduction of cygwin to the list of regularly tested build platforms revealed a lot of breakage there due to the same issues again. So this patch addresses the problem all over the code at once. It adds unsigned char casts to every valid use case, and also drops the unneeded double cast to int that was sometimes added on top of it. It may be backported by dropping irrelevant changes if that helps better support uncommon platforms. It's unlikely to fix bugs on platforms which would already not emit any warning though.
2020-02-25 02:16:33 -05:00
if (isprint((unsigned char)tmp.data.u.str.area[i]))
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
b_putchr(buf, tmp.data.u.str.area[i]);
else
b_putchr(buf, '.');
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
}
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
b_putchr(buf, '>');
done:
line = ist2(buf->area, buf->data);
sink_write(sink, &line, 1);
end:
free_trash_chunk(buf);
return 1;
nocast:
chunk_appendf(buf, "(undisplayable)");
goto done;
}
// This function checks the "debug" converter's arguments.
static int smp_check_debug(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
const char *name = "buf0";
struct sink *sink = NULL;
if (args[0].type != ARGT_STR) {
/* optional prefix */
args[0].data.str.area = "";
args[0].data.str.data = 0;
}
if (args[1].type == ARGT_STR)
name = args[1].data.str.area;
sink = sink_find(name);
if (!sink) {
memprintf(err, "No such sink '%s'", name);
return 0;
}
args[1].data.str.area = (char *)sink;
args[1].data.str.data = 0; // that's not a string anymore
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
return 1;
}
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
static int sample_conv_base642bin(const struct arg *arg_p, struct sample *smp, void *private)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
int bin_len;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 0;
bin_len = base64dec(smp->data.u.str.area, smp->data.u.str.data,
trash->area, trash->size);
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
if (bin_len < 0)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = bin_len;
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
smp->data.u.str = *trash;
smp->data.type = SMP_T_BIN;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_bin2base64(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
int b64_len;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 0;
b64_len = a2base64(smp->data.u.str.area, smp->data.u.str.data,
trash->area, trash->size);
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
if (b64_len < 0)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = b64_len;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
static int sample_conv_sha1(const struct arg *arg_p, struct sample *smp, void *private)
{
blk_SHA_CTX ctx;
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
memset(&ctx, 0, sizeof(ctx));
blk_SHA1_Init(&ctx);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
blk_SHA1_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
blk_SHA1_Final((unsigned char *) trash->area, &ctx);
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 20;
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
smp->data.u.str = *trash;
smp->data.type = SMP_T_BIN;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: Add sha2([<bits>]) converter This adds a converter for the SHA-2 family, supporting SHA-224, SHA-256 SHA-384 and SHA-512. The converter relies on the OpenSSL implementation, thus only being available when HAProxy is compiled with USE_OPENSSL. See GitHub issue #123. The hypothetical `ssl_?_sha256` fetch can then be simulated using `ssl_?_der,sha2(256)`: http-response set-header Server-Cert-FP %[ssl_f_der,sha2(256),hex]
2019-06-17 06:41:44 -04:00
#ifdef USE_OPENSSL
MINOR: sample: Validate the number of bits for the sha2 converter Instead of failing the conversion when an invalid number of bits is given the sha2 converter now fails with an appropriate error message during startup. The sha2 converter was introduced in d4376302377e4f51f43a183c2c91d929b27e1ae3, which is in 2.1 and higher.
2019-12-17 06:31:20 -05:00
static int smp_check_sha2(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
if (args[0].type == ARGT_STOP)
return 1;
if (args[0].type != ARGT_SINT) {
memprintf(err, "Invalid type '%s'", arg_type_names[args[0].type]);
return 0;
}
switch (args[0].data.sint) {
case 224:
case 256:
case 384:
case 512:
/* this is okay */
return 1;
default:
memprintf(err, "Unsupported number of bits: '%lld'", args[0].data.sint);
return 0;
}
}
MINOR: sample: Add sha2([<bits>]) converter This adds a converter for the SHA-2 family, supporting SHA-224, SHA-256 SHA-384 and SHA-512. The converter relies on the OpenSSL implementation, thus only being available when HAProxy is compiled with USE_OPENSSL. See GitHub issue #123. The hypothetical `ssl_?_sha256` fetch can then be simulated using `ssl_?_der,sha2(256)`: http-response set-header Server-Cert-FP %[ssl_f_der,sha2(256),hex]
2019-06-17 06:41:44 -04:00
static int sample_conv_sha2(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *trash = get_trash_chunk();
int bits = 256;
if (arg_p && arg_p->data.sint)
bits = arg_p->data.sint;
switch (bits) {
case 224: {
SHA256_CTX ctx;
memset(&ctx, 0, sizeof(ctx));
SHA224_Init(&ctx);
SHA224_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
SHA224_Final((unsigned char *) trash->area, &ctx);
trash->data = SHA224_DIGEST_LENGTH;
break;
}
case 256: {
SHA256_CTX ctx;
memset(&ctx, 0, sizeof(ctx));
SHA256_Init(&ctx);
SHA256_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
SHA256_Final((unsigned char *) trash->area, &ctx);
trash->data = SHA256_DIGEST_LENGTH;
break;
}
case 384: {
SHA512_CTX ctx;
memset(&ctx, 0, sizeof(ctx));
SHA384_Init(&ctx);
SHA384_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
SHA384_Final((unsigned char *) trash->area, &ctx);
trash->data = SHA384_DIGEST_LENGTH;
break;
}
case 512: {
SHA512_CTX ctx;
memset(&ctx, 0, sizeof(ctx));
SHA512_Init(&ctx);
SHA512_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
SHA512_Final((unsigned char *) trash->area, &ctx);
trash->data = SHA512_DIGEST_LENGTH;
break;
}
default:
return 0;
}
smp->data.u.str = *trash;
smp->data.type = SMP_T_BIN;
smp->flags &= ~SMP_F_CONST;
return 1;
}
#endif
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_bin2hex(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
unsigned char c;
int ptr = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 0;
while (ptr < smp->data.u.str.data && trash->data <= trash->size - 2) {
c = smp->data.u.str.area[ptr++];
trash->area[trash->data++] = hextab[(c >> 4) & 0xF];
trash->area[trash->data++] = hextab[c & 0xF];
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
return 1;
}
MINOR: sample: add the hex2i converter Converts a hex string containing two hex digits per input byte to an integer. If the input value can not be converted, then zero is returned.
2017-10-24 03:27:34 -04:00
static int sample_conv_hex2int(const struct arg *arg_p, struct sample *smp, void *private)
{
long long int n = 0;
int i, c;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if ((c = hex2i(smp->data.u.str.area[i])) < 0)
MINOR: sample: add the hex2i converter Converts a hex string containing two hex digits per input byte to an integer. If the input value can not be converted, then zero is returned.
2017-10-24 03:27:34 -04:00
return 0;
n = (n << 4) + c;
}
smp->data.u.sint = n;
smp->data.type = SMP_T_SINT;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_djb2(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_djb2(smp->data.u.str.area,
smp->data.u.str.data);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (arg_p && arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
return 1;
}
MINOR: sample: rename the "len" converter to "length" This converter was recently introduced by commit ed0d24e ("MINOR: sample: add len converter"). As found by Cyril, it causes an issue in "http-request capture" statements. The non-obvious problem is that an old syntax for sample expressions and converters used to support a series of words, each representing a converter. This used to be how the "stick" directives were created initially. By having a converter called "len", a statement such as "http-request capture foo len 10" considers "len" as a converter and not as the capture length. This obsolete syntax needs to be changed in 1.9 but it's too late for other versions. It's worth noting that the same problem can happen if converters are registered on the fly using Lua. Other language keywords that currently have to be avoided in converters include "id", "table", "if", "unless".
2017-12-15 01:13:48 -05:00
static int sample_conv_length(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add len converter Add len converter that returns the length of a string
2017-12-13 07:41:34 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
int i = smp->data.u.str.data;
MINOR: sample: add len converter Add len converter that returns the length of a string
2017-12-13 07:41:34 -05:00
smp->data.u.sint = i;
smp->data.type = SMP_T_SINT;
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_str2lower(const struct arg *arg_p, struct sample *smp, void *private)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int i;
MINOR: sample: use smp_make_rw() in upper/lower converters There's no point in always duplicating the sample, just ensure it's writable, as was done prior to the smp_dup() change. This should be backported to 1.6 to avoid a performance regression caused by this change (about 30% more time for upper/lower due to the copy).
2016-08-09 08:29:38 -04:00
if (!smp_make_rw(smp))
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if ((smp->data.u.str.area[i] >= 'A') && (smp->data.u.str.area[i] <= 'Z'))
smp->data.u.str.area[i] += 'a' - 'A';
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_str2upper(const struct arg *arg_p, struct sample *smp, void *private)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int i;
MINOR: sample: use smp_make_rw() in upper/lower converters There's no point in always duplicating the sample, just ensure it's writable, as was done prior to the smp_dup() change. This should be backported to 1.6 to avoid a performance regression caused by this change (about 30% more time for upper/lower due to the copy).
2016-08-09 08:29:38 -04:00
if (!smp_make_rw(smp))
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if ((smp->data.u.str.area[i] >= 'a') && (smp->data.u.str.area[i] <= 'z'))
smp->data.u.str.area[i] += 'A' - 'a';
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
return 1;
}
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
/* takes the IPv4 mask in args[0] and an optional IPv6 mask in args[1] */
static int sample_conv_ipmask(const struct arg *args, struct sample *smp, void *private)
[MINOR] pattern: add the "ipmask()" converting function This converter can be applied on top of an IPv4-type pattern. It applies a netmask which is suited for IP address storage and matching. This can be used to make all hosts within a certain mask to share the same table entries and as such use the same server. The mask can be passed in dotted form (eg: 255.255.255.0) or in CIDR form (eg: 24).
2010-01-26 12:01:41 -05:00
{
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
/* Attempt to convert to IPv4 to apply the correct mask. */
c_ipv62ip(smp);
if (smp->data.type == SMP_T_IPV4) {
smp->data.u.ipv4.s_addr &= args[0].data.ipv4.s_addr;
smp->data.type = SMP_T_IPV4;
}
else if (smp->data.type == SMP_T_IPV6) {
/* IPv6 cannot be converted without an IPv6 mask. */
if (args[1].type != ARGT_IPV6)
return 0;
CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask There were 8 strict aliasing warnings there due to the dereferences casting to uint32_t of input and output. We can achieve the same using two write_u64() and four read_u64() which do not cause this issue and even let the compiler use 64-bit operations.
2020-02-25 03:43:22 -05:00
write_u64(&smp->data.u.ipv6.s6_addr[0],
read_u64(&smp->data.u.ipv6.s6_addr[0]) & read_u64(&args[1].data.ipv6.s6_addr[0]));
write_u64(&smp->data.u.ipv6.s6_addr[8],
read_u64(&smp->data.u.ipv6.s6_addr[8]) & read_u64(&args[1].data.ipv6.s6_addr[8]));
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
smp->data.type = SMP_T_IPV6;
}
[MINOR] pattern: add the "ipmask()" converting function This converter can be applied on top of an IPv4-type pattern. It applies a netmask which is suited for IP address storage and matching. This can be used to make all hosts within a certain mask to share the same table entries and as such use the same server. The mask can be passed in dotted form (eg: 255.255.255.0) or in CIDR form (eg: 24).
2010-01-26 12:01:41 -05:00
return 1;
}
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* takes an UINT value on input supposed to represent the time since EPOCH,
* adds an optional offset found in args[1] and emits a string representing
* the local time in the format specified in args[1] using strftime().
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_ltime(const struct arg *args, struct sample *smp, void *private)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *temp;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
/* With high numbers, the date returned can be negative, the 55 bits mask prevent this. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
time_t curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
BUG/MINOR: http/sample: gmtime/localtime can fail The man said that gmtime() and localtime() can return a NULL value. This is not tested. It appears that all the values of a 32 bit integer are valid, but it is better to check the return of these functions. However, if the integer move from 32 bits to 64 bits, some 64 values can be unsupported.
2015-07-07 18:15:20 -04:00
struct tm *tm;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* add offset */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args[1].type == ARGT_SINT)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
curr_date += args[1].data.sint;
BUG/MINOR: http/sample: gmtime/localtime can fail The man said that gmtime() and localtime() can return a NULL value. This is not tested. It appears that all the values of a 32 bit integer are valid, but it is better to check the return of these functions. However, if the integer move from 32 bits to 64 bits, some 64 values can be unsupported.
2015-07-07 18:15:20 -04:00
tm = localtime(&curr_date);
if (!tm)
return 0;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
temp = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
temp->data = strftime(temp->area, temp->size, args[0].data.str.area,
tm);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *temp;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
return 1;
}
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_sdbm(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_sdbm(smp->data.u.str.area,
smp->data.u.str.data);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (arg_p && arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
return 1;
}
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* takes an UINT value on input supposed to represent the time since EPOCH,
* adds an optional offset found in args[1] and emits a string representing
* the UTC date in the format specified in args[1] using strftime().
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_utime(const struct arg *args, struct sample *smp, void *private)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *temp;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
/* With high numbers, the date returned can be negative, the 55 bits mask prevent this. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
time_t curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
BUG/MINOR: http/sample: gmtime/localtime can fail The man said that gmtime() and localtime() can return a NULL value. This is not tested. It appears that all the values of a 32 bit integer are valid, but it is better to check the return of these functions. However, if the integer move from 32 bits to 64 bits, some 64 values can be unsupported.
2015-07-07 18:15:20 -04:00
struct tm *tm;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* add offset */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args[1].type == ARGT_SINT)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
curr_date += args[1].data.sint;
BUG/MINOR: http/sample: gmtime/localtime can fail The man said that gmtime() and localtime() can return a NULL value. This is not tested. It appears that all the values of a 32 bit integer are valid, but it is better to check the return of these functions. However, if the integer move from 32 bits to 64 bits, some 64 values can be unsupported.
2015-07-07 18:15:20 -04:00
tm = gmtime(&curr_date);
if (!tm)
return 0;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
temp = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
temp->data = strftime(temp->area, temp->size, args[0].data.str.area,
tm);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *temp;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
return 1;
}
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_wt6(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_wt6(smp->data.u.str.area,
smp->data.u.str.data);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (arg_p && arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
return 1;
}
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
/* hashes the binary input into a 32-bit unsigned int using xxh.
* The seed of the hash defaults to 0 but can be changd in argument 1.
*/
static int sample_conv_xxh32(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned int seed;
if (arg_p && arg_p->data.sint)
seed = arg_p->data.sint;
else
seed = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = XXH32(smp->data.u.str.area, smp->data.u.str.data,
seed);
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
smp->data.type = SMP_T_SINT;
return 1;
}
/* hashes the binary input into a 64-bit unsigned int using xxh.
* In fact, the function returns a 64 bit unsigned, but the sample
* storage of haproxy only proposes 64-bits signed, so the value is
* cast as signed. This cast doesn't impact the hash repartition.
* The seed of the hash defaults to 0 but can be changd in argument 1.
*/
static int sample_conv_xxh64(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned long long int seed;
if (arg_p && arg_p->data.sint)
seed = (unsigned long long int)arg_p->data.sint;
else
seed = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = (long long int)XXH64(smp->data.u.str.area,
smp->data.u.str.data, seed);
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: samples: provide a "crc32" converter This converter hashes a binary input sample into an unsigned 32-bit quantity using the CRC32 hash function. Optionally, it is possible to apply a full avalanche hash function to the output if the optional <avalanche> argument equals 1. This converter uses the same functions as used by the various hash- based load balancing algorithms, so it will provide exactly the same results. It is provided for compatibility with other software which want a CRC32 to be computed on some input keys, so it follows the most common implementation as found in Ethernet, Gzip, PNG, etc... It is slower than the other algorithms but may provide a better or at least less predictable distribution.
2015-01-20 13:35:24 -05:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_crc32(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: provide a "crc32" converter This converter hashes a binary input sample into an unsigned 32-bit quantity using the CRC32 hash function. Optionally, it is possible to apply a full avalanche hash function to the output if the optional <avalanche> argument equals 1. This converter uses the same functions as used by the various hash- based load balancing algorithms, so it will provide exactly the same results. It is provided for compatibility with other software which want a CRC32 to be computed on some input keys, so it follows the most common implementation as found in Ethernet, Gzip, PNG, etc... It is slower than the other algorithms but may provide a better or at least less predictable distribution.
2015-01-20 13:35:24 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_crc32(smp->data.u.str.area,
smp->data.u.str.data);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (arg_p && arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: provide a "crc32" converter This converter hashes a binary input sample into an unsigned 32-bit quantity using the CRC32 hash function. Optionally, it is possible to apply a full avalanche hash function to the output if the optional <avalanche> argument equals 1. This converter uses the same functions as used by the various hash- based load balancing algorithms, so it will provide exactly the same results. It is provided for compatibility with other software which want a CRC32 to be computed on some input keys, so it follows the most common implementation as found in Ethernet, Gzip, PNG, etc... It is slower than the other algorithms but may provide a better or at least less predictable distribution.
2015-01-20 13:35:24 -05:00
return 1;
}
MINOR: samples: add crc32c converter This patch adds the support of CRC32c (rfc4960).
2018-03-21 06:19:01 -04:00
/* hashes the binary input into crc32c (RFC4960, Appendix B [8].) */
static int sample_conv_crc32c(const struct arg *arg_p, struct sample *smp, void *private)
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_crc32c(smp->data.u.str.area,
smp->data.u.str.data);
MINOR: samples: add crc32c converter This patch adds the support of CRC32c (rfc4960).
2018-03-21 06:19:01 -04:00
if (arg_p && arg_p->data.sint)
smp->data.u.sint = full_hash(smp->data.u.sint);
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
/* This function escape special json characters. The returned string can be
* safely set between two '"' and used as json string. The json string is
* defined like this:
*
* any Unicode character except '"' or '\' or control character
* \", \\, \/, \b, \f, \n, \r, \t, \u + four-hex-digits
*
* The enum input_type contain all the allowed mode for decoding the input
* string.
*/
enum input_type {
IT_ASCII = 0,
IT_UTF8,
IT_UTF8S,
IT_UTF8P,
IT_UTF8PS,
};
static int sample_conv_json_check(struct arg *arg, struct sample_conv *conv,
const char *file, int line, char **err)
{
if (!arg) {
memprintf(err, "Unexpected empty arg list");
return 0;
}
if (arg->type != ARGT_STR) {
memprintf(err, "Unexpected arg type");
return 0;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (strcmp(arg->data.str.area, "") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
arg->type = ARGT_SINT;
arg->data.sint = IT_ASCII;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
else if (strcmp(arg->data.str.area, "ascii") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
arg->type = ARGT_SINT;
arg->data.sint = IT_ASCII;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
else if (strcmp(arg->data.str.area, "utf8") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
arg->type = ARGT_SINT;
arg->data.sint = IT_UTF8;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
else if (strcmp(arg->data.str.area, "utf8s") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
arg->type = ARGT_SINT;
arg->data.sint = IT_UTF8S;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
else if (strcmp(arg->data.str.area, "utf8p") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
arg->type = ARGT_SINT;
arg->data.sint = IT_UTF8P;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
else if (strcmp(arg->data.str.area, "utf8ps") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
arg->type = ARGT_SINT;
arg->data.sint = IT_UTF8PS;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
CLEANUP: log-format: useless file and line in json converter The caller must log location information, so this information is provided two times in the log line. The error log is like this: [ALERT] 327/011513 (14291) : parsing [o3.conf:38]: 'http-response set-header': Sample fetch <method,json(rrr)> failed with : invalid args in conv method 'json' : Unexpected input code type at file 'o3.conf', line 38. Allowed value are 'ascii', 'utf8', 'utf8s', 'utf8p' and 'utf8ps'. This patch removes the second location indication, the the same error becomes: [ALERT] 327/011637 (14367) : parsing [o3.conf:38]: 'http-response set-header': Sample fetch <method,json(rrr)> failed with : invalid args in conv method 'json' : Unexpected input code type. Allowed value are 'ascii', 'utf8', 'utf8s', 'utf8p' and 'utf8ps'.
2016-11-22 19:13:57 -05:00
memprintf(err, "Unexpected input code type. "
"Allowed value are 'ascii', 'utf8', 'utf8s', 'utf8p' and 'utf8ps'");
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 0;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_json(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *temp;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
char _str[7]; /* \u + 4 hex digit + null char for sprintf. */
const char *str;
int len;
enum input_type input_type = IT_ASCII;
unsigned int c;
unsigned int ret;
char *p;
if (arg_p)
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
input_type = arg_p->data.sint;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
temp = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
temp->data = 0;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
p = smp->data.u.str.area;
while (p < smp->data.u.str.area + smp->data.u.str.data) {
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
if (input_type == IT_ASCII) {
/* Read input as ASCII. */
c = *(unsigned char *)p;
p++;
}
else {
/* Read input as UTF8. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
ret = utf8_next(p,
smp->data.u.str.data - ( p - smp->data.u.str.area),
&c);
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
p += utf8_return_length(ret);
if (input_type == IT_UTF8 && utf8_return_code(ret) != UTF8_CODE_OK)
return 0;
if (input_type == IT_UTF8S && utf8_return_code(ret) != UTF8_CODE_OK)
continue;
if (input_type == IT_UTF8P && utf8_return_code(ret) & (UTF8_CODE_INVRANGE|UTF8_CODE_BADSEQ))
return 0;
if (input_type == IT_UTF8PS && utf8_return_code(ret) & (UTF8_CODE_INVRANGE|UTF8_CODE_BADSEQ))
continue;
/* Check too big values. */
if ((unsigned int)c > 0xffff) {
if (input_type == IT_UTF8 || input_type == IT_UTF8P)
return 0;
continue;
}
}
/* Convert character. */
if (c == '"') {
len = 2;
str = "\\\"";
}
else if (c == '\\') {
len = 2;
str = "\\\\";
}
else if (c == '/') {
len = 2;
str = "\\/";
}
else if (c == '\b') {
len = 2;
str = "\\b";
}
else if (c == '\f') {
len = 2;
str = "\\f";
}
else if (c == '\r') {
len = 2;
str = "\\r";
}
else if (c == '\n') {
len = 2;
str = "\\n";
}
else if (c == '\t') {
len = 2;
str = "\\t";
}
BUILD: general: always pass unsigned chars to is* functions The isalnum(), isalpha(), isdigit() etc functions from ctype.h are supposed to take an int in argument which must either reflect an unsigned char or EOF. In practice on some platforms they're implemented as macros referencing an array, and when passed a char, they either cause a warning "array subscript has type 'char'" when lucky, or cause random segfaults when unlucky. It's quite unconvenient by the way since none of them may return true for negative values. The recent introduction of cygwin to the list of regularly tested build platforms revealed a lot of breakage there due to the same issues again. So this patch addresses the problem all over the code at once. It adds unsigned char casts to every valid use case, and also drops the unneeded double cast to int that was sometimes added on top of it. It may be backported by dropping irrelevant changes if that helps better support uncommon platforms. It's unlikely to fix bugs on platforms which would already not emit any warning though.
2020-02-25 02:16:33 -05:00
else if (c > 0xff || !isprint((unsigned char)c)) {
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
/* isprint generate a segfault if c is too big. The man says that
* c must have the value of an unsigned char or EOF.
*/
len = 6;
_str[0] = '\\';
_str[1] = 'u';
snprintf(&_str[2], 5, "%04x", (unsigned short)c);
str = _str;
}
else {
len = 1;
BUG/MINOR: sample: fix the json converter's endian-sensitivity About every time there's a pointer cast in the code, there's a hidden bug, and this one was no exception, as it passes the first octet of the native representation of an integer as a single-character string, which obviously only works on little endian machines. On big-endian machines, something as simple as "str(foo),json" only returns zeroes. This bug was introduced with the JSON converter in 1.6-dev1 by commit 317e1c4f1e ("MINOR: sample: add "json" converter"), the fix may be backported to all stable branches.
2020-02-25 02:37:37 -05:00
_str[0] = c;
str = _str;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
}
/* Check length */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (temp->data + len > temp->size)
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 0;
/* Copy string. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(temp->area + temp->data, str, len);
temp->data += len;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
}
smp->flags &= ~SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *temp;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
/* This sample function is designed to extract some bytes from an input buffer.
* First arg is the offset.
* Optional second arg is the length to truncate */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_bytes(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (smp->data.u.str.data <= arg_p[0].data.sint) {
smp->data.u.str.data = 0;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.str.size)
smp->data.u.str.size -= arg_p[0].data.sint;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data -= arg_p[0].data.sint;
smp->data.u.str.area += arg_p[0].data.sint;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if ((arg_p[1].type == ARGT_SINT) && (arg_p[1].data.sint < smp->data.u.str.data))
smp->data.u.str.data = arg_p[1].data.sint;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
return 1;
}
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
static int sample_conv_field_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
struct arg *arg = args;
if (!arg) {
memprintf(err, "Unexpected empty arg list");
return 0;
}
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (arg->type != ARGT_SINT) {
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
memprintf(err, "Unexpected arg type");
return 0;
}
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (!arg->data.sint) {
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
memprintf(err, "Unexpected value 0 for index");
return 0;
}
arg++;
if (arg->type != ARGT_STR) {
memprintf(err, "Unexpected arg type");
return 0;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
memprintf(err, "Empty separators list");
return 0;
}
return 1;
}
/* This sample function is designed to a return selected part of a string (field).
* First arg is the index of the field (start at 1)
* Second arg is a char list of separators (type string)
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_field(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
{
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int field;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
char *start, *end;
int i;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int count = (arg_p[2].type == ARGT_SINT) ? arg_p[2].data.sint : 1;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (!arg_p[0].data.sint)
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
return 0;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (arg_p[0].data.sint < 0) {
field = -1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area + smp->data.u.str.data;
while (start > smp->data.u.str.area) {
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*(start-1) == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (field == arg_p[0].data.sint) {
if (count == 1)
goto found;
else if (count > 1)
count--;
} else {
end = start-1;
field--;
}
break;
}
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
start--;
}
} else {
field = 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area;
while (end - smp->data.u.str.area < smp->data.u.str.data) {
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*end == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (field == arg_p[0].data.sint) {
if (count == 1)
goto found;
else if (count > 1)
count--;
} else {
start = end+1;
field++;
}
break;
}
}
end++;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
}
}
/* Field not found */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (field != arg_p[0].data.sint) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = 0;
BUG/MINOR: sample: Make the `field` converter compatible with `-m found` Previously an expression like: path,field(2,/) -m found always returned `true`. Bug exists since the `field` converter exists. That is: f399b0debfc6c7dc17c6ad503885c911493add56 The fix should be backported to 1.6+.
2019-10-16 09:11:15 -04:00
return 0;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
}
found:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = end - start;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
/* If ret string is len 0, no need to
change pointers or to update size */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!smp->data.u.str.data)
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
return 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = start;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
/* Compute remaining size if needed
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
Note: smp->data.u.str.size cannot be set to 0 */
if (smp->data.u.str.size)
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.size -= start - smp->data.u.str.area;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
return 1;
}
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
/* This sample function is designed to return a word from a string.
* First arg is the index of the word (start at 1)
* Second arg is a char list of words separators (type string)
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_word(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
{
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int word;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
char *start, *end;
int i, issep, inword;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int count = (arg_p[2].type == ARGT_SINT) ? arg_p[2].data.sint : 1;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (!arg_p[0].data.sint)
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 0;
word = 0;
inword = 0;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (arg_p[0].data.sint < 0) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area + smp->data.u.str.data;
while (start > smp->data.u.str.area) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*(start-1) == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 1;
break;
}
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (!inword) {
if (!issep) {
if (word != arg_p[0].data.sint) {
word--;
end = start;
}
inword = 1;
}
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
else if (issep) {
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
if (word == arg_p[0].data.sint) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (count == 1)
goto found;
else if (count > 1)
count--;
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
inword = 0;
}
start--;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
} else {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area;
while (end - smp->data.u.str.area < smp->data.u.str.data) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*end == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 1;
break;
}
}
if (!inword) {
if (!issep) {
if (word != arg_p[0].data.sint) {
word++;
start = end;
}
inword = 1;
}
}
else if (issep) {
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
if (word == arg_p[0].data.sint) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (count == 1)
goto found;
else if (count > 1)
count--;
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
inword = 0;
}
end++;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
}
/* Field not found */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (word != arg_p[0].data.sint) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = 0;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 1;
}
found:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = end - start;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
/* If ret string is len 0, no need to
change pointers or to update size */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!smp->data.u.str.data)
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = start;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
/* Compute remaining size if needed
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
Note: smp->data.u.str.size cannot be set to 0 */
if (smp->data.u.str.size)
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.size -= start - smp->data.u.str.area;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 1;
}
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
static int sample_conv_regsub_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
struct arg *arg = args;
char *p;
int len;
/* arg0 is a regex, it uses type_flag for ICASE and global match */
arg[0].type_flags = 0;
if (arg[2].type != ARGT_STR)
return 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
p = arg[2].data.str.area;
len = arg[2].data.str.data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
while (len) {
if (*p == 'i') {
arg[0].type_flags |= ARGF_REG_ICASE;
}
else if (*p == 'g') {
arg[0].type_flags |= ARGF_REG_GLOB;
}
else {
memprintf(err, "invalid regex flag '%c', only 'i' and 'g' are supported", *p);
return 0;
}
p++;
len--;
}
return 1;
}
/* This sample function is designed to do the equivalent of s/match/replace/ on
* the input string. It applies a regex and restarts from the last matched
* location until nothing matches anymore. First arg is the regex to apply to
* the input string, second arg is the replacement expression.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_regsub(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
{
char *start, *end;
struct my_regex *reg = arg_p[0].data.reg;
regmatch_t pmatch[MAX_MATCH];
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
struct buffer *output;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
int flag, max;
int found;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
start = smp->data.u.str.area;
end = start + smp->data.u.str.data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
flag = 0;
while (1) {
/* check for last round which is used to copy remaining parts
* when not running in global replacement mode.
*/
found = 0;
if ((arg_p[0].type_flags & ARGF_REG_GLOB) || !(flag & REG_NOTBOL)) {
/* Note: we can have start == end on empty strings or at the end */
found = regex_exec_match2(reg, start, end - start, MAX_MATCH, pmatch, flag);
}
if (!found)
pmatch[0].rm_so = end - start;
/* copy the heading non-matching part (which may also be the tail if nothing matches) */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = trash->size - trash->data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
if (max && pmatch[0].rm_so > 0) {
if (max > pmatch[0].rm_so)
max = pmatch[0].rm_so;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, start, max);
trash->data += max;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
}
if (!found)
break;
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
output = alloc_trash_chunk();
BUG/MINOR: sample: exit regsub() in case of trash allocation error As reported in issue #507, since commiy 07e1e3c93e ("MINOR: sample: regsub now supports backreferences") we must not proceed in regsub() if we fali to allocate a trash (which in practice never happens). No backport needed.
2020-02-18 08:27:44 -05:00
if (!output)
break;
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
output->data = exp_replace(output->area, output->size, start, arg_p[1].data.str.area, pmatch);
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
/* replace the matching part */
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
max = output->size - output->data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
if (max) {
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
if (max > output->data)
max = output->data;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data,
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
output->area, max);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data += max;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
}
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
free_trash_chunk(output);
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
/* stop here if we're done with this string */
if (start >= end)
break;
/* We have a special case for matches of length 0 (eg: "x*y*").
* These ones are considered to match in front of a character,
* so we have to copy that character and skip to the next one.
*/
if (!pmatch[0].rm_eo) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (trash->data < trash->size)
trash->area[trash->data++] = start[pmatch[0].rm_eo];
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
pmatch[0].rm_eo++;
}
start += pmatch[0].rm_eo;
flag |= REG_NOTBOL;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* This function check an operator entry. It expects a string.
* The string can be an integer or a variable name.
*/
static int check_operator(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
const char *str;
const char *end;
/* Try to decode a variable. */
if (vars_check_arg(&args[0], NULL))
return 1;
/* Try to convert an integer */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
str = args[0].data.str.area;
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
end = str + strlen(str);
args[0].data.sint = read_int64(&str, end);
if (*str != '\0') {
memprintf(err, "expects an integer or a variable name");
return 0;
}
args[0].type = ARGT_SINT;
return 1;
}
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
/* This function returns a sample struct filled with an arg content.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If the arg contain an integer, the integer is returned in the
* sample. If the arg contains a variable descriptor, it returns the
* variable value.
*
* This function returns 0 if an error occurs, otherwise it returns 1.
*/
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
static inline int sample_conv_var2smp(const struct arg *arg, struct sample *smp)
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
{
switch (arg->type) {
case ARGT_SINT:
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = arg->data.sint;
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 1;
case ARGT_VAR:
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!vars_get_by_desc(&arg->data.var, smp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (!sample_casts[smp->data.type][SMP_T_SINT])
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (!sample_casts[smp->data.type][SMP_T_SINT](smp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
return 1;
default:
return 0;
}
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, applies a binary twos complement and returns the SINT
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* result.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_cpl(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = ~smp->data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies a binary "and" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_and(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint &= tmp.data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies a binary "or" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_or(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint |= tmp.data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies a binary "xor" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_xor(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint ^= tmp.data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
static inline long long int arith_add(long long int a, long long int b)
{
/* Prevent overflow and makes capped calculus.
* We must ensure that the check calculus doesn't
* exceed the signed 64 bits limits.
*
* +----------+----------+
* | a<0 | a>=0 |
* +------+----------+----------+
* | b<0 | MIN-a>b | no check |
* +------+----------+----------+
* | b>=0 | no check | MAX-a<b |
* +------+----------+----------+
*/
if ((a ^ b) >= 0) {
/* signs are differents. */
if (a < 0) {
if (LLONG_MIN - a > b)
return LLONG_MIN;
}
if (LLONG_MAX - a < b)
return LLONG_MAX;
}
return a + b;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "add" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_add(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = arith_add(smp->data.u.sint, tmp.data.u.sint);
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "sub" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_sub(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* We cannot represent -LLONG_MIN because abs(LLONG_MIN) is greater
* than abs(LLONG_MAX). So, the following code use LLONG_MAX in place
* of -LLONG_MIN and correct the result.
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (tmp.data.u.sint == LLONG_MIN) {
smp->data.u.sint = arith_add(smp->data.u.sint, LLONG_MAX);
if (smp->data.u.sint < LLONG_MAX)
smp->data.u.sint++;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
/* standard subtraction: we use the "add" function and negate
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
* the second operand.
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = arith_add(smp->data.u.sint, -tmp.data.u.sint);
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "mul" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If the result makes an overflow, then the largest possible quantity is
* returned.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_mul(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
long long int c;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* prevent divide by 0 during the check */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (!smp->data.u.sint || !tmp.data.u.sint) {
smp->data.u.sint = 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
/* The multiply between LLONG_MIN and -1 returns a
* "floting point exception".
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN && tmp.data.u.sint == -1) {
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
/* execute standard multiplication. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
c = smp->data.u.sint * tmp.data.u.sint;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* check for overflow and makes capped multiply. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint != c / tmp.data.u.sint) {
if ((smp->data.u.sint < 0) == (tmp.data.u.sint < 0)) {
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = LLONG_MIN;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = c;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "div" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If arg_p makes the result overflow, then the largest possible quantity is
* returned.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_div(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (tmp.data.u.sint) {
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* The divide between LLONG_MIN and -1 returns a
* "floting point exception".
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN && tmp.data.u.sint == -1) {
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint /= tmp.data.u.sint;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = LLONG_MAX;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "mod" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If arg_p makes the result overflow, then 0 is returned.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_mod(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
if (!sample_conv_var2smp(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (tmp.data.u.sint) {
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* The divide between LLONG_MIN and -1 returns a
* "floting point exception".
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN && tmp.data.u.sint == -1) {
smp->data.u.sint = 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint %= tmp.data.u.sint;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes an SINT on input, applies an arithmetic "neg" and returns the SINT
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* result.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_neg(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN)
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
else
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = -smp->data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns true is the value is non-null, otherwise
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* false. The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_bool(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !!smp->data.u.sint;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns false is the value is non-null, otherwise
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* truee. The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_not(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !smp->data.u.sint;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns true is the value is odd, otherwise false.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_odd(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = smp->data.u.sint & 1;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns true is the value is even, otherwise false.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_even(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !(smp->data.u.sint & 1);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
/* appends an optional const string, an optional variable contents and another
* optional const string to an existing string.
*/
static int sample_conv_concat(const struct arg *arg_p, struct sample *smp, void *private)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
struct sample tmp;
int max;
trash = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = smp->data.u.str.data;
if (trash->data > trash->size - 1)
trash->data = trash->size - 1;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area, smp->data.u.str.area, trash->data);
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
/* append first string */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = arg_p[0].data.str.data;
if (max > trash->size - 1 - trash->data)
max = trash->size - 1 - trash->data;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (max) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, arg_p[0].data.str.area, max);
trash->data += max;
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
}
/* append second string (variable) if it's found and we can turn it
* into a string.
*/
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
if (arg_p[1].type == ARGT_VAR && vars_get_by_desc(&arg_p[1].data.var, &tmp) &&
(sample_casts[tmp.data.type][SMP_T_STR] == c_none ||
sample_casts[tmp.data.type][SMP_T_STR](&tmp))) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = tmp.data.u.str.data;
if (max > trash->size - 1 - trash->data)
max = trash->size - 1 - trash->data;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (max) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, tmp.data.u.str.area,
max);
trash->data += max;
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
}
}
/* append third string */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = arg_p[2].data.str.data;
if (max > trash->size - 1 - trash->data)
max = trash->size - 1 - trash->data;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (max) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, arg_p[2].data.str.area, max);
trash->data += max;
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
}
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
return 1;
}
/* This function checks the "concat" converter's arguments and extracts the
* variable name and its scope.
*/
static int smp_check_concat(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
/* Try to decode a variable. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (args[1].data.str.data > 0 && !vars_check_arg(&args[1], NULL)) {
memprintf(err, "failed to register variable name '%s'",
args[1].data.str.area);
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
return 0;
}
return 1;
}
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
/* compares string with a variable containing a string. Return value
* is compatible with strcmp(3)'s return value.
*/
static int sample_conv_strcmp(const struct arg *arg_p, struct sample *smp, void *private)
{
struct sample tmp;
int max, result;
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
if (arg_p[0].type != ARGT_VAR)
return 0;
if (!vars_get_by_desc(&arg_p[0].data.var, &tmp))
return 0;
if (!sample_casts[tmp.data.type][SMP_T_STR](&tmp))
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = MIN(smp->data.u.str.data, tmp.data.u.str.data);
result = strncmp(smp->data.u.str.area, tmp.data.u.str.area, max);
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
if (result == 0) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (smp->data.u.str.data != tmp.data.u.str.data) {
if (smp->data.u.str.data < tmp.data.u.str.data) {
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
result = -1;
}
else {
result = 1;
}
}
}
smp->data.u.sint = result;
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
#define GRPC_MSG_COMPRESS_FLAG_SZ 1 /* 1 byte */
#define GRPC_MSG_LENGTH_SZ 4 /* 4 bytes */
#define GRPC_MSG_HEADER_SZ (GRPC_MSG_COMPRESS_FLAG_SZ + GRPC_MSG_LENGTH_SZ)
/*
* Extract the field value of an input binary sample. Takes a mandatory argument:
* the protocol buffers field identifier (dotted notation) internally represented
* as an array of unsigned integers and its size.
* Return 1 if the field was found, 0 if not.
*/
static int sample_conv_ungrpc(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned char *pos;
size_t grpc_left;
pos = (unsigned char *)smp->data.u.str.area;
grpc_left = smp->data.u.str.data;
MINOR: sample: Code factorization "ungrpc" converter. Parsing protocol buffer fields always consists in skip the field if the field is not found or store the field value if found. So, with this patch we factorize a little bit the code for "ungrpc" converter.
2019-03-04 01:33:41 -05:00
while (grpc_left > GRPC_MSG_HEADER_SZ) {
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
size_t grpc_msg_len, left;
grpc_msg_len = left = ntohl(*(uint32_t *)(pos + GRPC_MSG_COMPRESS_FLAG_SZ));
pos += GRPC_MSG_HEADER_SZ;
grpc_left -= GRPC_MSG_HEADER_SZ;
if (grpc_left < left)
return 0;
MINOR: sample: Extract some protocol buffers specific code. We move the code responsible of parsing protocol buffers messages inside gRPC messages from sample.c to include/proto/protocol_buffers.h so that to reuse it to cascade "ungrpc" converter.
2019-03-06 02:03:44 -05:00
if (protobuf_field_lookup(arg_p, smp, &pos, &left))
return 1;
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
grpc_left -= grpc_msg_len;
}
return 0;
}
MINOR: sample: Add a protocol buffers specific converter. This patch adds "protobuf" protocol buffers specific converter wich may used in combination with "ungrpc" as first converter to extract a protocol buffers field value. It is simply implemented reusing protobuf_field_lookup() which is the protocol buffers specific parser already used by "ungrpc" converter which only parse a gRPC header in addition of parsing protocol buffers message. Update the documentation for this new "protobuf" converter.
2019-03-06 08:34:36 -05:00
static int sample_conv_protobuf(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned char *pos;
size_t left;
pos = (unsigned char *)smp->data.u.str.area;
left = smp->data.u.str.data;
return protobuf_field_lookup(arg_p, smp, &pos, &left);
}
static int sample_conv_protobuf_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
MINOR: sample: Rework gRPC converter code. For now on, "ungrpc" may take a second optional argument to provide the protocol buffers types used to encode the field value to be extracted. When absent the field value is extracted as a binary sample which may then followed by others converters like "hex" which takes binary as input sample. When this second argument is a type which does not match the one found by "ungrpc", this field is considered as not found even if present. With this patch we also remove the useless "varint" and "svarint" converters. Update the documentation about "ungrpc" converters.
2019-03-04 13:03:48 -05:00
{
if (!args[1].type) {
args[1].type = ARGT_SINT;
args[1].data.sint = PBUF_T_BINARY;
}
else {
int pbuf_type;
pbuf_type = protobuf_type(args[1].data.str.area);
if (pbuf_type == -1) {
memprintf(err, "Wrong protocol buffer type '%s'", args[1].data.str.area);
return 0;
}
args[1].type = ARGT_SINT;
args[1].data.sint = pbuf_type;
}
return 1;
}
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
/* This function checks the "strcmp" converter's arguments and extracts the
* variable name and its scope.
*/
static int smp_check_strcmp(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
/* Try to decode a variable. */
if (vars_check_arg(&args[0], NULL))
return 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memprintf(err, "failed to register variable name '%s'",
args[0].data.str.area);
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
return 0;
}
MINOR: sample: add htonl converter This converter tranform a integer to its binary representation in the network byte order. Integer are already automatically converted to binary during sample expression evaluation. But because samples own 8-bytes integers, the conversion produces 8 bytes. the htonl converter do the same but for 4-bytes integer.
2020-04-01 03:08:32 -04:00
/**/
static int sample_conv_htonl(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *tmp;
uint32_t n;
n = htonl((uint32_t)smp->data.u.sint);
tmp = get_trash_chunk();
memcpy(b_head(tmp), &n, 4);
b_add(tmp, 4);
smp->data.u.str = *tmp;
smp->data.type = SMP_T_BIN;
return 1;
}
MINOR: sample: add cut_crlf converter This converter cuts a string on the first \r or \n found.
2020-04-01 10:21:44 -04:00
/**/
static int sample_conv_cut_crlf(const struct arg *arg_p, struct sample *smp, void *private)
{
char *p;
size_t l;
p = smp->data.u.str.area;
for (l = 0; l < smp->data.u.str.data; l++) {
if (*(p+l) == '\r' || *(p+l) == '\n')
break;
}
smp->data.u.str.data = l;
return 1;
}
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
/************************************************************************/
/* All supported sample fetch functions must be declared here */
/************************************************************************/
/* force TRUE to be returned at the fetch level */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_true(const struct arg *args, struct sample *smp, const char *kw, void *private)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (!smp_make_rw(smp))
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 1;
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 1;
}
/* force FALSE to be returned at the fetch level */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_false(const struct arg *args, struct sample *smp, const char *kw, void *private)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 1;
}
/* retrieve environment variable $1 as a string */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_env(const struct arg *args, struct sample *smp, const char *kw, void *private)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{
char *env;
if (!args || args[0].type != ARGT_STR)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
env = getenv(args[0].data.str.area);
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
if (!env)
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags = SMP_F_CONST;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = env;
smp->data.u.str.data = strlen(env);
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 1;
}
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
/* Validates the data unit argument passed to "date" fetch. Argument 1 support an
* optional string representing the unit of the result: "s" for seconds, "ms" for
* milliseconds and "us" for microseconds.
* Returns 0 on error and non-zero if OK.
*/
int smp_check_date_unit(struct arg *args, char **err)
{
if (args[1].type == ARGT_STR) {
if (strcmp(args[1].data.str.area, "s") == 0) {
args[1].data.sint = TIME_UNIT_S;
}
else if (strcmp(args[1].data.str.area, "ms") == 0) {
args[1].data.sint = TIME_UNIT_MS;
}
else if (strcmp(args[1].data.str.area, "us") == 0) {
args[1].data.sint = TIME_UNIT_US;
}
else {
memprintf(err, "expects 's', 'ms' or 'us', got '%s'",
args[1].data.str.area);
return 0;
}
free(args[1].data.str.area);
args[1].data.str.area = NULL;
args[1].type = ARGT_SINT;
}
else if (args[1].type != ARGT_STOP) {
memprintf(err, "Unexpected arg type");
return 0;
}
return 1;
}
/* retrieve the current local date in epoch time, converts it to milliseconds
* or microseconds if asked to in optional args[1] unit param, and applies an
* optional args[0] offset.
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_date(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = date.tv_sec;
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
/* report in milliseconds */
if (args && args[1].type == ARGT_SINT && args[1].data.sint == TIME_UNIT_MS) {
smp->data.u.sint *= 1000;
smp->data.u.sint += date.tv_usec / 1000;
}
/* report in microseconds */
else if (args && args[1].type == ARGT_SINT && args[1].data.sint == TIME_UNIT_US) {
smp->data.u.sint *= 1000000;
smp->data.u.sint += date.tv_usec;
}
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
/* add offset */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args && args[0].type == ARGT_SINT)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint += args[0].data.sint;
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
return 1;
}
MINOR: sample: add date_us sample Add date_us sample that returns the microsecond part of the timeval structure representing the date of the structure. The "second" part of the timeval can already be fetched by the "date" sample
2018-01-17 07:43:24 -05:00
/* retrieve the current microsecond part of the date */
static int
smp_fetch_date_us(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.u.sint = date.tv_usec;
smp->data.type = SMP_T_SINT;
smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
return 1;
}
MINOR: Add hostname sample fetch It adds "hostname" as a new sample fetch. It does exactly the same as "%H" in a log format except that it can be used outside of log formats. Signed-off-by: Nenad Merdanovic <nmerdan@haproxy.com>
2017-03-12 17:00:00 -04:00
/* returns the hostname */
static int
smp_fetch_hostname(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = hostname;
smp->data.u.str.data = strlen(hostname);
MINOR: Add hostname sample fetch It adds "hostname" as a new sample fetch. It does exactly the same as "%H" in a log format except that it can be used outside of log formats. Signed-off-by: Nenad Merdanovic <nmerdan@haproxy.com>
2017-03-12 17:00:00 -04:00
return 1;
}
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
/* returns the number of processes */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_nbproc(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = global.nbproc;
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
return 1;
}
/* returns the number of the current process (between 1 and nbproc */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_proc(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = relative_pid;
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
return 1;
}
MINOR: sample: Add "thread" sample fetch It returns id of the thread calling the function.
2017-11-21 15:45:38 -05:00
/* returns the number of the current thread (between 1 and nbthread */
static int
smp_fetch_thread(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = tid;
return 1;
}
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
/* generate a random 32-bit integer for whatever purpose, with an optional
* range specified in argument.
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_rand(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
{
MINOR: sample: make all bits random on the rand() sample fetch The rand() sample fetch supports being limited to a certain range, but it only uses 31 bits and scales them as requested, which means that when the requested output range is larger than 31 bits, the least significant one is not random and may even be constant. Let's make use of the whole 32 bits now that we have access ot them.
2020-03-08 13:01:10 -04:00
smp->data.u.sint = ha_random32();
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
/* reduce if needed. Don't do a modulo, use all bits! */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args && args[0].type == ARGT_SINT)
MINOR: sample: make all bits random on the rand() sample fetch The rand() sample fetch supports being limited to a certain range, but it only uses 31 bits and scales them as requested, which means that when the requested output range is larger than 31 bits, the least significant one is not random and may even be constant. Let's make use of the whole 32 bits now that we have access ot them.
2020-03-08 13:01:10 -04:00
smp->data.u.sint = ((u64)smp->data.u.sint * (u64)args[0].data.sint) >> 32;
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
return 1;
}
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
/* returns true if the current process is stopping */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_stopping(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stopping;
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
return 1;
}
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
/* returns the number of calls of the current stream's process_stream() */
static int
smp_fetch_cpu_calls(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = smp->strm->task->calls;
return 1;
}
/* returns the average number of nanoseconds spent processing the stream per call */
static int
smp_fetch_cpu_ns_avg(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = smp->strm->task->calls ? smp->strm->task->cpu_time / smp->strm->task->calls : 0;
return 1;
}
/* returns the total number of nanoseconds spent processing the stream */
static int
smp_fetch_cpu_ns_tot(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = smp->strm->task->cpu_time;
return 1;
}
/* returns the average number of nanoseconds per call spent waiting for other tasks to be processed */
static int
smp_fetch_lat_ns_avg(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = smp->strm->task->calls ? smp->strm->task->lat_time / smp->strm->task->calls : 0;
return 1;
}
/* returns the total number of nanoseconds per call spent waiting for other tasks to be processed */
static int
smp_fetch_lat_ns_tot(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = smp->strm->task->lat_time;
return 1;
}
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
static int smp_fetch_const_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->flags |= SMP_F_CONST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = args[0].data.str.area;
smp->data.u.str.data = args[0].data.str.data;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_check_const_bool(struct arg *args, char **err)
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (strcasecmp(args[0].data.str.area, "true") == 0 ||
strcasecmp(args[0].data.str.area, "1") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
args[0].type = ARGT_SINT;
args[0].data.sint = 1;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (strcasecmp(args[0].data.str.area, "false") == 0 ||
strcasecmp(args[0].data.str.area, "0") == 0) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
args[0].type = ARGT_SINT;
args[0].data.sint = 0;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
memprintf(err, "Expects 'true', 'false', '0' or '1'");
return 0;
}
static int smp_fetch_const_bool(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = args[0].data.sint;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
static int smp_fetch_const_int(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = args[0].data.sint;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_fetch_const_ipv4(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv4 = args[0].data.ipv4;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_fetch_const_ipv6(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv6 = args[0].data.ipv6;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_check_const_bin(struct arg *args, char **err)
{
BUG/MEDIUM: sample: initialize the pointer before parse_binary call. parse_binary line 2025 checks the nullity of binstr parameter. Other calls of parse_binary properly zeroify this parameter. [wt: this could result in random failures of the const parser]
2016-04-08 05:37:02 -04:00
char *binstr = NULL;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
int binstrlen;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!parse_binary(args[0].data.str.area, &binstr, &binstrlen, err))
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 0;
args[0].type = ARGT_STR;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
args[0].data.str.area = binstr;
args[0].data.str.data = binstrlen;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_fetch_const_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->flags |= SMP_F_CONST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BIN;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = args[0].data.str.area;
smp->data.u.str.data = args[0].data.str.data;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_check_const_meth(struct arg *args, char **err)
{
enum http_meth_t meth;
int i;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
meth = find_http_meth(args[0].data.str.area, args[0].data.str.data);
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
if (meth != HTTP_METH_OTHER) {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
args[0].type = ARGT_SINT;
args[0].data.sint = meth;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
} else {
/* Check method avalaibility. A methos is a token defined as :
* tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
* "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
* token = 1*tchar
*/
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < args[0].data.str.data; i++) {
if (!HTTP_IS_TOKEN(args[0].data.str.area[i])) {
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
memprintf(err, "expects valid method.");
return 0;
}
}
}
return 1;
}
static int smp_fetch_const_meth(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_METH;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args[0].type == ARGT_SINT) {
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
smp->flags &= ~SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.meth.meth = args[0].data.sint;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.meth.str.area = "";
smp->data.u.meth.str.data = 0;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
} else {
smp->flags |= SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.meth.meth = HTTP_METH_OTHER;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.meth.str.area = args[0].data.str.area;
smp->data.u.meth.str.data = args[0].data.str.data;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
}
return 1;
}
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
// This function checks the "uuid" sample's arguments.
// Function won't get called when no parameter is specified (maybe a bug?)
static int smp_check_uuid(struct arg *args, char **err)
{
if (!args[0].type) {
args[0].type = ARGT_SINT;
args[0].data.sint = 4;
}
else if (args[0].data.sint != 4) {
memprintf(err, "Unsupported UUID version: '%lld'", args[0].data.sint);
return 0;
}
return 1;
}
// Generate a RFC4122 UUID (default is v4 = fully random)
static int smp_fetch_uuid(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
if (args[0].data.sint == 4 || !args[0].type) {
MINOR: tools: add a generic function to generate UUIDs We currently have two UUID generation functions, one for the sample fetch and the other one in the SPOE filter. Both were a bit complicated since they were made to support random() implementations returning an arbitrary number of bits, and were throwing away 33 bits every 64. Now we don't need this anymore, so let's have a generic function consuming 64 bits at once and use it as appropriate.
2020-03-08 12:48:17 -04:00
ha_generate_uuid(&trash);
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
smp->data.u.str = trash;
return 1;
}
// more implementations of other uuid formats possible here
return 0;
}
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
/* Note: must not be declared <const> as its list will be overwritten.
* Note: fetches that may return multiple types must be declared as the lowest
* common denominator, the type that can be casted into all other ones. For
* instance IPv4/IPv6 must be declared IPv4.
*/
static struct sample_fetch_kw_list smp_kws = {ILH, {
{ "always_false", smp_fetch_false, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
{ "always_true", smp_fetch_true, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
{ "env", smp_fetch_env, ARG1(1,STR), NULL, SMP_T_STR, SMP_USE_INTRN },
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
{ "date", smp_fetch_date, ARG2(0,SINT,STR), smp_check_date_unit, SMP_T_SINT, SMP_USE_INTRN },
MINOR: sample: add date_us sample Add date_us sample that returns the microsecond part of the timeval structure representing the date of the structure. The "second" part of the timeval can already be fetched by the "date" sample
2018-01-17 07:43:24 -05:00
{ "date_us", smp_fetch_date_us, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
MINOR: Add hostname sample fetch It adds "hostname" as a new sample fetch. It does exactly the same as "%H" in a log format except that it can be used outside of log formats. Signed-off-by: Nenad Merdanovic <nmerdan@haproxy.com>
2017-03-12 17:00:00 -04:00
{ "hostname", smp_fetch_hostname, 0, NULL, SMP_T_STR, SMP_USE_INTRN },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "nbproc", smp_fetch_nbproc,0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "proc", smp_fetch_proc, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
MINOR: sample: Add "thread" sample fetch It returns id of the thread calling the function.
2017-11-21 15:45:38 -05:00
{ "thread", smp_fetch_thread, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
{ "rand", smp_fetch_rand, ARG1(0,SINT), NULL, SMP_T_SINT, SMP_USE_INTRN },
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{ "stopping", smp_fetch_stopping, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
{ "stopping", smp_fetch_stopping, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
{ "uuid", smp_fetch_uuid, ARG1(0, SINT), smp_check_uuid, SMP_T_STR, SMP_USE_INTRN },
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
{ "cpu_calls", smp_fetch_cpu_calls, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "cpu_ns_avg", smp_fetch_cpu_ns_avg, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "cpu_ns_tot", smp_fetch_cpu_ns_tot, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "lat_ns_avg", smp_fetch_lat_ns_avg, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "lat_ns_tot", smp_fetch_lat_ns_tot, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
{ "str", smp_fetch_const_str, ARG1(1,STR), NULL , SMP_T_STR, SMP_USE_INTRN },
{ "bool", smp_fetch_const_bool, ARG1(1,STR), smp_check_const_bool, SMP_T_BOOL, SMP_USE_INTRN },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "int", smp_fetch_const_int, ARG1(1,SINT), NULL , SMP_T_SINT, SMP_USE_INTRN },
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
{ "ipv4", smp_fetch_const_ipv4, ARG1(1,IPV4), NULL , SMP_T_IPV4, SMP_USE_INTRN },
{ "ipv6", smp_fetch_const_ipv6, ARG1(1,IPV6), NULL , SMP_T_IPV6, SMP_USE_INTRN },
{ "bin", smp_fetch_const_bin, ARG1(1,STR), smp_check_const_bin , SMP_T_BIN, SMP_USE_INTRN },
{ "meth", smp_fetch_const_meth, ARG1(1,STR), smp_check_const_meth, SMP_T_METH, SMP_USE_INTRN },
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{ /* END */ },
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, sample_register_fetches, &smp_kws);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/* Note: must not be declared <const> as its list will be overwritten */
BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS Benoit Dolez reported a failure to start haproxy 1.5-dev19. The process would immediately report an internal error with missing fetches from some crap instead of ACL names. The cause is that some versions of gcc seem to trim static structs containing a variable array when moving them to BSS, and only keep the fixed size, which is just a list head for all ACL and sample fetch keywords. This was confirmed at least with gcc 3.4.6. And we can't move these structs to const because they contain a list element which is needed to link all of them together during the parsing. The bug indeed appeared with 1.5-dev19 because it's the first one to have some empty ACL keyword lists. One solution is to impose -fno-zero-initialized-in-bss to everyone but this is not really nice. Another solution consists in ensuring the struct is never empty so that it does not move there. The easy solution consists in having a non-null list head since it's not yet initialized. A new "ILH" list head type was thus created for this purpose : create an Initialized List Head so that gcc cannot move the struct to BSS. This fixes the issue for this version of gcc and does not create any burden for the declarations.
2013-06-21 17:16:39 -04:00
static struct sample_conv_kw_list sample_conv_kws = {ILH, {
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
{ "debug", sample_conv_debug, ARG2(0,STR,STR), smp_check_debug, SMP_T_ANY, SMP_T_ANY },
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
{ "b64dec", sample_conv_base642bin,0, NULL, SMP_T_STR, SMP_T_BIN },
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
{ "base64", sample_conv_bin2base64,0, NULL, SMP_T_BIN, SMP_T_STR },
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
{ "upper", sample_conv_str2upper, 0, NULL, SMP_T_STR, SMP_T_STR },
{ "lower", sample_conv_str2lower, 0, NULL, SMP_T_STR, SMP_T_STR },
MINOR: sample: rename the "len" converter to "length" This converter was recently introduced by commit ed0d24e ("MINOR: sample: add len converter"). As found by Cyril, it causes an issue in "http-request capture" statements. The non-obvious problem is that an old syntax for sample expressions and converters used to support a series of words, each representing a converter. This used to be how the "stick" directives were created initially. By having a converter called "len", a statement such as "http-request capture foo len 10" considers "len" as a converter and not as the capture length. This obsolete syntax needs to be changed in 1.9 but it's too late for other versions. It's worth noting that the same problem can happen if converters are registered on the fly using Lua. Other language keywords that currently have to be avoided in converters include "id", "table", "if", "unless".
2017-12-15 01:13:48 -05:00
{ "length", sample_conv_length, 0, NULL, SMP_T_STR, SMP_T_SINT },
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
{ "hex", sample_conv_bin2hex, 0, NULL, SMP_T_BIN, SMP_T_STR },
MINOR: sample: add the hex2i converter Converts a hex string containing two hex digits per input byte to an integer. If the input value can not be converted, then zero is returned.
2017-10-24 03:27:34 -04:00
{ "hex2i", sample_conv_hex2int, 0, NULL, SMP_T_STR, SMP_T_SINT },
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
{ "ipmask", sample_conv_ipmask, ARG2(1,MSK4,MSK6), NULL, SMP_T_ADDR, SMP_T_IPV4 },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "ltime", sample_conv_ltime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
{ "utime", sample_conv_utime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
{ "crc32", sample_conv_crc32, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
MINOR: samples: add crc32c converter This patch adds the support of CRC32c (rfc4960).
2018-03-21 06:19:01 -04:00
{ "crc32c", sample_conv_crc32c, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
{ "djb2", sample_conv_djb2, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "sdbm", sample_conv_sdbm, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "wt6", sample_conv_wt6, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
{ "xxh32", sample_conv_xxh32, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "xxh64", sample_conv_xxh64, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
{ "json", sample_conv_json, ARG1(1,STR), sample_conv_json_check, SMP_T_STR, SMP_T_STR },
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
{ "bytes", sample_conv_bytes, ARG2(1,SINT,SINT), NULL, SMP_T_BIN, SMP_T_BIN },
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
{ "field", sample_conv_field, ARG3(2,SINT,STR,SINT), sample_conv_field_check, SMP_T_STR, SMP_T_STR },
{ "word", sample_conv_word, ARG3(2,SINT,STR,SINT), sample_conv_field_check, SMP_T_STR, SMP_T_STR },
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
{ "regsub", sample_conv_regsub, ARG3(2,REG,STR,STR), sample_conv_regsub_check, SMP_T_STR, SMP_T_STR },
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
{ "sha1", sample_conv_sha1, 0, NULL, SMP_T_BIN, SMP_T_BIN },
MINOR: sample: Add sha2([<bits>]) converter This adds a converter for the SHA-2 family, supporting SHA-224, SHA-256 SHA-384 and SHA-512. The converter relies on the OpenSSL implementation, thus only being available when HAProxy is compiled with USE_OPENSSL. See GitHub issue #123. The hypothetical `ssl_?_sha256` fetch can then be simulated using `ssl_?_der,sha2(256)`: http-response set-header Server-Cert-FP %[ssl_f_der,sha2(256),hex]
2019-06-17 06:41:44 -04:00
#ifdef USE_OPENSSL
MINOR: sample: Validate the number of bits for the sha2 converter Instead of failing the conversion when an invalid number of bits is given the sha2 converter now fails with an appropriate error message during startup. The sha2 converter was introduced in d4376302377e4f51f43a183c2c91d929b27e1ae3, which is in 2.1 and higher.
2019-12-17 06:31:20 -05:00
{ "sha2", sample_conv_sha2, ARG1(0, SINT), smp_check_sha2, SMP_T_BIN, SMP_T_BIN },
MINOR: sample: Add sha2([<bits>]) converter This adds a converter for the SHA-2 family, supporting SHA-224, SHA-256 SHA-384 and SHA-512. The converter relies on the OpenSSL implementation, thus only being available when HAProxy is compiled with USE_OPENSSL. See GitHub issue #123. The hypothetical `ssl_?_sha256` fetch can then be simulated using `ssl_?_der,sha2(256)`: http-response set-header Server-Cert-FP %[ssl_f_der,sha2(256),hex]
2019-06-17 06:41:44 -04:00
#endif
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
{ "concat", sample_conv_concat, ARG3(1,STR,STR,STR), smp_check_concat, SMP_T_STR, SMP_T_STR },
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
{ "strcmp", sample_conv_strcmp, ARG1(1,STR), smp_check_strcmp, SMP_T_STR, SMP_T_SINT },
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
/* gRPC converters. */
MINOR: sample: Add a protocol buffers specific converter. This patch adds "protobuf" protocol buffers specific converter wich may used in combination with "ungrpc" as first converter to extract a protocol buffers field value. It is simply implemented reusing protobuf_field_lookup() which is the protocol buffers specific parser already used by "ungrpc" converter which only parse a gRPC header in addition of parsing protocol buffers message. Update the documentation for this new "protobuf" converter.
2019-03-06 08:34:36 -05:00
{ "ungrpc", sample_conv_ungrpc, ARG2(1,PBUF_FNUM,STR), sample_conv_protobuf_check, SMP_T_BIN, SMP_T_BIN },
{ "protobuf", sample_conv_protobuf, ARG2(1,PBUF_FNUM,STR), sample_conv_protobuf_check, SMP_T_BIN, SMP_T_BIN },
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
{ "and", sample_conv_binary_and, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "or", sample_conv_binary_or, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "xor", sample_conv_binary_xor, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "cpl", sample_conv_binary_cpl, 0, NULL, SMP_T_SINT, SMP_T_SINT },
{ "bool", sample_conv_arith_bool, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "not", sample_conv_arith_not, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "odd", sample_conv_arith_odd, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "even", sample_conv_arith_even, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "add", sample_conv_arith_add, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "sub", sample_conv_arith_sub, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "mul", sample_conv_arith_mul, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "div", sample_conv_arith_div, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "mod", sample_conv_arith_mod, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "neg", sample_conv_arith_neg, 0, NULL, SMP_T_SINT, SMP_T_SINT },
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
MINOR: sample: add cut_crlf converter This converter cuts a string on the first \r or \n found.
2020-04-01 10:21:44 -04:00
{ "htonl", sample_conv_htonl, 0, NULL, SMP_T_SINT, SMP_T_BIN },
{ "cut_crlf", sample_conv_cut_crlf, 0, NULL, SMP_T_STR, SMP_T_STR },
MEDIUM: pattern: use the standard arg parser We don't need the pattern-specific args parsers anymore, make use of the common parser instead. We still need to improve this by adding a validation function to report abnormal argument values or combinations. We don't report precise parsing errors yet but this was not previously done either.
2012-04-20 08:45:49 -04:00
{ NULL, NULL, 0, 0, 0 },
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, sample_register_convs, &sample_conv_kws);
Reference in a new issue Copy permalink