BUG/MINOR: acl: support built-in ACLs with acl() sample

Built-in ACLs were not being searched by the acl() sample fetch. This
fixes that so they are searched if no other match is found.

diff --git a/reg-tests/sample_fetches/acl.vtc b/reg-tests/sample_fetches/acl.vtc
index 8f4f8fb247e2a989d2fa2803feda28c8bcad5600..21e6f4b52417a700bc75f153890afa46280d5f6a 100644 (file)
--- a/reg-tests/sample_fetches/acl.vtc
+++ b/reg-tests/sample_fetches/acl.vtc
@@ -18,7 +18,7 @@ haproxy h1 -conf {
         acl ACL3 acl(!ACL2)
         acl ACL4 acl(ACL2,!ACL3)
 
-        http-request return status 200 hdr x-acl "ACL1=%[acl(ACL1)] ACL2=%[acl(ACL2)] ACL3=%[acl(ACL3)] ACL4=%[acl(ACL4)]"
+        http-request return status 200 hdr x-acl "ACL1=%[acl(ACL1)] ACL2=%[acl(ACL2)] ACL3=%[acl(ACL3)] ACL4=%[acl(ACL4)] TRUE=%[acl(TRUE)]"
 } -start
 
 client c1 -connect ${h1_fe1_sock} {
@@ -29,4 +29,5 @@ client c1 -connect ${h1_fe1_sock} {
     expect resp.http.x-acl ~ "ACL2=1"
     expect resp.http.x-acl ~ "ACL3=0"
     expect resp.http.x-acl ~ "ACL4=1"
+    expect resp.http.x-acl ~ "TRUE=1"
 } -run

diff --git a/src/acl.c b/src/acl.c
index 52a71f38e617e869b45d75913c1e594de68bdfeb..c1f4edd1c7532cd2811e42064aa5f9b84b065caf 100644 (file)
--- a/src/acl.c
+++ b/src/acl.c
@@ -1350,7 +1350,11 @@ int smp_fetch_acl_parse(struct arg *args, char **err_msg)
                        name++;
                }
 
-               if (!(acl_sample->terms[i].acl = find_acl_by_name(name, &curproxy->acl))) {
+
+               if (
+                       !(acl_sample->terms[i].acl = find_acl_by_name(name, &curproxy->acl)) &&
+                       !(acl_sample->terms[i].acl = find_acl_default(name, &curproxy->acl, err_msg, NULL, NULL, 0))
+                       ) {
                        memprintf(err_msg, "ACL '%s' not found", name);
                        goto err;
                }