Reject config with unknown directives before committing to it #1897
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ideally, we want to reject configurations with unknown directives before applying any configuration changes that correspond to known directives, but current apply-as-you-parse architecture makes that impractical. Pending smooth reconfiguration refactoring will make that possible, but we can make a step towards that ideal future now. Rejecting bad configurations before calling configDoConfigure() reduces the set of configuration errors that Squid can detect in one execution (because configDoConfigure() error-checking code is not reached), but that small reduction is a lesser evil compared to running configDoConfigure() with a clearly broken config, especially when we are going to kill Squid anyway. While many legacy parse_foo() functions do apply significant changes before configDoConfigure(), we cannot easily prevent that (for now). We can easily prevent configDoConfigure().
rousskov
commented
Aug 28, 2024
There was a problem hiding this comment.
This PR is a yet another tiny step towards smooth reconfiguration support, addressing an existing TODO. It is probably the last change I can carve out before #1840 is finally merged. Isolating and maintaining these pending changes wastes a lot of my time. Please move #1840 forward!
This review annotates this PR but does not request any changes.
| @@ -625,22 +625,16 @@ Configuration::Parse() | |||
|
|
|||
| defaults_postscriptum(); | |||
|
|
|||
| if (unrecognizedDirectives) | |||
There was a problem hiding this comment.
It may be tempting to throw even earlier, when unrecognizedDirectives constant is set above defaults_if_none() and defaults_postscriptum() calls. However, we should not do that. It is not obvious in the current code, but those two functions can also detect unrecognized directives and similar problems. Pending smooth reconfiguration changes will make this code look natural, removing the current "Why not throw earlier?" question.
rousskov
added
M-cleared-for-merge
squid-anubis
pushed a commit
that referenced
this pull request
Aug 31, 2024
Ideally, we want to reject configurations with unknown directives before applying any configuration changes that correspond to known directives, but current apply-as-you-parse architecture makes that impractical. Pending smooth reconfiguration refactoring will make that possible, but we can make a step towards that ideal future now. Rejecting bad configurations before calling configDoConfigure() reduces the set of configuration errors that Squid can detect in one execution (because configDoConfigure() error-checking code is not reached), but that small reduction is a lesser evil compared to running configDoConfigure() with a clearly broken config, especially when we are going to kill Squid anyway. While many legacy parse_foo() functions do apply significant changes before configDoConfigure(), we cannot easily prevent that (for now). We can easily prevent configDoConfigure().
squid-anubis
added
the
M-waiting-staging-checks
rousskov
removed
the
S-could-use-an-approval
squid-anubis
added
M-merged
kinkie
pushed a commit
to kinkie/squid
that referenced
this pull request
Oct 12, 2024
…cache#1897) Ideally, we want to reject configurations with unknown directives before applying any configuration changes that correspond to known directives, but current apply-as-you-parse architecture makes that impractical. Pending smooth reconfiguration refactoring will make that possible, but we can make a step towards that ideal future now. Rejecting bad configurations before calling configDoConfigure() reduces the set of configuration errors that Squid can detect in one execution (because configDoConfigure() error-checking code is not reached), but that small reduction is a lesser evil compared to running configDoConfigure() with a clearly broken config, especially when we are going to kill Squid anyway. While many legacy parse_foo() functions do apply significant changes before configDoConfigure(), we cannot easily prevent that (for now). We can easily prevent configDoConfigure().
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ideally, we want to reject configurations with unknown directives before
applying any configuration changes that correspond to known directives,
but current apply-as-you-parse architecture makes that impractical.
Pending smooth reconfiguration refactoring will make that possible, but
we can make a step towards that ideal future now.
Rejecting bad configurations before calling configDoConfigure() reduces
the set of configuration errors that Squid can detect in one execution
(because configDoConfigure() error-checking code is not reached), but
that small reduction is a lesser evil compared to running
configDoConfigure() with a clearly broken config, especially when we are
going to kill Squid anyway. While many legacy parse_foo() functions do
apply significant changes before configDoConfigure(), we cannot easily
prevent that (for now). We can easily prevent configDoConfigure().