upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-08 10:26:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 16
haproxy/src/sample.c

5521 lines
165 KiB
C
Raw Normal View History

[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
* Sample management functions.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*
* Copyright 2009-2010 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
* Copyright (C) 2012 Willy Tarreau <w@1wt.eu>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
#include <ctype.h>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
#include <string.h>
#include <arpa/inet.h>
CLEANUP: includes: fix includes for a number of users of fd.h It appears that fd.h includes a number of unneeded files and was included from standard.h, and as such served as an intermediary to provide almost everything to everyone. By removing its useless includes, a long dependency chain broke but could easily be fixed.
2012-09-02 16:34:23 -04:00
#include <stdio.h>
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
#include <import/mjson.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <import/sha1.h>
MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions Sample conversions rely on two alternative buffers which were previously allocated as static bufs of size BUFSIZE. Now they're initialized to the global buffer size. It was the same for HTTP authentication. Note that it seems that none of them was prone to any mistake when dealing with the buffer size, but better stay on the safe side by maintaining the old assumption that a trash buffer is always "large enough".
2012-10-29 15:44:36 -04:00
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
#include <haproxy/acl.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/api.h>
#include <haproxy/arg.h>
REORG: include: move auth.h to haproxy/auth{,-t}.h The STATS_DEFAULT_REALM and STATS_DEFAULT_URI were moved to defaults.h. It was required to include types/pattern.h and types/sample.h since they are mentioned in function prototypes. It would be wise to merge this with uri_auth.h later.
2020-06-04 04:36:03 -04:00
#include <haproxy/auth.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/base64.h>
REORG: include: split common/htx.h into haproxy/htx{,-t}.h Most of the file was a large set of HTX elements manipulation functions and few types, so splitting them allowed to further reduce dependencies and shrink the build time. Doing so revealed that a few files (h2.c, mux_pt.c) needed haproxy/buf.h and were previously getting it through htx.h. They were fixed.
2020-06-03 02:44:35 -04:00
#include <haproxy/buf.h>
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
#include <haproxy/cfgparse.h>
REORG: include: move common/chunk.h to haproxy/chunk.h No change was necessary, it was already properly split.
2020-06-02 04:22:45 -04:00
#include <haproxy/chunk.h>
REORG: time: move time-keeping code and variables to clock.c There is currently a problem related to time keeping. We're mixing the functions to perform calculations with the os-dependent code needed to retrieve and adjust the local time. This patch extracts from time.{c,h} the parts that are solely dedicated to time keeping. These are the "now" or "before_poll" variables for example, as well as the various now_*() functions that make use of gettimeofday() and clock_gettime() to retrieve the current time. The "tv_*" functions moved there were also more appropriately renamed to "clock_*". Other parts used to compute stolen time are in other files, they will have to be picked next.
2021-10-08 03:33:24 -04:00
#include <haproxy/clock.h>
REORG: include: move the error reporting functions to from log.h to errors.h Most of the files dealing with error reports have to include log.h in order to access ha_alert(), ha_warning() etc. But while these functions don't depend on anything, log.h depends on a lot of stuff because it deals with log-formats and samples. As a result it's impossible not to embark long dependencies when using ha_warning() or qfprintf(). This patch moves these low-level functions to errors.h, which already defines the error codes used at the same places. About half of the users of log.h could be adjusted, sometimes revealing other issues such as missing tools.h. Interestingly the total preprocessed size shrunk by 4%.
2020-06-05 11:27:29 -04:00
#include <haproxy/errors.h>
MINOR: sample: Add converters to parse FIX messages This patch implements a couple of converters to validate and extract tag value from a FIX (Financial Information eXchange) message. The validation consists in a few checks such as mandatory fields and checksum computation. The extraction can get any tag value based on a tag string or tag id. This patch requires the istend() function. Thus it depends on "MINOR: ist: Add istend() function to return a pointer to the end of the string". Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-22 09:39:03 -04:00
#include <haproxy/fix.h>
REORG: include: split global.h into haproxy/global{,-t}.h global.h was one of the messiest files, it has accumulated tons of implicit dependencies and declares many globals that make almost all other file include it. It managed to silence a dependency loop between server.h and proxy.h by being well placed to pre-define the required structs, forcing struct proxy and struct server to be forward-declared in a significant number of files. It was split in to, one which is the global struct definition and the few macros and flags, and the rest containing the functions prototypes. The UNIX_MAX_PATH definition was moved to compat.h.
2020-06-04 11:05:57 -04:00
#include <haproxy/global.h>
REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ These ones do not depend on any other file. One used to include haproxy/api.h but that was solely for stddef.h.
2020-05-27 10:10:29 -04:00
#include <haproxy/hash.h>
REORG: include: split common/http.h into haproxy/http{,-t}.h So the enums and structs were placed into http-t.h and the functions into http.h. This revealed that several files were dependeng on http.h but not including it, as it was silently inherited via other files.
2020-06-02 13:11:26 -04:00
#include <haproxy/http.h>
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
#include <haproxy/http_ana-t.h>
MINOR: sample: Add converters to parse FIX messages This patch implements a couple of converters to validate and extract tag value from a FIX (Financial Information eXchange) message. The validation consists in a few checks such as mandatory fields and checksum computation. The extraction can get any tag value based on a tag string or tag id. This patch requires the istend() function. Thus it depends on "MINOR: ist: Add istend() function to return a pointer to the end of the string". Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-22 09:39:03 -04:00
#include <haproxy/istbuf.h>
MINOR: sample: Add converts to parses MQTT messages This patch implements a couple of converters to validate and extract data from a MQTT (Message Queuing Telemetry Transport) message. The validation consists of a few checks as well as "packet size" validation. The extraction can get any field from the variable header and the payload. This is limited to CONNECT and CONNACK packet types only. All other messages are considered as invalid. It is not a problem for now because only the first packet on each side can be parsed (CONNECT for the client and CONNACK for the server). MQTT 3.1.1 and 5.0 are supported. Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-27 13:10:06 -04:00
#include <haproxy/mqtt.h>
REORG: include: move common/net_helper.h to haproxy/net_helper.h No change was necessary.
2020-06-02 10:48:09 -04:00
#include <haproxy/net_helper.h>
REORG: include: move protocol_buffers.h to haproxy/protobuf{,-t}.h There is no C file for this one, the code was placed into sample.c which thus has a dependency on this file which itself includes sample.h. Probably that it would be wise to split that later.
2020-06-04 10:06:59 -04:00
#include <haproxy/protobuf.h>
REORG: include: move proxy.h to haproxy/proxy{,-t}.h This one is particularly difficult to split because it provides all the functions used to manipulate a proxy state and to retrieve names or IDs for error reporting, and as such, it was included in 73 files (down to 68 after cleanup). It would deserve a small cleanup though the cut points are not obvious at the moment given the number of structs involved in the struct proxy itself.
2020-06-04 16:29:18 -04:00
#include <haproxy/proxy.h>
REORG: include: split common/regex.h into haproxy/regex{,-t}.h Regex are essentially included for myregex_t but it turns out that several of the C files didn't include it directly, relying on the one included by their own .h. This has been cleanly addressed so that only the type is included by H files which need it, and adding the missing includes for the other ones.
2020-06-02 11:32:26 -04:00
#include <haproxy/regex.h>
REORG: include: move sample.h to haproxy/sample{,-t}.h This one is particularly tricky to move because everyone uses it and it depends on a lot of other types. For example it cannot include arg-t.h and must absolutely only rely on forward declarations to avoid dependency loops between vars -> sample_data -> arg. In order to address this one, it would be nice to split the sample_data part out of sample.h.
2020-06-04 09:33:47 -04:00
#include <haproxy/sample.h>
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
#include <haproxy/sc_strm.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/sink.h>
#include <haproxy/stick_table.h>
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
#include <haproxy/time.h>
REORG: tools: split common/standard.h into haproxy/tools{,-t}.h And also rename standard.c to tools.c. The original split between tools.h and standard.h dates from version 1.3-dev and was mostly an accident. This patch moves the files back to what they were expected to be, and takes care of not changing anything else. However this time tools.h was split between functions and types, because it contains a small number of commonly used macros and structures (e.g. name_desc) which in turn cause the massive list of includes of tools.h to conflict with the callers. They remain the ugliest files of the whole project and definitely need to be cleaned and split apart. A few types are defined there only for functions provided there, and some parts are even OS-specific and should move somewhere else, such as the symbol resolution code.
2020-06-03 12:09:46 -04:00
#include <haproxy/tools.h>
REORG: include: split common/uri_auth.h into haproxy/uri_auth{,-t}.h Initially it looked like this could have been placed into auth.h or stats.h but it's not the case as it's what makes the link between them and the HTTP layer. However the file needed to be split in two. Quite a number of call places were dropped because these were mostly leftovers from the early days where the stats and cli were packed together.
2020-06-04 13:27:34 -04:00
#include <haproxy/uri_auth-t.h>
REORG: include: move vars.h to haproxy/vars{,-t}.h A few includes (sessions.h, stream.h, api-t.h) were added for arguments that were first declared in function prototypes.
2020-06-04 10:25:31 -04:00
#include <haproxy/vars.h>
CLEANUP: Add haproxy/xxhash.h to avoid modifying import/xxhash.h This solves setting XXH_INLINE_ALL in a cleaner way, because the imported header is not modified, easing future updates. see 6f7cc11e6dd0f01b437fba893da2edd2362660a2
2021-09-11 11:51:13 -04:00
#include <haproxy/xxhash.h>
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
#include <haproxy/jwt.h>
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
MINOR: sample: move smp_to_type to sample.c This way it can be exported and reused anywhere else to report type names.
2014-02-07 06:14:54 -05:00
/* sample type names */
const char *smp_to_type[SMP_TYPES] = {
MEDIUM: sample: Add type any This type is used to accept any type of sample as input, and prevent any automatic "cast". It runs like the type "ADDR" which accept the type "IPV4" and "IPV6".
2015-06-03 14:12:35 -04:00
[SMP_T_ANY] = "any",
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
[SMP_T_SAME] = "same",
MINOR: sample: move smp_to_type to sample.c This way it can be exported and reused anywhere else to report type names.
2014-02-07 06:14:54 -05:00
[SMP_T_BOOL] = "bool",
[SMP_T_SINT] = "sint",
[SMP_T_ADDR] = "addr",
[SMP_T_IPV4] = "ipv4",
[SMP_T_IPV6] = "ipv6",
[SMP_T_STR] = "str",
[SMP_T_BIN] = "bin",
BUG/MINOR: debug: display (null) in place of "meth" The array which contains names of types, miss the METH entry. [wt: should be backported to 1.5 as well]
2015-06-03 14:12:04 -04:00
[SMP_T_METH] = "meth",
MINOR: sample: move smp_to_type to sample.c This way it can be exported and reused anywhere else to report type names.
2014-02-07 06:14:54 -05:00
};
MINOR: sample: add type_to_smp() helper function type_to_smp(type) does the reverse operation of smp_to_type[smp]: it takes a type name as input string and tries to return the corresponding SMP_T_* smp type or SMP_TYPES if not found.
2024-01-10 08:00:15 -05:00
/* Returns SMP_T_* smp matching with <type> name or SMP_TYPES if
* not found.
*/
int type_to_smp(const char *type)
{
int it = 0;
while (it < SMP_TYPES) {
CLEANUP: Reapply strcmp.cocci (2) This reapplies strcmp.cocci across the whole src/ tree.
2024-03-29 13:21:51 -04:00
if (strcmp(type, smp_to_type[it]) == 0)
MINOR: sample: add type_to_smp() helper function type_to_smp(type) does the reverse operation of smp_to_type[smp]: it takes a type name as input string and tries to return the corresponding SMP_T_* smp type or SMP_TYPES if not found.
2024-01-10 08:00:15 -05:00
break; // found
it += 1;
}
return it;
}
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* static sample used in sample_process() when <p> is NULL */
MINOR: threads/sample: Change temp_smp into a thread local variable
2017-06-14 08:15:36 -04:00
static THREAD_LOCAL struct sample temp_smp;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* list head of all known sample fetch keywords */
static struct sample_fetch_kw_list sample_fetches = {
.list = LIST_HEAD_INIT(sample_fetches.list)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
};
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* list head of all known sample format conversion keywords */
static struct sample_conv_kw_list sample_convs = {
.list = LIST_HEAD_INIT(sample_convs.list)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
};
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
const unsigned int fetch_cap[SMP_SRC_ENTRIES] = {
MINOR: sample: add a new SMP_SRC_CONST sample capability This level indicates that everything it constant in the expression during the whole process' life and that it may safely be used at config parsing time.
2021-03-26 06:56:11 -04:00
[SMP_SRC_CONST] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL_CFG_PARSER |
SMP_VAL_CLI_PARSER ),
MINOR: sample: add a new SMP_SRC_CONST sample capability This level indicates that everything it constant in the expression during the whole process' life and that it may safely be used at config parsing time.
2021-03-26 06:56:11 -04:00
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_INTRN] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL_CLI_PARSER ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_LISTN] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_FTEND] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L4CLI] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L5CLI] = (SMP_VAL___________ | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_TRACK] = (SMP_VAL_FE_CON_ACC | SMP_VAL_FE_SES_ACC | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L6REQ] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRQHV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRQHP] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_FE_REQ_CNT |
SMP_VAL_FE_HRQ_HDR | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRQBO] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL_FE_HRQ_BDY | SMP_VAL_FE_SET_BCK |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_BKEND] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL_BE_REQ_CNT | SMP_VAL_BE_HRQ_HDR | SMP_VAL_BE_HRQ_BDY |
SMP_VAL_BE_SET_SRV | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_SERVR] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL_BE_SRV_CON | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L4SRV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L5SRV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_L6RES] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL___________ | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRSHV] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL___________ | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRSHP] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL_BE_RES_CNT |
SMP_VAL_BE_HRS_HDR | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_HRSBO] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL_BE_HRS_BDY | SMP_VAL_BE_STO_RUL |
SMP_VAL_FE_RES_CNT | SMP_VAL_FE_HRS_HDR | SMP_VAL_FE_HRS_BDY |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL___________ | SMP_VAL_BE_CHK_RUL | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_RQFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_RSFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_TXFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
[SMP_SRC_SSFIN] = (SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ | SMP_VAL___________ | SMP_VAL___________ |
MINOR: sample: add a new CLI_PARSER context for samples In order to prepare for supporting calling sample expressions from the CLI, let's create a new CLI_PARSER parsing context. This one supports constants and internal samples only.
2021-03-26 10:29:35 -04:00
SMP_VAL_FE_LOG_END | SMP_VAL___________ | SMP_VAL___________ |
SMP_VAL___________ ),
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
};
static const char *fetch_src_names[SMP_SRC_ENTRIES] = {
[SMP_SRC_INTRN] = "internal state",
[SMP_SRC_LISTN] = "listener",
[SMP_SRC_FTEND] = "frontend",
[SMP_SRC_L4CLI] = "client address",
[SMP_SRC_L5CLI] = "client-side connection",
[SMP_SRC_TRACK] = "track counters",
[SMP_SRC_L6REQ] = "request buffer",
[SMP_SRC_HRQHV] = "HTTP request headers",
[SMP_SRC_HRQHP] = "HTTP request",
[SMP_SRC_HRQBO] = "HTTP request body",
[SMP_SRC_BKEND] = "backend",
[SMP_SRC_SERVR] = "server",
[SMP_SRC_L4SRV] = "server address",
[SMP_SRC_L5SRV] = "server-side connection",
[SMP_SRC_L6RES] = "response buffer",
[SMP_SRC_HRSHV] = "HTTP response headers",
[SMP_SRC_HRSHP] = "HTTP response",
[SMP_SRC_HRSBO] = "HTTP response body",
[SMP_SRC_RQFIN] = "request buffer statistics",
[SMP_SRC_RSFIN] = "response buffer statistics",
[SMP_SRC_TXFIN] = "transaction statistics",
[SMP_SRC_SSFIN] = "session statistics",
};
MINOR: sample: provide a function to report the name of a sample check point We need to put names on places where samples are used in order to emit warnings and errors. Let's do that now.
2013-03-25 09:52:41 -04:00
static const char *fetch_ckp_names[SMP_CKP_ENTRIES] = {
[SMP_CKP_FE_CON_ACC] = "frontend tcp-request connection rule",
[SMP_CKP_FE_SES_ACC] = "frontend tcp-request session rule",
[SMP_CKP_FE_REQ_CNT] = "frontend tcp-request content rule",
[SMP_CKP_FE_HRQ_HDR] = "frontend http-request header rule",
[SMP_CKP_FE_HRQ_BDY] = "frontend http-request body rule",
[SMP_CKP_FE_SET_BCK] = "frontend use-backend rule",
[SMP_CKP_BE_REQ_CNT] = "backend tcp-request content rule",
[SMP_CKP_BE_HRQ_HDR] = "backend http-request header rule",
[SMP_CKP_BE_HRQ_BDY] = "backend http-request body rule",
[SMP_CKP_BE_SET_SRV] = "backend use-server, balance or stick-match rule",
[SMP_CKP_BE_SRV_CON] = "server source selection",
[SMP_CKP_BE_RES_CNT] = "backend tcp-response content rule",
[SMP_CKP_BE_HRS_HDR] = "backend http-response header rule",
[SMP_CKP_BE_HRS_BDY] = "backend http-response body rule",
[SMP_CKP_BE_STO_RUL] = "backend stick-store rule",
[SMP_CKP_FE_RES_CNT] = "frontend tcp-response content rule",
[SMP_CKP_FE_HRS_HDR] = "frontend http-response header rule",
[SMP_CKP_FE_HRS_BDY] = "frontend http-response body rule",
[SMP_CKP_FE_LOG_END] = "logs",
MEDIUM: checks: Parse custom action rules in tcp-checks Register the custom action rules "set-var" and "unset-var", that will call the parse_store() command upon parsing. These rules are thus built and integrated to the tcp-check ruleset, but have no further effect for the moment.
2020-02-21 12:14:59 -05:00
[SMP_CKP_BE_CHK_RUL] = "backend tcp-check rule",
BUG/MINOR: samples: add missing context names for sample fetch functions In 2.4, two commits added support for supporting sample fetch calls from new config and CLI contexts, but these were not added to the visibile names, which may possibly cause "(null)" to appear in some error messages. The commit in question were: db5e0dbea ("MINOR: sample: add a new CLI_PARSER context for samples") f9a7a8fd8 ("MINOR: sample: add a new CFG_PARSER context for samples") This patch needs to be backported where these are present (2.4 and above).
2022-03-29 10:39:24 -04:00
[SMP_CKP_CFG_PARSER] = "configuration parser",
[SMP_CKP_CLI_PARSER] = "CLI parser",
MINOR: sample: provide a function to report the name of a sample check point We need to put names on places where samples are used in order to emit warnings and errors. Let's do that now.
2013-03-25 09:52:41 -04:00
};
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
/* This function returns the most accurate expected type of the data returned
* by the sample_expr. It assumes that the <expr> and all of its converters are
* properly initialized.
MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword If the acl keyword is a "fetch", the dedicated parsing function "sample_parse_expr()" is used. Otherwise, the acl parsing function "parse_acl_expr()" is extended to understand the syntax of a series of converters placed after the "fetch" keyword. Before this patch, each acl uses a "struct sample_fetch" and executes it with the "<fetch>->process()" function. Now, the dedicated function "sample_process()" is called. These syntax are now avalaible: acl bad req.hdr(host),lower -m str www http-request redirect prefix /go-away if bad acl bad hdr_beg(host),lower www http-request redirect prefix /go-away if bad
2013-11-21 04:50:10 -05:00
*/
int smp_expr_output_type(struct sample_expr *expr)
{
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
struct sample_conv_expr *cur_smp = NULL;
int cur_type = SMP_T_ANY; /* current type in the chain */
int next_type = SMP_T_ANY; /* next type in the chain */
MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword If the acl keyword is a "fetch", the dedicated parsing function "sample_parse_expr()" is used. Otherwise, the acl parsing function "parse_acl_expr()" is extended to understand the syntax of a series of converters placed after the "fetch" keyword. Before this patch, each acl uses a "struct sample_fetch" and executes it with the "<fetch>->process()" function. Now, the dedicated function "sample_process()" is called. These syntax are now avalaible: acl bad req.hdr(host),lower -m str www http-request redirect prefix /go-away if bad acl bad hdr_beg(host),lower www http-request redirect prefix /go-away if bad
2013-11-21 04:50:10 -05:00
if (!LIST_ISEMPTY(&expr->conv_exprs)) {
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
/* Ignore converters that output SMP_T_SAME if switching to them is
* conversion-free. (such converter's output match with input, thus only
* their input is considered)
*
* We start looking at the end of conv list and then loop back until the
* sample fetch for better performance (it is more likely to find the last
* effective output type near the end of the chain)
*/
do {
struct list *cur_head = (cur_smp) ? &cur_smp->list : &expr->conv_exprs;
cur_smp = LIST_PREV(cur_head, struct sample_conv_expr *, list);
if (cur_smp->conv->out_type != SMP_T_SAME) {
/* current converter has effective out_type */
cur_type = cur_smp->conv->out_type;
goto out;
}
else if (sample_casts[cur_type][next_type] != c_none)
return next_type; /* switching to next type is not conversion-free */
next_type = cur_smp->conv->in_type;
} while (cur_smp != LIST_NEXT(&expr->conv_exprs, struct sample_conv_expr *, list));
MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword If the acl keyword is a "fetch", the dedicated parsing function "sample_parse_expr()" is used. Otherwise, the acl parsing function "parse_acl_expr()" is extended to understand the syntax of a series of converters placed after the "fetch" keyword. Before this patch, each acl uses a "struct sample_fetch" and executes it with the "<fetch>->process()" function. Now, the dedicated function "sample_process()" is called. These syntax are now avalaible: acl bad req.hdr(host),lower -m str www http-request redirect prefix /go-away if bad acl bad hdr_beg(host),lower www http-request redirect prefix /go-away if bad
2013-11-21 04:50:10 -05:00
}
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
/* conv list empty or doesn't have effective out_type,
* falling back to sample fetch out_type
*/
cur_type = expr->fetch->out_type;
out:
if (sample_casts[cur_type][next_type] != c_none)
return next_type; /* switching to next type is not conversion-free */
return cur_type;
MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword If the acl keyword is a "fetch", the dedicated parsing function "sample_parse_expr()" is used. Otherwise, the acl parsing function "parse_acl_expr()" is extended to understand the syntax of a series of converters placed after the "fetch" keyword. Before this patch, each acl uses a "struct sample_fetch" and executes it with the "<fetch>->process()" function. Now, the dedicated function "sample_process()" is called. These syntax are now avalaible: acl bad req.hdr(host),lower -m str www http-request redirect prefix /go-away if bad acl bad hdr_beg(host),lower www http-request redirect prefix /go-away if bad
2013-11-21 04:50:10 -05:00
}
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
/* fill the trash with a comma-delimited list of source names for the <use> bit
* field which must be composed of a non-null set of SMP_USE_* flags. The return
* value is the pointer to the string in the trash buffer.
*/
const char *sample_src_names(unsigned int use)
{
int bit;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash.data = 0;
trash.area[0] = '\0';
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
for (bit = 0; bit < SMP_SRC_ENTRIES; bit++) {
if (!(use & ~((1 << bit) - 1)))
break; /* no more bits */
if (!(use & (1 << bit)))
continue; /* bit not set */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash.data += snprintf(trash.area + trash.data,
trash.size - trash.data, "%s%s",
(use & ((1 << bit) - 1)) ? "," : "",
fetch_src_names[bit]);
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
return trash.area;
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
}
MINOR: sample: provide a function to report the name of a sample check point We need to put names on places where samples are used in order to emit warnings and errors. Let's do that now.
2013-03-25 09:52:41 -04:00
/* return a pointer to the correct sample checkpoint name, or "unknown" when
* the flags are invalid. Only the lowest bit is used, higher bits are ignored
* if set.
*/
const char *sample_ckp_names(unsigned int use)
{
int bit;
for (bit = 0; bit < SMP_CKP_ENTRIES; bit++)
if (use & (1 << bit))
return fetch_ckp_names[bit];
return "unknown sample check place, please report this bug";
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
* Registers the sample fetch keyword list <kwl> as a list of valid keywords
* for next parsing sessions. The fetch keywords capabilities are also computed
* from their ->use field.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*/
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
void sample_register_fetches(struct sample_fetch_kw_list *kwl)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MEDIUM: samples: use new flags to describe compatibility between fetches and their usages Samples fetches were relying on two flags SMP_CAP_REQ/SMP_CAP_RES to describe whether they were compatible with requests rules or with response rules. This was never reliable because we need a finer granularity (eg: an HTTP request method needs to parse an HTTP request, and is available past this point). Some fetches are also dependant on the context (eg: "hdr" uses request or response depending where it's involved, causing some abiguity). In order to solve this, we need to precisely indicate in fetches what they use, and their users will have to compare with what they have. So now we have a bunch of bits indicating where the sample is fetched in the processing chain, with a few variants indicating for some of them if it is permanent or volatile (eg: an HTTP status is stored into the transaction so it is permanent, despite being caught in the response contents). The fetches also have a second mask indicating their validity domain. This one is computed from a conversion table at registration time, so there is no need for doing it by hand. This validity domain consists in a bitmask with one bit set for each usage point in the processing chain. Some provisions were made for upcoming controls such as connection-based TCP rules which apply on top of the connection layer but before instantiating the session. Then everywhere a fetch is used, the bit for the control point is checked in the fetch's validity domain, and it becomes possible to finely ensure that a fetch will work or not. Note that we need these two separate bitfields because some fetches are usable both in request and response (eg: "hdr", "payload"). So the keyword will have a "use" field made of a combination of several SMP_USE_* values, which will be converted into a wider list of SMP_VAL_* flags. The knowledge of permanent vs dynamic information has disappeared for now, as it was never used. Later we'll probably reintroduce it differently when dealing with variables. Its only use at the moment could have been to avoid caching a dynamic rate measurement, but nothing is cached as of now.
2013-01-07 09:42:20 -05:00
struct sample_fetch *sf;
int bit;
for (sf = kwl->kw; sf->kw != NULL; sf++) {
for (bit = 0; bit < SMP_SRC_ENTRIES; bit++)
if (sf->use & (1 << bit))
sf->val |= fetch_cap[bit];
}
CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion The current "ADD" vs "ADDQ" is confusing because when thinking in terms of appending at the end of a list, "ADD" naturally comes to mind, but here it does the opposite, it inserts. Several times already it's been incorrectly used where ADDQ was expected, the latest of which was a fortunate accident explained in 6fa922562 ("CLEANUP: stream: explain why we queue the stream at the head of the server list"). Let's use more explicit (but slightly longer) names now: LIST_ADD -> LIST_INSERT LIST_ADDQ -> LIST_APPEND LIST_ADDED -> LIST_INLIST LIST_DEL -> LIST_DELETE The same is true for MT_LISTs, including their "TRY" variant. LIST_DEL_INIT keeps its short name to encourage to use it instead of the lazier LIST_DELETE which is often less safe. The change is large (~674 non-comment entries) but is mechanical enough to remain safe. No permutation was performed, so any out-of-tree code can easily map older names to new ones. The list doc was updated.
2021-04-21 01:32:39 -04:00
LIST_APPEND(&sample_fetches.list, &kwl->list);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Registers the sample format coverstion keyword list <pckl> as a list of valid keywords for next
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* parsing sessions.
*/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
void sample_register_convs(struct sample_conv_kw_list *pckl)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion The current "ADD" vs "ADDQ" is confusing because when thinking in terms of appending at the end of a list, "ADD" naturally comes to mind, but here it does the opposite, it inserts. Several times already it's been incorrectly used where ADDQ was expected, the latest of which was a fortunate accident explained in 6fa922562 ("CLEANUP: stream: explain why we queue the stream at the head of the server list"). Let's use more explicit (but slightly longer) names now: LIST_ADD -> LIST_INSERT LIST_ADDQ -> LIST_APPEND LIST_ADDED -> LIST_INLIST LIST_DEL -> LIST_DELETE The same is true for MT_LISTs, including their "TRY" variant. LIST_DEL_INIT keeps its short name to encourage to use it instead of the lazier LIST_DELETE which is often less safe. The change is large (~674 non-comment entries) but is mechanical enough to remain safe. No permutation was performed, so any out-of-tree code can easily map older names to new ones. The list doc was updated.
2021-04-21 01:32:39 -04:00
LIST_APPEND(&sample_convs.list, &pckl->list);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns the pointer on sample fetch keyword structure identified by
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* string of <len> in buffer <kw>.
*
*/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_fetch *find_sample_fetch(const char *kw, int len)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int index;
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_fetch_kw_list *kwl;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
list_for_each_entry(kwl, &sample_fetches.list, list) {
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
for (index = 0; kwl->kw[index].kw != NULL; index++) {
if (strncmp(kwl->kw[index].kw, kw, len) == 0 &&
kwl->kw[index].kw[len] == '\0')
return &kwl->kw[index];
}
}
return NULL;
}
MINOR: samples: add a function to list register sample fetch keywords New function smp_dump_fetch_kw lists registered sample fetch keywords with their compatibility matrix, mandatory and optional argument types, and output types. It's called from dump_registered_keywords() with class "smp".
2022-03-29 10:51:29 -04:00
/* dump list of registered sample fetch keywords on stdout */
void smp_dump_fetch_kw(void)
{
struct sample_fetch_kw_list *kwl;
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
struct sample_fetch *kwp, *kw;
MINOR: samples: add a function to list register sample fetch keywords New function smp_dump_fetch_kw lists registered sample fetch keywords with their compatibility matrix, mandatory and optional argument types, and output types. It's called from dump_registered_keywords() with class "smp".
2022-03-29 10:51:29 -04:00
uint64_t mask;
int index;
int arg;
int bit;
for (bit = 0; bit <= SMP_CKP_ENTRIES + 1; bit++) {
putchar('#');
for (index = 0; bit + index <= SMP_CKP_ENTRIES; index++)
putchar(' ');
for (index = 0; index < bit && index < SMP_CKP_ENTRIES; index++)
printf((bit <= SMP_CKP_ENTRIES) ? "/ " : " |");
for (index = bit; bit < SMP_CKP_ENTRIES && index < SMP_CKP_ENTRIES + 2; index++)
if (index == bit)
putchar('_');
else if (index == bit + 1)
putchar('.');
else
putchar('-');
printf(" %s\n", (bit < SMP_CKP_ENTRIES) ? fetch_ckp_names[bit] : "");
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
for (kw = kwp = NULL;; kwp = kw) {
list_for_each_entry(kwl, &sample_fetches.list, list) {
for (index = 0; kwl->kw[index].kw != NULL; index++) {
if (strordered(kwp ? kwp->kw : NULL,
kwl->kw[index].kw,
kw != kwp ? kw->kw : NULL))
kw = &kwl->kw[index];
}
}
if (kw == kwp)
break;
printf("[ ");
for (bit = 0; bit < SMP_CKP_ENTRIES; bit++)
printf("%s", (kw->val & (1 << bit)) ? "Y " : ". ");
printf("] %s", kw->kw);
if (kw->arg_mask) {
mask = kw->arg_mask >> ARGM_BITS;
printf("(");
for (arg = 0;
arg < ARGM_NBARGS && ((mask >> (arg * ARGT_BITS)) & ARGT_MASK);
arg++) {
if (arg == (kw->arg_mask & ARGM_MASK)) {
/* now dumping extra args */
printf("[");
MINOR: samples: add a function to list register sample fetch keywords New function smp_dump_fetch_kw lists registered sample fetch keywords with their compatibility matrix, mandatory and optional argument types, and output types. It's called from dump_registered_keywords() with class "smp".
2022-03-29 10:51:29 -04:00
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
if (arg)
printf(",");
printf("%s", arg_type_names[(mask >> (arg * ARGT_BITS)) & ARGT_MASK]);
}
if (arg > (kw->arg_mask & ARGM_MASK)) {
/* extra args were dumped */
printf("]");
MINOR: samples: add a function to list register sample fetch keywords New function smp_dump_fetch_kw lists registered sample fetch keywords with their compatibility matrix, mandatory and optional argument types, and output types. It's called from dump_registered_keywords() with class "smp".
2022-03-29 10:51:29 -04:00
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
printf(")");
MINOR: samples: add a function to list register sample fetch keywords New function smp_dump_fetch_kw lists registered sample fetch keywords with their compatibility matrix, mandatory and optional argument types, and output types. It's called from dump_registered_keywords() with class "smp".
2022-03-29 10:51:29 -04:00
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
printf(": %s", smp_to_type[kw->out_type]);
printf("\n");
MINOR: samples: add a function to list register sample fetch keywords New function smp_dump_fetch_kw lists registered sample fetch keywords with their compatibility matrix, mandatory and optional argument types, and output types. It's called from dump_registered_keywords() with class "smp".
2022-03-29 10:51:29 -04:00
}
}
MINOR: sample: list registered sample converter functions Similar to the sample fetch keywords, let's also list the converter keywords. They're much simpler since there's no compatibility matrix. Instead the input and output types are listed. This is called by dump_registered_keywords() for the "cnv" keywords class.
2022-03-29 10:59:49 -04:00
/* dump list of registered sample converter keywords on stdout */
void smp_dump_conv_kw(void)
{
struct sample_conv_kw_list *kwl;
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
struct sample_conv *kwp, *kw;
MINOR: sample: list registered sample converter functions Similar to the sample fetch keywords, let's also list the converter keywords. They're much simpler since there's no compatibility matrix. Instead the input and output types are listed. This is called by dump_registered_keywords() for the "cnv" keywords class.
2022-03-29 10:59:49 -04:00
uint64_t mask;
int index;
int arg;
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
for (kw = kwp = NULL;; kwp = kw) {
list_for_each_entry(kwl, &sample_convs.list, list) {
for (index = 0; kwl->kw[index].kw != NULL; index++) {
if (strordered(kwp ? kwp->kw : NULL,
kwl->kw[index].kw,
kw != kwp ? kw->kw : NULL))
kw = &kwl->kw[index];
}
}
if (kw == kwp)
break;
printf("%s", kw->kw);
if (kw->arg_mask) {
mask = kw->arg_mask >> ARGM_BITS;
printf("(");
for (arg = 0;
arg < ARGM_NBARGS && ((mask >> (arg * ARGT_BITS)) & ARGT_MASK);
arg++) {
if (arg == (kw->arg_mask & ARGM_MASK)) {
/* now dumping extra args */
printf("[");
MINOR: sample: list registered sample converter functions Similar to the sample fetch keywords, let's also list the converter keywords. They're much simpler since there's no compatibility matrix. Instead the input and output types are listed. This is called by dump_registered_keywords() for the "cnv" keywords class.
2022-03-29 10:59:49 -04:00
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
if (arg)
printf(",");
printf("%s", arg_type_names[(mask >> (arg * ARGT_BITS)) & ARGT_MASK]);
}
if (arg > (kw->arg_mask & ARGM_MASK)) {
/* extra args were dumped */
printf("]");
MINOR: sample: list registered sample converter functions Similar to the sample fetch keywords, let's also list the converter keywords. They're much simpler since there's no compatibility matrix. Instead the input and output types are listed. This is called by dump_registered_keywords() for the "cnv" keywords class.
2022-03-29 10:59:49 -04:00
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
printf(")");
MINOR: sample: list registered sample converter functions Similar to the sample fetch keywords, let's also list the converter keywords. They're much simpler since there's no compatibility matrix. Instead the input and output types are listed. This is called by dump_registered_keywords() for the "cnv" keywords class.
2022-03-29 10:59:49 -04:00
}
MINOR: sample: alphanumerically sort sample & conv keyword dumps It's much more convenient to sort these keywords on output to detect changes, and it's easy to do. The patch looks big but most of it is only caused by an indent change in the loop, as "git diff -b" shows.
2022-03-30 05:30:36 -04:00
printf(": %s => %s", smp_to_type[kw->out_type], smp_to_type[kw->in_type]);
printf("\n");
MINOR: sample: list registered sample converter functions Similar to the sample fetch keywords, let's also list the converter keywords. They're much simpler since there's no compatibility matrix. Instead the input and output types are listed. This is called by dump_registered_keywords() for the "cnv" keywords class.
2022-03-29 10:59:49 -04:00
}
}
CLEANUP: sample: Fix comment encoding of sample.c The file contained an 'e' with an gravis accent and thus was not US-ASCII, but ISO-8859-1. Also correct the spelling in the incorrect comment. The incorrect character was introduced in commit: 4d9a1d1a5c4720a169654ee47f9a4364261ffab4 v1.6-dev1 is the first tag containing this comment, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:44 -05:00
/* This function browses the list of available sample fetches. <current> is
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
* the last used sample fetch. If it is the first call, it must set to NULL.
CLEANUP: sample: Fix comment encoding of sample.c The file contained an 'e' with an gravis accent and thus was not US-ASCII, but ISO-8859-1. Also correct the spelling in the incorrect comment. The incorrect character was introduced in commit: 4d9a1d1a5c4720a169654ee47f9a4364261ffab4 v1.6-dev1 is the first tag containing this comment, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:44 -05:00
* <idx> is the index of the next sample fetch entry. It is used as private
* value. It is useless to initiate it.
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
*
CLEANUP: sample: Fix comment encoding of sample.c The file contained an 'e' with an gravis accent and thus was not US-ASCII, but ISO-8859-1. Also correct the spelling in the incorrect comment. The incorrect character was introduced in commit: 4d9a1d1a5c4720a169654ee47f9a4364261ffab4 v1.6-dev1 is the first tag containing this comment, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:44 -05:00
* It returns always the new fetch_sample entry, and NULL when the end of
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
* the list is reached.
*/
struct sample_fetch *sample_fetch_getnext(struct sample_fetch *current, int *idx)
{
struct sample_fetch_kw_list *kwl;
struct sample_fetch *base;
if (!current) {
/* Get first kwl entry. */
kwl = LIST_NEXT(&sample_fetches.list, struct sample_fetch_kw_list *, list);
(*idx) = 0;
} else {
CLEANUP: assorted typo fixes in the code and comments This is 37th iteration of typo fixes
2023-11-21 13:54:16 -05:00
/* Get kwl corresponding to the current entry. */
MINOR: sample: add function for browsing samples. This function is useful with the incoming lua functions.
2014-12-08 08:49:19 -05:00
base = current + 1 - (*idx);
kwl = container_of(base, struct sample_fetch_kw_list, kw);
}
while (1) {
/* Check if kwl is the last entry. */
if (&kwl->list == &sample_fetches.list)
return NULL;
/* idx contain the next keyword. If it is available, return it. */
if (kwl->kw[*idx].kw) {
(*idx)++;
return &kwl->kw[(*idx)-1];
}
/* get next entry in the main list, and return NULL if the end is reached. */
kwl = LIST_NEXT(&kwl->list, struct sample_fetch_kw_list *, list);
/* Set index to 0, ans do one other loop. */
(*idx) = 0;
}
}
MINOR: converters: add function to browse converters This patch adds a fucntion to browse each converter. This is used with Lua for using the converters with a wrapper.
2015-03-10 18:56:48 -04:00
/* This function browses the list of available converters. <current> is
* the last used converter. If it is the first call, it must set to NULL.
* <idx> is the index of the next converter entry. It is used as private
* value. It is useless to initiate it.
*
* It returns always the next sample_conv entry, and NULL when the end of
* the list is reached.
*/
struct sample_conv *sample_conv_getnext(struct sample_conv *current, int *idx)
{
struct sample_conv_kw_list *kwl;
struct sample_conv *base;
if (!current) {
/* Get first kwl entry. */
kwl = LIST_NEXT(&sample_convs.list, struct sample_conv_kw_list *, list);
(*idx) = 0;
} else {
CLEANUP: assorted typo fixes in the code and comments This is 37th iteration of typo fixes
2023-11-21 13:54:16 -05:00
/* Get kwl corresponding to the current entry. */
MINOR: converters: add function to browse converters This patch adds a fucntion to browse each converter. This is used with Lua for using the converters with a wrapper.
2015-03-10 18:56:48 -04:00
base = current + 1 - (*idx);
kwl = container_of(base, struct sample_conv_kw_list, kw);
}
while (1) {
/* Check if kwl is the last entry. */
if (&kwl->list == &sample_convs.list)
return NULL;
/* idx contain the next keyword. If it is available, return it. */
if (kwl->kw[*idx].kw) {
(*idx)++;
return &kwl->kw[(*idx)-1];
}
/* get next entry in the main list, and return NULL if the end is reached. */
kwl = LIST_NEXT(&kwl->list, struct sample_conv_kw_list *, list);
/* Set index to 0, ans do one other loop. */
(*idx) = 0;
}
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns the pointer on sample format conversion keyword structure identified by
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* string of <len> in buffer <kw>.
*
*/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv *find_sample_conv(const char *kw, int len)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int index;
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv_kw_list *kwl;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
list_for_each_entry(kwl, &sample_convs.list, list) {
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
for (index = 0; kwl->kw[index].kw != NULL; index++) {
if (strncmp(kwl->kw[index].kw, kw, len) == 0 &&
kwl->kw[index].kw[len] == '\0')
return &kwl->kw[index];
}
}
return NULL;
}
/******************************************************************/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* Sample casts functions */
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/******************************************************************/
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ip2int(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = ntohl(smp->data.u.ipv4.s_addr);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ip2str(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!inet_ntop(AF_INET, (void *)&smp->data.u.ipv4, trash->area, trash->size))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = strlen(trash->area);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ip2ipv6(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
v4tov6(&smp->data.u.ipv6, &smp->data.u.ipv4);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 1;
}
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
static int c_ipv62ip(struct sample *smp)
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (!v6tov4(&smp->data.u.ipv4, &smp->data.u.ipv6))
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
return 0;
BUG/MINOR: sample: Fix output type of c_ipv62ip c_ipv62ip failed to set the output type of the cast to SMP_T_IPV4 even for a successful conversion. This bug exists as of commit cc4d1716a2e72516c2505a6459a9ddbbfb186da2 which is the first commit adding this function. v1.6-dev4 is the first tag containing this commit, the fix should be backported to haproxy 1.6 and newer.
2018-01-25 10:24:46 -05:00
smp->data.type = SMP_T_IPV4;
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ipv62str(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!inet_ntop(AF_INET6, (void *)&smp->data.u.ipv6, trash->area, trash->size))
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = strlen(trash->area);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 1;
}
/*
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_ipv62ip(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
return v6tov4(&smp->data.u.ipv4, &smp->data.u.ipv6);
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
}
*/
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_int2ip(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv4.s_addr = htonl((unsigned int)smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
return 1;
}
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
static int c_int2ipv6(struct sample *smp)
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv4.s_addr = htonl((unsigned int)smp->data.u.sint);
v4tov6(&smp->data.u.ipv6, &smp->data.u.ipv4);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts The RFC4291 says that when the IPv6 adress have the followin form: 0000::ffff:a.b.c.d, if can be converted to an IPv4 adress. This patch enable this conversion in casts. As the sint can be casted as ipv4, and ipv4 can be casted as ipv6, we can directly cast sint as ipv6 using the RFC4291.
2015-07-24 03:04:56 -04:00
return 1;
}
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
static int c_str2addr(struct sample *smp)
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!buf2ip(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv4)) {
if (!buf2ip6(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv6))
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 1;
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
}
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_str2ip(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!buf2ip(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv4))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_str2ipv6(struct sample *smp)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!buf2ip6(smp->data.u.str.area, smp->data.u.str.data, &smp->data.u.ipv6))
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end Applying inet_pton() to input contents is not reliable because the function requires a zero-terminated string. While inet_pton() will stop when contents do not match an IPv6 address anymore, it could theorically read past the end of a buffer if the data to be converted was at the end of a buffer (this cannot happen right now thanks to the reserve at the end of the buffer). At least the conversion does not work. Fix this by using buf2ip6() instead, which copies the string into a padded aread. This bug came with recent commit b805f71 (MEDIUM: sample: let the cast functions set their output type), no backport is needed.
2013-12-11 06:38:57 -05:00
return 1;
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
}
BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-03 12:17:10 -05:00
/*
* The NULL char always enforces the end of string if it is met.
* Data is never changed, so we can ignore the CONST case
MEDIUM: sample: change the behavior of the bin2str cast The bin2str cast gives the hexadecimal representation of the binary content when it is used as string. This was inherited from the stick-table casts without realizing that it was a mistake. Indeed, it breaks string processing on binary contents, preventing any _reg, _beg, etc from working. For example, with an HTTP GET request, the fetch "req.payload(0,3)" returns the 3 bytes "G", "E", and "T" in binary. If this fetch is used with regex, it is automatically converted to "474554" and the regex is applied on this string, so it never matches. This commit changes the cast so that bin2str does not convert the contents anymore, and returns a string type. The contents can thus be matched as is, and the NULL character continues to mark the end of the string to avoid any issue with some string-based functions. This commit could almost have been marked as a bug fix since it does what the doc says. Note that in case someone would rely on the hex encoding, then the same behaviour could be achieved by appending ",hex" after the sample fetch function (brought by previous patch).
2014-03-12 10:07:59 -04:00
*/
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
static int c_bin2str(struct sample *smp)
{
BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-03 12:17:10 -05:00
int i;
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if (!smp->data.u.str.area[i]) {
smp->data.u.str.data = i;
MEDIUM: sample: change the behavior of the bin2str cast The bin2str cast gives the hexadecimal representation of the binary content when it is used as string. This was inherited from the stick-table casts without realizing that it was a mistake. Indeed, it breaks string processing on binary contents, preventing any _reg, _beg, etc from working. For example, with an HTTP GET request, the fetch "req.payload(0,3)" returns the 3 bytes "G", "E", and "T" in binary. If this fetch is used with regex, it is automatically converted to "474554" and the regex is applied on this string, so it never matches. This commit changes the cast so that bin2str does not convert the contents anymore, and returns a string type. The contents can thus be matched as is, and the NULL character continues to mark the end of the string to avoid any issue with some string-based functions. This commit could almost have been marked as a bug fix since it does what the doc says. Note that in case someone would rely on the hex encoding, then the same behaviour could be achieved by appending ",hex" after the sample fetch function (brought by previous patch).
2014-03-12 10:07:59 -04:00
break;
BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-03 12:17:10 -05:00
}
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
}
BUG/MINOR: sample: Set the correct type when a binary is converted to a string A binary sample data can be converted, implicitly or not, to a string by cutting the buffer on the first null byte. I guess this patch should be backported to all stable versions.
2020-04-30 03:57:40 -04:00
smp->data.type = SMP_T_STR;
MINOR: sample: manage binary to string type convertion in stick-table and samples. Binary type is converted to a null terminated hexa string.
2012-10-17 07:36:06 -04:00
return 1;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_int2str(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
char *pos;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
pos = lltoa_r(smp->data.u.sint, trash->area, trash->size);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
if (!pos)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->size = trash->size - (pos - trash->area);
trash->area = pos;
trash->data = strlen(pos);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
/* This function unconditionally duplicates data and removes the "const" flag.
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
* For strings and binary blocks, it also provides a known allocated size with
* a length that is capped to the size, and ensures a trailing zero is always
* appended for strings. This is necessary for some operations which may
* require to extend the length. It returns 0 if it fails, 1 on success.
*/
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
int smp_dup(struct sample *smp)
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
switch (smp->data.type) {
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
case SMP_T_BOOL:
case SMP_T_SINT:
case SMP_T_ADDR:
case SMP_T_IPV4:
case SMP_T_IPV6:
/* These type are not const. */
break;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup First, the type SMP_T_METH was not handled by smp_dup function. It was never called with this kind of samples, so it's not really a problem. But, this could be useful in future. For all known HTTP methods (GET, POST...), there is no extra space allocated for a sample of type SMP_T_METH. But for unkown methods, it uses a chunk. So, like for strings, we duplicate data, using a trash chunk.
2017-07-24 09:38:41 -04:00
case SMP_T_METH:
if (smp->data.u.meth.meth != HTTP_METH_OTHER)
break;
BUILD: sample: use __fallthrough in smp_is_rw() and smp_dup() This avoids three build warnings when preprocessing happens before compiling with gcc >= 7.
2022-11-14 00:59:59 -05:00
__fallthrough;
MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup First, the type SMP_T_METH was not handled by smp_dup function. It was never called with this kind of samples, so it's not really a problem. But, this could be useful in future. For all known HTTP methods (GET, POST...), there is no extra space allocated for a sample of type SMP_T_METH. But for unkown methods, it uses a chunk. So, like for strings, we duplicate data, using a trash chunk.
2017-07-24 09:38:41 -04:00
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
case SMP_T_STR:
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
trash = get_trash_chunk();
BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. In smp_dup(), don't consider a SMP_T_METH with an unknown method the same as SMP_T_STR. The string and string length aren't stored at the same place. This should be backported to 1.8.
2018-12-07 09:23:41 -05:00
trash->data = smp->data.type == SMP_T_STR ?
smp->data.u.str.data : smp->data.u.meth.str.data;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (trash->data > trash->size - 1)
trash->data = trash->size - 1;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. In smp_dup(), don't consider a SMP_T_METH with an unknown method the same as SMP_T_STR. The string and string length aren't stored at the same place. This should be backported to 1.8.
2018-12-07 09:23:41 -05:00
memcpy(trash->area, smp->data.type == SMP_T_STR ?
smp->data.u.str.area : smp->data.u.meth.str.area,
trash->data);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->area[trash->data] = 0;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
smp->data.u.str = *trash;
break;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
case SMP_T_BIN:
trash = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = smp->data.u.str.data;
if (trash->data > trash->size)
trash->data = trash->size;
BUG/MEDIUM: samples: make smp_dup() always duplicate the sample Vedran Furac reported a strange problem where the "base" sample fetch would not always work for tracking purposes. In fact, it happens that commit bc8c404 ("MAJOR: stick-tables: use sample types in place of dedicated types") merged in 1.6 exposed a fundamental bug related to the way samples use chunks as strings. The problem is that chunks convey a base pointer, a length and an optional size, which may be zero when unknown or when the chunk is allocated from a read-only location. The sole purpose of this size is to know whether or not the chunk may be appended new data. This size cause some semantics issue in the sample, which has its own SMP_F_CONST flag to indicate read-only contents. The problem was emphasized by the commit above because it made use of new calls to smp_dup() to convert a sample to a table key. And since smp_dup() would only check the SMP_F_CONST flag, it would happily return read-write samples indicating size=0. So some tests were added upon smp_dup() return to ensure that the actual length is smaller than size, but this in fact made things even worse. For example, the "sni" server directive does some bad stuff on many occasions because it limits len to size-1 and effectively sets it to -1 and writes the zero byte before the beginning of the string! It is therefore obvious that smp_dup() needs to be modified to take this nature of the chunks into account. It's not enough but is needed. The core of the problem comes from the fact that smp_dup() is called for 5 distinct needs which are not always fulfilled : 1) duplicate a sample to keep a copy of it during some operations 2) ensure that the sample is rewritable for a converter like upper() 3) ensure that the sample is terminated with a \0 4) set a correct size on the sample 5) grow the sample in case it was extracted from a partial chunk Case 1 is not used for now, so we can ignore it. Case 2 indicates the wish to modify the sample, so its R/O status must be removed if any, but there's no implied requirement that the chunk becomes larger. Case 3 is used when the sample has to be made compatible with libc's str* functions. There's no need to make it R/W nor to duplicate it if it is already correct. Case 4 can happen when the sample's size is required (eg: before performing some changes that must fit in the buffer). Case 5 is more or less similar but will happen when the sample by be grown but we want to ensure we're not bound by the current small size. So the proposal is to have different functions for various operations. One will ensure a sample is safe for use with str* functions. Another one will ensure it may be rewritten in place. And smp_dup() will have to perform an inconditional duplication to guarantee at least #5 above, and implicitly all other ones. This patch only modifies smp_dup() to make the duplication inconditional. It is enough to fix both the "base" sample fetch and the "sni" server directive, and all use cases in general though not always optimally. More patches will follow to address them more optimally and even better than the current situation (eg: avoid a dup just to add a \0 when possible). The bug comes from an ambiguous design, so its roots are old. 1.6 is affected and a backport is needed. In 1.5, the function already existed but was only used by two converters modifying the data in place, so the bug has no effect there.
2016-08-08 13:21:09 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area, smp->data.u.str.area, trash->data);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
break;
MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup First, the type SMP_T_METH was not handled by smp_dup function. It was never called with this kind of samples, so it's not really a problem. But, this could be useful in future. For all known HTTP methods (GET, POST...), there is no extra space allocated for a sample of type SMP_T_METH. But for unkown methods, it uses a chunk. So, like for strings, we duplicate data, using a trash chunk.
2017-07-24 09:38:41 -04:00
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
default:
/* Other cases are unexpected. */
return 0;
}
MEDIUM: sample: let the cast functions set their output type This patch allows each sample cast function to specify the sample output type. The goal is to be able to emit an output type IPv4 or IPv6 depending on what is found in the input if the next converter is able to process them both. The patch also adds a new pseudo type called "ADDR". This type is an alias for IPV4 and IPV6 which is only used as an input type by converters who want to express their compatibility with both address formats. It may not be emitted. The goal is to unify as much as possible the processing of IPv4 and IPv6 in order not to add extra keywords for the maps which act as converters, but will match samples like ACLs do with their patterns.
2013-11-26 14:47:54 -05:00
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
/* remove const flag */
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
return 1;
}
MINOR: sample: dont call the sample cast function "c_none" If the cast function to execute is c_none, dont execute it and return true. The function c_none, do nothing. This save a call.
2013-12-14 08:55:04 -05:00
int c_none(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
return 1;
}
MINOR: sample: introduce c_pseudo() conv function This function is used for ANY=>!ANY conversions in the compatibility matrix to help differentiate between real NOOP (c_none) and pseudo conversions that are theorically supported at config parse time but can never occur at runtime,. That is, to explicit the fact that actual related runtime operations (e.g.: ANY->IPV4) are not NOOP since they might require some conversion to be performed depending on the input type. When checking the conf we don't know the effective out types so cast[pseudo type][pseudo type] is allowed in the compatibility matrix, but at runtime we only expect cast[real type][(real type || pseudo type)] because fetches and converters may not emit pseudo types, thus using c_none() everywhere was too ambiguous. The process will crash if c_pseudo() is invoked to help catch bugs: crashing here means that a pseudo type has been encountered on a converter's input at runtime (because it was emitted earlier in the chain), which is not supported and results from a broken sample fetch or converter implementation. (pseudo types may only be used as out_type in sample definitions for compatibility checks at parsing time)
2023-06-06 13:03:45 -04:00
/* special converter function used by pseudo types in the compatibility matrix
CLEANUP: assorted typo fixes in the code and comments This is 37th iteration of typo fixes
2023-11-21 13:54:16 -05:00
* to inform that the conversion is theoretically allowed at parsing time.
MINOR: sample: introduce c_pseudo() conv function This function is used for ANY=>!ANY conversions in the compatibility matrix to help differentiate between real NOOP (c_none) and pseudo conversions that are theorically supported at config parse time but can never occur at runtime,. That is, to explicit the fact that actual related runtime operations (e.g.: ANY->IPV4) are not NOOP since they might require some conversion to be performed depending on the input type. When checking the conf we don't know the effective out types so cast[pseudo type][pseudo type] is allowed in the compatibility matrix, but at runtime we only expect cast[real type][(real type || pseudo type)] because fetches and converters may not emit pseudo types, thus using c_none() everywhere was too ambiguous. The process will crash if c_pseudo() is invoked to help catch bugs: crashing here means that a pseudo type has been encountered on a converter's input at runtime (because it was emitted earlier in the chain), which is not supported and results from a broken sample fetch or converter implementation. (pseudo types may only be used as out_type in sample definitions for compatibility checks at parsing time)
2023-06-06 13:03:45 -04:00
*
* However, being a pseudo type, it may not be emitted by fetches or converters
* so this function should never be called. If this is the case, then it means
* that a pseudo type has been used as a final output type at runtime, which is
* considered as a bug and should be fixed. To help spot this kind of bug, the
* process will crash in this case.
*/
int c_pseudo(struct sample *smp)
{
ABORT_NOW(); // die loudly
/* never reached */
return 0;
}
MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere Now there is no more reference to union pattern_data. All pattern fetch and conversion functions now make use of the common sample type. Note: none of them adjust the type right now so it's important to do it next otherwise we would risk sharing such functions with ACLs and seeing them fail.
2012-04-23 16:03:39 -04:00
static int c_str2int(struct sample *smp)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
const char *str;
const char *end;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (smp->data.u.str.data == 0)
BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer If the string not start with a number, the converter fails. In other, it converts a maximum of characters to a number and stop to the first character that not match a number.
2014-01-27 12:20:48 -05:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
str = smp->data.u.str.area;
end = smp->data.u.str.area + smp->data.u.str.data;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_int64(&str, end);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return 1;
}
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
static int c_str2meth(struct sample *smp)
{
enum http_meth_t meth;
int len;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
meth = find_http_meth(smp->data.u.str.area, smp->data.u.str.data);
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
if (meth == HTTP_METH_OTHER) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
len = smp->data.u.str.data;
smp->data.u.meth.str.area = smp->data.u.str.area;
smp->data.u.meth.str.data = len;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
}
else
smp->flags &= ~SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.meth.meth = meth;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_METH;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
return 1;
}
static int c_meth2str(struct sample *smp)
{
int len;
enum http_meth_t meth;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.meth.meth == HTTP_METH_OTHER) {
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
/* The method is unknown. Copy the original pointer. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
len = smp->data.u.meth.str.data;
smp->data.u.str.area = smp->data.u.meth.str.area;
smp->data.u.str.data = len;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
else if (smp->data.u.meth.meth < HTTP_METH_OTHER) {
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
/* The method is known, copy the pointer containing the string. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
meth = smp->data.u.meth.meth;
REORG: http: move the HTTP semantics definitions to http.h/http.c It's a bit painful to have to deal with HTTP semantics for each protocol version (H1 and H2), and working on the version-agnostic code further emphasizes the problem. This patch creates http.h and http.c which are agnostic to the version in use, and which borrow a few parts from proto_http and from h1. For example the once thought h1-specific h1_char_classes array is in fact dictated by RFC7231 and is used to parse HTTP headers. A few changes were made to a few files which were including proto_http.h while they only needed http.h. Certain string definitions pre-dated the introduction of indirect strings (ist) so some were used to simplify the definition of the known HTTP methods. The current lookup code saves 2 kB of a heavily used table and is faster than the previous table based lookup (typ. 14 ns vs 16 before).
2018-09-10 09:38:55 -04:00
smp->data.u.str.area = http_known_methods[meth].ptr;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = http_known_methods[meth].len;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
smp->flags |= SMP_F_CONST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample/http_proto: Add new type called method The method are actuelly stored using two types. Integer if the method is known and string if the method is not known. The fetch is declared as UINT, but in some case it can provides STR. This patch create new type called METH. This type contain interge for known method and string for the other methods. It can be used with automatic converters. The pattern matching can expect method. During the free or prune function, http_meth pettern is freed. This patch initialise the freed pointer to NULL.
2013-12-16 19:10:10 -05:00
}
else {
/* Unknown method */
return 0;
}
return 1;
}
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
static int c_addr2bin(struct sample *smp)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *chk = get_trash_chunk();
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
if (smp->data.type == SMP_T_IPV4) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
chk->data = 4;
memcpy(chk->area, &smp->data.u.ipv4, chk->data);
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
}
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
else if (smp->data.type == SMP_T_IPV6) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
chk->data = 16;
memcpy(chk->area, &smp->data.u.ipv6, chk->data);
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
}
else
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *chk;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BIN;
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
return 1;
}
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
static int c_int2bin(struct sample *smp)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *chk = get_trash_chunk();
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
*(unsigned long long int *) chk->area = my_htonll(smp->data.u.sint);
chk->data = 8;
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *chk;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BIN;
MINOR: sample: allow integers to cast to binary Doing so finally allows to apply the hex converter to integers as well. Note that all integers are represented in 32-bit, big endian so that their conversion remains human readable and portable. A later improvement to the hex converter could be to make it trim leading zeroes, and/or to only report a number of least significant bytes.
2014-07-15 15:19:08 -04:00
return 1;
}
MINOR: sample: make the bool type cast to bin Any type except bool could cast to bin, while it can cast to string. That's a bit inconsistent, and prevents a boolean from being used as the entry of a hash function while any other type can. This is a problem when passing via variable where someone could use: ... set-var(txn.bar) always_false to temporarily disable something, but this would result in an empty hash output when later doing: ... var(txn.bar),sdbm Instead of using c_int2bin() as is done for the string output, better enfore an set of inputs or exactly 0 or 1 so that a poorly written sample fetch function does not result in a difficult to debug hash output.
2022-04-25 04:46:16 -04:00
static int c_bool2bin(struct sample *smp)
{
struct buffer *chk = get_trash_chunk();
*(unsigned long long int *)chk->area = my_htonll(!!smp->data.u.sint);
chk->data = 8;
smp->data.u.str = *chk;
smp->data.type = SMP_T_BIN;
return 1;
}
MINOR: sample: allow IP address to cast to binary IP addresses are a perfect example of fixed size data which we could cast to binary, still it was not allowed by lack of cast function, eventhough the opposite was allowed in ACLs. Make that possible both in sample expressions and in stick tables.
2014-07-15 15:03:26 -04:00
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* Sample casts matrix: */
/* sample_casts[from type][to type] */
/* NULL pointer used for impossible sample casts */
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
MINOR: sample: export sample_casts just export the sample cast matrix "sample_casts" to prepare the generic sample conversion parser.
2013-11-21 04:53:12 -05:00
sample_cast_fct sample_casts[SMP_TYPES][SMP_TYPES] = {
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
/* to: ANY SAME BOOL SINT ADDR IPV4 IPV6 STR BIN METH */
/* from: ANY */ { c_none, NULL, c_pseudo, c_pseudo, c_pseudo, c_pseudo, c_pseudo, c_pseudo, c_pseudo, c_pseudo },
/* SAME */ { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL },
/* BOOL */ { c_none, NULL, c_none, c_none, NULL, NULL, NULL, c_int2str, c_bool2bin, NULL },
/* SINT */ { c_none, NULL, c_none, c_none, c_int2ip, c_int2ip, c_int2ipv6, c_int2str, c_int2bin, NULL },
/* ADDR */ { c_none, NULL, NULL, NULL, c_pseudo, c_pseudo, c_pseudo, c_pseudo, c_pseudo, NULL },
/* IPV4 */ { c_none, NULL, NULL, c_ip2int, c_none, c_none, c_ip2ipv6, c_ip2str, c_addr2bin, NULL },
/* IPV6 */ { c_none, NULL, NULL, NULL, c_none, c_ipv62ip, c_none, c_ipv62str, c_addr2bin, NULL },
/* STR */ { c_none, NULL, c_str2int, c_str2int, c_str2addr, c_str2ip, c_str2ipv6, c_none, c_none, c_str2meth },
/* BIN */ { c_none, NULL, NULL, NULL, NULL, NULL, NULL, c_bin2str, c_none, c_str2meth },
/* METH */ { c_none, NULL, NULL, NULL, NULL, NULL, NULL, c_meth2str, c_meth2str, c_none }
[CLEANUP] stick_table: move pattern to key functions to stick_table.c pattern.c depended on stick_table while in fact it should be the opposite. So we move from pattern.c everything related to stick_tables and invert the dependency. That way the code becomes more logical and intuitive.
2010-06-06 07:22:23 -04:00
};
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
/* Process the converters (if any) for a sample expr after the first fetch
* keyword. We have two supported syntaxes for the converters, which can be
* combined:
* - comma-delimited list of converters just after the keyword and args ;
* - one converter per keyword (if <idx> != NULL)
* FIXME: should we continue to support this old syntax?
* The combination allows to have each keyword being a comma-delimited
* series of converters.
*
* We want to process the former first, then the latter. For this we start
* from the beginning of the supposed place in the exiting conv chain, which
* starts at the last comma (<start> which is then referred to as endt).
*
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
* If <endptr> is non-nul, it will be set to the first unparsed character
* (which may be the final '\0') on success. If it is nul, the expression
* must be properly terminated by a '\0' otherwise an error is reported.
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
*
* <expr> should point the the sample expression that is already initialized
* with the sample fetch that precedes the converters chain.
*
* The function returns a positive value for success and 0 for failure, in which
* case <err_msg> will point to an allocated string that brings some info
* about the failure. It is the caller's responsibility to free it.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*/
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
int sample_parse_expr_cnv(char **str, int *idx, char **endptr, char **err_msg, struct arg_list *al, const char *file, int line,
struct sample_expr *expr, const char *start)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv *conv;
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
const char *endt = start; /* end of term */
const char *begw; /* beginning of word */
const char *endw; /* end of word */
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
char *ckw = NULL;
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
unsigned long prev_type = expr->fetch->out_type;
int success = 1;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
while (1) {
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_conv_expr *conv_expr;
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
int err_arg;
int argcnt;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (*endt && *endt != ',') {
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
if (endptr) {
/* end found, let's stop here */
break;
}
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (ckw)
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "missing comma after converter '%s'", ckw);
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
else
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
memprintf(err_msg, "missing comma after fetch keyword");
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: arg: make make_arg_list() stop after its own arguments The main problem we're having with argument parsing is that at the moment the caller looks for the first character looking like an end of arguments (')') and calls make_arg_list() on the sub-string inside the parenthesis. Let's first change the way it works so that make_arg_list() also consumes the parenthesis and returns the pointer to the first char not consumed. This will later permit to refine each argument parsing. For now there is no functional change.
2020-02-14 02:40:37 -05:00
/* FIXME: how long should we support such idiocies ? Maybe we
* should already warn ?
*/
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
while (*endt == ',') /* then trailing commas */
endt++;
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
begw = endt; /* start of converter */
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (!*begw) {
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
/* none ? skip to next string if idx is set */
if (!idx)
break; /* end of converters */
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
(*idx)++;
begw = str[*idx];
if (!begw || !*begw)
break;
}
MINOR: sample/acl: use is_idchar() to locate the fetch/conv name Instead of scanning a string looking for an end of line, ')' or ',', let's only accept characters which are actually valid identifier characters. This will let the parser know that in %[src], only "src" is the sample fetch name, not "src]". This was done both for samples and ACLs since they are the same here.
2020-02-14 12:27:10 -05:00
for (endw = begw; is_idchar(*endw); endw++)
;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
ha_free(&ckw);
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
ckw = my_strndup(begw, endw - begw);
conv = find_sample_conv(begw, endw - begw);
if (!conv) {
/* we found an isolated keyword that we don't know, it's not ours */
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
if (idx && begw == str[*idx]) {
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
endt = begw;
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
break;
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
}
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "unknown converter '%s'", ckw);
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
goto out_error;
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
if (conv->in_type >= SMP_TYPES || conv->out_type >= SMP_TYPES) {
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
memprintf(err_msg, "return type of converter '%s' is unknown", ckw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/* If impossible type conversion */
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
if (!sample_casts[prev_type][conv->in_type]) {
CLEANUP: sample: report "converter" instead of "conv method" in error messages This was inherited from the very early stick-tables code but it's about time to produce understandable error messages :-)
2016-11-25 01:33:24 -05:00
memprintf(err_msg, "converter '%s' cannot be applied", ckw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
goto out_error;
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
/* Ignore converters that output SMP_T_SAME if switching to them is
* conversion-free. (such converter's output match with input, thus only
* their input is considered)
*/
if (conv->out_type != SMP_T_SAME)
prev_type = conv->out_type;
else if (sample_casts[prev_type][conv->in_type] != c_none)
prev_type = conv->in_type;
CLEANUP: uniformize last argument of malloc/calloc Instead of repeating the type of the LHS argument (sizeof(struct ...)) in calls to malloc/calloc, we directly use the pointer name (sizeof(*...)). The following Coccinelle patch was used: @@ type T; T *x; @@ x = malloc( - sizeof(T) + sizeof(*x) ) @@ type T; T *x; @@ x = calloc(1, - sizeof(T) + sizeof(*x) ) When the LHS is not just a variable name, no change is made. Moreover, the following patch was used to ensure that "1" is consistently used as a first argument of calloc, not the last one: @@ @@ calloc( + 1, ... - ,1 )
2016-04-03 07:48:43 -04:00
conv_expr = calloc(1, sizeof(*conv_expr));
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
if (!conv_expr)
goto out_error;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion The current "ADD" vs "ADDQ" is confusing because when thinking in terms of appending at the end of a list, "ADD" naturally comes to mind, but here it does the opposite, it inserts. Several times already it's been incorrectly used where ADDQ was expected, the latest of which was a fortunate accident explained in 6fa922562 ("CLEANUP: stream: explain why we queue the stream at the head of the server list"). Let's use more explicit (but slightly longer) names now: LIST_ADD -> LIST_INSERT LIST_ADDQ -> LIST_APPEND LIST_ADDED -> LIST_INLIST LIST_DEL -> LIST_DELETE The same is true for MT_LISTs, including their "TRY" variant. LIST_DEL_INIT keeps its short name to encourage to use it instead of the lazier LIST_DELETE which is often less safe. The change is large (~674 non-comment entries) but is mechanical enough to remain safe. No permutation was performed, so any out-of-tree code can easily map older names to new ones. The list doc was updated.
2021-04-21 01:32:39 -04:00
LIST_APPEND(&(expr->conv_exprs), &(conv_expr->list));
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
conv_expr->conv = conv;
MINOR: arg: Be able to forbid unresolved args when building an argument list In make_arg_list() function, unresolved dependencies are pushed in an argument list to be resolved later, during the configuration validity check. It is now possible to forbid such unresolved dependencies by omitting <al> parameter (setting it to NULL). It is usefull when the parsing context is not the same than the running context or when the parsing context is lost after the startup stage. For instance, an argument may be defined in defaults section during parsing and executed in a frontend/backend section.
2021-09-30 02:48:56 -04:00
if (al) {
al->kw = expr->fetch->kw;
al->conv = conv_expr->conv->kw;
}
MEDIUM: arg: make make_arg_list() stop after its own arguments The main problem we're having with argument parsing is that at the moment the caller looks for the first character looking like an end of arguments (')') and calls make_arg_list() on the sub-string inside the parenthesis. Let's first change the way it works so that make_arg_list() also consumes the parenthesis and returns the pointer to the first char not consumed. This will later permit to refine each argument parsing. For now there is no functional change.
2020-02-14 02:40:37 -05:00
argcnt = make_arg_list(endw, -1, conv->arg_mask, &conv_expr->arg_p, err_msg, &endt, &err_arg, al);
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (argcnt < 0) {
memprintf(err_msg, "invalid arg %d in converter '%s' : %s", err_arg+1, ckw, *err_msg);
goto out_error;
}
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (argcnt && !conv->arg_mask) {
memprintf(err_msg, "converter '%s' does not support any args", ckw);
goto out_error;
}
MEDIUM: pattern: add an argument validation callback to pattern descriptors This is used to validate that arguments are coherent. For instance, payload_lv expects that the last arg (if any) is not more negative than the sum of the first two. The error is reported if any.
2012-04-20 09:52:36 -04:00
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (!conv_expr->arg_p)
conv_expr->arg_p = empty_arg_list;
MEDIUM: sample: pass an empty list instead of a null for fetch args ACL and sample fetches use args list and it is really not convenient to check for null args everywhere. Now for empty args we pass a constant list of end of lists. It will allow us to remove many useless checks.
2012-10-19 13:49:09 -04:00
BUG/MINOR: sample: always check converters' arguments In 1.5-dev20, sample-fetch arguments parsing was addresse by commit 689a1df0a1 ("BUG/MEDIUM: sample: simplify and fix the argument parsing"). The issue was that argument checks were not run for sample-fetches if parenthesis were not present. Surprisingly, the fix was mde only for sample-fetches and not for converters which suffer from the exact same problem. There are even a few comments in the code mentioning that some argument validation functions are not called when arguments are missing. This fix applies the exact same method as the one above. The impact of this bug is limited because over the years the code has learned to work around this issue instead of fixing it. This may be backported to all maintained versions.
2019-12-17 04:25:29 -05:00
if (conv->val_args && !conv->val_args(conv_expr->arg_p, conv, file, line, err_msg)) {
memprintf(err_msg, "invalid args in converter '%s' : %s", ckw, *err_msg);
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
goto out_error;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
}
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
if (endptr) {
/* end found, let's stop here */
*endptr = (char *)endt;
}
MEDIUM: acl/sample: unify sample conv parsing in a single function Both sample_parse_expr() and parse_acl_expr() implement some code logic to parse sample conv list after respective fetch or acl keyword. (Seems like the acl one was inspired by the sample one historically) But there is clearly code duplication between the two functions, making them hard to maintain. Hopefully, the parsing logic between them has stayed pretty much the same, thus the sample conv parsing part may be moved in a dedicated helper parsing function. This is what's being done in this commit, we're adding the new function sample_parse_expr_cnv() which does a single thing: parse the converters that are listed right after a sample fetch keyword and inject them into an already existing sample expression. Both sample_parse_expr() and parse_acl_expr() were adapted to now make use of this specific parsing function and duplicated code parts were cleaned up. Although sample_parse_expr() remains quite complicated (numerous function arguments due to contextual parsing data) the first goal was to get rid of code duplication without impacting the current behavior, with the added benefit that it may allow further code cleanups / simplification in the future.
2023-06-05 08:30:45 -04:00
out:
free(ckw);
return success;
out_error:
success = 0;
goto out;
}
/*
* Parse a sample expression configuration:
* fetch keyword followed by format conversion keywords.
*
* <al> is an arg_list serving as a list head to report missing dependencies.
* It may be NULL if such dependencies are not allowed. Otherwise, the caller
* must have set al->ctx if al is set.
*
* Returns a pointer on allocated sample expression structure or NULL in case
* of error, in which case <err_msg> will point to an allocated string that
* brings some info about the failure. It is the caller's responsibility to
* free it.
*/
struct sample_expr *sample_parse_expr(char **str, int *idx, const char *file, int line, char **err_msg, struct arg_list *al, char **endptr)
{
const char *begw; /* beginning of word */
const char *endw; /* end of word */
const char *endt; /* end of term */
struct sample_expr *expr = NULL;
struct sample_fetch *fetch;
char *fkw = NULL;
int err_arg;
begw = str[*idx];
for (endw = begw; is_idchar(*endw); endw++)
;
if (endw == begw) {
memprintf(err_msg, "missing fetch method");
goto out_error;
}
/* keep a copy of the current fetch keyword for error reporting */
fkw = my_strndup(begw, endw - begw);
fetch = find_sample_fetch(begw, endw - begw);
if (!fetch) {
memprintf(err_msg, "unknown fetch method '%s'", fkw);
goto out_error;
}
/* At this point, we have :
* - begw : beginning of the keyword
* - endw : end of the keyword, first character not part of keyword
*/
if (fetch->out_type >= SMP_TYPES) {
memprintf(err_msg, "returns type of fetch method '%s' is unknown", fkw);
goto out_error;
}
expr = calloc(1, sizeof(*expr));
if (!expr)
goto out_error;
LIST_INIT(&(expr->conv_exprs));
expr->fetch = fetch;
expr->arg_p = empty_arg_list;
/* Note that we call the argument parser even with an empty string,
* this allows it to automatically create entries for mandatory
* implicit arguments (eg: local proxy name).
*/
if (al) {
al->kw = expr->fetch->kw;
al->conv = NULL;
}
if (make_arg_list(endw, -1, fetch->arg_mask, &expr->arg_p, err_msg, &endt, &err_arg, al) < 0) {
memprintf(err_msg, "fetch method '%s' : %s", fkw, *err_msg);
goto out_error;
}
/* now endt is our first char not part of the arg list, typically the
* comma after the sample fetch name or after the closing parenthesis,
* or the NUL char.
*/
if (!expr->arg_p) {
expr->arg_p = empty_arg_list;
}
else if (fetch->val_args && !fetch->val_args(expr->arg_p, err_msg)) {
memprintf(err_msg, "invalid args in fetch method '%s' : %s", fkw, *err_msg);
goto out_error;
}
if (!sample_parse_expr_cnv(str, idx, endptr, err_msg, al, file, line, expr, endt))
goto out_error;
MINOR: sample: make sample_parse_expr() able to return an end pointer When an end pointer is passed, instead of complaining that a comma is missing after a keyword, sample_parse_expr() will silently return the pointer to the current location into this return pointer so that the caller can continue its parsing. This will be used by more complex expressions which embed sample expressions, and may even permit to embed sample expressions into arguments of other expressions.
2020-02-14 10:50:14 -05:00
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
out:
free(fkw);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return expr;
out_error:
BUG/MINOR: sample: Memory leak of sample_expr structure in case of error If an errors occurs during the sample expression parsing, the alloced sample_expr is not freed despite having its main pointer reset. This fixes GitHub issue #1046. It could be backported as far as 1.8.
2021-01-12 08:55:12 -05:00
release_sample_expr(expr);
MEDIUM: sample: handle comma-delimited converter list We now support having a comma-delimited converter list, which can start right after the fetch keyword. The immediate benefit is that it allows to use converters in log-format expressions, for example : set-header source-net %[src,ipmask(24)] The parser is also slightly improved and should be more resilient against configuration errors. Also, optional arguments in converters were mistakenly not allowed till now, so this was fixed.
2013-07-24 09:34:19 -04:00
expr = NULL;
goto out;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
MINOR: sample: add sample_process_cnv() function split sample_process() in 2 parts in order to be able to only process the converter part of a sample expression from an existing input sample struct passed as parameter.
2023-08-23 11:22:37 -04:00
/*
* Helper function to process the converter list of a given sample expression
* <expr> using the sample <p> (which is assumed to be properly initialized)
* as input.
*
* Returns 1 on success and 0 on failure.
*/
int sample_process_cnv(struct sample_expr *expr, struct sample *p)
{
struct sample_conv_expr *conv_expr;
list_for_each_entry(conv_expr, &expr->conv_exprs, list) {
/* we want to ensure that p->type can be casted into
* conv_expr->conv->in_type. We have 3 possibilities :
* - NULL => not castable.
* - c_none => nothing to do (let's optimize it)
* - other => apply cast and prepare to fail
*/
OPTIM: sample: don't check casts for samples of same type Originally when converters were created, they were mostly for casting types. Nowadays we have many artithmetic converters to perform operations on integers, and a number of converters operating on strings. Both of these categories most often do not need any cast since the input and output types are the same, which is visible as the cast function is c_none. However, profiling shows that when heavily using arithmetic converters, it's possible to spend up to ~7% of the time in sample_process_cnv(), a good part of which is only in accessing the sample_casts[] array. Simply avoiding this lookup when input and ouput types are equal saves about 2% CPU on such setups doing intensive use of converters.
2024-09-15 06:40:25 -04:00
if (p->data.type != conv_expr->conv->in_type) {
if (!sample_casts[p->data.type][conv_expr->conv->in_type])
return 0;
MINOR: sample: add sample_process_cnv() function split sample_process() in 2 parts in order to be able to only process the converter part of a sample expression from an existing input sample struct passed as parameter.
2023-08-23 11:22:37 -04:00
OPTIM: sample: don't check casts for samples of same type Originally when converters were created, they were mostly for casting types. Nowadays we have many artithmetic converters to perform operations on integers, and a number of converters operating on strings. Both of these categories most often do not need any cast since the input and output types are the same, which is visible as the cast function is c_none. However, profiling shows that when heavily using arithmetic converters, it's possible to spend up to ~7% of the time in sample_process_cnv(), a good part of which is only in accessing the sample_casts[] array. Simply avoiding this lookup when input and ouput types are equal saves about 2% CPU on such setups doing intensive use of converters.
2024-09-15 06:40:25 -04:00
if (sample_casts[p->data.type][conv_expr->conv->in_type] != c_none &&
!sample_casts[p->data.type][conv_expr->conv->in_type](p))
return 0;
}
MINOR: sample: add sample_process_cnv() function split sample_process() in 2 parts in order to be able to only process the converter part of a sample expression from an existing input sample struct passed as parameter.
2023-08-23 11:22:37 -04:00
/* OK cast succeeded */
if (!conv_expr->conv->process(conv_expr->arg_p, p, conv_expr->conv->private))
return 0;
}
return 1;
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Process a fetch + format conversion of defined by the sample expression <expr>
MEDIUM: acl/pattern: use the same direction scheme Patterns were using a bitmask to indicate if request or response was desired in fetch functions and keywords. ACLs were using a bitmask in fetch keywords and a single bit in fetch functions. ACLs were also using an ACL_PARTIAL bit in fetch functions indicating that a non-final fetch was performed, which was an abuse of the existing direction flag. The change now consists in using : - a capabilities field for fetch keywords => SMP_CAP_REQ/RES to indicate if a keyword supports requests, responses, both, etc... - an option field for fetch functions to indicate what the caller expects (request/response, final/non-final) The ACL_PARTIAL bit was reversed to get SMP_OPT_FINAL as it's more explicit to know we're working on a final buffer than on a non-final one. ACL_DIR_* were removed, as well as PATTERN_FETCH_*. L4 fetches were improved to support being called on responses too since they're still available. The <dir> field of all fetch functions was changed to <opt> which is now unsigned. The patch is large but mostly made of cosmetic changes to accomodate this, as almost no logic change happened.
2012-04-25 04:13:36 -04:00
* on request or response considering the <opt> parameter.
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* Returns a pointer on a typed sample structure containing the result or NULL if
* sample is not found or when format conversion failed.
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
* If <p> is not null, function returns results in structure pointed by <p>.
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
* If <p> is null, functions returns a pointer on a static sample structure.
MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description We need the pattern fetchers and converters to correctly set the output type so that they can be used by ACL fetchers. By using the sample type instead of the keyword type, we also open the possibility to create some multi-type pattern fetch methods later (eg: "src" being v4/v6). Right now the type in the keyword is used to validate the configuration.
2012-04-23 16:38:26 -04:00
*
* Note: the fetch functions are required to properly set the return type. The
* conversion functions must do so too. However the cast functions do not need
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
* to since they're made to cast multiple types according to what is required.
BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* As a consequence of various recent changes on the sample conversion, a corner case has emerged where it is possible to wait forever for a sample in track-sc*. The issue is caused by the fact that functions relying on sample_process() don't all exactly work the same regarding the SMP_F_MAY_CHANGE flag and the output result. Here it was possible to wait forever for an output sample from stktable_fetch_key() without checking the SMP_OPT_FINAL flag. As a result, if the client connects and closes without sending the data and haproxy expects a sample which is capable of coming, it will ignore this impossible case and will continue to wait. This change adds control for SMP_OPT_FINAL before waiting for extra data. The various relevant functions have been better documented regarding their output values. This fix must be backported to 1.5 since it appeared there.
2014-07-30 02:56:35 -04:00
*
* The caller may indicate in <opt> if it considers the result final or not.
* The caller needs to check the SMP_F_MAY_CHANGE flag in p->flags to verify
* if the result is stable or not, according to the following table :
*
* return MAY_CHANGE FINAL Meaning for the sample
* NULL 0 * Not present and will never be (eg: header)
* NULL 1 0 Not present yet, could change (eg: POST param)
* NULL 1 1 Not present yet, will not change anymore
* smp 0 * Present and will not change (eg: header)
* smp 1 0 Present, may change (eg: request length)
* smp 1 1 Present, last known value (eg: request length)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
*/
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct sample *sample_process(struct proxy *px, struct session *sess,
struct stream *strm, unsigned int opt,
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
struct sample_expr *expr, struct sample *p)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
MINOR: sample: fix sample_process handling of unstable data sample_process() used to return NULL on changing data, regardless of the SMP_OPT_FINAL flag. Let's change this so that it is now possible to include such data in logs or HTTP headers. Also, one unconvenient thing was that it used to always set the sample flags to zero, making it incompatible with ACLs which may need to call it multiple times. Only do this for locally-allocated samples.
2013-07-25 06:02:38 -04:00
if (p == NULL) {
MINOR: pattern: replace struct pattern with struct sample This change is pretty minor. Struct pattern is only used for pattern_process() now so changing it to use the common type is quite obvious. It's worth noting that the last argument of pattern_process() is never used so the function is self-sufficient. Note that pattern_process() does not initialize the pattern at all before calling fetch->process(), and that minimal initialization will be required when we later change the argument for the sample.
2012-04-23 15:35:11 -04:00
p = &temp_smp;
BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() We used to only clear flags when reusing the static sample before calling sample_process(), but that's not enough because there's a context in samples that can be used by some fetch functions such as auth, headers and cookies, and not reinitializing it risks that a pointer of a different type is used in the wrong context. An example configuration which triggers the case consists in mixing hdr() and http_auth_group() which both make use of contexts : http-request add-header foo2 %[hdr(host)],%[http_auth_group(foo)] The solution is simple, initialize all the sample and not just the flags. This fix must be backported into 1.5 since it was introduced in 1.5-dev19.
2014-06-25 10:56:41 -04:00
memset(p, 0, sizeof(*p));
MINOR: sample: fix sample_process handling of unstable data sample_process() used to return NULL on changing data, regardless of the SMP_OPT_FINAL flag. Let's change this so that it is now possible to include such data in logs or HTTP headers. Also, one unconvenient thing was that it used to always set the sample flags to zero, making it incompatible with ACLs which may need to call it multiple times. Only do this for locally-allocated samples.
2013-07-25 06:02:38 -04:00
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
MINOR: sample: add a new helper to initialize the owner of a sample Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. This requires from a lot of call places to initialize 4 fields, and it was even forgotten at a few places. This patch provides a convenient helper to initialize all these fields at once, making it easy to prepare a new sample from a previous one for example. A few call places were cleaned up to make use of it. It will be needed by further fixes. At one place in the Lua code, it was moved earlier because we used to call sample casts with a non completely initialized sample, which is not clean eventhough at the moment there are no consequences.
2016-03-10 10:15:46 -05:00
smp_set_owner(p, px, sess, strm, opt);
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
if (!expr->fetch->process(expr->arg_p, p, expr->fetch->kw, expr->fetch->private))
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return NULL;
MINOR: sample: add sample_process_cnv() function split sample_process() in 2 parts in order to be able to only process the converter part of a sample expression from an existing input sample struct passed as parameter.
2023-08-23 11:22:37 -04:00
if (!sample_process_cnv(expr, p))
return NULL;
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
return p;
}
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
/*
* Resolve all remaining arguments in proxy <p>. Returns the number of
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
* errors or 0 if everything is fine. If at least one error is met, it will
* be appended to *err. If *err==NULL it will be allocated first.
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
*/
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
int smp_resolve_args(struct proxy *p, char **err)
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
{
struct arg_list *cur, *bak;
const char *ctx, *where;
const char *conv_ctx, *conv_pre, *conv_pos;
struct userlist *ul;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
struct my_regex *reg;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
struct arg *arg;
int cfgerr = 0;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
int rflags;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
list_for_each_entry_safe(cur, bak, &p->conf.args.list, list) {
struct proxy *px;
struct server *srv;
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
struct stktable *t;
char *pname, *sname, *stktname;
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
char *err2;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg = cur->arg;
/* prepare output messages */
conv_pre = conv_pos = conv_ctx = "";
if (cur->conv) {
conv_ctx = cur->conv;
conv_pre = "conversion keyword '";
conv_pos = "' for ";
}
where = "in";
ctx = "sample fetch keyword";
switch (cur->ctx) {
MEDIUM: logs: add a new RFC5424 log-format for the structured-data This patch adds a new RFC5424-specific log-format for the structured-data that is automatically send by __send_log() when the sender is in RFC5424 mode. A new statement "log-format-sd" should be used in order to set log-format for the structured-data part in RFC5424 formatted syslog messages. Example: log-format-sd [exampleSDID@1234\ bytes=\"%B\"\ status=\"%ST\"]
2015-09-25 13:17:44 -04:00
case ARGC_STK: where = "in stick rule in"; break;
case ARGC_TRK: where = "in tracking rule in"; break;
case ARGC_LOG: where = "in log-format string in"; break;
case ARGC_LOGSD: where = "in log-format-sd string in"; break;
MINOR: sample: add missing ARGC_ entries For a long time we couldn't have arguments in expressions used in tcp-request, tcp-response etc rules. But now due to the variables it's possible, and their context in case of failure to resolve an argument (e.g. backend name not found) is not properly reported because there is no arg context values in ARGC_* to report them. Let's add a number of missing ones for tcp-request {connection, session,content}, tcp-response content, tcp-check, the config parser (for "set-var" in the global section) and the CLI parser (for "set-var" on the CLI).
2021-09-02 13:43:20 -04:00
case ARGC_HRQ: where = "in http-request expression in"; break;
case ARGC_HRS: where = "in http-response response in"; break;
MEDIUM: logs: add a new RFC5424 log-format for the structured-data This patch adds a new RFC5424-specific log-format for the structured-data that is automatically send by __send_log() when the sender is in RFC5424 mode. A new statement "log-format-sd" should be used in order to set log-format for the structured-data part in RFC5424 formatted syslog messages. Example: log-format-sd [exampleSDID@1234\ bytes=\"%B\"\ status=\"%ST\"]
2015-09-25 13:17:44 -04:00
case ARGC_UIF: where = "in unique-id-format string in"; break;
case ARGC_RDR: where = "in redirect format string in"; break;
case ARGC_CAP: where = "in capture rule in"; break;
case ARGC_ACL: ctx = "ACL keyword"; break;
case ARGC_SRV: where = "in server directive in"; break;
MAJOR: spoe: Add an experimental Stream Processing Offload Engine SPOE makes possible the communication with external components to retrieve some info using an in-house binary protocol, the Stream Processing Offload Protocol (SPOP). In the long term, its aim is to allow any kind of offloading on the streams. This first version, besides being experimental, won't do lot of things. The most important today is to validate the protocol design and lay the foundations of what will, one day, be a full offload engine for the stream processing. So, for now, the SPOE can offload the stream processing before "tcp-request content", "tcp-response content", "http-request" and "http-response" rules. And it only supports variables creation/suppression. But, in spite of these limited features, we can easily imagine to implement a SSO solution, an ip reputation service or an ip geolocation service. Internally, the SPOE is implemented as a filter. So, to use it, you must use following line in a proxy proxy section: frontend my-front ... filter spoe [engine <name>] config <file> ... It uses its own configuration file to keep the HAProxy configuration clean. It is also a easy way to disable it by commenting out the filter line. See "doc/SPOE.txt" for all details about the SPOE configuration.
2016-10-27 16:29:49 -04:00
case ARGC_SPOE: where = "in spoe-message directive in"; break;
BUG/MINOR: sample: add missing use_backend/use-server contexts in smp_resolve_args The use_backend and use-server contexts were not enumerated in smp_resolve_args, and while use-server doesn't currently take an expression, at least use_backend supports that, and both entries ought to be listed for completeness. Now an error in a use_backend rule becomes more precise, from: [ALERT] (12373) : config : parsing [use-srv.cfg:33]: unable to find backend 'foo' referenced in arg 1 of sample fetch keyword 'nbsrv' in proxy 'echo'. to: [ALERT] (12307) : config : parsing [use-srv.cfg:33]: unable to find backend 'foo' referenced in arg 1 of sample fetch keyword 'nbsrv' in use_backend expression in proxy 'echo'. This may be backported though this is totally harmless.
2022-04-25 02:15:46 -04:00
case ARGC_UBK: where = "in use_backend expression in"; break;
MEDIUM: backend: add new "balance hash <expr>" algorithm Almost all of our hash-based LB algorithms are implemented as special cases of something that can now be achieved using sample expressions, and some of them have adopted some options to adapt their behavior in ways that could also be achieved using converters. There are users who want to hash other parameters that are combined into variables, and who set headers from these values and use "balance hdr(name)" for this. Instead of constantly implementing specific options and having users hack around when they want a real hash, let's implement a native hash mode that applies to a standard sample expression. This way, any fetchable element (including variables) may be used to construct the hash, even modified by any converter if desired.
2022-04-25 04:25:34 -04:00
case ARGC_USRV: where = "in use-server or balance expression in"; break;
MINOR: http-htx/proxy: Add http-error directive using http return syntax The http-error directive can now be used instead of errorfile to define an error message in a proxy section (including default sections). This directive uses the same syntax that http return rules. The only real difference is the limitation on status code that may be specified. Only status codes supported by errorfile directives are supported for this new directive. Parsing of errorfile directive remains independent from http-error parsing. But functionally, it may be expressed in terms of http-errors : errorfile <status> <file> ==> http-errror status <status> errorfile <file>
2020-05-15 09:47:44 -04:00
case ARGC_HERR: where = "in http-error directive in"; break;
MINOR: opentracing: add ARGC_OT enum Due to the addition of the OpenTracing filter it is necessary to define ARGC_OT enum. This value is used in the functions fmt_directive() and smp_resolve_args().
2020-12-09 10:31:48 -05:00
case ARGC_OT: where = "in ot-scope directive in"; break;
MINOR: sample: add ARGC_OPT Add ARGC_OPT enum to provide more context for upcoming sample parse errors involving proxy "option" config directives.
2022-12-28 05:30:51 -05:00
case ARGC_OPT: where = "in option directive in"; break;
MINOR: sample: add missing ARGC_ entries For a long time we couldn't have arguments in expressions used in tcp-request, tcp-response etc rules. But now due to the variables it's possible, and their context in case of failure to resolve an argument (e.g. backend name not found) is not properly reported because there is no arg context values in ARGC_* to report them. Let's add a number of missing ones for tcp-request {connection, session,content}, tcp-response content, tcp-check, the config parser (for "set-var" in the global section) and the CLI parser (for "set-var" on the CLI).
2021-09-02 13:43:20 -04:00
case ARGC_TCO: where = "in tcp-request connection expression in"; break;
case ARGC_TSE: where = "in tcp-request session expression in"; break;
case ARGC_TRQ: where = "in tcp-request content expression in"; break;
case ARGC_TRS: where = "in tcp-response content expression in"; break;
case ARGC_TCK: where = "in tcp-check expression in"; break;
case ARGC_CFG: where = "in configuration expression in"; break;
case ARGC_CLI: where = "in CLI expression in"; break;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
/* set a few default settings */
px = p;
pname = p->id;
switch (arg->type) {
MINOR: arg: add an argument type for identifier The ARGT_ID argument type may now be used to set a custom resolve function in order to help resolve the argument string value. If the custom resolve function is not set, the behavior is the same as of type ARGT_STR.
2024-10-17 04:59:01 -04:00
case ARGT_ID:
err2 = NULL;
if (arg->resolve_ptr && !arg->resolve_ptr(arg, &err2)) {
memprintf(err, "%sparsing [%s:%d]: error in identifier '%s' in arg %d of %s%s%s%s '%s' %s proxy '%s' : %s.\n",
*err ? *err : "", cur->file, cur->line,
arg->data.str.area,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id, err2);
ha_free(&err2);
cfgerr++;
continue;
}
break;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
case ARGT_SRV:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: missing server name in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
continue;
}
/* we support two formats : "bck/srv" and "srv" */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
sname = strrchr(arg->data.str.area, '/');
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (sname) {
*sname++ = '\0';
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
pname = arg->data.str.area;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
px = proxy_be_by_name(pname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (!px) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: unable to find proxy '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line, pname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
}
MINOR: sample/arg: Be able to resolve args found in defaults sections It is not yet used but thanks to this patch, it will be possible to resolve arguments found in defaults sections. However, there is some restrictions: * For FE (frontend) or BE (backend) arguments, if the proxy is explicity defined, there is no change. But for implicit proxy (not specified), the argument points on the default proxy. when a sample fetch using this kind of argument is evaluated, the default proxy replaced by the current one. * For SRV (server) and TAB (stick-table)arguments, the proxy must always be specified. Otherwise an error is reported. This patch is mandatory to support TCP/HTTP rules in defaults sections.
2021-10-12 12:48:05 -04:00
else {
if (px->cap & PR_CAP_DEF) {
memprintf(err, "%sparsing [%s:%d]: backend name must be set in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
cfgerr++;
break;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
sname = arg->data.str.area;
MINOR: sample/arg: Be able to resolve args found in defaults sections It is not yet used but thanks to this patch, it will be possible to resolve arguments found in defaults sections. However, there is some restrictions: * For FE (frontend) or BE (backend) arguments, if the proxy is explicity defined, there is no change. But for implicit proxy (not specified), the argument points on the default proxy. when a sample fetch using this kind of argument is evaluated, the default proxy replaced by the current one. * For SRV (server) and TAB (stick-table)arguments, the proxy must always be specified. Otherwise an error is reported. This patch is mandatory to support TCP/HTTP rules in defaults sections.
2021-10-12 12:48:05 -04:00
}
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
CLEANUP: server: rename findserver() to server_find_by_name() Now it's more logical and matches what is done in the rest of these functions. server_find() now relies on it.
2025-07-10 05:07:51 -04:00
srv = server_find_by_name(px, sname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (!srv) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: unable to find server '%s' in proxy '%s', referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line, sname, pname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MINOR: server: mark referenced servers as non purgeable Mark servers that are referenced by configuration elements as non purgeable. This includes the following list : - tracked servers - servers referenced in a use-server rule - servers referenced in a sample fetch
2021-08-23 08:05:07 -04:00
srv->flags |= SRV_F_NON_PURGEABLE;
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.srv = srv;
break;
case ARGT_FE:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (arg->data.str.data) {
pname = arg->data.str.area;
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
px = proxy_fe_by_name(pname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
if (!px) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: unable to find frontend '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line, pname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
if (!(px->cap & PR_CAP_FE)) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: proxy '%s', referenced in arg %d of %s%s%s%s '%s' %s proxy '%s', has not frontend capability.\n",
*err ? *err : "", cur->file, cur->line, pname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.prx = px;
break;
case ARGT_BE:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (arg->data.str.data) {
pname = arg->data.str.area;
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
px = proxy_be_by_name(pname);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
if (!px) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: unable to find backend '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line, pname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
if (!(px->cap & PR_CAP_BE)) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: proxy '%s', referenced in arg %d of %s%s%s%s '%s' %s proxy '%s', has not backend capability.\n",
*err ? *err : "", cur->file, cur->line, pname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.prx = px;
break;
case ARGT_TAB:
BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. This bug was introduced by 1b8e68e commit which supposed the stick-table was always stored in struct arg at parsing time. This is never the case with the usage of "if/unless" conditions in stick-table declared as backends. In this case, this is the name of the proxy which must be considered as the stick-table name. This must be backported to 2.0.
2019-06-20 03:31:04 -04:00
if (arg->data.str.data)
stktname = arg->data.str.area;
MINOR: sample/arg: Be able to resolve args found in defaults sections It is not yet used but thanks to this patch, it will be possible to resolve arguments found in defaults sections. However, there is some restrictions: * For FE (frontend) or BE (backend) arguments, if the proxy is explicity defined, there is no change. But for implicit proxy (not specified), the argument points on the default proxy. when a sample fetch using this kind of argument is evaluated, the default proxy replaced by the current one. * For SRV (server) and TAB (stick-table)arguments, the proxy must always be specified. Otherwise an error is reported. This patch is mandatory to support TCP/HTTP rules in defaults sections.
2021-10-12 12:48:05 -04:00
else {
if (px->cap & PR_CAP_DEF) {
memprintf(err, "%sparsing [%s:%d]: table name must be set in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line,
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
cfgerr++;
break;
}
BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. This bug was introduced by 1b8e68e commit which supposed the stick-table was always stored in struct arg at parsing time. This is never the case with the usage of "if/unless" conditions in stick-table declared as backends. In this case, this is the name of the proxy which must be considered as the stick-table name. This must be backported to 2.0.
2019-06-20 03:31:04 -04:00
stktname = px->id;
MINOR: sample/arg: Be able to resolve args found in defaults sections It is not yet used but thanks to this patch, it will be possible to resolve arguments found in defaults sections. However, there is some restrictions: * For FE (frontend) or BE (backend) arguments, if the proxy is explicity defined, there is no change. But for implicit proxy (not specified), the argument points on the default proxy. when a sample fetch using this kind of argument is evaluated, the default proxy replaced by the current one. * For SRV (server) and TAB (stick-table)arguments, the proxy must always be specified. Otherwise an error is reported. This patch is mandatory to support TCP/HTTP rules in defaults sections.
2021-10-12 12:48:05 -04:00
}
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
t = stktable_find_by_name(stktname);
if (!t) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: unable to find table '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line, stktname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
if (!t->size) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: no table in proxy '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line, stktname,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
BUG/MEDIUM: stick-table: Wrong stick-table backends parsing. When parsing references to stick-tables declared as backends, they are added to a list of proxies (they are proxies!) which refer to this stick-tables. Before this patch we added them to these list without checking they were already present, making the silly hypothesis the actions/sample were checked/resolved in the same order the proxies are parsed. This patch implement a simple inline function to in_proxies_list() to test the presence of a proxy in a list of proxies. We use this function when resolving /checking samples/actions. This bug was introduced by 015e4d7 commit. Must be backported to 2.0.
2019-08-07 03:28:39 -04:00
if (!in_proxies_list(t->proxies_list, p)) {
MINOR: stick-tables: Add peers process binding computing. Add a list of proxies for all the stick-tables (->proxies_list struct stktable member) so that to be able to compute the process bindings of the peers after having parsed the configuration file. The proxies are added to the stick-tables they reference when parsing stick-tables lines in proxy sections, when checking the actions in check_trk_action() and when resolving samples args for stick-tables without checking is they are duplicates. We check only there is no loop. Then, after having parsed everything, we add the proxy bindings to the peers frontend bindings with stick-tables they reference.
2019-03-19 09:55:01 -04:00
p->next_stkt_ref = t->proxies_list;
t->proxies_list = p;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
MEDIUM: stick-table: Stop handling stick-tables as proxies. This patch adds the support for the "table" line parsing in "peers" sections to declare stick-table in such sections. This also prevents the user from having to declare dummy backends sections with a unique stick-table inside. Even if still supported, this usage will become deprecated. To do so, the ->table member of proxy struct which is a stktable struct is replaced by a pointer to a stktable struct allocated at parsing time in src/cfgparse-listen.c for the dummy stick-table backends and in src/cfgparse.c for "peers" sections. This has an impact on the code for stick-table sample converters and on the stickiness rules parsers which first store the name of the dummy before resolving the rules. This patch replaces proxy_tbl_by_name() calls by stktable_find_by_name() calls to lookup for stick-tables stored in "stktable_by_name" ebtree at parsing time. There is only one remaining place where proxy_tbl_by_name() is used: src/hlua.c. At several places in the code we relied on the fact that ->size member of stick-table was equal to zero to consider the stick-table was present by not configured, this do not make sense anymore as ->table member of struct proxyis fow now on a pointer. These tests are replaced by a test on ->table value itself. In "peers" section we do not have to temporary store the name of the section the stick-table are attached to because this name is obviously already known just after having entered this "peers" section. About the CLI stick-table I/O handler, the pointer to proxy struct is replaced by a pointer to a stktable struct.
2019-03-14 02:07:41 -04:00
arg->data.t = t;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
break;
case ARGT_USR:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: missing userlist name in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
if (p->uri_auth && p->uri_auth->userlist &&
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
strcmp(p->uri_auth->userlist->name, arg->data.str.area) == 0)
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
ul = p->uri_auth->userlist;
else
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
ul = auth_find_userlist(arg->data.str.area);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
if (!ul) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: unable to find userlist '%s' referenced in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line,
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
arg->data.str.area,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
cfgerr++;
break;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
arg->unresolved = 0;
arg->data.usr = ul;
break;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
case ARGT_REG:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
memprintf(err, "%sparsing [%s:%d]: missing regex in arg %d of %s%s%s%s '%s' %s proxy '%s'.\n",
*err ? *err : "", cur->file, cur->line,
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id);
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
cfgerr++;
continue;
}
rflags = 0;
rflags |= (arg->type_flags & ARGF_REG_ICASE) ? REG_ICASE : 0;
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
err2 = NULL;
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
if (!(reg = regex_comp(arg->data.str.area, !(rflags & REG_ICASE), 1 /* capture substr */, &err2))) {
memprintf(err, "%sparsing [%s:%d]: error in regex '%s' in arg %d of %s%s%s%s '%s' %s proxy '%s' : %s.\n",
*err ? *err : "", cur->file, cur->line,
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
arg->data.str.area,
MINOR: sample: make smp_resolve_args() return an allocate error message For now smp_resolve_args() complains on stderr via ha_alert(), but if we want to make it a bit more dynamic, we need it to return errors in an allocated message. Let's pass it an error pointer and have it fill it. On return we indent the output if it contains more than one line.
2021-03-26 11:11:55 -04:00
cur->arg_pos + 1, conv_pre, conv_ctx, conv_pos, ctx, cur->kw, where, p->id, err2);
BUG/MINOR: sample: free err2 in smp_resolve_args for type ARGT_REG The err2 may be leaking memory in case an error occurred as a result of regex_comp() call.
2024-10-17 16:57:06 -04:00
ha_free(&err2);
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
cfgerr++;
continue;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
MINOR: args: implement a new arg type for regex : ARGT_REG This one will be used when a regex is expected. It is automatically resolved after the parsing and compiled into a regex. Some optional flags are supported in the type-specific flags that should be set by the optional arg checker. One is used during the regex compilation : ARGF_REG_ICASE to ignore case.
2015-01-19 13:00:58 -05:00
arg->unresolved = 0;
arg->data.reg = reg;
break;
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
}
CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion The current "ADD" vs "ADDQ" is confusing because when thinking in terms of appending at the end of a list, "ADD" naturally comes to mind, but here it does the opposite, it inserts. Several times already it's been incorrectly used where ADDQ was expected, the latest of which was a fortunate accident explained in 6fa922562 ("CLEANUP: stream: explain why we queue the stream at the head of the server list"). Let's use more explicit (but slightly longer) names now: LIST_ADD -> LIST_INSERT LIST_ADDQ -> LIST_APPEND LIST_ADDED -> LIST_INLIST LIST_DEL -> LIST_DELETE The same is true for MT_LISTs, including their "TRY" variant. LIST_DEL_INIT keeps its short name to encourage to use it instead of the lazier LIST_DELETE which is often less safe. The change is large (~674 non-comment entries) but is mechanical enough to remain safe. No permutation was performed, so any out-of-tree code can easily map older names to new ones. The list doc was updated.
2021-04-21 01:32:39 -04:00
LIST_DELETE(&cur->list);
MAJOR: sample: maintain a per-proxy list of the fetch args to resolve While ACL args were resolved after all the config was parsed, it was not the case with sample fetch args because they're almost everywhere now. The issue is that ACLs now solely rely on sample fetches, so their args resolving doesn't work anymore. And many fetches involving a server, a proxy or a userlist don't work at all. The real issue is that at the bottom layers we have no information about proxies, line numbers, even ACLs in order to report understandable errors, and that at the top layers we have no visibility over the locations where fetches are referenced (think log node). After failing multiple unsatisfying solutions attempts, we now have a new concept of args list. The principle is that every proxy has a list head which contains a number of indications such as the config keyword, the context where it's used, the file and line number, etc... and a list of arguments. This list head is of the same type as the elements, so it serves as a template for adding new elements. This way, it is filled from top to bottom by the callers with the information they have (eg: line numbers, ACL name, ...) and the lower layers just have to duplicate it and add an element when they face an argument they cannot resolve yet. Then at the end of the configuration parsing, a loop passes over each proxy's list and resolves all the args in sequence. And this way there is all necessary information to report verbose errors. The first immediate benefit is that for the first time we got very precise location of issues (arg number in a keyword in its context, ...). Second, in order to do this we had to parse log-format and unique-id-format a bit earlier, so that was a great opportunity for doing so when the directives are encountered (unless it's a default section). This way, the recorded line numbers for these args are the ones of the place where the log format is declared, not the end of the file. Userlists report slightly more information now. They're the only remaining ones in the ACL resolving function.
2013-04-02 10:34:32 -04:00
free(cur);
} /* end of args processing */
return cfgerr;
}
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
/*
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
* Process a fetch + format conversion as defined by the sample expression
* <expr> on request or response considering the <opt> parameter. The output is
CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() This modification makes possible to use sample_fetch_string() in more places, where we might need to fetch sample values which are not plain strings. This way we don't need to fetch string, and convert it into another type afterwards. When using aliased types, the caller should explicitly check which exact type was returned (e.g. SMP_T_IPV4 or SMP_T_IPV6 for SMP_T_ADDR). All usages of sample_fetch_string() are converted to use new function.
2015-07-06 09:41:02 -04:00
* not explicitly set to <smp_type>, but shall be compatible with it as
* specified by 'sample_casts' table. If a stable sample can be fetched, or an
* unstable one when <opt> contains SMP_OPT_FINAL, the sample is converted and
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
* returned without the SMP_F_MAY_CHANGE flag. If an unstable sample is found
* and <opt> does not contain SMP_OPT_FINAL, then the sample is returned as-is
* with its SMP_F_MAY_CHANGE flag so that the caller can check it and decide to
* take actions (eg: wait longer). If a sample could not be found or could not
BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* As a consequence of various recent changes on the sample conversion, a corner case has emerged where it is possible to wait forever for a sample in track-sc*. The issue is caused by the fact that functions relying on sample_process() don't all exactly work the same regarding the SMP_F_MAY_CHANGE flag and the output result. Here it was possible to wait forever for an output sample from stktable_fetch_key() without checking the SMP_OPT_FINAL flag. As a result, if the client connects and closes without sending the data and haproxy expects a sample which is capable of coming, it will ignore this impossible case and will continue to wait. This change adds control for SMP_OPT_FINAL before waiting for extra data. The various relevant functions have been better documented regarding their output values. This fix must be backported to 1.5 since it appeared there.
2014-07-30 02:56:35 -04:00
* be converted, NULL is returned. The caller MUST NOT use the sample if the
* SMP_F_MAY_CHANGE flag is present, as it is used only as a hint that there is
* still hope to get it after waiting longer, and is not converted to string.
* The possible output combinations are the following :
*
* return MAY_CHANGE FINAL Meaning for the sample
* NULL * * Not present and will never be (eg: header)
* smp 0 * Final value converted (eg: header)
* smp 1 0 Not present yet, may appear later (eg: header)
* smp 1 1 never happens (either flag is cleared on output)
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
*/
CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() This modification makes possible to use sample_fetch_string() in more places, where we might need to fetch sample values which are not plain strings. This way we don't need to fetch string, and convert it into another type afterwards. When using aliased types, the caller should explicitly check which exact type was returned (e.g. SMP_T_IPV4 or SMP_T_IPV6 for SMP_T_ADDR). All usages of sample_fetch_string() are converted to use new function.
2015-07-06 09:41:02 -04:00
struct sample *sample_fetch_as_type(struct proxy *px, struct session *sess,
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct stream *strm, unsigned int opt,
CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() This modification makes possible to use sample_fetch_string() in more places, where we might need to fetch sample values which are not plain strings. This way we don't need to fetch string, and convert it into another type afterwards. When using aliased types, the caller should explicitly check which exact type was returned (e.g. SMP_T_IPV4 or SMP_T_IPV6 for SMP_T_ADDR). All usages of sample_fetch_string() are converted to use new function.
2015-07-06 09:41:02 -04:00
struct sample_expr *expr, int smp_type)
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
{
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
struct sample *smp = &temp_smp;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() We used to only clear flags when reusing the static sample before calling sample_process(), but that's not enough because there's a context in samples that can be used by some fetch functions such as auth, headers and cookies, and not reinitializing it risks that a pointer of a different type is used in the wrong context. An example configuration which triggers the case consists in mixing hdr() and http_auth_group() which both make use of contexts : http-request add-header foo2 %[hdr(host)],%[http_auth_group(foo)] The solution is simple, initialize all the sample and not just the flags. This fix must be backported into 1.5 since it was introduced in 1.5-dev19.
2014-06-25 10:56:41 -04:00
memset(smp, 0, sizeof(*smp));
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
if (!sample_process(px, sess, strm, opt, expr, smp)) {
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
if ((smp->flags & SMP_F_MAY_CHANGE) && !(opt & SMP_OPT_FINAL))
return smp;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
return NULL;
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
}
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
OPTIM: sample: don't check casts for samples of same type Originally when converters were created, they were mostly for casting types. Nowadays we have many artithmetic converters to perform operations on integers, and a number of converters operating on strings. Both of these categories most often do not need any cast since the input and output types are the same, which is visible as the cast function is c_none. However, profiling shows that when heavily using arithmetic converters, it's possible to spend up to ~7% of the time in sample_process_cnv(), a good part of which is only in accessing the sample_casts[] array. Simply avoiding this lookup when input and ouput types are equal saves about 2% CPU on such setups doing intensive use of converters.
2024-09-15 06:40:25 -04:00
if (smp->data.type != smp_type) {
if (!sample_casts[smp->data.type][smp_type])
return NULL;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
OPTIM: sample: don't check casts for samples of same type Originally when converters were created, they were mostly for casting types. Nowadays we have many artithmetic converters to perform operations on integers, and a number of converters operating on strings. Both of these categories most often do not need any cast since the input and output types are the same, which is visible as the cast function is c_none. However, profiling shows that when heavily using arithmetic converters, it's possible to spend up to ~7% of the time in sample_process_cnv(), a good part of which is only in accessing the sample_casts[] array. Simply avoiding this lookup when input and ouput types are equal saves about 2% CPU on such setups doing intensive use of converters.
2024-09-15 06:40:25 -04:00
if (sample_casts[smp->data.type][smp_type] != c_none &&
!sample_casts[smp->data.type][smp_type](smp))
return NULL;
}
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
MINOR: sample: improve sample_fetch_string() to report partial contents Currently, all callers to sample_fetch_string() call it with SMP_OPT_FINAL. Now we improve it to support the case where this option is not set, and to make it return the original sample as-is. The purpose is to let the caller check the SMP_F_MAY_CHANGE flag in the result and know that it should wait to get complete contents. Currently this has no effect on existing code.
2014-06-13 10:04:35 -04:00
smp->flags &= ~SMP_F_MAY_CHANGE;
MINOR: samples: add a function to fetch and convert any sample to a string Any sample type can now easily be converted to a string that can be used anywhere. This will be used for logging and passing information in headers.
2012-12-20 18:02:32 -05:00
return smp;
}
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
static void release_sample_arg(struct arg *p)
{
struct arg *p_back = p;
if (!p)
return;
while (p->type != ARGT_STOP) {
if (p->type == ARGT_STR || p->unresolved) {
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&p->data.str);
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
p->unresolved = 0;
}
else if (p->type == ARGT_REG) {
MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct Now we atomically allocate the my_regex struct within function regex_comp() and compile the regex or free both in case of failure. The pointer to the allocated my_regex struct is returned directly. The my_regex* argument to regex_comp() is removed. Function regex_free() was modified so that it systematically frees the my_regex entry. The function does nothing when called with a NULL as argument (like free()). It will avoid existing risk of not properly freeing the initialized area. Other structures are also updated in order to be compatible (the ones related to Lua and action rules).
2019-04-30 09:54:36 -04:00
regex_free(p->data.reg);
p->data.reg = NULL;
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
}
p++;
}
if (p_back != empty_arg_list)
free(p_back);
}
void release_sample_expr(struct sample_expr *expr)
{
struct sample_conv_expr *conv_expr, *conv_exprb;
if (!expr)
return;
BUG/MINOR: sample: Fix freeing of conv_exprs in release_sample_expr Instead of just calling release_sample_arg(conv_expr->arg_p) we also must free() the conv_expr itself (after removing it from the list). Given the following example configuration: frontend foo bind *:8080 mode http http-request set-var(txn.foo) str(bar) acl is_match str(foo),strcmp(txn.hash) -m bool Running a configuration check within valgrind reports: ==1431== 32 bytes in 1 blocks are definitely lost in loss record 20 of 43 ==1431== at 0x4C2FB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==1431== by 0x4C39B5: sample_parse_expr (sample.c:982) ==1431== by 0x56B410: parse_acl_expr (acl.c:319) ==1431== by 0x56BA7F: parse_acl (acl.c:697) ==1431== by 0x48D225: cfg_parse_listen (cfgparse-listen.c:816) ==1431== by 0x4797C3: readcfgfile (cfgparse.c:2167) ==1431== by 0x52943D: init (haproxy.c:2021) ==1431== by 0x41F382: main (haproxy.c:3133) After this patch is applied the leak is gone as expected. This is a fairly minor leak that can only be observed if samples need to be freed, which is not something that should occur during normal processing and most likely only during shut down. Thus no backport should be needed.
2020-07-04 05:49:39 -04:00
list_for_each_entry_safe(conv_expr, conv_exprb, &expr->conv_exprs, list) {
CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion The current "ADD" vs "ADDQ" is confusing because when thinking in terms of appending at the end of a list, "ADD" naturally comes to mind, but here it does the opposite, it inserts. Several times already it's been incorrectly used where ADDQ was expected, the latest of which was a fortunate accident explained in 6fa922562 ("CLEANUP: stream: explain why we queue the stream at the head of the server list"). Let's use more explicit (but slightly longer) names now: LIST_ADD -> LIST_INSERT LIST_ADDQ -> LIST_APPEND LIST_ADDED -> LIST_INLIST LIST_DEL -> LIST_DELETE The same is true for MT_LISTs, including their "TRY" variant. LIST_DEL_INIT keeps its short name to encourage to use it instead of the lazier LIST_DELETE which is often less safe. The change is large (~674 non-comment entries) but is mechanical enough to remain safe. No permutation was performed, so any out-of-tree code can easily map older names to new ones. The list doc was updated.
2021-04-21 01:32:39 -04:00
LIST_DELETE(&conv_expr->list);
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
release_sample_arg(conv_expr->arg_p);
BUG/MINOR: sample: Fix freeing of conv_exprs in release_sample_expr Instead of just calling release_sample_arg(conv_expr->arg_p) we also must free() the conv_expr itself (after removing it from the list). Given the following example configuration: frontend foo bind *:8080 mode http http-request set-var(txn.foo) str(bar) acl is_match str(foo),strcmp(txn.hash) -m bool Running a configuration check within valgrind reports: ==1431== 32 bytes in 1 blocks are definitely lost in loss record 20 of 43 ==1431== at 0x4C2FB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==1431== by 0x4C39B5: sample_parse_expr (sample.c:982) ==1431== by 0x56B410: parse_acl_expr (acl.c:319) ==1431== by 0x56BA7F: parse_acl (acl.c:697) ==1431== by 0x48D225: cfg_parse_listen (cfgparse-listen.c:816) ==1431== by 0x4797C3: readcfgfile (cfgparse.c:2167) ==1431== by 0x52943D: init (haproxy.c:2021) ==1431== by 0x41F382: main (haproxy.c:3133) After this patch is applied the leak is gone as expected. This is a fairly minor leak that can only be observed if samples need to be freed, which is not something that should occur during normal processing and most likely only during shut down. Thus no backport should be needed.
2020-07-04 05:49:39 -04:00
free(conv_expr);
}
REORG: sample: move code to release a sample expression in sample.c This code has been moved from haproxy.c to sample.c and the function release_sample_expr can now be called from anywhere to release a sample expression. This function will be used by the stream processing offload engine (SPOE).
2016-10-26 05:34:47 -04:00
release_sample_arg(expr->arg_p);
free(expr);
}
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
REORG: use the name "sample" instead of "pattern" to designate extracted data This is mainly a massive renaming in the code to get it in line with the calling convention. Next patch will rename a few files to complete this operation.
2012-04-27 15:37:17 -04:00
/* Sample format convert functions */
MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description We need the pattern fetchers and converters to correctly set the output type so that they can be used by ACL fetchers. By using the sample type instead of the keyword type, we also open the possibility to create some multi-type pattern fetch methods later (eg: "src" being v4/v6). Right now the type in the keyword is used to validate the configuration.
2012-04-23 16:38:26 -04:00
/* These functions set the data type on return. */
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/*****************************************************************/
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
static int sample_conv_debug(const struct arg *arg_p, struct sample *smp, void *private)
{
int i;
struct sample tmp;
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
struct buffer *buf;
struct sink *sink;
struct ist line;
char *pfx;
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
buf = alloc_trash_chunk();
if (!buf)
goto end;
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter The debug() converter uses a string to reference the sink where to send debug events. During the configuration parsing, this string is converted to a sink object but it is still store as a string argument. It is a problem on deinit because string arguments are released. So the sink pointer will be released twice. To fix the bug, we keep a reference on the sink using an ARGT_PTR argument. This way, it will not be freed on the deinit. This patch depends on the commit e02fc4d0d ("MINOR: arg: Add an argument type to keep a reference on opaque data"). Both must be backported as far as 2.1.
2020-08-07 08:00:23 -04:00
sink = (struct sink *)arg_p[1].data.ptr;
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
BUG_ON(!sink);
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
pfx = arg_p[0].data.str.area;
BUG_ON(!pfx);
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
chunk_printf(buf, "[debug] %s: type=%s ", pfx, smp_to_type[smp->data.type]);
if (!sample_casts[smp->data.type][SMP_T_STR])
goto nocast;
/* Copy sample fetch. This puts the sample as const, the
* cast will copy data if a transformation is required.
*/
memcpy(&tmp, smp, sizeof(struct sample));
tmp.flags = SMP_F_CONST;
if (!sample_casts[smp->data.type][SMP_T_STR](&tmp))
goto nocast;
/* Display the displayable chars*. */
b_putchr(buf, '<');
for (i = 0; i < tmp.data.u.str.data; i++) {
BUILD: general: always pass unsigned chars to is* functions The isalnum(), isalpha(), isdigit() etc functions from ctype.h are supposed to take an int in argument which must either reflect an unsigned char or EOF. In practice on some platforms they're implemented as macros referencing an array, and when passed a char, they either cause a warning "array subscript has type 'char'" when lucky, or cause random segfaults when unlucky. It's quite unconvenient by the way since none of them may return true for negative values. The recent introduction of cygwin to the list of regularly tested build platforms revealed a lot of breakage there due to the same issues again. So this patch addresses the problem all over the code at once. It adds unsigned char casts to every valid use case, and also drops the unneeded double cast to int that was sometimes added on top of it. It may be backported by dropping irrelevant changes if that helps better support uncommon platforms. It's unlikely to fix bugs on platforms which would already not emit any warning though.
2020-02-25 02:16:33 -05:00
if (isprint((unsigned char)tmp.data.u.str.area[i]))
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
b_putchr(buf, tmp.data.u.str.area[i]);
else
b_putchr(buf, '.');
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
}
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
b_putchr(buf, '>');
done:
line = ist2(buf->area, buf->data);
MEDIUM: log/sink: simplify log header handling Introduce log_header struct to easily pass log header data between functions and use that to simplify the logic around log header handling. While at it, some outdated comments were updated as well. No change in behavior should be expected.
2023-08-24 14:46:12 -04:00
sink_write(sink, LOG_HEADER_NONE, 0, &line, 1);
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
end:
free_trash_chunk(buf);
return 1;
nocast:
chunk_appendf(buf, "(undisplayable)");
goto done;
}
// This function checks the "debug" converter's arguments.
static int smp_check_debug(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
const char *name = "buf0";
struct sink *sink = NULL;
if (args[0].type != ARGT_STR) {
/* optional prefix */
args[0].data.str.area = "";
args[0].data.str.data = 0;
}
if (args[1].type == ARGT_STR)
name = args[1].data.str.area;
MINOR: sample: postresolve sink names in debug() converter debug() converter used to resolve sink names during parsing time. Because of this, we were unable to specify sink names that were defined after the debug() converter was placed. Like in the previous commit, let's implement proper postparsing for the debug() converter, in order to be able to use sink names that are about to be defined later in the config file.
2024-10-10 05:37:36 -04:00
sink = sink_find_early(name, "debug converter", file, line);
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
if (!sink) {
MINOR: sample: postresolve sink names in debug() converter debug() converter used to resolve sink names during parsing time. Because of this, we were unable to specify sink names that were defined after the debug() converter was placed. Like in the previous commit, let's implement proper postparsing for the debug() converter, in order to be able to use sink names that are about to be defined later in the config file.
2024-10-10 05:37:36 -04:00
memprintf(err, "Memory error while setting up sink '%s'", name);
MINOR: debug: support logging to various sinks As discussed in the thread below [1], the debug converter is currently not of much use given that it's only built when DEBUG_EXPR is set, and it is limited to stderr only. This patch changes this to make it take an optional prefix and an optional target sink so that it can log to stdout, stderr or a ring buffer. The default output is the "buf0" ring buffer, that can be consulted from the CLI. [1] https://www.mail-archive.com/haproxy@formilux.org/msg35671.html Note: if this patch is backported, it also requires the following commit to work: 46dfd78cbf ("BUG/MINOR: sample: always check converters' arguments").
2019-12-17 04:07:25 -05:00
return 0;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[1].data.str);
BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter The debug() converter uses a string to reference the sink where to send debug events. During the configuration parsing, this string is converted to a sink object but it is still store as a string argument. It is a problem on deinit because string arguments are released. So the sink pointer will be released twice. To fix the bug, we keep a reference on the sink using an ARGT_PTR argument. This way, it will not be freed on the deinit. This patch depends on the commit e02fc4d0d ("MINOR: arg: Add an argument type to keep a reference on opaque data"). Both must be backported as far as 2.1.
2020-08-07 08:00:23 -04:00
args[1].type = ARGT_PTR;
args[1].data.ptr = sink;
MINOR: debug: add a special converter which display its input sample content. This converter displays its input sample type and content. It is useful for debugging some complex configurations.
2015-05-07 09:46:29 -04:00
return 1;
}
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
static int sample_conv_base642bin(const struct arg *arg_p, struct sample *smp, void *private)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
int bin_len;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 0;
bin_len = base64dec(smp->data.u.str.area, smp->data.u.str.data,
trash->area, trash->size);
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
if (bin_len < 0)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = bin_len;
MINOR: sample: Add b64dec sample converter Add "b64dec" as a new converter which can be used to decode a base64 encoded string into its binary representation. It performs the inverse operation of the "base64" converter.
2017-05-05 18:56:53 -04:00
smp->data.u.str = *trash;
smp->data.type = SMP_T_BIN;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: add ub64dec and ub64enc converters ub64dec and ub64enc are the base64url equivalent of b64dec and base64 converters. base64url encoding is the "URL and Filename Safe Alphabet" variant of base64 encoding. It is also used in in JWT (JSON Web Token) standard. RFC1421 mention in base64.c file is deprecated so it was replaced with RFC4648 to which existing converters, base64/b64dec, still apply. Example: HAProxy: http-request return content-type text/plain lf-string %[req.hdr(Authorization),word(2,.),ub64dec] Client: Token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZm9vIiwia2V5IjoiY2hhZTZBaFhhaTZlIn0.5VsVj7mdxVvo1wP5c0dVHnr-S_khnIdFkThqvwukmdg $ curl -H "Authorization: Bearer ${TOKEN}" http://haproxy.local {"user":"foo","key":"chae6AhXai6e"}
2021-04-01 14:53:59 -04:00
static int sample_conv_base64url2bin(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *trash = get_trash_chunk();
int bin_len;
trash->data = 0;
bin_len = base64urldec(smp->data.u.str.area, smp->data.u.str.data,
trash->area, trash->size);
if (bin_len < 0)
return 0;
trash->data = bin_len;
smp->data.u.str = *trash;
smp->data.type = SMP_T_BIN;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_bin2base64(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
int b64_len;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 0;
b64_len = a2base64(smp->data.u.str.area, smp->data.u.str.data,
trash->area, trash->size);
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
if (b64_len < 0)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = b64_len;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: ssl: adds sample converter base64 for binary type. The new converter encode binary type sample to base64 string. i.e. : ssl_c_serial,base64
2014-04-30 12:21:37 -04:00
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: add ub64dec and ub64enc converters ub64dec and ub64enc are the base64url equivalent of b64dec and base64 converters. base64url encoding is the "URL and Filename Safe Alphabet" variant of base64 encoding. It is also used in in JWT (JSON Web Token) standard. RFC1421 mention in base64.c file is deprecated so it was replaced with RFC4648 to which existing converters, base64/b64dec, still apply. Example: HAProxy: http-request return content-type text/plain lf-string %[req.hdr(Authorization),word(2,.),ub64dec] Client: Token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZm9vIiwia2V5IjoiY2hhZTZBaFhhaTZlIn0.5VsVj7mdxVvo1wP5c0dVHnr-S_khnIdFkThqvwukmdg $ curl -H "Authorization: Bearer ${TOKEN}" http://haproxy.local {"user":"foo","key":"chae6AhXai6e"}
2021-04-01 14:53:59 -04:00
static int sample_conv_bin2base64url(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *trash = get_trash_chunk();
int b64_len;
trash->data = 0;
b64_len = a2base64url(smp->data.u.str.area, smp->data.u.str.data,
trash->area, trash->size);
if (b64_len < 0)
return 0;
trash->data = b64_len;
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: provide a generic var-to-sample conversion function We're using variable-to-sample conversion at least 4 times in the code, two of which are bogus. Let's introduce a generic conversion function that performs the required checks.
2021-10-06 09:29:00 -04:00
/* This function returns a sample struct filled with the conversion of variable
* <var> to sample type <type> (SMP_T_*), via a cast to the target type. If the
* variable cannot be retrieved or casted, 0 is returned, otherwise 1.
*
* Keep in mind that the sample content may be written to a pre-allocated
* trash chunk as returned by get_trash_chunk().
*/
int sample_conv_var2smp(const struct var_desc *var, struct sample *smp, int type)
{
if (!vars_get_by_desc(var, smp, NULL))
return 0;
if (!sample_casts[smp->data.type][type])
return 0;
if (!sample_casts[smp->data.type][type](smp))
return 0;
return 1;
}
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
static int sample_conv_sha1(const struct arg *arg_p, struct sample *smp, void *private)
{
blk_SHA_CTX ctx;
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
memset(&ctx, 0, sizeof(ctx));
blk_SHA1_Init(&ctx);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
blk_SHA1_Update(&ctx, smp->data.u.str.area, smp->data.u.str.data);
blk_SHA1_Final((unsigned char *) trash->area, &ctx);
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 20;
MINOR: sample: add the sha1 converter This converter can be used to generate a SHA1 digest from binary type sample. The result is a binary sample with length of 20 bytes.
2017-10-24 03:18:23 -04:00
smp->data.u.str = *trash;
smp->data.type = SMP_T_BIN;
smp->flags &= ~SMP_F_CONST;
return 1;
}
BUG/MINOR: sample: secure convs that accept base64 string and var name as args This patch adds a few improvements in order to secure the use of converters that accept base64 string and variable name as arguments. The first change is within related function sample_conv_var2smp_str() which now flags the sample as SMP_F_CONST if the argument is of type ARGT_STR. This makes the sample more safe for later use. A new function sample_check_arg_base64() is added. It checks an argument and fills it with a variable type if the argument string contains a valid variable name. If failed, it tries to perform a base64 decode operation on a non-empty string, and fills the argument with the decoded content which can be used later, without any additional base64dec() function calls during runtime. This means that haproxy configuration check may fail if variable lookup fails and an invalid base64 encoded string is specified as an argument for such converters. Both converters, "aes_gcm_dec" and "hmac", now use alloc_trash_chunk() in order to allocate additional buffers for various conversions, and avoid the use of a pre-allocated trash chunks directly (usually returned by get_trash_chunk()). The function sample_check_arg_base64() is used for both converters in order to check their arguments specified within the haproxy configuration. This patch should be backported as far as 2.0. However, it is important to keep in mind a few things. The "hmac" converter is only available starting with 2.2. In versions prior to 2.2, the "aes_gcm_dec" converter and sample_conv_var2smp_str() are implemented in src/ssl_sock.c. Thus the patch will have to be adapted on these versions. Note that this patch is required for a subsequent, more important fix.
2021-02-22 04:03:53 -05:00
/* This function returns a sample struct filled with an <arg> content.
* If the <arg> contains a string, it is returned in the sample flagged as
* SMP_F_CONST. If the <arg> contains a variable descriptor, the sample is
* filled with the content of the variable by using vars_get_by_desc().
*
* Keep in mind that the sample content may be written to a pre-allocated
* trash chunk as returned by get_trash_chunk().
*
* This function returns 0 if an error occurs, otherwise it returns 1.
*/
CLEANUP: sample: uninline sample_conv_var2smp_str() There's no reason to limit this one to this file, it could be used in other contexts.
2021-10-06 09:20:18 -04:00
int sample_conv_var2smp_str(const struct arg *arg, struct sample *smp)
MINOR: sample: Move aes_gcm_dec implementation into sample.c aes_gcm_dec is independent of the TLS implementation and fits better in sample.c file with others hash functions. [Cf: I slightly updated this patch to move aes_gcm_dec converter in sample.c instead the new file crypto.c] Reviewed-by: Tim Duesterhus <tim@bastelstu.be>
2018-06-17 05:21:11 -04:00
{
switch (arg->type) {
case ARGT_STR:
smp->data.type = SMP_T_STR;
smp->data.u.str = arg->data.str;
BUG/MINOR: sample: secure convs that accept base64 string and var name as args This patch adds a few improvements in order to secure the use of converters that accept base64 string and variable name as arguments. The first change is within related function sample_conv_var2smp_str() which now flags the sample as SMP_F_CONST if the argument is of type ARGT_STR. This makes the sample more safe for later use. A new function sample_check_arg_base64() is added. It checks an argument and fills it with a variable type if the argument string contains a valid variable name. If failed, it tries to perform a base64 decode operation on a non-empty string, and fills the argument with the decoded content which can be used later, without any additional base64dec() function calls during runtime. This means that haproxy configuration check may fail if variable lookup fails and an invalid base64 encoded string is specified as an argument for such converters. Both converters, "aes_gcm_dec" and "hmac", now use alloc_trash_chunk() in order to allocate additional buffers for various conversions, and avoid the use of a pre-allocated trash chunks directly (usually returned by get_trash_chunk()). The function sample_check_arg_base64() is used for both converters in order to check their arguments specified within the haproxy configuration. This patch should be backported as far as 2.0. However, it is important to keep in mind a few things. The "hmac" converter is only available starting with 2.2. In versions prior to 2.2, the "aes_gcm_dec" converter and sample_conv_var2smp_str() are implemented in src/ssl_sock.c. Thus the patch will have to be adapted on these versions. Note that this patch is required for a subsequent, more important fix.
2021-02-22 04:03:53 -05:00
smp->flags = SMP_F_CONST;
MINOR: sample: Move aes_gcm_dec implementation into sample.c aes_gcm_dec is independent of the TLS implementation and fits better in sample.c file with others hash functions. [Cf: I slightly updated this patch to move aes_gcm_dec converter in sample.c instead the new file crypto.c] Reviewed-by: Tim Duesterhus <tim@bastelstu.be>
2018-06-17 05:21:11 -04:00
return 1;
case ARGT_VAR:
BUG/MEDIUM: sample: properly verify that variables cast to sample The various variable-to-sample converters allow to turn a variable to a sample of type string, sint or binary, but both the string one used by strcmp() and the binary one used by secure_memcmp() are missing a pointer check on the ability to the cast, making them crash if a variable of type addr is used with strcmp(), or if an addr or bool is used with secure_memcmp(). Let's rely on the new sample_conv_var2smp() function to run the proper checks. This will need to be backported to all supported version. It relies on previous commits: CLEANUP: server: always include the storage for SSL settings CLEANUP: sample: rename sample_conv_var2smp() to *_sint CLEANUP: sample: uninline sample_conv_var2smp_str() MINOR: sample: provide a generic var-to-sample conversion function For backports it's probably easier to check the sample_casts[] pointer before calling it in sample_conv_strcmp() and sample_conv_secure_memcmp().
2021-10-06 09:30:52 -04:00
return sample_conv_var2smp(&arg->data.var, smp, SMP_T_STR);
MINOR: sample: Move aes_gcm_dec implementation into sample.c aes_gcm_dec is independent of the TLS implementation and fits better in sample.c file with others hash functions. [Cf: I slightly updated this patch to move aes_gcm_dec converter in sample.c instead the new file crypto.c] Reviewed-by: Tim Duesterhus <tim@bastelstu.be>
2018-06-17 05:21:11 -04:00
default:
return 0;
}
}
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
static int sample_conv_2dec_check(struct arg *args, struct sample_conv *conv,
MINOR: sample: Add be2dec converter Add be2dec converter which allows to build JA3 compatible TLS fingerprints by converting big-endian binary data into string separated unsigned integers eg. http-request set-header X-SSL-JA3 %[ssl_fc_protocol_hello_id],\ %[ssl_fc_cipherlist_bin(1),be2dec(-,2)],\ %[ssl_fc_extlist_bin(1),be2dec(-,2)],\ %[ssl_fc_eclist_bin(1),be2dec(-,2)],\ %[ssl_fc_ecformats_bin,be2dec(-,1)]
2021-07-13 08:05:24 -04:00
const char *file, int line, char **err)
{
if (args[1].data.sint <= 0 || args[1].data.sint > sizeof(unsigned long long)) {
BUILD: sample: fix format warning on 32-bit archs in sample_conv_be2dec_check() The sizeof() was printed as a long but it's just an unsigned on some 32-bit platforms, hence the format warning. No backport is needed, as this arrived in 2.5 with commit 40ca09c7b ("MINOR: sample: Add be2dec converter").
2021-09-15 04:30:40 -04:00
memprintf(err, "chunk_size out of [1..%u] range (%lld)", (uint)sizeof(unsigned long long), args[1].data.sint);
MINOR: sample: Add be2dec converter Add be2dec converter which allows to build JA3 compatible TLS fingerprints by converting big-endian binary data into string separated unsigned integers eg. http-request set-header X-SSL-JA3 %[ssl_fc_protocol_hello_id],\ %[ssl_fc_cipherlist_bin(1),be2dec(-,2)],\ %[ssl_fc_extlist_bin(1),be2dec(-,2)],\ %[ssl_fc_eclist_bin(1),be2dec(-,2)],\ %[ssl_fc_ecformats_bin,be2dec(-,1)]
2021-07-13 08:05:24 -04:00
return 0;
}
if (args[2].data.sint != 0 && args[2].data.sint != 1) {
memprintf(err, "Unsupported truncate value (%lld)", args[2].data.sint);
return 0;
}
return 1;
}
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
/* Converts big-endian/little-endian binary input sample to a string containing an unsigned
MINOR: sample: Add be2dec converter Add be2dec converter which allows to build JA3 compatible TLS fingerprints by converting big-endian binary data into string separated unsigned integers eg. http-request set-header X-SSL-JA3 %[ssl_fc_protocol_hello_id],\ %[ssl_fc_cipherlist_bin(1),be2dec(-,2)],\ %[ssl_fc_extlist_bin(1),be2dec(-,2)],\ %[ssl_fc_eclist_bin(1),be2dec(-,2)],\ %[ssl_fc_ecformats_bin,be2dec(-,1)]
2021-07-13 08:05:24 -04:00
* integer number per <chunk_size> input bytes separated with <separator>.
* Optional <truncate> flag indicates if input is truncated at <chunk_size>
* boundaries.
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
* Arguments: separator (string), chunk_size (integer), truncate (0,1), big endian (0,1)
MINOR: sample: Add be2dec converter Add be2dec converter which allows to build JA3 compatible TLS fingerprints by converting big-endian binary data into string separated unsigned integers eg. http-request set-header X-SSL-JA3 %[ssl_fc_protocol_hello_id],\ %[ssl_fc_cipherlist_bin(1),be2dec(-,2)],\ %[ssl_fc_extlist_bin(1),be2dec(-,2)],\ %[ssl_fc_eclist_bin(1),be2dec(-,2)],\ %[ssl_fc_ecformats_bin,be2dec(-,1)]
2021-07-13 08:05:24 -04:00
*/
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
static int sample_conv_2dec(const struct arg *args, struct sample *smp, void *private, int be)
MINOR: sample: Add be2dec converter Add be2dec converter which allows to build JA3 compatible TLS fingerprints by converting big-endian binary data into string separated unsigned integers eg. http-request set-header X-SSL-JA3 %[ssl_fc_protocol_hello_id],\ %[ssl_fc_cipherlist_bin(1),be2dec(-,2)],\ %[ssl_fc_extlist_bin(1),be2dec(-,2)],\ %[ssl_fc_eclist_bin(1),be2dec(-,2)],\ %[ssl_fc_ecformats_bin,be2dec(-,1)]
2021-07-13 08:05:24 -04:00
{
struct buffer *trash = get_trash_chunk();
const int last = args[2].data.sint ? smp->data.u.str.data - args[1].data.sint + 1 : smp->data.u.str.data;
int max_size = trash->size - 2;
int i;
int start;
int ptr = 0;
unsigned long long number;
char *pos;
trash->data = 0;
while (ptr < last && trash->data <= max_size) {
start = trash->data;
if (ptr) {
/* Add separator */
memcpy(trash->area + trash->data, args[0].data.str.area, args[0].data.str.data);
trash->data += args[0].data.str.data;
}
else
max_size -= args[0].data.str.data;
/* Add integer */
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
for (number = 0, i = 0; i < args[1].data.sint && ptr < smp->data.u.str.data; i++) {
if (be)
number = (number << 8) + (unsigned char)smp->data.u.str.area[ptr++];
else
number |= (unsigned char)smp->data.u.str.area[ptr++] << (i*8);
}
MINOR: sample: Add be2dec converter Add be2dec converter which allows to build JA3 compatible TLS fingerprints by converting big-endian binary data into string separated unsigned integers eg. http-request set-header X-SSL-JA3 %[ssl_fc_protocol_hello_id],\ %[ssl_fc_cipherlist_bin(1),be2dec(-,2)],\ %[ssl_fc_extlist_bin(1),be2dec(-,2)],\ %[ssl_fc_eclist_bin(1),be2dec(-,2)],\ %[ssl_fc_ecformats_bin,be2dec(-,1)]
2021-07-13 08:05:24 -04:00
pos = ulltoa(number, trash->area + trash->data, trash->size - trash->data);
if (pos)
trash->data = pos - trash->area;
else {
trash->data = start;
break;
}
}
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
/* Converts big-endian binary input sample to a string containing an unsigned
* integer number per <chunk_size> input bytes separated with <separator>.
* Optional <truncate> flag indicates if input is truncated at <chunk_size>
* boundaries.
* Arguments: separator (string), chunk_size (integer), truncate (0,1)
*/
static int sample_conv_be2dec(const struct arg *args, struct sample *smp, void *private)
{
return sample_conv_2dec(args, smp, private, 1);
}
/* Converts little-endian binary input sample to a string containing an unsigned
* integer number per <chunk_size> input bytes separated with <separator>.
* Optional <truncate> flag indicates if input is truncated at <chunk_size>
* boundaries.
* Arguments: separator (string), chunk_size (integer), truncate (0,1)
*/
static int sample_conv_le2dec(const struct arg *args, struct sample *smp, void *private)
{
return sample_conv_2dec(args, smp, private, 0);
}
MINOR: sample: Add be2hex converter Add be2hex converter to convert big-endian binary data into hex string with optional string separators.
2021-07-13 08:08:56 -04:00
static int sample_conv_be2hex_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
if (args[1].data.sint <= 0 && (args[0].data.str.data > 0 || args[2].data.sint != 0)) {
memprintf(err, "chunk_size needs to be positive (%lld)", args[1].data.sint);
return 0;
}
if (args[2].data.sint != 0 && args[2].data.sint != 1) {
memprintf(err, "Unsupported truncate value (%lld)", args[2].data.sint);
return 0;
}
return 1;
}
/* Converts big-endian binary input sample to a hex string containing two hex
* digits per input byte. <separator> is put every <chunk_size> binary input
* bytes if specified. Optional <truncate> flag indicates if input is truncated
* at <chunk_size> boundaries.
* Arguments: separator (string), chunk_size (integer), truncate (0,1)
*/
static int sample_conv_be2hex(const struct arg *args, struct sample *smp, void *private)
{
struct buffer *trash = get_trash_chunk();
int chunk_size = args[1].data.sint;
const int last = args[2].data.sint ? smp->data.u.str.data - chunk_size + 1 : smp->data.u.str.data;
int i;
int max_size;
int ptr = 0;
unsigned char c;
trash->data = 0;
if (args[0].data.str.data == 0 && args[2].data.sint == 0)
chunk_size = smp->data.u.str.data;
max_size = trash->size - 2 * chunk_size;
while (ptr < last && trash->data <= max_size) {
if (ptr) {
/* Add separator */
memcpy(trash->area + trash->data, args[0].data.str.area, args[0].data.str.data);
trash->data += args[0].data.str.data;
}
else
max_size -= args[0].data.str.data;
/* Add hex */
for (i = 0; i < chunk_size && ptr < smp->data.u.str.data; i++) {
c = smp->data.u.str.area[ptr++];
trash->area[trash->data++] = hextab[(c >> 4) & 0xF];
trash->area[trash->data++] = hextab[c & 0xF];
}
}
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_bin2hex(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
unsigned char c;
int ptr = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = 0;
while (ptr < smp->data.u.str.data && trash->data <= trash->size - 2) {
c = smp->data.u.str.area[ptr++];
trash->area[trash->data++] = hextab[(c >> 4) & 0xF];
trash->area[trash->data++] = hextab[c & 0xF];
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags &= ~SMP_F_CONST;
MINOR: sample: add hex converter This new filter converts BIN type to its hexadecimal representation in STR type. It is used to keep the compatibility with the original bin2str cast. It will be useful when bin2str changes to copy the string as-is without encoding anymore.
2014-03-12 10:01:52 -04:00
return 1;
}
MINOR: sample: add the hex2i converter Converts a hex string containing two hex digits per input byte to an integer. If the input value can not be converted, then zero is returned.
2017-10-24 03:27:34 -04:00
static int sample_conv_hex2int(const struct arg *arg_p, struct sample *smp, void *private)
{
long long int n = 0;
int i, c;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if ((c = hex2i(smp->data.u.str.area[i])) < 0)
MINOR: sample: add the hex2i converter Converts a hex string containing two hex digits per input byte to an integer. If the input value can not be converted, then zero is returned.
2017-10-24 03:27:34 -04:00
return 0;
n = (n << 4) + c;
}
smp->data.u.sint = n;
smp->data.type = SMP_T_SINT;
smp->flags &= ~SMP_F_CONST;
return 1;
}
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_djb2(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_djb2(smp->data.u.str.area,
smp->data.u.str.data);
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
return 1;
}
MINOR: sample: rename the "len" converter to "length" This converter was recently introduced by commit ed0d24e ("MINOR: sample: add len converter"). As found by Cyril, it causes an issue in "http-request capture" statements. The non-obvious problem is that an old syntax for sample expressions and converters used to support a series of words, each representing a converter. This used to be how the "stick" directives were created initially. By having a converter called "len", a statement such as "http-request capture foo len 10" considers "len" as a converter and not as the capture length. This obsolete syntax needs to be changed in 1.9 but it's too late for other versions. It's worth noting that the same problem can happen if converters are registered on the fly using Lua. Other language keywords that currently have to be avoided in converters include "id", "table", "if", "unless".
2017-12-15 01:13:48 -05:00
static int sample_conv_length(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add len converter Add len converter that returns the length of a string
2017-12-13 07:41:34 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
int i = smp->data.u.str.data;
MINOR: sample: add len converter Add len converter that returns the length of a string
2017-12-13 07:41:34 -05:00
smp->data.u.sint = i;
smp->data.type = SMP_T_SINT;
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_str2lower(const struct arg *arg_p, struct sample *smp, void *private)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int i;
MINOR: sample: use smp_make_rw() in upper/lower converters There's no point in always duplicating the sample, just ensure it's writable, as was done prior to the smp_dup() change. This should be backported to 1.6 to avoid a performance regression caused by this change (about 30% more time for upper/lower due to the copy).
2016-08-09 08:29:38 -04:00
if (!smp_make_rw(smp))
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if ((smp->data.u.str.area[i] >= 'A') && (smp->data.u.str.area[i] <= 'Z'))
smp->data.u.str.area[i] += 'a' - 'A';
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
return 1;
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_str2upper(const struct arg *arg_p, struct sample *smp, void *private)
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
{
int i;
MINOR: sample: use smp_make_rw() in upper/lower converters There's no point in always duplicating the sample, just ensure it's writable, as was done prior to the smp_dup() change. This should be backported to 1.6 to avoid a performance regression caused by this change (about 30% more time for upper/lower due to the copy).
2016-08-09 08:29:38 -04:00
if (!smp_make_rw(smp))
[MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. Enhance pattern convs and fetch argument parsing, now fetchs and convs callbacks used typed args. Add more details on error messages on parsing pattern expression function. Update existing pattern convs and fetchs to new proto. Create stick table key type "binary". Manage Truncation and padding if pattern's fetch-converted result don't match table key size.
2010-09-23 12:02:19 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < smp->data.u.str.data; i++) {
if ((smp->data.u.str.area[i] >= 'a') && (smp->data.u.str.area[i] <= 'z'))
smp->data.u.str.area[i] += 'A' - 'a';
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}
return 1;
}
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
/* takes the IPv4 mask in args[0] and an optional IPv6 mask in args[1] */
static int sample_conv_ipmask(const struct arg *args, struct sample *smp, void *private)
[MINOR] pattern: add the "ipmask()" converting function This converter can be applied on top of an IPv4-type pattern. It applies a netmask which is suited for IP address storage and matching. This can be used to make all hosts within a certain mask to share the same table entries and as such use the same server. The mask can be passed in dotted form (eg: 255.255.255.0) or in CIDR form (eg: 24).
2010-01-26 12:01:41 -05:00
{
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
/* Attempt to convert to IPv4 to apply the correct mask. */
c_ipv62ip(smp);
if (smp->data.type == SMP_T_IPV4) {
smp->data.u.ipv4.s_addr &= args[0].data.ipv4.s_addr;
smp->data.type = SMP_T_IPV4;
}
else if (smp->data.type == SMP_T_IPV6) {
/* IPv6 cannot be converted without an IPv6 mask. */
if (args[1].type != ARGT_IPV6)
return 0;
CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask There were 8 strict aliasing warnings there due to the dereferences casting to uint32_t of input and output. We can achieve the same using two write_u64() and four read_u64() which do not cause this issue and even let the compiler use 64-bit operations.
2020-02-25 03:43:22 -05:00
write_u64(&smp->data.u.ipv6.s6_addr[0],
read_u64(&smp->data.u.ipv6.s6_addr[0]) & read_u64(&args[1].data.ipv6.s6_addr[0]));
write_u64(&smp->data.u.ipv6.s6_addr[8],
read_u64(&smp->data.u.ipv6.s6_addr[8]) & read_u64(&args[1].data.ipv6.s6_addr[8]));
MEDIUM: sample: Add IPv6 support to the ipmask converter Add an optional second parameter to the ipmask converter that specifies the number of bits to mask off IPv6 addresses. If the second parameter is not given IPv6 addresses fail to mask (resulting in an empty string), preserving backwards compatibility: Previously a sample like `src,ipmask(24)` failed to give a result for IPv6 addresses. This feature can be tested like this: defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend fe bind :::8080 v4v6 # Masked IPv4 for IPv4, empty for IPv6 (with and without this commit) http-response set-header Test %[src,ipmask(24)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test2 %[src,ipmask(24,ffff:ffff:ffff:ffff::)] # Correctly masked IP addresses for both IPv4 and IPv6 http-response set-header Test3 %[src,ipmask(24,64)] default_backend be backend be server s example.com:80 Tested-By: Jarno Huuskonen <jarno.huuskonen@uef.fi>
2018-01-25 10:24:51 -05:00
smp->data.type = SMP_T_IPV6;
}
[MINOR] pattern: add the "ipmask()" converting function This converter can be applied on top of an IPv4-type pattern. It applies a netmask which is suited for IP address storage and matching. This can be used to make all hosts within a certain mask to share the same table entries and as such use the same server. The mask can be passed in dotted form (eg: 255.255.255.0) or in CIDR form (eg: 24).
2010-01-26 12:01:41 -05:00
return 1;
}
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
/*
* This function implement a conversion specifier seeker for %N so it could be
* replaced before doing strftime.
*
* <format> is the input format string which is used as a haystack
*
* The function fills multiple variables:
* <skip> is the len of the conversion specifier string which was found (ex: strlen(%N):2, strlen(%3N):3 strlen(%123N): 5)
* <width> is the width argument, default width is 9 (ex: %3N: 3, %4N: 4: %N: 9, %5N: 5)
*
* Returns a ptr to the first character of the conversion specifier or NULL if not found
*/
static const char *lookup_convspec_N(const char *format, int *skip, int *width)
{
const char *p, *needle;
const char *digits;
int state;
p = format;
/* this looks for % in loop. The iteration stops when a %N conversion
* specifier was found or there is no '%' anymore */
lookagain:
while (p && *p) {
state = 0;
digits = NULL;
p = needle = strchr(p, '%');
/* Once we find a % we try to move forward in the string
*
* state 0: found %
* state 1: digits (precision)
* state 2: N
*/
while (p && *p) {
switch (state) {
case 0:
state = 1;
break;
case 1:
if (isdigit((unsigned char)*p) && !digits) /* set the start of the digits */
digits = p;
if (isdigit((unsigned char)*p))
break;
else
state = 2;
/* if this is not a number anymore, we
* don't want to increment p but try the
* next state directly */
__fallthrough;
case 2:
if (*p == 'N')
goto found;
else
/* this was not a %N, start again */
goto lookagain;
break;
}
p++;
}
}
*skip = 0;
*width = 0;
return NULL;
found:
*skip = p - needle + 1;
if (digits)
*width = atoi(digits);
else
*width = 9;
return needle;
}
/*
* strftime(3) does not implement nanoseconds, but we still want them in our
* date format.
*
CLEANUP: assorted typo fixes in the code and comments This is 37th iteration of typo fixes
2023-11-21 13:54:16 -05:00
* This function implements %N like in date(1) which gives you the nanoseconds part of the timestamp
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
* An optional field width can be specified, a maximum width of 9 is supported (ex: %3N %6N %9N)
*
* <format> is the format string
* <curr_date> in seconds since epoch
* <ns> only the nanoseconds part of the timestamp
* <local> chose the localtime instead of UTC time
*
* Return the results of strftime in the trash buffer
*/
static struct buffer *conv_time_common(const char *format, time_t curr_date, uint64_t ns, int local)
{
struct buffer *tmp_format = NULL;
struct buffer *res = NULL;
struct tm tm;
const char *p;
char ns_str[10] = {};
int set = 0;
if (local)
get_localtime(curr_date, &tm);
else
get_gmtime(curr_date, &tm);
/* we need to iterate in order to replace all the %N in the string */
p = format;
while (*p) {
const char *needle;
int skip = 0;
int cpy = 0;
int width = 0;
/* look for the next %N onversion specifier */
if (!(needle = lookup_convspec_N(p, &skip, &width)))
break;
if (width > 9) /* we don't handle more that 9 */
width = 9;
cpy = needle - p;
BUG/MINOR: sample: check alloc_trash_chunk() in conv_time_common() Check the trash chunk allocation in conv_time_common(), also remove the data initialisation which is already done when allocating. Fixes issue #2227. No backported needed.
2023-07-25 03:57:02 -04:00
if (!tmp_format)
tmp_format = alloc_trash_chunk();
if (!tmp_format)
goto error;
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
if (set != 9) /* if the snprintf wasn't done yet */
set = snprintf(ns_str, sizeof(ns_str), "%.9llu", (unsigned long long)ns);
if (chunk_istcat(tmp_format, ist2(p, cpy)) == 0) /* copy before the %N */
goto error;
CLEANUP: assorted typo fixes in the code and comments This is 37th iteration of typo fixes
2023-11-21 13:54:16 -05:00
if (chunk_istcat(tmp_format, ist2(ns_str, width)) == 0) /* copy the %N result with the right precision */
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
goto error;
p += skip + cpy; /* skip the %N */
}
if (tmp_format) { /* %N was found */
if (chunk_strcat(tmp_format, p) == 0) /* copy the end of the string if needed or just the \0 */
goto error;
res = get_trash_chunk();
res->data = strftime(res->area, res->size, tmp_format->area , &tm);
} else {
res = get_trash_chunk();
res->data = strftime(res->area, res->size, format, &tm);
}
error:
free_trash_chunk(tmp_format);
return res;
}
/*
* same as sample_conv_ltime but input is us and %N is supported
*/
static int sample_conv_us_ltime(const struct arg *args, struct sample *smp, void *private)
{
struct buffer *temp;
time_t curr_date = smp->data.u.sint / 1000000; /* convert us to s */
uint64_t ns = (smp->data.u.sint % 1000000) * 1000; /* us part to ns */
/* add offset */
if (args[1].type == ARGT_SINT)
curr_date += args[1].data.sint;
temp = conv_time_common(args[0].data.str.area, curr_date, ns, 1);
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
return 1;
}
/*
* same as sample_conv_ltime but input is ms and %N is supported
*/
static int sample_conv_ms_ltime(const struct arg *args, struct sample *smp, void *private)
{
struct buffer *temp;
time_t curr_date = smp->data.u.sint / 1000; /* convert ms to s */
uint64_t ns = (smp->data.u.sint % 1000) * 1000000; /* ms part to ns */
/* add offset */
if (args[1].type == ARGT_SINT)
curr_date += args[1].data.sint;
temp = conv_time_common(args[0].data.str.area, curr_date, ns, 1);
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
return 1;
}
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* takes an UINT value on input supposed to represent the time since EPOCH,
* adds an optional offset found in args[1] and emits a string representing
* the local time in the format specified in args[1] using strftime().
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_ltime(const struct arg *args, struct sample *smp, void *private)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *temp;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
/* With high numbers, the date returned can be negative, the 55 bits mask prevent this. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
time_t curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are. Found using GitHub's CodeQL scan. The use in sample_conv_ltime() can be traced back to at least fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all supported branches with thread support are affected.
2021-08-28 17:57:01 -04:00
struct tm tm;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* add offset */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args[1].type == ARGT_SINT)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
curr_date += args[1].data.sint;
BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are. Found using GitHub's CodeQL scan. The use in sample_conv_ltime() can be traced back to at least fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all supported branches with thread support are affected.
2021-08-28 17:57:01 -04:00
get_localtime(curr_date, &tm);
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
temp = get_trash_chunk();
BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are. Found using GitHub's CodeQL scan. The use in sample_conv_ltime() can be traced back to at least fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all supported branches with thread support are affected.
2021-08-28 17:57:01 -04:00
temp->data = strftime(temp->area, temp->size, args[0].data.str.area, &tm);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *temp;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
return 1;
}
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_sdbm(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_sdbm(smp->data.u.str.area,
smp->data.u.str.data);
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
return 1;
}
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
/*
* same as sample_conv_utime but input is us and %N is supported
*/
static int sample_conv_us_utime(const struct arg *args, struct sample *smp, void *private)
{
struct buffer *temp;
time_t curr_date = smp->data.u.sint / 1000000; /* convert us to s */
uint64_t ns = (smp->data.u.sint % 1000000) * 1000; /* us part to ns */
/* add offset */
if (args[1].type == ARGT_SINT)
curr_date += args[1].data.sint;
temp = conv_time_common(args[0].data.str.area, curr_date, ns, 0);
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
return 1;
}
/*
* same as sample_conv_utime but input is ms and %N is supported
*/
static int sample_conv_ms_utime(const struct arg *args, struct sample *smp, void *private)
{
struct buffer *temp;
time_t curr_date = smp->data.u.sint / 1000; /* convert ms to s */
uint64_t ns = (smp->data.u.sint % 1000) * 1000000; /* ms part to ns */
/* add offset */
if (args[1].type == ARGT_SINT)
curr_date += args[1].data.sint;
temp = conv_time_common(args[0].data.str.area, curr_date, ns, 0);
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
return 1;
}
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* takes an UINT value on input supposed to represent the time since EPOCH,
* adds an optional offset found in args[1] and emits a string representing
* the UTC date in the format specified in args[1] using strftime().
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_utime(const struct arg *args, struct sample *smp, void *private)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *temp;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
/* With high numbers, the date returned can be negative, the 55 bits mask prevent this. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
time_t curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are. Found using GitHub's CodeQL scan. The use in sample_conv_ltime() can be traced back to at least fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all supported branches with thread support are affected.
2021-08-28 17:57:01 -04:00
struct tm tm;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
/* add offset */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args[1].type == ARGT_SINT)
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
curr_date += args[1].data.sint;
BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are. Found using GitHub's CodeQL scan. The use in sample_conv_ltime() can be traced back to at least fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all supported branches with thread support are affected.
2021-08-28 17:57:01 -04:00
get_gmtime(curr_date, &tm);
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
temp = get_trash_chunk();
BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are. Found using GitHub's CodeQL scan. The use in sample_conv_ltime() can be traced back to at least fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all supported branches with thread support are affected.
2021-08-28 17:57:01 -04:00
temp->data = strftime(temp->area, temp->size, args[0].data.str.area, &tm);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *temp;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: samples: add two converters for the date format This patch adds two converters : ltime(<format>[,<offset>]) utime(<format>[,<offset>]) Both use strftime() to emit the output string from an input date. ltime() provides local time, while utime() provides the UTC time.
2014-07-10 10:37:47 -04:00
return 1;
}
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_wt6(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_wt6(smp->data.u.str.area,
smp->data.u.str.data);
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add new converters to hash input From time to time it's useful to hash input data (scramble input, or reduce the space needed in a stick table). This patch provides 3 simple converters allowing use of the available hash functions to hash input data. The output is an unsigned integer which can be passed into a header, a log or used as an index for a stick table. One nice usage is to scramble source IP addresses before logging when there are requirements to hide them.
2014-07-15 14:15:37 -04:00
return 1;
}
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
/* hashes the binary input into a 32-bit unsigned int using xxh.
* The seed of the hash defaults to 0 but can be changd in argument 1.
*/
static int sample_conv_xxh32(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned int seed;
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
seed = arg_p->data.sint;
else
seed = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = XXH32(smp->data.u.str.area, smp->data.u.str.data,
seed);
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
smp->data.type = SMP_T_SINT;
return 1;
}
/* hashes the binary input into a 64-bit unsigned int using xxh.
* In fact, the function returns a 64 bit unsigned, but the sample
* storage of haproxy only proposes 64-bits signed, so the value is
* cast as signed. This cast doesn't impact the hash repartition.
* The seed of the hash defaults to 0 but can be changd in argument 1.
*/
static int sample_conv_xxh64(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned long long int seed;
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
seed = (unsigned long long int)arg_p->data.sint;
else
seed = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = (long long int)XXH64(smp->data.u.str.area,
smp->data.u.str.data, seed);
MINOR: samples: add xx-hash functions This patch adds the support of xx-hash 32 and 64-bits functions.
2016-12-26 05:46:11 -05:00
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: sample: add the xxh3 converter This patch adds support for the XXH3 variant of hash function that generates a 64-bit hash.
2020-12-22 15:44:33 -05:00
static int sample_conv_xxh3(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned long long int seed;
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: sample: add the xxh3 converter This patch adds support for the XXH3 variant of hash function that generates a 64-bit hash.
2020-12-22 15:44:33 -05:00
seed = (unsigned long long int)arg_p->data.sint;
else
seed = 0;
smp->data.u.sint = (long long int)XXH3(smp->data.u.str.area,
smp->data.u.str.data, seed);
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: samples: provide a "crc32" converter This converter hashes a binary input sample into an unsigned 32-bit quantity using the CRC32 hash function. Optionally, it is possible to apply a full avalanche hash function to the output if the optional <avalanche> argument equals 1. This converter uses the same functions as used by the various hash- based load balancing algorithms, so it will provide exactly the same results. It is provided for compatibility with other software which want a CRC32 to be computed on some input keys, so it follows the most common implementation as found in Ethernet, Gzip, PNG, etc... It is slower than the other algorithms but may provide a better or at least less predictable distribution.
2015-01-20 13:35:24 -05:00
/* hashes the binary input into a 32-bit unsigned int */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_crc32(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: provide a "crc32" converter This converter hashes a binary input sample into an unsigned 32-bit quantity using the CRC32 hash function. Optionally, it is possible to apply a full avalanche hash function to the output if the optional <avalanche> argument equals 1. This converter uses the same functions as used by the various hash- based load balancing algorithms, so it will provide exactly the same results. It is provided for compatibility with other software which want a CRC32 to be computed on some input keys, so it follows the most common implementation as found in Ethernet, Gzip, PNG, etc... It is slower than the other algorithms but may provide a better or at least less predictable distribution.
2015-01-20 13:35:24 -05:00
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_crc32(smp->data.u.str.area,
smp->data.u.str.data);
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: provide a "crc32" converter This converter hashes a binary input sample into an unsigned 32-bit quantity using the CRC32 hash function. Optionally, it is possible to apply a full avalanche hash function to the output if the optional <avalanche> argument equals 1. This converter uses the same functions as used by the various hash- based load balancing algorithms, so it will provide exactly the same results. It is provided for compatibility with other software which want a CRC32 to be computed on some input keys, so it follows the most common implementation as found in Ethernet, Gzip, PNG, etc... It is slower than the other algorithms but may provide a better or at least less predictable distribution.
2015-01-20 13:35:24 -05:00
return 1;
}
MINOR: samples: add crc32c converter This patch adds the support of CRC32c (rfc4960).
2018-03-21 06:19:01 -04:00
/* hashes the binary input into crc32c (RFC4960, Appendix B [8].) */
static int sample_conv_crc32c(const struct arg *arg_p, struct sample *smp, void *private)
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.sint = hash_crc32c(smp->data.u.str.area,
smp->data.u.str.data);
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (arg_p->data.sint)
MINOR: samples: add crc32c converter This patch adds the support of CRC32c (rfc4960).
2018-03-21 06:19:01 -04:00
smp->data.u.sint = full_hash(smp->data.u.sint);
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
/* This function escape special json characters. The returned string can be
* safely set between two '"' and used as json string. The json string is
* defined like this:
*
* any Unicode character except '"' or '\' or control character
* \", \\, \/, \b, \f, \n, \r, \t, \u + four-hex-digits
*
* The enum input_type contain all the allowed mode for decoding the input
* string.
*/
enum input_type {
IT_ASCII = 0,
IT_UTF8,
IT_UTF8S,
IT_UTF8P,
IT_UTF8PS,
};
CLEANUP: sample: remove uneeded check in json validation - check functions are never called with a NULL args list, it is always an array, so first check can be removed - the expression parser guarantees that we can't have anything else, because we mentioned json converter takes a mandatory string argument. Thus test on `ARGT_STR` can be removed as well - also add breaking line between enum and function declaration In order to validate it, add a simple json test testing very simple cases but can be improved in the future: - default json converter without args - json converter failing on error (utf8) - json converter with error being removed (utf8s) Signed-off-by: William Dauchy <wdauchy@gmail.com>
2021-01-08 15:57:41 -05:00
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
static int sample_conv_json_check(struct arg *arg, struct sample_conv *conv,
const char *file, int line, char **err)
{
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
enum input_type type;
if (strcmp(arg->data.str.area, "") == 0)
type = IT_ASCII;
else if (strcmp(arg->data.str.area, "ascii") == 0)
type = IT_ASCII;
else if (strcmp(arg->data.str.area, "utf8") == 0)
type = IT_UTF8;
else if (strcmp(arg->data.str.area, "utf8s") == 0)
type = IT_UTF8S;
else if (strcmp(arg->data.str.area, "utf8p") == 0)
type = IT_UTF8P;
else if (strcmp(arg->data.str.area, "utf8ps") == 0)
type = IT_UTF8PS;
else {
memprintf(err, "Unexpected input code type. "
"Allowed value are 'ascii', 'utf8', 'utf8s', 'utf8p' and 'utf8ps'");
return 0;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&arg->data.str);
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
arg->type = ARGT_SINT;
arg->data.sint = type;
return 1;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
}
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_json(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *temp;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
char _str[7]; /* \u + 4 hex digit + null char for sprintf. */
const char *str;
int len;
enum input_type input_type = IT_ASCII;
unsigned int c;
unsigned int ret;
char *p;
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
input_type = arg_p->data.sint;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
temp = get_trash_chunk();
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
temp->data = 0;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
p = smp->data.u.str.area;
while (p < smp->data.u.str.area + smp->data.u.str.data) {
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
if (input_type == IT_ASCII) {
/* Read input as ASCII. */
c = *(unsigned char *)p;
p++;
}
else {
/* Read input as UTF8. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
ret = utf8_next(p,
smp->data.u.str.data - ( p - smp->data.u.str.area),
&c);
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
p += utf8_return_length(ret);
if (input_type == IT_UTF8 && utf8_return_code(ret) != UTF8_CODE_OK)
return 0;
if (input_type == IT_UTF8S && utf8_return_code(ret) != UTF8_CODE_OK)
continue;
if (input_type == IT_UTF8P && utf8_return_code(ret) & (UTF8_CODE_INVRANGE|UTF8_CODE_BADSEQ))
return 0;
if (input_type == IT_UTF8PS && utf8_return_code(ret) & (UTF8_CODE_INVRANGE|UTF8_CODE_BADSEQ))
continue;
/* Check too big values. */
if ((unsigned int)c > 0xffff) {
if (input_type == IT_UTF8 || input_type == IT_UTF8P)
return 0;
continue;
}
}
/* Convert character. */
if (c == '"') {
len = 2;
str = "\\\"";
}
else if (c == '\\') {
len = 2;
str = "\\\\";
}
else if (c == '/') {
len = 2;
str = "\\/";
}
else if (c == '\b') {
len = 2;
str = "\\b";
}
else if (c == '\f') {
len = 2;
str = "\\f";
}
else if (c == '\r') {
len = 2;
str = "\\r";
}
else if (c == '\n') {
len = 2;
str = "\\n";
}
else if (c == '\t') {
len = 2;
str = "\\t";
}
BUILD: general: always pass unsigned chars to is* functions The isalnum(), isalpha(), isdigit() etc functions from ctype.h are supposed to take an int in argument which must either reflect an unsigned char or EOF. In practice on some platforms they're implemented as macros referencing an array, and when passed a char, they either cause a warning "array subscript has type 'char'" when lucky, or cause random segfaults when unlucky. It's quite unconvenient by the way since none of them may return true for negative values. The recent introduction of cygwin to the list of regularly tested build platforms revealed a lot of breakage there due to the same issues again. So this patch addresses the problem all over the code at once. It adds unsigned char casts to every valid use case, and also drops the unneeded double cast to int that was sometimes added on top of it. It may be backported by dropping irrelevant changes if that helps better support uncommon platforms. It's unlikely to fix bugs on platforms which would already not emit any warning though.
2020-02-25 02:16:33 -05:00
else if (c > 0xff || !isprint((unsigned char)c)) {
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
/* isprint generate a segfault if c is too big. The man says that
* c must have the value of an unsigned char or EOF.
*/
len = 6;
_str[0] = '\\';
_str[1] = 'u';
snprintf(&_str[2], 5, "%04x", (unsigned short)c);
str = _str;
}
else {
len = 1;
BUG/MINOR: sample: fix the json converter's endian-sensitivity About every time there's a pointer cast in the code, there's a hidden bug, and this one was no exception, as it passes the first octet of the native representation of an integer as a single-character string, which obviously only works on little endian machines. On big-endian machines, something as simple as "str(foo),json" only returns zeroes. This bug was introduced with the JSON converter in 1.6-dev1 by commit 317e1c4f1e ("MINOR: sample: add "json" converter"), the fix may be backported to all stable branches.
2020-02-25 02:37:37 -05:00
_str[0] = c;
str = _str;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
}
/* Check length */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (temp->data + len > temp->size)
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 0;
/* Copy string. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(temp->area + temp->data, str, len);
temp->data += len;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
}
smp->flags &= ~SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *temp;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MINOR: sample: add "json" converter This converter escapes string to use it as json/ascii escaped string. It can read UTF-8 with differents behavior on errors and encode it in json/ascii. json([<input-code>]) Escapes the input string and produces an ASCII ouput string ready to use as a JSON string. The converter tries to decode the input string according to the <input-code> parameter. It can be "ascii", "utf8", "utf8s", "utf8"" or "utf8ps". The "ascii" decoder never fails. The "utf8" decoder detects 3 types of errors: - bad UTF-8 sequence (lone continuation byte, bad number of continuation bytes, ...) - invalid range (the decoded value is within a UTF-8 prohibited range), - code overlong (the value is encoded with more bytes than necessary). The UTF-8 JSON encoding can produce a "too long value" error when the UTF-8 character is greater than 0xffff because the JSON string escape specification only authorizes 4 hex digits for the value encoding. The UTF-8 decoder exists in 4 variants designated by a combination of two suffix letters : "p" for "permissive" and "s" for "silently ignore". The behaviors of the decoders are : - "ascii" : never fails ; - "utf8" : fails on any detected errors ; - "utf8s" : never fails, but removes characters corresponding to errors ; - "utf8p" : accepts and fixes the overlong errors, but fails on any other error ; - "utf8ps" : never fails, accepts and fixes the overlong errors, but removes characters corresponding to the other errors. This converter is particularly useful for building properly escaped JSON for logging to servers which consume JSON-formated traffic logs. Example: capture request header user-agent len 150 capture request header Host len 15 log-format {"ip":"%[src]","user-agent":"%[capture.req.hdr(1),json]"} Input request from client 127.0.0.1: GET / HTTP/1.0 User-Agent: Very "Ugly" UA 1/2 Output log: {"ip":"127.0.0.1","user-agent":"Very \"Ugly\" UA 1\/2"}
2014-08-12 04:20:47 -04:00
return 1;
}
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
/* This sample function is designed to extract some bytes from an input buffer.
* First arg is the offset.
* Optional second arg is the length to truncate */
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_bytes(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
{
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
struct sample smp_arg0, smp_arg1;
long long start_idx, length;
// determine the start_idx and length of the output
smp_set_owner(&smp_arg0, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
if (!sample_conv_var2smp_sint(&arg_p[0], &smp_arg0) || smp_arg0.data.u.sint < 0) {
/* invalid or negative value */
goto fail;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
}
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
if (smp_arg0.data.u.sint >= smp->data.u.str.data) {
// arg0 >= the input length
if (smp->opt & SMP_OPT_FINAL) {
// empty output value on final smp
smp->data.u.str.data = 0;
goto end;
}
goto wait;
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
}
start_idx = smp_arg0.data.u.sint;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
// length comes from arg1 if present, otherwise it's the remaining length
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
length = smp->data.u.str.data - start_idx;
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
if (arg_p[1].type != ARGT_STOP) {
smp_set_owner(&smp_arg1, smp->px, smp->sess, smp->strm, smp->opt);
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
if (!sample_conv_var2smp_sint(&arg_p[1], &smp_arg1) || smp_arg1.data.u.sint < 0) {
// invalid or negative value
goto fail;
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
}
if (smp_arg1.data.u.sint > (smp->data.u.str.data - start_idx)) {
// arg1 value is greater than the remaining length
if (smp->opt & SMP_OPT_FINAL) {
// truncate to remaining length
length = smp->data.u.str.data - start_idx;
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
goto end;
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
}
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
goto wait;
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
}
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
length = smp_arg1.data.u.sint;
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
}
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
// update the output using the start_idx and length
smp->data.u.str.area += start_idx;
smp->data.u.str.data = length;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
end:
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
return 1;
BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length When the bytes converter was improved to be able to use variables (915e48675 ["MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments"]), the behavior of the sample slightly change. A failure is reported if the given offset is bigger than the sample length. Before, a empty binary sample was returned. This patch fixes the converter to restore the original behavior. The function was also refactored to properly handle failures by removing SMP_F_MAY_CHANGE flag. Because the converter now handles variables, the conversion to an integer may fail. In this case SMP_F_MAY_CHANGE flag must be removed to be sure the caller will not retry. This patch should fix the issue #2335. No backport needed except if commit above is backported.
2023-11-10 04:33:01 -05:00
fail:
smp->flags &= ~SMP_F_MAY_CHANGE;
wait:
smp->data.u.str.data = 0;
return 0;
MINOR: samples: adds the bytes converter. bytes(<offset>[,<length>]) Extracts a some bytes from an input binary sample. The result is a binary sample starting at an offset (in bytes) of the original sample and optionnaly truncated at the given length.
2014-11-03 09:32:43 -05:00
}
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
static int sample_conv_field_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
struct arg *arg = args;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (arg->type != ARGT_SINT) {
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
memprintf(err, "Unexpected arg type");
return 0;
}
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (!arg->data.sint) {
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
memprintf(err, "Unexpected value 0 for index");
return 0;
}
arg++;
if (arg->type != ARGT_STR) {
memprintf(err, "Unexpected arg type");
return 0;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!arg->data.str.data) {
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
memprintf(err, "Empty separators list");
return 0;
}
return 1;
}
/* This sample function is designed to a return selected part of a string (field).
* First arg is the index of the field (start at 1)
* Second arg is a char list of separators (type string)
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_field(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
{
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int field;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
char *start, *end;
int i;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int count = (arg_p[2].type == ARGT_SINT) ? arg_p[2].data.sint : 1;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (!arg_p[0].data.sint)
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
return 0;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (arg_p[0].data.sint < 0) {
field = -1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area + smp->data.u.str.data;
while (start > smp->data.u.str.area) {
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*(start-1) == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (field == arg_p[0].data.sint) {
if (count == 1)
goto found;
else if (count > 1)
count--;
} else {
end = start-1;
field--;
}
break;
}
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
start--;
}
} else {
field = 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area;
while (end - smp->data.u.str.area < smp->data.u.str.data) {
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*end == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (field == arg_p[0].data.sint) {
if (count == 1)
goto found;
else if (count > 1)
count--;
} else {
start = end+1;
field++;
}
break;
}
}
end++;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
}
}
/* Field not found */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (field != arg_p[0].data.sint) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = 0;
BUG/MINOR: sample: Make the `field` converter compatible with `-m found` Previously an expression like: path,field(2,/) -m found always returned `true`. Bug exists since the `field` converter exists. That is: f399b0debfc6c7dc17c6ad503885c911493add56 The fix should be backported to 1.6+.
2019-10-16 09:11:15 -04:00
return 0;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
}
found:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = end - start;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
/* If ret string is len 0, no need to
change pointers or to update size */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!smp->data.u.str.data)
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
return 1;
/* Compute remaining size if needed
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
Note: smp->data.u.str.size cannot be set to 0 */
if (smp->data.u.str.size)
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.size -= start - smp->data.u.str.area;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
BUG/MEDIUM: sample: Fix adjusting size in field converter Adjust the size of the sample buffer before we change the "area" pointer. The change in size is calculated as the difference between the original pointer and the new start pointer. But since the `smp->data.u.str.area` assignment results in `smp->data.u.str.area` and `start` being the same pointer, we always ended up substracting zero. This changes it to change the size by the actual amount it changed. I'm not entirely sure what the impact of this is, but the previous code seemed wrong. [wt: from what I can see the only harmful case is when the output is converted to a stick-table key, it could result in zeroing past the end of the buffer; other cases do not touch beyond ->data]
2021-04-12 01:26:59 -04:00
smp->data.u.str.area = start;
MINOR: samples: adds the field converter. field(<index>,<delimiters>) Extracts the substring at the given index considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-03 11:07:03 -05:00
return 1;
}
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
/* This sample function is designed to return a word from a string.
* First arg is the index of the word (start at 1)
* Second arg is a char list of words separators (type string)
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_word(const struct arg *arg_p, struct sample *smp, void *private)
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
{
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int word;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
char *start, *end;
int i, issep, inword;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
int count = (arg_p[2].type == ARGT_SINT) ? arg_p[2].data.sint : 1;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (!arg_p[0].data.sint)
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 0;
word = 0;
inword = 0;
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (arg_p[0].data.sint < 0) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area + smp->data.u.str.data;
while (start > smp->data.u.str.area) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*(start-1) == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 1;
break;
}
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (!inword) {
if (!issep) {
if (word != arg_p[0].data.sint) {
word--;
end = start;
}
inword = 1;
}
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
else if (issep) {
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
if (word == arg_p[0].data.sint) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (count == 1)
goto found;
else if (count > 1)
count--;
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
inword = 0;
}
start--;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
} else {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
end = start = smp->data.u.str.area;
while (end - smp->data.u.str.area < smp->data.u.str.data) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0 ; i < arg_p[1].data.str.data; i++) {
if (*end == arg_p[1].data.str.area[i]) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
issep = 1;
break;
}
}
if (!inword) {
if (!issep) {
if (word != arg_p[0].data.sint) {
word++;
start = end;
}
inword = 1;
}
}
else if (issep) {
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
if (word == arg_p[0].data.sint) {
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
if (count == 1)
goto found;
else if (count > 1)
count--;
BUILD: sample: avoid build warning in sample.c Recent commit 9631a28 ("MEDIUM: sample: Extend functionality for field/word converters") introduced this minor build warning that this patch addresses : src/sample.c: In function 'sample_conv_word': src/sample.c:2108:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] src/sample.c:2137:8: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] No backport is needed.
2018-04-19 04:33:28 -04:00
}
MEDIUM: sample: Extend functionality for field/word converters Extend functionality of field/word converters, so it's possible to extract field(s)/word(s) counting from the beginning/end and/or extract multiple fields/words (including separators) eg. str(f1_f2_f3__f5),field(2,_,2) # f2_f3 str(f1_f2_f3__f5),field(2,_,0) # f2_f3__f5 str(f1_f2_f3__f5),field(-2,_,3) # f2_f3_ str(f1_f2_f3__f5),field(-3,_,0) # f1_f2_f3 str(w1_w2_w3___w4),word(3,_,2) # w3___w4 str(w1_w2_w3___w4),word(2,_,0) # w2_w3___w4 str(w1_w2_w3___w4),word(-2,_,3) # w1_w2_w3 str(w1_w2_w3___w4),word(-3,_,0) # w1_w2 Change is backward compatible.
2018-04-16 08:30:46 -04:00
inword = 0;
}
end++;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
}
/* Field not found */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (word != arg_p[0].data.sint) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = 0;
BUG/MINOR: sample: Make the `word` converter compatible with `-m found` Previously an expression like: path,word(2,/) -m found always returned `true`. Bug exists since the `word` converter exists. That is: c9a0f6d0232cf44d6b08d1964b9097a45a6c65f0 The same bug was previously fixed for the `field` converter in commit 4381d26edc03faa46401eb0fe82fd7be84be14fd. The fix should be backported to 1.6+.
2023-11-30 10:41:17 -05:00
return 0;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
}
found:
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.data = end - start;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
/* If ret string is len 0, no need to
change pointers or to update size */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!smp->data.u.str.data)
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 1;
/* Compute remaining size if needed
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
Note: smp->data.u.str.size cannot be set to 0 */
if (smp->data.u.str.size)
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.size -= start - smp->data.u.str.area;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
BUG/MEDIUM: sample: Fix adjusting size in word converter Adjust the size of the sample buffer before we change the "area" pointer. Otherwise, we end up not changing the size, because the area pointer is already the same as "start" before we compute the difference between the two. This is similar to the change in b28430591d18f7fda5bac2e0ea590b3a34f04601 but for the word converter instead of field.
2022-05-26 00:58:51 -04:00
smp->data.u.str.area = start;
MINOR: samples: add the word converter. word(<index>,<delimiters>) Extracts the nth word considering given delimiters from an input string. Indexes start at 1 and delimiters are a string formatted list of chars.
2014-11-25 08:09:01 -05:00
return 1;
}
MINOR: sample: add param converter Add a converter that extracts a parameter from string of delimited key/value pairs. Fixes: #1697
2022-12-14 02:19:59 -05:00
static int sample_conv_param_check(struct arg *arg, struct sample_conv *conv,
const char *file, int line, char **err)
{
if (arg[1].type == ARGT_STR && arg[1].data.str.data != 1) {
memprintf(err, "Delimiter must be exactly 1 character.");
return 0;
}
return 1;
}
static int sample_conv_param(const struct arg *arg_p, struct sample *smp, void *private)
{
char *pos, *end, *pend, *equal;
char delim = '&';
const char *name = arg_p[0].data.str.area;
size_t name_l = arg_p[0].data.str.data;
if (arg_p[1].type == ARGT_STR)
delim = *arg_p[1].data.str.area;
pos = smp->data.u.str.area;
end = pos + smp->data.u.str.data;
while (pos < end) {
equal = pos + name_l;
/* Parameter not found */
if (equal > end)
break;
if (equal == end || *equal == delim) {
if (memcmp(pos, name, name_l) == 0) {
/* input contains parameter, but no value is supplied */
smp->data.u.str.data = 0;
return 1;
}
pos = equal + 1;
continue;
}
if (*equal == '=' && memcmp(pos, name, name_l) == 0) {
pos = equal + 1;
pend = memchr(pos, delim, end - pos);
if (pend == NULL)
pend = end;
if (smp->data.u.str.size)
smp->data.u.str.size -= pos - smp->data.u.str.area;
smp->data.u.str.area = pos;
smp->data.u.str.data = pend - pos;
return 1;
}
/* find the next delimiter and set position to character after that */
pos = memchr(pos, delim, end - pos);
if (pos == NULL)
pos = end;
else
pos++;
}
/* Parameter not found */
smp->data.u.str.data = 0;
return 0;
}
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
static int sample_conv_regsub_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
struct arg *arg = args;
char *p;
int len;
/* arg0 is a regex, it uses type_flag for ICASE and global match */
arg[0].type_flags = 0;
if (arg[2].type != ARGT_STR)
return 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
p = arg[2].data.str.area;
len = arg[2].data.str.data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
while (len) {
if (*p == 'i') {
arg[0].type_flags |= ARGF_REG_ICASE;
}
else if (*p == 'g') {
arg[0].type_flags |= ARGF_REG_GLOB;
}
else {
memprintf(err, "invalid regex flag '%c', only 'i' and 'g' are supported", *p);
return 0;
}
p++;
len--;
}
return 1;
}
/* This sample function is designed to do the equivalent of s/match/replace/ on
* the input string. It applies a regex and restarts from the last matched
* location until nothing matches anymore. First arg is the regex to apply to
* the input string, second arg is the replacement expression.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_regsub(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
{
char *start, *end;
struct my_regex *reg = arg_p[0].data.reg;
regmatch_t pmatch[MAX_MATCH];
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash = get_trash_chunk();
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
struct buffer *output;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
int flag, max;
int found;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
start = smp->data.u.str.area;
end = start + smp->data.u.str.data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
flag = 0;
while (1) {
/* check for last round which is used to copy remaining parts
* when not running in global replacement mode.
*/
found = 0;
if ((arg_p[0].type_flags & ARGF_REG_GLOB) || !(flag & REG_NOTBOL)) {
/* Note: we can have start == end on empty strings or at the end */
found = regex_exec_match2(reg, start, end - start, MAX_MATCH, pmatch, flag);
}
if (!found)
pmatch[0].rm_so = end - start;
/* copy the heading non-matching part (which may also be the tail if nothing matches) */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = trash->size - trash->data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
if (max && pmatch[0].rm_so > 0) {
if (max > pmatch[0].rm_so)
max = pmatch[0].rm_so;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, start, max);
trash->data += max;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
}
if (!found)
break;
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
output = alloc_trash_chunk();
BUG/MINOR: sample: exit regsub() in case of trash allocation error As reported in issue #507, since commiy 07e1e3c93e ("MINOR: sample: regsub now supports backreferences") we must not proceed in regsub() if we fali to allocate a trash (which in practice never happens). No backport needed.
2020-02-18 08:27:44 -05:00
if (!output)
break;
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
output->data = exp_replace(output->area, output->size, start, arg_p[1].data.str.area, pmatch);
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
/* replace the matching part */
BUG/MEDIUM: sample: fix risk of overflow when replacing multiple regex back-refs Aleandro Prudenzano of Doyensec and Edoardo Geraci of Codean Labs reported a bug in sample_conv_regsub(), which can cause replacements of multiple back-references to overflow the temporary trash buffer. The problem happens when doing "regsub(match,replacement,g)": we're replacing every occurrence of "match" with "replacement" in the input sample, which requires a length check. For this, a max is applied, so that a replacement may not use more than the remaining length in the buffer. However, the length check is made on the replaced pattern and not on the temporary buffer used to carry the new string. This results in the remaining size to be usable for each input match, which can go beyond the temporary buffer size if more than one occurrence has to be replaced with something that's larger than the remaining room. The fix proposed by Aleandro and Edoardo is the correct one (check on "trash" not "output"), and is the one implemented in this patch. While it is very unlikely that a config will replace multiple short patterns each with a larger one in a request, this possibility cannot be entirely ruled out (e.g. mask a known, short IP address using "XXX.XXX.XXX.XXX"). However when this happens, the replacement pattern will be static, and not be user-controlled, which is why this patch is marked as medium. The bug was introduced in 2.2 with commit 07e1e3c93e ("MINOR: sample: regsub now supports backreferences"), so it must be backported to all versions. Special thanks go to Aleandro and Edoardo for reporting this bug with a simple reproducer and a fix.
2025-04-07 09:30:43 -04:00
max = trash->size - trash->data;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
if (max) {
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
if (max > output->data)
max = output->data;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data,
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
output->area, max);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data += max;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
}
MINOR: sample: regsub now supports backreferences Now that the configuration parser is more flexible with samples, converters and their arguments, we can leverage this to enable support for backreferences in regsub.
2020-02-16 13:20:19 -05:00
free_trash_chunk(output);
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
/* stop here if we're done with this string */
if (start >= end)
break;
/* We have a special case for matches of length 0 (eg: "x*y*").
* These ones are considered to match in front of a character,
* so we have to copy that character and skip to the next one.
*/
if (!pmatch[0].rm_eo) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (trash->data < trash->size)
trash->area[trash->data++] = start[pmatch[0].rm_eo];
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
pmatch[0].rm_eo++;
}
start += pmatch[0].rm_eo;
flag |= REG_NOTBOL;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.str = *trash;
MEDIUM: samples: add a regsub converter to perform regex-based transformations We can now replace matching regex parts with a string, a la sed. Note that there are at least 3 different behaviours for existing sed implementations when matching 0-length strings. Here is the result of the following operation on each implementationt tested : echo 'xzxyz' | sed -e 's/x*y*/A/g' GNU sed 4.2.1 => AzAzA Perl's sed 5.16.1 => AAzAAzA Busybox v1.11.2 sed => AzAz The psed behaviour was adopted because it causes the least exceptions in the code and seems logical from a certain perspective : - "x" matches x*y* => add "A" and skip "x" - "z" matches x*y* => add "A" and keep "z", not part of the match - "xy" matches x*y* => add "A" and skip "xy" - "z" matches x*y* => add "A" and keep "z", not part of the match - "" matches x*y* => add "A" and stop here Anyway, given the incompatibilities between implementations, it's unlikely that some processing will rely on this behaviour. There currently is one big limitation : the configuration parser makes it impossible to pass commas or closing parenthesis (or even closing brackets in log formats). But that's still quite usable to replace certain characters or character sequences. It will become more complete once the config parser is reworked.
2015-01-20 13:47:06 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* This function check an operator entry. It expects a string.
* The string can be an integer or a variable name.
*/
static int check_operator(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
const char *str;
const char *end;
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
long long int i;
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
DOC: sample: Add a comment in 'check_operator' to explain why 'vars_check_arg' should ignore the 'err' buffer This extra comment ensure that we do not try to pass an 'err' argument to 'vars_check_arg' otherwise some warnings will be raised if an operator is given an integer directly in the configuration file.
2023-10-02 11:46:55 -04:00
/* Try to decode a variable. The 'err' variable is intentionnaly left
* NULL since the operators accept an integer as argument in which case
* vars_check_arg call will fail.
*/
Revert "MEDIUM: sample: Small fix in function check_operator for eror reporting" This reverts commit d897d7da87b8894866572c56e9c495a2b290620a. The "check_operator" function is used for all the operator converters such as "and", "or", "add"... With such a converter that accepts a variable name as well as an integer, the "vars_check_arg" call is expected to fail when an integer is provided. Passing an "err" variable has the unwanted side effect of raising a warning during init for a configuration such as the following: http-request set-query "s=%[rand,add(20)]" which raises the following warning: [WARNING] (33040) : config : parsing [hap.cfg:14] : invalid variable name '20'. A variable name must be start by its scope. The scope can be 'proc', 'sess', 'txn', 'req', 'res' or 'check'.
2023-10-02 11:46:54 -04:00
if (vars_check_arg(&args[0], NULL))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 1;
/* Try to convert an integer */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
str = args[0].data.str.area;
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
end = str + strlen(str);
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
i = read_int64(&str, end);
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
if (*str != '\0') {
memprintf(err, "expects an integer or a variable name");
return 0;
}
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[0].data.str);
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
args[0].type = ARGT_SINT;
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
args[0].data.sint = i;
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 1;
}
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
/* This function returns a sample struct filled with an arg content.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If the arg contain an integer, the integer is returned in the
* sample. If the arg contains a variable descriptor, it returns the
* variable value.
*
* This function returns 0 if an error occurs, otherwise it returns 1.
*/
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
int sample_conv_var2smp_sint(const struct arg *arg, struct sample *smp)
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
{
switch (arg->type) {
case ARGT_SINT:
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = arg->data.sint;
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 1;
case ARGT_VAR:
BUG/MEDIUM: sample: properly verify that variables cast to sample The various variable-to-sample converters allow to turn a variable to a sample of type string, sint or binary, but both the string one used by strcmp() and the binary one used by secure_memcmp() are missing a pointer check on the ability to the cast, making them crash if a variable of type addr is used with strcmp(), or if an addr or bool is used with secure_memcmp(). Let's rely on the new sample_conv_var2smp() function to run the proper checks. This will need to be backported to all supported version. It relies on previous commits: CLEANUP: server: always include the storage for SSL settings CLEANUP: sample: rename sample_conv_var2smp() to *_sint CLEANUP: sample: uninline sample_conv_var2smp_str() MINOR: sample: provide a generic var-to-sample conversion function For backports it's probably easier to check the sample_casts[] pointer before calling it in sample_conv_strcmp() and sample_conv_secure_memcmp().
2021-10-06 09:30:52 -04:00
return sample_conv_var2smp(&arg->data.var, smp, SMP_T_SINT);
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
default:
return 0;
}
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, applies a binary twos complement and returns the SINT
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* result.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_cpl(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = ~smp->data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies a binary "and" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_and(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint &= tmp.data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies a binary "or" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_or(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint |= tmp.data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies a binary "xor" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_binary_xor(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint ^= tmp.data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
static inline long long int arith_add(long long int a, long long int b)
{
/* Prevent overflow and makes capped calculus.
* We must ensure that the check calculus doesn't
* exceed the signed 64 bits limits.
*
* +----------+----------+
* | a<0 | a>=0 |
* +------+----------+----------+
* | b<0 | MIN-a>b | no check |
* +------+----------+----------+
* | b>=0 | no check | MAX-a<b |
* +------+----------+----------+
*/
if ((a ^ b) >= 0) {
BUG/MINOR: sample: Fix wrong overflow detection in add/sub conveters When "add" or "sub" conveters are used, an overflow detection is performed. When 2 negative integers are added (or a positive integer is substracted to a positive one), we take care to not exceed the low limit (LLONG_MIN) and when 2 positive integers are added, we take care to not exceed the high limit (LLONG_MAX). However, because of a missing 'else' statement, if there is no overflow in the first case, we fall back on the second check (the one for positive adds) and LLONG_MAX is returned. It means that most of time, when 2 negative integers are added (or a positive integer is substracted to a negative one), LLONG_MAX is returned. This patch should solve the issue #2216. It must be backported to all stable versions.
2023-07-17 02:35:11 -04:00
/* signs are same. */
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
if (a < 0) {
if (LLONG_MIN - a > b)
return LLONG_MIN;
}
BUG/MINOR: sample: Fix wrong overflow detection in add/sub conveters When "add" or "sub" conveters are used, an overflow detection is performed. When 2 negative integers are added (or a positive integer is substracted to a positive one), we take care to not exceed the low limit (LLONG_MIN) and when 2 positive integers are added, we take care to not exceed the high limit (LLONG_MAX). However, because of a missing 'else' statement, if there is no overflow in the first case, we fall back on the second check (the one for positive adds) and LLONG_MAX is returned. It means that most of time, when 2 negative integers are added (or a positive integer is substracted to a negative one), LLONG_MAX is returned. This patch should solve the issue #2216. It must be backported to all stable versions.
2023-07-17 02:35:11 -04:00
else if (LLONG_MAX - a < b)
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return LLONG_MAX;
}
return a + b;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "add" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_add(const struct arg *arg_p, struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = arith_add(smp->data.u.sint, tmp.data.u.sint);
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "sub" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_sub(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* We cannot represent -LLONG_MIN because abs(LLONG_MIN) is greater
* than abs(LLONG_MAX). So, the following code use LLONG_MAX in place
* of -LLONG_MIN and correct the result.
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (tmp.data.u.sint == LLONG_MIN) {
smp->data.u.sint = arith_add(smp->data.u.sint, LLONG_MAX);
if (smp->data.u.sint < LLONG_MAX)
smp->data.u.sint++;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
/* standard subtraction: we use the "add" function and negate
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
* the second operand.
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = arith_add(smp->data.u.sint, -tmp.data.u.sint);
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "mul" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If the result makes an overflow, then the largest possible quantity is
* returned.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_mul(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
long long int c;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* prevent divide by 0 during the check */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (!smp->data.u.sint || !tmp.data.u.sint) {
smp->data.u.sint = 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
/* The multiply between LLONG_MIN and -1 returns a
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
* "floating point exception".
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN && tmp.data.u.sint == -1) {
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
/* execute standard multiplication. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
c = smp->data.u.sint * tmp.data.u.sint;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* check for overflow and makes capped multiply. */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint != c / tmp.data.u.sint) {
if ((smp->data.u.sint < 0) == (tmp.data.u.sint < 0)) {
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = LLONG_MIN;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = c;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "div" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If arg_p makes the result overflow, then the largest possible quantity is
* returned.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_div(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (tmp.data.u.sint) {
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* The divide between LLONG_MIN and -1 returns a
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
* "floating point exception".
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN && tmp.data.u.sint == -1) {
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint /= tmp.data.u.sint;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = LLONG_MAX;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
/* Takes a SINT on input, applies an arithmetic "mod" with the SINT directly in
CLEANUP: Fix typos in the sample subsystem Fix some typos in the code comment of the sample subsystem.
2018-11-15 15:14:56 -05:00
* arg_p or in the variable described in arg_p, and returns the SINT result.
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
* If arg_p makes the result overflow, then 0 is returned.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_mod(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
struct sample tmp;
MINOR: sample: always set a new sample's owner before evaluating it Some functions like sample_conv_var2smp(), var_get_byname(), and var_set_byname() directly or indirectly need to access the current stream and/or session and must find it in the sample itself and not as a distinct argument. Thus we first need to call smp_set_owner() prior to each such calls.
2016-03-10 10:28:58 -05:00
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
CLEANUP: sample: rename sample_conv_var2smp() to *_sint This one only handles integers, contrary to its sibling with the suffix _str that only handles strings. Let's rename it and uninline it since it may well be used from outside.
2021-10-06 09:19:05 -04:00
if (!sample_conv_var2smp_sint(arg_p, &tmp))
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
return 0;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (tmp.data.u.sint) {
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
/* The divide between LLONG_MIN and -1 returns a
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
* "floating point exception".
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
*/
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN && tmp.data.u.sint == -1) {
smp->data.u.sint = 0;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint %= tmp.data.u.sint;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
return 1;
}
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes an SINT on input, applies an arithmetic "neg" and returns the SINT
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* result.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_neg(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
if (smp->data.u.sint == LLONG_MIN)
smp->data.u.sint = LLONG_MAX;
MEDIUM: sample: switch to saturated arithmetic This patch check calculus for overflow and returns capped values. This permits to protect against integer overflow in certain operations involving ratios, percentages, limits or anything. That can sometimes be critically important with some operations (eg: content-length < X).
2015-07-07 19:10:21 -04:00
else
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = -smp->data.u.sint;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns true is the value is non-null, otherwise
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* false. The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_bool(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !!smp->data.u.sint;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns false is the value is non-null, otherwise
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* truee. The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_not(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !smp->data.u.sint;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns true is the value is odd, otherwise false.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_odd(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = smp->data.u.sint & 1;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
/* Takes a SINT on input, returns true is the value is even, otherwise false.
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
* The output is a BOOL.
*/
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
static int sample_conv_arith_even(const struct arg *arg_p,
MINOR: converters: give the session pointer as converter argument Some usages of the converters need to know the attached session. The Lua needs the session for retrieving his running context. This patch adds the "session" as an argument of the converters prototype.
2015-02-23 09:11:11 -05:00
struct sample *smp, void *private)
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !(smp->data.u.sint & 1);
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
return 1;
}
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
/* appends an optional const string, an optional variable contents and another
* optional const string to an existing string.
*/
static int sample_conv_concat(const struct arg *arg_p, struct sample *smp, void *private)
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *trash;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
struct sample tmp;
int max;
BUG/MINOR: sample: fix concat() converter's corruption with non-string variables Patrick Hemmer reported that calling concat() with an integer variable causes a %00 to appear at the beginning of the output. Looking at the code, it's not surprising. The function uses get_trash_chunk() to get one of the trashes, but can call casting functions which will also use their trash in turn and will cycle back to ours, causing the trash to be overwritten before being assigned to a sample. By allocating the trash from a pool using alloc_trash_chunk(), we can avoid this. However we must free it so the trash's contents must be moved to a permanent trash buffer before returning. This is what's achieved using smp_dup(). This should be backported as far as 2.0.
2021-01-08 10:08:43 -05:00
trash = alloc_trash_chunk();
BUG/MINOR: sample: check alloc_trash_chunk return value in concat() like it is done in other places, check the return value of `alloc_trash_chunk` before using it. This was detected by coverity. this patch fixes commit 591fc3a330005c289b4705fe4cb37c4eec9f9eed ("BUG/MINOR: sample: fix concat() converter's corruption with non-string variables" As a consequence, this patch should be backported as far as 2.0 this should fix github issue #1039 Signed-off-by: William Dauchy <wdauchy@gmail.com>
2021-01-11 05:05:58 -05:00
if (!trash)
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
trash->data = smp->data.u.str.data;
if (trash->data > trash->size - 1)
trash->data = trash->size - 1;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area, smp->data.u.str.area, trash->data);
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
/* append first string */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = arg_p[0].data.str.data;
if (max > trash->size - 1 - trash->data)
max = trash->size - 1 - trash->data;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (max) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, arg_p[0].data.str.area, max);
trash->data += max;
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
}
/* append second string (variable) if it's found and we can turn it
* into a string.
*/
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
MINOR: vars: make vars_get_by_* support an optional default value In preparation for support default values when fetching variables, we need to update the internal API to pass an extra argument to functions vars_get_by_{name,desc} to provide an optional default value. This patch does this and always passes NULL in this argument. var_to_smp() was extended to fall back to this value when available.
2021-09-03 05:52:38 -04:00
if (arg_p[1].type == ARGT_VAR && vars_get_by_desc(&arg_p[1].data.var, &tmp, NULL) &&
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
(sample_casts[tmp.data.type][SMP_T_STR] == c_none ||
sample_casts[tmp.data.type][SMP_T_STR](&tmp))) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = tmp.data.u.str.data;
if (max > trash->size - 1 - trash->data)
max = trash->size - 1 - trash->data;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (max) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, tmp.data.u.str.area,
max);
trash->data += max;
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
}
}
/* append third string */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = arg_p[2].data.str.data;
if (max > trash->size - 1 - trash->data)
max = trash->size - 1 - trash->data;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (max) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memcpy(trash->area + trash->data, arg_p[2].data.str.area, max);
trash->data += max;
trash->area[trash->data] = 0;
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
}
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
BUG/MINOR: sample: fix concat() converter's corruption with non-string variables Patrick Hemmer reported that calling concat() with an integer variable causes a %00 to appear at the beginning of the output. Looking at the code, it's not surprising. The function uses get_trash_chunk() to get one of the trashes, but can call casting functions which will also use their trash in turn and will cycle back to ours, causing the trash to be overwritten before being assigned to a sample. By allocating the trash from a pool using alloc_trash_chunk(), we can avoid this. However we must free it so the trash's contents must be moved to a permanent trash buffer before returning. This is what's achieved using smp_dup(). This should be backported as far as 2.0.
2021-01-08 10:08:43 -05:00
smp_dup(smp);
free_trash_chunk(trash);
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
return 1;
}
/* This function checks the "concat" converter's arguments and extracts the
* variable name and its scope.
*/
static int smp_check_concat(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
/* Try to decode a variable. */
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (args[1].data.str.data > 0 && !vars_check_arg(&args[1], NULL)) {
memprintf(err, "failed to register variable name '%s'",
args[1].data.str.area);
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
return 0;
}
return 1;
}
MINOR: sample: converter: Add add_item convertor This new converter is similar to the concat converter and can be used to build new variables made of a succession of other variables but the main difference is that it does the checks if adding a delimiter makes sense as wouldn't be the case if e.g the current input sample is empty. That situation would require 2 separate rules using concat converter where the first rule would have to check if the current sample string is empty before adding a delimiter. This resolves GitHub Issue #1621.
2022-04-03 12:11:53 -04:00
/* Append delimiter (only to a non empty input) followed by the optional
CLEANUP: assorted typo fixes in the code and comments code, comments and doc actually.
2025-04-01 16:44:54 -04:00
* variable contents concatenated with the optional suffix.
MINOR: sample: converter: Add add_item convertor This new converter is similar to the concat converter and can be used to build new variables made of a succession of other variables but the main difference is that it does the checks if adding a delimiter makes sense as wouldn't be the case if e.g the current input sample is empty. That situation would require 2 separate rules using concat converter where the first rule would have to check if the current sample string is empty before adding a delimiter. This resolves GitHub Issue #1621.
2022-04-03 12:11:53 -04:00
*/
static int sample_conv_add_item(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *tmpbuf;
struct sample tmp;
size_t max;
int var_available;
tmpbuf = alloc_trash_chunk();
if (!tmpbuf)
return 0;
tmpbuf->data = smp->data.u.str.data;
if (tmpbuf->data > tmpbuf->size - 1)
tmpbuf->data = tmpbuf->size - 1;
memcpy(tmpbuf->area, smp->data.u.str.area, tmpbuf->data);
tmpbuf->area[tmpbuf->data] = 0;
/* Check if variable is found and we can turn into a string. */
var_available = 0;
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
if (arg_p[1].type == ARGT_VAR && vars_get_by_desc(&arg_p[1].data.var, &tmp, NULL) &&
(sample_casts[tmp.data.type][SMP_T_STR] == c_none ||
sample_casts[tmp.data.type][SMP_T_STR](&tmp)))
var_available = 1;
/* Append delimiter only if input is not empty and either
* the variable or the suffix are not empty
*/
if (smp->data.u.str.data && ((var_available && tmp.data.u.str.data) ||
arg_p[2].data.str.data)) {
max = arg_p[0].data.str.data;
if (max > tmpbuf->size - 1 - tmpbuf->data)
max = tmpbuf->size - 1 - tmpbuf->data;
if (max) {
memcpy(tmpbuf->area + tmpbuf->data, arg_p[0].data.str.area, max);
tmpbuf->data += max;
tmpbuf->area[tmpbuf->data] = 0;
}
}
/* Append variable contents if variable is found and turned into string. */
if (var_available) {
max = tmp.data.u.str.data;
if (max > tmpbuf->size - 1 - tmpbuf->data)
max = tmpbuf->size - 1 - tmpbuf->data;
if (max) {
memcpy(tmpbuf->area + tmpbuf->data, tmp.data.u.str.area, max);
tmpbuf->data += max;
tmpbuf->area[tmpbuf->data] = 0;
}
}
/* Append optional suffix. */
max = arg_p[2].data.str.data;
if (max > tmpbuf->size - 1 - tmpbuf->data)
max = tmpbuf->size - 1 - tmpbuf->data;
if (max) {
memcpy(tmpbuf->area + tmpbuf->data, arg_p[2].data.str.area, max);
tmpbuf->data += max;
tmpbuf->area[tmpbuf->data] = 0;
}
smp->data.u.str = *tmpbuf;
smp->data.type = SMP_T_STR;
smp_dup(smp);
free_trash_chunk(tmpbuf);
return 1;
}
/* Check the "add_item" converter's arguments and extracts the
* variable name and its scope.
*/
static int smp_check_add_item(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
/* Try to decode a variable. */
if (args[1].data.str.data > 0 && !vars_check_arg(&args[1], NULL)) {
memprintf(err, "failed to register variable name '%s'",
args[1].data.str.area);
return 0;
}
if (args[1].data.str.data == 0 && args[2].data.str.data == 0) {
memprintf(err, "one of the optional arguments has to be nonempty");
return 0;
}
return 1;
}
MINOR: sample: Add secure_memcmp converter secure_memcmp compares two binary strings in constant time. It's only available when haproxy is compiled with USE_OPENSSL.
2020-06-09 05:48:42 -04:00
/* Compares string with a variable containing a string. Return value
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
* is compatible with strcmp(3)'s return value.
*/
static int sample_conv_strcmp(const struct arg *arg_p, struct sample *smp, void *private)
{
struct sample tmp;
int max, result;
smp_set_owner(&tmp, smp->px, smp->sess, smp->strm, smp->opt);
if (arg_p[0].type != ARGT_VAR)
return 0;
BUG/MEDIUM: sample: properly verify that variables cast to sample The various variable-to-sample converters allow to turn a variable to a sample of type string, sint or binary, but both the string one used by strcmp() and the binary one used by secure_memcmp() are missing a pointer check on the ability to the cast, making them crash if a variable of type addr is used with strcmp(), or if an addr or bool is used with secure_memcmp(). Let's rely on the new sample_conv_var2smp() function to run the proper checks. This will need to be backported to all supported version. It relies on previous commits: CLEANUP: server: always include the storage for SSL settings CLEANUP: sample: rename sample_conv_var2smp() to *_sint CLEANUP: sample: uninline sample_conv_var2smp_str() MINOR: sample: provide a generic var-to-sample conversion function For backports it's probably easier to check the sample_casts[] pointer before calling it in sample_conv_strcmp() and sample_conv_secure_memcmp().
2021-10-06 09:30:52 -04:00
if (!sample_conv_var2smp(&arg_p[0].data.var, &tmp, SMP_T_STR))
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
max = MIN(smp->data.u.str.data, tmp.data.u.str.data);
result = strncmp(smp->data.u.str.area, tmp.data.u.str.area, max);
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
if (result == 0) {
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (smp->data.u.str.data != tmp.data.u.str.data) {
if (smp->data.u.str.data < tmp.data.u.str.data) {
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
result = -1;
}
else {
result = 1;
}
}
}
smp->data.u.sint = result;
smp->data.type = SMP_T_SINT;
return 1;
}
MINOR: sample: add the host_only and port_only converters Add 2 converters that can manipulate the value of an Host header. host_only will return the host without any port, and port_only will return the port.
2022-08-26 10:21:28 -04:00
/*
* This converter can takes a Host header value as defined by rfc9110#section-7.2
* Host = uri-host [ ":" port ] ;
* It returns the uri-host value in lowecase with the port stripped.
*/
static int sample_conv_host_only(const struct arg *arg_p, struct sample *smp, void *private)
{
/* Working cases: hostname00, hostname00:80, 127.0.0.1, 127.0.0.1:80, [::1], [::1]:80 */
char *beg = smp->data.u.str.area;
char *end = smp->data.u.str.area + smp->data.u.str.data - 1;
char *p;
for (p = end; p >= beg; p--) {
if (*p == ':' || *p == ']')
break;
}
if (p >= beg && *p == ':')
smp->data.u.str.data = p - beg;
/* if no port part was found, the hostname is the whole string */
smp->data.type = SMP_T_STR;
return sample_conv_str2lower(arg_p, smp, NULL);
}
/*
* This converter can takes a Host header value as defined by rfc9110#section-7.2
* Host = uri-host [ ":" port ] ;
* It returns the port value as a int.
*/
static int sample_conv_port_only(const struct arg *arg_p, struct sample *smp, void *private)
{
/* Working cases: hostname00, hostname00:80, 127.0.0.1, 127.0.0.1:80, [::1], [::1]:80 */
char *beg = smp->data.u.str.area;
char *end = smp->data.u.str.area + smp->data.u.str.data - 1;
char *p;
for (p = end; p >= beg; p--) {
if (*p == ':' || *p == ']')
break;
}
smp->data.type = SMP_T_SINT;
if (p >= beg && *p == ':' && ++p <= end) {
smp->data.u.sint = strl2ui(p, smp->data.u.str.data + smp->data.u.str.area - p);
} else {
smp->data.u.sint = 0;
}
return 1;
}
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
MINOR: sample: Add iif(<true>,<false>) converter iif() takes a boolean as input and returns one of the two argument strings depending on whether the boolean is true. This converter most likely is most useful to return the proper scheme depending on the value returned by the `ssl_fc` fetch, e.g. for use within the `x-forwarded-proto` request header. However it can also be useful for use within a template that is sent to the client using `http-request return` with a `lf-file`. It allows the administrator to implement a simple condition, without needing to prefill variables within the regular configuration using `http-request set-var(req.foo)`.
2020-09-11 08:25:23 -04:00
/* Takes a boolean as input. Returns the first argument if that boolean is true and
* the second argument otherwise.
*/
static int sample_conv_iif(const struct arg *arg_p, struct sample *smp, void *private)
{
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_CONST;
if (smp->data.u.sint) {
smp->data.u.str.data = arg_p[0].data.str.data;
smp->data.u.str.area = arg_p[0].data.str.area;
}
else {
smp->data.u.str.data = arg_p[1].data.str.data;
smp->data.u.str.area = arg_p[1].data.str.area;
}
return 1;
}
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
enum {
WHEN_COND_STOPPING,
WHEN_COND_NORMAL,
WHEN_COND_ERROR,
WHEN_COND_FORWARDED,
WHEN_COND_TOAPPLET,
WHEN_COND_PROCESSED,
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
WHEN_COND_ACL,
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
WHEN_COND_CONDITIONS
};
const char *when_cond_kw[WHEN_COND_CONDITIONS] = {
[WHEN_COND_STOPPING] = "stopping",
[WHEN_COND_NORMAL] = "normal",
[WHEN_COND_ERROR] = "error",
[WHEN_COND_FORWARDED] = "forwarded",
[WHEN_COND_TOAPPLET] = "toapplet",
[WHEN_COND_PROCESSED] = "processed",
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
[WHEN_COND_ACL] = "acl",
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
};
/* Evaluates a condition and decides whether or not to pass the input sample
* to the output. The purpose is to hide some info when certain conditions are
* (not) met. These conditions belong to a fixed list that can verify internal
* states (debug mode, too high load, reloading, server down, stream in error
* etc). The condition's sign is placed in arg_p[0].data.int. 0=direct, 1=inv.
* The condition keyword is in arg_p[1].data.int (WHEN_COND_*).
*/
static int sample_conv_when(const struct arg *arg_p, struct sample *smp, void *private)
{
struct session *sess = smp->sess;
struct stream *strm = smp->strm;
int neg = arg_p[0].data.sint;
int cond = arg_p[1].data.sint;
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
struct acl_sample *acl_sample;
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
int ret = 0;
switch (cond) {
case WHEN_COND_STOPPING:
ret = !!stopping;
break;
case WHEN_COND_NORMAL:
neg = !neg;
__fallthrough;
case WHEN_COND_ERROR:
if (strm &&
((strm->flags & SF_REDISP) ||
((strm->flags & SF_ERR_MASK) > SF_ERR_LOCAL) ||
(((strm->flags & SF_ERR_MASK) == SF_ERR_NONE) && strm->conn_retries) ||
((sess->fe->mode == PR_MODE_HTTP) && strm->txn && strm->txn->status >= 500)))
ret = 1;
break;
case WHEN_COND_FORWARDED: // true if forwarded to a connection
ret = !!sc_conn(smp->strm->scb);
break;
case WHEN_COND_TOAPPLET: // true if handled as an applet
ret = !!sc_appctx(smp->strm->scb);
break;
case WHEN_COND_PROCESSED: // true if forwarded or appctx
ret = sc_conn(smp->strm->scb) || sc_appctx(smp->strm->scb);
break;
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
case WHEN_COND_ACL: // true if the ACL pointed to by args[2] evaluates to true
acl_sample = arg_p[2].data.ptr;
ret = acl_exec_cond(&acl_sample->cond, smp->px, smp->sess, smp->strm, smp->opt) == ACL_TEST_PASS;
break;
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
}
ret = !!ret ^ !!neg;
if (!ret) {
/* kill the sample */
return 0;
}
/* pass the sample as-is */
return 1;
}
/* checks and resolves the type of the argument passed to when().
* It supports an optional '!' to negate the condition, followed by
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
* a keyword among the list above. Note that we're purposely declaring
* one extra arg because the first one will be split into two.
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
*/
static int check_when_cond(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
struct acl_sample *acl_sample;
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
const char *kw;
int neg = 0;
int i;
kw = args[0].data.str.area;
if (*kw == '!') {
kw++;
neg = 1;
}
for (i = 0; i < WHEN_COND_CONDITIONS; i++) {
if (strcmp(kw, when_cond_kw[i]) == 0)
break;
}
if (i == WHEN_COND_CONDITIONS) {
memprintf(err, "expects a supported keyword among {");
for (i = 0; i < WHEN_COND_CONDITIONS; i++)
memprintf(err, "%s%s%s", *err, when_cond_kw[i], (i == WHEN_COND_CONDITIONS - 1) ? "}" : ",");
memprintf(err, "%s but got '%s'", *err, kw);
return 0;
}
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
if (i == WHEN_COND_ACL) {
if (args[1].type != ARGT_STR || !*args[1].data.str.area) {
memprintf(err, "'acl' selector requires an extra argument with the ACL name");
return 0;
}
if (!curproxy) {
memprintf(err, "'acl' selector may only be used in the context of a proxy");
return 0;
}
acl_sample = calloc(1, sizeof(struct acl_sample) + sizeof(struct acl_term));
if (!acl_sample) {
memprintf(err, "not enough memory for 'acl' selector");
return 0;
}
LIST_INIT(&acl_sample->suite.terms);
LIST_INIT(&acl_sample->cond.suites);
LIST_APPEND(&acl_sample->cond.suites, &acl_sample->suite.list);
LIST_APPEND(&acl_sample->suite.terms, &acl_sample->terms[0].list);
acl_sample->cond.val = ~0U; // the keyword is valid everywhere for now.
/* build one term based on the ACL kw */
if (!(acl_sample->terms[0].acl = find_acl_by_name(args[1].data.str.area, &curproxy->acl)) &&
!(acl_sample->terms[0].acl = find_acl_default(args[1].data.str.area, &curproxy->acl, err, NULL, NULL, 0))) {
memprintf(err, "ACL '%s' not found", args[1].data.str.area);
return 0;
}
acl_sample->cond.use |= acl_sample->terms[0].acl->use;
acl_sample->cond.val &= acl_sample->terms[0].acl->val;
args[2].type = ARGT_PTR;
args[2].unresolved = 0;
args[2].resolve_ptr = NULL;
args[2].data.ptr = acl_sample;
}
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
chunk_destroy(&args[0].data.str);
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
if (args[1].type == ARGT_STR)
chunk_destroy(&args[1].data.str);
if (args[2].type == ARGT_STR)
chunk_destroy(&args[2].data.str);
MINOR: sample: add the "when" converter to condition some expressions Sometimes it would be desirable to include some debugging output only under certain conditions, but the end of the transfer is too late to apply some rules. Here we take the approach of making a converter ("when") that takes a condition among an arbitrary list, and decides whether or not to let the input sample pass through or not based on the condition. This allows for example to log debugging information only when an error was encountered during the processing (sort of an extension of dontlog-normal). The conditions are quite limited (stopping, error, normal, toapplet, forwarded, processed) and can be negated. The converter can also be chained to use more complex conditions. A suggested example will be: # log "dbg={-}" when fine, or "dbg={... debug info ...}" on error: log-format "$HAPROXY_HTTP_LOG_FMT dbg={%[bs.debug_str,when(!normal)]}"
2024-10-22 13:43:18 -04:00
// store condition
args[0].type = ARGT_SINT;
args[0].data.sint = neg; // '!' present
// and keyword
args[1].type = ARGT_SINT;
args[1].data.sint = i;
return 1;
}
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
#define GRPC_MSG_COMPRESS_FLAG_SZ 1 /* 1 byte */
#define GRPC_MSG_LENGTH_SZ 4 /* 4 bytes */
#define GRPC_MSG_HEADER_SZ (GRPC_MSG_COMPRESS_FLAG_SZ + GRPC_MSG_LENGTH_SZ)
/*
* Extract the field value of an input binary sample. Takes a mandatory argument:
* the protocol buffers field identifier (dotted notation) internally represented
* as an array of unsigned integers and its size.
* Return 1 if the field was found, 0 if not.
*/
static int sample_conv_ungrpc(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned char *pos;
size_t grpc_left;
pos = (unsigned char *)smp->data.u.str.area;
grpc_left = smp->data.u.str.data;
MINOR: sample: Code factorization "ungrpc" converter. Parsing protocol buffer fields always consists in skip the field if the field is not found or store the field value if found. So, with this patch we factorize a little bit the code for "ungrpc" converter.
2019-03-04 01:33:41 -05:00
while (grpc_left > GRPC_MSG_HEADER_SZ) {
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
size_t grpc_msg_len, left;
BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses There were several places in grpc and its dependency protobuf where unaligned accesses were done. Read accesses to 32 (resp. 64) bits values should be performed by read_u32() (resp. read_u64()). Replace these unligned read accesses by correct calls to these functions. Same fixes for doubles and floats. Such unaligned read accesses could lead to crashes with bus errors on CPU archictectures which do not fix them at run time. This patch depends on this previous commit: 861199fa71 MINOR: net_helper: Add support for floats/doubles. Must be backported as far as 2.6.
2024-04-15 03:57:37 -04:00
grpc_msg_len = left = ntohl(read_u32(pos + GRPC_MSG_COMPRESS_FLAG_SZ));
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
pos += GRPC_MSG_HEADER_SZ;
grpc_left -= GRPC_MSG_HEADER_SZ;
if (grpc_left < left)
return 0;
MINOR: sample: Extract some protocol buffers specific code. We move the code responsible of parsing protocol buffers messages inside gRPC messages from sample.c to include/proto/protocol_buffers.h so that to reuse it to cascade "ungrpc" converter.
2019-03-06 02:03:44 -05:00
if (protobuf_field_lookup(arg_p, smp, &pos, &left))
return 1;
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
grpc_left -= grpc_msg_len;
}
return 0;
}
MINOR: sample: Add a protocol buffers specific converter. This patch adds "protobuf" protocol buffers specific converter wich may used in combination with "ungrpc" as first converter to extract a protocol buffers field value. It is simply implemented reusing protobuf_field_lookup() which is the protocol buffers specific parser already used by "ungrpc" converter which only parse a gRPC header in addition of parsing protocol buffers message. Update the documentation for this new "protobuf" converter.
2019-03-06 08:34:36 -05:00
static int sample_conv_protobuf(const struct arg *arg_p, struct sample *smp, void *private)
{
unsigned char *pos;
size_t left;
pos = (unsigned char *)smp->data.u.str.area;
left = smp->data.u.str.data;
return protobuf_field_lookup(arg_p, smp, &pos, &left);
}
static int sample_conv_protobuf_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
MINOR: sample: Rework gRPC converter code. For now on, "ungrpc" may take a second optional argument to provide the protocol buffers types used to encode the field value to be extracted. When absent the field value is extracted as a binary sample which may then followed by others converters like "hex" which takes binary as input sample. When this second argument is a type which does not match the one found by "ungrpc", this field is considered as not found even if present. With this patch we also remove the useless "varint" and "svarint" converters. Update the documentation about "ungrpc" converters.
2019-03-04 13:03:48 -05:00
{
if (!args[1].type) {
args[1].type = ARGT_SINT;
args[1].data.sint = PBUF_T_BINARY;
}
else {
int pbuf_type;
pbuf_type = protobuf_type(args[1].data.str.area);
if (pbuf_type == -1) {
memprintf(err, "Wrong protocol buffer type '%s'", args[1].data.str.area);
return 0;
}
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[1].data.str);
MINOR: sample: Rework gRPC converter code. For now on, "ungrpc" may take a second optional argument to provide the protocol buffers types used to encode the field value to be extracted. When absent the field value is extracted as a binary sample which may then followed by others converters like "hex" which takes binary as input sample. When this second argument is a type which does not match the one found by "ungrpc", this field is considered as not found even if present. With this patch we also remove the useless "varint" and "svarint" converters. Update the documentation about "ungrpc" converters.
2019-03-04 13:03:48 -05:00
args[1].type = ARGT_SINT;
args[1].data.sint = pbuf_type;
}
return 1;
}
MINOR: sample: Add converters to parse FIX messages This patch implements a couple of converters to validate and extract tag value from a FIX (Financial Information eXchange) message. The validation consists in a few checks such as mandatory fields and checksum computation. The extraction can get any tag value based on a tag string or tag id. This patch requires the istend() function. Thus it depends on "MINOR: ist: Add istend() function to return a pointer to the end of the string". Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-22 09:39:03 -04:00
/*
* Extract the tag value of an input binary sample. Takes a mandatory argument:
* the FIX protocol tag identifier.
* Return 1 if the tag was found, 0 if not.
*/
static int sample_conv_fix_tag_value(const struct arg *arg_p, struct sample *smp, void *private)
{
struct ist value;
smp->flags &= ~SMP_F_MAY_CHANGE;
value = fix_tag_value(ist2(smp->data.u.str.area, smp->data.u.str.data),
arg_p[0].data.sint);
if (!istlen(value)) {
BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data The test on the return value of fix_tag_value() function was inverted. To wait for more data, the return value must be a valid empty string and not IST_NULL. This patch must be backported to 2.4.
2021-10-13 11:58:53 -04:00
if (isttest(value)) {
MINOR: sample: Add converters to parse FIX messages This patch implements a couple of converters to validate and extract tag value from a FIX (Financial Information eXchange) message. The validation consists in a few checks such as mandatory fields and checksum computation. The extraction can get any tag value based on a tag string or tag id. This patch requires the istend() function. Thus it depends on "MINOR: ist: Add istend() function to return a pointer to the end of the string". Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-22 09:39:03 -04:00
/* value != IST_NULL, need more data */
smp->flags |= SMP_F_MAY_CHANGE;
}
return 0;
}
smp->data.u.str = ist2buf(value);
smp->flags |= SMP_F_CONST;
return 1;
}
/* This function checks the "fix_tag_value" converter configuration.
* It expects a "known" (by HAProxy) tag name or ID.
* Tag string names are converted to their ID counterpart because this is the
* format they are sent over the wire.
*/
static int sample_conv_fix_value_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
struct ist str;
unsigned int tag;
str = ist2(args[0].data.str.area, args[0].data.str.data);
tag = fix_tagid(str);
if (!tag) {
memprintf(err, "Unknown FIX tag name '%s'", args[0].data.str.area);
return 0;
}
chunk_destroy(&args[0].data.str);
args[0].type = ARGT_SINT;
args[0].data.sint = tag;
return 1;
}
/*
* Checks that a buffer contains a valid FIX message
*
* Return 1 if the check could be run, 0 if not.
CLEANUP: assorted typo fixes in the code and comments This is 13n iteration of typo fixes
2020-12-20 15:16:17 -05:00
* The result of the analyse itself is stored in <smp> as a boolean
MINOR: sample: Add converters to parse FIX messages This patch implements a couple of converters to validate and extract tag value from a FIX (Financial Information eXchange) message. The validation consists in a few checks such as mandatory fields and checksum computation. The extraction can get any tag value based on a tag string or tag id. This patch requires the istend() function. Thus it depends on "MINOR: ist: Add istend() function to return a pointer to the end of the string". Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-22 09:39:03 -04:00
*/
static int sample_conv_fix_is_valid(const struct arg *arg_p, struct sample *smp, void *private)
{
struct ist msg;
msg = ist2(smp->data.u.str.area, smp->data.u.str.data);
smp->flags &= ~SMP_F_MAY_CHANGE;
switch (fix_validate_message(msg)) {
case FIX_VALID_MESSAGE:
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = 1;
return 1;
case FIX_NEED_MORE_DATA:
smp->flags |= SMP_F_MAY_CHANGE;
return 0;
case FIX_INVALID_MESSAGE:
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = 0;
return 1;
}
return 0;
}
MINOR: sample: Add converts to parses MQTT messages This patch implements a couple of converters to validate and extract data from a MQTT (Message Queuing Telemetry Transport) message. The validation consists of a few checks as well as "packet size" validation. The extraction can get any field from the variable header and the payload. This is limited to CONNECT and CONNACK packet types only. All other messages are considered as invalid. It is not a problem for now because only the first packet on each side can be parsed (CONNECT for the client and CONNACK for the server). MQTT 3.1.1 and 5.0 are supported. Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-27 13:10:06 -04:00
/*
* Extract the field value of an input binary sample containing an MQTT packet.
* Takes 2 mandatory arguments:
* - packet type
* - field name
*
* return 1 if the field was found, 0 if not.
*/
static int sample_conv_mqtt_field_value(const struct arg *arg_p, struct sample *smp, void *private)
{
struct ist pkt, value;
int type, fieldname_id;
pkt = ist2(smp->data.u.str.area, smp->data.u.str.data);
type = arg_p[0].data.sint;
fieldname_id = arg_p[1].data.sint;
smp->flags &= ~SMP_F_MAY_CHANGE;
value = mqtt_field_value(pkt, type, fieldname_id);
if (!istlen(value)) {
if (isttest(value)) {
/* value != IST_NULL, need more data */
smp->flags |= SMP_F_MAY_CHANGE;
}
return 0;
}
smp->data.u.str = ist2buf(value);
smp->flags |= SMP_F_CONST;
return 1;
}
/*
* this function checks the "mqtt_field_value" converter configuration.
* It expects a known packet type name or ID and a field name, in this order
*
CLEANUP: assorted typo fixes in the code and comments This is 13n iteration of typo fixes
2020-12-20 15:16:17 -05:00
* Args[0] will be turned into a MQTT_CPT_* value for direct matching when parsing
MINOR: sample: Add converts to parses MQTT messages This patch implements a couple of converters to validate and extract data from a MQTT (Message Queuing Telemetry Transport) message. The validation consists of a few checks as well as "packet size" validation. The extraction can get any field from the variable header and the payload. This is limited to CONNECT and CONNACK packet types only. All other messages are considered as invalid. It is not a problem for now because only the first packet on each side can be parsed (CONNECT for the client and CONNACK for the server). MQTT 3.1.1 and 5.0 are supported. Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-27 13:10:06 -04:00
* a packet.
*/
static int sample_conv_mqtt_field_value_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
int type, fieldname_id;
/* check the MQTT packet type is valid */
type = mqtt_typeid(ist2(args[0].data.str.area, args[0].data.str.data));
if (type == MQTT_CPT_INVALID) {
memprintf(err, "Unknown MQTT type '%s'", args[0].data.str.area);
return 0;
}
/* check the field name belongs to the MQTT packet type */
fieldname_id = mqtt_check_type_fieldname(type, ist2(args[1].data.str.area, args[1].data.str.data));
if (fieldname_id == MQTT_FN_INVALID) {
memprintf(err, "Unknown MQTT field name '%s' for packet type '%s'", args[1].data.str.area,
args[0].data.str.area);
return 0;
}
/* save numeric counterparts of type and field name */
chunk_destroy(&args[0].data.str);
chunk_destroy(&args[1].data.str);
args[0].type = ARGT_SINT;
args[0].data.sint = type;
args[1].type = ARGT_SINT;
args[1].data.sint = fieldname_id;
return 1;
}
/*
* Checks that <smp> contains a valid MQTT message
*
* The function returns 1 if the check was run to its end, 0 otherwise.
* The result of the analyse itself is stored in <smp> as a boolean.
*/
static int sample_conv_mqtt_is_valid(const struct arg *arg_p, struct sample *smp, void *private)
{
struct ist msg;
msg = ist2(smp->data.u.str.area, smp->data.u.str.data);
smp->flags &= ~SMP_F_MAY_CHANGE;
switch (mqtt_validate_message(msg, NULL)) {
case FIX_VALID_MESSAGE:
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = 1;
return 1;
case FIX_NEED_MORE_DATA:
smp->flags |= SMP_F_MAY_CHANGE;
return 0;
case FIX_INVALID_MESSAGE:
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = 0;
return 1;
}
return 0;
}
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
/* This function checks the "strcmp" converter's arguments and extracts the
* variable name and its scope.
*/
static int smp_check_strcmp(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
MINOR: sample: improve error reporting on missing arg to strcmp() converter Calling the strcmp() converter with no argument yields this strange error: [ALERT] (31439) : parsing [test.cfg:3] : error detected in frontend 'f' while parsing 'http-request redirect' rule : failed to parse sample expression <src,strcmp]> : invalid args in converter 'strcmp' : failed to register variable name ''. This is because the vars name check tries to see if it can create such a variable having an empty name. Let's at least make a special case of the missing argument. Now we can read a more explicit: [ALERT] (31655) : parsing [test.cfg:3] : error detected in frontend 'f' while parsing 'http-request redirect' rule : failed to parse sample expression <src,strcmp]> : invalid args in converter 'strcmp' : missing variable name. This was done for secure_strcmp() as well.
2021-05-08 00:50:28 -04:00
if (!args[0].data.str.data) {
memprintf(err, "missing variable name");
return 0;
}
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
/* Try to decode a variable. */
if (vars_check_arg(&args[0], NULL))
return 1;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
memprintf(err, "failed to register variable name '%s'",
args[0].data.str.area);
MINOR: sample: Add strcmp sample converter This converter supplements the existing string matching by allowing strings to be converted to a variable. Example usage: http-request set-var(txn.host) hdr(host) # Check whether the client is attempting domain fronting. acl ssl_sni_http_host_match ssl_fc_sni,strcmp(txn.host) eq 0
2018-04-27 15:18:45 -04:00
return 0;
}
MINOR: sample: add htonl converter This converter tranform a integer to its binary representation in the network byte order. Integer are already automatically converted to binary during sample expression evaluation. But because samples own 8-bytes integers, the conversion produces 8 bytes. the htonl converter do the same but for 4-bytes integer.
2020-04-01 03:08:32 -04:00
/**/
static int sample_conv_htonl(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *tmp;
uint32_t n;
n = htonl((uint32_t)smp->data.u.sint);
tmp = get_trash_chunk();
memcpy(b_head(tmp), &n, 4);
b_add(tmp, 4);
smp->data.u.str = *tmp;
smp->data.type = SMP_T_BIN;
return 1;
}
MINOR: sample: add cut_crlf converter This converter cuts a string on the first \r or \n found.
2020-04-01 10:21:44 -04:00
/**/
static int sample_conv_cut_crlf(const struct arg *arg_p, struct sample *smp, void *private)
{
char *p;
size_t l;
p = smp->data.u.str.area;
for (l = 0; l < smp->data.u.str.data; l++) {
if (*(p+l) == '\r' || *(p+l) == '\n')
break;
}
smp->data.u.str.data = l;
return 1;
}
MINOR: sample: add ltrim converter This converter strips specified characters from the beginning of a string.
2020-04-01 11:24:41 -04:00
/**/
static int sample_conv_ltrim(const struct arg *arg_p, struct sample *smp, void *private)
{
char *delimiters, *p;
size_t dlen, l;
delimiters = arg_p[0].data.str.area;
dlen = arg_p[0].data.str.data;
l = smp->data.u.str.data;
p = smp->data.u.str.area;
while (l && memchr(delimiters, *p, dlen) != NULL) {
p++;
l--;
}
smp->data.u.str.area = p;
smp->data.u.str.data = l;
return 1;
}
MINOR: sample: add rtrim converter This converter strips specified characters from the end of a string.
2020-04-01 11:24:47 -04:00
/**/
static int sample_conv_rtrim(const struct arg *arg_p, struct sample *smp, void *private)
{
char *delimiters, *p;
size_t dlen, l;
delimiters = arg_p[0].data.str.area;
dlen = arg_p[0].data.str.data;
l = smp->data.u.str.data;
p = smp->data.u.str.area + l - 1;
while (l && memchr(delimiters, *p, dlen) != NULL) {
p--;
l--;
}
smp->data.u.str.data = l;
return 1;
}
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
/* This function checks the "json_query" converter's arguments. */
static int sample_check_json_query(struct arg *arg, struct sample_conv *conv,
const char *file, int line, char **err)
{
if (arg[0].data.str.data == 0) {
memprintf(err, "json_path must not be empty");
return 0;
}
if (arg[1].data.str.data != 0) {
if (strcmp(arg[1].data.str.area, "int") != 0) {
memprintf(err, "output_type only supports \"int\" as argument");
return 0;
} else {
arg[1].type = ARGT_SINT;
arg[1].data.sint = 0;
}
}
return 1;
}
/* Limit JSON integer values to the range [-(2**53)+1, (2**53)-1] as per
* the recommendation for interoperable integers in section 6 of RFC 7159.
*/
#define JSON_INT_MAX ((1LL << 53) - 1)
#define JSON_INT_MIN (-JSON_INT_MAX)
/* This sample function get the value from a given json string.
* The mjson library is used to parse the JSON struct
*/
static int sample_conv_json_query(const struct arg *args, struct sample *smp, void *private)
{
struct buffer *trash = get_trash_chunk();
CLEANUP: sample: Improve local variables in sample_conv_json_query This improves the use of local variables in sample_conv_json_query: - Use the enum type for the return value of `mjson_find`. - Do not use single letter variables. - Reduce the scope of variables that are only needed in a single branch. - Add missing newlines after variable declaration.
2021-04-15 12:08:48 -04:00
const char *token; /* holds the temporary string from mjson_find */
int token_size; /* holds the length of <token> */
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
CLEANUP: sample: Improve local variables in sample_conv_json_query This improves the use of local variables in sample_conv_json_query: - Use the enum type for the return value of `mjson_find`. - Do not use single letter variables. - Reduce the scope of variables that are only needed in a single branch. - Add missing newlines after variable declaration.
2021-04-15 12:08:48 -04:00
enum mjson_tok token_type;
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
CLEANUP: sample: Improve local variables in sample_conv_json_query This improves the use of local variables in sample_conv_json_query: - Use the enum type for the return value of `mjson_find`. - Do not use single letter variables. - Reduce the scope of variables that are only needed in a single branch. - Add missing newlines after variable declaration.
2021-04-15 12:08:48 -04:00
token_type = mjson_find(smp->data.u.str.area, smp->data.u.str.data, args[0].data.str.area, &token, &token_size);
switch (token_type) {
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
case MJSON_TOK_NUMBER:
if (args[1].type == ARGT_SINT) {
BUILD: sample: use strtoll() instead of atoll() atoll() is not portable, but strtoll() is more common. We must pass NULL to the end pointer however since the parser must consume digits and stop at the first non-digit char. No backport is needed as this was introduced in 2.4-dev17 with commit 51c8ad45c ("MINOR: sample: converter: Add json_query converter").
2021-05-14 02:51:53 -04:00
smp->data.u.sint = strtoll(token, NULL, 0);
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
if (smp->data.u.sint < JSON_INT_MIN || smp->data.u.sint > JSON_INT_MAX)
return 0;
smp->data.type = SMP_T_SINT;
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
return 1;
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
} else {
double double_val;
CLEANUP: sample: Improve local variables in sample_conv_json_query This improves the use of local variables in sample_conv_json_query: - Use the enum type for the return value of `mjson_find`. - Do not use single letter variables. - Reduce the scope of variables that are only needed in a single branch. - Add missing newlines after variable declaration.
2021-04-15 12:08:48 -04:00
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
if (mjson_get_number(smp->data.u.str.area, smp->data.u.str.data, args[0].data.str.area, &double_val) == 0)
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
return 0;
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
trash->data = snprintf(trash->area,trash->size,"%g",double_val);
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
return 1;
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
}
case MJSON_TOK_TRUE:
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = 1;
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
return 1;
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
case MJSON_TOK_FALSE:
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = 0;
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
return 1;
CLEANUP: sample: Improve local variables in sample_conv_json_query This improves the use of local variables in sample_conv_json_query: - Use the enum type for the return value of `mjson_find`. - Do not use single letter variables. - Reduce the scope of variables that are only needed in a single branch. - Add missing newlines after variable declaration.
2021-04-15 12:08:48 -04:00
case MJSON_TOK_STRING: {
int len;
len = mjson_get_string(smp->data.u.str.area, smp->data.u.str.data, args[0].data.str.area, trash->area, trash->size);
if (len == -1) {
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
/* invalid string */
return 0;
}
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
trash->data = len;
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
return 1;
CLEANUP: sample: Improve local variables in sample_conv_json_query This improves the use of local variables in sample_conv_json_query: - Use the enum type for the return value of `mjson_find`. - Do not use single letter variables. - Reduce the scope of variables that are only needed in a single branch. - Add missing newlines after variable declaration.
2021-04-15 12:08:48 -04:00
}
MINOR: sample: Added support for Arrays in sample_conv_json_query in sample.c Method now returns the content of Json Arrays, if it is specified in Json Path as String. The start and end character is a square bracket. Any complex object in the array is returned as Json, so that you might get Arrays of Array or objects. Only recommended for Arrays of simple types (e.g., String or int) which will be returned as CSV String. Also updated documentation and fixed issue with parenthesis and other changes from comments. This patch was discussed in issue #2281. Signed-off-by: William Lallemand <wlallemand@haproxy.com>
2023-09-25 09:30:53 -04:00
case MJSON_TOK_ARRAY: {
// We copy the complete array, including square brackets into the return buffer
// result looks like: ["manage-account","manage-account-links","view-profile"]
trash->data = b_putblk(trash, token, token_size);
smp->data.u.str = *trash;
smp->data.type = SMP_T_STR;
return 1;
}
CLEANUP: sample: Explicitly handle all possible enum values from mjson This makes it easier to find bugs, because -Wswitch can help us.
2021-04-15 12:14:32 -04:00
case MJSON_TOK_NULL:
case MJSON_TOK_OBJECT:
/* We cannot handle these. */
return 0;
case MJSON_TOK_INVALID:
/* Nothing matches the query. */
return 0;
case MJSON_TOK_KEY:
/* This is not a valid return value according to the
* mjson documentation, but we handle it to benefit
* from '-Wswitch'.
*/
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
return 0;
}
CLEANUP: sample: Use explicit return for successful `json_query`s Move the `return 1` into each of the cases, instead of relying on the single `return 1` at the bottom of the function.
2021-04-15 12:40:06 -04:00
my_unreachable();
return 0;
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
}
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
#ifdef USE_OPENSSL
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
static int sample_conv_jwt_verify_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
BUG/MINOR: jwt: fix variable initialisation Set the alg variable from sample_conv_jwt_verify_check() to JWT_ALG_DEFAULT. This was reported by coverity in #2630, but since you need to use the first argument to use the 2nd, this has no real impact. Mut be backported with 883f1bd (as far as 2.6).
2024-07-08 08:23:14 -04:00
enum jwt_alg alg = JWT_ALG_DEFAULT;
MAJOR: jwt: Allow certificate instead of public key in jwt_verify converter The 'jwt_verify' converter could only be passed public keys as second parameter instead of full-on public certificates. This patch allows proper certificates to be used. Those certificates can be loaded in ckch_stores like any other certificate which means that all the certificate-related operations that can be made via the CLI can now benefit JWT validation as well. We now have two ways JWT validation can work, the legacy one which only relies on public keys which could not be stored in ckch_stores without some in depth changes in the way the ckch_stores are built. In this legacy way, the public keys are fully stored in a cache dedicated to JWT only which does not have any CLI commands and any way to update them during runtime. It also requires that all the public keys used are passed at least once explicitely to the 'jwt_verify' converter so that they can be loaded during init. The new way uses actual certificates, either already stored in the ckch_store tree (if predefined in a crt-store or already used previously in the configuration) or loaded in the ckch_store tree during init if they are explicitely used in the configuration like so: var(txn.bearer),jwt_verify(txn.jwt_alg,"cert.pem") When using a variable (or any other way that can only be resolved during runtime) in place of the converter's <key> parameter, the first time we encounter a new value (for which we don't have any entry in the jwt tree) we will lock the ckch_store tree and try to perform a lookup in it. If the lookup fails, an entry will still be inserted into the jwt tree so that any following call with this value avoids performing the ckch_store tree lookup.
2025-06-30 10:56:26 -04:00
int retval = 0;
BUG/MINOR: jwt: fix variable initialisation Set the alg variable from sample_conv_jwt_verify_check() to JWT_ALG_DEFAULT. This was reported by coverity in #2630, but since you need to use the first argument to use the 2nd, this has no real impact. Mut be backported with 883f1bd (as far as 2.6).
2024-07-08 08:23:14 -04:00
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
vars_check_arg(&args[0], NULL);
vars_check_arg(&args[1], NULL);
if (args[0].type == ARGT_STR) {
BUG/MINOR: jwt: don't try to load files with HMAC algorithm When trying to use a HMAC algorithm (HS256, HS384, HS512) the sample_conv_jwt_verify_check() function of the converter tries to load a file even if it is only supposed to contain a secret instead of a path. When using lua, the check function is called at runtime so it even tries to load file at each call... This fixes the issue for HMAC algorithm but this is still a problem with the other algorithms, since we don't have a way of pre-loading files before the call. Another solution must be found to prevent disk IO with lua using other algorithms. Must be backported as far as 2.6.
2024-07-03 06:35:50 -04:00
alg = jwt_parse_alg(args[0].data.str.area, args[0].data.str.data);
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
MINOR: jwt: Add support for RSA-PSS signatures (PS256 algorithm) This patch adds the support for the PS algorithms when verifying JWT signatures (rsa-pss). It was not managed during the first implementation and previously raised an "Unmanaged algorithm" error. The tests use the same rsa signature as the plain rsa tests (RS256 ...) and the implementation simply adds a call to EVP_PKEY_CTX_set_rsa_padding in the function that manages rsa and ecdsa signatures. The signatures in the reg-test were built thanks to the PyJWT python library once again.
2023-03-07 11:43:57 -05:00
if (alg == JWT_ALG_DEFAULT) {
MINOR: jwt: Make invalid static JWT algorithms an error in `jwt_verify` converter It is not useful to start a configuration where an invalid static string is provided as the JWT algorithm. Better make the administrator aware of the suspected typo by failing to start.
2021-10-29 12:06:55 -04:00
memprintf(err, "unknown JWT algorithm: %s", args[0].data.str.area);
return 0;
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
}
}
if (args[1].type == ARGT_STR) {
BUG/MINOR: jwt: don't try to load files with HMAC algorithm When trying to use a HMAC algorithm (HS256, HS384, HS512) the sample_conv_jwt_verify_check() function of the converter tries to load a file even if it is only supposed to contain a secret instead of a path. When using lua, the check function is called at runtime so it even tries to load file at each call... This fixes the issue for HMAC algorithm but this is still a problem with the other algorithms, since we don't have a way of pre-loading files before the call. Another solution must be found to prevent disk IO with lua using other algorithms. Must be backported as far as 2.6.
2024-07-03 06:35:50 -04:00
switch (alg) {
JWS_ALG_HS256:
JWS_ALG_HS384:
JWS_ALG_HS512:
/* don't try to load a file with HMAC algorithms */
MAJOR: jwt: Allow certificate instead of public key in jwt_verify converter The 'jwt_verify' converter could only be passed public keys as second parameter instead of full-on public certificates. This patch allows proper certificates to be used. Those certificates can be loaded in ckch_stores like any other certificate which means that all the certificate-related operations that can be made via the CLI can now benefit JWT validation as well. We now have two ways JWT validation can work, the legacy one which only relies on public keys which could not be stored in ckch_stores without some in depth changes in the way the ckch_stores are built. In this legacy way, the public keys are fully stored in a cache dedicated to JWT only which does not have any CLI commands and any way to update them during runtime. It also requires that all the public keys used are passed at least once explicitely to the 'jwt_verify' converter so that they can be loaded during init. The new way uses actual certificates, either already stored in the ckch_store tree (if predefined in a crt-store or already used previously in the configuration) or loaded in the ckch_store tree during init if they are explicitely used in the configuration like so: var(txn.bearer),jwt_verify(txn.jwt_alg,"cert.pem") When using a variable (or any other way that can only be resolved during runtime) in place of the converter's <key> parameter, the first time we encounter a new value (for which we don't have any entry in the jwt tree) we will lock the ckch_store tree and try to perform a lookup in it. If the lookup fails, an entry will still be inserted into the jwt tree so that any following call with this value avoids performing the ckch_store tree lookup.
2025-06-30 10:56:26 -04:00
retval = 1;
BUG/MINOR: jwt: don't try to load files with HMAC algorithm When trying to use a HMAC algorithm (HS256, HS384, HS512) the sample_conv_jwt_verify_check() function of the converter tries to load a file even if it is only supposed to contain a secret instead of a path. When using lua, the check function is called at runtime so it even tries to load file at each call... This fixes the issue for HMAC algorithm but this is still a problem with the other algorithms, since we don't have a way of pre-loading files before the call. Another solution must be found to prevent disk IO with lua using other algorithms. Must be backported as far as 2.6.
2024-07-03 06:35:50 -04:00
break;
default:
MAJOR: jwt: Allow certificate instead of public key in jwt_verify converter The 'jwt_verify' converter could only be passed public keys as second parameter instead of full-on public certificates. This patch allows proper certificates to be used. Those certificates can be loaded in ckch_stores like any other certificate which means that all the certificate-related operations that can be made via the CLI can now benefit JWT validation as well. We now have two ways JWT validation can work, the legacy one which only relies on public keys which could not be stored in ckch_stores without some in depth changes in the way the ckch_stores are built. In this legacy way, the public keys are fully stored in a cache dedicated to JWT only which does not have any CLI commands and any way to update them during runtime. It also requires that all the public keys used are passed at least once explicitely to the 'jwt_verify' converter so that they can be loaded during init. The new way uses actual certificates, either already stored in the ckch_store tree (if predefined in a crt-store or already used previously in the configuration) or loaded in the ckch_store tree during init if they are explicitely used in the configuration like so: var(txn.bearer),jwt_verify(txn.jwt_alg,"cert.pem") When using a variable (or any other way that can only be resolved during runtime) in place of the converter's <key> parameter, the first time we encounter a new value (for which we don't have any entry in the jwt tree) we will lock the ckch_store tree and try to perform a lookup in it. If the lookup fails, an entry will still be inserted into the jwt tree so that any following call with this value avoids performing the ckch_store tree lookup.
2025-06-30 10:56:26 -04:00
retval = (jwt_tree_load_cert(args[1].data.str.area, args[1].data.str.data,
file, line, err) == 0);
BUG/MINOR: jwt: don't try to load files with HMAC algorithm When trying to use a HMAC algorithm (HS256, HS384, HS512) the sample_conv_jwt_verify_check() function of the converter tries to load a file even if it is only supposed to contain a secret instead of a path. When using lua, the check function is called at runtime so it even tries to load file at each call... This fixes the issue for HMAC algorithm but this is still a problem with the other algorithms, since we don't have a way of pre-loading files before the call. Another solution must be found to prevent disk IO with lua using other algorithms. Must be backported as far as 2.6.
2024-07-03 06:35:50 -04:00
break;
}
MAJOR: jwt: Allow certificate instead of public key in jwt_verify converter The 'jwt_verify' converter could only be passed public keys as second parameter instead of full-on public certificates. This patch allows proper certificates to be used. Those certificates can be loaded in ckch_stores like any other certificate which means that all the certificate-related operations that can be made via the CLI can now benefit JWT validation as well. We now have two ways JWT validation can work, the legacy one which only relies on public keys which could not be stored in ckch_stores without some in depth changes in the way the ckch_stores are built. In this legacy way, the public keys are fully stored in a cache dedicated to JWT only which does not have any CLI commands and any way to update them during runtime. It also requires that all the public keys used are passed at least once explicitely to the 'jwt_verify' converter so that they can be loaded during init. The new way uses actual certificates, either already stored in the ckch_store tree (if predefined in a crt-store or already used previously in the configuration) or loaded in the ckch_store tree during init if they are explicitely used in the configuration like so: var(txn.bearer),jwt_verify(txn.jwt_alg,"cert.pem") When using a variable (or any other way that can only be resolved during runtime) in place of the converter's <key> parameter, the first time we encounter a new value (for which we don't have any entry in the jwt tree) we will lock the ckch_store tree and try to perform a lookup in it. If the lookup fails, an entry will still be inserted into the jwt tree so that any following call with this value avoids performing the ckch_store tree lookup.
2025-06-30 10:56:26 -04:00
} else if (args[1].type == ARGT_VAR) {
/* We will try to resolve the var during runtime because the
* processing might work if it actually points to an already
* existing ckch_store.
*/
retval = 1;
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
}
MAJOR: jwt: Allow certificate instead of public key in jwt_verify converter The 'jwt_verify' converter could only be passed public keys as second parameter instead of full-on public certificates. This patch allows proper certificates to be used. Those certificates can be loaded in ckch_stores like any other certificate which means that all the certificate-related operations that can be made via the CLI can now benefit JWT validation as well. We now have two ways JWT validation can work, the legacy one which only relies on public keys which could not be stored in ckch_stores without some in depth changes in the way the ckch_stores are built. In this legacy way, the public keys are fully stored in a cache dedicated to JWT only which does not have any CLI commands and any way to update them during runtime. It also requires that all the public keys used are passed at least once explicitely to the 'jwt_verify' converter so that they can be loaded during init. The new way uses actual certificates, either already stored in the ckch_store tree (if predefined in a crt-store or already used previously in the configuration) or loaded in the ckch_store tree during init if they are explicitely used in the configuration like so: var(txn.bearer),jwt_verify(txn.jwt_alg,"cert.pem") When using a variable (or any other way that can only be resolved during runtime) in place of the converter's <key> parameter, the first time we encounter a new value (for which we don't have any entry in the jwt tree) we will lock the ckch_store tree and try to perform a lookup in it. If the lookup fails, an entry will still be inserted into the jwt tree so that any following call with this value avoids performing the ckch_store tree lookup.
2025-06-30 10:56:26 -04:00
return retval;
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
}
/* Check that a JWT's signature is correct */
static int sample_conv_jwt_verify(const struct arg *args, struct sample *smp, void *private)
{
struct sample alg_smp, key_smp;
BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs The jwt_verify converter was added in 2.5 with commit 130e142ee2 ("MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity"). It takes a string on input and returns an integer. It turns out that by presetting the return value to zero before processing contents, while the sample data is a union, it overwrites the beginning of the buffer struct passed on input. On a 64-bit arch it's not an issue because it's where the allocated size is stored and it's not used in the operation, which explains why the regtest works. But on 32-bit, both the size and the pointer are overwritten, causing a NULL pointer to be passed to jwt_tokenize() which is not designed to support this, hence crashes. Let's just use a temporary variable to hold the result and move the output sample initialization to the end of the function. This should be backported as far as 2.5.
2024-01-24 04:31:05 -05:00
enum jwt_vrfy_status ret;
BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter When resolving variable values the temporary trash chunks are used so when calling the 'jwt_verify' converter with two variable parameters like in the following line, the input would be overwritten by the value of the second parameter : var(txn.bearer),jwt_verify(txn.jwt_alg,txn.cert) Copying the values into dedicated alloc'ed buffers prevents any new call to get_trash_chunk from erasing the data we need in the converter. This patch can be backported up to 2.8.
2025-06-30 10:56:22 -04:00
struct buffer *input = NULL;
struct buffer *alg = NULL;
struct buffer *key = NULL;
int retval = 0;
/* The two following calls to 'sample_conv_var2smp_str' will both make
* use of the preallocated trash buffer (via get_trash_chunk call in
* smp_dup) which would end up erasing the contents of the 'smp' input
* buffer.
*/
input = alloc_trash_chunk();
if (!input)
return 0;
alg = alloc_trash_chunk();
if (!alg)
goto end;
key = alloc_trash_chunk();
if (!key)
goto end;
if (!chunk_cpy(input, &smp->data.u.str))
goto end;
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
smp_set_owner(&alg_smp, smp->px, smp->sess, smp->strm, smp->opt);
if (!sample_conv_var2smp_str(&args[0], &alg_smp))
BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter When resolving variable values the temporary trash chunks are used so when calling the 'jwt_verify' converter with two variable parameters like in the following line, the input would be overwritten by the value of the second parameter : var(txn.bearer),jwt_verify(txn.jwt_alg,txn.cert) Copying the values into dedicated alloc'ed buffers prevents any new call to get_trash_chunk from erasing the data we need in the converter. This patch can be backported up to 2.8.
2025-06-30 10:56:22 -04:00
goto end;
if (chunk_printf(alg, "%.*s", (int)b_data(&alg_smp.data.u.str), b_orig(&alg_smp.data.u.str)) <= 0)
goto end;
smp_set_owner(&key_smp, smp->px, smp->sess, smp->strm, smp->opt);
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
if (!sample_conv_var2smp_str(&args[1], &key_smp))
BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter When resolving variable values the temporary trash chunks are used so when calling the 'jwt_verify' converter with two variable parameters like in the following line, the input would be overwritten by the value of the second parameter : var(txn.bearer),jwt_verify(txn.jwt_alg,txn.cert) Copying the values into dedicated alloc'ed buffers prevents any new call to get_trash_chunk from erasing the data we need in the converter. This patch can be backported up to 2.8.
2025-06-30 10:56:22 -04:00
goto end;
if (chunk_printf(key, "%.*s", (int)b_data(&key_smp.data.u.str), b_orig(&key_smp.data.u.str)) <= 0)
goto end;
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter When resolving variable values the temporary trash chunks are used so when calling the 'jwt_verify' converter with two variable parameters like in the following line, the input would be overwritten by the value of the second parameter : var(txn.bearer),jwt_verify(txn.jwt_alg,txn.cert) Copying the values into dedicated alloc'ed buffers prevents any new call to get_trash_chunk from erasing the data we need in the converter. This patch can be backported up to 2.8.
2025-06-30 10:56:22 -04:00
ret = jwt_verify(input, alg, key);
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs The jwt_verify converter was added in 2.5 with commit 130e142ee2 ("MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity"). It takes a string on input and returns an integer. It turns out that by presetting the return value to zero before processing contents, while the sample data is a union, it overwrites the beginning of the buffer struct passed on input. On a 64-bit arch it's not an issue because it's where the allocated size is stored and it's not used in the operation, which explains why the regtest works. But on 32-bit, both the size and the pointer are overwritten, causing a NULL pointer to be passed to jwt_tokenize() which is not designed to support this, hence crashes. Let's just use a temporary variable to hold the result and move the output sample initialization to the end of the function. This should be backported as far as 2.5.
2024-01-24 04:31:05 -05:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = ret;
BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter When resolving variable values the temporary trash chunks are used so when calling the 'jwt_verify' converter with two variable parameters like in the following line, the input would be overwritten by the value of the second parameter : var(txn.bearer),jwt_verify(txn.jwt_alg,txn.cert) Copying the values into dedicated alloc'ed buffers prevents any new call to get_trash_chunk from erasing the data we need in the converter. This patch can be backported up to 2.8.
2025-06-30 10:56:22 -04:00
retval = 1;
end:
free_trash_chunk(input);
free_trash_chunk(alg);
free_trash_chunk(key);
return retval;
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
}
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
/*
* Returns the decoded header or payload of a JWT if no parameter is given, or
* the value of the specified field of the corresponding JWT subpart if a
* parameter is given.
*/
static int sample_conv_jwt_member_query(const struct arg *args, struct sample *smp,
void *private, enum jwt_elt member)
{
struct jwt_item items[JWT_ELT_MAX] = { { 0 } };
unsigned int item_num = member + 1; /* We don't need to tokenize the full token */
struct buffer *decoded_header = get_trash_chunk();
int retval = 0;
BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection This is the same as for commit 468c000db ("BUG/MEDIUM: jwt: fix base64 decoding error detection"), but for function sample_conv_jwt_member_query() that is used by sample converters jwt_header_query() and jwt_payload_query(). Thanks to Tim for the report. No backport is needed.
2021-10-15 06:10:24 -04:00
int ret;
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
jwt_tokenize(&smp->data.u.str, items, &item_num);
if (item_num < member + 1)
goto end;
BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection This is the same as for commit 468c000db ("BUG/MEDIUM: jwt: fix base64 decoding error detection"), but for function sample_conv_jwt_member_query() that is used by sample converters jwt_header_query() and jwt_payload_query(). Thanks to Tim for the report. No backport is needed.
2021-10-15 06:10:24 -04:00
ret = base64urldec(items[member].start, items[member].length,
decoded_header->area, decoded_header->size);
if (ret == -1)
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
goto end;
BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection This is the same as for commit 468c000db ("BUG/MEDIUM: jwt: fix base64 decoding error detection"), but for function sample_conv_jwt_member_query() that is used by sample converters jwt_header_query() and jwt_payload_query(). Thanks to Tim for the report. No backport is needed.
2021-10-15 06:10:24 -04:00
decoded_header->data = ret;
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
if (args[0].type != ARGT_STR) {
smp->data.u.str = *decoded_header;
smp->data.type = SMP_T_STR;
goto end;
}
/* We look for a specific field of the header or payload part of the JWT */
smp->data.u.str = *decoded_header;
retval = sample_conv_json_query(args, smp, private);
end:
return retval;
}
/* This function checks the "jwt_header_query" and "jwt_payload_query" converters' arguments.
* It is based on the "json_query" converter's check with the only difference
* being that the jwt converters can take 0 parameters as well.
*/
static int sample_conv_jwt_query_check(struct arg *arg, struct sample_conv *conv,
const char *file, int line, char **err)
{
if (arg[1].data.str.data != 0) {
if (strcmp(arg[1].data.str.area, "int") != 0) {
memprintf(err, "output_type only supports \"int\" as argument");
return 0;
} else {
arg[1].type = ARGT_SINT;
arg[1].data.sint = 0;
}
}
return 1;
}
/*
* If no parameter is given, return the decoded header part of a JWT (the first
* base64 encoded part, corresponding to the JOSE header).
* If a parameter is given, this converter acts as a "json_query" on this
* decoded JSON.
*/
static int sample_conv_jwt_header_query(const struct arg *args, struct sample *smp, void *private)
{
return sample_conv_jwt_member_query(args, smp, private, JWT_ELT_JOSE);
}
/*
* If no parameter is given, return the decoded payload part of a JWT (the
* second base64 encoded part, which contains all the claims). If a parameter
* is given, this converter acts as a "json_query" on this decoded JSON.
*/
static int sample_conv_jwt_payload_query(const struct arg *args, struct sample *smp, void *private)
{
return sample_conv_jwt_member_query(args, smp, private, JWT_ELT_CLAIMS);
}
#endif /* USE_OPENSSL */
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
/************************************************************************/
/* All supported sample fetch functions must be declared here */
/************************************************************************/
MINOR: sample: implement act_conn sample fetch Implement the act_conn sample fetch which is the same as %ac (actconn) in the log-format.
2023-07-12 12:05:25 -04:00
/* returns the actconn */
static int
smp_fetch_actconn(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = actconn;
return 1;
}
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
/* force TRUE to be returned at the fetch level */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_true(const struct arg *args, struct sample *smp, const char *kw, void *private)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{
MINOR: sample: add a new "concat" converter It's always a pain not to be able to combine variables. This commit introduces the "concat" converter, which appends a delimiter, a variable's contents and another delimiter to an existing string. The result is a string. This makes it easier to build composite variables made of other variables.
2018-02-19 09:34:12 -05:00
if (!smp_make_rw(smp))
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 1;
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 1;
}
/* force FALSE to be returned at the fetch level */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_false(const struct arg *args, struct sample *smp, const char *kw, void *private)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 1;
}
/* retrieve environment variable $1 as a string */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_env(const struct arg *args, struct sample *smp, const char *kw, void *private)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{
char *env;
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (args[0].type != ARGT_STR)
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 0;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
env = getenv(args[0].data.str.area);
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
if (!env)
return 0;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags The operations applied on types SMP_T_CSTR and SMP_T_STR are the same, but the check code and the declarations are double, because it must declare action for SMP_T_C* and SMP_T_*. The declared actions and checks are the same. this complexify the code. Only the "conv" functions can change from "C*" to "*" Now, if a function needs to modify input string, it can call the new function smp_dup(). This one duplicate data in a trash buffer.
2013-12-16 18:20:33 -05:00
smp->flags = SMP_F_CONST;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = env;
smp->data.u.str.data = strlen(env);
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
return 1;
}
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
/* Validates the data unit argument passed to "date" fetch. Argument 1 support an
* optional string representing the unit of the result: "s" for seconds, "ms" for
* milliseconds and "us" for microseconds.
* Returns 0 on error and non-zero if OK.
*/
int smp_check_date_unit(struct arg *args, char **err)
{
if (args[1].type == ARGT_STR) {
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
long long int unit;
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
if (strcmp(args[1].data.str.area, "s") == 0) {
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
unit = TIME_UNIT_S;
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
}
else if (strcmp(args[1].data.str.area, "ms") == 0) {
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
unit = TIME_UNIT_MS;
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
}
else if (strcmp(args[1].data.str.area, "us") == 0) {
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
unit = TIME_UNIT_US;
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
}
else {
memprintf(err, "expects 's', 'ms' or 'us', got '%s'",
args[1].data.str.area);
return 0;
}
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[1].data.str);
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
args[1].type = ARGT_SINT;
BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters Some sample fetches or sample converters uses a validation functions for their arguments. In these function, string arguments (ARGT_STR) may be converted to another type (for instance a regex, a variable or a integer). Because these strings are allocated when the argument list is built, they must be freed after a conversion. Most of time, it is done. But not always. This patch fixes these minor memory leaks (only on few strings, during the configuration parsing). This patch may be backported to all supported versions, most probably as far as 2.1 only. If this commit is backported, the previous one 73292e9e6 ("BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created") must also be backported. Note that some validation functions does not exists on old version. It should be easy to resolve conflicts.
2020-08-05 17:07:07 -04:00
args[1].data.sint = unit;
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
}
else if (args[1].type != ARGT_STOP) {
memprintf(err, "Unexpected arg type");
return 0;
}
return 1;
}
/* retrieve the current local date in epoch time, converts it to milliseconds
* or microseconds if asked to in optional args[1] unit param, and applies an
* optional args[0] offset.
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_date(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
{
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = date.tv_sec;
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
/* report in milliseconds */
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (args[1].type == ARGT_SINT && args[1].data.sint == TIME_UNIT_MS) {
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
smp->data.u.sint *= 1000;
smp->data.u.sint += date.tv_usec / 1000;
}
/* report in microseconds */
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
else if (args[1].type == ARGT_SINT && args[1].data.sint == TIME_UNIT_US) {
MINOR: sample: add us/ms support to date/http_date It can be sometimes interesting to have a timestamp with a resolution of less than a second. It is currently painful to obtain this, because concatenation of date and date_us lead to a shorter timestamp during first 100ms of a second, which is not parseable and needs ugly ACLs in configuration to prepend 0s when needed. To improve this, add an optional <unit> parameter to date sample to report an integer with desired unit. Also support this unit in http_date converter to report a date string with sub-second precision.
2019-10-30 11:57:28 -04:00
smp->data.u.sint *= 1000000;
smp->data.u.sint += date.tv_usec;
}
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
/* add offset */
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (args[0].type == ARGT_SINT)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint += args[0].data.sint;
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add a new "date" fetch to return the current date Returns the current date as the epoch (number of seconds since 01/01/1970). If an offset value is specified, then it is a number of seconds that is added to the current date before returning the value. This is particularly useful to compute relative dates, as both positive and negative offsets are allowed.
2013-07-25 08:28:25 -04:00
smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
return 1;
}
MINOR: sample: add date_us sample Add date_us sample that returns the microsecond part of the timeval structure representing the date of the structure. The "second" part of the timeval can already be fetched by the "date" sample
2018-01-17 07:43:24 -05:00
/* retrieve the current microsecond part of the date */
static int
smp_fetch_date_us(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.u.sint = date.tv_usec;
smp->data.type = SMP_T_SINT;
smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
return 1;
}
MINOR: Add hostname sample fetch It adds "hostname" as a new sample fetch. It does exactly the same as "%H" in a log format except that it can be used outside of log formats. Signed-off-by: Nenad Merdanovic <nmerdan@haproxy.com>
2017-03-12 17:00:00 -04:00
/* returns the hostname */
static int
smp_fetch_hostname(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = hostname;
smp->data.u.str.data = strlen(hostname);
MINOR: Add hostname sample fetch It adds "hostname" as a new sample fetch. It does exactly the same as "%H" in a log format except that it can be used outside of log formats. Signed-off-by: Nenad Merdanovic <nmerdan@haproxy.com>
2017-03-12 17:00:00 -04:00
return 1;
}
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
/* returns the number of processes */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_nbproc(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
CLEANUP: global: remove the nbproc field from the global structure Let's use 1 in the rare places where it was still referenced since it's now its only possible value.
2021-06-15 02:08:04 -04:00
smp->data.u.sint = 1;
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
return 1;
}
MINOR: sample: add pid sample Implement the pid sample fetch.
2023-07-12 11:43:26 -04:00
/* returns the PID of the current process */
static int
smp_fetch_pid(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = pid;
return 1;
}
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
/* returns the number of the current process (between 1 and nbproc */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_proc(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MEDIUM: global: remove the relative_pid from global and mworker The relative_pid is always 1. In mworker mode we also have a child->relative_pid which is always equalt relative_pid, except for a master (0) or external process (-1), but these types are usually tested for, except for one place that was amended to carefully check for the PROC_O_TYPE_WORKER option. Changes were pretty limited as most usages of relative_pid were for designating a process in stats output and peers protocol.
2021-06-15 03:08:18 -04:00
smp->data.u.sint = 1;
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
return 1;
}
MINOR: sample: Add "thread" sample fetch It returns id of the thread calling the function.
2017-11-21 15:45:38 -05:00
/* returns the number of the current thread (between 1 and nbthread */
static int
smp_fetch_thread(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = tid;
return 1;
}
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
/* generate a random 32-bit integer for whatever purpose, with an optional
* range specified in argument.
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_rand(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
{
MINOR: sample: make the rand() sample fetch function use the statistical_prng Emeric noticed that producing many randoms to fill a stick table was saturating on the rand_lock. Since 2.4 we have the statistical PRNG for low-quality randoms like this one, there is no point in using the one that was originally implemented for the purpose of creating safe UUIDs, since the doc itself clearly states that these randoms are not secure and they have not been in the past either. With this change, locking contention is completely gone.
2022-11-24 08:54:29 -05:00
smp->data.u.sint = statistical_prng();
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
/* reduce if needed. Don't do a modulo, use all bits! */
MINOR: sample: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it.
2021-01-29 05:29:28 -05:00
if (args[0].type == ARGT_SINT)
MINOR: sample: make all bits random on the rand() sample fetch The rand() sample fetch supports being limited to a certain range, but it only uses 31 bits and scales them as requested, which means that when the requested output range is larger than 31 bits, the least significant one is not random and may even be constant. Let's make use of the whole 32 bits now that we have access ot them.
2020-03-08 13:01:10 -04:00
smp->data.u.sint = ((u64)smp->data.u.sint * (u64)args[0].data.sint) >> 32;
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: sample: add a rand() sample fetch to return a sample. Sometimes it can be useful to generate a random value, at least for debugging purposes, but also to take routing decisions or to pass such a value to a backend server.
2014-02-14 05:59:04 -05:00
smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
return 1;
}
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
/* returns true if the current process is stopping */
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_stopping(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stopping;
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
return 1;
}
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
/* returns the number of calls of the current stream's process_stream() */
static int
smp_fetch_cpu_calls(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg and lat_ns_tot depend on the stream to find the current task and must check for it or they may cause a crash if misused or used in a log-format string after commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string"). This must be backported as far as 1.9.
2020-04-29 05:59:02 -04:00
if (!smp->strm)
return 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = smp->strm->task->calls;
return 1;
}
/* returns the average number of nanoseconds spent processing the stream per call */
static int
smp_fetch_cpu_ns_avg(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg and lat_ns_tot depend on the stream to find the current task and must check for it or they may cause a crash if misused or used in a log-format string after commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string"). This must be backported as far as 1.9.
2020-04-29 05:59:02 -04:00
if (!smp->strm)
return 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
smp->data.type = SMP_T_SINT;
MINOR: tasks: do not keep cpu and latency times in struct task It was a mistake to put these two fields in the struct task. This was added in 1.9 via commit 9efd7456e ("MEDIUM: tasks: collect per-task CPU time and latency"). These fields are used solely by streams in order to report the measurements via the lat_ns* and cpu_ns* sample fetch functions when task profiling is enabled. For the rest of the tasks, this is pure CPU waste when profiling is enabled, and memory waste 100% of the time, as the point where these latencies and usages are measured is in the profiling array. Let's move the fields to the stream instead, and have process_stream() retrieve the relevant info from the thread's context. The struct task is now back to 120 bytes, i.e. almost two cache lines, with 32 bit still available.
2022-09-07 03:17:45 -04:00
smp->data.u.sint = smp->strm->task->calls ? smp->strm->cpu_time / smp->strm->task->calls : 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
return 1;
}
/* returns the total number of nanoseconds spent processing the stream */
static int
smp_fetch_cpu_ns_tot(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg and lat_ns_tot depend on the stream to find the current task and must check for it or they may cause a crash if misused or used in a log-format string after commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string"). This must be backported as far as 1.9.
2020-04-29 05:59:02 -04:00
if (!smp->strm)
return 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
smp->data.type = SMP_T_SINT;
MINOR: tasks: do not keep cpu and latency times in struct task It was a mistake to put these two fields in the struct task. This was added in 1.9 via commit 9efd7456e ("MEDIUM: tasks: collect per-task CPU time and latency"). These fields are used solely by streams in order to report the measurements via the lat_ns* and cpu_ns* sample fetch functions when task profiling is enabled. For the rest of the tasks, this is pure CPU waste when profiling is enabled, and memory waste 100% of the time, as the point where these latencies and usages are measured is in the profiling array. Let's move the fields to the stream instead, and have process_stream() retrieve the relevant info from the thread's context. The struct task is now back to 120 bytes, i.e. almost two cache lines, with 32 bit still available.
2022-09-07 03:17:45 -04:00
smp->data.u.sint = smp->strm->cpu_time;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
return 1;
}
/* returns the average number of nanoseconds per call spent waiting for other tasks to be processed */
static int
smp_fetch_lat_ns_avg(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg and lat_ns_tot depend on the stream to find the current task and must check for it or they may cause a crash if misused or used in a log-format string after commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string"). This must be backported as far as 1.9.
2020-04-29 05:59:02 -04:00
if (!smp->strm)
return 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
smp->data.type = SMP_T_SINT;
MINOR: tasks: do not keep cpu and latency times in struct task It was a mistake to put these two fields in the struct task. This was added in 1.9 via commit 9efd7456e ("MEDIUM: tasks: collect per-task CPU time and latency"). These fields are used solely by streams in order to report the measurements via the lat_ns* and cpu_ns* sample fetch functions when task profiling is enabled. For the rest of the tasks, this is pure CPU waste when profiling is enabled, and memory waste 100% of the time, as the point where these latencies and usages are measured is in the profiling array. Let's move the fields to the stream instead, and have process_stream() retrieve the relevant info from the thread's context. The struct task is now back to 120 bytes, i.e. almost two cache lines, with 32 bit still available.
2022-09-07 03:17:45 -04:00
smp->data.u.sint = smp->strm->task->calls ? smp->strm->lat_time / smp->strm->task->calls : 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
return 1;
}
/* returns the total number of nanoseconds per call spent waiting for other tasks to be processed */
static int
smp_fetch_lat_ns_tot(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg and lat_ns_tot depend on the stream to find the current task and must check for it or they may cause a crash if misused or used in a log-format string after commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string"). This must be backported as far as 1.9.
2020-04-29 05:59:02 -04:00
if (!smp->strm)
return 0;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
smp->data.type = SMP_T_SINT;
MINOR: tasks: do not keep cpu and latency times in struct task It was a mistake to put these two fields in the struct task. This was added in 1.9 via commit 9efd7456e ("MEDIUM: tasks: collect per-task CPU time and latency"). These fields are used solely by streams in order to report the measurements via the lat_ns* and cpu_ns* sample fetch functions when task profiling is enabled. For the rest of the tasks, this is pure CPU waste when profiling is enabled, and memory waste 100% of the time, as the point where these latencies and usages are measured is in the profiling array. Let's move the fields to the stream instead, and have process_stream() retrieve the relevant info from the thread's context. The struct task is now back to 120 bytes, i.e. almost two cache lines, with 32 bit still available.
2022-09-07 03:17:45 -04:00
smp->data.u.sint = smp->strm->lat_time;
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
return 1;
}
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
static int smp_fetch_const_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->flags |= SMP_F_CONST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_STR;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = args[0].data.str.area;
smp->data.u.str.data = args[0].data.str.data;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_check_const_bool(struct arg *args, char **err)
{
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (strcasecmp(args[0].data.str.area, "true") == 0 ||
strcasecmp(args[0].data.str.area, "1") == 0) {
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[0].data.str);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
args[0].type = ARGT_SINT;
args[0].data.sint = 1;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (strcasecmp(args[0].data.str.area, "false") == 0 ||
strcasecmp(args[0].data.str.area, "0") == 0) {
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[0].data.str);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
args[0].type = ARGT_SINT;
args[0].data.sint = 0;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
memprintf(err, "Expects 'true', 'false', '0' or '1'");
return 0;
}
static int smp_fetch_const_bool(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = args[0].data.sint;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
static int smp_fetch_const_int(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = args[0].data.sint;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_fetch_const_ipv4(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV4;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv4 = args[0].data.ipv4;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_fetch_const_ipv6(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_IPV6;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.ipv6 = args[0].data.ipv6;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_check_const_bin(struct arg *args, char **err)
{
BUG/MEDIUM: sample: initialize the pointer before parse_binary call. parse_binary line 2025 checks the nullity of binstr parameter. Other calls of parse_binary properly zeroify this parameter. [wt: this could result in random failures of the const parser]
2016-04-08 05:37:02 -04:00
char *binstr = NULL;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
int binstrlen;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
if (!parse_binary(args[0].data.str.area, &binstr, &binstrlen, err))
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 0;
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[0].data.str);
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
args[0].type = ARGT_STR;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
args[0].data.str.area = binstr;
args[0].data.str.data = binstrlen;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_fetch_const_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->flags |= SMP_F_CONST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BIN;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.str.area = args[0].data.str.area;
smp->data.u.str.data = args[0].data.str.data;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
return 1;
}
static int smp_check_const_meth(struct arg *args, char **err)
{
enum http_meth_t meth;
int i;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
meth = find_http_meth(args[0].data.str.area, args[0].data.str.data);
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
if (meth != HTTP_METH_OTHER) {
MINOR: arg: Use chunk_destroy() to release string arguments This way, all fields of the buffer structure are reset when a string argument (ARGT_STR) is released. It is also a good way to explicitly specify this kind of argument is a chunk. So .data and .size fields must be set. This patch may be backported to ease backports.
2020-08-07 05:45:18 -04:00
chunk_destroy(&args[0].data.str);
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
args[0].type = ARGT_SINT;
args[0].data.sint = meth;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
} else {
CLEANUP: assorted typo fixes in the code and comments This is 37th iteration of typo fixes
2023-11-21 13:54:16 -05:00
/* Check method availability. A method is a token defined as :
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
* tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
* "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
* token = 1*tchar
*/
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
for (i = 0; i < args[0].data.str.data; i++) {
if (!HTTP_IS_TOKEN(args[0].data.str.area[i])) {
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
memprintf(err, "expects valid method.");
return 0;
}
}
}
return 1;
}
static int smp_fetch_const_meth(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_METH;
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
if (args[0].type == ARGT_SINT) {
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
smp->flags &= ~SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.meth.meth = args[0].data.sint;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.meth.str.area = "";
smp->data.u.meth.str.data = 0;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
} else {
smp->flags |= SMP_F_CONST;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.meth.meth = HTTP_METH_OTHER;
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
smp->data.u.meth.str.area = args[0].data.str.area;
smp->data.u.meth.str.data = args[0].data.str.data;
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
}
return 1;
}
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
// This function checks the "uuid" sample's arguments.
// Function won't get called when no parameter is specified (maybe a bug?)
static int smp_check_uuid(struct arg *args, char **err)
{
if (!args[0].type) {
args[0].type = ARGT_SINT;
args[0].data.sint = 4;
MINOR: Add support for UUIDv7 to the `uuid` sample fetch This adds support for UUIDv7 to the existing `uuid` sample fetch that was added in 8a694b859cf98f8b0855b4aa5a50ebf64b501215.
2024-04-19 15:01:27 -04:00
} else {
switch (args[0].data.sint) {
case 4:
case 7:
break;
default:
memprintf(err, "Unsupported UUID version: '%lld'", args[0].data.sint);
return 0;
}
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
}
return 1;
}
DOC: Update UUID references to RFC 9562 When support for UUIDv7 was added in commit aab6477b67415c4cc260bba5df359fa2e6f49733 the specification still was a draft. It has since been published as RFC 9562. This patch updates all UUID references from the obsoleted RFC 4122 and the draft for RFC 9562 to the published RFC 9562.
2024-05-12 11:08:34 -04:00
// Generate a RFC 9562 UUID (default is v4 = fully random)
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
static int smp_fetch_uuid(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MINOR: Add support for UUIDv7 to the `uuid` sample fetch This adds support for UUIDv7 to the existing `uuid` sample fetch that was added in 8a694b859cf98f8b0855b4aa5a50ebf64b501215.
2024-04-19 15:01:27 -04:00
long long int type = -1;
if (!args[0].type) {
type = 4;
} else {
type = args[0].data.sint;
}
switch (type) {
case 4:
MINOR: tools: Rename `ha_generate_uuid` to `ha_generate_uuid_v4` This is in preparation of adding support for other UUID versions.
2024-04-19 15:01:25 -04:00
ha_generate_uuid_v4(&trash);
MINOR: Add support for UUIDv7 to the `uuid` sample fetch This adds support for UUIDv7 to the existing `uuid` sample fetch that was added in 8a694b859cf98f8b0855b4aa5a50ebf64b501215.
2024-04-19 15:01:27 -04:00
break;
case 7:
ha_generate_uuid_v7(&trash);
break;
default:
return 0;
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
}
MINOR: Add support for UUIDv7 to the `uuid` sample fetch This adds support for UUIDv7 to the existing `uuid` sample fetch that was added in 8a694b859cf98f8b0855b4aa5a50ebf64b501215.
2024-04-19 15:01:27 -04:00
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_VOL_TEST | SMP_F_MAY_CHANGE;
smp->data.u.str = trash;
return 1;
MINOR: sample: Add UUID-fetch Adds the fetch uuid(int). It returns a UUID following the format of version 4 in the RFC4122 standard. New feature, but could be backported.
2019-09-10 09:42:52 -04:00
}
MINOR: sample: implement the uptime sample fetch 'uptime' returns the uptime of the current HAProxy worker in seconds.
2024-05-27 05:06:40 -04:00
/* returns the uptime in seconds */
static int
smp_fetch_uptime(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_SINT;
smp->data.u.sint = ns_to_sec(now_ns - start_time_ns);
return 1;
}
MINOR: sample: Add "quic_enabled" sample fetch This sample fetch returns a boolean. True if the support for QUIC transport protocol was built and if this protocol was not disabled by "no-quic" global option. Must be backported to 2.7.
2023-01-12 11:55:45 -05:00
/* Check if QUIC support was compiled and was not disabled by "no-quic" global option */
static int smp_fetch_quic_enabled(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
smp->data.type = SMP_T_BOOL;
smp->flags = 0;
#ifdef USE_QUIC
smp->data.u.sint = !(global.tune.options & GTUNE_NO_QUIC);
#else
smp->data.u.sint = 0;
#endif
return smp->data.u.sint;
}
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
/* Timing events re{q,s}.timer. */
static int smp_fetch_reX_timers(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct strm_logs *logs;
int t_request = -1;
if (!smp->strm)
return 0;
smp->data.type = SMP_T_SINT;
smp->flags = 0;
logs = &smp->strm->logs;
if ((llong)(logs->request_ts - logs->accept_ts) >= 0)
t_request = ns_to_ms(logs->request_ts - logs->accept_ts);
/* req.timer. */
if (kw[2] == 'q') {
switch (kw[10]) {
/* req.timer.idle (%Ti) */
case 'i':
smp->data.u.sint = logs->t_idle;
break;
/* req.timer.tq (%Tq) */
case 't':
smp->data.u.sint = t_request;
break;
/* req.timer.hdr (%TR) */
case 'h':
smp->data.u.sint = (t_request >= 0) ? t_request - logs->t_idle - logs->t_handshake : -1;
break;
/* req.timer.queue (%Tw) */
case 'q':
smp->data.u.sint = (logs->t_queue >= 0) ? logs->t_queue - t_request : -1;
break;
default:
goto error;
}
} else {
/* res.timer. */
switch (kw[10]) {
/* res.timer.hdr (%Tr) */
case 'h':
smp->data.u.sint = (logs->t_data >= 0) ? logs->t_data - logs->t_connect : -1;
break;
/* res.timer.data (%Td) */
case 'd':
smp->data.u.sint = (logs->t_data >= 0) ? logs->t_close - logs->t_data : -1;
break;
default:
goto error;
}
}
return 1;
error:
return 0;
}
/* Timing events txn. */
static int smp_fetch_txn_timers(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct strm_logs *logs;
if (!smp->strm)
return 0;
smp->data.type = SMP_T_SINT;
smp->flags = 0;
logs = &smp->strm->logs;
/* txn.timer. */
switch (kw[10]) {
/* txn.timer.total (%Ta) */
case 't':
smp->data.u.sint = logs->t_close - (logs->t_idle >= 0 ? logs->t_idle + logs->t_handshake : 0);
break;
/* txn.timer.user (%Tu) */
case 'u':
smp->data.u.sint = logs->t_close - (logs->t_idle >= 0 ? logs->t_idle : 0);
break;
default:
goto error;
}
return 1;
error:
return 0;
}
MINOR: sample: implement bc_{be,srv}_queue samples %[bc_be_queue] and %[bc_srv_queue] are equivalent to %bq and %sq tags in log-format.
2024-02-07 04:55:22 -05:00
/* Server conn queueing infos - bc_{be,srv}_queue */
static int smp_fetch_conn_queues(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct strm_logs *logs;
if (!smp->strm)
return 0;
smp->data.type = SMP_T_SINT;
smp->flags = 0;
logs = &smp->strm->logs;
if (kw[3] == 'b') {
/* bc_be_queue */
smp->data.u.sint = logs->prx_queue_pos;
}
else {
/* bc_srv_queue */
smp->data.u.sint = logs->srv_queue_pos;
}
return 1;
}
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
/* Timing events {f,bc}.timer. */
static int smp_fetch_conn_timers(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct strm_logs *logs;
if (!smp->strm)
return 0;
smp->data.type = SMP_T_SINT;
smp->flags = 0;
logs = &smp->strm->logs;
if (kw[0] == 'b') {
/* fc.timer. */
switch (kw[9]) {
/* bc.timer.connect (%Tc) */
case 'c':
smp->data.u.sint = (logs->t_connect >= 0) ? logs->t_connect - logs->t_queue : -1;
break;
default:
goto error;
}
} else {
/* fc.timer. */
switch (kw[9]) {
/* fc.timer.handshake (%Th) */
case 'h':
smp->data.u.sint = logs->t_handshake;
break;
/* fc,timer.total (%Tt) */
case 't':
smp->data.u.sint = logs->t_close;
break;
default:
goto error;
}
}
return 1;
error:
return 0;
}
MINOR: samples: implement bytes_in and bytes_out samples %[bytes_in] and %[bytes_out] are equivalent to %U and %B tags in log-format.
2023-08-23 10:45:05 -04:00
/* bytes_{in,out} */
static int smp_fetch_bytes(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct strm_logs *logs;
if (!smp->strm)
return 0;
smp->data.type = SMP_T_SINT;
smp->flags = 0;
logs = &smp->strm->logs;
if (!logs)
return 0;
if (kw[6] == 'i') { /* bytes_in */
smp->data.u.sint = logs->bytes_in;
} else { /* bytes_out */
smp->data.u.sint = logs->bytes_out;
}
return 1;
}
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
static int sample_conv_bytes_check(struct arg *args, struct sample_conv *conv,
const char *file, int line, char **err)
{
// arg0 is not optional, must be >= 0
if (!check_operator(&args[0], conv, file, line, err)) {
return 0;
}
if (args[0].type != ARGT_VAR) {
if (args[0].type != ARGT_SINT || args[0].data.sint < 0) {
memprintf(err, "expects a non-negative integer");
return 0;
}
}
// arg1 is optional, must be > 0
if (args[1].type != ARGT_STOP) {
if (!check_operator(&args[1], conv, file, line, err)) {
return 0;
}
if (args[1].type != ARGT_VAR) {
if (args[1].type != ARGT_SINT || args[1].data.sint <= 0) {
memprintf(err, "expects a positive integer");
return 0;
}
}
}
return 1;
}
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
static struct sample_fetch_kw_list smp_logs_kws = {ILH, {
MINOR: samples: implement bytes_in and bytes_out samples %[bytes_in] and %[bytes_out] are equivalent to %U and %B tags in log-format.
2023-08-23 10:45:05 -04:00
{ "bytes_in", smp_fetch_bytes, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "bytes_out", smp_fetch_bytes, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
{ "txn.timer.total", smp_fetch_txn_timers, 0, NULL, SMP_T_SINT, SMP_USE_TXFIN }, /* "Ta" */
{ "txn.timer.user", smp_fetch_txn_timers, 0, NULL, SMP_T_SINT, SMP_USE_TXFIN }, /* "Tu" */
{ "bc.timer.connect", smp_fetch_conn_timers, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV }, /* "Tc" */
MINOR: sample: implement bc_{be,srv}_queue samples %[bc_be_queue] and %[bc_srv_queue] are equivalent to %bq and %sq tags in log-format.
2024-02-07 04:55:22 -05:00
{ "bc_be_queue", smp_fetch_conn_queues, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV }, /* "bq" */
{ "bc_srv_queue", smp_fetch_conn_queues, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV }, /* "sq" */
MINOR: sample: implement the T* timer tags from the log-format as fetches This commit implements the following timer tags available in the log format as sample fetches: req.timer.idle (%Ti) req.timer.tq (%Tq) req.timer.hdr (%TR) req.timer.queue (%Tw) res.timer.hdr (%Tr) res.timer.user (%Tu) txn.timer.total (%Ta) txn.timer.data (%Td) bc.timer.connect (%Tc) fc.timer.handshake (%Th) fc.timer.total (%Tt)
2023-07-03 05:28:43 -04:00
{ "fc.timer.handshake", smp_fetch_conn_timers, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI }, /* "Th" */
{ "fc.timer.total", smp_fetch_conn_timers, 0, NULL, SMP_T_SINT, SMP_USE_SSFIN }, /* "Tt" */
{ "req.timer.idle", smp_fetch_reX_timers, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV }, /* "Ti" */
{ "req.timer.tq", smp_fetch_reX_timers, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV }, /* "Tq" */
{ "req.timer.hdr", smp_fetch_reX_timers, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV }, /* "TR" */
{ "req.timer.queue", smp_fetch_reX_timers, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV }, /* "Tw" */
{ "res.timer.data", smp_fetch_reX_timers, 0, NULL, SMP_T_SINT, SMP_USE_RSFIN }, /* "Td" */
{ "res.timer.hdr", smp_fetch_reX_timers, 0, NULL, SMP_T_SINT, SMP_USE_HRSHV }, /* "Tr" */
{ /* END */ },
}};
INITCALL1(STG_REGISTER, sample_register_fetches, &smp_logs_kws);
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
/* Note: must not be declared <const> as its list will be overwritten.
MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR Historically, the ADDR pseudo-type did not exist. So when IPV6 support was added to existing IPV4 sample fetches (e.g.: src,dst,hdr_ip...) the expected out_type in related sample definitions was left on IPV4 because it was required to declare the out_type as the lowest common denominator (the type that can be casted into all other ones) to make compatibility checks at parse time work properly. However, now that ADDR pseudo-type may safely be used as out_type since ("MEDIUM: sample: add missing ADDR=>? compatibility matrix entries"), we can use ADDR for fetches that may output both IPV4 and IPV6 at runtime. One added benefit on top of making the code less confusing is that 'haproxy -dKsmp' output will now show "addr" instead of "ipv4" for such fetches, so the 'haproxy -dKsmp' output better complies with the fetches signatures from the documentation. out_ip fetch, which returns an ip according to the doc, was purposely left as is (returning IPV4) since the smp_fetch_url_ip() implementation forces output type to IPV4 anyway, and since this is an historical fetch I prefer not to touch it to prevent any regression. However if smp_fetch_url_ip() were to be fixed to also return IPV6 in the future, then its expected out_type may be changed to ADDR as well. Multiple notes in the code were updated to mention that the appropriate pseudo-type may be used instead of the lowest common denominator for out_type when available.
2023-06-07 09:55:13 -04:00
* Note: fetches that may return multiple types should be declared using the
* appropriate pseudo-type. If not available it must be declared as the lowest
* common denominator, the type that can be casted into all other ones.
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
*/
static struct sample_fetch_kw_list smp_kws = {ILH, {
MINOR: sample: implement act_conn sample fetch Implement the act_conn sample fetch which is the same as %ac (actconn) in the log-format.
2023-07-12 12:05:25 -04:00
{ "act_conn", smp_fetch_actconn, 0, NULL, SMP_T_SINT, SMP_USE_CONST },
MINOR: sample: mark the truly constant sample fetch keywords as such A number of keywords are really constant and safe to use at config time. This is the case for str(), int() etc but also env(), hostname(), nbproc() etc. By extension a few other ones which can be useful to preset values in a configuration were enabled as well, like data(), rand() or uuid(). At the moment this doesn't change anything as they are still only usable from runtime rules. The "var()" keyword was also marked as const as it can definitely return stable stuff at boot time.
2021-03-26 07:03:11 -04:00
{ "always_false", smp_fetch_false, 0, NULL, SMP_T_BOOL, SMP_USE_CONST },
{ "always_true", smp_fetch_true, 0, NULL, SMP_T_BOOL, SMP_USE_CONST },
{ "env", smp_fetch_env, ARG1(1,STR), NULL, SMP_T_STR, SMP_USE_CONST },
{ "date", smp_fetch_date, ARG2(0,SINT,STR), smp_check_date_unit, SMP_T_SINT, SMP_USE_CONST },
{ "date_us", smp_fetch_date_us, 0, NULL, SMP_T_SINT, SMP_USE_CONST },
{ "hostname", smp_fetch_hostname, 0, NULL, SMP_T_STR, SMP_USE_CONST },
{ "nbproc", smp_fetch_nbproc,0, NULL, SMP_T_SINT, SMP_USE_CONST },
MINOR: sample: add pid sample Implement the pid sample fetch.
2023-07-12 11:43:26 -04:00
{ "pid", smp_fetch_pid, 0, NULL, SMP_T_SINT, SMP_USE_CONST },
MINOR: sample: mark the truly constant sample fetch keywords as such A number of keywords are really constant and safe to use at config time. This is the case for str(), int() etc but also env(), hostname(), nbproc() etc. By extension a few other ones which can be useful to preset values in a configuration were enabled as well, like data(), rand() or uuid(). At the moment this doesn't change anything as they are still only usable from runtime rules. The "var()" keyword was also marked as const as it can definitely return stable stuff at boot time.
2021-03-26 07:03:11 -04:00
{ "proc", smp_fetch_proc, 0, NULL, SMP_T_SINT, SMP_USE_CONST },
MINOR: sample: Add "quic_enabled" sample fetch This sample fetch returns a boolean. True if the support for QUIC transport protocol was built and if this protocol was not disabled by "no-quic" global option. Must be backported to 2.7.
2023-01-12 11:55:45 -05:00
{ "quic_enabled", smp_fetch_quic_enabled, 0, NULL, SMP_T_BOOL, SMP_USE_CONST },
MINOR: sample: mark the truly constant sample fetch keywords as such A number of keywords are really constant and safe to use at config time. This is the case for str(), int() etc but also env(), hostname(), nbproc() etc. By extension a few other ones which can be useful to preset values in a configuration were enabled as well, like data(), rand() or uuid(). At the moment this doesn't change anything as they are still only usable from runtime rules. The "var()" keyword was also marked as const as it can definitely return stable stuff at boot time.
2021-03-26 07:03:11 -04:00
{ "thread", smp_fetch_thread, 0, NULL, SMP_T_SINT, SMP_USE_CONST },
{ "rand", smp_fetch_rand, ARG1(0,SINT), NULL, SMP_T_SINT, SMP_USE_CONST },
MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) Sometimes, either for debugging or for logging we'd like to have a bit of information about the running process. Here are 3 new fetches for this : nbproc : integer Returns an integer value corresponding to the number of processes that were started (it equals the global "nbproc" setting). This is useful for logging and debugging purposes. proc : integer Returns an integer value corresponding to the position of the process calling the function, between 1 and global.nbproc. This is useful for logging and debugging purposes. stopping : boolean Returns TRUE if the process calling the function is currently stopping. This can be useful for logging, or for relaxing certain checks or helping close certain connections upon graceful shutdown.
2014-11-24 10:02:05 -05:00
{ "stopping", smp_fetch_stopping, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
MINOR: sample: implement the uptime sample fetch 'uptime' returns the uptime of the current HAProxy worker in seconds.
2024-05-27 05:06:40 -04:00
{ "uptime", smp_fetch_uptime, 0, NULL, SMP_T_SINT, SMP_USE_CONST },
MINOR: sample: mark the truly constant sample fetch keywords as such A number of keywords are really constant and safe to use at config time. This is the case for str(), int() etc but also env(), hostname(), nbproc() etc. By extension a few other ones which can be useful to preset values in a configuration were enabled as well, like data(), rand() or uuid(). At the moment this doesn't change anything as they are still only usable from runtime rules. The "var()" keyword was also marked as const as it can definitely return stable stuff at boot time.
2021-03-26 07:03:11 -04:00
{ "uuid", smp_fetch_uuid, ARG1(0, SINT), smp_check_uuid, SMP_T_STR, SMP_USE_CONST },
MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot These sample fetch keywords report performance metrics about the task calling them. They are useful to report in logs which requests consume too much CPU time and what negative performane impact it has on other requests. Typically logging cpu_ns_avg and lat_ns_avg will show culprits and victims.
2018-11-22 10:07:39 -05:00
{ "cpu_calls", smp_fetch_cpu_calls, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "cpu_ns_avg", smp_fetch_cpu_ns_avg, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "cpu_ns_tot", smp_fetch_cpu_ns_tot, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "lat_ns_avg", smp_fetch_lat_ns_avg, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
{ "lat_ns_tot", smp_fetch_lat_ns_tot, 0, NULL, SMP_T_SINT, SMP_USE_INTRN },
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
MINOR: sample: mark the truly constant sample fetch keywords as such A number of keywords are really constant and safe to use at config time. This is the case for str(), int() etc but also env(), hostname(), nbproc() etc. By extension a few other ones which can be useful to preset values in a configuration were enabled as well, like data(), rand() or uuid(). At the moment this doesn't change anything as they are still only usable from runtime rules. The "var()" keyword was also marked as const as it can definitely return stable stuff at boot time.
2021-03-26 07:03:11 -04:00
{ "str", smp_fetch_const_str, ARG1(1,STR), NULL , SMP_T_STR, SMP_USE_CONST },
{ "bool", smp_fetch_const_bool, ARG1(1,STR), smp_check_const_bool, SMP_T_BOOL, SMP_USE_CONST },
{ "int", smp_fetch_const_int, ARG1(1,SINT), NULL , SMP_T_SINT, SMP_USE_CONST },
{ "ipv4", smp_fetch_const_ipv4, ARG1(1,IPV4), NULL , SMP_T_IPV4, SMP_USE_CONST },
{ "ipv6", smp_fetch_const_ipv6, ARG1(1,IPV6), NULL , SMP_T_IPV6, SMP_USE_CONST },
{ "bin", smp_fetch_const_bin, ARG1(1,STR), smp_check_const_bin , SMP_T_BIN, SMP_USE_CONST },
{ "meth", smp_fetch_const_meth, ARG1(1,STR), smp_check_const_meth, SMP_T_METH, SMP_USE_CONST },
MINOR: samples: add samples which returns constants This patch adds sample which returns constants values. This is useful for intialising variables.
2015-06-06 13:30:17 -04:00
CLEANUP: acl: move the 3 remaining sample fetches to samples.c There is no more reason for having "always_true", "always_false" and "env" in acl.c while they're the most basic sample fetch keywords, so let's move them to sample.c where it's easier to find them.
2013-07-25 06:17:57 -04:00
{ /* END */ },
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, sample_register_fetches, &smp_kws);
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
/* Note: must not be declared <const> as its list will be overwritten */
BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS Benoit Dolez reported a failure to start haproxy 1.5-dev19. The process would immediately report an internal error with missing fetches from some crap instead of ACL names. The cause is that some versions of gcc seem to trim static structs containing a variable array when moving them to BSS, and only keep the fixed size, which is just a list head for all ACL and sample fetch keywords. This was confirmed at least with gcc 3.4.6. And we can't move these structs to const because they contain a list element which is needed to link all of them together during the parsing. The bug indeed appeared with 1.5-dev19 because it's the first one to have some empty ACL keyword lists. One solution is to impose -fno-zero-initialized-in-bss to everyone but this is not really nice. Another solution consists in ensuring the struct is never empty so that it does not move there. The easy solution consists in having a non-null list head since it's not yet initialized. A new "ILH" list head type was thus created for this purpose : create an Initialized List Head so that gcc cannot move the struct to BSS. This fixes the issue for this version of gcc and does not create any burden for the declarations.
2013-06-21 17:16:39 -04:00
static struct sample_conv_kw_list sample_conv_kws = {ILH, {
MINOR: sample: converter: Add add_item convertor This new converter is similar to the concat converter and can be used to build new variables made of a succession of other variables but the main difference is that it does the checks if adding a delimiter makes sense as wouldn't be the case if e.g the current input sample is empty. That situation would require 2 separate rules using concat converter where the first rule would have to check if the current sample string is empty before adding a delimiter. This resolves GitHub Issue #1621.
2022-04-03 12:11:53 -04:00
{ "add_item",sample_conv_add_item, ARG3(2,STR,STR,STR), smp_check_add_item, SMP_T_STR, SMP_T_STR },
MEDIUM: sample: introduce 'same' output type Thierry Fournier reported an annoying side-effect when using the debug() converter. Consider the following examples: [1] http-request set-var(txn.test) bool(true),ipmask(24) [2] http-request redirect location /match if { bool(true),ipmask(32) } When starting haproxy with [1] example we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request set-var(txn.test)' rule : converter 'ipmask' cannot be applied. With [2], we get: config : parsing [test.conf:XX] : error detected in frontend 'fe' while parsing 'http-request redirect' rule : error in condition: converter 'ipmask' cannot be applied in ACL expression 'bool(true),ipmask(32)'. Now consider the following examples which are based on [1] and [2] but with the debug() sample conv inserted in-between those incompatible sample types: [1*] http-request set-var(txn.test) bool(true),debug,ipmask(24) [2*] http-request redirect location /match if { bool(true),debug,ipmask(32) } According to the documentation, "it is safe to insert the debug converter anywhere in a chain, even with non-printable sample types". Thus we don't expect any side-effect from using it within a chain. However in current implementation, because of debug() returning SMP_T_ANY type which is a pseudo type (only resolved at runtime), the sample compatibility checks performed at parsing time are completely uneffective. (haproxy will start and no warning will be emitted) The indesirable effect of this is that debug() prevents haproxy from warning you about impossible type conversions, hiding potential errors in the configuration that could result to unexpected evaluation or logic while serving live traffic. We better let haproxy warn you about this kind of errors when it has the chance. With our previous examples, this could cause some inconveniences. Let's say for example that you are testing a configuration prior to deploying it. When testing the config you might want to use debug() converter from time to time to check how the conversion chain behaves. Now after deploying the exact same conf, you might want to remove those testing debug() statements since they are no longer relevant.. but removing them could "break" the config and suddenly prevent haproxy from starting upon reload/restart. (this is the expected behavior, but it comes a bit too late because of debug() hiding errors during tests..) To fix this, we introduce a new output type for sample expressions: SMP_T_SAME - may only be used as "expected" out_type (parsing time) for sample converters. As it name implies, it is a way for the developpers to indicate that the resulting converter's output type is guaranteed to match the type of the sample that is presented on the converter's input side. (converter may alter data content, but data type must not be changed) What it does is that it tells haproxy that if switching to the converter (by looking at the converter's input only, since outype is SAME) is conversion-free, then the converter type can safely be ignored for type compatibility checks within the chain. debug()'s out_type is thus set to SMP_T_SAME instead of ANY, which allows it to fully comply with the doc in the sense that it does not impact the conversion chain when inserted between sample items. Co-authored-by: Thierry Fournier <thierry.f.78@gmail.com>
2023-05-30 10:34:39 -04:00
{ "debug", sample_conv_debug, ARG2(0,STR,STR), smp_check_debug, SMP_T_ANY, SMP_T_SAME },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "b64dec", sample_conv_base642bin, 0, NULL, SMP_T_STR, SMP_T_BIN },
{ "base64", sample_conv_bin2base64, 0, NULL, SMP_T_BIN, SMP_T_STR },
MINOR: sample: converter: Add add_item convertor This new converter is similar to the concat converter and can be used to build new variables made of a succession of other variables but the main difference is that it does the checks if adding a delimiter makes sense as wouldn't be the case if e.g the current input sample is empty. That situation would require 2 separate rules using concat converter where the first rule would have to check if the current sample string is empty before adding a delimiter. This resolves GitHub Issue #1621.
2022-04-03 12:11:53 -04:00
{ "concat", sample_conv_concat, ARG3(1,STR,STR,STR), smp_check_concat, SMP_T_STR, SMP_T_STR },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "ub64enc", sample_conv_bin2base64url,0, NULL, SMP_T_BIN, SMP_T_STR },
{ "ub64dec", sample_conv_base64url2bin,0, NULL, SMP_T_STR, SMP_T_BIN },
{ "upper", sample_conv_str2upper, 0, NULL, SMP_T_STR, SMP_T_STR },
{ "lower", sample_conv_str2lower, 0, NULL, SMP_T_STR, SMP_T_STR },
{ "length", sample_conv_length, 0, NULL, SMP_T_STR, SMP_T_SINT },
MINOR: sample: Add le2dec (little endian to decimal) sample fetch This commit introduces a sample fetch, `le2dec`, to convert little-endian binary input samples into their decimal representations. The function converts the input into a string containing unsigned integer numbers, with each number derived from a specified number of input bytes. The numbers are separated using a user-defined separator. This new sample is achieved by adding a parametrized sample_conv_2dec function, unifying the logic for be2dec and le2dec converters. Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com> [wt: tracked as GH issue #2915] Signed-off-by: Willy Tarreau <w@1wt.eu>
2025-03-14 07:17:09 -04:00
{ "be2dec", sample_conv_be2dec, ARG3(1,STR,SINT,SINT), sample_conv_2dec_check, SMP_T_BIN, SMP_T_STR },
{ "le2dec", sample_conv_le2dec, ARG3(1,STR,SINT,SINT), sample_conv_2dec_check, SMP_T_BIN, SMP_T_STR },
MINOR: sample: Add be2hex converter Add be2hex converter to convert big-endian binary data into hex string with optional string separators.
2021-07-13 08:08:56 -04:00
{ "be2hex", sample_conv_be2hex, ARG3(1,STR,SINT,SINT), sample_conv_be2hex_check, SMP_T_BIN, SMP_T_STR },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "hex", sample_conv_bin2hex, 0, NULL, SMP_T_BIN, SMP_T_STR },
{ "hex2i", sample_conv_hex2int, 0, NULL, SMP_T_STR, SMP_T_SINT },
MINOR: sample: fix ipmask sample definition Since 1478aa7 ("MEDIUM: sample: Add IPv6 support to the ipmask converter") ipmask converter may return IPV6 as well, so the sample definition must be updated. (the output type is currently explicited to IPV4) This has no functional impact: one visible effect will be that converter's visible output type will change from "ipv4" to "addr" when using 'haproxy -dKcnv'.
2023-05-26 11:07:40 -04:00
{ "ipmask", sample_conv_ipmask, ARG2(1,MSK4,MSK6), NULL, SMP_T_ADDR, SMP_T_ADDR },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "ltime", sample_conv_ltime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
{ "ms_ltime", sample_conv_ms_ltime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
{ "us_ltime", sample_conv_us_ltime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "utime", sample_conv_utime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
MEDIUM: sample: implement us and ms variant of utime and ltime Implement 4 new fetches: - ms_ltime - ms_utime - us_ltime - us_utime Which are the same as ltime and utime but with milliseconds and microseconds input. The converters also suports the %N conversion specifier like in date(1). Unfortunately since %N is not supported by strftime, the format string is parsed twice, once manually to replace %N, and once by strftime.
2023-07-21 04:54:41 -04:00
{ "ms_utime", sample_conv_ms_utime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
{ "us_utime", sample_conv_us_utime, ARG2(1,STR,SINT), NULL, SMP_T_SINT, SMP_T_STR },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "crc32", sample_conv_crc32, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "crc32c", sample_conv_crc32c, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "djb2", sample_conv_djb2, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "sdbm", sample_conv_sdbm, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "wt6", sample_conv_wt6, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "xxh3", sample_conv_xxh3, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "xxh32", sample_conv_xxh32, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "xxh64", sample_conv_xxh64, ARG1(0,SINT), NULL, SMP_T_BIN, SMP_T_SINT },
{ "json", sample_conv_json, ARG1(1,STR), sample_conv_json_check, SMP_T_STR, SMP_T_STR },
MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments Prior to this commit, converter "bytes" takes only integer values as arguments. After this commit, it can take variable names as inputs. This allows us to dynamically determine the offset/length and capture them in variables. These variables can then be used with the converter. Example use case: parsing a token present in a request header.
2023-09-06 14:11:23 -04:00
{ "bytes", sample_conv_bytes, ARG2(1,STR,STR), sample_conv_bytes_check, SMP_T_BIN, SMP_T_BIN },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "field", sample_conv_field, ARG3(2,SINT,STR,SINT), sample_conv_field_check, SMP_T_STR, SMP_T_STR },
{ "word", sample_conv_word, ARG3(2,SINT,STR,SINT), sample_conv_field_check, SMP_T_STR, SMP_T_STR },
MINOR: sample: add param converter Add a converter that extracts a parameter from string of delimited key/value pairs. Fixes: #1697
2022-12-14 02:19:59 -05:00
{ "param", sample_conv_param, ARG2(1,STR,STR), sample_conv_param_check, SMP_T_STR, SMP_T_STR },
CLEANUP: sample: align samples list in sample.c
2021-04-01 19:05:07 -04:00
{ "regsub", sample_conv_regsub, ARG3(2,REG,STR,STR), sample_conv_regsub_check, SMP_T_STR, SMP_T_STR },
{ "sha1", sample_conv_sha1, 0, NULL, SMP_T_BIN, SMP_T_BIN },
REORG: sample: move the crypto samples to ssl_sample.c These ones require openssl and are only built when it's enabled. There's no point keeping them in sample.c when ssl_sample.c already deals with this and the required includes. This also allows to remove openssl-compat.h from sample.c and to further reduce the number of inclusions of openssl includes, and the build time is now down to under 8 seconds.
2021-10-06 09:37:17 -04:00
{ "strcmp", sample_conv_strcmp, ARG1(1,STR), smp_check_strcmp, SMP_T_STR, SMP_T_SINT },
MINOR: sample: add the host_only and port_only converters Add 2 converters that can manipulate the value of an Host header. host_only will return the host without any port, and port_only will return the port.
2022-08-26 10:21:28 -04:00
{ "host_only", sample_conv_host_only, 0, NULL, SMP_T_STR, SMP_T_STR },
{ "port_only", sample_conv_port_only, 0, NULL, SMP_T_STR, SMP_T_SINT },
MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. This patch simply extracts the code of smp_fetch_req_ungrpc() for "req.ungrpc" from http_fetch.c to move it to sample.c with very few modifications. Furthermore smp_fetch_body_buf() used to fetch the body contents is no more needed. Update the documentation for gRPC.
2019-02-27 08:34:51 -05:00
/* gRPC converters. */
MINOR: sample: Add a protocol buffers specific converter. This patch adds "protobuf" protocol buffers specific converter wich may used in combination with "ungrpc" as first converter to extract a protocol buffers field value. It is simply implemented reusing protobuf_field_lookup() which is the protocol buffers specific parser already used by "ungrpc" converter which only parse a gRPC header in addition of parsing protocol buffers message. Update the documentation for this new "protobuf" converter.
2019-03-06 08:34:36 -05:00
{ "ungrpc", sample_conv_ungrpc, ARG2(1,PBUF_FNUM,STR), sample_conv_protobuf_check, SMP_T_BIN, SMP_T_BIN },
{ "protobuf", sample_conv_protobuf, ARG2(1,PBUF_FNUM,STR), sample_conv_protobuf_check, SMP_T_BIN, SMP_T_BIN },
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
MINOR: sample: Add converters to parse FIX messages This patch implements a couple of converters to validate and extract tag value from a FIX (Financial Information eXchange) message. The validation consists in a few checks such as mandatory fields and checksum computation. The extraction can get any tag value based on a tag string or tag id. This patch requires the istend() function. Thus it depends on "MINOR: ist: Add istend() function to return a pointer to the end of the string". Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-22 09:39:03 -04:00
/* FIX converters */
{ "fix_is_valid", sample_conv_fix_is_valid, 0, NULL, SMP_T_BIN, SMP_T_BOOL },
{ "fix_tag_value", sample_conv_fix_tag_value, ARG1(1,STR), sample_conv_fix_value_check, SMP_T_BIN, SMP_T_BIN },
MINOR: sample: Add converts to parses MQTT messages This patch implements a couple of converters to validate and extract data from a MQTT (Message Queuing Telemetry Transport) message. The validation consists of a few checks as well as "packet size" validation. The extraction can get any field from the variable header and the payload. This is limited to CONNECT and CONNACK packet types only. All other messages are considered as invalid. It is not a problem for now because only the first packet on each side can be parsed (CONNECT for the client and CONNACK for the server). MQTT 3.1.1 and 5.0 are supported. Reviewed and Fixed by Christopher Faulet <cfaulet@haproxy.com>
2020-10-27 13:10:06 -04:00
/* MQTT converters */
{ "mqtt_is_valid", sample_conv_mqtt_is_valid, 0, NULL, SMP_T_BIN, SMP_T_BOOL },
{ "mqtt_field_value", sample_conv_mqtt_field_value, ARG2(2,STR,STR), sample_conv_mqtt_field_value_check, SMP_T_BIN, SMP_T_STR },
MINOR: sample: Add iif(<true>,<false>) converter iif() takes a boolean as input and returns one of the two argument strings depending on whether the boolean is true. This converter most likely is most useful to return the proper scheme depending on the value returned by the `ssl_fc` fetch, e.g. for use within the `x-forwarded-proto` request header. However it can also be useful for use within a template that is sent to the client using `http-request return` with a `lf-file`. It allows the administrator to implement a simple condition, without needing to prefill variables within the regular configuration using `http-request set-var(req.foo)`.
2020-09-11 08:25:23 -04:00
{ "iif", sample_conv_iif, ARG2(2, STR, STR), NULL, SMP_T_BOOL, SMP_T_STR },
MEDIUM: vars/sample: operators can use variables as parameter This patch allow the existing operators to take a variable as parameter. This is useful to add the content of two variables. This patch modify the behavior of operators.
2015-07-07 15:10:16 -04:00
{ "and", sample_conv_binary_and, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "or", sample_conv_binary_or, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "xor", sample_conv_binary_xor, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "cpl", sample_conv_binary_cpl, 0, NULL, SMP_T_SINT, SMP_T_SINT },
{ "bool", sample_conv_arith_bool, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "not", sample_conv_arith_not, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "odd", sample_conv_arith_odd, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "even", sample_conv_arith_even, 0, NULL, SMP_T_SINT, SMP_T_BOOL },
{ "add", sample_conv_arith_add, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "sub", sample_conv_arith_sub, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "mul", sample_conv_arith_mul, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "div", sample_conv_arith_div, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "mod", sample_conv_arith_mod, ARG1(1,STR), check_operator, SMP_T_SINT, SMP_T_SINT },
{ "neg", sample_conv_arith_neg, 0, NULL, SMP_T_SINT, SMP_T_SINT },
MEDIUM: samples: provide basic arithmetic and bitwise operators This commit introduces a new category of converters. They are bitwise and arithmetic operators which support performing basic operations on integers. Some bitwise operations are supported (and, or, xor, cpl) and some arithmetic operations are supported (add, sub, mul, div, mod, neg). Some comparators are provided (odd, even, not, bool) which make it possible to report a match without having to write an ACL. The detailed list of new operators as they appear in the doc is : add(<value>) Adds <value> to the input value of type unsigned integer, and returns the result as an unsigned integer. and(<value>) Performs a bitwise "AND" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. bool Returns a boolean TRUE if the input value of type unsigned integer is non-null, otherwise returns FALSE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the presence of a flag). cpl Takes the input value of type unsigned integer, applies a twos-complement (flips all bits) and returns the result as an unsigned integer. div(<value>) Divides the input value of type unsigned integer by <value>, and returns the result as an unsigned integer. If <value> is null, the largest unsigned integer is returned (typically 2^32-1). even Returns a boolean TRUE if the input value of type unsigned integer is even otherwise returns FALSE. It is functionally equivalent to "not,and(1),bool". mod(<value>) Divides the input value of type unsigned integer by <value>, and returns the remainder as an unsigned integer. If <value> is null, then zero is returned. mul(<value>) Multiplies the input value of type unsigned integer by <value>, and returns the product as an unsigned integer. In case of overflow, the higher bits are lost, leading to seemingly strange values. neg Takes the input value of type unsigned integer, computes the opposite value, and returns the remainder as an unsigned integer. 0 is identity. This operator is provided for reversed subtracts : in order to subtract the input from a constant, simply perform a "neg,add(value)". not Returns a boolean FALSE if the input value of type unsigned integer is non-null, otherwise returns TRUE. Used in conjunction with and(), it can be used to report true/false for bit testing on input values (eg: verify the absence of a flag). odd Returns a boolean TRUE if the input value of type unsigned integer is odd otherwise returns FALSE. It is functionally equivalent to "and(1),bool". or(<value>) Performs a bitwise "OR" between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer. sub(<value>) Subtracts <value> from the input value of type unsigned integer, and returns the result as an unsigned integer. Note: in order to subtract the input from a constant, simply perform a "neg,add(value)". xor(<value>) Performs a bitwise "XOR" (exclusive OR) between <value> and the input value of type unsigned integer, and returns the result as an unsigned integer.
2015-01-27 09:12:13 -05:00
MINOR: sample: add cut_crlf converter This converter cuts a string on the first \r or \n found.
2020-04-01 10:21:44 -04:00
{ "htonl", sample_conv_htonl, 0, NULL, SMP_T_SINT, SMP_T_BIN },
{ "cut_crlf", sample_conv_cut_crlf, 0, NULL, SMP_T_STR, SMP_T_STR },
MINOR: sample: add ltrim converter This converter strips specified characters from the beginning of a string.
2020-04-01 11:24:41 -04:00
{ "ltrim", sample_conv_ltrim, ARG1(1,STR), NULL, SMP_T_STR, SMP_T_STR },
MINOR: sample: add rtrim converter This converter strips specified characters from the end of a string.
2020-04-01 11:24:47 -04:00
{ "rtrim", sample_conv_rtrim, ARG1(1,STR), NULL, SMP_T_STR, SMP_T_STR },
MINOR: sample: converter: Add json_query converter With the json_query can a JSON value be extacted from a header or body of the request and saved to a variable. This converter makes it possible to handle some JSON workload to route requests to different backends.
2021-04-15 10:45:15 -04:00
{ "json_query", sample_conv_json_query, ARG2(1,STR,STR), sample_check_json_query , SMP_T_STR, SMP_T_ANY },
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
#ifdef USE_OPENSSL
/* JSON Web Token converters */
{ "jwt_header_query", sample_conv_jwt_header_query, ARG2(0,STR,STR), sample_conv_jwt_query_check, SMP_T_BIN, SMP_T_ANY },
{ "jwt_payload_query", sample_conv_jwt_payload_query, ARG2(0,STR,STR), sample_conv_jwt_query_check, SMP_T_BIN, SMP_T_ANY },
MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity This new converter takes a JSON Web Token, an algorithm (among the ones specified for JWS tokens in RFC 7518) and a public key or a secret, and it returns a verdict about the signature contained in the token. It does not simply return a boolean because some specific error cases cas be specified by returning an integer instead, such as unmanaged algorithms or invalid tokens. This enables to distinguich malformed tokens from tampered ones, that would be valid format-wise but would have a bad signature. This converter does not perform a full JWT validation as decribed in section 7.2 of RFC 7519. For instance it does not ensure that the header and payload parts of the token are completely valid JSON objects because it would need a complete JSON parser. It only focuses on the signature and checks that it matches the token's contents.
2021-10-01 09:36:58 -04:00
{ "jwt_verify", sample_conv_jwt_verify, ARG2(2,STR,STR), sample_conv_jwt_verify_check, SMP_T_BIN, SMP_T_SINT },
MINOR: jwt: jwt_header_query and jwt_payload_query converters Those converters allow to extract a JSON value out of a JSON Web Token's header part or payload part (the two first dot-separated base64url encoded parts of a JWS in the Compact Serialization format). They act as a json_query call on the corresponding decoded subpart when given parameters, and they return the decoded JSON subpart when no parameter is given.
2021-10-01 09:36:57 -04:00
#endif
MINOR: sample: extend the "when" converter to support an ACL Sometimes conditions to decide of an anomaly are not as easy to define as just an error or a success. One example use case would be to monitor the transfer time and fix a threshold. An idea suggested by Tristan would be to make permit the "when" converter to refer to a more variable or dynamic condition. Here we make this possible by making "when" rely on a named ACL. The ACL then needs to be specified in either the proxy or the defaults section. Since it is evaluated inline, it may even refer to information available at the end (at log time) such as the data transfer time. If the ACL evalutates to true, the converter passes the data. Example: log "dbg={-}" when fine, or "dbg={... debug info ...}" on slow transfers: acl slow_xfer res.timer.data ge 10000 # more than 10s is slow log-format "$HAPROXY_HTTP_LOG_FMT \ fsdbg={%[fs.debug_str,when(acl,slow_xfer)]} \ bsdbg={%[bs.debug_str,when(acl,slow_xfer)]}"
2024-11-18 09:27:28 -05:00
{ "when", sample_conv_when, ARG3(1,STR,STR,STR), check_when_cond, SMP_T_ANY, SMP_T_ANY },
MEDIUM: pattern: use the standard arg parser We don't need the pattern-specific args parsers anymore, make use of the common parser instead. We still need to improve this by adding a validation function to report abnormal argument values or combinations. We don't report precise parsing errors yet but this was not previously done either.
2012-04-20 08:45:49 -04:00
{ NULL, NULL, 0, 0, 0 },
[MEDIUM] Add pattern fetch management types and functions
2010-01-04 10:16:05 -05:00
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, sample_register_convs, &sample_conv_kws);
Reference in a new issue Copy permalink