This is an automated email from the ASF dual-hosted git repository. bneradt pushed a commit to branch 11-Dev in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 6056a06eb9979056002ffb9474c895d4bc36497a Merge: 0c420bf02f 008eb49995 Author: bneradt <[email protected]> AuthorDate: Sat Jul 13 17:36:57 2024 -0500 Merge ASF master into 11-Dev .gitignore | 1 - CMakeLists.txt | 11 +- .../add_cripts_bundle.cmake | 25 +- configs/records.yaml.default.in | 2 +- doc/admin-guide/files/records.yaml.en.rst | 12 + doc/admin-guide/files/remap.config.en.rst | 171 +- doc/developer-guide/cripts/cripts-bundles.en.rst | 13 +- .../cripts/cripts-connections.en.rst | 28 +- doc/developer-guide/cripts/cripts-crypto.en.rst | 10 +- doc/developer-guide/cripts/cripts-headers.en.rst | 16 +- doc/developer-guide/cripts/cripts-matcher.en.rst | 22 +- doc/developer-guide/cripts/cripts-misc.en.rst | 90 +- doc/developer-guide/cripts/cripts-overview.en.rst | 19 + doc/developer-guide/cripts/cripts-urls.en.rst | 28 +- doc/developer-guide/cripts/cripts-variables.en.rst | 12 +- .../plugins/building-plugins.en.rst | 3 +- .../admin-guide/configuration/cache-basics.en.po | 4 +- .../configuration/redirecting-http-requests.en.po | 4 +- .../admin-guide/configuring-traffic-server.en.po | 2 +- .../admin-guide/files/storage.config.en.po | 2 +- .../ja/LC_MESSAGES/admin-guide/storage/index.en.po | 6 +- doc/locale/ja/LC_MESSAGES/appendices/faq.en.po | 8 +- .../ja/LC_MESSAGES/appendices/glossary.en.po | 2 +- .../plugins/continuations/index.en.po | 2 +- .../plugins/hooks-and-transactions/index.en.po | 2 +- example/cripts/example1.cc | 97 +- example/plugins/c-api/cert_update/cert_update.cc | 2 +- .../client_context_dump/client_context_dump.cc | 2 +- .../plugins/c-api/disable_http2/disable_http2.cc | 2 +- example/plugins/c-api/hello/hello.cc | 2 +- .../c-api/lifecycle_plugin/lifecycle_plugin.cc | 2 +- .../plugins/c-api/null_transform/null_transform.cc | 6 +- .../plugins/c-api/protocol_stack/protocol_stack.cc | 2 +- .../plugins/c-api/session_hooks/session_hooks.cc | 4 +- example/plugins/c-api/ssl_sni/ssl_sni.cc | 2 +- .../c-api/ssl_sni_allowlist/ssl_sni_allowlist.cc | 2 +- .../plugins/c-api/txn_data_sink/txn_data_sink.cc | 8 +- example/plugins/c-api/vconn_args/vconn_args.cc | 4 +- example/plugins/c-api/verify_cert/verify_cert.cc | 2 +- .../access_control => ext}/CMakeLists.txt | 37 +- ext/README.md | 29 + include/cripts/Bundle.hpp | 32 +- include/cripts/Bundles/Caching.hpp | 8 +- include/cripts/Bundles/Common.hpp | 14 +- include/cripts/Bundles/Headers.hpp | 8 +- include/cripts/Bundles/LogsMetrics.hpp | 8 +- include/cripts/Configs.hpp | 238 +- include/cripts/ConfigsBase.hpp | 144 +- include/cripts/Connections.hpp | 84 +- include/cripts/Context.hpp | 29 +- include/cripts/Crypto.hpp | 58 +- include/cripts/Epilogue.hpp | 96 +- include/cripts/Error.hpp | 28 +- include/cripts/Files.hpp | 6 +- include/cripts/Headers.hpp | 165 +- include/cripts/Instance.hpp | 38 +- include/cripts/Lulu.hpp | 94 +- include/cripts/Matcher.hpp | 69 +- include/cripts/Metrics.hpp | 61 +- include/cripts/Plugins.hpp | 10 +- include/cripts/Preamble.hpp | 14 +- include/cripts/Time.hpp | 24 +- include/cripts/Transaction.hpp | 6 +- include/cripts/UUID.hpp | 2 +- include/cripts/Urls.hpp | 179 +- include/iocore/eventsystem/SocketManager.h | 5 - include/iocore/eventsystem/UnixSocket.h | 308 ++ include/iocore/net/TLSEarlyDataSupport.h | 3 + include/iocore/net/quic/Mock.h | 36 +- include/iocore/net/quic/QUICStreamManager.h | 3 +- include/proxy/HostStatus.h | 2 +- include/proxy/ParentRoundRobin.h | 2 +- include/proxy/http/HttpCacheSM.h | 2 - include/proxy/http/HttpConfig.h | 1 + include/proxy/http/HttpSM.h | 7 + include/proxy/http/HttpTransact.h | 1 + include/proxy/http/remap/RemapPlugins.h | 5 +- include/proxy/http/remap/UrlRewrite.h | 10 +- include/proxy/http3/Http3Frame.h | 60 +- include/proxy/http3/Http3FrameDispatcher.h | 2 + include/proxy/logging/LogFilter.h | 2 +- include/shared/rpc/IPCSocketClient.h | 5 +- include/shared/rpc/RPCClient.h | 2 +- include/tscore/Trie.h | 4 +- include/tscore/ink_config.h.cmake.in | 1 - include/tscore/ink_file.h | 6 +- include/tsutil/ts_errata.h | 2 +- lib/swoc/include/swoc/Vectray.h | 2 +- plugins/experimental/access_control/CMakeLists.txt | 2 +- plugins/experimental/access_control/config.cc | 2 +- plugins/experimental/fq_pacing/fq_pacing.cc | 2 +- plugins/experimental/icap/icap_plugin.cc | 2 +- plugins/experimental/magick/CMakeLists.txt | 2 +- plugins/experimental/magick/magick.cc | 2 +- plugins/experimental/maxmind_acl/mmdb.cc | 2 +- plugins/experimental/otel_tracer/otel_tracer.cc | 2 +- plugins/experimental/sslheaders/CMakeLists.txt | 2 +- plugins/experimental/stek_share/CMakeLists.txt | 2 +- plugins/experimental/stek_share/state_machine.h | 17 +- plugins/experimental/stek_share/state_manager.h | 2 +- plugins/experimental/stek_share/stek_share.cc | 8 +- plugins/experimental/txn_box/plugin/CMakeLists.txt | 2 +- .../experimental/txn_box/unit_tests/CMakeLists.txt | 2 +- plugins/experimental/uri_signing/match.cc | 2 +- plugins/experimental/uri_signing/parse.cc | 2 +- .../uri_signing/unit_tests/CMakeLists.txt | 6 +- plugins/experimental/uri_signing/uri_signing.cc | 2 +- plugins/experimental/wasm/ats_context.cc | 4 +- plugins/experimental/wasm/ats_wasm.cc | 5 +- plugins/experimental/wasm/lib/CMakeLists.txt | 1 + plugins/experimental/wasm/wasm_main.cc | 6 +- plugins/header_rewrite/matcher.h | 2 +- plugins/ja3_fingerprint/ja3_fingerprint.cc | 210 +- plugins/lua/ts_lua.cc | 4 +- plugins/lua/ts_lua_cached_response.cc | 2 +- plugins/lua/ts_lua_client_request.cc | 2 +- plugins/lua/ts_lua_client_response.cc | 2 +- plugins/lua/ts_lua_server_request.cc | 2 +- plugins/lua/ts_lua_server_response.cc | 2 +- plugins/prefetch/fetch.cc | 4 +- plugins/s3_auth/s3_auth.cc | 16 +- plugins/s3_auth/unit_tests/CMakeLists.txt | 2 +- plugins/xdebug/xdebug_headers.cc | 2 +- src/api/CMakeLists.txt | 3 +- src/api/InkAPI.cc | 9 +- src/cripts/Bundles/Caching.cc | 4 +- src/cripts/Bundles/Common.cc | 40 +- src/cripts/Bundles/HRWBridge.cc | 42 +- src/cripts/Bundles/Headers.cc | 30 +- src/cripts/Bundles/LogsMetrics.cc | 64 +- src/cripts/CMakeLists.txt | 2 +- src/cripts/Configs.cc | 128 +- src/cripts/Connections.cc | 51 +- src/cripts/Context.cc | 47 +- src/cripts/Crypto.cc | 30 +- src/cripts/Error.cc | 16 +- src/cripts/Files.cc | 4 +- src/cripts/Headers.cc | 54 +- src/cripts/Instance.cc | 31 +- src/cripts/Lulu.cc | 32 +- src/cripts/Matcher.cc | 12 +- src/cripts/Plugins.cc | 6 +- src/cripts/Urls.cc | 128 +- src/iocore/cache/CMakeLists.txt | 1 + src/iocore/cache/CacheDoc.cc | 90 + src/iocore/cache/CacheVC.cc | 13 - src/iocore/cache/CacheWrite.cc | 179 +- src/iocore/cache/P_CacheDoc.h | 6 + src/iocore/cache/P_CacheVol.h | 2 + src/iocore/cache/Store.cc | 2 +- src/iocore/cache/Stripe.cc | 161 +- src/iocore/cache/unit_tests/test_Stripe.cc | 10 +- src/iocore/dns/P_DNSConnection.h | 6 +- src/iocore/eventsystem/CMakeLists.txt | 1 + src/iocore/eventsystem/P_UnixSocketManager.h | 157 +- src/iocore/eventsystem/SocketManager.cc | 80 +- .../{SocketManager.cc => UnixSocket.cc} | 103 +- src/iocore/net/Connection.cc | 28 - src/iocore/net/P_Connection.h | 19 - src/iocore/net/P_NetAccept.h | 13 +- src/iocore/net/QUICClosedConCollector.cc | 2 +- src/iocore/net/QUICMultiCertConfigLoader.cc | 8 +- src/iocore/net/QUICNetProcessor.cc | 4 +- src/iocore/net/QUICNetVConnection.cc | 32 +- src/iocore/net/QUICPacketHandler.cc | 8 +- src/iocore/net/SNIActionPerformer.cc | 3 +- src/iocore/net/SSLConfig.cc | 4 +- src/iocore/net/SSLUtils.cc | 6 +- src/iocore/net/TLSEarlyDataSupport.cc | 10 +- src/iocore/net/UnixConnection.cc | 8 +- src/iocore/net/UnixNetAccept.cc | 23 +- src/iocore/net/UnixNetVConnection.cc | 2 +- src/iocore/net/UnixUDPNet.cc | 3 +- src/iocore/net/quic/QUICGlobals.cc | 2 +- src/iocore/net/quic/QUICStream.cc | 4 +- src/iocore/net/quic/QUICStreamManager.cc | 37 +- src/iocore/net/quic/QUICStreamVCAdapter.cc | 16 +- src/mgmt/config/FileManager.cc | 3 +- src/mgmt/rpc/handlers/config/Configuration.cc | 4 +- src/mgmt/rpc/handlers/plugins/Plugins.cc | 2 +- src/mgmt/rpc/handlers/records/Records.cc | 6 +- src/mgmt/rpc/handlers/server/Server.cc | 4 +- src/mgmt/rpc/handlers/storage/Storage.cc | 4 +- .../rpc/jsonrpc/unit_tests/test_basic_protocol.cc | 33 +- src/mgmt/rpc/server/unit_tests/test_rpcserver.cc | 9 +- src/proxy/HostStatus.cc | 2 +- src/proxy/IPAllow.cc | 4 +- src/proxy/ParentConsistentHash.cc | 4 +- src/proxy/ParentRoundRobin.cc | 2 +- src/proxy/ProxySession.cc | 6 +- src/proxy/ProxyTransaction.cc | 2 +- src/proxy/hdrs/VersionConverter.cc | 2 +- src/proxy/hdrs/XPACK.cc | 5 +- src/proxy/http/Http1ServerSession.cc | 2 +- src/proxy/http/HttpCacheSM.cc | 10 +- src/proxy/http/HttpConfig.cc | 4 +- src/proxy/http/HttpSM.cc | 24 +- src/proxy/http/HttpTransact.cc | 11 +- src/proxy/http/PreWarmManager.cc | 6 +- src/proxy/http/remap/NextHopConsistentHash.cc | 2 +- src/proxy/http/remap/NextHopHealthStatus.cc | 6 +- src/proxy/http/remap/NextHopRoundRobin.cc | 2 +- src/proxy/http/remap/NextHopSelectionStrategy.cc | 2 +- src/proxy/http/remap/PluginFactory.cc | 2 +- src/proxy/http/remap/UrlRewrite.cc | 35 +- .../http/remap/unit-tests/nexthop_test_stubs.cc | 2 +- src/proxy/http/remap/unit-tests/test_PluginDso.cc | 4 +- .../http/remap/unit-tests/test_PluginFactory.cc | 2 +- src/proxy/http2/HTTP2.cc | 2 +- src/proxy/http2/Http2ClientSession.cc | 6 +- src/proxy/http2/Http2CommonSession.cc | 2 +- src/proxy/http2/Http2Frame.cc | 2 +- src/proxy/http2/Http2ServerSession.cc | 6 +- src/proxy/http2/Http2Stream.cc | 10 +- src/proxy/http3/Http09App.cc | 2 +- src/proxy/http3/Http3App.cc | 4 +- src/proxy/http3/Http3Frame.cc | 292 +- src/proxy/http3/Http3FrameCounter.cc | 3 +- src/proxy/http3/Http3FrameDispatcher.cc | 68 +- src/proxy/http3/Http3HeaderVIOAdaptor.cc | 2 +- src/proxy/http3/Http3Session.cc | 14 +- src/proxy/http3/Http3SessionAccept.cc | 2 +- src/proxy/http3/Http3StreamDataVIOAdaptor.cc | 4 +- src/proxy/http3/Http3Transaction.cc | 8 +- src/proxy/http3/QPACK.cc | 9 +- src/proxy/http3/test/Mock.h | 3 +- src/proxy/http3/test/stub.cc | 6 +- src/proxy/http3/test/test_Http3Frame.cc | 85 +- src/proxy/http3/test/test_QPACK.cc | 6 +- src/proxy/logging/LogBuffer.cc | 5 +- src/proxy/logging/LogObject.cc | 4 +- src/records/RecCore.cc | 3 +- src/records/RecYAMLDecoder.cc | 4 +- src/records/RecordsConfig.cc | 2 + src/records/unit_tests/test_Diags.h | 3 +- .../unit_tests/unit_test_main_on_eventsystem.cc | 2 +- src/shared/rpc/IPCSocketClient.cc | 85 +- src/traffic_layout/engine.cc | 10 +- src/tscore/hugepages.cc | 9 +- src/tscore/ink_cap.cc | 10 +- src/tscore/ink_file.cc | 15 + tests/autest.sh | 1 + tests/autest.sh.in | 1 + tests/gold_tests/autest-site/txn_box.test.ext | 3 +- .../continuations/plugins/session_id_verify.cc | 4 +- tests/gold_tests/h2/expect_100_continue.yaml | 65 + .../h2/gold/http-request-method-metrics.gold | 2 +- tests/gold_tests/h2/h2origin.test.py | 13 +- tests/gold_tests/h2/http2_close_connection.test.py | 68 + tests/gold_tests/h2/http2_close_connection.yaml | 100 + tests/gold_tests/ip_allow/ip_category.test.py | 1 + .../jsonrpc/plugins/jsonrpc_plugin_handler_test.cc | 6 +- tests/gold_tests/pluginTest/TSVConnFd/TSVConnFd.cc | 2 +- .../ja3_fingerprint/modify-incoming-client.gold | 4 +- .../ja3_fingerprint/modify-incoming-proxy.gold | 2 +- .../ja3_fingerprint/modify-sent-proxy.gold | 2 +- .../polite_hook_wait/polite_hook_wait.cc | 2 +- .../pluginTest/tsapi/test_TSHttpSsnInfo.cc | 2 +- .../tsapi/test_TSHttpTxnServerAddrSet.cc | 2 +- tests/gold_tests/pluginTest/tsapi/test_tsapi.cc | 2 +- tests/gold_tests/remap/all_acl_combinations.py | 146 + ...deny_head_post.replay.yaml => base.replay.yaml} | 63 +- tests/gold_tests/remap/deactivate_ip_allow.py | 96 + tests/gold_tests/remap/deny_head_post.replay.yaml | 2 - tests/gold_tests/remap/remap_acl.test.py | 128 +- .../remap/remap_acl_all_allowed.replay.yaml | 2 - .../remap/remap_acl_all_denied.replay.yaml | 2 - .../remap/remap_acl_get_allowed.replay.yaml | 2 - .../remap/remap_acl_get_post_allowed.replay.yaml | 2 - .../remap/remap_acl_get_post_denied.replay.yaml | 2 - tests/gold_tests/slow_post/quick_server.py | 8 +- tests/gold_tests/slow_post/quick_server.test.py | 18 +- tests/gold_tests/timeout/quic_poll_timeout.test.py | 8 +- tests/gold_tests/timeout/ssl-delay-server.cc | 4 +- tests/gold_tests/tls/ssl-post.c | 4 +- tests/prepare_proxy_verifier.sh | 2 +- tests/proxy-verifier-version.txt | 2 +- tests/tools/plugins/CMakeLists.txt | 1 + tests/tools/plugins/async_engine.c | 11 +- tests/tools/plugins/conf_remap_stripped.cc | 9 +- tests/tools/plugins/cont_schedule.cc | 21 +- tests/tools/plugins/continuations_verify.cc | 8 +- tests/tools/plugins/custom204plugin.cc | 4 +- tests/tools/plugins/emergency_shutdown.cc | 6 +- tests/tools/plugins/fatal_shutdown.cc | 6 +- tests/tools/plugins/hook_add_plugin.cc | 2 +- tests/tools/plugins/hook_tunnel_plugin.cc | 8 +- tests/tools/plugins/http2_close_connection.cc | 92 + tests/tools/plugins/missing_mangled_definition_c.c | 3 +- .../plugins/missing_mangled_definition_cpp.cc | 2 +- tests/tools/plugins/ssl_hook_test.cc | 12 +- tests/tools/plugins/ssl_secret_load_test.cc | 6 +- tests/tools/plugins/ssntxnorder_verify.cc | 2 +- tests/tools/plugins/test_hooks.cc | 2 +- tests/tools/plugins/test_log_interface.cc | 4 +- tests/tools/plugins/tunnel_transform.cc | 8 +- tests/tools/plugins/user_args.cc | 13 +- tools/autopep8.sh | 8 +- tools/build_boringssl_h3_tools.sh | 9 +- tools/check-unused-dependencies | 51 +- tools/clang-format.sh | 10 +- tools/cmake-format.sh | 8 +- tools/cripts/genconfig.py | 12 +- tools/cvtremappi | 65 +- tools/jtest/README | 78 - tools/jtest/README.zh.md | 450 -- tools/jtest/jtest.cc | 4818 -------------------- tools/yapf.sh | 10 +- 308 files changed, 4138 insertions(+), 7957 deletions(-) diff --cc src/iocore/net/SSLConfig.cc index de3edd313f,4d6a3bf9a5..69e1c45655 --- a/src/iocore/net/SSLConfig.cc +++ b/src/iocore/net/SSLConfig.cc @@@ -51,28 -51,32 +51,29 @@@ #include "iocore/net/SSLDiags.h" #include "SSLSessionCache.h" #include "SSLSessionTicket.h" + #include "iocore/net/TLSEarlyDataSupport.h" #include "iocore/net/YamlSNIConfig.h" -int SSLConfig::config_index = 0; -int SSLConfig::configids[] = {0, 0}; -int SSLCertificateConfig::configid = 0; -int SSLTicketKeyConfig::configid = 0; -int SSLConfigParams::ssl_maxrecord = 0; -int SSLConfigParams::ssl_misc_max_iobuffer_size_index = 8; -bool SSLConfigParams::ssl_allow_client_renegotiation = false; -bool SSLConfigParams::ssl_ocsp_enabled = false; -int SSLConfigParams::ssl_ocsp_cache_timeout = 3600; -bool SSLConfigParams::ssl_ocsp_request_mode = false; -int SSLConfigParams::ssl_ocsp_request_timeout = 10; -int SSLConfigParams::ssl_ocsp_update_period = 60; -char *SSLConfigParams::ssl_ocsp_user_agent = nullptr; -int SSLConfigParams::ssl_handshake_timeout_in = 0; -int SSLConfigParams::origin_session_cache = 1; -size_t SSLConfigParams::origin_session_cache_size = 10240; -size_t SSLConfigParams::session_cache_number_buckets = 1024; -bool SSLConfigParams::session_cache_skip_on_lock_contention = false; -size_t SSLConfigParams::session_cache_max_bucket_size = 100; -init_ssl_ctx_func SSLConfigParams::init_ssl_ctx_cb = nullptr; -load_ssl_file_func SSLConfigParams::load_ssl_file_cb = nullptr; -swoc::IPRangeSet *SSLConfigParams::proxy_protocol_ip_addrs = nullptr; -bool SSLConfigParams::ssl_ktls_enabled = false; +int SSLConfig::config_index = 0; +int SSLConfig::configids[] = {0, 0}; +int SSLCertificateConfig::configid = 0; +int SSLTicketKeyConfig::configid = 0; +int SSLConfigParams::ssl_maxrecord = 0; +int SSLConfigParams::ssl_misc_max_iobuffer_size_index = 8; +bool SSLConfigParams::ssl_allow_client_renegotiation = false; +bool SSLConfigParams::ssl_ocsp_enabled = false; +int SSLConfigParams::ssl_ocsp_cache_timeout = 3600; +bool SSLConfigParams::ssl_ocsp_request_mode = false; +int SSLConfigParams::ssl_ocsp_request_timeout = 10; +int SSLConfigParams::ssl_ocsp_update_period = 60; +char *SSLConfigParams::ssl_ocsp_user_agent = nullptr; +int SSLConfigParams::ssl_handshake_timeout_in = 0; +int SSLConfigParams::origin_session_cache = 1; +size_t SSLConfigParams::origin_session_cache_size = 10240; +init_ssl_ctx_func SSLConfigParams::init_ssl_ctx_cb = nullptr; +load_ssl_file_func SSLConfigParams::load_ssl_file_cb = nullptr; +swoc::IPRangeSet *SSLConfigParams::proxy_protocol_ip_addrs = nullptr; +bool SSLConfigParams::ssl_ktls_enabled = false; const uint32_t EARLY_DATA_DEFAULT_SIZE = 16384; uint32_t SSLConfigParams::server_max_early_data = 0;
