Repository: trafficserver Updated Branches: refs/heads/master 3ce7dfa06 -> 3e7504eec
TS-315: Add switch to disable config file generation/runtime behavior changing Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/3e7504ee Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/3e7504ee Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/3e7504ee Branch: refs/heads/master Commit: 3e7504eec85bd69c91d694591968369d16ffe1c3 Parents: 3ce7dfa Author: Bryan Call <[email protected]> Authored: Thu Oct 22 16:33:35 2015 -0700 Committer: Bryan Call <[email protected]> Committed: Thu Oct 22 16:33:56 2015 -0700 ---------------------------------------------------------------------- lib/records/RecLocal.cc | 11 ++++++++--- lib/records/RecProcess.cc | 17 ++++++++++++----- mgmt/RecordsConfig.cc | 3 ++- mgmt/api/TSControlMain.cc | 9 +++++++++ 4 files changed, 31 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/3e7504ee/lib/records/RecLocal.cc ---------------------------------------------------------------------- diff --git a/lib/records/RecLocal.cc b/lib/records/RecLocal.cc index c97f93e..8846691 100644 --- a/lib/records/RecLocal.cc +++ b/lib/records/RecLocal.cc @@ -209,9 +209,14 @@ RecLocalInitMessage() int RecLocalStart(FileManager *configFiles) { - ink_thread_create(sync_thr, configFiles); - ink_thread_create(config_update_thr, NULL); - + RecInt disable_modification = 0; + RecGetRecordInt("proxy.config.disable_configuration_modification", &disable_modification); + if (disable_modification == 1) { + RecDebug(DL_Debug, "Disable configuration modification"); + } else { + ink_thread_create(sync_thr, configFiles); + ink_thread_create(config_update_thr, NULL); + } return REC_ERR_OKAY; } http://git-wip-us.apache.org/repos/asf/trafficserver/blob/3e7504ee/lib/records/RecProcess.cc ---------------------------------------------------------------------- diff --git a/lib/records/RecProcess.cc b/lib/records/RecProcess.cc index 5cefe0f..ed95d6d 100644 --- a/lib/records/RecProcess.cc +++ b/lib/records/RecProcess.cc @@ -491,15 +491,22 @@ RecProcessStart(void) Debug("statsproc", "Starting sync continuations:"); raw_stat_sync_cont *rssc = new raw_stat_sync_cont(new_ProxyMutex()); - Debug("statsproc", "\traw-stat syncer"); + Debug("statsproc", "raw-stat syncer"); raw_stat_sync_cont_event = eventProcessor.schedule_every(rssc, HRTIME_MSECONDS(g_rec_raw_stat_sync_interval_ms), ET_TASK); - config_update_cont *cuc = new config_update_cont(new_ProxyMutex()); - Debug("statsproc", "\tconfig syncer"); - config_update_cont_event = eventProcessor.schedule_every(cuc, HRTIME_MSECONDS(g_rec_config_update_interval_ms), ET_TASK); + RecInt disable_modification = 0; + RecGetRecordInt("proxy.config.disable_configuration_modification", &disable_modification); + // Schedule continuation to call the configuration callbacks if we are allowed to modify configuration in RAM + if (disable_modification == 1) { + Debug("statsproc", "Disabled configuration modification"); + } else { + config_update_cont *cuc = new config_update_cont(new_ProxyMutex()); + Debug("statsproc", "config syncer"); + config_update_cont_event = eventProcessor.schedule_every(cuc, HRTIME_MSECONDS(g_rec_config_update_interval_ms), ET_TASK); + } sync_cont *sc = new sync_cont(new_ProxyMutex()); - Debug("statsproc", "\tremote syncer"); + Debug("statsproc", "remote syncer"); sync_cont_event = eventProcessor.schedule_every(sc, HRTIME_MSECONDS(g_rec_remote_sync_interval_ms), ET_TASK); g_started = true; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/3e7504ee/mgmt/RecordsConfig.cc ---------------------------------------------------------------------- diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index 66c5ee6..b8bced0 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -1069,7 +1069,8 @@ static const RecordElement RecordsConfig[] = , {RECT_CONFIG, "proxy.config.hostdb.host_file.interval", RECD_INT, "86400", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} , - + {RECT_CONFIG, "proxy.config.disable_configuration_modification", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_NULL, "[0-1]", RECA_NULL} + , //########################################################################## //# //# HTTP http://git-wip-us.apache.org/repos/asf/trafficserver/blob/3e7504ee/mgmt/api/TSControlMain.cc ---------------------------------------------------------------------- diff --git a/mgmt/api/TSControlMain.cc b/mgmt/api/TSControlMain.cc index 6225773..3aafd07 100644 --- a/mgmt/api/TSControlMain.cc +++ b/mgmt/api/TSControlMain.cc @@ -48,6 +48,8 @@ static InkHashTable *accepted_con; // a list of all accepted client connections static TSMgmtError handle_control_message(int fd, void *msg, size_t msglen); +static RecInt disable_modification = 0; + /********************************************************************* * create_client * @@ -140,6 +142,8 @@ ts_ctrl_main(void *arg) int fds_ready; // stores return value for select struct timeval timeout; + RecGetRecordInt("proxy.config.disable_configuration_modification", &disable_modification); + // loops until TM dies; waits for and processes requests from clients while (1) { // LINUX: to prevent hard-spin of CPU, reset timeout on each loop @@ -1195,6 +1199,11 @@ handle_control_message(int fd, void *req, size_t reqlen) goto fail; } + if (optype == RECORD_SET && disable_modification == 1) { + Debug("ts_main", "Trying to set a record when disable configuration modification is on, returning permission denied"); + return send_mgmt_error(fd, optype, TS_ERR_PERMISSION_DENIED); + } + if (handlers[optype].handler == NULL) { goto fail; }
