[MEDIUM] fix configuration sanity checks for TCP listeners
A log chain of if/else prevented many sanity checks from being
performed on TCP listeners, resulting in dangerous configs being
accepted. Removed the offending 'else'.
diff --git a/src/cfgparse.c b/src/cfgparse.c
index b3af23f..c1eec25 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -2410,7 +2410,8 @@
file, proxy_type_str(curproxy), curproxy->id);
cfgerr++;
}
- else if ((curproxy->mode != PR_MODE_HEALTH) && (curproxy->options & PR_O_BALANCE)) {
+
+ if ((curproxy->mode != PR_MODE_HEALTH) && (curproxy->options & PR_O_BALANCE)) {
if (curproxy->options & PR_O_TRANSP) {
Alert("parsing %s : %s '%s' cannot use both transparent and balance mode.\n",
file, proxy_type_str(curproxy), curproxy->id);
@@ -2428,15 +2429,12 @@
file, proxy_type_str(curproxy), curproxy->id);
}
}
- else if (curproxy->mode == PR_MODE_TCP || curproxy->mode == PR_MODE_HEALTH) { /* TCP PROXY or HEALTH CHECK */
+
+ if (curproxy->mode == PR_MODE_TCP || curproxy->mode == PR_MODE_HEALTH) { /* TCP PROXY or HEALTH CHECK */
if (curproxy->cookie_name != NULL) {
Warning("parsing %s : cookie will be ignored for %s '%s'.\n",
file, proxy_type_str(curproxy), curproxy->id);
}
- if ((newsrv = curproxy->srv) != NULL) {
- Warning("parsing %s : servers will be ignored for %s '%s'.\n",
- file, proxy_type_str(curproxy), curproxy->id);
- }
if (curproxy->rsp_exp != NULL) {
Warning("parsing %s : server regular expressions will be ignored for %s '%s'.\n",
file, proxy_type_str(curproxy), curproxy->id);
@@ -2457,7 +2455,15 @@
file, proxy_type_str(curproxy), curproxy->id);
}
}
- else if (curproxy->mode == PR_MODE_HTTP) { /* HTTP PROXY */
+
+ if (curproxy->mode == PR_MODE_HEALTH) { /* TCP PROXY or HEALTH CHECK */
+ if ((newsrv = curproxy->srv) != NULL) {
+ Warning("parsing %s : servers will be ignored for %s '%s'.\n",
+ file, proxy_type_str(curproxy), curproxy->id);
+ }
+ }
+
+ if (curproxy->mode == PR_MODE_HTTP) { /* HTTP PROXY */
if ((curproxy->cookie_name != NULL) && ((newsrv = curproxy->srv) == NULL)) {
Alert("parsing %s : HTTP proxy %s has a cookie but no server list !\n",
file, curproxy->id);