relayd nonsense "protocol defined twice"

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

relayd nonsense "protocol defined twice"

Nick Guenther-2
>Synopsis: relayd hitting a syntax error will continue parsing and give even more confusing errors
>Category: system
>Environment:
        System      : OpenBSD 6.6
        Details     : OpenBSD 6.6 (GENERIC.MP) #372: Sat Oct 12 10:56:27 MDT 2019
                         [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

        Architecture: OpenBSD.amd64
        Machine     : amd64


>Description:

        relayd gives a nonsense error if a relay has two protocols but the first is invalid.

>How-To-Repeat:

        ```
        # relayd.conf
        table <web> { "127.0.0.1" }
        table <app> { "127.0.0.1" }

        http protocol web {
                return error

                # syntax error: missing quotes:
                tls ca file /etc/ssl/cert.pem
        }

        http protocol web_app {
                return error

                match request path "/app/*" forward to <app>
        }

        relay https_proxy {
                listen on 0.0.0.0 port 80

                protocol web
                forward to <web> port 8080

                protocol web_app
                forward to <app> port 8082
        }
        ```

        ```
        $ doas relayd -d -v -f relayd.conf
        startup
        relayd.conf:8: syntax error
        relayd.conf:20: no such protocol: web
        relayd.conf:23: protocol web_app defined twice
        no actions, nothing to do
        unused protocol: web_app
        ca exiting, pid 3075
        relay exiting, pid 71928
        pfe exiting, pid 81431
        hce exiting, pid 95455
        ca exiting, pid 62478
        relay exiting, pid 9500
        relay exiting, pid 64011
        ca exiting, pid 18935
        ```

        Or,

        ```
        # relayd.conf                                                                                                        
        table <web> { "127.0.0.1" }
        table <app> { "127.0.0.1" }

        http protocol web {
                return error

                tls ca file "/etc/ssl/cert.pem"
        }

        http protocol blah {
                return error

                match request path "/app/*" forward to <app>
        }

        relay https_proxy {
                listen on 0.0.0.0 port 80

                # error: undefined protocol
                protocol web2
                forward to <app> port 8082

                protocol web
                forward to <web> port 8080
        }
        ```

        ```
        $ doas relayd -d -v -f relayd.conf  
        startup
        relayd.conf:20: no such protocol: web2
        relayd.conf:23: protocol web defined twice
        no actions, nothing to do
        unused protocol: web
        unused protocol: blah
        hce exiting, pid 49635
        pfe exiting, pid 65232
        ca exiting, pid 43948
        ca exiting, pid 20719
        ca exiting, pid 85785
        relay exiting, pid 21295
        relay exiting, pid 13943
        relay exiting, pid 46257
        ```

        Those protocols were never defined twice, of course.

Reply | Threaded
Open this post in threaded view
|

Re: relayd nonsense "protocol defined twice"

Sebastian Benoit-3
Nick([hidden email]) on 2020.02.11 07:47:02 +0000:

> >Synopsis: relayd hitting a syntax error will continue parsing and give even more confusing errors
> >Category: system
> >Environment:
> System      : OpenBSD 6.6
> Details     : OpenBSD 6.6 (GENERIC.MP) #372: Sat Oct 12 10:56:27 MDT 2019
> [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> Architecture: OpenBSD.amd64
> Machine     : amd64
>
>
> >Description:
>
> relayd gives a nonsense error if a relay has two protocols but the first is invalid.
>
> relayd.conf:20: no such protocol: web2
> relayd.conf:23: protocol web defined twice

Welcome to the world of parsers trying to continue parsing after an error.

This is so that it can report multiple errors in the config file,
potentially helping the user.

In this case the parser falls over its feet. No idea yet how and if i want
to fix it.

Thanks,
Benno