[trafficserver] branch master updated: Add support for JWS to be passed as a URI path parameter in URI signing plugin
This is an automated email from the ASF dual-hosted git repository.
jrushford pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 4f5baf0 Add support for JWS to be passed as a URI path parameter in
URI signing plugin
4f5baf0 is described below
commit 4f5baf097467ff6d3f76d566e57509800f2099d3
Author: Dylan Souza
AuthorDate: Fri Nov 2 18:05:12 2018 +
Add support for JWS to be passed as a URI path parameter in URI signing
plugin
---
plugins/experimental/uri_signing/parse.c | 71 +-
plugins/experimental/uri_signing/parse.h | 2 +-
plugins/experimental/uri_signing/uri_signing.c | 2 +-
3 files changed, 48 insertions(+), 27 deletions(-)
diff --git a/plugins/experimental/uri_signing/parse.c
b/plugins/experimental/uri_signing/parse.c
index a53c60f..603c4ec 100644
--- a/plugins/experimental/uri_signing/parse.c
+++ b/plugins/experimental/uri_signing/parse.c
@@ -29,37 +29,64 @@
#include
cjose_jws_t *
-get_jws_from_query(const char *uri, size_t uri_ct, const char *paramName)
+get_jws_from_uri(const char *uri, size_t uri_ct, const char *paramName)
{
- PluginDebug("Parsing JWS from query string: %.*s", (int)uri_ct, uri);
- const char *query = uri;
- const char *end = uri + uri_ct;
- while (query != end && *query != '?') {
-++query;
- }
- if (query == end) {
+ /* Reserved characters as defined by the URI Generic Syntax RFC:
https://tools.ietf.org/html/rfc3986#section-2.2 */
+ const char *reserved_string = ":/?#[]@!$&\'()*+,;=";
+
+ /* If param name ends in reserved character this will be treated as the
termination symbol when parsing for package. Default is
+ * '='. */
+ char termination_symbol;
+ size_t termination_ct;
+ size_t param_ct = strlen(paramName);
+
+ if (param_ct <= 0) {
+PluginDebug("URI signing package name cannot be empty");
return NULL;
}
- ++query;
+ if (strchr(reserved_string, paramName[param_ct - 1])) {
+termination_symbol = paramName[param_ct - 1];
+termination_ct = param_ct - 1;
+ } else {
+termination_symbol = '=';
+termination_ct = param_ct;
+ }
+
+ PluginDebug("Parsing JWS from query string: %.*s", (int)uri_ct, uri);
+ const char *param = uri;
+ const char *end = uri + uri_ct;
+ const char *key, *key_end;
+ const char *value, *value_end;
- const char *key = query, *key_end;
- const char *value = query, *value_end;
for (;;) {
-while (value != end && *value != '=') {
- ++value;
+/* Search the URI for a reserved character. */
+while (param != end && strchr(reserved_string, *param) == NULL) {
+ ++param;
}
+if (param == end) {
+ break;
+}
+
+++param;
+/* Parse the parameter for a key value pair separated by the termination
symbol. */
+key = param;
+value = param;
+while (value != end && *value != termination_symbol) {
+ ++value;
+}
if (value == end) {
break;
}
-key_end = value;
-value_end = ++value;
-while (value_end != end && *value_end != '&') {
- ++value_end;
-}
+key_end = value;
-if (!strncmp(paramName, key, (size_t)(key_end - key))) {
+/* If the Parameter key is our target parameter name, attempt to import a
JWS from the value. */
+if ((size_t)(key_end - key) == termination_ct && !strncmp(paramName, key,
(size_t)(key_end - key))) {
+ value_end = ++value;
+ while (value_end != end && strchr(reserved_string, *value_end) == NULL) {
+++value_end;
+ }
PluginDebug("Decoding JWS: %.*s", (int)(key_end - key), key);
cjose_err err= {0};
cjose_jws_t *jws = cjose_jws_import(value, (size_t)(value_end - value),
);
@@ -70,12 +97,6 @@ get_jws_from_query(const char *uri, size_t uri_ct, const
char *paramName)
}
return jws;
}
-
-if (value_end == end) {
- break;
-}
-
-key = value = value_end + 1;
}
PluginDebug("Unable to locate signing key in uri: %.*s", (int)uri_ct, uri);
return NULL;
diff --git a/plugins/experimental/uri_signing/parse.h
b/plugins/experimental/uri_signing/parse.h
index 8002f87..8d82c63 100644
--- a/plugins/experimental/uri_signing/parse.h
+++ b/plugins/experimental/uri_signing/parse.h
@@ -19,7 +19,7 @@
#include
struct _cjose_jws_int;
-struct _cjose_jws_int *get_jws_from_query(const char *uri, size_t uri_ct,
const char *paramName);
+struct _cjose_jws_int *get_jws_from_uri(const char *uri, size_t uri_ct, const
char *paramName);
struct _cjose_jws_int *get_jws_from_cookie(const char **cookie, size_t
*cookie_ct, const char *paramName);
struct config;
diff --git a/plugins/experimental/uri_signing/uri_signing.c
b/plugins/experimental/uri_signing/uri_signing.c
index 55ba117..e9a2a81 100644
--- a/plugins/experimental/uri_signing/uri_signing.c
+++ b/plugins/experimental/uri_signing/uri_signing.c
@@
[trafficserver] 01/01: Merge branch '8.0.x' into 8.1.x
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 2a089062773fa6b7db985a18f841e5c1a8d85a44
Merge: f859127 e8ee826
Author: Bryan Call
AuthorDate: Wed Jan 9 09:36:43 2019 -0800
Merge branch '8.0.x' into 8.1.x
Conflicts:
configure.ac
tools/package/trafficserver.spec
CHANGELOG-8.0.2| 11 +++
STATUS | 8 +-
doc/Makefile.am| 2 +-
doc/admin-guide/plugins/sslheaders.en.rst | 2 +-
doc/ext/local-config.py.in | 13 +++-
doc/{ => ext}/plantuml_fetch.sh| 0
doc/ext/traffic-server.py | 12 ++-
doc/uml/Makefile.am| 2 +-
iocore/eventsystem/I_VConnection.h | 2 +-
iocore/eventsystem/P_UnixEventProcessor.h | 7 +-
plugins/experimental/sslheaders/expand.cc | 2 +-
plugins/experimental/sslheaders/sslheaders.cc | 82 ++-
plugins/experimental/sslheaders/sslheaders.h | 8 +-
proxy/ProxyClientSession.cc| 3 +-
proxy/http/HttpSM.cc | 7 +-
tests/gold_tests/pluginTest/sslheaders/observer.py | 31
.../pluginTest/sslheaders/ssl/server.key | 28 +++
.../pluginTest/sslheaders/ssl/server.pem | 21 +
.../pluginTest/sslheaders/sslheaders.gold | 1 +
.../pluginTest/sslheaders/sslheaders.test.py | 91 ++
20 files changed, 293 insertions(+), 40 deletions(-)
[trafficserver] branch 8.1.x updated (f859127 -> 2a08906)
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a change to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.
from f859127 Bumped the version to 8.1.0
add f601b0f Updated version number in the .spec file, for next 8.0.x rel
add a24582b Doc: Fix doc build to work with Sphinx 1.8.
add 30d930e Doc: Repair various format errors. Tweak traffic-server.py
support for Python 3.
add 6ac3b2a Revert "Two more places to check whether attempting
half_closed connection logic is feasible."
add fb0019b make sure the index stays positive
add ad6fa96 Bumped version to 8.0.2, and updated STATUS
add 9a5b3c0 sslheaders experimental plugin: fix doc typo, improve
container use.
add ea34099 Make sslheaders plugin better conform to documentation.
add 9091749 Added null value init for VConn user_args.
add 6d135e1 Updated Changelog
add 2410ae9 Updated Changelog
add e8ee826 Fixed clang 5.0.0 issue with brace initialization
new 2a08906 Merge branch '8.0.x' into 8.1.x
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
CHANGELOG-8.0.2| 11 +++
STATUS | 8 +-
doc/Makefile.am| 2 +-
doc/admin-guide/plugins/sslheaders.en.rst | 2 +-
doc/ext/local-config.py.in | 13 +++-
doc/{ => ext}/plantuml_fetch.sh| 0
doc/ext/traffic-server.py | 12 ++-
doc/uml/Makefile.am| 2 +-
iocore/eventsystem/I_VConnection.h | 2 +-
iocore/eventsystem/P_UnixEventProcessor.h | 7 +-
plugins/experimental/sslheaders/expand.cc | 2 +-
plugins/experimental/sslheaders/sslheaders.cc | 82 ++-
plugins/experimental/sslheaders/sslheaders.h | 8 +-
proxy/ProxyClientSession.cc| 3 +-
proxy/http/HttpSM.cc | 7 +-
.../observer.py} | 11 ++-
.../pluginTest/sslheaders/ssl/server.key | 28 +++
.../pluginTest/sslheaders/ssl/server.pem | 21 +
.../pluginTest/sslheaders/sslheaders.gold | 1 +
.../pluginTest/sslheaders/sslheaders.test.py | 91 ++
20 files changed, 270 insertions(+), 43 deletions(-)
create mode 100644 CHANGELOG-8.0.2
rename doc/{ => ext}/plantuml_fetch.sh (100%)
copy tests/gold_tests/pluginTest/{compress/compress_observer.py =>
sslheaders/observer.py} (78%)
mode change 100755 => 100644
create mode 100644 tests/gold_tests/pluginTest/sslheaders/ssl/server.key
create mode 100644 tests/gold_tests/pluginTest/sslheaders/ssl/server.pem
create mode 100644 tests/gold_tests/pluginTest/sslheaders/sslheaders.gold
create mode 100644 tests/gold_tests/pluginTest/sslheaders/sslheaders.test.py
[trafficserver] branch 8.0.x updated: Fixed clang 5.0.0 issue with brace initialization
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.0.x by this push:
new e8ee826 Fixed clang 5.0.0 issue with brace initialization
e8ee826 is described below
commit e8ee82656d8c7eec0af85e158f7b18bf7e6c5ddd
Author: Bryan Call
AuthorDate: Tue Jan 8 14:13:18 2019 -0800
Fixed clang 5.0.0 issue with brace initialization
(cherry picked from commit 6e84a42f6870a100bc9ea71e968ecb0c611a0375)
---
iocore/eventsystem/I_VConnection.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iocore/eventsystem/I_VConnection.h
b/iocore/eventsystem/I_VConnection.h
index 62f6041..bc72ba5 100644
--- a/iocore/eventsystem/I_VConnection.h
+++ b/iocore/eventsystem/I_VConnection.h
@@ -406,7 +406,7 @@ public:
};
protected:
- std::array user_args{nullptr};
+ std::array user_args{{nullptr}};
};
struct DummyVConnection : public AnnotatedVConnection {
[trafficserver] branch master updated: fix NXDOMAIN problems
This is an automated email from the ASF dual-hosted git repository.
duke8253 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 792a022 fix NXDOMAIN problems
792a022 is described below
commit 792a0b0cebca2807e98ad75caa79b677132c
Author: Fei Deng
AuthorDate: Mon Dec 24 10:44:09 2018 -0600
fix NXDOMAIN problems
---
iocore/hostdb/HostDB.cc | 17 +
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/iocore/hostdb/HostDB.cc b/iocore/hostdb/HostDB.cc
index 6e50c44..de09e91 100644
--- a/iocore/hostdb/HostDB.cc
+++ b/iocore/hostdb/HostDB.cc
@@ -441,6 +441,7 @@ HostDBContinuation::init(HostDBHash const _hash,
Options const )
action = opt.cont;
} else {
// ink_assert(!"this sucks");
+ink_zero(action);
action.mutex = mutex;
}
}
@@ -1591,10 +1592,10 @@ HostDBContinuation::probeEvent(int /* event ATS_UNUSED
*/, Event *e)
EThread *t = e ? e->ethread : this_ethread();
MUTEX_TRY_LOCK(lock, action.mutex, t);
- // Go ahead and grab the continuation mutex or just grab the action mutex
again of there is no continuation mutex
- MUTEX_TRY_LOCK(lock2, (action.continuation && action.continuation->mutex) ?
action.continuation->mutex : action.mutex, t);
- // Don't continue unless we have both mutexes
- if (!lock.is_locked() || !lock2.is_locked()) {
+
+ // Separating lock checks here to make sure things don't break
+ // when we check if the action is cancelled.
+ if (!lock.is_locked()) {
mutex->thread_holding->schedule_in(this, HOST_DB_RETRY_PERIOD);
return EVENT_CONT;
}
@@ -1604,6 +1605,14 @@ HostDBContinuation::probeEvent(int /* event ATS_UNUSED
*/, Event *e)
return EVENT_DONE;
}
+ // Go ahead and grab the continuation mutex or just grab the action mutex
again of there is no continuation mutex
+ MUTEX_TRY_LOCK(lock2, (action.continuation && action.continuation->mutex) ?
action.continuation->mutex : action.mutex, t);
+ // Don't continue unless we have both mutexes
+ if (!lock2.is_locked()) {
+mutex->thread_holding->schedule_in(this, HOST_DB_RETRY_PERIOD);
+return EVENT_CONT;
+ }
+
if (!hostdb_enable || (!*hash.host_name && !hash.ip.isValid())) {
if (action.continuation) {
action.continuation->handleEvent(EVENT_HOST_DB_LOOKUP, nullptr);
[trafficserver] branch master updated (1ad1270 -> 571d11e)
This is an automated email from the ASF dual-hosted git repository. bcall pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 1ad1270 Cleanup: Make _next_round_robin uint64_t add 571d11e This improves on #3008, making the code clearer No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc | 14 -- 1 file changed, 8 insertions(+), 6 deletions(-)
[trafficserver] branch master updated: Cleanup: Make _next_round_robin uint64_t
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 1ad1270 Cleanup: Make _next_round_robin uint64_t
1ad1270 is described below
commit 1ad12700c2750774cf98bc3c83ff5aea6f83a79c
Author: Masaori Koshiba
AuthorDate: Tue Jan 8 09:07:43 2019 +0900
Cleanup: Make _next_round_robin uint64_t
---
iocore/eventsystem/I_EventProcessor.h | 6 +++---
iocore/eventsystem/P_UnixEventProcessor.h | 7 +--
2 files changed, 4 insertions(+), 9 deletions(-)
diff --git a/iocore/eventsystem/I_EventProcessor.h
b/iocore/eventsystem/I_EventProcessor.h
index 3730b49..2bf9010 100644
--- a/iocore/eventsystem/I_EventProcessor.h
+++ b/iocore/eventsystem/I_EventProcessor.h
@@ -303,9 +303,9 @@ public:
/// The thread group ID is the index into an array of these and so is not
stored explicitly.
struct ThreadGroupDescriptor {
std::string _name; ///< Name for the thread
group.
-int _count= 0; ///< # of threads of this
type.
-std::atomic _started = 0; ///< # of started threads
of this type.
-int _next_round_robin = 0; ///< Index of thread to
use for events assigned to this group.
+int _count = 0; ///< # of threads of this
type.
+std::atomic _started = 0; ///< # of started threads
of this type.
+uint64_t _next_round_robin = 0; ///< Index of thread to
use for events assigned to this group.
Que(Event, link) _spawnQueue;///< Events to dispatch
when thread is spawned.
EThread *_thread[MAX_THREADS_IN_EACH_TYPE] = {}; ///< The actual threads
in this group.
std::function _afterStartCallback = nullptr;
diff --git a/iocore/eventsystem/P_UnixEventProcessor.h
b/iocore/eventsystem/P_UnixEventProcessor.h
index ba58de9..ed97729 100644
--- a/iocore/eventsystem/P_UnixEventProcessor.h
+++ b/iocore/eventsystem/P_UnixEventProcessor.h
@@ -54,12 +54,7 @@ EventProcessor::assign_thread(EventType etype)
ink_assert(etype < MAX_EVENT_TYPES);
if (tg->_count > 1) {
-// When "_next_round_robin" grows big enough, it becomes a negative number,
-// meaning "next" is also negative. And since "next" is used as an index
-// into array "_thread", the result is returning NULL when assigning
threads.
-// So we need to cast "_next_round_robin" to unsigned int so the result
stays
-// positive.
-next = static_cast(++tg->_next_round_robin) % tg->_count;
+next = ++tg->_next_round_robin % tg->_count;
} else {
next = 0;
}
[trafficserver] branch master updated: The mutex of NetAccept::action_->continuation is optional when the EVENT_ERROR event is called back.
This is an automated email from the ASF dual-hosted git repository.
oknet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 732dd20 The mutex of NetAccept::action_->continuation is optional
when the EVENT_ERROR event is called back.
732dd20 is described below
commit 732dd2095547387fb0b51d86460405c668acac78
Author: Oknet Xu
AuthorDate: Mon Jan 7 11:48:26 2019 +0800
The mutex of NetAccept::action_->continuation is optional when the
EVENT_ERROR event is called back.
In general, `NetAccept::action_->continuation` is a type of
`ProtocolProbeSessionAccept` object.
The mutex of `ProtocolProbeSessionAccept` is NULL to allow parallel
accepts.
Resolve issue #4726.
---
iocore/net/UnixNetAccept.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iocore/net/UnixNetAccept.cc b/iocore/net/UnixNetAccept.cc
index 21f39c4..9c3e40f 100644
--- a/iocore/net/UnixNetAccept.cc
+++ b/iocore/net/UnixNetAccept.cc
@@ -322,7 +322,7 @@ NetAccept::do_blocking_accept(EThread *t)
return 0;
}
if (!action_->cancelled) {
-SCOPED_MUTEX_LOCK(lock, action_->mutex, t);
+SCOPED_MUTEX_LOCK(lock, action_->mutex ? action_->mutex : t->mutex, t);
action_->continuation->handleEvent(EVENT_ERROR, (void *)(intptr_t)res);
Warning("accept thread received fatal error: errno = %d", errno);
}
