MINOR: stats: get rid of the ST_CONVDONE flag

This flag was added in 1.4-rc1 by commit 329f74d463 ("[BUG] uri_auth: do
not attemp to convert uri_auth -> http-request more than once") to
address the case where two proxies inherit the stats settings from
the defaults instance, and the first one compiles the expression while
the second one uses it. In this case since they use the exact same
uri_auth pointer, only the first one should compile and the second one
must not fail the check. This was addressed by adding an ST_CONVDONE
flag indicating that the expression conversion was completed and didn't
need to be done again. But this is a hack and it becomes cumbersome in
the middle of the other flags which are all relevant to the stats
applet. Let's instead fix it by checking if we're dealing with an
alias of the defaults instance and refrain from compiling this twice.
This allows us to remove the ST_CONVDONE flag.

A typical config requiring this check is :

   defaults
        mode http
        stats auth foo:bar

   listen l1
        bind :8080

   listen l2
        bind :8181

Without this (or previous) check it would cmoplain when checking l2's
validity since the rule was already built.

diff --git a/include/common/uri_auth.h b/include/common/uri_auth.h
index e80722d4ebb20c7c1e57611767cafdbb8eda1da8..46f1bc653d88e0cf86d4e0615d7ccc81916a9bb0 100644 (file)
--- a/include/common/uri_auth.h
+++ b/include/common/uri_auth.h
@@ -30,7 +30,7 @@ struct stat_scope {
 #define        ST_SHNODE       0x00000002      /* show node name */
 #define        ST_SHDESC       0x00000004      /* show description */
 #define        ST_SHLGNDS      0x00000008      /* show legends */
-#define        ST_CONVDONE     0x00000010      /* req_acl conversion done */
+/* unused:              0x00000010 */
 #define        ST_SHOWADMIN    0x00000020      /* show the admin column */
 
 /* later we may link them to support multiple URI matching */

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 05a64a8ef47aca39b962e00cb3534f85b618a913..e8538f87cccb78e180f5ab7b24660825630cf217 100644 (file)
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -2875,7 +2875,7 @@ int check_config_validity()
                        }
                }
 
-               if (curproxy->uri_auth && !(curproxy->uri_auth->flags & ST_CONVDONE) &&
+               if (curproxy->uri_auth && curproxy->uri_auth != defproxy.uri_auth &&
                    !LIST_ISEMPTY(&curproxy->uri_auth->http_req_rules) &&
                    (curproxy->uri_auth->userlist || curproxy->uri_auth->auth_realm )) {
                        ha_alert("%s '%s': stats 'auth'/'realm' and 'http-request' can't be used at the same time.\n",
@@ -2884,11 +2884,12 @@ int check_config_validity()
                        goto out_uri_auth_compat;
                }
 
-               if (curproxy->uri_auth && curproxy->uri_auth->userlist && !(curproxy->uri_auth->flags & ST_CONVDONE)) {
+               if (curproxy->uri_auth && curproxy->uri_auth->userlist &&
+                   (curproxy->uri_auth != defproxy.uri_auth ||
+                    LIST_ISEMPTY(&curproxy->uri_auth->http_req_rules))) {
                        const char *uri_auth_compat_req[10];
                        struct act_rule *rule;
                        int i = 0;
-
                        /* build the ACL condition from scratch. We're relying on anonymous ACLs for that */
                        uri_auth_compat_req[i++] = "auth";
 
@@ -2915,8 +2916,6 @@ int check_config_validity()
                                free(curproxy->uri_auth->auth_realm);
                                curproxy->uri_auth->auth_realm = NULL;
                        }
-
-                       curproxy->uri_auth->flags |= ST_CONVDONE;
                }
 out_uri_auth_compat: