BUG/MINOR: http_auth: ACLs are volatile, not permanent

ACLs are volatile since they require a fetch of request buffer data which is
then copied to a temporary shared place. The issue is minor though since auth
is generally checked very early.

diff --git a/src/proto_http.c b/src/proto_http.c
index ba8604f4ba6b9ea0b2fba41dbb195e44c0d1a907..e898f9eb504d0b4ad012fb7c5d6a77369099bcc8 100644 (file)
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -8431,8 +8431,8 @@ static struct acl_kw_list acl_kws = {{ },{
        { "path_dom",   acl_parse_str,   acl_fetch_path,   acl_match_dom, ACL_USE_L7REQ_VOLATILE },
        { "path_len",   acl_parse_int,   acl_fetch_path,   acl_match_len, ACL_USE_L7REQ_VOLATILE },
 
-       { "http_auth",       acl_parse_nothing, acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_PERMANENT },
-       { "http_auth_group", acl_parse_strcat,  acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_PERMANENT },
+       { "http_auth",       acl_parse_nothing, acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_VOLATILE },
+       { "http_auth_group", acl_parse_strcat,  acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_VOLATILE },
        { "http_first_req",  acl_parse_nothing, acl_fetch_http_first_req, acl_match_nothing, ACL_USE_L7REQ_PERMANENT },
        { NULL, NULL, NULL, NULL },
 }};