[trafficserver] branch master updated: Fixes coverity issues 1390794 and 1390798.
This is an automated email from the ASF dual-hosted git repository. jrushford pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 22193e7 Fixes coverity issues 1390794 and 1390798. 22193e7 is described below commit 22193e7d14a64b9a621697496862eec883d27906 Author: John Rushford AuthorDate: Wed May 9 13:59:13 2018 + Fixes coverity issues 1390794 and 1390798. --- proxy/HostStatus.cc | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/proxy/HostStatus.cc b/proxy/HostStatus.cc index 0366feb..3413f82 100644 --- a/proxy/HostStatus.cc +++ b/proxy/HostStatus.cc @@ -94,14 +94,15 @@ HostStatus_t HostStatus::getHostStatus(const char *name) { intptr_t _status = HostStatus_t::HOST_STATUS_INIT; + int lookup = 0; // the hash table value pointer has the HostStatus_t value. ink_rwlock_rdlock(&host_status_rwlock); - ink_hash_table_lookup(hosts_statuses, name, reinterpret_cast(&_status)); + lookup = ink_hash_table_lookup(hosts_statuses, name, reinterpret_cast(&_status)); ink_rwlock_unlock(&host_status_rwlock); Debug("host_statuses", "name: %s, status: %d", name, static_cast(_status)); - return static_cast(_status); + return lookup == 0 ? HostStatus_t::HOST_STATUS_INIT : static_cast(_status); } void @@ -124,11 +125,13 @@ HostStatus::createHostStat(const char *name) int HostStatus::getHostStatId(const char *name) { + int lookup = 0; intptr_t _id = -1; + ink_rwlock_rdlock(&host_statids_rwlock); - ink_hash_table_lookup(hosts_stats_ids, name, reinterpret_cast(&_id)); + lookup = ink_hash_table_lookup(hosts_stats_ids, name, reinterpret_cast(&_id)); ink_rwlock_unlock(&host_statids_rwlock); Debug("host_statuses", "name: %s, id: %d", name, static_cast(_id)); - return static_cast(_id); + return lookup == 0 ? -1 : static_cast(_id); } -- To stop receiving notification emails like this one, please contact jrushf...@apache.org.
[trafficserver] branch master updated: Fix Coverity ID 1022023
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 319dd3c Fix Coverity ID 1022023 319dd3c is described below commit 319dd3cbfd02631ba627c4deceaf284317d2856f Author: Susan Hinrichs AuthorDate: Wed May 9 13:07:23 2018 + Fix Coverity ID 1022023 --- proxy/http/HttpTransact.cc | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 4f23bbc..12ddf0b 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -5390,7 +5390,10 @@ HttpTransact::handle_trace_and_options_requests(State *s, HTTPHdr *incoming_hdr) return true; } else { /* max-forwards != 0 */ -if ((max_forwards <= 0) || (max_forwards > INT_MAX)) { +// Logically want to make sure max_forwards is a legitimate non-zero non-negative integer +// Since max_fowards is a signed integer, no sense making sure it is less than INT_MAX. +// Would be negative in that case. Noted by coverity +if (max_forwards <= 0) { Log::error("HTTP: snapping invalid max-forwards value %d to %d", max_forwards, INT_MAX); max_forwards = INT_MAX; } -- To stop receiving notification emails like this one, please contact shinr...@apache.org.
[trafficserver] branch master updated: No need to walk the buckets for cache scan
This is an automated email from the ASF dual-hosted git repository. paziz pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 9109ce9 No need to walk the buckets for cache scan 9109ce9 is described below commit 9109ce99038dc7260539b41dd71fb31b3f494a85 Author: Persia Aziz AuthorDate: Tue May 8 17:12:43 2018 -0500 No need to walk the buckets for cache scan --- cmd/traffic_cache_tool/CacheTool.cc | 4 1 file changed, 4 deletions(-) diff --git a/cmd/traffic_cache_tool/CacheTool.cc b/cmd/traffic_cache_tool/CacheTool.cc index 6602f71..05c13dd 100644 --- a/cmd/traffic_cache_tool/CacheTool.cc +++ b/cmd/traffic_cache_tool/CacheTool.cc @@ -1356,11 +1356,8 @@ void static scan_span(Span *span) for (auto strp : span->_stripes) { strp->loadMeta(); strp->loadDir(); -strp->walk_all_buckets(); CacheScan cs(strp); cs.Scan(); - -// break; // to be removed } } @@ -1374,7 +1371,6 @@ Scan_Cache() cache.dumpSpans(Cache::SpanDumpDepth::SPAN); for (auto sp : cache._spans) { threadPool.emplace_back(scan_span, sp); // move constructor is necessary since std::thread is non copyable - // break; // to be removed } for (auto &th : threadPool) th.join(); -- To stop receiving notification emails like this one, please contact pa...@apache.org.
[trafficserver] branch 7.1.x updated: Expanding the cases where the server_entry gets cleared on error.
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/7.1.x by this push: new f1e3e4e Expanding the cases where the server_entry gets cleared on error. f1e3e4e is described below commit f1e3e4e0afee68a33848864c4a54038efddfaab4 Author: Susan Hinrichs AuthorDate: Tue Jan 23 08:57:54 2018 -0600 Expanding the cases where the server_entry gets cleared on error. (cherry picked from commit 784ba4383db72892ba794a7b83904af370b6f35a) Conflicts: proxy/http/HttpTransact.cc --- proxy/http/HttpSM.cc | 18 +++--- proxy/http/HttpTransact.cc | 5 ++--- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index fb7cf87..f734ad9 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -5487,14 +5487,16 @@ HttpSM::handle_server_setup_error(int event, void *data) ua_producer->alive = false; ua_producer->handler_state = HTTP_SM_POST_SERVER_FAIL; tunnel.handleEvent(VC_EVENT_ERROR, c->write_vio); +return; } } else { // c could be null here as well if (c != nullptr) { tunnel.handleEvent(event, c->write_vio); +return; } } -return; +// If there is no consumer, let the event pass through to shutdown } else { if (post_transform_info.vc) { HttpTunnelConsumer *c = tunnel.get_consumer(post_transform_info.vc); @@ -5531,15 +5533,17 @@ HttpSM::handle_server_setup_error(int event, void *data) // if (vio->op == VIO::WRITE && vio->ndone == 0) { if (server_entry->write_vio && server_entry->write_vio->nbytes > 0 && server_entry->write_vio->ndone == 0) { t_state.current.state = HttpTransact::CONNECTION_ERROR; - if (server_entry) { -ink_assert(server_entry->vc_type == HTTP_SERVER_VC); -vc_table.cleanup_entry(server_entry); -server_entry = nullptr; -server_session = nullptr; - } } else { t_state.current.state = HttpTransact::INACTIVE_TIMEOUT; } +// Clean up the vc_table entry so any events in play to the timed out server vio +// don't get handled. The connection isn't there. +if (server_entry) { + ink_assert(server_entry->vc_type == HTTP_SERVER_VC); + vc_table.cleanup_entry(server_entry); + server_entry = nullptr; + server_session = nullptr; +} break; default: ink_release_assert(0); diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 2178b33..c4cd9bf 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -6587,10 +6587,9 @@ HttpTransact::is_request_retryable(State *s) { // If safe requests are retryable, it should be safe to retry safe requests irrespective of bytes sent or connection state // according to RFC the following methods are safe (https://tools.ietf.org/html/rfc7231#section-4.2.1) - // If there was no error establishing the connection (and we sent bytes)-- we cannot retry + // Otherwise, if there was no error establishing the connection (and we sent bytes)-- we cannot retry if (!(s->txn_conf->safe_requests_retryable && HttpTransactHeaders::is_method_safe(s->method)) && - (s->current.state != CONNECTION_ERROR && s->state_machine->server_request_hdr_bytes > 0 && - s->state_machine->get_server_session()->get_netvc()->outstanding() != s->state_machine->server_request_hdr_bytes)) { + s->current.state != CONNECTION_ERROR && s->state_machine->server_request_hdr_bytes > 0) { return false; } -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] 03/06: Fixes uninitialized argument value use in HttpTransact::issue_revalidate
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 34199fb784856a42814c8d20e562ef8b026a21dd Author: Randall Meyer AuthorDate: Mon May 7 14:48:33 2018 +0100 Fixes uninitialized argument value use in HttpTransact::issue_revalidate issue found by clang-analyzer (cherry picked from commit 7d5e0a1f03528d36b89f51387da18a652067004e) --- proxy/http/HttpTransact.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index bcd383b..2178b33 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -2360,8 +2360,9 @@ HttpTransact::issue_revalidate(State *s) // make this a conditional request int length; const char *str = c_resp->value_get(MIME_FIELD_LAST_MODIFIED, MIME_LEN_LAST_MODIFIED, &length); - - s->hdr_info.server_request.value_set(MIME_FIELD_IF_MODIFIED_SINCE, MIME_LEN_IF_MODIFIED_SINCE, str, length); + if (str) { +s->hdr_info.server_request.value_set(MIME_FIELD_IF_MODIFIED_SINCE, MIME_LEN_IF_MODIFIED_SINCE, str, length); + } if (!s->cop_test_page) DUMP_HEADER("http_hdrs", &s->hdr_info.server_request, s->state_machine_id, "Proxy's Request (Conditionalized)"); } -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] 04/06: Fixed off-by-one error in select_best_srv.
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 4f2aa690b313796f3069f78e56c6ec1392e79b28 Author: Chris Lemmons AuthorDate: Tue May 8 15:54:42 2018 + Fixed off-by-one error in select_best_srv. This error may never actually occur, it was reported by clang-analyzer. This just ensures that in no case does the loop run one past the end of the array. (cherry picked from commit aa97de6162ac53f733c1e7a97fcb2350779d6ed8) --- iocore/hostdb/P_HostDBProcessor.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iocore/hostdb/P_HostDBProcessor.h b/iocore/hostdb/P_HostDBProcessor.h index a830b79..8e3bd77 100644 --- a/iocore/hostdb/P_HostDBProcessor.h +++ b/iocore/hostdb/P_HostDBProcessor.h @@ -373,7 +373,7 @@ HostDBRoundRobin::select_best_srv(char *target, InkRand *rand, ink_time_t now, i result = &info(current++ % len); } else { uint32_t xx = rand->random() % weight; -for (i = 0; i < len && xx >= infos[i]->data.srv.srv_weight; ++i) +for (i = 0; i < len - 1 && xx >= infos[i]->data.srv.srv_weight; ++i) xx -= infos[i]->data.srv.srv_weight; result = infos[i]; -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] 06/06: Corrects marshaling of source ip and port
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit efc6e1d6bda6620e47456b14be263aeec95e553d Author: Derek Dagit AuthorDate: Mon Apr 30 18:06:39 2018 -0500 Corrects marshaling of source ip and port (cherry picked from commit 01201739e252f84e7c8a7c62c0ee31feb0def616) --- proxy/logging/LogAccessHttp.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/proxy/logging/LogAccessHttp.cc b/proxy/logging/LogAccessHttp.cc index bb7381a..404f65b 100644 --- a/proxy/logging/LogAccessHttp.cc +++ b/proxy/logging/LogAccessHttp.cc @@ -1058,14 +1058,14 @@ LogAccessHttp::marshal_proxy_req_server_name(char *buf) int LogAccessHttp::marshal_proxy_req_server_ip(char *buf) { - return marshal_ip(buf, m_http_sm->t_state.current.server != nullptr ? &m_http_sm->t_state.current.server->dst_addr.sa : nullptr); + return marshal_ip(buf, m_http_sm->t_state.current.server != nullptr ? &m_http_sm->t_state.current.server->src_addr.sa : nullptr); } int LogAccessHttp::marshal_proxy_req_server_port(char *buf) { if (buf) { -uint16_t port = ntohs(m_http_sm->t_state.current.server != nullptr ? m_http_sm->t_state.current.server->dst_addr.port() : 0); +uint16_t port = ntohs(m_http_sm->t_state.current.server != nullptr ? m_http_sm->t_state.current.server->src_addr.port() : 0); marshal_int(buf, port); } return INK_MIN_ALIGN; -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] 02/06: Coverity ID 1390803: Fixes unreachable code in OCSP
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 48e2fdd37bc924e211bc7a9a6bd7326c19658a07 Author: Randall Meyer AuthorDate: Fri May 4 09:29:08 2018 -0700 Coverity ID 1390803: Fixes unreachable code in OCSP (cherry picked from commit df8e3ca301d6bc02c5c4114ef018e648b724cead) --- iocore/net/OCSPStapling.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iocore/net/OCSPStapling.cc b/iocore/net/OCSPStapling.cc index b5b7e46..3259b24 100644 --- a/iocore/net/OCSPStapling.cc +++ b/iocore/net/OCSPStapling.cc @@ -111,8 +111,8 @@ stapling_get_issuer(SSL_CTX *ssl_ctx, X509 *x) return issuer; #else X509_up_ref(issuer); -#endif goto end; +#endif } } -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] 05/06: Option to enable stand-alone Leak Sanitizer
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 4a20742db975a72aebaeade7b369c1a567dfb716 Author: Gancho Tenev AuthorDate: Wed May 2 19:29:34 2018 -0700 Option to enable stand-alone Leak Sanitizer If leak detection is needed without the Address Sanitizer slowdown. (cherry picked from commit 09ea78fa6c55b793c46c616d1365ba68b0f18374) --- configure.ac | 18 ++ 1 file changed, 18 insertions(+) diff --git a/configure.ac b/configure.ac index 7dd6c56..bf44a2a 100644 --- a/configure.ac +++ b/configure.ac @@ -205,6 +205,15 @@ AC_ARG_ENABLE([asan], ) AC_MSG_RESULT([$enable_asan]) +# Enable LSAN in stand-alone mode for the builds +AC_MSG_CHECKING([whether to enable lsan]) +AC_ARG_ENABLE([lsan], + [AS_HELP_STRING([--enable-lsan],[enable stand-alone Leak Sanitizer])], + [], + [enable_lsan=no] +) +AC_MSG_RESULT([$enable_lsan]) + # Enable TSAN for the builds AC_MSG_CHECKING([whether to enable tsan]) AC_ARG_ENABLE([tsan], @@ -945,6 +954,15 @@ if test "x${enable_asan}" = "xyes"; then TS_ADDTO(AM_CXXFLAGS, [-fno-omit-frame-pointer -fsanitize=address]) fi +# Flags for LSAN stand-alone mode +if test "x${enable_lsan}" = "xyes"; then + if test "x${enable_asan}" = "xyes"; then +AC_ERROR([ASAN already specified, --enable-lsan is meant only for lsan stand-alone mode]) + fi + TS_ADDTO(AM_CFLAGS, [-fno-omit-frame-pointer -fsanitize=leak]) + TS_ADDTO(AM_CXXFLAGS, [-fno-omit-frame-pointer -fsanitize=leak]) +fi + # Flags for TSAN if test "x${enable_tsan}" = "xyes"; then TS_ADDTO(AM_CFLAGS, [-fsanitize=thread]) -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] 01/06: Parent Selection -- Balance treatment of primary and secondary parents in ProcessParents().
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 7cda414454f08103b6747ea29e1df9dfee3e64d8 Author: Peter Chou AuthorDate: Wed May 2 22:20:59 2018 -0700 Parent Selection -- Balance treatment of primary and secondary parents in ProcessParents(). If an error is detected in ParentRecord::ProcessParents(), then the interim parent memory is freed. This was being done only for primary parents but not for secondary parents. (cherry picked from commit d013fc94530458027f78c3d4fea12c4a470ee06c) --- proxy/ParentSelection.cc | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/proxy/ParentSelection.cc b/proxy/ParentSelection.cc index 749bc40..27be401 100644 --- a/proxy/ParentSelection.cc +++ b/proxy/ParentSelection.cc @@ -474,8 +474,13 @@ ParentRecord::ProcessParents(char *val, bool isPrimary) return nullptr; MERROR: - ats_free(parents); - parents = nullptr; + if (isPrimary) { +ats_free(parents); +parents = nullptr; + } else { +ats_free(secondary_parents); +secondary_parents = nullptr; + } return errPtr; } -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] branch 7.1.x updated (3001e31 -> efc6e1d)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a change to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 3001e31 7.1.x runroot parsing fix new 7cda414 Parent Selection -- Balance treatment of primary and secondary parents in ProcessParents(). new 48e2fdd Coverity ID 1390803: Fixes unreachable code in OCSP new 34199fb Fixes uninitialized argument value use in HttpTransact::issue_revalidate new 4f2aa69 Fixed off-by-one error in select_best_srv. new 4a20742 Option to enable stand-alone Leak Sanitizer new efc6e1d Corrects marshaling of source ip and port The 6 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: configure.ac | 18 ++ iocore/hostdb/P_HostDBProcessor.h | 2 +- iocore/net/OCSPStapling.cc| 2 +- proxy/ParentSelection.cc | 9 +++-- proxy/http/HttpTransact.cc| 5 +++-- proxy/logging/LogAccessHttp.cc| 4 ++-- 6 files changed, 32 insertions(+), 8 deletions(-) -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] branch master updated: Move Cachekey plugin to stable plugins.
This is an automated email from the ASF dual-hosted git repository. gancho pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new f4bf7e5 Move Cachekey plugin to stable plugins. f4bf7e5 is described below commit f4bf7e56117a0994dfee40f93c4910f72fab139f Author: Gancho Tenev AuthorDate: Mon May 7 14:11:43 2018 +0100 Move Cachekey plugin to stable plugins. --- doc/admin-guide/plugins/index.en.rst | 8 plugins/Makefile.am | 2 +- plugins/{experimental => }/cachekey/Makefile.inc | 14 +++--- plugins/{experimental => }/cachekey/README.md | 2 +- plugins/{experimental => }/cachekey/cachekey.cc | 0 plugins/{experimental => }/cachekey/cachekey.h| 0 plugins/{experimental => }/cachekey/common.cc | 0 plugins/{experimental => }/cachekey/common.h | 0 plugins/{experimental => }/cachekey/configs.cc| 0 plugins/{experimental => }/cachekey/configs.h | 0 plugins/{experimental => }/cachekey/pattern.cc| 0 plugins/{experimental => }/cachekey/pattern.h | 0 plugins/{experimental => }/cachekey/plugin.cc | 0 plugins/{experimental => }/cachekey/tests/pattern_test.cc | 0 14 files changed, 13 insertions(+), 13 deletions(-) diff --git a/doc/admin-guide/plugins/index.en.rst b/doc/admin-guide/plugins/index.en.rst index bc1c4ec..6891d4e 100644 --- a/doc/admin-guide/plugins/index.en.rst +++ b/doc/admin-guide/plugins/index.en.rst @@ -48,6 +48,7 @@ Plugins that are considered stable are installed by default in |TS| releases. AWS S3 Authentication AuthProxy Background Fetch + Cache Key Manipulation Combo Handler Configuration Remap ESI @@ -71,6 +72,9 @@ Plugins that are considered stable are installed by default in |TS| releases. :doc:`Background Fetch ` Proactively fetch content from Origin in a way that it will fill the object into cache. +:doc:`Cache Key Manipulation ` + Allows some common cache key manipulations based on various HTTP request elements. + :doc:`Combo Handler ` Provides an intelligent way to combine multiple URLs into a single URL, and have Apache Traffic Server combine the components into one response. @@ -125,7 +129,6 @@ directory of the |TS| source tree. Experimental plugins can be compiled by passi Balancer Buffer Upload - Cache Key Manipulation Cache Promote Collapsed-Forwarding Epic @@ -153,9 +156,6 @@ directory of the |TS| source tree. Experimental plugins can be compiled by passi :doc:`Buffer Upload ` Buffers POST data before connecting to the Origin server. -:doc:`Cache Key Manipulation ` - Allows some common cache key manipulations based on various HTTP request elements. - :doc:`Cache Promote ` Provides additional control over when an object should be allowed into the cache. diff --git a/plugins/Makefile.am b/plugins/Makefile.am index 5c08e8e..d634754 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -29,6 +29,7 @@ AM_LDFLAGS = $(TS_PLUGIN_LD_FLAGS) include authproxy/Makefile.inc include background_fetch/Makefile.inc +include cachekey/Makefile.inc include conf_remap/Makefile.inc include esi/Makefile.inc include generator/Makefile.inc @@ -51,7 +52,6 @@ include experimental/balancer/Makefile.inc include experimental/buffer_upload/Makefile.inc include experimental/cache_promote/Makefile.inc include experimental/cache_range_requests/Makefile.inc -include experimental/cachekey/Makefile.inc include experimental/collapsed_connection/Makefile.inc include experimental/collapsed_forwarding/Makefile.inc include experimental/custom_redirect/Makefile.inc diff --git a/plugins/experimental/cachekey/Makefile.inc b/plugins/cachekey/Makefile.inc similarity index 73% rename from plugins/experimental/cachekey/Makefile.inc rename to plugins/cachekey/Makefile.inc index 6bc2e33..e0da967 100644 --- a/plugins/experimental/cachekey/Makefile.inc +++ b/plugins/cachekey/Makefile.inc @@ -14,10 +14,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -pkglib_LTLIBRARIES += experimental/cachekey/cachekey.la -experimental_cachekey_cachekey_la_SOURCES = \ - experimental/cachekey/cachekey.cc \ - experimental/cachekey/common.cc \ - experimental/cachekey/configs.cc \ - experimental/cachekey/pattern.cc \ - experimental/cachekey/plugin.cc +pkglib_LTLIBRARIES += cachekey/cachekey.la +cachekey_cachekey_la_SOURCES = \ + cachekey/cachekey.cc \ + cachekey/common.cc \ + cachekey/configs.cc \ + cachekey/pattern.cc \ + cachekey/plugin.cc diff --git a/plugins/experimental/cachekey/README.md b/plugins/cachekey/README.md similarity index 92% rename from plugins/experimental/cachekey/README.md rename to plug
[trafficserver] branch master updated: Add TLSv1.3 cipher suites for OpenSSL-1.1.1
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 9d0317b Add TLSv1.3 cipher suites for OpenSSL-1.1.1 9d0317b is described below commit 9d0317b881d53af89e6ab14f86b4f786f733a0d6 Author: Masaori Koshiba AuthorDate: Tue May 8 13:51:19 2018 +0100 Add TLSv1.3 cipher suites for OpenSSL-1.1.1 --- doc/admin-guide/files/records.config.en.rst | 2 +- mgmt/RecordsConfig.cc | 2 +- proxy/config/records.config.default.in | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 20acad9..81746f6 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -3146,7 +3146,7 @@ SSL Termination The current default, included in the ``records.config.default`` example configuration is: - ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128- [...] + TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:TLS-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RS [...] .. ts:cv:: CONFIG proxy.config.ssl.client.cipher_suite STRING diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index ce159ce..d156f68 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -1107,7 +1107,7 @@ static const RecordElement RecordsConfig[] = , {RECT_CONFIG, "proxy.config.ssl.client.TLSv1_2", RECD_INT, "1", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.server.cipher_suite", RECD_STRING, "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256 [...] + {RECT_CONFIG, "proxy.config.ssl.server.cipher_suite", RECD_STRING, "TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:TLS-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-R [...] , {RECT_CONFIG, "proxy.config.ssl.client.cipher_suite", RECD_STRING, nullptr, RECU_RESTART_TS, RR_NULL, RECC_NULL, nullptr, RECA_NULL} , diff --git a/proxy/config/records.config.default.in b/proxy/config/records.config.default.in index 209ff2b..e0f8d7b 100644 --- a/proxy/config/records.config.default.in +++ b/proxy/config/records.config.default.in @@ -166,7 +166,7 @@ CONFIG proxy.config.reverse_proxy.enabled INT 1 ## CONFIG proxy.config.ssl.client.verify.server INT 0 CONFIG proxy.config.ssl.client.CA.cert.filename STRING NULL -CONFIG proxy.config.ssl.server.cipher_suite STRING ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES [...] +CONFIG proxy.config.ssl.server.cipher_suite STRING TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:TLS-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256
[trafficserver] branch master updated: Fixed off-by-one error in select_best_srv.
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new aa97de6 Fixed off-by-one error in select_best_srv. aa97de6 is described below commit aa97de6162ac53f733c1e7a97fcb2350779d6ed8 Author: Chris Lemmons AuthorDate: Tue May 8 15:54:42 2018 + Fixed off-by-one error in select_best_srv. This error may never actually occur, it was reported by clang-analyzer. This just ensures that in no case does the loop run one past the end of the array. --- iocore/hostdb/P_HostDBProcessor.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iocore/hostdb/P_HostDBProcessor.h b/iocore/hostdb/P_HostDBProcessor.h index 40bcdeb..ab84309 100644 --- a/iocore/hostdb/P_HostDBProcessor.h +++ b/iocore/hostdb/P_HostDBProcessor.h @@ -374,7 +374,7 @@ HostDBRoundRobin::select_best_srv(char *target, InkRand *rand, ink_time_t now, i result = &info(current++ % len); } else { uint32_t xx = rand->random() % weight; -for (i = 0; i < len && xx >= infos[i]->data.srv.srv_weight; ++i) +for (i = 0; i < len - 1 && xx >= infos[i]->data.srv.srv_weight; ++i) xx -= infos[i]->data.srv.srv_weight; result = infos[i]; -- To stop receiving notification emails like this one, please contact zw...@apache.org.
[trafficserver] branch master updated: Clang6: Fix nullptr use in AtomicList. This shoud cover 3 different issues.
This is an automated email from the ASF dual-hosted git repository. amc pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new cfd2f6a Clang6: Fix nullptr use in AtomicList. This shoud cover 3 different issues. cfd2f6a is described below commit cfd2f6a5745a2199159ca3dabbfda812aae88df9 Author: Alan M. Carroll AuthorDate: Tue May 8 08:14:00 2018 -0500 Clang6: Fix nullptr use in AtomicList. This shoud cover 3 different issues. --- lib/ts/List.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/ts/List.h b/lib/ts/List.h index d3ae4db..f58b5a3 100644 --- a/lib/ts/List.h +++ b/lib/ts/List.h @@ -739,5 +739,7 @@ template struct AtomicSLL { template inline AtomicSLL::AtomicSLL() { - ink_atomiclist_init(&al, "AtomicSLL", (uint32_t)(uintptr_t)&L::next_link((C *)nullptr)); + // need @c offsetof but that's not reliable until C++17, and we can't use the nullptr trick directly because + // clang-analyzer gets upset, so we use 0x10 as the base and subtract it back afterwards. + ink_atomiclist_init(&al, "AtomicSLL", reinterpret_cast(&L::next_link(reinterpret_cast(0x10))) - 0x10); } -- To stop receiving notification emails like this one, please contact a...@apache.org.