[MINOR] acl: add build_acl_cond() to make it easier to add ACLs in config
This function automatically builds a rule, considering the if/unless
statements, and automatically updates the proxy's acl_requires, the
condition's file and line.
diff --git a/include/proto/acl.h b/include/proto/acl.h
index fffce48..b65a2b3 100644
--- a/include/proto/acl.h
+++ b/include/proto/acl.h
@@ -1,23 +1,23 @@
/*
- include/proto/acl.h
- This file provides interface definitions for ACL manipulation.
-
- Copyright (C) 2000-2008 Willy Tarreau - w@1wt.eu
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation, version 2.1
- exclusively.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/
+ * include/proto/acl.h
+ * This file provides interface definitions for ACL manipulation.
+ *
+ * Copyright (C) 2000-2010 Willy Tarreau - w@1wt.eu
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation, version 2.1
+ * exclusively.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
#ifndef _PROTO_ACL_H
#define _PROTO_ACL_H
@@ -80,6 +80,14 @@
*/
struct acl_cond *parse_acl_cond(const char **args, struct list *known_acl, int pol);
+/* Builds an ACL condition starting at the if/unless keyword. The complete
+ * condition is returned. NULL is returned in case of error or if the first
+ * word is neither "if" nor "unless". It automatically sets the file name and
+ * the line number in the condition for better error reporting, and adds the
+ * ACL requirements to the proxy's acl_requires.
+ */
+struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, const char **args);
+
/* Execute condition <cond> and return either ACL_PAT_FAIL, ACL_PAT_MISS or
* ACL_PAT_PASS depending on the test results. This function only computes the
* condition, it does not apply the polarity required by IF/UNLESS, it's up to
diff --git a/src/acl.c b/src/acl.c
index c4942b2..344a91d 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -980,6 +980,39 @@
return NULL;
}
+/* Builds an ACL condition starting at the if/unless keyword. The complete
+ * condition is returned. NULL is returned in case of error or if the first
+ * word is neither "if" nor "unless". It automatically sets the file name and
+ * the line number in the condition for better error reporting, and adds the
+ * ACL requirements to the proxy's acl_requires.
+ */
+struct acl_cond *build_acl_cond(const char *file, int line, struct proxy *px, const char **args)
+{
+ int pol = ACL_COND_NONE;
+ struct acl_cond *cond = NULL;
+
+ if (!strcmp(*args, "if")) {
+ pol = ACL_COND_IF;
+ args++;
+ }
+ else if (!strcmp(*args, "unless")) {
+ pol = ACL_COND_UNLESS;
+ args++;
+ }
+ else
+ return NULL;
+
+ cond = parse_acl_cond(args, &px->acl, pol);
+ if (!cond)
+ return NULL;
+
+ cond->file = file;
+ cond->line = line;
+ px->acl_requires |= cond->requires;
+
+ return cond;
+}
+
/* Execute condition <cond> and return either ACL_PAT_FAIL, ACL_PAT_MISS or
* ACL_PAT_PASS depending on the test results. ACL_PAT_MISS may only be
* returned if <dir> contains ACL_PARTIAL, indicating that incomplete data