MINOR: introduce proxy-v2-options for send-proxy-v2

Proxy protocol v2 can transport many optional informations. To avoid
send-proxy-v2-* explosion, this patch introduce proxy-v2-options parameter
and will allow to write: "send-proxy-v2 proxy-v2-options ssl,cert-cn".

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 55956db27154157292f3cbf3a4cf64fa8be5f9af..89421dbbca5d6e75e512cea64e34fc14b7fcd7fe 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -11718,6 +11718,11 @@ send-proxy-v2
   of this version of the protocol. See also the "no-send-proxy-v2" option of
   this section and send-proxy" option of the "bind" keyword.
 
+proxy-v2-options <option>[,<option>]*
+  The "proxy-v2-options" parameter add option to send in PROXY protocol version
+  2 when "send-proxy-v2" is used. Options available are "ssl" (see also
+  send-proxy-v2-ssl), "cert-cn" (see also "send-proxy-v2-ssl-cn").
+
 send-proxy-v2-ssl
   The "send-proxy-v2-ssl" parameter enforces use of the PROXY protocol version
   2 over any connection established to this server. The PROXY protocol informs

diff --git a/src/server.c b/src/server.c
index 07a6603a35096f4f88f484ae3557430e5e88169c..cf041764e38350213db800560f2e8e9123c5b86d 100644 (file)
--- a/src/server.c
+++ b/src/server.c
@@ -503,6 +503,30 @@ static int inline srv_enable_pp_flags(struct server *srv, unsigned int flags)
        return 0;
 }
 
+/* parse the "proxy-v2-options" */
+static int srv_parse_proxy_v2_options(char **args, int *cur_arg,
+                                     struct proxy *px, struct server *newsrv, char **err)
+{
+       char *p, *n;
+       for (p = args[*cur_arg+1]; p; p = n) {
+               n = strchr(p, ',');
+               if (n)
+                       *n++ = '\0';
+               if (!strcmp(p, "ssl")) {
+                       newsrv->pp_opts |= SRV_PP_V2_SSL;
+               } else if (!strcmp(p, "cert-cn")) {
+                       newsrv->pp_opts |= SRV_PP_V2_SSL;
+                       newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
+               } else
+                       goto fail;
+       }
+       return 0;
+ fail:
+       if (err)
+               memprintf(err, "'%s' : proxy v2 option not implemented", p);
+       return ERR_ALERT | ERR_FATAL;
+}
+
 /* Parse the "observe" server keyword */
 static int srv_parse_observe(char **args, int *cur_arg,
                              struct proxy *curproxy, struct server *newsrv, char **err)
@@ -1124,6 +1148,7 @@ static struct srv_kw_list srv_kws = { "ALL", { }, {
        { "no-send-proxy-v2",    srv_parse_no_send_proxy_v2,    0,  1 }, /* Disable use of PROXY V2 protocol */
        { "non-stick",           srv_parse_non_stick,           0,  1 }, /* Disable stick-table persistence */
        { "observe",             srv_parse_observe,             1,  1 }, /* Enables health adjusting based on observing communication with the server */
+       { "proxy-v2-options",    srv_parse_proxy_v2_options,    1,  1 }, /* options for send-proxy-v2 */
        { "redir",               srv_parse_redir,               1,  1 }, /* Enable redirection mode */
        { "send-proxy",          srv_parse_send_proxy,          0,  1 }, /* Enforce use of PROXY V1 protocol */
        { "send-proxy-v2",       srv_parse_send_proxy_v2,       0,  1 }, /* Enforce use of PROXY V2 protocol */