From: Willy Tarreau Date: Tue, 11 Jun 2013 19:22:58 +0000 (+0200) Subject: MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches X-Git-Tag: v1.5-dev19~11 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6d4e4e8dd2c6cb3af4ffffe552821d131fb7290d;p=thirdparty%2Fhaproxy.git MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches The following 116 ACLs were removed because they're redundant with their fetch function since last commit which allows the fetch function to be used instead for types BOOL, INT and IP. Most places are now left with an empty ACL keyword list that was not removed so that it's easier to add other ACLs later. always_false, always_true, avg_queue, be_conn, be_id, be_sess_rate, connslots, nbsrv, queue, srv_conn, srv_id, srv_is_up, srv_sess_rate, res.comp, fe_conn, fe_id, fe_sess_rate, dst_conn, so_id, wait_end, http_auth, http_first_req, status, dst, dst_port, src, src_port, sc1_bytes_in_rate, sc1_bytes_out_rate, sc1_clr_gpc0, sc1_conn_cnt, sc1_conn_cur, sc1_conn_rate, sc1_get_gpc0, sc1_gpc0_rate, sc1_http_err_cnt, sc1_http_err_rate, sc1_http_req_cnt, sc1_http_req_rate, sc1_inc_gpc0, sc1_kbytes_in, sc1_kbytes_out, sc1_sess_cnt, sc1_sess_rate, sc1_tracked, sc1_trackers, sc2_bytes_in_rate, sc2_bytes_out_rate, sc2_clr_gpc0, sc2_conn_cnt, sc2_conn_cur, sc2_conn_rate, sc2_get_gpc0, sc2_gpc0_rate, sc2_http_err_cnt, sc2_http_err_rate, sc2_http_req_cnt, sc2_http_req_rate, sc2_inc_gpc0, sc2_kbytes_in, sc2_kbytes_out, sc2_sess_cnt, sc2_sess_rate, sc2_tracked, sc2_trackers, sc3_bytes_in_rate, sc3_bytes_out_rate, sc3_clr_gpc0, sc3_conn_cnt, sc3_conn_cur, sc3_conn_rate, sc3_get_gpc0, sc3_gpc0_rate, sc3_http_err_cnt, sc3_http_err_rate, sc3_http_req_cnt, sc3_http_req_rate, sc3_inc_gpc0, sc3_kbytes_in, sc3_kbytes_out, sc3_sess_cnt, sc3_sess_rate, sc3_tracked, sc3_trackers, src_bytes_in_rate, src_bytes_out_rate, src_clr_gpc0, src_conn_cnt, src_conn_cur, src_conn_rate, src_get_gpc0, src_gpc0_rate, src_http_err_cnt, src_http_err_rate, src_http_req_cnt, src_http_req_rate, src_inc_gpc0, src_kbytes_in, src_kbytes_out, src_sess_cnt, src_sess_rate, src_updt_conn_cnt, table_avl, table_cnt, ssl_c_ca_err, ssl_c_ca_err_depth, ssl_c_err, ssl_c_used, ssl_c_verify, ssl_c_version, ssl_f_version, ssl_fc, ssl_fc_alg_keysize, ssl_fc_has_crt, ssl_fc_has_sni, ssl_fc_use_keysize, --- diff --git a/src/acl.c b/src/acl.c index 8ba6f6f939..f2abd44180 100644 --- a/src/acl.c +++ b/src/acl.c @@ -2001,8 +2001,6 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "always_false", NULL, acl_parse_nothing, acl_match_nothing }, - { "always_true", NULL, acl_parse_nothing, acl_match_nothing }, { /* END */ }, }}; diff --git a/src/backend.c b/src/backend.c index 9f230186eb..0392355fc8 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1599,17 +1599,6 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "avg_queue", NULL, acl_parse_int, acl_match_int }, - { "be_conn", NULL, acl_parse_int, acl_match_int }, - { "be_id", NULL, acl_parse_int, acl_match_int }, - { "be_sess_rate", NULL, acl_parse_int, acl_match_int }, - { "connslots", NULL, acl_parse_int, acl_match_int }, - { "nbsrv", NULL, acl_parse_int, acl_match_int }, - { "queue", NULL, acl_parse_int, acl_match_int }, - { "srv_conn", NULL, acl_parse_int, acl_match_int }, - { "srv_id", NULL, acl_parse_int, acl_match_int }, - { "srv_is_up", NULL, acl_parse_nothing, acl_match_nothing }, - { "srv_sess_rate", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/compression.c b/src/compression.c index c8e914400d..75b232baa4 100644 --- a/src/compression.c +++ b/src/compression.c @@ -636,7 +636,6 @@ smp_fetch_res_comp_algo(struct proxy *px, struct session *l4, void *l7, unsigned /* Note: must not be declared as its list will be overwritten */ static struct acl_kw_list acl_kws = {{ },{ - { "res.comp", NULL, acl_parse_nothing, acl_match_nothing }, { /* END */ }, }}; diff --git a/src/frontend.c b/src/frontend.c index cb5d52b293..e0fd30ff70 100644 --- a/src/frontend.c +++ b/src/frontend.c @@ -268,9 +268,6 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "fe_conn", NULL, acl_parse_int, acl_match_int }, - { "fe_id", NULL, acl_parse_int, acl_match_int }, - { "fe_sess_rate", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/listener.c b/src/listener.c index 32b5bad557..1ee95251c6 100644 --- a/src/listener.c +++ b/src/listener.c @@ -653,8 +653,6 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "dst_conn", NULL, acl_parse_int, acl_match_int }, - { "so_id", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/payload.c b/src/payload.c index 6031f79f30..207fbb06ee 100644 --- a/src/payload.c +++ b/src/payload.c @@ -690,7 +690,6 @@ static struct acl_kw_list acl_kws = {{ },{ { "req_ssl_hello_type", "req.ssl_hello_type", acl_parse_int, acl_match_int }, { "req_ssl_sni", "req.ssl_sni", acl_parse_str, acl_match_str }, { "req_ssl_ver", "req.ssl_ver", acl_parse_dotted_ver, acl_match_int }, - { "wait_end", NULL, acl_parse_nothing, acl_match_nothing }, { /* END */ }, }}; diff --git a/src/proto_http.c b/src/proto_http.c index 2164a85b08..67b91ce225 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -10137,11 +10137,8 @@ static struct acl_kw_list acl_kws = {{ },{ { "hdr_sub", "req.hdr", acl_parse_str, acl_match_sub }, { "hdr_val", "req.hdr_val", acl_parse_int, acl_match_int }, - { "http_auth", NULL, acl_parse_nothing, acl_match_nothing }, { "http_auth_group", NULL, acl_parse_strcat, acl_match_auth }, - { "http_first_req", NULL, acl_parse_nothing, acl_match_nothing }, - { "method", NULL, acl_parse_meth, acl_match_meth }, { "path", "path", acl_parse_str, acl_match_str }, @@ -10180,8 +10177,6 @@ static struct acl_kw_list acl_kws = {{ },{ { "shdr_sub", "res.hdr", acl_parse_str, acl_match_sub }, { "shdr_val", "res.hdr_val", acl_parse_int, acl_match_int }, - { "status", NULL, acl_parse_int, acl_match_int }, - { "url", "url", acl_parse_str, acl_match_str }, { "url_beg", "url", acl_parse_str, acl_match_beg }, { "url_dir", "url", acl_parse_str, acl_match_dir }, diff --git a/src/proto_tcp.c b/src/proto_tcp.c index 956f803b51..ce8cae1e12 100644 --- a/src/proto_tcp.c +++ b/src/proto_tcp.c @@ -1742,10 +1742,6 @@ static struct cfg_kw_list cfg_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "dst", NULL, acl_parse_ip, acl_match_ip }, - { "dst_port", NULL, acl_parse_int, acl_match_int }, - { "src", NULL, acl_parse_ip, acl_match_ip }, - { "src_port", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/session.c b/src/session.c index 5e0da25ab2..f8d49e3993 100644 --- a/src/session.c +++ b/src/session.c @@ -3936,83 +3936,6 @@ smp_fetch_table_avl(struct proxy *px, struct session *l4, void *l7, unsigned int * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "sc1_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_clr_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc1_conn_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc1_conn_cur", NULL, acl_parse_int, acl_match_int }, - { "sc1_conn_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_get_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc1_gpc0_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_http_err_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc1_http_err_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_http_req_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc1_http_req_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_inc_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc1_kbytes_in", NULL, acl_parse_int, acl_match_int }, - { "sc1_kbytes_out", NULL, acl_parse_int, acl_match_int }, - { "sc1_sess_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc1_sess_rate", NULL, acl_parse_int, acl_match_int }, - { "sc1_tracked", NULL, acl_parse_nothing, acl_match_nothing }, - { "sc1_trackers", NULL, acl_parse_int, acl_match_int }, - { "sc2_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_clr_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc2_conn_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc2_conn_cur", NULL, acl_parse_int, acl_match_int }, - { "sc2_conn_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_get_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc2_gpc0_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_http_err_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc2_http_err_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_http_req_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc2_http_req_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_inc_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc2_kbytes_in", NULL, acl_parse_int, acl_match_int }, - { "sc2_kbytes_out", NULL, acl_parse_int, acl_match_int }, - { "sc2_sess_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc2_sess_rate", NULL, acl_parse_int, acl_match_int }, - { "sc2_tracked", NULL, acl_parse_nothing, acl_match_nothing }, - { "sc2_trackers", NULL, acl_parse_int, acl_match_int }, - { "sc3_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_clr_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc3_conn_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc3_conn_cur", NULL, acl_parse_int, acl_match_int }, - { "sc3_conn_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_get_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc3_gpc0_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_http_err_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc3_http_err_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_http_req_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc3_http_req_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_inc_gpc0", NULL, acl_parse_int, acl_match_int }, - { "sc3_kbytes_in", NULL, acl_parse_int, acl_match_int }, - { "sc3_kbytes_out", NULL, acl_parse_int, acl_match_int }, - { "sc3_sess_cnt", NULL, acl_parse_int, acl_match_int }, - { "sc3_sess_rate", NULL, acl_parse_int, acl_match_int }, - { "sc3_tracked", NULL, acl_parse_nothing, acl_match_nothing }, - { "sc3_trackers", NULL, acl_parse_int, acl_match_int }, - { "src_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, - { "src_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, - { "src_clr_gpc0", NULL, acl_parse_int, acl_match_int }, - { "src_conn_cnt", NULL, acl_parse_int, acl_match_int }, - { "src_conn_cur", NULL, acl_parse_int, acl_match_int }, - { "src_conn_rate", NULL, acl_parse_int, acl_match_int }, - { "src_get_gpc0", NULL, acl_parse_int, acl_match_int }, - { "src_gpc0_rate", NULL, acl_parse_int, acl_match_int }, - { "src_http_err_cnt", NULL, acl_parse_int, acl_match_int }, - { "src_http_err_rate", NULL, acl_parse_int, acl_match_int }, - { "src_http_req_cnt", NULL, acl_parse_int, acl_match_int }, - { "src_http_req_rate", NULL, acl_parse_int, acl_match_int }, - { "src_inc_gpc0", NULL, acl_parse_int, acl_match_int }, - { "src_kbytes_in", NULL, acl_parse_int, acl_match_int }, - { "src_kbytes_out", NULL, acl_parse_int, acl_match_int }, - { "src_sess_cnt", NULL, acl_parse_int, acl_match_int }, - { "src_sess_rate", NULL, acl_parse_int, acl_match_int }, - { "src_updt_conn_cnt", NULL, acl_parse_int, acl_match_int }, - { "table_avl", NULL, acl_parse_int, acl_match_int }, - { "table_cnt", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 7523246e06..160502c950 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -3125,9 +3125,6 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int }, - { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int }, - { "ssl_c_err", NULL, acl_parse_int, acl_match_int }, { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str }, { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str }, { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str }, @@ -3135,9 +3132,6 @@ static struct acl_kw_list acl_kws = {{ },{ { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str }, { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str }, { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin }, - { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing }, - { "ssl_c_verify", NULL, acl_parse_int, acl_match_int }, - { "ssl_c_version", NULL, acl_parse_int, acl_match_int }, { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str }, { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str }, { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str }, @@ -3145,12 +3139,7 @@ static struct acl_kw_list acl_kws = {{ },{ { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str }, { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str }, { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin }, - { "ssl_f_version", NULL, acl_parse_int, acl_match_int }, - { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing }, - { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int }, { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str }, - { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing }, - { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing }, #ifdef OPENSSL_NPN_NEGOTIATED { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str }, #endif @@ -3158,7 +3147,6 @@ static struct acl_kw_list acl_kws = {{ },{ { "ssl_fc_alpn", NULL, acl_parse_str, acl_match_str }, #endif { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str }, - { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int }, { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str }, { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end }, { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg },