MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's
Now that ACLs solely rely on sample fetch functions, make them use the
same arg mask. All inconsistencies have been fixed separately prior to
this patch, so this patch almost only adds a new pointer indirection
and removes all references to ARG*() in the definitions.
The parsing is still performed by the ACL code though.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 1106d1d..ade1fe8 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2967,40 +2967,40 @@
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, ARG2(0,STR,SINT) },
- { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, ARG2(0,STR,SINT) },
- { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_verify", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_c_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, ARG2(0,STR,SINT) },
- { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_f_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, ARG2(0,STR,SINT) },
- { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_f_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT, 0 },
+ { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_verify", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_f_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
#ifdef OPENSSL_NPN_NEGOTIATED
- { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
+ { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
#endif
- { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end, ACL_USE_L6REQ_PERMANENT, 0 },
- { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg, ACL_USE_L6REQ_PERMANENT, 0 },
+ { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg, ACL_USE_L6REQ_PERMANENT },
{ /* END */ },
}};