BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness

It's unclear why the buffer length wasn't considered when tcp-response
rules were added in 1.5-dev3 with commit 97679e790 ("[MEDIUM] Implement
tcp inspect response rules"). But it's impossible to write working
tcp-response content rules as they're always waiting for the expiration
and do not consider the fact that the buffer is full. It's likely that
tcp-response content rules were only used with HTTP traffic.

This may be backported to stable versions, though it's not very
important considering that that nobody reported this in 10 years.

diff --git a/src/tcp_rules.c b/src/tcp_rules.c
index 703bd4fbbc89842ec7b62643259ebc52bdc54174..e09cc3c10a2b0d16fd0960da2561642cad6bf698 100644 (file)
--- a/src/tcp_rules.c
+++ b/src/tcp_rules.c
@@ -260,8 +260,8 @@ int tcp_inspect_response(struct stream *s, struct channel *rep, int an_bit)
         * - if one rule returns OK, then return OK
         * - if one rule returns KO, then return KO
         */
-
-       if (rep->flags & CF_SHUTR || tick_is_expired(rep->analyse_exp, now_ms))
+       if ((rep->flags & CF_SHUTR) || channel_full(rep, global.tune.maxrewrite) ||
+           !s->be->tcp_rep.inspect_delay || tick_is_expired(rep->analyse_exp, now_ms))
                partial = SMP_OPT_FINAL;
        else
                partial = 0;