[trafficserver] branch master updated: Ignore test_librecords
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 902d5ad Ignore test_librecords 902d5ad is described below commit 902d5ad96a446f7485716e8ec72f7f06551418b6 Author: Masaori Koshiba AuthorDate: Tue Feb 26 10:55:14 2019 +0900 Ignore test_librecords It is check program introduced by c83061d68dfbe9e25210a953ea640063a0525ab7. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index ec01fe1..0aeedac 100644 --- a/.gitignore +++ b/.gitignore @@ -87,6 +87,7 @@ src/tscore/test_Regex src/tscore/test_X509HostnameValidator src/tscore/test_tscore src/tscpp/util/test_tscpputil +lib/records/test_librecords lib/perl/lib/Apache/TS.pm iocore/net/test_certlookup
[trafficserver] branch master updated: HdrHeap default size unit test fix.
This is an automated email from the ASF dual-hosted git repository.
gancho pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 6565396 HdrHeap default size unit test fix.
6565396 is described below
commit 65653961072d9e6d56570e5a744b7499ee6b1b22
Author: Gancho Tenev
AuthorDate: Mon Feb 25 15:30:46 2019 -0800
HdrHeap default size unit test fix.
After refactoring "HdrHeap refresh" in PR #4953 unit test need
to be updated as well. Changing HDR_HEAP_DEFAULT_SIZE to
HdrHeap::DEFAULT_SIZE
---
doc/developer-guide/core-architecture/heap.en.rst | 4 ++--
proxy/hdrs/unit_tests/test_Hdrs.cc| 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/doc/developer-guide/core-architecture/heap.en.rst
b/doc/developer-guide/core-architecture/heap.en.rst
index e03b5ad..31bee10 100644
--- a/doc/developer-guide/core-architecture/heap.en.rst
+++ b/doc/developer-guide/core-architecture/heap.en.rst
@@ -132,10 +132,10 @@ Classes
.. function:: HdrHeap * new_HdrHeap(int n)
- Create and return a new instance of :class:`HdrHeap`. If :arg:`n` is less
than ``HDR_HEAP_DEFAULT_SIZE``
+ Create and return a new instance of :class:`HdrHeap`. If :arg:`n` is less
than ``HdrHeap::DEFAULT_SIZE``
it is increased to that value.
- If the allocated size is ``HDR_HEAP_DEFAULT_SIZE`` (or smaller and upsized
to that value) then
+ If the allocated size is ``HdrHeap::DEFAULT_SIZE`` (or smaller and upsized
to that value) then
the instance is allocated from a thread local pool via
:code:`hdrHeapAllocator`. If larger it
is allocated from global memory via :code:`ats_malloc`.
diff --git a/proxy/hdrs/unit_tests/test_Hdrs.cc
b/proxy/hdrs/unit_tests/test_Hdrs.cc
index a43503a..790418c 100644
--- a/proxy/hdrs/unit_tests/test_Hdrs.cc
+++ b/proxy/hdrs/unit_tests/test_Hdrs.cc
@@ -68,7 +68,7 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
for (auto const &test : tests) {
HTTPHdr req_hdr;
-HdrHeap *heap = new_HdrHeap(HDR_HEAP_DEFAULT_SIZE + 64); // extra to
prevent proxy allocation.
+HdrHeap *heap = new_HdrHeap(HdrHeap::DEFAULT_SIZE + 64); // extra to
prevent proxy allocation.
req_hdr.create(HTTP_TYPE_REQUEST, heap);
[trafficserver] branch master updated: Cleanup: remove duplicated SSL_CTX_set_tlsext_status_cb calls for OCSP Stapling
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new b4e5319 Cleanup: remove duplicated SSL_CTX_set_tlsext_status_cb calls
for OCSP Stapling
b4e5319 is described below
commit b4e53199f0d93eecd82db13a3f9841760d1913a0
Author: Masaori Koshiba
AuthorDate: Wed Feb 20 16:15:50 2019 +0900
Cleanup: remove duplicated SSL_CTX_set_tlsext_status_cb calls for OCSP
Stapling
---
iocore/net/SSLUtils.cc | 30 +-
1 file changed, 9 insertions(+), 21 deletions(-)
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index ad20188..653cec4 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -1285,7 +1285,7 @@ setClientCertLevel(SSL *ssl, uint8_t certLevel)
}
SSL_CTX *
-SSLInitServerContext(const SSLConfigParams *params, const ssl_user_config
*sslMultCertSettings, std::vector &certList)
+SSLInitServerContext(const SSLConfigParams *params, const ssl_user_config
*sslMultCertSettings, std::vector &cert_list)
{
int server_verify_client;
SSL_CTX *ctx = SSLDefaultServerContext();
@@ -1416,7 +1416,7 @@ SSLInitServerContext(const SSLConfigParams *params, const
ssl_user_config *sslMu
goto fail;
}
-certList.push_back(cert);
+cert_list.push_back(cert);
if (SSLConfigParams::load_ssl_file_cb) {
SSLConfigParams::load_ssl_file_cb(completeServerCertPath.c_str(),
CONFIG_FLAG_UNVERSIONED);
}
@@ -1605,6 +1605,12 @@ SSLInitServerContext(const SSLConfigParams *params,
const ssl_user_config *sslMu
if (SSLConfigParams::ssl_ocsp_enabled) {
Debug("ssl", "SSL OCSP Stapling is enabled");
SSL_CTX_set_tlsext_status_cb(ctx, ssl_callback_ocsp_stapling);
+
+for (auto cert : cert_list) {
+ if (!ssl_stapling_init_cert(ctx, cert, setting_cert)) {
+Warning("failed to configure SSL_CTX for OCSP Stapling info for
certificate at %s", setting_cert);
+ }
+}
} else {
Debug("ssl", "SSL OCSP Stapling is disabled");
}
@@ -1625,7 +1631,7 @@ fail:
}
SSL_CLEAR_PW_REFERENCES(ctx)
SSLReleaseContext(ctx);
- for (auto cert : certList) {
+ for (auto cert : cert_list) {
X509_free(cert);
}
@@ -1703,24 +1709,6 @@ ssl_store_ssl_context(const SSLConfigParams *params,
SSLCertLookup *lookup, cons
#endif
}
-#ifdef TS_USE_TLS_OCSP
- if (SSLConfigParams::ssl_ocsp_enabled) {
-Debug("ssl", "SSL OCSP Stapling is enabled");
-SSL_CTX_set_tlsext_status_cb(ctx, ssl_callback_ocsp_stapling);
-for (auto cert : cert_list) {
- if (!ssl_stapling_init_cert(ctx, cert, certname)) {
-Warning("failed to configure SSL_CTX for OCSP Stapling info for
certificate at %s", (const char *)certname);
- }
-}
- } else {
-Debug("ssl", "SSL OCSP Stapling is disabled");
- }
-#else
- if (SSLConfigParams::ssl_ocsp_enabled) {
-Warning("failed to enable SSL OCSP Stapling; this version of OpenSSL does
not support it");
- }
-#endif /* TS_USE_TLS_OCSP */
-
// Insert additional mappings. Note that this maps multiple keys to the same
value, so when
// this code is updated to reconfigure the SSL certificates, it will need
some sort of
// refcounting or alternate way of avoiding double frees.
[trafficserver] branch master updated: Implement nbf claim in Uri Signing Plugin
This is an automated email from the ASF dual-hosted git repository.
eze pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new d9dc0f4 Implement nbf claim in Uri Signing Plugin
d9dc0f4 is described below
commit d9dc0f42e9f161f8a943483ab8dc38d178b18e16
Author: Dylan Souza
AuthorDate: Wed Feb 13 20:49:23 2019 +
Implement nbf claim in Uri Signing Plugin
---
plugins/experimental/uri_signing/jwt.c | 10 ++
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/plugins/experimental/uri_signing/jwt.c
b/plugins/experimental/uri_signing/jwt.c
index a38565c..69a07e3 100644
--- a/plugins/experimental/uri_signing/jwt.c
+++ b/plugins/experimental/uri_signing/jwt.c
@@ -98,12 +98,6 @@ unsupported_string_claim(const char *str)
}
bool
-unsupported_date_claim(double t)
-{
- return isnan(t);
-}
-
-bool
jwt_validate(struct jwt *jwt)
{
if (!jwt) {
@@ -126,8 +120,8 @@ jwt_validate(struct jwt *jwt)
return false;
}
- if (!unsupported_date_claim(jwt->nbf)) {
-PluginDebug("Initial JWT Failure: nbf unsupported");
+ if (now() < jwt->nbf) {
+PluginDebug("Initial JWT Failure: nbf claim violated");
return false;
}
[trafficserver] branch 7.1.x updated: Revert "Avoid ats_malloc in unmarshal"
This is an automated email from the ASF dual-hosted git repository.
eze pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/7.1.x by this push:
new 3b37f1a Revert "Avoid ats_malloc in unmarshal"
3b37f1a is described below
commit 3b37f1ac7aa5bd91c1c10c5a7c72a93afd37f551
Author: Evan Zelkowitz <19699200+ezelk...@users.noreply.github.com>
AuthorDate: Mon Feb 25 13:35:24 2019 -0700
Revert "Avoid ats_malloc in unmarshal"
This reverts commit 739d8d7d6fab4a8145cc902c8a0b32b2fbddd4c8.
---
proxy/hdrs/HTTP.cc | 44 +++-
1 file changed, 35 insertions(+), 9 deletions(-)
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index f558663..6566dab 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -2007,6 +2007,7 @@ HTTPInfo::marshal_length()
}
if (m_alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
+len -= sizeof(m_alt->m_integral_frag_offsets);
len += sizeof(FragOffset) * m_alt->m_frag_offset_count;
}
@@ -2021,11 +2022,23 @@ HTTPInfo::marshal(char *buf, int len)
HTTPCacheAlt *marshal_alt = (HTTPCacheAlt *)buf;
// non-zero only if the offsets are external. Otherwise they get
// marshalled along with the alt struct.
+ int frag_len = (0 == m_alt->m_frag_offset_count || m_alt->m_frag_offsets ==
m_alt->m_integral_frag_offsets) ?
+ 0 :
+ sizeof(HTTPCacheAlt::FragOffset) *
m_alt->m_frag_offset_count;
+
ink_assert(m_alt->m_magic == CACHE_ALT_MAGIC_ALIVE);
// Make sure the buffer is aligned
//ink_assert(((intptr_t)buf) & 0x3 == 0);
+ // If we have external fragment offsets, copy the initial ones
+ // into the integral data.
+ if (frag_len) {
+memcpy(m_alt->m_integral_frag_offsets, m_alt->m_frag_offsets,
sizeof(m_alt->m_integral_frag_offsets));
+frag_len -= sizeof(m_alt->m_integral_frag_offsets);
+// frag_len should never be non-zero at this point, as the offsets
+// should be external only if too big for the internal table.
+ }
// Memcpy the whole object so that we can use it
// live later. This involves copying a few
// extra bytes now but will save copying any
@@ -2038,14 +2051,13 @@ HTTPInfo::marshal(char *buf, int len)
buf += HTTP_ALT_MARSHAL_SIZE;
used += HTTP_ALT_MARSHAL_SIZE;
- if (m_alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
+ if (frag_len > 0) {
marshal_alt->m_frag_offsets = static_cast(reinterpret_cast(used));
-memcpy(buf, m_alt->m_frag_offsets, m_alt->m_frag_offset_count *
sizeof(FragOffset));
-buf += m_alt->m_frag_offset_count * sizeof(FragOffset);
-used += m_alt->m_frag_offset_count * sizeof(FragOffset);
+memcpy(buf, m_alt->m_frag_offsets + HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS,
frag_len);
+buf += frag_len;
+used += frag_len;
} else {
-// the data stored in intergral buffer
-m_alt->m_frag_offsets = nullptr;
+marshal_alt->m_frag_offsets = nullptr;
}
// The m_{request,response}_hdr->m_heap pointers are converted
@@ -2102,9 +2114,23 @@ HTTPInfo::unmarshal(char *buf, int len, RefCountObj
*block_ref)
len -= HTTP_ALT_MARSHAL_SIZE;
if (alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
-alt->m_frag_offsets = reinterpret_cast(buf +
reinterpret_cast(alt->m_frag_offsets));
-len -= sizeof(FragOffset) * alt->m_frag_offset_count;
-ink_assert(len >= 0);
+// stuff that didn't fit in the integral slots.
+int extra = sizeof(FragOffset) * alt->m_frag_offset_count -
sizeof(alt->m_integral_frag_offsets);
+char *extra_src = buf + reinterpret_cast(alt->m_frag_offsets);
+// Actual buffer size, which must be a power of two.
+// Well, technically not, because we never modify an unmarshalled fragment
+// offset table, but it would be a nasty bug should that be done in the
+// future.
+int bcount = HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS * 2;
+
+while (bcount < alt->m_frag_offset_count) {
+ bcount *= 2;
+}
+alt->m_frag_offsets =
+ static_cast(ats_malloc(bcount * sizeof(FragOffset))); //
WRONG - must round up to next power of 2.
+memcpy(alt->m_frag_offsets, alt->m_integral_frag_offsets,
sizeof(alt->m_integral_frag_offsets));
+memcpy(alt->m_frag_offsets + HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS,
extra_src, extra);
+len -= extra;
} else if (alt->m_frag_offset_count > 0) {
alt->m_frag_offsets = alt->m_integral_frag_offsets;
} else {
[trafficserver] branch master updated: MIMEScanner: Make MIMEScanner a class, not a POD with free functions.
This is an automated email from the ASF dual-hosted git repository.
amc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 0be4e73 MIMEScanner: Make MIMEScanner a class, not a POD with free
functions.
0be4e73 is described below
commit 0be4e7326b89670dea1ffe4c7f21c36bfd2bdf59
Author: Alan M. Carroll
AuthorDate: Wed Feb 6 11:10:22 2019 -0600
MIMEScanner: Make MIMEScanner a class, not a POD with free functions.
---
proxy/hdrs/HTTP.cc | 27 +--
proxy/hdrs/HdrTest.cc | 79 -
proxy/hdrs/HdrTest.h| 1 -
proxy/hdrs/MIME.cc | 303
proxy/hdrs/MIME.h | 82 +++--
proxy/hdrs/Makefile.am | 1 +
proxy/hdrs/unit_tests/test_Hdrs.cc | 86 +
proxy/hdrs/unit_tests/unit_test_main.cc | 21 ++-
8 files changed, 305 insertions(+), 295 deletions(-)
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index 41bf41b..eebf4ad 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -894,17 +894,21 @@ http_parser_parse_req(HTTPParser *parser, HdrHeap *heap,
HTTPHdrImpl *hh, const
const char *version_start;
const char *version_end;
+ts::TextView text, parsed;
+
real_end = end;
start:
hh->m_polarity = HTTP_TYPE_REQUEST;
// Make sure the line is not longer than 64K
-if (scanner->m_line_length >= UINT16_MAX) {
+if (scanner->get_buffered_line_size() >= UINT16_MAX) {
return PARSE_RESULT_ERROR;
}
-err = mime_scanner_get(scanner, start, real_end, &line_start, &end,
&line_is_real, eof, MIME_SCANNER_TYPE_LINE);
+text.assign(*start, real_end);
+err= scanner->get(text, parsed, line_is_real, eof, MIMEScanner::LINE);
+*start = text.data();
if (err < 0) {
return err;
}
@@ -917,9 +921,9 @@ http_parser_parse_req(HTTPParser *parser, HdrHeap *heap,
HTTPHdrImpl *hh, const
return err;
}
-cur = line_start;
-ink_assert((end - cur) >= 0);
-ink_assert((end - cur) < UINT16_MAX);
+ink_assert(parsed.size() < UINT16_MAX);
+line_start = cur = parsed.data();
+end = parsed.data_end();
must_copy_strings = (must_copy_strings || (!line_is_real));
@@ -1244,11 +1248,14 @@ http_parser_parse_resp(HTTPParser *parser, HdrHeap
*heap, HTTPHdrImpl *hh, const
hh->m_polarity = HTTP_TYPE_RESPONSE;
// Make sure the line is not longer than 64K
-if (scanner->m_line_length >= UINT16_MAX) {
+if (scanner->get_buffered_line_size() >= UINT16_MAX) {
return PARSE_RESULT_ERROR;
}
-err = mime_scanner_get(scanner, start, real_end, &line_start, &end,
&line_is_real, eof, MIME_SCANNER_TYPE_LINE);
+ts::TextView text{*start, real_end};
+ts::TextView parsed;
+err= scanner->get(text, parsed, line_is_real, eof, MIMEScanner::LINE);
+*start = text.data();
if (err < 0) {
return err;
}
@@ -1256,9 +1263,9 @@ http_parser_parse_resp(HTTPParser *parser, HdrHeap *heap,
HTTPHdrImpl *hh, const
return err;
}
-cur = line_start;
-ink_assert((end - cur) >= 0);
-ink_assert((end - cur) < UINT16_MAX);
+ink_assert(parsed.size() < UINT16_MAX);
+line_start = cur = parsed.data();
+end = parsed.data_end();
must_copy_strings = (must_copy_strings || (!line_is_real));
diff --git a/proxy/hdrs/HdrTest.cc b/proxy/hdrs/HdrTest.cc
index ee3f93d..875e4e1 100644
--- a/proxy/hdrs/HdrTest.cc
+++ b/proxy/hdrs/HdrTest.cc
@@ -74,7 +74,6 @@ HdrTest::go(RegressionTest *t, int /* atype ATS_UNUSED */)
status = status & test_url();
status = status & test_arena();
status = status & test_regex();
- status = status & test_http_parser_eos_boundary_cases();
status = status & test_http_mutation();
status = status & test_mime();
status = status & test_http();
@@ -521,84 +520,6 @@ HdrTest::test_mime()
-*/
int
-HdrTest::test_http_parser_eos_boundary_cases()
-{
- struct {
-const char *msg;
-int expected_result;
-int expected_bytes_consumed;
- } tests[] = {
-{"GET /index.html HTTP/1.0\r\n", PARSE_RESULT_DONE, 26},
-{"GET /index.html HTTP/1.0\r\n\r\n***BODY", PARSE_RESULT_DONE, 28},
-{"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n\r\n***BODY",
PARSE_RESULT_DONE, 48},
-{"GET", PARSE_RESULT_ERROR, 3},
-{"GET /index.html", PARSE_RESULT_ERROR, 15},
-{"GET /index.html\r\n", PARSE_RESULT_ERROR, 17},
-{"GET /index.html HTTP/1.0", PARSE_RESULT_ERROR, 24},
-{"GET /index.html HTTP/1.0\r", PARSE_RESULT_ERROR, 25},
-{"GET /index.html HTTP/1.0\n", PARSE_RESULT_DONE, 25},
-{"GET /index.html HTTP/1.0\n\n", PARSE_RESULT_DONE, 26},
-{"GET /index.html HTTP/1.0\r\n\r\n", PARSE_RESULT_DONE,
[trafficserver] branch master updated: Added connect_end to the slow log report
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new ac25c6c Added connect_end to the slow log report
ac25c6c is described below
commit ac25c6c0cb99735f9a45c75e4c32b03bf2bae786
Author: Bryan Call
AuthorDate: Fri Feb 22 09:59:07 2019 -0800
Added connect_end to the slow log report
---
tools/slow_log_report.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/slow_log_report.pl b/tools/slow_log_report.pl
index 597b2f5..9207b59 100755
--- a/tools/slow_log_report.pl
+++ b/tools/slow_log_report.pl
@@ -37,7 +37,7 @@ sub displayStat($) {
my($stats) = @_;
printf("%25s %10s %10s %10s %10s %10s %10s %10s %10s\n", 'key', 'total',
'count', 'mean', 'median', '95th', '99th', 'min', 'max');
- foreach my $key ('ua_begin', 'ua_first_read', 'ua_read_header_done',
'cache_open_read_begin', 'cache_open_read_end', 'dns_lookup_begin',
'dns_lookup_end', 'server_connect', 'server_first_read',
'server_read_header_done', 'server_close', 'ua_close', 'sm_finish') {
+ foreach my $key ('ua_begin', 'ua_first_read', 'ua_read_header_done',
'cache_open_read_begin', 'cache_open_read_end', 'dns_lookup_begin',
'dns_lookup_end', 'server_connect', 'server_connect_end', 'server_first_read',
'server_read_header_done', 'server_close', 'ua_close', 'sm_finish') {
my $count = $stats->{$key}->{count};
my $total = $stats->{$key}->{total};
