[MINOR] allow TCP inspection rules to make use of HTTP ACLs

Since we can call the HTTP parser from TCP inspection rules, it makes
sense to be able to use the HTTP ACLs with it. That way, we can decide
from a TCP frontend to take a switching decision based on full layer7
decoding. This might be useful to perform layer7 content switching from
a layer4 frontend in fact. For instance, we might want to be able to
detect http/https on a frontend, but still switch to backend X or Y
depending on the Host header. Note that it is mandatory to wait for
an HTTP request otherwise the ACLs will randomly match.

diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 846040ac32f29561e0a392677d4e5aef46a99aca..4488a49baee10e0019b112fef2de7cc15cc0273d 100644 (file)
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -406,7 +406,7 @@ int tcp_inspect_request(struct session *s, struct buffer *req, int an_bit)
                int ret = ACL_PAT_PASS;
 
                if (rule->cond) {
-                       ret = acl_exec_cond(rule->cond, s->fe, s, NULL, ACL_DIR_REQ | partial);
+                       ret = acl_exec_cond(rule->cond, s->fe, s, &s->txn, ACL_DIR_REQ | partial);
                        if (ret == ACL_PAT_MISS) {
                                buffer_write_dis(req);
                                /* just set the request timeout once at the beginning of the request */