This is an automated email from the ASF dual-hosted git repository. bneradt pushed a commit to branch 11-Dev in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 88292502d4fa2f351c607d8b4b4cd9942d1c2f44 Merge: ee97be4e84 4c9c7c63dc Author: bneradt <[email protected]> AuthorDate: Wed Jan 29 16:26:31 2025 -0600 Merge latest master into 11-Dev include/iocore/aio/AIO.h | 5 +- include/iocore/cache/Cache.h | 3 - include/iocore/cache/HttpTransactCache.h | 3 +- include/iocore/cache/Store.h | 2 +- include/iocore/dns/DNSProcessor.h | 1 - include/iocore/eventsystem/Action.h | 1 - include/iocore/eventsystem/ConfigProcessor.h | 2 + include/iocore/eventsystem/Event.h | 1 - include/iocore/eventsystem/EventProcessor.h | 1 - include/iocore/eventsystem/Freer.h | 1 + include/iocore/eventsystem/IOBuffer.h | 12 +- include/iocore/eventsystem/Tasks.h | 3 +- include/iocore/net/AcceptOptions.h | 2 - include/iocore/net/Net.h | 2 +- include/iocore/net/NetVConnection.h | 87 ++++++++++- include/iocore/net/PollCont.h | 2 +- include/iocore/net/SSLMultiCertConfigLoader.h | 14 +- include/iocore/net/TLSEventSupport.h | 1 + include/iocore/net/UDPConnection.h | 4 +- include/iocore/net/UDPPacket.h | 1 + include/iocore/net/quic/MTHashTable.h | 37 ++--- include/iocore/net/quic/Mock.h | 3 +- include/iocore/net/quic/QUICApplication.h | 2 - include/iocore/net/quic/QUICConnection.h | 1 - include/iocore/net/quic/QUICContext.h | 2 - include/iocore/net/quic/QUICDebugNames.h | 1 - include/iocore/net/quic/QUICEvents.h | 1 - .../iocore/net/quic/QUICTransferProgressProvider.h | 2 + include/iocore/net/quic/QUICTypes.h | 17 +-- include/mgmt/rpc/server/IPCSocketServer.h | 1 + include/proxy/HostStatus.h | 11 +- include/proxy/PluginVC.h | 3 +- include/proxy/http/HttpConfig.h | 1 + include/proxy/http/HttpProxyServerMain.h | 2 +- include/proxy/http/HttpTunnel.h | 1 - include/proxy/http/remap/RemapConfig.h | 3 + include/proxy/logging/LogConfig.h | 1 + include/records/RecProcess.h | 4 +- include/tscore/Regression.h | 3 +- lib/swoc/include/swoc/Errata.h | 11 +- plugins/header_rewrite/header_rewrite.cc | 1 + plugins/header_rewrite/operators.cc | 1 + src/api/InkAPI.cc | 6 +- src/api/InkAPITest.cc | 4 +- src/cripts/Plugins.cc | 1 + src/iocore/aio/AIO.cc | 7 + src/iocore/aio/test_AIO.cc | 10 +- src/iocore/cache/AggregateWriteBuffer.cc | 7 - src/iocore/cache/Cache.cc | 56 +++---- src/iocore/cache/CacheDir.cc | 55 +++---- src/iocore/cache/CacheDisk.cc | 11 +- src/iocore/cache/CacheEvacuateDocVC.h | 2 +- src/iocore/cache/CacheHosting.cc | 7 +- src/iocore/cache/CacheHttp.cc | 11 +- src/iocore/cache/CacheProcessor.cc | 164 ++++++++++----------- src/iocore/cache/CacheRead.cc | 54 +++---- src/iocore/cache/CacheTest.cc | 6 +- src/iocore/cache/CacheVC.cc | 14 +- {include => src}/iocore/cache/CacheVC.h | 13 +- src/iocore/cache/CacheWrite.cc | 27 ++-- src/iocore/cache/HttpTransactCache.cc | 9 +- src/iocore/cache/P_Cache.h | 41 ------ src/iocore/cache/P_CacheDir.h | 9 +- src/iocore/cache/P_CacheDisk.h | 1 + src/iocore/cache/P_CacheHosting.h | 8 +- src/iocore/cache/P_CacheInternal.h | 19 +-- src/iocore/cache/P_CacheTest.h | 5 +- src/iocore/cache/P_RamCache.h | 7 +- src/iocore/cache/RamCacheCLFUS.cc | 54 +++---- src/iocore/cache/RamCacheLRU.cc | 23 +-- src/iocore/cache/RegressionSM.cc | 2 +- src/iocore/cache/RegressionSM.h | 3 +- src/iocore/cache/Store.cc | 6 +- src/iocore/cache/StripeSM.cc | 22 +-- src/iocore/cache/StripeSM.h | 1 + src/iocore/cache/unit_tests/main.cc | 11 +- src/iocore/cache/unit_tests/main.h | 26 +--- .../unit_tests/test_Alternate_S_to_L_remove_L.cc | 1 + .../unit_tests/test_Alternate_S_to_L_remove_S.cc | 1 + src/iocore/cache/unit_tests/test_CacheDir.cc | 1 + src/iocore/cache/unit_tests/test_CacheVol.cc | 2 +- src/iocore/cache/unit_tests/test_RWW.cc | 1 + src/iocore/cache/unit_tests/test_Stripe.cc | 10 +- src/iocore/dns/CMakeLists.txt | 2 +- src/iocore/dns/DNS.cc | 29 ++-- src/iocore/dns/DNSConnection.cc | 4 +- src/iocore/dns/Inline.cc | 30 ---- src/iocore/dns/P_DNS.h | 38 ----- src/iocore/dns/P_DNSConnection.h | 1 - src/iocore/dns/P_DNSProcessor.h | 15 +- src/iocore/dns/P_SplitDNS.h | 5 - src/iocore/dns/P_SplitDNSProcessor.h | 1 - src/iocore/dns/SplitDNS.cc | 2 +- src/iocore/eventsystem/P_IOBuffer.h | 20 +-- src/iocore/eventsystem/Tasks.cc | 1 + src/iocore/eventsystem/UnixEventProcessor.cc | 12 +- src/iocore/hostdb/CMakeLists.txt | 2 +- src/iocore/hostdb/HostDB.cc | 11 +- src/iocore/hostdb/Inline.cc | 30 ---- src/iocore/hostdb/P_HostDB.h | 7 - src/iocore/hostdb/P_HostDBProcessor.h | 2 - src/iocore/hostdb/P_RefCountCache.h | 39 +++-- src/iocore/hostdb/benchmark_HostDB.cc | 3 - src/iocore/hostdb/test_RefCountCache.cc | 3 +- src/iocore/net/ALPNSupport.cc | 2 + src/iocore/net/AsyncSignalEventIO.cc | 2 +- src/iocore/net/BIO_fastopen.cc | 15 +- src/iocore/net/BIO_fastopen.h | 2 +- src/iocore/net/CMakeLists.txt | 10 +- src/iocore/net/Connection.cc | 2 +- src/iocore/net/ConnectionTracker.cc | 4 - src/iocore/net/Inline.cc | 30 ---- src/iocore/net/Net.cc | 3 +- src/iocore/net/NetHandler.cc | 10 +- src/iocore/net/NetVCTest.cc | 5 +- src/iocore/net/NetVConnection.cc | 6 +- src/iocore/net/OCSPStapling.cc | 88 +++++++---- src/iocore/net/P_CompletionUtil.h | 86 ++++++++++- src/iocore/net/P_Connection.h | 2 +- src/iocore/net/P_Net.h | 11 -- src/iocore/net/P_NetAccept.h | 2 +- src/iocore/net/P_NetVCTest.h | 3 +- src/iocore/net/P_NetVConnection.h | 104 ------------- src/iocore/net/P_QUICNet.h | 9 +- src/iocore/net/P_QUICNetProcessor.h | 5 +- src/iocore/net/P_QUICNetVConnection.h | 14 +- src/iocore/net/P_QUICNextProtocolAccept.h | 4 +- src/iocore/net/P_QUICPacketHandler.h | 14 +- src/iocore/net/P_SSLCertLookup.h | 16 +- src/iocore/net/P_SSLClientCoordinator.h | 3 - src/iocore/net/P_SSLClientUtils.h | 3 - src/iocore/net/P_SSLConfig.h | 15 +- src/iocore/net/P_SSLNetAccept.h | 2 - src/iocore/net/P_SSLNetProcessor.h | 4 +- src/iocore/net/P_SSLNetVConnection.h | 1 - src/iocore/net/P_SSLNextProtocolAccept.h | 4 +- src/iocore/net/P_SSLNextProtocolSet.h | 1 - src/iocore/net/P_SSLUtils.h | 17 +-- src/iocore/net/P_Socks.h | 22 +-- src/iocore/net/P_TLSKeyLogger.h | 5 +- src/iocore/net/P_UDPConnection.h | 6 +- src/iocore/net/P_UDPIOEvent.h | 2 + src/iocore/net/P_UDPNet.h | 20 +-- src/iocore/net/P_UnixCompletionUtil.h | 102 ------------- src/iocore/net/P_UnixNet.h | 18 +-- src/iocore/net/P_UnixNetProcessor.h | 2 - src/iocore/net/P_UnixNetVConnection.h | 32 ++-- src/iocore/net/P_UnixUDPConnection.h | 3 +- src/iocore/net/PollCont.cc | 2 + src/iocore/net/ProxyProtocol.cc | 3 +- src/iocore/net/QUICMultiCertConfigLoader.cc | 10 +- src/iocore/net/QUICNet.cc | 9 +- src/iocore/net/QUICNetProcessor.cc | 14 +- src/iocore/net/QUICNetVConnection.cc | 4 + src/iocore/net/QUICNextProtocolAccept.cc | 1 + src/iocore/net/QUICPacketHandler.cc | 17 ++- src/iocore/net/SNIActionPerformer.h | 6 +- src/iocore/net/SSLCertLookup.cc | 2 +- src/iocore/net/SSLClientUtils.cc | 12 +- src/iocore/net/SSLConfig.cc | 31 ++-- src/iocore/net/SSLDynlock.cc | 3 +- src/iocore/net/SSLDynlock.h | 6 +- src/iocore/net/SSLNetAccept.cc | 2 - src/iocore/net/SSLNetProcessor.cc | 5 - src/iocore/net/SSLNetVConnection.cc | 29 ++-- src/iocore/net/SSLNextProtocolSet.cc | 4 +- src/iocore/net/SSLSNIConfig.cc | 13 +- src/iocore/net/SSLSessionCache.cc | 2 + src/iocore/net/SSLSessionCache.h | 14 +- src/iocore/net/SSLStats.cc | 7 +- src/iocore/net/SSLStats.h | 7 +- src/iocore/net/SSLUtils.cc | 57 +++---- src/iocore/net/Server.cc | 3 +- src/iocore/net/Socks.cc | 27 ++-- src/iocore/net/TLSBasicSupport.cc | 5 +- src/iocore/net/TLSCertSwitchSupport.cc | 3 +- src/iocore/net/TLSEarlyDataSupport.cc | 6 +- src/iocore/net/TLSEventSupport.cc | 4 +- src/iocore/net/TLSSNISupport.cc | 2 - src/iocore/net/TLSSessionResumptionSupport.cc | 3 +- src/iocore/net/UDPIOEvent.cc | 4 +- src/iocore/net/UnixConnection.cc | 2 +- src/iocore/net/UnixNet.cc | 3 +- src/iocore/net/UnixNetAccept.cc | 23 +-- src/iocore/net/UnixNetProcessor.cc | 10 +- src/iocore/net/UnixNetVConnection.cc | 19 ++- src/iocore/net/UnixUDPConnection.cc | 8 +- src/iocore/net/UnixUDPNet.cc | 57 +++---- src/iocore/net/YamlSNIConfig.cc | 2 - src/iocore/net/quic/QUICApplication.cc | 1 - src/iocore/net/quic/QUICGlobals.cc | 16 +- src/iocore/net/quic/QUICIntUtil.cc | 3 +- src/iocore/net/quic/QUICStream.cc | 1 - .../net/quic/QUICTransferProgressProvider.cc | 1 + src/iocore/net/test_I_UDPNet.cc | 2 +- src/iocore/net/test_P_Net.cc | 10 +- src/iocore/net/unit_tests/unit_test_main.cc | 1 - src/iocore/utils/Machine.cc | 1 - src/iocore/utils/OneWayMultiTunnel.cc | 3 +- src/iocore/utils/OneWayTunnel.cc | 2 +- src/mgmt/rpc/handlers/server/Server.cc | 6 +- src/mgmt/rpc/handlers/storage/Storage.cc | 2 +- src/mgmt/rpc/server/IPCSocketServer.cc | 2 +- src/proxy/CMakeLists.txt | 2 +- src/proxy/CacheControl.cc | 8 +- src/proxy/HostStatus.cc | 1 + src/proxy/ParentSelection.cc | 3 +- src/proxy/PluginVC.cc | 5 +- src/proxy/ProtocolProbeSessionAccept.cc | 2 +- src/proxy/ReverseProxy.cc | 1 - src/proxy/http/ConnectingEntry.cc | 1 + src/proxy/http/Http1ClientSession.cc | 3 +- src/proxy/http/Http1ServerSession.cc | 3 +- src/proxy/http/HttpProxyServerMain.cc | 17 +-- src/proxy/http/HttpSM.cc | 4 +- src/proxy/http/HttpSessionManager.cc | 1 + src/proxy/http/HttpTunnel.cc | 4 +- src/proxy/http/remap/PluginFactory.cc | 1 + src/proxy/http/remap/RemapConfig.cc | 22 ++- src/proxy/http/remap/unit-tests/test_RemapRules.cc | 3 + src/proxy/http2/Http2ClientSession.cc | 3 +- src/proxy/http2/Http2ConnectionState.cc | 1 + src/proxy/http2/Http2ServerSession.cc | 3 +- src/proxy/http3/test/main.cc | 4 +- src/proxy/logging/LogStandalone.cc | 6 +- src/records/RecHttp.cc | 5 - src/traffic_crashlog/traffic_crashlog.cc | 2 +- src/traffic_layout/engine.cc | 1 + src/traffic_layout/info.cc | 2 +- src/traffic_server/SocksProxy.cc | 4 +- src/traffic_server/traffic_server.cc | 12 +- src/tscore/Regression.cc | 1 + 232 files changed, 1141 insertions(+), 1419 deletions(-) diff --cc src/iocore/net/SSLConfig.cc index 69e1c45655,af0056c4f4..7a2b566993 --- a/src/iocore/net/SSLConfig.cc +++ b/src/iocore/net/SSLConfig.cc @@@ -29,51 -29,47 +29,44 @@@ SSL Configurations ****************************************************************************/ - #include "P_SSLConfig.h" - - #include <cstring> - #include <cmath> - - #include "tscore/ink_config.h" - #include <openssl/pem.h> - - #include "api/InkAPIInternal.h" // Added to include the ssl_hook and lifestyle_hook definitions - - #include "tscore/ink_platform.h" - #include "tscore/Layout.h" - #include "records/RecHttp.h" - - #include "P_Net.h" - #include "P_SSLClientUtils.h" #include "P_SSLCertLookup.h" + #include "P_SSLClientUtils.h" + #include "P_SSLConfig.h" + #include "P_SSLUtils.h" #include "P_TLSKeyLogger.h" + #include "SSLSessionCache.h" #include "iocore/net/SSLMultiCertConfigLoader.h" #include "iocore/net/SSLDiags.h" - #include "SSLSessionCache.h" - #include "SSLSessionTicket.h" #include "iocore/net/TLSEarlyDataSupport.h" #include "iocore/net/YamlSNIConfig.h" + #include "tscore/ink_config.h" + #include "tscore/Layout.h" + #include "records/RecHttp.h" + + #include <openssl/pem.h> + #include <cstring> + #include <cmath> -int SSLConfig::config_index = 0; -int SSLConfig::configids[] = {0, 0}; -int SSLCertificateConfig::configid = 0; -int SSLTicketKeyConfig::configid = 0; -int SSLConfigParams::ssl_maxrecord = 0; -int SSLConfigParams::ssl_misc_max_iobuffer_size_index = 8; -bool SSLConfigParams::ssl_allow_client_renegotiation = false; -bool SSLConfigParams::ssl_ocsp_enabled = false; -int SSLConfigParams::ssl_ocsp_cache_timeout = 3600; -bool SSLConfigParams::ssl_ocsp_request_mode = false; -int SSLConfigParams::ssl_ocsp_request_timeout = 10; -int SSLConfigParams::ssl_ocsp_update_period = 60; -char *SSLConfigParams::ssl_ocsp_user_agent = nullptr; -int SSLConfigParams::ssl_handshake_timeout_in = 0; -int SSLConfigParams::origin_session_cache = 1; -size_t SSLConfigParams::origin_session_cache_size = 10240; -size_t SSLConfigParams::session_cache_number_buckets = 1024; -bool SSLConfigParams::session_cache_skip_on_lock_contention = false; -size_t SSLConfigParams::session_cache_max_bucket_size = 100; -init_ssl_ctx_func SSLConfigParams::init_ssl_ctx_cb = nullptr; -load_ssl_file_func SSLConfigParams::load_ssl_file_cb = nullptr; -swoc::IPRangeSet *SSLConfigParams::proxy_protocol_ip_addrs = nullptr; -bool SSLConfigParams::ssl_ktls_enabled = false; +int SSLConfig::config_index = 0; +int SSLConfig::configids[] = {0, 0}; +int SSLCertificateConfig::configid = 0; +int SSLTicketKeyConfig::configid = 0; +int SSLConfigParams::ssl_maxrecord = 0; +int SSLConfigParams::ssl_misc_max_iobuffer_size_index = 8; +bool SSLConfigParams::ssl_allow_client_renegotiation = false; +bool SSLConfigParams::ssl_ocsp_enabled = false; +int SSLConfigParams::ssl_ocsp_cache_timeout = 3600; +bool SSLConfigParams::ssl_ocsp_request_mode = false; +int SSLConfigParams::ssl_ocsp_request_timeout = 10; +int SSLConfigParams::ssl_ocsp_update_period = 60; +char *SSLConfigParams::ssl_ocsp_user_agent = nullptr; +int SSLConfigParams::ssl_handshake_timeout_in = 0; +int SSLConfigParams::origin_session_cache = 1; +size_t SSLConfigParams::origin_session_cache_size = 10240; +init_ssl_ctx_func SSLConfigParams::init_ssl_ctx_cb = nullptr; +load_ssl_file_func SSLConfigParams::load_ssl_file_cb = nullptr; +swoc::IPRangeSet *SSLConfigParams::proxy_protocol_ip_addrs = nullptr; +bool SSLConfigParams::ssl_ktls_enabled = false; const uint32_t EARLY_DATA_DEFAULT_SIZE = 16384; uint32_t SSLConfigParams::server_max_early_data = 0;
