From: Willy Tarreau <w@1wt.eu>
Date: Thu, 11 Apr 2019 12:47:08 +0000 (+0200)
Subject: BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
X-Git-Tag: v2.0-dev3~323
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0f93672dfea805268d674c97573711fbff7e0e70;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity

Pavlos Parissis reported an interesting case where some map identifiers
were not assigned (appearing as -1 in show map). It turns out that it
only happens for log-format expressions parsed in check_config_validity()
that involve maps (log-format, use_backend, unique-id-header), as in the
sample configuration below :

    frontend foo
        bind :8001
        unique-id-format %[src,map(addr.lst)]
        log-format %[src,map(addr.lst)]
        use_backend %[src,map(addr.lst)]

The reason stems from the initial introduction of unique IDs in 1.5 via
commit af5a29d5f ("MINOR: pattern: Each pattern is identified by unique
id.") : the unique_id assignment was done before calling
check_config_validity() so all maps loaded after this call are not
properly configured. From what the function does, it seems they will not
be able to use a cache, will not have a unique_id assigned and will not
be updatable from the CLI.

This fix must be backported to all supported versions.
---

diff --git a/src/haproxy.c b/src/haproxy.c
index ef52e31bc4..517c62fe4b 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1663,14 +1663,14 @@ static void init(int argc, char **argv)
 		}
 	}
 
-	pattern_finalize_config();
-
 	err_code |= check_config_validity();
 	if (err_code & (ERR_ABORT|ERR_FATAL)) {
 		ha_alert("Fatal errors found in configuration.\n");
 		exit(1);
 	}
 
+	pattern_finalize_config();
+
 	/* recompute the amount of per-process memory depending on nbproc and
 	 * the shared SSL cache size (allowed to exist in all processes).
 	 */