From ee1c078f8fd198248dbea83965a2361d77c0ddfe Mon Sep 17 00:00:00 2001
From: Helene Durand <hdurand@haproxy.com>
Date: Tue, 27 Aug 2024 15:26:09 +0200
Subject: [PATCH] BUG/MINOR: add h1-accept-payload-with-any-method and
 h1-do-not-close-on-insecure-transfer-encoding to global

---
 config-parser/section-parsers.go              |  2 ++
 configuration/global.go                       | 20 +++++++++++++++++++
 models/global_base.go                         |  6 ++++++
 models/global_base_compare.go                 | 16 +++++++++++++++
 models/global_base_compare_test.go            |  8 ++++++--
 specification/build/haproxy_spec.yaml         |  4 ++++
 .../models/configuration/global.yaml          |  4 ++++
 test/configuration_test.go                    |  2 ++
 test/expected/structured.json                 |  2 ++
 9 files changed, 62 insertions(+), 2 deletions(-)

diff --git a/config-parser/section-parsers.go b/config-parser/section-parsers.go
index d8c0ac60..36b846d6 100644
--- a/config-parser/section-parsers.go
+++ b/config-parser/section-parsers.go
@@ -442,6 +442,8 @@ func (p *configParser) getGlobalParser() *Parsers { //nolint: maintidx
 	addParser(parser, &sequence, &simple.Number{Name: "ocsp-update.mindelay"})
 	addParser(parser, &sequence, &simple.Number{Name: "ocsp-update.maxdelay"})
 	addParser(parser, &sequence, &simple.OnOff{Name: "ocsp-update.mode"})
+	addParser(parser, &sequence, &simple.Enabled{Name: "h1-accept-payload-with-any-method"})
+	addParser(parser, &sequence, &simple.Enabled{Name: "h1-do-not-close-on-insecure-transfer-encoding"})
 	// the ConfigSnippet must be at the end to parsers load order to ensure
 	// the overloading of any option has been declared previously
 	addParser(parser, &sequence, &parsers.ConfigSnippet{})
diff --git a/configuration/global.go b/configuration/global.go
index 180338ef..785fd000 100644
--- a/configuration/global.go
+++ b/configuration/global.go
@@ -2164,6 +2164,18 @@ func ParseGlobalSection(p parser.Parser) (*models.Global, error) { //nolint:goco
 	}
 	global.H1CaseAdjustFile = h1CaseAdjustFile
 
+	h1AcceptPayloadWithAnyMethod, err := parseBoolOption(p, "h1-accept-payload-with-any-method")
+	if err != nil {
+		return nil, err
+	}
+	global.H1AcceptPayloadWithAnyMethod = h1AcceptPayloadWithAnyMethod
+
+	h1DoNotCloseOnInsecureTransferEncoding, err := parseBoolOption(p, "h1-do-not-close-on-insecure-transfer-encoding")
+	if err != nil {
+		return nil, err
+	}
+	global.H1DoNotCloseOnInsecureTransferEncoding = h1DoNotCloseOnInsecureTransferEncoding
+
 	h2WorkaroundBogusWebsocketClients, err := parseBoolOption(p, "h2-workaround-bogus-websocket-clients")
 	if err != nil {
 		return nil, err
@@ -3015,6 +3027,14 @@ func SerializeGlobalSection(p parser.Parser, data *models.Global, opt *options.C
 		return err
 	}
 
+	if err := serializeBoolOption(p, "h1-accept-payload-with-any-method", data.H1AcceptPayloadWithAnyMethod); err != nil {
+		return err
+	}
+
+	if err := serializeBoolOption(p, "h1-do-not-close-on-insecure-transfer-encoding", data.H1DoNotCloseOnInsecureTransferEncoding); err != nil {
+		return err
+	}
+
 	if err := serializeTimeoutOption(p, "hard-stop-after", data.HardStopAfter, opt); err != nil {
 		return err
 	}
diff --git a/models/global_base.go b/models/global_base.go
index 70c81e9e..8f5d7d88 100644
--- a/models/global_base.go
+++ b/models/global_base.go
@@ -109,9 +109,15 @@ type GlobalBase struct {
 	// +kubebuilder:validation:Pattern=`^[^\s]+$`
 	Group string `json:"group,omitempty"`
 
+	// h1 accept payload with any method
+	H1AcceptPayloadWithAnyMethod bool `json:"h1_accept_payload_with_any_method,omitempty"`
+
 	// h1 case adjust file
 	H1CaseAdjustFile string `json:"h1_case_adjust_file,omitempty"`
 
+	// h1 do not close on insecure transfer encoding
+	H1DoNotCloseOnInsecureTransferEncoding bool `json:"h1_do_not_close_on_insecure_transfer_encoding,omitempty"`
+
 	// h2 workaround bogus websocket clients
 	H2WorkaroundBogusWebsocketClients bool `json:"h2_workaround_bogus_websocket_clients,omitempty"`
 
diff --git a/models/global_base_compare.go b/models/global_base_compare.go
index ea8bef6e..ef9a07ea 100644
--- a/models/global_base_compare.go
+++ b/models/global_base_compare.go
@@ -247,10 +247,18 @@ func (s GlobalBase) Equal(t GlobalBase, opts ...Options) bool {
 		return false
 	}
 
+	if s.H1AcceptPayloadWithAnyMethod != t.H1AcceptPayloadWithAnyMethod {
+		return false
+	}
+
 	if s.H1CaseAdjustFile != t.H1CaseAdjustFile {
 		return false
 	}
 
+	if s.H1DoNotCloseOnInsecureTransferEncoding != t.H1DoNotCloseOnInsecureTransferEncoding {
+		return false
+	}
+
 	if s.H2WorkaroundBogusWebsocketClients != t.H2WorkaroundBogusWebsocketClients {
 		return false
 	}
@@ -973,10 +981,18 @@ func (s GlobalBase) Diff(t GlobalBase, opts ...Options) map[string][]interface{}
 		diff["Group"] = []interface{}{s.Group, t.Group}
 	}
 
+	if s.H1AcceptPayloadWithAnyMethod != t.H1AcceptPayloadWithAnyMethod {
+		diff["H1AcceptPayloadWithAnyMethod"] = []interface{}{s.H1AcceptPayloadWithAnyMethod, t.H1AcceptPayloadWithAnyMethod}
+	}
+
 	if s.H1CaseAdjustFile != t.H1CaseAdjustFile {
 		diff["H1CaseAdjustFile"] = []interface{}{s.H1CaseAdjustFile, t.H1CaseAdjustFile}
 	}
 
+	if s.H1DoNotCloseOnInsecureTransferEncoding != t.H1DoNotCloseOnInsecureTransferEncoding {
+		diff["H1DoNotCloseOnInsecureTransferEncoding"] = []interface{}{s.H1DoNotCloseOnInsecureTransferEncoding, t.H1DoNotCloseOnInsecureTransferEncoding}
+	}
+
 	if s.H2WorkaroundBogusWebsocketClients != t.H2WorkaroundBogusWebsocketClients {
 		diff["H2WorkaroundBogusWebsocketClients"] = []interface{}{s.H2WorkaroundBogusWebsocketClients, t.H2WorkaroundBogusWebsocketClients}
 	}
diff --git a/models/global_base_compare_test.go b/models/global_base_compare_test.go
index 6112a2d4..acd19575 100644
--- a/models/global_base_compare_test.go
+++ b/models/global_base_compare_test.go
@@ -89,6 +89,8 @@ func TestGlobalBaseEqualFalse(t *testing.T) {
 		result.ExternalCheck = !sample.ExternalCheck
 		result.Gid = sample.Gid + 1
 		result.Grace = Ptr(*sample.Grace + 1)
+		result.H1AcceptPayloadWithAnyMethod = !sample.H1AcceptPayloadWithAnyMethod
+		result.H1DoNotCloseOnInsecureTransferEncoding = !sample.H1DoNotCloseOnInsecureTransferEncoding
 		result.H2WorkaroundBogusWebsocketClients = !sample.H2WorkaroundBogusWebsocketClients
 		result.HardStopAfter = Ptr(*sample.HardStopAfter + 1)
 		result.InsecureForkWanted = !sample.InsecureForkWanted
@@ -192,6 +194,8 @@ func TestGlobalBaseDiffFalse(t *testing.T) {
 		result.ExternalCheck = !sample.ExternalCheck
 		result.Gid = sample.Gid + 1
 		result.Grace = Ptr(*sample.Grace + 1)
+		result.H1AcceptPayloadWithAnyMethod = !sample.H1AcceptPayloadWithAnyMethod
+		result.H1DoNotCloseOnInsecureTransferEncoding = !sample.H1DoNotCloseOnInsecureTransferEncoding
 		result.H2WorkaroundBogusWebsocketClients = !sample.H2WorkaroundBogusWebsocketClients
 		result.HardStopAfter = Ptr(*sample.HardStopAfter + 1)
 		result.InsecureForkWanted = !sample.InsecureForkWanted
@@ -217,7 +221,7 @@ func TestGlobalBaseDiffFalse(t *testing.T) {
 
 	for _, sample := range samples {
 		result := sample.a.Diff(sample.b)
-		if len(result) != 64 {
+		if len(result) != 66 {
 			json := jsoniter.ConfigCompatibleWithStandardLibrary
 			a, err := json.Marshal(&sample.a)
 			if err != nil {
@@ -227,7 +231,7 @@ func TestGlobalBaseDiffFalse(t *testing.T) {
 			if err != nil {
 				t.Errorf(err.Error())
 			}
-			t.Errorf("Expected GlobalBase to be different in 64 cases, but it is not (%d) %s %s", len(result), a, b)
+			t.Errorf("Expected GlobalBase to be different in 66 cases, but it is not (%d) %s %s", len(result), a, b)
 		}
 	}
 }
diff --git a/specification/build/haproxy_spec.yaml b/specification/build/haproxy_spec.yaml
index d93ad039..23755214 100644
--- a/specification/build/haproxy_spec.yaml
+++ b/specification/build/haproxy_spec.yaml
@@ -1992,6 +1992,8 @@ definitions:
         pattern: ^[^\s]+$
         type: string
         x-display-name: Group
+      h1_accept_payload_with_any_method:
+        type: boolean
       h1_case_adjust:
         items:
           properties:
@@ -2009,6 +2011,8 @@ definitions:
         x-omitempty: true
       h1_case_adjust_file:
         type: string
+      h1_do_not_close_on_insecure_transfer_encoding:
+        type: boolean
       h2_workaround_bogus_websocket_clients:
         type: boolean
       hard_stop_after:
diff --git a/specification/models/configuration/global.yaml b/specification/models/configuration/global.yaml
index c438c2d9..29c58492 100644
--- a/specification/models/configuration/global.yaml
+++ b/specification/models/configuration/global.yaml
@@ -208,6 +208,10 @@ global_base:
             type: string
     h1_case_adjust_file:
       type: string
+    h1_accept_payload_with_any_method:
+      type: boolean
+    h1_do_not_close_on_insecure_transfer_encoding:
+      type: boolean
     http_err_codes:
       type: array
       x-display-name: Replace, reduce or extend the list of status codes that define an error
diff --git a/test/configuration_test.go b/test/configuration_test.go
index 61fbfa80..293a579f 100644
--- a/test/configuration_test.go
+++ b/test/configuration_test.go
@@ -162,6 +162,8 @@ global
   insecure-setuid-wanted
   issuers-chain-path issuers-chain-path
   h2-workaround-bogus-websocket-clients
+  h1-accept-payload-with-any-method
+  h1-do-not-close-on-insecure-transfer-encoding
   lua-load-per-thread file.ext
   mworker-max-reloads 5
   numa-cpu-mapping
diff --git a/test/expected/structured.json b/test/expected/structured.json
index 798a633a..cee176cc 100644
--- a/test/expected/structured.json
+++ b/test/expected/structured.json
@@ -170,6 +170,8 @@
         "grace": 10000,
         "group": "anderson",
         "h1_case_adjust_file": "/etc/headers.adjust",
+        "h1_accept_payload_with_any_method": true,
+        "h1_do_not_close_on_insecure_transfer_encoding": true,
         "h2_workaround_bogus_websocket_clients": true,
         "hard_stop_after": 2000,
         "http_client_options": {