MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag
This flag was used to force a boolean match even if there was no pattern
to match. It was used only by http_auth() and designed only for this one.
It's easier and cleaner to make the fetch function perform the test and
report the boolean result as a few other functions already do. It simplifies
the acl_exec_cond() logic and will help merging ACLs and patterns.
diff --git a/include/proto/auth.h b/include/proto/auth.h
index 8c060b5..c7b2abc 100644
--- a/include/proto/auth.h
+++ b/include/proto/auth.h
@@ -22,6 +22,7 @@
unsigned int auth_resolve_groups(struct userlist *l, char *groups);
void userlist_free(struct userlist *ul);
int acl_match_auth(struct acl_test *test, struct acl_pattern *pattern);
+int check_user(struct userlist *ul, unsigned int group_mask, const char *user, const char *pass);
#endif /* _PROTO_AUTH_H */
diff --git a/include/types/acl.h b/include/types/acl.h
index 748180c..4d79ee7 100644
--- a/include/types/acl.h
+++ b/include/types/acl.h
@@ -88,7 +88,6 @@
ACL_TEST_F_RES_PASS = 1 << 10,/* with SET_RESULT, sets result to PASS (defaults to FAIL) */
ACL_TEST_F_SET_RES_PASS = (ACL_TEST_F_RES_SET|ACL_TEST_F_RES_PASS), /* sets result to PASS */
ACL_TEST_F_SET_RES_FAIL = (ACL_TEST_F_RES_SET), /* sets result to FAIL */
- ACL_TEST_F_NULL_MATCH = 1 << 11,/* call expr->kw->match with NULL pattern if expr->patterns is empty */
};
/* ACLs can be evaluated on requests and on responses, and on partial or complete data */