From: Willy Tarreau Date: Mon, 25 Mar 2013 07:21:05 +0000 (+0100) Subject: CLEANUP: acl: remove unused references to ACL_USE_* X-Git-Tag: v1.5-dev18~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d86e29d2a182d69e36f207ebaf395743ae3e9e9c;p=thirdparty%2Fhaproxy.git CLEANUP: acl: remove unused references to ACL_USE_* Now that acl->requires is not used anymore, we can remove all references to it as well as all ACL_USE_* flags. --- diff --git a/include/types/acl.h b/include/types/acl.h index 5e4f848245..0da8d6ce48 100644 --- a/include/types/acl.h +++ b/include/types/acl.h @@ -79,74 +79,6 @@ enum { ACL_PAT_F_TREE = 1 << 3, /* some patterns are arranged in a tree */ }; -/* what capabilities an ACL uses. These flags are set during parsing, which - * allows for flexible ACLs typed by their contents. - */ -enum { - ACL_USE_NOTHING = 0, /* no need for anything beyond internal information */ - ACL_USE_TCP4_PERMANENT = 1 << 0, /* unchanged TCPv4 data (eg: source IP) */ - ACL_USE_TCP4_CACHEABLE = 1 << 1, /* cacheable TCPv4 data (eg: src conns) */ - ACL_USE_TCP4_VOLATILE = 1 << 2, /* volatile TCPv4 data (eg: RTT) */ - ACL_USE_TCP4_ANY = (ACL_USE_TCP4_PERMANENT | ACL_USE_TCP4_CACHEABLE | ACL_USE_TCP4_VOLATILE), - - ACL_USE_TCP6_PERMANENT = 1 << 3, /* unchanged TCPv6 data (eg: source IP) */ - ACL_USE_TCP6_CACHEABLE = 1 << 4, /* cacheable TCPv6 data (eg: src conns) */ - ACL_USE_TCP6_VOLATILE = 1 << 5, /* volatile TCPv6 data (eg: RTT) */ - ACL_USE_TCP6_ANY = (ACL_USE_TCP6_PERMANENT | ACL_USE_TCP6_CACHEABLE | ACL_USE_TCP6_VOLATILE), - - ACL_USE_TCP_PERMANENT = 1 << 6, /* unchanged TCPv4/v6 data (eg: source IP) */ - ACL_USE_TCP_CACHEABLE = 1 << 7, /* cacheable TCPv4/v6 data (eg: src conns) */ - ACL_USE_TCP_VOLATILE = 1 << 8, /* volatile TCPv4/v6 data (eg: RTT) */ - ACL_USE_TCP_ANY = (ACL_USE_TCP_PERMANENT | ACL_USE_TCP_CACHEABLE | ACL_USE_TCP_VOLATILE), - - ACL_USE_L6REQ_PERMANENT = 1 << 9, /* unchanged layer6 request data */ - ACL_USE_L6REQ_CACHEABLE = 1 << 10, /* cacheable layer6 request data (eg: length) */ - ACL_USE_L6REQ_VOLATILE = 1 << 11, /* volatile layer6 request data (eg: contents) */ - ACL_USE_L6REQ_ANY = (ACL_USE_L6REQ_PERMANENT | ACL_USE_L6REQ_CACHEABLE | ACL_USE_L6REQ_VOLATILE), - - ACL_USE_L6RTR_PERMANENT = 1 << 12, /* unchanged layer6 response data */ - ACL_USE_L6RTR_CACHEABLE = 1 << 13, /* cacheable layer6 response data (eg: length) */ - ACL_USE_L6RTR_VOLATILE = 1 << 14, /* volatile layer6 response data (eg: contents) */ - ACL_USE_L6RTR_ANY = (ACL_USE_L6RTR_PERMANENT | ACL_USE_L6RTR_CACHEABLE | ACL_USE_L6RTR_VOLATILE), - - ACL_USE_L7REQ_PERMANENT = 1 << 15, /* unchanged layer7 request data (eg: method) */ - ACL_USE_L7REQ_CACHEABLE = 1 << 16, /* cacheable layer7 request data (eg: content-length) */ - ACL_USE_L7REQ_VOLATILE = 1 << 17, /* volatile layer7 request data (eg: cookie) */ - ACL_USE_L7REQ_ANY = (ACL_USE_L7REQ_PERMANENT | ACL_USE_L7REQ_CACHEABLE | ACL_USE_L7REQ_VOLATILE), - - ACL_USE_L7RTR_PERMANENT = 1 << 18, /* unchanged layer7 response data (eg: status) */ - ACL_USE_L7RTR_CACHEABLE = 1 << 19, /* cacheable layer7 response data (eg: content-length) */ - ACL_USE_L7RTR_VOLATILE = 1 << 20, /* volatile layer7 response data (eg: cookie) */ - ACL_USE_L7RTR_ANY = (ACL_USE_L7RTR_PERMANENT | ACL_USE_L7RTR_CACHEABLE | ACL_USE_L7RTR_VOLATILE), - - /* those ones are used for ambiguous "hdr_xxx" verbs */ - ACL_USE_HDR_CACHEABLE = 1 << 21, /* cacheable request or response header (eg: content-length) */ - ACL_USE_HDR_VOLATILE = 1 << 22, /* volatile request or response header (eg: cookie) */ - ACL_USE_HDR_ANY = (ACL_USE_HDR_CACHEABLE | ACL_USE_HDR_VOLATILE), - - /* This one indicates that we need an internal parameter known in the response only */ - ACL_USE_RTR_INTERNAL = 1 << 23, /* volatile response information */ - - /* information which remains during response */ - ACL_USE_REQ_PERMANENT = (ACL_USE_TCP4_PERMANENT | ACL_USE_TCP6_PERMANENT | ACL_USE_TCP_PERMANENT | - ACL_USE_L6REQ_PERMANENT | ACL_USE_L7REQ_PERMANENT), - ACL_USE_REQ_CACHEABLE = (ACL_USE_TCP4_CACHEABLE | ACL_USE_TCP6_CACHEABLE | ACL_USE_TCP_CACHEABLE | - ACL_USE_L6REQ_CACHEABLE | ACL_USE_L7REQ_CACHEABLE | ACL_USE_HDR_CACHEABLE), - - /* information which does not remain during response */ - ACL_USE_REQ_VOLATILE = (ACL_USE_TCP4_VOLATILE | ACL_USE_TCP6_VOLATILE | ACL_USE_TCP_VOLATILE | - ACL_USE_L6REQ_VOLATILE | ACL_USE_L7REQ_VOLATILE), - - /* any type of layer 6 contents information (random data available in a buffer) */ - ACL_USE_L6_ANY = (ACL_USE_L6REQ_ANY | ACL_USE_L6RTR_ANY), - - /* any type of layer 7 information */ - ACL_USE_L7_ANY = (ACL_USE_L7REQ_ANY | ACL_USE_L7RTR_ANY | ACL_USE_HDR_ANY), - - /* any type of response information */ - ACL_USE_RTR_ANY = (ACL_USE_L6RTR_ANY | ACL_USE_L7RTR_ANY | ACL_USE_RTR_INTERNAL), -}; - /* How to store a time range and the valid days in 29 bits */ struct acl_time { int dow:7; /* 1 bit per day of week: 0-6 */ @@ -215,7 +147,6 @@ struct acl_keyword { char *fetch_kw; int (*parse)(const char **text, struct acl_pattern *pattern, int *opaque, char **err); int (*match)(struct sample *smp, struct acl_pattern *pattern); - unsigned int requires; /* bit mask of all ACL_USE_* required to evaluate this keyword */ /* must be after the config params */ struct sample_fetch *smp; /* the sample fetch we depend on */ int use_cnt; diff --git a/src/acl.c b/src/acl.c index 686eadfbb4..a4215fc2bd 100644 --- a/src/acl.c +++ b/src/acl.c @@ -2003,8 +2003,8 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "always_false", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING }, - { "always_true", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING }, + { "always_false", NULL, acl_parse_nothing, acl_match_nothing }, + { "always_true", NULL, acl_parse_nothing, acl_match_nothing }, { /* END */ }, }}; diff --git a/src/backend.c b/src/backend.c index c4035e556e..9f4e635734 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1599,17 +1599,17 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "avg_queue", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "be_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "be_id", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "be_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "connslots", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "nbsrv", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "queue", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "srv_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "srv_id", NULL, acl_parse_int, acl_match_int, ACL_USE_RTR_INTERNAL }, - { "srv_is_up", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING }, - { "srv_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, + { "avg_queue", NULL, acl_parse_int, acl_match_int }, + { "be_conn", NULL, acl_parse_int, acl_match_int }, + { "be_id", NULL, acl_parse_int, acl_match_int }, + { "be_sess_rate", NULL, acl_parse_int, acl_match_int }, + { "connslots", NULL, acl_parse_int, acl_match_int }, + { "nbsrv", NULL, acl_parse_int, acl_match_int }, + { "queue", NULL, acl_parse_int, acl_match_int }, + { "srv_conn", NULL, acl_parse_int, acl_match_int }, + { "srv_id", NULL, acl_parse_int, acl_match_int }, + { "srv_is_up", NULL, acl_parse_nothing, acl_match_nothing }, + { "srv_sess_rate", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/frontend.c b/src/frontend.c index b0bab37e70..cb5d52b293 100644 --- a/src/frontend.c +++ b/src/frontend.c @@ -268,9 +268,9 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "fe_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "fe_id", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "fe_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, + { "fe_conn", NULL, acl_parse_int, acl_match_int }, + { "fe_id", NULL, acl_parse_int, acl_match_int }, + { "fe_sess_rate", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/listener.c b/src/listener.c index 862e1e4732..32b5bad557 100644 --- a/src/listener.c +++ b/src/listener.c @@ -653,8 +653,8 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "dst_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "so_id", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, + { "dst_conn", NULL, acl_parse_int, acl_match_int }, + { "so_id", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/payload.c b/src/payload.c index 2ac996f6d2..6031f79f30 100644 --- a/src/payload.c +++ b/src/payload.c @@ -681,16 +681,16 @@ static struct sample_fetch_kw_list smp_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "payload", "req.payload", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE }, - { "payload_lv", "req.payload_lv", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE }, - { "rep_ssl_hello_type", "res.ssl_hello_type", acl_parse_int, acl_match_int, ACL_USE_L6RTR_VOLATILE }, - { "req_len", "req.len", acl_parse_int, acl_match_int, ACL_USE_L6REQ_VOLATILE }, - { "req_rdp_cookie", "req.rdp_cookie", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE }, - { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", acl_parse_int, acl_match_int, ACL_USE_L6REQ_VOLATILE }, - { "req_ssl_hello_type", "req.ssl_hello_type", acl_parse_int, acl_match_int, ACL_USE_L6REQ_VOLATILE }, - { "req_ssl_sni", "req.ssl_sni", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE }, - { "req_ssl_ver", "req.ssl_ver", acl_parse_dotted_ver, acl_match_int, ACL_USE_L6REQ_VOLATILE }, - { "wait_end", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING }, + { "payload", "req.payload", acl_parse_str, acl_match_str }, + { "payload_lv", "req.payload_lv", acl_parse_str, acl_match_str }, + { "rep_ssl_hello_type", "res.ssl_hello_type", acl_parse_int, acl_match_int }, + { "req_len", "req.len", acl_parse_int, acl_match_int }, + { "req_rdp_cookie", "req.rdp_cookie", acl_parse_str, acl_match_str }, + { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", acl_parse_int, acl_match_int }, + { "req_ssl_hello_type", "req.ssl_hello_type", acl_parse_int, acl_match_int }, + { "req_ssl_sni", "req.ssl_sni", acl_parse_str, acl_match_str }, + { "req_ssl_ver", "req.ssl_ver", acl_parse_dotted_ver, acl_match_int }, + { "wait_end", NULL, acl_parse_nothing, acl_match_nothing }, { /* END */ }, }}; diff --git a/src/proto_http.c b/src/proto_http.c index 2dd3d735ac..c38a58a2b3 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -9522,104 +9522,104 @@ static int val_usr(struct arg *arg, char **err_msg) * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "base", "base", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "base_beg", "base", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE }, - { "base_dir", "base", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE }, - { "base_dom", "base", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE }, - { "base_end", "base", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE }, - { "base_len", "base", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE }, - { "base_reg", "base", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE }, - { "base_sub", "base", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE }, - - { "cook", "req.cook", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "cook_beg", "req.cook", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE }, - { "cook_cnt", "req.cook_cnt", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE }, - { "cook_dir", "req.cook", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE }, - { "cook_dom", "req.cook", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE }, - { "cook_end", "req.cook", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE }, - { "cook_len", "req.cook", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE }, - { "cook_reg", "req.cook", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE }, - { "cook_sub", "req.cook", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE }, - { "cook_val", "req.cook_val", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE }, - - { "hdr", "req.hdr", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "hdr_beg", "req.hdr", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE }, - { "hdr_cnt", "req.hdr_cnt", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE }, - { "hdr_dir", "req.hdr", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE }, - { "hdr_dom", "req.hdr", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE }, - { "hdr_end", "req.hdr", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE }, - { "hdr_ip", "req.hdr_ip", acl_parse_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE }, - { "hdr_len", "req.hdr", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE }, - { "hdr_reg", "req.hdr", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE }, - { "hdr_sub", "req.hdr", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE }, - { "hdr_val", "req.hdr_val", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE }, - - { "http_auth", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L7REQ_VOLATILE }, - { "http_auth_group", NULL, acl_parse_strcat, acl_match_auth, ACL_USE_L7REQ_VOLATILE }, - - { "http_first_req", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L7REQ_PERMANENT }, - - { "method", NULL, acl_parse_meth, acl_match_meth, ACL_USE_L7REQ_PERMANENT }, - - { "path", "path", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "path_beg", "path", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE }, - { "path_dir", "path", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE }, - { "path_dom", "path", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE }, - { "path_end", "path", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE }, - { "path_len", "path", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE }, - { "path_reg", "path", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE }, - { "path_sub", "path", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE }, - - { "req_proto_http", "req.proto_http",acl_parse_nothing, acl_match_nothing, ACL_USE_L7REQ_PERMANENT }, - { "req_ver", "req.ver", acl_parse_ver, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "resp_ver", "res.ver", acl_parse_ver, acl_match_str, ACL_USE_L7RTR_VOLATILE }, - - { "scook", "res.cook", acl_parse_str, acl_match_str, ACL_USE_L7RTR_VOLATILE }, - { "scook_beg", "res.cook", acl_parse_str, acl_match_beg, ACL_USE_L7RTR_VOLATILE }, - { "scook_cnt", "res.cook_cnt", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE }, - { "scook_dir", "res.cook", acl_parse_str, acl_match_dir, ACL_USE_L7RTR_VOLATILE }, - { "scook_dom", "res.cook", acl_parse_str, acl_match_dom, ACL_USE_L7RTR_VOLATILE }, - { "scook_end", "res.cook", acl_parse_str, acl_match_end, ACL_USE_L7RTR_VOLATILE }, - { "scook_len", "res.cook", acl_parse_int, acl_match_len, ACL_USE_L7RTR_VOLATILE }, - { "scook_reg", "res.cook", acl_parse_reg, acl_match_reg, ACL_USE_L7RTR_VOLATILE }, - { "scook_sub", "res.cook", acl_parse_str, acl_match_sub, ACL_USE_L7RTR_VOLATILE }, - { "scook_val", "res.cook_val", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE }, - - { "shdr", "res.hdr", acl_parse_str, acl_match_str, ACL_USE_L7RTR_VOLATILE }, - { "shdr_beg", "res.hdr", acl_parse_str, acl_match_beg, ACL_USE_L7RTR_VOLATILE }, - { "shdr_cnt", "res.hdr_cnt", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE }, - { "shdr_dir", "res.hdr", acl_parse_str, acl_match_dir, ACL_USE_L7RTR_VOLATILE }, - { "shdr_dom", "res.hdr", acl_parse_str, acl_match_dom, ACL_USE_L7RTR_VOLATILE }, - { "shdr_end", "res.hdr", acl_parse_str, acl_match_end, ACL_USE_L7RTR_VOLATILE }, - { "shdr_ip", "res.hdr_ip", acl_parse_ip, acl_match_ip, ACL_USE_L7RTR_VOLATILE }, - { "shdr_len", "res.hdr", acl_parse_int, acl_match_len, ACL_USE_L7RTR_VOLATILE }, - { "shdr_reg", "res.hdr", acl_parse_reg, acl_match_reg, ACL_USE_L7RTR_VOLATILE }, - { "shdr_sub", "res.hdr", acl_parse_str, acl_match_sub, ACL_USE_L7RTR_VOLATILE }, - { "shdr_val", "res.hdr_val", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE }, - - { "status", NULL, acl_parse_int, acl_match_int, ACL_USE_L7RTR_PERMANENT }, - - { "url", "url", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "url_beg", "url", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE }, - { "url_dir", "url", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE }, - { "url_dom", "url", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE }, - { "url_end", "url", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE }, - { "url_ip", "url_ip", acl_parse_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE }, - { "url_len", "url", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE }, - { "url_port", "url_port", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE }, - { "url_reg", "url", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE }, - { "url_sub", "url", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE }, - - { "urlp", "urlp", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE }, - { "urlp_beg", "urlp", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE }, - { "urlp_dir", "urlp", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE }, - { "urlp_dom", "urlp", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE }, - { "urlp_end", "urlp", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE }, - { "urlp_ip", "urlp", acl_parse_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE }, - { "urlp_len", "urlp", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE }, - { "urlp_reg", "urlp", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE }, - { "urlp_sub", "urlp", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE }, - { "urlp_val", "urlp_val", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE }, + { "base", "base", acl_parse_str, acl_match_str }, + { "base_beg", "base", acl_parse_str, acl_match_beg }, + { "base_dir", "base", acl_parse_str, acl_match_dir }, + { "base_dom", "base", acl_parse_str, acl_match_dom }, + { "base_end", "base", acl_parse_str, acl_match_end }, + { "base_len", "base", acl_parse_int, acl_match_len }, + { "base_reg", "base", acl_parse_reg, acl_match_reg }, + { "base_sub", "base", acl_parse_str, acl_match_sub }, + + { "cook", "req.cook", acl_parse_str, acl_match_str }, + { "cook_beg", "req.cook", acl_parse_str, acl_match_beg }, + { "cook_cnt", "req.cook_cnt", acl_parse_int, acl_match_int }, + { "cook_dir", "req.cook", acl_parse_str, acl_match_dir }, + { "cook_dom", "req.cook", acl_parse_str, acl_match_dom }, + { "cook_end", "req.cook", acl_parse_str, acl_match_end }, + { "cook_len", "req.cook", acl_parse_int, acl_match_len }, + { "cook_reg", "req.cook", acl_parse_reg, acl_match_reg }, + { "cook_sub", "req.cook", acl_parse_str, acl_match_sub }, + { "cook_val", "req.cook_val", acl_parse_int, acl_match_int }, + + { "hdr", "req.hdr", acl_parse_str, acl_match_str }, + { "hdr_beg", "req.hdr", acl_parse_str, acl_match_beg }, + { "hdr_cnt", "req.hdr_cnt", acl_parse_int, acl_match_int }, + { "hdr_dir", "req.hdr", acl_parse_str, acl_match_dir }, + { "hdr_dom", "req.hdr", acl_parse_str, acl_match_dom }, + { "hdr_end", "req.hdr", acl_parse_str, acl_match_end }, + { "hdr_ip", "req.hdr_ip", acl_parse_ip, acl_match_ip }, + { "hdr_len", "req.hdr", acl_parse_int, acl_match_len }, + { "hdr_reg", "req.hdr", acl_parse_reg, acl_match_reg }, + { "hdr_sub", "req.hdr", acl_parse_str, acl_match_sub }, + { "hdr_val", "req.hdr_val", acl_parse_int, acl_match_int }, + + { "http_auth", NULL, acl_parse_nothing, acl_match_nothing }, + { "http_auth_group", NULL, acl_parse_strcat, acl_match_auth }, + + { "http_first_req", NULL, acl_parse_nothing, acl_match_nothing }, + + { "method", NULL, acl_parse_meth, acl_match_meth }, + + { "path", "path", acl_parse_str, acl_match_str }, + { "path_beg", "path", acl_parse_str, acl_match_beg }, + { "path_dir", "path", acl_parse_str, acl_match_dir }, + { "path_dom", "path", acl_parse_str, acl_match_dom }, + { "path_end", "path", acl_parse_str, acl_match_end }, + { "path_len", "path", acl_parse_int, acl_match_len }, + { "path_reg", "path", acl_parse_reg, acl_match_reg }, + { "path_sub", "path", acl_parse_str, acl_match_sub }, + + { "req_proto_http", "req.proto_http",acl_parse_nothing, acl_match_nothing }, + { "req_ver", "req.ver", acl_parse_ver, acl_match_str }, + { "resp_ver", "res.ver", acl_parse_ver, acl_match_str }, + + { "scook", "res.cook", acl_parse_str, acl_match_str }, + { "scook_beg", "res.cook", acl_parse_str, acl_match_beg }, + { "scook_cnt", "res.cook_cnt", acl_parse_int, acl_match_int }, + { "scook_dir", "res.cook", acl_parse_str, acl_match_dir }, + { "scook_dom", "res.cook", acl_parse_str, acl_match_dom }, + { "scook_end", "res.cook", acl_parse_str, acl_match_end }, + { "scook_len", "res.cook", acl_parse_int, acl_match_len }, + { "scook_reg", "res.cook", acl_parse_reg, acl_match_reg }, + { "scook_sub", "res.cook", acl_parse_str, acl_match_sub }, + { "scook_val", "res.cook_val", acl_parse_int, acl_match_int }, + + { "shdr", "res.hdr", acl_parse_str, acl_match_str }, + { "shdr_beg", "res.hdr", acl_parse_str, acl_match_beg }, + { "shdr_cnt", "res.hdr_cnt", acl_parse_int, acl_match_int }, + { "shdr_dir", "res.hdr", acl_parse_str, acl_match_dir }, + { "shdr_dom", "res.hdr", acl_parse_str, acl_match_dom }, + { "shdr_end", "res.hdr", acl_parse_str, acl_match_end }, + { "shdr_ip", "res.hdr_ip", acl_parse_ip, acl_match_ip }, + { "shdr_len", "res.hdr", acl_parse_int, acl_match_len }, + { "shdr_reg", "res.hdr", acl_parse_reg, acl_match_reg }, + { "shdr_sub", "res.hdr", acl_parse_str, acl_match_sub }, + { "shdr_val", "res.hdr_val", acl_parse_int, acl_match_int }, + + { "status", NULL, acl_parse_int, acl_match_int }, + + { "url", "url", acl_parse_str, acl_match_str }, + { "url_beg", "url", acl_parse_str, acl_match_beg }, + { "url_dir", "url", acl_parse_str, acl_match_dir }, + { "url_dom", "url", acl_parse_str, acl_match_dom }, + { "url_end", "url", acl_parse_str, acl_match_end }, + { "url_ip", "url_ip", acl_parse_ip, acl_match_ip }, + { "url_len", "url", acl_parse_int, acl_match_len }, + { "url_port", "url_port", acl_parse_int, acl_match_int }, + { "url_reg", "url", acl_parse_reg, acl_match_reg }, + { "url_sub", "url", acl_parse_str, acl_match_sub }, + + { "urlp", "urlp", acl_parse_str, acl_match_str }, + { "urlp_beg", "urlp", acl_parse_str, acl_match_beg }, + { "urlp_dir", "urlp", acl_parse_str, acl_match_dir }, + { "urlp_dom", "urlp", acl_parse_str, acl_match_dom }, + { "urlp_end", "urlp", acl_parse_str, acl_match_end }, + { "urlp_ip", "urlp", acl_parse_ip, acl_match_ip }, + { "urlp_len", "urlp", acl_parse_int, acl_match_len }, + { "urlp_reg", "urlp", acl_parse_reg, acl_match_reg }, + { "urlp_sub", "urlp", acl_parse_str, acl_match_sub }, + { "urlp_val", "urlp_val", acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/proto_tcp.c b/src/proto_tcp.c index dfae8e3b8f..e8d7d60c9b 100644 --- a/src/proto_tcp.c +++ b/src/proto_tcp.c @@ -1649,10 +1649,10 @@ static struct cfg_kw_list cfg_kws = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "dst", NULL, acl_parse_ip, acl_match_ip, ACL_USE_TCP4_PERMANENT }, - { "dst_port", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP_PERMANENT }, - { "src", NULL, acl_parse_ip, acl_match_ip, ACL_USE_TCP4_PERMANENT }, - { "src_port", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP_PERMANENT }, + { "dst", NULL, acl_parse_ip, acl_match_ip }, + { "dst_port", NULL, acl_parse_int, acl_match_int }, + { "src", NULL, acl_parse_ip, acl_match_ip }, + { "src_port", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/session.c b/src/session.c index 0a2d0b2655..8556284366 100644 --- a/src/session.c +++ b/src/session.c @@ -3613,59 +3613,59 @@ smp_fetch_table_avl(struct proxy *px, struct session *l4, void *l7, unsigned int * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "sc1_bytes_in_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_bytes_out_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_clr_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_conn_cur", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_conn_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_get_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_http_err_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_http_err_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_http_req_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_http_req_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_inc_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_kbytes_in", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "sc1_kbytes_out", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "sc1_sess_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc1_trackers", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_bytes_in_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_bytes_out_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_clr_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_conn_cur", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_conn_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_get_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_http_err_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_http_err_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_http_req_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_http_req_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_inc_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_kbytes_in", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "sc2_kbytes_out", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "sc2_sess_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "sc2_trackers", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "src_bytes_in_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_bytes_out_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_clr_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_conn_cur", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_conn_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_get_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_http_err_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_http_err_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_http_req_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_http_req_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_inc_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_kbytes_in", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_kbytes_out", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_sess_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "src_updt_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE }, - { "table_avl", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, - { "table_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING }, + { "sc1_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, + { "sc1_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, + { "sc1_clr_gpc0", NULL, acl_parse_int, acl_match_int }, + { "sc1_conn_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc1_conn_cur", NULL, acl_parse_int, acl_match_int }, + { "sc1_conn_rate", NULL, acl_parse_int, acl_match_int }, + { "sc1_get_gpc0", NULL, acl_parse_int, acl_match_int }, + { "sc1_http_err_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc1_http_err_rate", NULL, acl_parse_int, acl_match_int }, + { "sc1_http_req_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc1_http_req_rate", NULL, acl_parse_int, acl_match_int }, + { "sc1_inc_gpc0", NULL, acl_parse_int, acl_match_int }, + { "sc1_kbytes_in", NULL, acl_parse_int, acl_match_int }, + { "sc1_kbytes_out", NULL, acl_parse_int, acl_match_int }, + { "sc1_sess_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc1_sess_rate", NULL, acl_parse_int, acl_match_int }, + { "sc1_trackers", NULL, acl_parse_int, acl_match_int }, + { "sc2_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, + { "sc2_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, + { "sc2_clr_gpc0", NULL, acl_parse_int, acl_match_int }, + { "sc2_conn_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc2_conn_cur", NULL, acl_parse_int, acl_match_int }, + { "sc2_conn_rate", NULL, acl_parse_int, acl_match_int }, + { "sc2_get_gpc0", NULL, acl_parse_int, acl_match_int }, + { "sc2_http_err_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc2_http_err_rate", NULL, acl_parse_int, acl_match_int }, + { "sc2_http_req_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc2_http_req_rate", NULL, acl_parse_int, acl_match_int }, + { "sc2_inc_gpc0", NULL, acl_parse_int, acl_match_int }, + { "sc2_kbytes_in", NULL, acl_parse_int, acl_match_int }, + { "sc2_kbytes_out", NULL, acl_parse_int, acl_match_int }, + { "sc2_sess_cnt", NULL, acl_parse_int, acl_match_int }, + { "sc2_sess_rate", NULL, acl_parse_int, acl_match_int }, + { "sc2_trackers", NULL, acl_parse_int, acl_match_int }, + { "src_bytes_in_rate", NULL, acl_parse_int, acl_match_int }, + { "src_bytes_out_rate", NULL, acl_parse_int, acl_match_int }, + { "src_clr_gpc0", NULL, acl_parse_int, acl_match_int }, + { "src_conn_cnt", NULL, acl_parse_int, acl_match_int }, + { "src_conn_cur", NULL, acl_parse_int, acl_match_int }, + { "src_conn_rate", NULL, acl_parse_int, acl_match_int }, + { "src_get_gpc0", NULL, acl_parse_int, acl_match_int }, + { "src_http_err_cnt", NULL, acl_parse_int, acl_match_int }, + { "src_http_err_rate", NULL, acl_parse_int, acl_match_int }, + { "src_http_req_cnt", NULL, acl_parse_int, acl_match_int }, + { "src_http_req_rate", NULL, acl_parse_int, acl_match_int }, + { "src_inc_gpc0", NULL, acl_parse_int, acl_match_int }, + { "src_kbytes_in", NULL, acl_parse_int, acl_match_int }, + { "src_kbytes_out", NULL, acl_parse_int, acl_match_int }, + { "src_sess_cnt", NULL, acl_parse_int, acl_match_int }, + { "src_sess_rate", NULL, acl_parse_int, acl_match_int }, + { "src_updt_conn_cnt", NULL, acl_parse_int, acl_match_int }, + { "table_avl", NULL, acl_parse_int, acl_match_int }, + { "table_cnt", NULL, acl_parse_int, acl_match_int }, { /* END */ }, }}; diff --git a/src/ssl_sock.c b/src/ssl_sock.c index ade1fe8b41..0f6526d789 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -2967,40 +2967,40 @@ static struct sample_fetch_kw_list sample_fetch_keywords = {{ },{ * Please take care of keeping this list alphabetically sorted. */ static struct acl_kw_list acl_kws = {{ },{ - { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_verify", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_c_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT }, - { "ssl_f_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT }, + { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int }, + { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int }, + { "ssl_c_err", NULL, acl_parse_int, acl_match_int }, + { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str }, + { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str }, + { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str }, + { "ssl_c_notbefore", NULL, acl_parse_str, acl_match_str }, + { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str }, + { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str }, + { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin }, + { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing }, + { "ssl_c_verify", NULL, acl_parse_int, acl_match_int }, + { "ssl_c_version", NULL, acl_parse_int, acl_match_int }, + { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str }, + { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str }, + { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str }, + { "ssl_f_notbefore", NULL, acl_parse_str, acl_match_str }, + { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str }, + { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str }, + { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin }, + { "ssl_f_version", NULL, acl_parse_int, acl_match_int }, + { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing }, + { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int }, + { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str }, + { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing }, + { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing }, #ifdef OPENSSL_NPN_NEGOTIATED - { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, + { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str }, #endif - { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end, ACL_USE_L6REQ_PERMANENT }, - { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg, ACL_USE_L6REQ_PERMANENT }, + { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str }, + { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int }, + { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str }, + { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end }, + { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg }, { /* END */ }, }};