MINOR: debug: enable insecure fork on the command line

-dI allow to enable "insure-fork-wanted" directly from the command line,
which is useful when you want to run ASAN with addr2line with a lot of
configuration files without editing them.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 6f78d77238ea44ba716248cbd05334744e3e4980..d3329f4d1c1854522808493e718b0b6dd661d06b 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -1975,7 +1975,8 @@ insecure-fork-wanted
   highly recommended that this option is never used and that any workload
   requiring such a fork be reconsidered and moved to a safer solution (such as
   agents instead of external checks). This option supports the "no" prefix to
-  disable it.
+  disable it. This can also be activated with "-dI" on the haproxy command
+  line.
 
 insecure-setuid-wanted
   HAProxy doesn't need to call executables at run time (except when using

diff --git a/doc/management.txt b/doc/management.txt
index 83c4c1dc70ff7db150b58c9fbe6bbd5199a6a7f9..0c7b2e493238a00cd58b46fee9b21175820e748c 100644 (file)
--- a/doc/management.txt
+++ b/doc/management.txt
@@ -230,6 +230,11 @@ list of options is :
     getaddrinfo() exist on various systems and cause anomalies that are
     difficult to troubleshoot.
 
+  -dI : enable the insecure fork. This is the equivalent of the
+    "insecure-fork-wanted" in the global section. It can be useful when running
+    all the reg-tests with ASAN which need to fork addr2line to resolve the
+    addresses.
+
   -dK<class[,class]*> : dumps the list of registered keywords in each class.
     The list of classes is available with "-dKhelp". All classes may be dumped
     using "-dKall", otherwise a selection of those shown in the help can be

diff --git a/src/haproxy.c b/src/haproxy.c
index a9b0190a5143a5fb766e1a8246c3fe41a37bfdeb..b83c20eb8bfce38b0389472043d0630d952d9d10 100644 (file)
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -659,6 +659,7 @@ static void usage(char *name)
                "        -dW fails if any warning is emitted\n"
                "        -dD diagnostic mode : warn about suspicious configuration statements\n"
                "        -dF disable fast-forward\n"
+               "        -dI enable insecure fork\n"
                "        -dZ disable zero-copy forwarding\n"
                "        -sf/-st [pid ]* finishes/terminates old pids.\n"
                "        -x <unix_socket> get listening sockets from a unix socket\n"
@@ -1679,6 +1680,8 @@ static void init_args(int argc, char **argv)
 #endif
                        else if (*flag == 'd' && flag[1] == 'F')
                                global.tune.options &= ~GTUNE_USE_FAST_FWD;
+                       else if (*flag == 'd' && flag[1] == 'I')
+                               global.tune.options |= GTUNE_INSECURE_FORK;
                        else if (*flag == 'd' && flag[1] == 'V')
                                global.ssl_server_verify = SSL_SERVER_VERIFY_NONE;
                        else if (*flag == 'd' && flag[1] == 'Z')