RE: [PATCH 4/4] MEDIUM: tcp-act: Add new set-tlv TCP action for PPv2 TLVs

2023-10-05 Thread Stephan, Alexander 

From da4dc50153fe6cc7e562b63439dd8be4846e0dcf Mon Sep 17 00:00:00 2001
From: Alexander Stephan 
mailto:alexander.step...@sap.com>>
Date: Fri, 15 Sep 2023 12:25:03 +0200
Subject: [PATCH 4/4] MEDIUM: tcp-act: Add new set-tlv TCP action for PPv2 TLVs

This commit adds an action called set-tlv()  that allows to directly
update the TLV data structure within a connection for all type of connection
events. It can be used to modify TLVs before they are forwarded (if specified
in proxy-v2-options) while keeping the previously allocated memory, if the new
and the old value map to the same pool. This function can also be used to
enhance readability if setting many TLVs at once, as an alternative to 
specifying
type and value directly in the server.
---
 doc/configuration.txt |  25 +++-
 .../proxy_protocol_send_generic.vtc   |  31 +
 src/tcp_act.c | 120 --
 3 files changed, 161 insertions(+), 15 deletions(-)

diff --git a/doc/configuration.txt b/doc/configuration.txt
index aeff9e4db..a0317f005 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -7011,6 +7011,7 @@ http-request  [options...] [ { if | unless } 
 ]
 - set-src 
 - set-src-port 
 - set-timeout { server | tunnel } {  |  }
+- set-tlv() 
 - set-tos 
 - set-uri 
 - set-var([,...]) 
@@ -7943,6 +7944,22 @@ http-request set-timeout { server | tunnel } {  
|  }
 http-request set-timeout tunnel 5s
 http-request set-timeout server req.hdr(host),map_int(host.lst)

+http-request set-tlv()  [ { if | unless }  ]
+
+  This is used to alter a PROXY protocol v2 TLV that has been sent by the 
client.
+  It can be used to efficiently alter already allocated TLVs in-place. If no 
TLV with
+  the specified TLV ID has been received yet, a new TLV with  and the 
current
+  value of  is added.
+
+  The parameter  represents the 8 bit TLV type field in the range 0 to 255.
+  It can be expressed in decimal, hexadecimal format (prefixed by "0x") or 
octal
+  (prefixed by "0").
+
+  Typically, it is used together with generic proxy-v2-options.
+
+  Example:
+http-request set-tlv(0xE1) str("foo")
+
 http-request set-tos  [ { if | unless }  ]

   This is used to set the TOS or DSCP field value of packets sent to the client
@@ -13502,6 +13519,7 @@ tcp-request content  [{if | unless} ]
 - set-priority-offset 
 - set-src 
 - set-src-port 
+- set-tlv() 
 - set-tos 
 - set-var([,...]) 
 - set-var-fmt([,...]) 
@@ -13741,6 +13759,11 @@ tcp-request content set-src-port  [ { if | 
unless }  ]
   specified expression. Please refer to "http-request set-src" and
   "http-request set-src-port" for a complete description.

+tcp-request content set-tlv()  [ { if | unless }  ]
+
+  This is used to alter a PROXY protocol v2 TLV that has been sent by the 
client.
+  Please refer to "http-request set-tlv" for a complete description.
+
 tcp-request content set-tos  [ { if | unless }  ]

   This is used to set the TOS or DSCP field value of packets sent to the client
@@ -16686,7 +16709,7 @@ proxy-v2-options [,]*
   or hexadecimal format (prefixed by "0x").

   Example 2:
-  server example_server 127.0.0.1:2319 send-proxy-v2 proxy-v2-options 
0xEE=%[str("foo")]
+  server example 127.0.0.1:2319 send-proxy-v2 proxy-v2-options 
0xEE=%[str("foo")]

   This will always send out the value "foo". Another common use case would be 
to
   reference a variable.
diff --git a/reg-tests/connection/proxy_protocol_send_generic.vtc 
b/reg-tests/connection/proxy_protocol_send_generic.vtc
index e0bd15a1b..1c48964be 100644
--- a/reg-tests/connection/proxy_protocol_send_generic.vtc
+++ b/reg-tests/connection/proxy_protocol_send_generic.vtc
@@ -24,6 +24,33 @@ haproxy h1 -conf {
 http-request set-var(txn.custom_tlv_b) fc_pp_tlv(0xE2)
 http-after-response set-header proxy_custom_tlv_b 
%[var(txn.custom_tlv_b)]

+http-request set-tlv(0xE3) str("bar")
+http-request set-var(txn.custom_tlv_c) fc_pp_tlv(0xE3)
+http-after-response set-header proxy_custom_tlv_c 
%[var(txn.custom_tlv_c)]
+
+# Check that we can alter the TLV in the connection on http-request 
level.
+http-request set-tlv(0xE3) str("bar")
+http-request set-var(txn.custom_tlv_c) fc_pp_tlv(0xE3)
+http-after-response set-header proxy_custom_tlv_c 
%[var(txn.custom_tlv_c)]
+
+# Check that we can alter the TLV in the connection on tcp-content 
level.
+tcp-request content set-tlv(0xE4) str("bar")
+http-request set-var(txn.custom_tlv_d) fc_pp_tlv(0xE4)
+http-after-response set-header proxy_custom_tlv_d 
%[var(txn.custom_tlv_d)]
+
+# Check that we can overwrite an existing TLV.
+tcp-request content set-tlv(0xE5) str("bar")
+http-request set-var(txn.custom_tlv_e) fc_pp_tlv(0xE5)
+http-after-response set-header proxy_custom_tlv_e 
%[var(txn.custom_tlv_e)]
+
+# Check that we can

RE: [PATCH 4/4] MEDIUM: tcp-act: Add new set-tlv TCP action for PPv2 TLVs

2023-09-15 Thread Stephan, Alexander 
From da4dc50153fe6cc7e562b63439dd8be4846e0dcf Mon Sep 17 00:00:00 2001
From: Alexander Stephan 
Date: Fri, 15 Sep 2023 12:25:03 +0200
Subject: [PATCH 4/4] MEDIUM: tcp-act: Add new set-tlv TCP action for PPv2 TLVs

This commit adds an action called set-tlv()  that allows to directly
update the TLV data structure within a connection for all type of connection
events. It can be used to modify TLVs before they are forwarded (if specified
in proxy-v2-options) while keeping the previously allocated memory, if the new
and the old value map to the same pool. This function can also be used to
enhance readability if setting many TLVs at once, as an alternative to 
specifying
type and value directly in the server.
---
 doc/configuration.txt |  25 +++-
 .../proxy_protocol_send_generic.vtc   |  31 +
 src/tcp_act.c | 120 --
 3 files changed, 161 insertions(+), 15 deletions(-)

diff --git a/doc/configuration.txt b/doc/configuration.txt
index aeff9e4db..a0317f005 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -7011,6 +7011,7 @@ http-request  [options...] [ { if | unless } 
 ]
 - set-src 
 - set-src-port 
 - set-timeout { server | tunnel } {  |  }
+- set-tlv() 
 - set-tos 
 - set-uri 
 - set-var([,...]) 
@@ -7943,6 +7944,22 @@ http-request set-timeout { server | tunnel } {  
|  }
 http-request set-timeout tunnel 5s
 http-request set-timeout server req.hdr(host),map_int(host.lst)

+http-request set-tlv()  [ { if | unless }  ]
+
+  This is used to alter a PROXY protocol v2 TLV that has been sent by the 
client.
+  It can be used to efficiently alter already allocated TLVs in-place. If no 
TLV with
+  the specified TLV ID has been received yet, a new TLV with  and the 
current
+  value of  is added.
+
+  The parameter  represents the 8 bit TLV type field in the range 0 to 255.
+  It can be expressed in decimal, hexadecimal format (prefixed by "0x") or 
octal
+  (prefixed by "0").
+
+  Typically, it is used together with generic proxy-v2-options.
+
+  Example:
+http-request set-tlv(0xE1) str("foo")
+
 http-request set-tos  [ { if | unless }  ]

   This is used to set the TOS or DSCP field value of packets sent to the client
@@ -13502,6 +13519,7 @@ tcp-request content  [{if | unless} ]
 - set-priority-offset 
 - set-src 
 - set-src-port 
+- set-tlv() 
 - set-tos 
 - set-var([,...]) 
 - set-var-fmt([,...]) 
@@ -13741,6 +13759,11 @@ tcp-request content set-src-port  [ { if | 
unless }  ]
   specified expression. Please refer to "http-request set-src" and
   "http-request set-src-port" for a complete description.

+tcp-request content set-tlv()  [ { if | unless }  ]
+
+  This is used to alter a PROXY protocol v2 TLV that has been sent by the 
client.
+  Please refer to "http-request set-tlv" for a complete description.
+
 tcp-request content set-tos  [ { if | unless }  ]

   This is used to set the TOS or DSCP field value of packets sent to the client
@@ -16686,7 +16709,7 @@ proxy-v2-options [,]*
   or hexadecimal format (prefixed by "0x").

   Example 2:
-  server example_server 127.0.0.1:2319 send-proxy-v2 proxy-v2-options 
0xEE=%[str("foo")]
+  server example 127.0.0.1:2319 send-proxy-v2 proxy-v2-options 
0xEE=%[str("foo")]

   This will always send out the value "foo". Another common use case would be 
to
   reference a variable.
diff --git a/reg-tests/connection/proxy_protocol_send_generic.vtc 
b/reg-tests/connection/proxy_protocol_send_generic.vtc
index e0bd15a1b..1c48964be 100644
--- a/reg-tests/connection/proxy_protocol_send_generic.vtc
+++ b/reg-tests/connection/proxy_protocol_send_generic.vtc
@@ -24,6 +24,33 @@ haproxy h1 -conf {
 http-request set-var(txn.custom_tlv_b) fc_pp_tlv(0xE2)
 http-after-response set-header proxy_custom_tlv_b 
%[var(txn.custom_tlv_b)]

+http-request set-tlv(0xE3) str("bar")
+http-request set-var(txn.custom_tlv_c) fc_pp_tlv(0xE3)
+http-after-response set-header proxy_custom_tlv_c 
%[var(txn.custom_tlv_c)]
+
+# Check that we can alter the TLV in the connection on http-request 
level.
+http-request set-tlv(0xE3) str("bar")
+http-request set-var(txn.custom_tlv_c) fc_pp_tlv(0xE3)
+http-after-response set-header proxy_custom_tlv_c 
%[var(txn.custom_tlv_c)]
+
+# Check that we can alter the TLV in the connection on tcp-content 
level.
+tcp-request content set-tlv(0xE4) str("bar")
+http-request set-var(txn.custom_tlv_d) fc_pp_tlv(0xE4)
+http-after-response set-header proxy_custom_tlv_d 
%[var(txn.custom_tlv_d)]
+
+# Check that we can overwrite an existing TLV.
+tcp-request content set-tlv(0xE5) str("bar")
+http-request set-var(txn.custom_tlv_e) fc_pp_tlv(0xE5)
+http-after-response set-header proxy_custom_tlv_e 
%[var(txn.custom_tlv_e)]
+
+# Check that we can move from a small to a medium pool