Bug: directive `ssl_ocsp` incorrectly set to `ngxConfFlag`

[dareste]

Describe the bug

The directive ssl_ocsp for the dictionaries in the list below contains an error. The parameters mask should be ngxConfTake1 rather than ngxConfFlag.

analyze_nplus_R30_directives.go
analyze_nplus_R31_directives.go
analyze_nplus_R33_directives.gen.go
analyze_nplus_R34_directives.gen.go
analyze_nplus_R35_directives.gen.go
analyze_nplus_latest_directives.gen.go
analyze_oss_124_directives.gen.go
analyze_oss_126_directives.gen.go
analyze_oss_latest_directives.gen.go

This directive accepts an enumerated parameter: on, off or leaf:

https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ocsp
https://nginx.org/en/docs/stream/ngx_stream_ssl_module.html#ssl_ocsp

The reason why the generator got it wrong is because of an error in the nginx source code. The directive, in both stream and http contexts, is wrongly associated to NGX_CONF_FLAG, even though the parameters are validated against the enumeration described above. See:

    { ngx_string("ssl_ocsp"),
      NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG,
      ngx_conf_set_enum_slot,
      NGX_STREAM_SRV_CONF_OFFSET,
      offsetof(ngx_stream_ssl_srv_conf_t, ocsp),
      &ngx_stream_ssl_ocsp },

static ngx_conf_enum_t  ngx_stream_ssl_ocsp[] = {
    { ngx_string("off"), 0 },
    { ngx_string("on"), 1 },
    { ngx_string("leaf"), 2 },
    { ngx_null_string, 0 }
};

To reproduce

Run crossplane on any configuration that contains the directive ssl_ocsp leaf; in any of its valid contexts. The analyzer will throw:

invalid value "leaf" in "ssl_ocsp" directive, it must be "on" or "off"

Use that same configuration in an nginx (newer than R30 for Plus, or 1.27.2 for OS), and it will load.

Expected behavior

The analyzer does not throw any error.

[dareste]

Closed by #162