[MEDIUM] acl: added the TRUE and FALSE ACLs.

Those ACLs are sometimes useful for troubleshooting. Two ACL subjects
"always_true" and "always_false" have been added too. They return what
their subject says for every pattern. Also, acl_match_pst() has been
removed.

diff --git a/include/proto/acl.h b/include/proto/acl.h
index 896872f2588074942bfb9b92f9c9a8997de5612d..4e2b30177a0bf4b241b167f88a40e53ba826399f 100644 (file)
--- a/include/proto/acl.h
+++ b/include/proto/acl.h
@@ -94,11 +94,6 @@ void acl_unregister_keywords(struct acl_kw_list *kwl);
  */
 
 
-/* This one always returns 1 because its only purpose is to check that the
- * value is present, which is already checked by getval().
- */
-int acl_match_pst(struct acl_test *test, struct acl_pattern *pattern);
-
 /* NB: For two strings to be identical, it is required that their lengths match */
 int acl_match_str(struct acl_test *test, struct acl_pattern *pattern);
 

diff --git a/src/acl.c b/src/acl.c
index bdf0b081061bb2619234ef6929f69d93ca799687..a4744602ec9c99ea3b4362c92f6d7752d4e18a61 100644 (file)
--- a/src/acl.c
+++ b/src/acl.c
@@ -30,14 +30,40 @@ static struct acl_kw_list acl_keywords = {
 };
 
 
-/* This one always returns 1 because its only purpose is to check that the
- * value is present, which is already checked by getval().
+/*
+ * These functions are only used for debugging complex configurations.
  */
-int acl_match_pst(struct acl_test *test, struct acl_pattern *pattern)
+
+/* ignore the current line */
+static int
+acl_parse_nothing(const char **text, struct acl_pattern *pattern, int *opaque)
+{
+       return 1;
+}
+
+/* always fake a data retrieval */
+static int
+acl_fetch_nothing(struct proxy *px, struct session *l4, void *l7, int dir,
+                 struct acl_expr *expr, struct acl_test *test)
 {
        return 1;
 }
 
+/* always return true */
+static int
+acl_match_true(struct acl_test *test, struct acl_pattern *pattern)
+{
+       return 1;
+}
+
+/* always return false */
+static int
+acl_match_false(struct acl_test *test, struct acl_pattern *pattern)
+{
+       return 0;
+}
+
+
 /* NB: For two strings to be identical, it is required that their lengths match */
 int acl_match_str(struct acl_test *test, struct acl_pattern *pattern)
 {
@@ -590,6 +616,8 @@ const struct {
        const char *name;
        const char *expr[4]; /* put enough for longest expression */
 } default_acl_list[] = {
+       { .name = "TRUE",           .expr = {"always_true","1",""}},
+       { .name = "FALSE",          .expr = {"always_false","0",""}},
        { .name = "LOCALHOST",      .expr = {"src","127.0.0.1/8",""}},
        { .name = "HTTP_1.0",       .expr = {"req_ver","1.0",""}},
        { .name = "HTTP_1.1",       .expr = {"req_ver","1.1",""}},
@@ -871,6 +899,8 @@ int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, v
 
 /* Note: must not be declared <const> as its list will be overwritten */
 static struct acl_kw_list acl_kws = {{ },{
+       { "always_true", acl_parse_nothing, acl_fetch_nothing, acl_match_true },
+       { "always_false", acl_parse_nothing, acl_fetch_nothing, acl_match_false },
 #if 0
        { "time",       acl_parse_time,  acl_fetch_time,   acl_match_time  },
 #endif