[MINOR] listener: add the "accept-proxy" option to the "bind" keyword

This option will enable the AN_REQ_DECODE_PROXY analyser on the requests
that come from those listeners.

diff --git a/include/types/protocols.h b/include/types/protocols.h
index 922a64289920e3f51a57fea67a339b496153adc1..64e1c5541f26b86e23bfc4355b9cae3582178b40 100644 (file)
--- a/include/types/protocols.h
+++ b/include/types/protocols.h
@@ -74,6 +74,7 @@
 #define LI_O_DEF_ACCEPT        0x0008  /* wait up to 1 second for data before accepting */
 #define LI_O_TCP_RULES  0x0010  /* run TCP rules checks on the incoming connection */
 #define LI_O_CHK_MONNET 0x0020  /* check the source against a monitor-net rule */
+#define LI_O_ACC_PROXY  0x0040  /* find the proxied address in the first request line */
 
 /* The listener will be directly referenced by the fdtab[] which holds its
  * socket. The listener provides the protocol-specific accept() function to

diff --git a/src/cfgparse.c b/src/cfgparse.c
index a7cdea4d5a68931b1b8b1da79a2237191a594fa8..38bd69b5d7d7271e203cd062ae6d94ed28069e9f 100644 (file)
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -1310,6 +1310,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
                }
 
                last_listen = curproxy->listen;
+
+               /* NOTE: the following line might create several listeners if there
+                * are comma-separated IPs or port ranges. So all further processing
+                * will have to be applied to all listeners created after last_listen.
+                */
                if (!str2listener(args[1], curproxy)) {
                        err_code |= ERR_ALERT | ERR_FATAL;
                        goto out;
@@ -1416,6 +1421,16 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
 #endif
                        }
 
+                       if (!strcmp(args[cur_arg], "accept-proxy")) { /* expect a 'PROXY' line first */
+                               struct listener *l;
+
+                               for (l = curproxy->listen; l != last_listen; l = l->next)
+                                       l->options |= LI_O_ACC_PROXY;
+
+                               cur_arg ++;
+                               continue;
+                       }
+
                        if (!strcmp(args[cur_arg], "name")) {
                                struct listener *l;
 
@@ -1468,7 +1483,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
                                continue;
                        }
 
-                       Alert("parsing [%s:%d] : '%s' only supports the 'transparent', 'defer-accept', 'name', 'id', 'mss' and 'interface' options.\n",
+                       Alert("parsing [%s:%d] : '%s' only supports the 'transparent', 'accept-proxy', 'defer-accept', 'name', 'id', 'mss' and 'interface' options.\n",
                              file, linenum, args[0]);
                        err_code |= ERR_ALERT | ERR_FATAL;
                        goto out;
@@ -5773,6 +5788,9 @@ out_uri_auth_compat:
                        listener->handler = process_session;
                        listener->analysers |= curproxy->fe_req_ana;
 
+                       if (listener->options & LI_O_ACC_PROXY)
+                               listener->analysers |= AN_REQ_DECODE_PROXY;
+
                        if (!LIST_ISEMPTY(&curproxy->tcp_req.l4_rules))
                                listener->options |= LI_O_TCP_RULES;