From: Willy Tarreau <w@1wt.eu>
Date: Fri, 15 Oct 2010 12:27:08 +0000 (+0200)
Subject: [MINOR] listener: add the "accept-proxy" option to the "bind" keyword
X-Git-Tag: v1.5-dev8~420
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8a95691ae813add7c70a401ca95ff95c080b9786;p=thirdparty%2Fhaproxy.git

[MINOR] listener: add the "accept-proxy" option to the "bind" keyword

This option will enable the AN_REQ_DECODE_PROXY analyser on the requests
that come from those listeners.
---

diff --git a/include/types/protocols.h b/include/types/protocols.h
index 922a642899..64e1c5541f 100644
--- a/include/types/protocols.h
+++ b/include/types/protocols.h
@@ -74,6 +74,7 @@
 #define LI_O_DEF_ACCEPT	0x0008	/* wait up to 1 second for data before accepting */
 #define LI_O_TCP_RULES  0x0010  /* run TCP rules checks on the incoming connection */
 #define LI_O_CHK_MONNET 0x0020  /* check the source against a monitor-net rule */
+#define LI_O_ACC_PROXY  0x0040  /* find the proxied address in the first request line */
 
 /* The listener will be directly referenced by the fdtab[] which holds its
  * socket. The listener provides the protocol-specific accept() function to
diff --git a/src/cfgparse.c b/src/cfgparse.c
index a7cdea4d5a..38bd69b5d7 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -1310,6 +1310,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
 		}
 
 		last_listen = curproxy->listen;
+
+		/* NOTE: the following line might create several listeners if there
+		 * are comma-separated IPs or port ranges. So all further processing
+		 * will have to be applied to all listeners created after last_listen.
+		 */
 		if (!str2listener(args[1], curproxy)) {
 			err_code |= ERR_ALERT | ERR_FATAL;
 			goto out;
@@ -1416,6 +1421,16 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
 #endif
 			}
 
+			if (!strcmp(args[cur_arg], "accept-proxy")) { /* expect a 'PROXY' line first */
+				struct listener *l;
+
+				for (l = curproxy->listen; l != last_listen; l = l->next)
+					l->options |= LI_O_ACC_PROXY;
+
+				cur_arg ++;
+				continue;
+			}
+
 			if (!strcmp(args[cur_arg], "name")) {
 				struct listener *l;
 
@@ -1468,7 +1483,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
 				continue;
 			}
 
-			Alert("parsing [%s:%d] : '%s' only supports the 'transparent', 'defer-accept', 'name', 'id', 'mss' and 'interface' options.\n",
+			Alert("parsing [%s:%d] : '%s' only supports the 'transparent', 'accept-proxy', 'defer-accept', 'name', 'id', 'mss' and 'interface' options.\n",
 			      file, linenum, args[0]);
 			err_code |= ERR_ALERT | ERR_FATAL;
 			goto out;
@@ -5773,6 +5788,9 @@ out_uri_auth_compat:
 			listener->handler = process_session;
 			listener->analysers |= curproxy->fe_req_ana;
 
+			if (listener->options & LI_O_ACC_PROXY)
+				listener->analysers |= AN_REQ_DECODE_PROXY;
+
 			if (!LIST_ISEMPTY(&curproxy->tcp_req.l4_rules))
 				listener->options |= LI_O_TCP_RULES;