BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options

http-reuse should normally not be used in conjunction with the proxy
protocol or with "usesrc clientip". While there's nothing fundamentally
wrong with this, whenever these options are used, the server expects the
IP address to be the source address for all requests, which doesn't make
sense with http-reuse.

diff --git a/src/cfgparse.c b/src/cfgparse.c
index bf43b2cfbe40bef2b333fef72f3d110ace27b97d..8e42163ce81e6e194f30b1479eac487571901d45 100644 (file)
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -8545,6 +8545,25 @@ out_uri_auth_compat:
                                err_code |= ERR_WARN;
                        }
 #endif
+
+                       if ((curproxy->options & PR_O_REUSE_MASK) != PR_O_REUSE_NEVR) {
+                               if ((curproxy->conn_src.opts & CO_SRC_TPROXY_MASK) == CO_SRC_TPROXY_CLI ||
+                                   (curproxy->conn_src.opts & CO_SRC_TPROXY_MASK) == CO_SRC_TPROXY_CIP ||
+                                   (newsrv->conn_src.opts & CO_SRC_TPROXY_MASK) == CO_SRC_TPROXY_CLI ||
+                                   (newsrv->conn_src.opts & CO_SRC_TPROXY_MASK) == CO_SRC_TPROXY_CIP) {
+                                       Warning("config : %s '%s' : connections to server '%s' use the client's IP address as the source while http-reuse is enabled and allows the same connection to be shared between multiple clients. It is strongly advised to disable 'usesrc' and to use the 'forwardfor' option instead.\n",
+                                               proxy_type_str(curproxy), curproxy->id, newsrv->id);
+                                       err_code |= ERR_WARN;
+                               }
+
+
+                               if (newsrv->pp_opts & (SRV_PP_V1|SRV_PP_V2)) {
+                                       Warning("config : %s '%s' : connections to server '%s' will have a PROXY protocol header announcing the first client's IP address while http-reuse is enabled and allows the same connection to be shared between multiple clients. It is strongly advised to disable 'send-proxy' and to use the 'forwardfor' option instead.\n",
+                                               proxy_type_str(curproxy), curproxy->id, newsrv->id);
+                                       err_code |= ERR_WARN;
+                               }
+                       }
+
                        newsrv = newsrv->next;
                }