This makes the code cleaner, because proxy_authority can be handled like
proxy_unique_id.
---
include/haproxy/connection-t.h | 5 ++---
include/haproxy/connection.h | 6 +++---
src/connection.c | 28 +++++++++++++++++-----------
3 files changed, 22 insertions(+), 17 deletions(-)
diff --git a/include/haproxy/connection-t.h b/include/haproxy/connection-t.h
index 0bcceacff..0c4a6649c 100644
--- a/include/haproxy/connection-t.h
+++ b/include/haproxy/connection-t.h
@@ -533,9 +533,8 @@ struct connection {
void (*destroy_cb)(struct connection *conn); /* callback to notify of
imminent death of the connection */
struct sockaddr_storage *src; /* source address (pool), when known,
otherwise NULL */
struct sockaddr_storage *dst; /* destination address (pool), when
known, otherwise NULL */
- char *proxy_authority; /* Value of authority TLV received via
PROXYv2 */
- uint8_t proxy_authority_len; /* Length of authority TLV received via
PROXYv2 */
- struct ist proxy_unique_id; /* Value of the unique ID TLV received via
PROXYv2 */
+ struct ist proxy_authority; /* Value of the authority TLV received
via PROXYv2 */
+ struct ist proxy_unique_id; /* Value of the unique ID TLV received
via PROXYv2 */
struct quic_conn *qc; /* Only present if this connection is a
QUIC one */
/* used to identify a backend connection for http-reuse,
diff --git a/include/haproxy/connection.h b/include/haproxy/connection.h
index 33c1380cc..46a521e01 100644
--- a/include/haproxy/connection.h
+++ b/include/haproxy/connection.h
@@ -355,7 +355,7 @@ static inline void conn_init(struct connection *conn, void
*target)
conn->subs = NULL;
conn->src = NULL;
conn->dst = NULL;
- conn->proxy_authority = NULL;
+ conn->proxy_authority = IST_NULL;
conn->proxy_unique_id = IST_NULL;
conn->hash_node = NULL;
}
@@ -553,8 +553,8 @@ static inline void conn_free(struct connection *conn)
sockaddr_free(&conn->src);
sockaddr_free(&conn->dst);
- pool_free(pool_head_authority, conn->proxy_authority);
- conn->proxy_authority = NULL;
+ pool_free(pool_head_authority, istptr(conn->proxy_authority));
+ conn->proxy_authority = IST_NULL;
pool_free(pool_head_uniqueid, istptr(conn->proxy_unique_id));
conn->proxy_unique_id = IST_NULL;
diff --git a/src/connection.c b/src/connection.c
index 10bc6712f..716de51f8 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -487,13 +487,19 @@ int conn_recv_proxy(struct connection *conn, int flag)
}
#endif
case PP2_TYPE_AUTHORITY: {
- if (tlv_len > PP2_AUTHORITY_MAX)
+ const struct ist tlv = ist2((const char
*)tlv_packet->value, tlv_len);
+
+ if (istlen(tlv) > PP2_AUTHORITY_MAX)
goto bad_header;
- conn->proxy_authority =
pool_alloc(pool_head_authority);
- if (conn->proxy_authority == NULL)
+ conn->proxy_authority =
ist2(pool_alloc(pool_head_authority), 0);
+ if (!isttest(conn->proxy_authority))
goto fail;
- memcpy(conn->proxy_authority, (const char
*)tlv_packet->value, tlv_len);
- conn->proxy_authority_len = tlv_len;
+ if (istcpy(&conn->proxy_authority, tlv,
PP2_AUTHORITY_MAX) < 0) {
+ /* This is technically unreachable,
because we verified above
+ * that the TLV value fits.
+ */
+ goto fail;
+ }
break;
}
case PP2_TYPE_UNIQUE_ID: {
@@ -1188,9 +1194,9 @@ int make_proxy_line_v2(char *buf, int buf_len, struct
server *srv, struct connec
if (srv->pp_opts & SRV_PP_V2_AUTHORITY) {
value = NULL;
- if (remote && remote->proxy_authority) {
- value = remote->proxy_authority;
- value_len = remote->proxy_authority_len;
+ if (remote && isttest(remote->proxy_authority)) {
+ value = istptr(remote->proxy_authority);
+ value_len = istlen(remote->proxy_authority);
}
#ifdef USE_OPENSSL
else {
@@ -1354,13 +1360,13 @@ int smp_fetch_fc_pp_authority(const struct arg *args,
struct sample *smp, const
return 0;
}
- if (conn->proxy_authority == NULL)
+ if (!isttest(conn->proxy_authority))
return 0;
smp->flags = 0;
smp->data.type = SMP_T_STR;
- smp->data.u.str.area = conn->proxy_authority;
- smp->data.u.str.data = conn->proxy_authority_len;
+ smp->data.u.str.area = istptr(conn->proxy_authority);
+ smp->data.u.str.data = istlen(conn->proxy_authority);
return 1;
}
--
2.30.1
