MINOR: checks: Relax the default option for tcp-check connect rules
Now this option may be mixed with other options. This way, options on the server
line are used but may be overridden by tcp-check connect options.
diff --git a/doc/configuration.txt b/doc/configuration.txt
index e637358..c6b6cf4 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9820,7 +9820,7 @@
use the TCP connection.
default Use default options of the server line to do the health
- checks. This parameter is exclusive with all other options.
+ checks. The server options are used only if not redifined.
port <expr> if not set, check port or server port is used.
It tells HAProxy where to open the connection to.
diff --git a/include/types/checks.h b/include/types/checks.h
index 3c44d82..94ce5f2 100644
--- a/include/types/checks.h
+++ b/include/types/checks.h
@@ -217,7 +217,8 @@
#define TCPCHK_OPT_SSL 0x0002 /* SSL connection */
#define TCPCHK_OPT_LINGER 0x0004 /* Do not RST connection, let it linger */
#define TCPCHK_OPT_DEFAULT_CONNECT 0x0008 /* Do a connect using server params */
-#define TCPCHK_OPT_SOCKS4 0x0010 /* check the connection via socks4 proxy */
+#define TCPCHK_OPT_IMPLICIT 0x0010 /* Implicit connect */
+#define TCPCHK_OPT_SOCKS4 0x0020 /* check the connection via socks4 proxy */
struct tcpcheck_connect {
char *sni; /* server name to use for SSL connections */
diff --git a/src/checks.c b/src/checks.c
index 55307b5..c26f177 100644
--- a/src/checks.c
+++ b/src/checks.c
@@ -2757,7 +2757,7 @@
/* last step is the first implicit connect */
if (rule->index == 0 &&
rule->action == TCPCHK_ACT_CONNECT &&
- (rule->connect.options & TCPCHK_OPT_DEFAULT_CONNECT))
+ (rule->connect.options & TCPCHK_OPT_IMPLICIT))
return 0;
return rule->index + 1;
@@ -2863,9 +2863,9 @@
port = s->svc_port;
set_host_port(conn->dst, port);
- xprt = ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT)
- ? check->xprt
- : ((connect->options & TCPCHK_OPT_SSL) ? xprt_get(XPRT_SSL) : xprt_get(XPRT_RAW)));
+ xprt = ((connect->options & TCPCHK_OPT_SSL)
+ ? xprt_get(XPRT_SSL)
+ : ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) ? check->xprt : xprt_get(XPRT_RAW)));
conn_prepare(conn, proto, xprt);
if (conn_install_mux(conn, &mux_pt_ops, cs, proxy, check->sess) < 0) {
@@ -2885,49 +2885,42 @@
status = proto->connect(conn, flags);
}
- if (connect->options & TCPCHK_OPT_DEFAULT_CONNECT) {
#ifdef USE_OPENSSL
- if (status == SF_ERR_NONE) {
- if (s->check.sni)
- ssl_sock_set_servername(conn, s->check.sni);
- if (s->check.alpn_str)
- ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str,
- s->check.alpn_len);
- }
-#endif
- if (s->check.via_socks4 && (s->flags & SRV_F_SOCKS4_PROXY)) {
- conn->send_proxy_ofs = 1;
- conn->flags |= CO_FL_SOCKS4;
- }
- if (s->check.send_proxy && !(check->state & CHK_ST_AGENT)) {
- conn->send_proxy_ofs = 1;
- conn->flags |= CO_FL_SEND_PROXY;
- }
+ if (status == SF_ERR_NONE) {
+ if (connect->sni)
+ ssl_sock_set_servername(conn, connect->sni);
+ else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.sni)
+ ssl_sock_set_servername(conn, s->check.sni);
+
+ if (connect->alpn)
+ ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn, connect->alpn_len);
+ else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.alpn_str)
+ ssl_sock_set_alpn(conn, (unsigned char *)s->check.alpn_str, s->check.alpn_len);
}
- else {
-#ifdef USE_OPENSSL
- if (status == SF_ERR_NONE) {
- if (connect->sni)
- ssl_sock_set_servername(conn, connect->sni);
- if (connect->alpn)
- ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn,
- connect->alpn_len);
- }
#endif
- if ((connect->options & TCPCHK_OPT_SOCKS4) && (s->flags & SRV_F_SOCKS4_PROXY)) {
- conn->send_proxy_ofs = 1;
- conn->flags |= CO_FL_SOCKS4;
- }
- if (connect->options & TCPCHK_OPT_SEND_PROXY) {
- conn->send_proxy_ofs = 1;
- conn->flags |= CO_FL_SEND_PROXY;
- }
- if (conn_ctrl_ready(conn) && (connect->options & TCPCHK_OPT_LINGER)) {
- /* Some servers don't like reset on close */
- fdtab[cs->conn->handle.fd].linger_risk = 0;
- }
+ if ((connect->options & TCPCHK_OPT_SOCKS4) && (s->flags & SRV_F_SOCKS4_PROXY)) {
+ conn->send_proxy_ofs = 1;
+ conn->flags |= CO_FL_SOCKS4;
+ }
+ else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.via_socks4 && (s->flags & SRV_F_SOCKS4_PROXY)) {
+ conn->send_proxy_ofs = 1;
+ conn->flags |= CO_FL_SOCKS4;
+ }
+
+ if (connect->options & TCPCHK_OPT_SEND_PROXY) {
+ conn->send_proxy_ofs = 1;
+ conn->flags |= CO_FL_SEND_PROXY;
+ }
+ else if ((connect->options & TCPCHK_OPT_DEFAULT_CONNECT) && s->check.send_proxy && !(check->state & CHK_ST_AGENT)) {
+ conn->send_proxy_ofs = 1;
+ conn->flags |= CO_FL_SEND_PROXY;
}
+ if (conn_ctrl_ready(conn) && (connect->options & TCPCHK_OPT_LINGER)) {
+ /* Some servers don't like reset on close */
+ fdtab[cs->conn->handle.fd].linger_risk = 0;
+ }
+
if (conn_ctrl_ready(conn) && (conn->flags & (CO_FL_SEND_PROXY | CO_FL_SOCKS4))) {
if (xprt_add_hs(conn) < 0)
status = SF_ERR_RESOURCE;
@@ -3973,7 +3966,7 @@
goto out;
}
chk->action = TCPCHK_ACT_CONNECT;
- chk->connect.options = TCPCHK_OPT_DEFAULT_CONNECT;
+ chk->connect.options = (TCPCHK_OPT_DEFAULT_CONNECT|TCPCHK_OPT_IMPLICIT);
LIST_ADD(px->tcpcheck_rules.list, &chk->list);
}
@@ -4289,13 +4282,8 @@
cur_arg++;
while (*(args[cur_arg])) {
- if (strcmp(args[cur_arg], "default") == 0) {
- if (cur_arg != 2 || *(args[cur_arg+1])) {
- memprintf(errmsg, "'%s' is exclusive with all other options", args[cur_arg]);
- goto error;
- }
- conn_opts = TCPCHK_OPT_DEFAULT_CONNECT;
- }
+ if (strcmp(args[cur_arg], "default") == 0)
+ conn_opts |= TCPCHK_OPT_DEFAULT_CONNECT;
else if (strcmp(args[cur_arg], "addr") == 0) {
int port1, port2;
struct protocol *proto;