MINOR: checks: Relax the default option for tcp-check connect rules

Now this option may be mixed with other options. This way, options on the server
line are used but may be overridden by tcp-check connect options.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index e6373584dc44a4b6894cebdbb57e707e88438a29..c6b6cf4b4c828493ad93447430cba28f3b431b6c 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9820,7 +9820,7 @@ tcp-check connect [params*]
     use the TCP connection.
 
     default      Use default options of the server line to do the health
-                 checks. This parameter is exclusive with all other options.
+                 checks. The server options are used only if not redifined.
 
     port <expr>  if not set, check port or server port is used.
                  It tells HAProxy where to open the connection to.

diff --git a/include/types/checks.h b/include/types/checks.h
index 3c44d82aaa0f758b9241f325427f0b82ebb69fa0..94ce5f228838dd0eb4b9858a4ec6902efde412a1 100644 (file)
--- a/include/types/checks.h
+++ b/include/types/checks.h
@@ -217,7 +217,8 @@ struct analyze_status {
 #define TCPCHK_OPT_SSL             0x0002  /* SSL connection */
 #define TCPCHK_OPT_LINGER          0x0004  /* Do not RST connection, let it linger */
 #define TCPCHK_OPT_DEFAULT_CONNECT 0x0008  /* Do a connect using server params */
-#define TCPCHK_OPT_SOCKS4          0x0010  /* check the connection via socks4 proxy */
+#define TCPCHK_OPT_IMPLICIT        0x0010  /* Implicit connect */
+#define TCPCHK_OPT_SOCKS4          0x0020  /* check the connection via socks4 proxy */
 
 struct tcpcheck_connect {
        char *sni;                     /* server name to use for SSL connections */

diff --git a/src/checks.c b/src/checks.c
index 55307b5b3174d285beec26fe01eaa017e0b09beb..c26f17707f6979a976ac94a08c62182558cc7e1e 100644 (file)
--- a/src/checks.c
+++ b/src/checks.c
@@ -2757,7 +2757,7 @@ static int tcpcheck_get_step_id(struct check *check, struct tcpcheck_rule *rule)
        /* last step is the first implicit connect */
        if (rule->index == 0 &&
            rule->action == TCPCHK_ACT_CONNECT &&
-           (rule->connect.options & TCPCHK_OPT_DEFAULT_CONNECT))
+           (rule->connect.options & TCPCHK_OPT_IMPLICIT))
                return 0;
 
        return rule->index + 1;
@@ -2863,9 +2863,9 @@ static enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct
                port = s->svc_port;
        set_host_port(conn->dst, port);
 
-       xprt = ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT)
-               ? check->xprt
-               : ((connect->options & TCPCHK_OPT_SSL) ? xprt_get(XPRT_SSL) : xprt_get(XPRT_RAW)));
+       xprt = ((connect->options & TCPCHK_OPT_SSL)
+               ? xprt_get(XPRT_SSL)
+               : ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) ? check->xprt : xprt_get(XPRT_RAW)));
 
        conn_prepare(conn, proto, xprt);
        if (conn_install_mux(conn, &mux_pt_ops, cs, proxy, check->sess) < 0) {
@@ -2885,47 +2885,40 @@ static enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct
                status = proto->connect(conn, flags);
        }
 
-       if (connect->options & TCPCHK_OPT_DEFAULT_CONNECT) {
 #ifdef USE_OPENSSL
-               if (status == SF_ERR_NONE) {
-                       if (s->check.sni)
-                               ssl_sock_set_servername(conn, s->check.sni);
-                       if (s->check.alpn_str)
-                               ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str,
-                                                 s->check.alpn_len);
-               }
-#endif
-               if (s->check.via_socks4 && (s->flags & SRV_F_SOCKS4_PROXY)) {
-                       conn->send_proxy_ofs = 1;
-                       conn->flags |= CO_FL_SOCKS4;
-               }
-               if (s->check.send_proxy && !(check->state & CHK_ST_AGENT)) {
-                       conn->send_proxy_ofs = 1;
-                       conn->flags |= CO_FL_SEND_PROXY;
-               }
+       if (status == SF_ERR_NONE) {
+               if (connect->sni)
+                       ssl_sock_set_servername(conn, connect->sni);
+               else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.sni)
+                       ssl_sock_set_servername(conn, s->check.sni);
+
+               if (connect->alpn)
+                       ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn, connect->alpn_len);
+               else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.alpn_str)
+                       ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str, s->check.alpn_len);
        }
-       else {
-#ifdef USE_OPENSSL
-               if (status == SF_ERR_NONE) {
-                       if (connect->sni)
-                               ssl_sock_set_servername(conn, connect->sni);
-                       if (connect->alpn)
-                               ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn,
-                                                 connect->alpn_len);
-               }
 #endif
-               if ((connect->options & TCPCHK_OPT_SOCKS4) && (s->flags & SRV_F_SOCKS4_PROXY)) {
-                       conn->send_proxy_ofs = 1;
-                       conn->flags |= CO_FL_SOCKS4;
-               }
-               if (connect->options & TCPCHK_OPT_SEND_PROXY) {
-                       conn->send_proxy_ofs = 1;
-                       conn->flags |= CO_FL_SEND_PROXY;
-               }
-               if (conn_ctrl_ready(conn) && (connect->options & TCPCHK_OPT_LINGER)) {
-                       /* Some servers don't like reset on close */
-                       fdtab[cs->conn->handle.fd].linger_risk = 0;
-               }
+       if ((connect->options & TCPCHK_OPT_SOCKS4) && (s->flags & SRV_F_SOCKS4_PROXY)) {
+               conn->send_proxy_ofs = 1;
+               conn->flags |= CO_FL_SOCKS4;
+       }
+       else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.via_socks4 && (s->flags & SRV_F_SOCKS4_PROXY)) {
+               conn->send_proxy_ofs = 1;
+               conn->flags |= CO_FL_SOCKS4;
+       }
+
+       if (connect->options & TCPCHK_OPT_SEND_PROXY) {
+               conn->send_proxy_ofs = 1;
+               conn->flags |= CO_FL_SEND_PROXY;
+       }
+       else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.send_proxy && !(check->state & CHK_ST_AGENT)) {
+               conn->send_proxy_ofs = 1;
+               conn->flags |= CO_FL_SEND_PROXY;
+       }
+
+       if (conn_ctrl_ready(conn) && (connect->options & TCPCHK_OPT_LINGER)) {
+               /* Some servers don't like reset on close */
+               fdtab[cs->conn->handle.fd].linger_risk = 0;
        }
 
        if (conn_ctrl_ready(conn) && (conn->flags & (CO_FL_SEND_PROXY | CO_FL_SOCKS4))) {
@@ -3973,7 +3966,7 @@ static int check_proxy_tcpcheck(struct proxy *px)
                        goto out;
                }
                chk->action = TCPCHK_ACT_CONNECT;
-               chk->connect.options = TCPCHK_OPT_DEFAULT_CONNECT;
+               chk->connect.options = (TCPCHK_OPT_DEFAULT_CONNECT|TCPCHK_OPT_IMPLICIT);
                LIST_ADD(px->tcpcheck_rules.list, &chk->list);
        }
 
@@ -4289,13 +4282,8 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st
 
        cur_arg++;
        while (*(args[cur_arg])) {
-               if (strcmp(args[cur_arg], "default") == 0) {
-                       if (cur_arg != 2 || *(args[cur_arg+1])) {
-                               memprintf(errmsg, "'%s' is exclusive with all other options", args[cur_arg]);
-                               goto error;
-                       }
-                       conn_opts = TCPCHK_OPT_DEFAULT_CONNECT;
-               }
+               if (strcmp(args[cur_arg], "default") == 0)
+                       conn_opts |= TCPCHK_OPT_DEFAULT_CONNECT;
                else if (strcmp(args[cur_arg], "addr") == 0) {
                        int port1, port2;
                        struct protocol *proto;