Hi Willy,
Since all block rules has been move to the beginning of the http-request
rules in check_config_validity() by the the following codes:
/* move any "block" rules at the beginning of the http-request
rules */
if (!LIST_ISEMPTY(&curproxy->block_rules)) {
/* insert block_rules into http_req_rules at the
beginning */
curproxy->block_rules.p->n =
curproxy->http_req_rules.n;
curproxy->http_req_rules.n->p = curproxy->block_rules.p;
curproxy->block_rules.n->p =
&curproxy->http_req_rules;
curproxy->http_req_rules.n = curproxy->block_rules.n;
LIST_INIT(&curproxy->block_rules);
}
As a result, there is no need to clean blocking rules in deinit() as below:
list_for_each_entry_safe(cond, condb, &p->block_rules, list) {
LIST_DEL(&cond->list);
prune_acl_cond(cond);
free(cond);
}
In addition, there is also another issue. The type of the members listed
in block_rules has become *struct http_req_rule*, not *struct acl_cond*
in earlier versions, maybe there is also potential risk to clean
block_rules in deinit().
So in my opinion, just remove the codes will be OK as below:
diff --git a/src/haproxy.c b/src/haproxy.c
index 0dddd53..eac6f44 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1020,12 +1020,6 @@ void deinit(void)
free(cwl);
}
- list_for_each_entry_safe(cond, condb, &p->block_rules, list) {
- LIST_DEL(&cond->list);
- prune_acl_cond(cond);
- free(cond);
- }
-
list_for_each_entry_safe(cond, condb, &p->mon_fail_cond, list) {
LIST_DEL(&cond->list);
prune_acl_cond(cond);
I can send a patch later if there is no problem.
BTW, I only checked this issue in 1.5 branch.
--
Best Regards,
Godbach
