BUG/MINOR: http: block rules forgot to increment the denied_req counter

"block" rules used to build the whole response and forgot to increment
the denied_req counters. By jumping to the general "deny" label created
in previous patch, it's easier to fix this.

The issue was already present in 1.3 and remained unnoticed, in part
because few people use "block" nowadays.

diff --git a/src/proto_http.c b/src/proto_http.c
index 84274c83c133d50d7cfc220df0db723935b33dc7..c5f6ecb9ef6eb91e3702a6eb966f11a42f0aed97 100644 (file)
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -3777,14 +3777,8 @@ int http_process_req_common(struct session *s, struct channel *req, int an_bit,
                if (cond->pol == ACL_COND_UNLESS)
                        ret = !ret;
 
-               if (ret) {
-                       txn->status = 403;
-                       /* let's log the request time */
-                       s->logs.tv_request = now;
-                       stream_int_retnclose(req->prod, http_error_message(s, HTTP_ERR_403));
-                       session_inc_http_err_ctr(s);
-                       goto return_prx_cond;
-               }
+               if (ret)
+                       goto deny;
        }
 
        /* just in case we have some per-backend tracking */