Repository: trafficserver Updated Branches: refs/heads/master ed1eb0305 -> bad88d0e8
Fix compiler working. Apply clang-format changes. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/bad88d0e Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/bad88d0e Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/bad88d0e Branch: refs/heads/master Commit: bad88d0e88372b7fc1d890cab7cd4e46373856ef Parents: ed1eb03 Author: shinrich <[email protected]> Authored: Fri Jul 10 07:23:51 2015 -0500 Committer: shinrich <[email protected]> Committed: Fri Jul 10 07:23:51 2015 -0500 ---------------------------------------------------------------------- iocore/net/P_SSLConfig.h | 10 +- iocore/net/P_SSLNetVConnection.h | 10 +- iocore/net/P_UnixNetVConnection.h | 13 ++- iocore/net/SSLConfig.cc | 10 +- iocore/net/SSLNetVConnection.cc | 170 ++++++++++++------------------- iocore/net/SSLUtils.cc | 7 +- iocore/net/UnixNetVConnection.cc | 46 ++++----- lib/atscppapi/examples/boom/boom.cc | 2 +- proxy/FetchSM.cc | 2 +- proxy/http/HttpSM.cc | 8 +- proxy/http2/Http2ClientSession.cc | 6 +- proxy/http2/Http2ClientSession.h | 2 +- proxy/logging/Log.cc | 24 ++--- proxy/logging/Log.h | 21 ++-- proxy/logging/LogAccessHttp.cc | 2 +- 15 files changed, 148 insertions(+), 185 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/P_SSLConfig.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h index 5c582d1..3d942f6 100644 --- a/iocore/net/P_SSLConfig.h +++ b/iocore/net/P_SSLConfig.h @@ -99,11 +99,11 @@ struct SSLConfigParams : public ConfigInfo { static bool session_cache_skip_on_lock_contention; // TS-3435 Wiretracing for SSL Connections - static int ssl_wire_trace_enabled; - static char * ssl_wire_trace_addr; - static IpAddr * ssl_wire_trace_ip; - static int ssl_wire_trace_percentage; - static char * ssl_wire_trace_server_name; + static int ssl_wire_trace_enabled; + static char *ssl_wire_trace_addr; + static IpAddr *ssl_wire_trace_ip; + static int ssl_wire_trace_percentage; + static char *ssl_wire_trace_server_name; static init_ssl_ctx_func init_ssl_ctx_cb; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/P_SSLNetVConnection.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index 678035b..3b29e7b 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -253,15 +253,19 @@ public: return eosRcvd; } - bool getSSLTrace() const { + bool + getSSLTrace() const + { return sslTrace || super::origin_trace; }; - void setSSLTrace(bool state){ + void + setSSLTrace(bool state) + { sslTrace = state; }; - bool computeSSLTrace(); + bool computeSSLTrace(); private: SSLNetVConnection(const SSLNetVConnection &); http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/P_UnixNetVConnection.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index 5b3cd9d..52f5335 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -261,7 +261,7 @@ public: ink_hrtime submit_time; OOB_callback *oob_ptr; bool from_accept_thread; - + // es - origin_trace associated connections bool origin_trace; const sockaddr *origin_trace_addr; @@ -282,18 +282,21 @@ public: virtual void apply_options(); friend void write_to_net_io(NetHandler *, UnixNetVConnection *, EThread *); - - void setOriginTrace(bool t) + + void + setOriginTrace(bool t) { origin_trace = t; } - void setOriginTraceAddr(const sockaddr *addr) + void + setOriginTraceAddr(const sockaddr *addr) { origin_trace_addr = addr; } - void setOriginTracePort(int port) + void + setOriginTracePort(int port) { origin_trace_port = port; } http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/SSLConfig.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index 28a9662..a4d7a7f 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -57,11 +57,11 @@ init_ssl_ctx_func SSLConfigParams::init_ssl_ctx_cb = NULL; // TS-3534 Wiretracing for SSL Connections int SSLConfigParams::ssl_wire_trace_enabled = 0; char *SSLConfigParams::ssl_wire_trace_addr = NULL; -IpAddr * SSLConfigParams::ssl_wire_trace_ip = NULL; +IpAddr *SSLConfigParams::ssl_wire_trace_ip = NULL; int SSLConfigParams::ssl_wire_trace_percentage = 0; char *SSLConfigParams::ssl_wire_trace_server_name = NULL; -static ConfigUpdateHandler<SSLCertificateConfig> * sslCertUpdate; +static ConfigUpdateHandler<SSLCertificateConfig> *sslCertUpdate; SSLConfigParams::SSLConfigParams() { @@ -305,12 +305,12 @@ SSLConfigParams::initialize() REC_ReadConfigInt32(ssl_allow_client_renegotiation, "proxy.config.ssl.allow_client_renegotiation"); - //SSL Wire Trace configurations + // SSL Wire Trace configurations REC_ReadConfigInteger(ssl_wire_trace_enabled, "proxy.config.ssl.wire_trace_enabled"); - if(ssl_wire_trace_enabled){ + if (ssl_wire_trace_enabled) { // wire trace specific source ip REC_ReadConfigStringAlloc(ssl_wire_trace_addr, "proxy.config.ssl.wire_trace_addr"); - if(ssl_wire_trace_addr){ + if (ssl_wire_trace_addr) { ssl_wire_trace_ip = new IpAddr(); ssl_wire_trace_ip->load(ssl_wire_trace_addr); } else { http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/SSLNetVConnection.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index 614d39a..7c6207a 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -25,7 +25,7 @@ #include "P_Net.h" #include "P_SSLNextProtocolSet.h" #include "P_SSLUtils.h" -#include "InkAPIInternal.h" // Added to include the ssl_hook definitions +#include "InkAPIInternal.h" // Added to include the ssl_hook definitions #include "P_SSLConfig.h" #include "Log.h" @@ -199,7 +199,7 @@ ssl_read_from_net(SSLNetVConnection *sslvc, EThread *lthread, int64_t &ret) int64_t block_write_avail = 0; ssl_error_t sslErr = SSL_ERROR_NONE; int64_t nread = 0; - + bool trace = sslvc->getSSLTrace(); Debug("ssl", "trace=%s", trace ? "TRUE" : "FALSE"); @@ -215,14 +215,13 @@ ssl_read_from_net(SSLNetVConnection *sslvc, EThread *lthread, int64_t &ret) Debug("ssl", "[SSL_NetVConnection::ssl_read_from_net] nread=%d", (int)nread); if (!sslvc->origin_trace) { - TraceIn((0 < nread && trace), sslvc->get_remote_addr(), sslvc->get_remote_port(), - "WIRE TRACE\tbytes=%d\n%.*s", (int)nread, (int)nread, b->end() + offset); + TraceIn((0 < nread && trace), sslvc->get_remote_addr(), sslvc->get_remote_port(), "WIRE TRACE\tbytes=%d\n%.*s", (int)nread, + (int)nread, b->end() + offset); } else { - char origin_trace_ip[INET6_ADDRSTRLEN]; - ats_ip_ntop(sslvc->origin_trace_addr, origin_trace_ip, sizeof (origin_trace_ip)); - TraceIn((0 < nread && trace), sslvc->get_remote_addr(), sslvc->get_remote_port(), - "CLIENT %s:%d\ttbytes=%d\n%.*s", origin_trace_ip, sslvc->origin_trace_port, - (int)nread, (int)nread, b->end() + offset); + char origin_trace_ip[INET6_ADDRSTRLEN]; + ats_ip_ntop(sslvc->origin_trace_addr, origin_trace_ip, sizeof(origin_trace_ip)); + TraceIn((0 < nread && trace), sslvc->get_remote_addr(), sslvc->get_remote_port(), "CLIENT %s:%d\ttbytes=%d\n%.*s", + origin_trace_ip, sslvc->origin_trace_port, (int)nread, (int)nread, b->end() + offset); } @@ -253,43 +252,36 @@ ssl_read_from_net(SSLNetVConnection *sslvc, EThread *lthread, int64_t &ret) Debug("ssl.error", "[SSL_NetVConnection::ssl_read_from_net] SSL_ERROR_WOULD_BLOCK(read)"); break; case SSL_ERROR_WANT_X509_LOOKUP: - TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), - "Want X509 lookup"); + TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), "Want X509 lookup"); event = SSL_READ_WOULD_BLOCK; SSL_INCREMENT_DYN_STAT(ssl_error_want_x509_lookup); Debug("ssl.error", "[SSL_NetVConnection::ssl_read_from_net] SSL_ERROR_WOULD_BLOCK(read/x509 lookup)"); break; case SSL_ERROR_SYSCALL: - TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), - "Syscall Error: %s", strerror(errno)); + TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), "Syscall Error: %s", strerror(errno)); SSL_INCREMENT_DYN_STAT(ssl_error_syscall); if (nread != 0) { // not EOF event = SSL_READ_ERROR; ret = errno; Debug("ssl.error", "[SSL_NetVConnection::ssl_read_from_net] SSL_ERROR_SYSCALL, underlying IO error: %s", strerror(errno)); - TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), - "Underlying IO error: %d", errno); + TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), "Underlying IO error: %d", errno); } else { // then EOF observed, treat it as EOS event = SSL_READ_EOS; - //Error("[SSL_NetVConnection::ssl_read_from_net] SSL_ERROR_SYSCALL, EOF observed violating SSL protocol"); - TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), - "EOF observed violating SSL protocol"); + // Error("[SSL_NetVConnection::ssl_read_from_net] SSL_ERROR_SYSCALL, EOF observed violating SSL protocol"); + TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), "EOF observed violating SSL protocol"); } break; case SSL_ERROR_ZERO_RETURN: - TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), - "Connection closed by peer"); + TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), "Connection closed by peer"); event = SSL_READ_EOS; SSL_INCREMENT_DYN_STAT(ssl_error_zero_return); Debug("ssl.error", "[SSL_NetVConnection::ssl_read_from_net] SSL_ERROR_ZERO_RETURN"); break; case SSL_ERROR_SSL: default: - TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), - "SSL Error: sslErr=%d, errno=%d", sslErr, - errno); + TraceIn(trace, sslvc->get_remote_addr(), sslvc->get_remote_port(), "SSL Error: sslErr=%d, errno=%d", sslErr, errno); event = SSL_READ_ERROR; ret = errno; SSL_CLR_ERR_INCR_DYN_STAT(sslvc, ssl_error_ssl, "[SSL_NetVConnection::ssl_read_from_net]: errno=%d", errno); @@ -704,10 +696,10 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, int64_t &wattempted, i if (HttpProxyPort::TRANSPORT_BLIND_TUNNEL == this->attributes) { return this->super::load_buffer_and_write(towrite, wattempted, total_written, buf, needs); } - - bool trace = getSSLTrace(); + + bool trace = getSSLTrace(); Debug("ssl", "trace=%s", trace ? "TRUE" : "FALSE"); - + do { // check if we have done this block l = b->read_avail(); @@ -754,14 +746,13 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, int64_t &wattempted, i err = SSLWriteBuffer(ssl, b->start() + offset, l, r); if (!origin_trace) { - TraceOut((0 < r && trace), get_remote_addr(), get_remote_port(), - "WIRE TRACE\tbytes=%d\n%.*s", (int)r, (int)r, b->start() + offset); + TraceOut((0 < r && trace), get_remote_addr(), get_remote_port(), "WIRE TRACE\tbytes=%d\n%.*s", (int)r, (int)r, + b->start() + offset); } else { - char origin_trace_ip[INET6_ADDRSTRLEN]; - ats_ip_ntop(origin_trace_addr, origin_trace_ip, sizeof (origin_trace_ip)); - TraceOut((0 < r && trace), get_remote_addr(), get_remote_port(), - "CLIENT %s:%d\ttbytes=%d\n%.*s", origin_trace_ip, origin_trace_port, - (int)r, (int)r, b->start() + offset); + char origin_trace_ip[INET6_ADDRSTRLEN]; + ats_ip_ntop(origin_trace_addr, origin_trace_ip, sizeof(origin_trace_ip)); + TraceOut((0 < r && trace), get_remote_addr(), get_remote_port(), "CLIENT %s:%d\ttbytes=%d\n%.*s", origin_trace_ip, + origin_trace_port, (int)r, (int)r, b->start() + offset); } if (r == l) { @@ -805,38 +796,34 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, int64_t &wattempted, i break; case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_X509_LOOKUP: { - if (SSL_ERROR_WANT_WRITE == err) { + if (SSL_ERROR_WANT_WRITE == err) { SSL_INCREMENT_DYN_STAT(ssl_error_want_write); } else if (SSL_ERROR_WANT_X509_LOOKUP == err) { SSL_INCREMENT_DYN_STAT(ssl_error_want_x509_lookup); - TraceOut(trace, get_remote_addr(), get_remote_port(), - "Want X509 lookup"); + TraceOut(trace, get_remote_addr(), get_remote_port(), "Want X509 lookup"); } - + needs |= EVENTIO_WRITE; r = -EAGAIN; Debug("ssl.error", "SSL_write-SSL_ERROR_WANT_WRITE"); break; } case SSL_ERROR_SYSCALL: - TraceOut(trace, get_remote_addr(), get_remote_port(), - "Syscall Error: %s", strerror(errno)); + TraceOut(trace, get_remote_addr(), get_remote_port(), "Syscall Error: %s", strerror(errno)); r = -errno; SSL_INCREMENT_DYN_STAT(ssl_error_syscall); Debug("ssl.error", "SSL_write-SSL_ERROR_SYSCALL"); break; // end of stream case SSL_ERROR_ZERO_RETURN: - TraceOut(trace, get_remote_addr(), get_remote_port(), - "SSL Error: zero return"); + TraceOut(trace, get_remote_addr(), get_remote_port(), "SSL Error: zero return"); r = -errno; SSL_INCREMENT_DYN_STAT(ssl_error_zero_return); Debug("ssl.error", "SSL_write-SSL_ERROR_ZERO_RETURN"); break; case SSL_ERROR_SSL: default: - TraceOut(trace, get_remote_addr(), get_remote_port(), - "SSL Error: sslErr=%d, errno=%d", err, errno); + TraceOut(trace, get_remote_addr(), get_remote_port(), "SSL Error: sslErr=%d, errno=%d", err, errno); r = -errno; SSL_CLR_ERR_INCR_DYN_STAT(this, ssl_error_ssl, "SSL_write-SSL_ERROR_SSL errno=%d", errno); break; @@ -942,7 +929,7 @@ SSLNetVConnection::free(EThread *t) eosRcvd = false; sslHandShakeComplete = false; free_handshake_buffers(); - sslTrace=false; + sslTrace = false; if (from_accept_thread) { sslNetVCAllocator.free(this); @@ -997,8 +984,8 @@ SSLNetVConnection::sslStartHandShake(int event, int &err) this->ssl = make_ssl_connection(lookup->defaultContext(), this); #if !(TS_USE_TLS_SNI) // set SSL trace - if(SSLConfigParams::ssl_wire_trace_enabled){ - bool trace = computeSSLTrace(); + if (SSLConfigParams::ssl_wire_trace_enabled) { + bool trace = computeSSLTrace(); Debug("ssl", "sslnetvc. setting trace to=%s", trace ? "true" : "false"); setSSLTrace(trace); } @@ -1135,9 +1122,8 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err) } sslHandShakeComplete = true; - - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake completed successfully"); + + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake completed successfully"); // do we want to include cert info in trace? if (sslHandshakeBeginTime) { @@ -1180,46 +1166,38 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err) } Debug("ssl", "client selected next protocol '%.*s'", len, proto); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "client selected next protocol'%.*s'", len, proto); + TraceIn(trace, get_remote_addr(), get_remote_port(), "client selected next protocol'%.*s'", len, proto); } else { Debug("ssl", "client did not select a next protocol"); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "client did not select a next protocol"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "client did not select a next protocol"); } } return EVENT_DONE; case SSL_ERROR_WANT_CONNECT: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_CONNECT"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_CONNECT"); return SSL_HANDSHAKE_WANT_CONNECT; case SSL_ERROR_WANT_WRITE: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_WRITE"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_WRITE"); return SSL_HANDSHAKE_WANT_WRITE; case SSL_ERROR_WANT_READ: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_READ"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_READ"); return SSL_HANDSHAKE_WANT_READ; // This value is only defined in openssl has been patched to // enable the sni callback to break out of the SSL_accept processing #ifdef SSL_ERROR_WANT_SNI_RESOLVE case SSL_ERROR_WANT_X509_LOOKUP: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_X509_LOOKUP"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_X509_LOOKUP"); return EVENT_CONT; case SSL_ERROR_WANT_SNI_RESOLVE: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_SNI_RESOLVE"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_SNI_RESOLVE"); #elif SSL_ERROR_WANT_X509_LOOKUP case SSL_ERROR_WANT_X509_LOOKUP: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_X509_LOOKUP"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_X509_LOOKUP"); #endif #if defined(SSL_ERROR_WANT_SNI_RESOLVE) || defined(SSL_ERROR_WANT_X509_LOOKUP) if (this->attributes == HttpProxyPort::TRANSPORT_BLIND_TUNNEL || TS_SSL_HOOK_OP_TUNNEL == hookOpRequested) { @@ -1233,27 +1211,22 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err) #endif case SSL_ERROR_WANT_ACCEPT: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_WANT_ACCEPT"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_WANT_ACCEPT"); return EVENT_CONT; case SSL_ERROR_SSL: SSL_CLR_ERR_INCR_DYN_STAT(this, ssl_error_ssl, "SSLNetVConnection::sslServerHandShakeEvent, SSL_ERROR_SSL errno=%d", errno); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_SSL"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_SSL"); return EVENT_ERROR; case SSL_ERROR_ZERO_RETURN: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_ZERO_RETURN"); - return EVENT_ERROR; + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_ZERO_RETURN"); + return EVENT_ERROR; case SSL_ERROR_SYSCALL: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_SYSCALL"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_SYSCALL"); return EVENT_ERROR; default: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL server handshake ERROR_OTHER"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL server handshake ERROR_OTHER"); return EVENT_ERROR; } } @@ -1296,8 +1269,7 @@ SSLNetVConnection::sslClientHandShakeEvent(int &err) } SSL_INCREMENT_DYN_STAT(ssl_total_success_handshake_count_out_stat); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake completed successfully"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake completed successfully"); // do we want to include cert info in trace? sslHandShakeComplete = true; @@ -1306,47 +1278,40 @@ SSLNetVConnection::sslClientHandShakeEvent(int &err) case SSL_ERROR_WANT_WRITE: Debug("ssl.error", "SSLNetVConnection::sslClientHandShakeEvent, SSL_ERROR_WANT_WRITE"); SSL_INCREMENT_DYN_STAT(ssl_error_want_write); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake ERROR_WANT_WRITE"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake ERROR_WANT_WRITE"); return SSL_HANDSHAKE_WANT_WRITE; case SSL_ERROR_WANT_READ: SSL_INCREMENT_DYN_STAT(ssl_error_want_read); Debug("ssl.error", "SSLNetVConnection::sslClientHandShakeEvent, SSL_ERROR_WANT_READ"); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake ERROR_WANT_READ"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake ERROR_WANT_READ"); return SSL_HANDSHAKE_WANT_READ; case SSL_ERROR_WANT_X509_LOOKUP: SSL_INCREMENT_DYN_STAT(ssl_error_want_x509_lookup); Debug("ssl.error", "SSLNetVConnection::sslClientHandShakeEvent, SSL_ERROR_WANT_X509_LOOKUP"); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake ERROR_WANT_X509_LOOKUP"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake ERROR_WANT_X509_LOOKUP"); break; case SSL_ERROR_WANT_ACCEPT: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake ERROR_WANT_ACCEPT"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake ERROR_WANT_ACCEPT"); return SSL_HANDSHAKE_WANT_ACCEPT; case SSL_ERROR_WANT_CONNECT: - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake ERROR_WANT_CONNECT"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake ERROR_WANT_CONNECT"); break; case SSL_ERROR_ZERO_RETURN: SSL_INCREMENT_DYN_STAT(ssl_error_zero_return); Debug("ssl.error", "SSLNetVConnection::sslClientHandShakeEvent, EOS"); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake EOS"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake EOS"); return EVENT_ERROR; case SSL_ERROR_SYSCALL: err = errno; SSL_INCREMENT_DYN_STAT(ssl_error_syscall); Debug("ssl.error", "SSLNetVConnection::sslClientHandShakeEvent, syscall"); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake Syscall Error: %s", strerror(errno)); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake Syscall Error: %s", strerror(errno)); return EVENT_ERROR; break; @@ -1358,8 +1323,7 @@ SSLNetVConnection::sslClientHandShakeEvent(int &err) Debug("ssl", "SSLNetVConnection::sslClientHandShakeEvent, SSL_ERROR_SSL"); SSL_CLR_ERR_INCR_DYN_STAT(this, ssl_error_ssl, "SSLNetVConnection::sslClientHandShakeEvent, SSL_ERROR_SSL errno=%d", errno); Debug("ssl.error", "SSLNetVConnection::sslClientHandShakeEvent, SSL_ERROR_SSL"); - TraceIn(trace, get_remote_addr(), get_remote_port(), - "SSL client handshake SSL_ERROR"); + TraceIn(trace, get_remote_addr(), get_remote_port(), "SSL client handshake SSL_ERROR"); return EVENT_ERROR; break; } @@ -1504,8 +1468,8 @@ SSLNetVConnection::callHooks(TSHttpHookID eventId) bool SSLNetVConnection::computeSSLTrace() { - // this has to happen before the handshake or else sni_servername will be NULL -#if TS_USE_TLS_SNI +// this has to happen before the handshake or else sni_servername will be NULL +#if TS_USE_TLS_SNI bool sni_trace; if (ssl) { const char *ssl_servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); @@ -1519,15 +1483,15 @@ SSLNetVConnection::computeSSLTrace() bool sni_trace = false; #endif - //count based on ip only if they set an IP value + // count based on ip only if they set an IP value const sockaddr *remote_addr = get_remote_addr(); bool ip_trace = false; - if (SSLConfigParams::ssl_wire_trace_ip) { + if (SSLConfigParams::ssl_wire_trace_ip) { ip_trace = (*SSLConfigParams::ssl_wire_trace_ip == remote_addr); } - - //count based on percentage - int percentage = SSLConfigParams::ssl_wire_trace_percentage; + + // count based on percentage + int percentage = SSLConfigParams::ssl_wire_trace_percentage; int random; bool trace; @@ -1545,8 +1509,8 @@ SSLNetVConnection::computeSSLTrace() random = this_ethread()->generator.random() % 100; // range [0-99] trace = percentage > random; } - + Debug("ssl", "ssl_netvc random=%d, trace=%s", random, trace ? "TRUE" : "FALSE"); return trace; -} +} http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/SSLUtils.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc index db89fbd..eda962b 100644 --- a/iocore/net/SSLUtils.cc +++ b/iocore/net/SSLUtils.cc @@ -281,11 +281,10 @@ set_context_cert(SSL *ssl) bool found = true; int retval = 1; - Debug("ssl", "set_context_cert ssl=%p server=%s handshake_complete=%d", ssl, servername, - netvc->getSSLHandShakeComplete()); + Debug("ssl", "set_context_cert ssl=%p server=%s handshake_complete=%d", ssl, servername, netvc->getSSLHandShakeComplete()); // set SSL trace (we do this a little later in the USE_TLS_SNI case so we can get the servername - if(SSLConfigParams::ssl_wire_trace_enabled){ - bool trace = netvc->computeSSLTrace(); + if (SSLConfigParams::ssl_wire_trace_enabled) { + bool trace = netvc->computeSSLTrace(); Debug("ssl", "sslnetvc. setting trace to=%s", trace ? "true" : "false"); netvc->setSSLTrace(trace); } http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/iocore/net/UnixNetVConnection.cc ---------------------------------------------------------------------- diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index 7e871dd..8a35fa1 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -306,24 +306,22 @@ read_from_net(NetHandler *nh, UnixNetVConnection *vc, EThread *thread) if (vc->origin_trace) { char origin_trace_ip[INET6_ADDRSTRLEN]; - - ats_ip_ntop(vc->origin_trace_addr, origin_trace_ip, sizeof (origin_trace_ip)); + + ats_ip_ntop(vc->origin_trace_addr, origin_trace_ip, sizeof(origin_trace_ip)); if (r > 0) { - TraceIn((vc->origin_trace), vc->get_remote_addr(), vc->get_remote_port(), - "CLIENT %s:%d\tbytes=%d\n%.*s", origin_trace_ip, vc->origin_trace_port, (int)r, - (int)r, (char *)tiovec[0].iov_base); - + TraceIn((vc->origin_trace), vc->get_remote_addr(), vc->get_remote_port(), "CLIENT %s:%d\tbytes=%d\n%.*s", origin_trace_ip, + vc->origin_trace_port, (int)r, (int)r, (char *)tiovec[0].iov_base); + } else if (r == 0) { - TraceIn((vc->origin_trace), vc->get_remote_addr(), vc->get_remote_port(), - "CLIENT %s:%d closed connection", origin_trace_ip, vc->origin_trace_port); + TraceIn((vc->origin_trace), vc->get_remote_addr(), vc->get_remote_port(), "CLIENT %s:%d closed connection", + origin_trace_ip, vc->origin_trace_port); } else { - TraceIn((vc->origin_trace), vc->get_remote_addr(), vc->get_remote_port(), - "CLIENT %s:%d error=%s", origin_trace_ip, vc->origin_trace_port, strerror(errno)); + TraceIn((vc->origin_trace), vc->get_remote_addr(), vc->get_remote_port(), "CLIENT %s:%d error=%s", origin_trace_ip, + vc->origin_trace_port, strerror(errno)); } - } - + total_read += rattempted; } while (rattempted && r == rattempted && total_read < toread); @@ -880,8 +878,8 @@ UnixNetVConnection::UnixNetVConnection() #else next_inactivity_timeout_at(0), next_activity_timeout_at(0), #endif - nh(NULL), id(0), flags(0), recursion(0), submit_time(0), oob_ptr(0), from_accept_thread(false), - origin_trace(false), origin_trace_addr(NULL), origin_trace_port(0) + nh(NULL), id(0), flags(0), recursion(0), submit_time(0), oob_ptr(0), from_accept_thread(false), origin_trace(false), + origin_trace_addr(NULL), origin_trace_port(0) { memset(&local_addr, 0, sizeof local_addr); memset(&server_addr, 0, sizeof server_addr); @@ -962,24 +960,22 @@ UnixNetVConnection::load_buffer_and_write(int64_t towrite, int64_t &wattempted, r = socketManager.write(con.fd, tiovec[0].iov_base, tiovec[0].iov_len); else r = socketManager.writev(con.fd, &tiovec[0], niov); - + if (origin_trace) { char origin_trace_ip[INET6_ADDRSTRLEN]; - ats_ip_ntop(origin_trace_addr, origin_trace_ip, sizeof (origin_trace_ip)); + ats_ip_ntop(origin_trace_addr, origin_trace_ip, sizeof(origin_trace_ip)); if (r > 0) { - TraceOut(origin_trace, get_remote_addr(), get_remote_port(), - "CLIENT %s:%d\tbytes=%d\n%.*s", origin_trace_ip, origin_trace_port, (int)r, - (int)r, (char *)tiovec[0].iov_base); - + TraceOut(origin_trace, get_remote_addr(), get_remote_port(), "CLIENT %s:%d\tbytes=%d\n%.*s", origin_trace_ip, + origin_trace_port, (int)r, (int)r, (char *)tiovec[0].iov_base); + } else if (r == 0) { - TraceOut(origin_trace, get_remote_addr(), get_remote_port(), - "CLIENT %s:%d closed connection", origin_trace_ip, origin_trace_port); + TraceOut(origin_trace, get_remote_addr(), get_remote_port(), "CLIENT %s:%d closed connection", origin_trace_ip, + origin_trace_port); } else { - TraceOut(origin_trace, get_remote_addr(), get_remote_port(), - "CLIENT %s:%d error=%s", origin_trace_ip, origin_trace_port, strerror(errno)); + TraceOut(origin_trace, get_remote_addr(), get_remote_port(), "CLIENT %s:%d error=%s", origin_trace_ip, origin_trace_port, + strerror(errno)); } - } ProxyMutex *mutex = thread->mutex; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/lib/atscppapi/examples/boom/boom.cc ---------------------------------------------------------------------- diff --git a/lib/atscppapi/examples/boom/boom.cc b/lib/atscppapi/examples/boom/boom.cc index 99bcc5d..45954a3 100644 --- a/lib/atscppapi/examples/boom/boom.cc +++ b/lib/atscppapi/examples/boom/boom.cc @@ -85,7 +85,7 @@ const std::string DEFAULT_ERROR_FILE = "default"; // default.html will be search const std::string DEFAULT_ERROR_RESPONSE = "<html><body><h1>This page will be back soon</h1></body></html>"; // Default HTTP status code to use after booming -//const int DEFAULT_BOOM_HTTP_STATUS_CODE = 200; +// const int DEFAULT_BOOM_HTTP_STATUS_CODE = 200; // Default HTTP status string to use after booming const std::string DEFAULT_BOOM_HTTP_STATUS = "OK (BOOM)"; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/FetchSM.cc ---------------------------------------------------------------------- diff --git a/proxy/FetchSM.cc b/proxy/FetchSM.cc index 1942202..8c03597 100644 --- a/proxy/FetchSM.cc +++ b/proxy/FetchSM.cc @@ -63,7 +63,7 @@ FetchSM::httpConnect() char const *tag = pi ? pi->getPluginTag() : "fetchSM"; int64_t id = pi ? pi->getPluginId() : 0; - Debug(DEBUG_TAG, "[%s] calling httpconnect write pi=%p tag=%s id=%d", __FUNCTION__, pi, tag, id); + Debug(DEBUG_TAG, "[%s] calling httpconnect write pi=%p tag=%s id=%" PRId64, __FUNCTION__, pi, tag, id); http_vc = reinterpret_cast<PluginVC *>(TSHttpConnectWithPluginId(&_addr.sa, tag, id)); /* http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/http/HttpSM.cc ---------------------------------------------------------------------- diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 044817b..0215143 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -5380,7 +5380,7 @@ HttpSM::do_setup_post_tunnel(HttpVC_t to_vc_type) // Next order of business if copy the remaining data from the // header buffer into new buffer client_request_body_bytes = post_buffer->write(ua_buffer_reader, chunked ? ua_buffer_reader->read_avail() : post_bytes); - + ua_buffer_reader->consume(client_request_body_bytes); p = tunnel.add_producer(ua_entry->vc, post_bytes - transfered_bytes, buf_start, &HttpSM::tunnel_handler_post_ua, HT_HTTP_CLIENT, "user agent post"); @@ -5602,15 +5602,15 @@ HttpSM::attach_server_session(HttpServerSession *s) server_entry->vc = server_session; server_entry->vc_type = HTTP_SERVER_VC; server_entry->vc_handler = &HttpSM::state_send_server_request_header; - + // es - is this a concern here in HttpSM? Does it belong somewhere else? // Get server and client connections UnixNetVConnection *server_vc = (UnixNetVConnection *)(server_session->get_netvc()); UnixNetVConnection *client_vc = (UnixNetVConnection *)(ua_session->get_netvc()); SSLNetVConnection *ssl_vc = dynamic_cast<SSLNetVConnection *>(client_vc); - if(ssl_vc != NULL) { //if incoming connection is SSL + if (ssl_vc != NULL) { // if incoming connection is SSL bool client_trace = ssl_vc->getSSLTrace(); - if(client_trace) { + if (client_trace) { // get remote address and port to mark corresponding traces const sockaddr *remote_addr = ssl_vc->get_remote_addr(); uint16_t remote_port = ssl_vc->get_remote_port(); http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/http2/Http2ClientSession.cc ---------------------------------------------------------------------- diff --git a/proxy/http2/Http2ClientSession.cc b/proxy/http2/Http2ClientSession.cc index 32445f8..b0a130a 100644 --- a/proxy/http2/Http2ClientSession.cc +++ b/proxy/http2/Http2ClientSession.cc @@ -395,11 +395,11 @@ Http2ClientSession::state_complete_frame_read(int event, void *edata) int64_t Http2ClientSession::getPluginId() const { - return con_id; + return con_id; } -char const* +char const * Http2ClientSession::getPluginTag() const { - return "http/2"; + return "http/2"; } http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/http2/Http2ClientSession.h ---------------------------------------------------------------------- diff --git a/proxy/http2/Http2ClientSession.h b/proxy/http2/Http2ClientSession.h index e7e0aa1..99d384d 100644 --- a/proxy/http2/Http2ClientSession.h +++ b/proxy/http2/Http2ClientSession.h @@ -199,7 +199,7 @@ public: return upgrade_context; } - virtual char const* getPluginTag() const; + virtual char const *getPluginTag() const; virtual int64_t getPluginId() const; private: http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/logging/Log.cc ---------------------------------------------------------------------- diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc index fa66fba..6ab3862 100644 --- a/proxy/logging/Log.cc +++ b/proxy/logging/Log.cc @@ -442,7 +442,7 @@ Log::init_fields() ink_hash_table_insert(field_symbol_hash, "cqhv", field); field = new LogField("client_req_protocol_version", "cqpv", LogField::dINT, &LogAccess::marshal_client_req_protocol_version, - (LogField::UnmarshalFunc) &LogAccess::unmarshal_str); + (LogField::UnmarshalFunc) & LogAccess::unmarshal_str); global_field_list.add(field, false); ink_hash_table_insert(field_symbol_hash, "cqpv", field); @@ -1051,14 +1051,13 @@ Log::va_error(const char *format, va_list ap) /*------------------------------------------------------------------------- Log::trace - These functions are used for wiretracing of incoming SSL connections. + These functions are used for wiretracing of incoming SSL connections. They are an extension of the existing Log::error functionality but with special formatting and handling of the non null terminated buffer. -------------------------------------------------------------------------*/ -void -Log::trace_in(const sockaddr *peer_addr, uint16_t peer_port, - const char *format_string, ...) +void +Log::trace_in(const sockaddr *peer_addr, uint16_t peer_port, const char *format_string, ...) { va_list ap; va_start(ap, format_string); @@ -1066,9 +1065,8 @@ Log::trace_in(const sockaddr *peer_addr, uint16_t peer_port, va_end(ap); } -void -Log::trace_out(const sockaddr *peer_addr, uint16_t peer_port, - const char *format_string, ...) +void +Log::trace_out(const sockaddr *peer_addr, uint16_t peer_port, const char *format_string, ...) { va_list ap; va_start(ap, format_string); @@ -1077,8 +1075,7 @@ Log::trace_out(const sockaddr *peer_addr, uint16_t peer_port, } void -Log::trace_va(bool in, const sockaddr *peer_addr, uint16_t peer_port, - const char *format_string, va_list ap) +Log::trace_va(bool in, const sockaddr *peer_addr, uint16_t peer_port, const char *format_string, va_list ap) { if (!peer_addr || !format_string) { return; @@ -1086,13 +1083,12 @@ Log::trace_va(bool in, const sockaddr *peer_addr, uint16_t peer_port, char ip[INET6_ADDRSTRLEN]; ats_ip_ntop(peer_addr, ip, sizeof(ip)); - + struct timeval tp; ink_gethrtimeofday(&tp, NULL); - Log::error("[%9d.%03d] Trace {0x%" PRIx64 "} %s %s:%d: ", - (int) tp.tv_sec, (int) (tp.tv_usec / 1000), - (uint64_t) pthread_self(), in ? "RECV" : "SEND", ip, peer_port); + Log::error("[%9d.%03d] Trace {0x%" PRIx64 "} %s %s:%d: ", (int)tp.tv_sec, (int)(tp.tv_usec / 1000), (uint64_t)pthread_self(), + in ? "RECV" : "SEND", ip, peer_port); Log::va_error(format_string, ap); Log::error("[End Trace]\n"); } http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/logging/Log.h ---------------------------------------------------------------------- diff --git a/proxy/logging/Log.h b/proxy/logging/Log.h index a2462ba..a2ff117 100644 --- a/proxy/logging/Log.h +++ b/proxy/logging/Log.h @@ -417,17 +417,14 @@ public: inkcoreapi static int access(LogAccess *lad); inkcoreapi static int va_error(const char *format, va_list ap); inkcoreapi static int error(const char *format, ...) TS_PRINTFLIKE(1, 2); - + ///////////////////////////////////////////////////////////////////////// // 'Wire tracing' enabled by source ip or by percentage of connections // ///////////////////////////////////////////////////////////////////////// - static void trace_in(const sockaddr *peer_addr, uint16_t peer_port, - const char *format_string, ...) TS_PRINTFLIKE(3, 4); - static void trace_out(const sockaddr *peer_addr, uint16_t peer_port, - const char *format_string, ...) TS_PRINTFLIKE(3, 4); - static void trace_va(bool in, const sockaddr *peer_addr, uint16_t peer_port, - const char *format_string, va_list ap); - + static void trace_in(const sockaddr *peer_addr, uint16_t peer_port, const char *format_string, ...) TS_PRINTFLIKE(3, 4); + static void trace_out(const sockaddr *peer_addr, uint16_t peer_port, const char *format_string, ...) TS_PRINTFLIKE(3, 4); + static void trace_va(bool in, const sockaddr *peer_addr, uint16_t peer_port, const char *format_string, va_list ap); + // public data members inkcoreapi static LogObject *error_log; static LogConfig *config; @@ -486,7 +483,11 @@ LogRollingEnabledIsValid(int enabled) return (enabled >= Log::NO_ROLLING || enabled < Log::INVALID_ROLLING_VALUE); } -#define TraceIn(flag, ...) if (flag) Log::trace_in(__VA_ARGS__) -#define TraceOut(flag, ...) if (flag) Log::trace_out(__VA_ARGS__) +#define TraceIn(flag, ...) \ + if (flag) \ + Log::trace_in(__VA_ARGS__) +#define TraceOut(flag, ...) \ + if (flag) \ + Log::trace_out(__VA_ARGS__) #endif http://git-wip-us.apache.org/repos/asf/trafficserver/blob/bad88d0e/proxy/logging/LogAccessHttp.cc ---------------------------------------------------------------------- diff --git a/proxy/logging/LogAccessHttp.cc b/proxy/logging/LogAccessHttp.cc index 43f935e..d34d449 100644 --- a/proxy/logging/LogAccessHttp.cc +++ b/proxy/logging/LogAccessHttp.cc @@ -602,7 +602,7 @@ LogAccessHttp::marshal_client_req_protocol_version(char *buf) marshal_str(buf, tag, len); } - return len; + return len; }
