[trafficserver] branch quic-latest updated: Rename QUICSimpleApp to Http09App
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new 2c53847 Rename QUICSimpleApp to Http09App
2c53847 is described below
commit 2c538479077a23a1e5c2d2cd54fee02e76c2ea16
Author: Masaori Koshiba
AuthorDate: Thu Mar 7 15:22:30 2019 +0900
Rename QUICSimpleApp to Http09App
---
proxy/http3/{QUICSimpleApp.cc => Http09App.cc} | 10 +-
proxy/http3/{QUICSimpleApp.h => Http09App.h} | 7 ---
proxy/http3/Http3SessionAccept.cc | 4 ++--
proxy/http3/Makefile.am| 4 ++--
4 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/proxy/http3/QUICSimpleApp.cc b/proxy/http3/Http09App.cc
similarity index 91%
rename from proxy/http3/QUICSimpleApp.cc
rename to proxy/http3/Http09App.cc
index cbff215..f89d0bb 100644
--- a/proxy/http3/QUICSimpleApp.cc
+++ b/proxy/http3/Http09App.cc
@@ -21,7 +21,7 @@
* limitations under the License.
*/
-#include "QUICSimpleApp.h"
+#include "Http09App.h"
#include "P_Net.h"
#include "P_VConnection.h"
@@ -33,7 +33,7 @@
static constexpr char debug_tag[] = "quic_simple_app";
static constexpr char debug_tag_v[] = "v_quic_simple_app";
-QUICSimpleApp::QUICSimpleApp(QUICNetVConnection *client_vc, IpAllow::ACL
session_acl) : QUICApplication(client_vc)
+Http09App::Http09App(QUICNetVConnection *client_vc, IpAllow::ACL session_acl)
: QUICApplication(client_vc)
{
this->_client_session = new Http3ClientSession(client_vc);
this->_client_session->acl = std::move(session_acl);
@@ -41,16 +41,16 @@ QUICSimpleApp::QUICSimpleApp(QUICNetVConnection *client_vc,
IpAllow::ACL session
this->_qc->stream_manager()->set_default_application(this);
- SET_HANDLER(&QUICSimpleApp::main_event_handler);
+ SET_HANDLER(&Http09App::main_event_handler);
}
-QUICSimpleApp::~QUICSimpleApp()
+Http09App::~Http09App()
{
delete this->_client_session;
}
int
-QUICSimpleApp::main_event_handler(int event, Event *data)
+Http09App::main_event_handler(int event, Event *data)
{
Debug(debug_tag_v, "[%s] %s (%d)", this->_qc->cids().data(),
get_vc_event_name(event), event);
diff --git a/proxy/http3/QUICSimpleApp.h b/proxy/http3/Http09App.h
similarity index 86%
rename from proxy/http3/QUICSimpleApp.h
rename to proxy/http3/Http09App.h
index fcb9c9a..1132ef2 100644
--- a/proxy/http3/QUICSimpleApp.h
+++ b/proxy/http3/Http09App.h
@@ -33,13 +33,14 @@ class Http3ClientSession;
/**
* @brief A simple multi-streamed application.
* @detail Response to simple HTTP/0.9 GETs
+ * This will be removed when HTTP/0.9 over QUIC support is dropped
*
*/
-class QUICSimpleApp : public QUICApplication
+class Http09App : public QUICApplication
{
public:
- QUICSimpleApp(QUICNetVConnection *client_vc, IpAllow::ACL session_acl);
- ~QUICSimpleApp();
+ Http09App(QUICNetVConnection *client_vc, IpAllow::ACL session_acl);
+ ~Http09App();
int main_event_handler(int event, Event *data);
diff --git a/proxy/http3/Http3SessionAccept.cc
b/proxy/http3/Http3SessionAccept.cc
index c542abc..6a12f3a 100644
--- a/proxy/http3/Http3SessionAccept.cc
+++ b/proxy/http3/Http3SessionAccept.cc
@@ -27,7 +27,7 @@
#include "I_Machine.h"
#include "IPAllow.h"
-#include "QUICSimpleApp.h"
+#include "Http09App.h"
#include "Http3App.h"
Http3SessionAccept::Http3SessionAccept(const HttpSessionAccept::Options &_o) :
SessionAccept(nullptr), options(_o)
@@ -68,7 +68,7 @@ Http3SessionAccept::accept(NetVConnection *netvc, MIOBuffer
*iobuf, IOBufferRead
Debug("http3", "[%s] start HTTP/0.9 app (ALPN=%s)", qvc->cids().data(),
IP_PROTO_TAG_HTTP_QUIC.data());
}
-new QUICSimpleApp(qvc, std::move(session_acl));
+new Http09App(qvc, std::move(session_acl));
} else if (IP_PROTO_TAG_HTTP_3.compare(alpn) == 0) {
Debug("http3", "[%s] start HTTP/3 app (ALPN=%s)", qvc->cids().data(),
IP_PROTO_TAG_HTTP_3.data());
diff --git a/proxy/http3/Makefile.am b/proxy/http3/Makefile.am
index 50e51b8..b8d8920 100644
--- a/proxy/http3/Makefile.am
+++ b/proxy/http3/Makefile.am
@@ -35,6 +35,7 @@ AM_CPPFLAGS += \
noinst_LIBRARIES = libhttp3.a
libhttp3_a_SOURCES = \
+ Http09App.cc \
Http3.cc \
Http3Config.cc \
Http3App.cc \
@@ -50,8 +51,7 @@ libhttp3_a_SOURCES = \
Http3DataFramer.cc \
Http3HeaderVIOAdaptor.cc \
Http3StreamDataVIOAdaptor.cc \
- QPACK.cc \
- QUICSimpleApp.cc
+ QPACK.cc
#
# Check Programs
[trafficserver] branch quic-latest updated: fix crash in CacheVC::openReadFromWriter
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new d91ca9e fix crash in CacheVC::openReadFromWriter
new 0843eba Merge branch 'asf/master' into quic-latest
d91ca9e is described below
commit d91ca9ee43973fcce9cfccbb146788eb95ae6ffc
Author: rienzi2012 <51553...@qq.com>
AuthorDate: Wed Mar 6 11:54:33 2019 +0800
fix crash in CacheVC::openReadFromWriter
---
proxy/hdrs/HTTP.cc | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index 74e79df..8faf57e 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -2035,8 +2035,7 @@ HTTPInfo::marshal(char *buf, int len)
buf += m_alt->m_frag_offset_count * sizeof(FragOffset);
used += m_alt->m_frag_offset_count * sizeof(FragOffset);
} else {
-// the data stored in intergral buffer
-m_alt->m_frag_offsets = nullptr;
+marshal_alt->m_frag_offsets = nullptr;
}
// The m_{request,response}_hdr->m_heap pointers are converted
[trafficserver] branch quic-latest updated: Fix QUICStreamManager to use QUICStreamVConnection
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new ecc8f02 Fix QUICStreamManager to use QUICStreamVConnection
ecc8f02 is described below
commit ecc8f02e3ad988de7051c73d19a70892d55c81a1
Author: Masaori Koshiba
AuthorDate: Thu Mar 7 12:26:14 2019 +0900
Fix QUICStreamManager to use QUICStreamVConnection
---
iocore/net/quic/QUICStreamManager.cc | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/iocore/net/quic/QUICStreamManager.cc
b/iocore/net/quic/QUICStreamManager.cc
index 33d36b4..a4d3188 100644
--- a/iocore/net/quic/QUICStreamManager.cc
+++ b/iocore/net/quic/QUICStreamManager.cc
@@ -339,7 +339,7 @@ QUICStreamManager::total_reordered_bytes() const
uint64_t total_bytes = 0;
// FIXME Iterating all (open + closed) streams is expensive
- for (QUICStream *s = this->stream_list.head; s; s = s->link.next) {
+ for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next)
{
total_bytes += s->reordered_bytes();
}
return total_bytes;
@@ -351,7 +351,7 @@ QUICStreamManager::total_offset_received() const
uint64_t total_offset_received = 0;
// FIXME Iterating all (open + closed) streams is expensive
- for (QUICStream *s = this->stream_list.head; s; s = s->link.next) {
+ for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next)
{
total_offset_received += s->largest_offset_received();
}
return total_offset_received;
@@ -374,7 +374,7 @@ uint32_t
QUICStreamManager::stream_count() const
{
uint32_t count = 0;
- for (QUICStream *s = this->stream_list.head; s; s = s->link.next) {
+ for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next)
{
++count;
}
return count;
@@ -398,7 +398,7 @@ QUICStreamManager::will_generate_frame(QUICEncryptionLevel
level, ink_hrtime tim
return false;
}
- for (QUICStream *s = this->stream_list.head; s; s = s->link.next) {
+ for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next)
{
if (s->will_generate_frame(level, timestamp)) {
return true;
}
@@ -423,7 +423,7 @@ QUICStreamManager::generate_frame(uint8_t *buf,
QUICEncryptionLevel level, uint6
}
// FIXME We should pick a stream based on priority
- for (QUICStream *s = this->stream_list.head; s; s = s->link.next) {
+ for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next)
{
frame = s->generate_frame(buf, level, connection_credit,
maximum_frame_size, timestamp);
if (frame) {
break;
[trafficserver] branch quic-latest updated: Fix building unit tests for QUIC
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new e5a65d7 Fix building unit tests for QUIC
e5a65d7 is described below
commit e5a65d77da2d2f3b50ca5be7930488352ae896bb
Author: Masaori Koshiba
AuthorDate: Thu Mar 7 11:16:54 2019 +0900
Fix building unit tests for QUIC
Prior this change, there're many undefined symbols comes from
SSLMultiCertConfigLoader.
As workaround fix, link unit tests to libinknet.a.
---
iocore/net/Makefile.am | 1 +
iocore/net/libinknet_stub.cc | 163 +++
iocore/net/quic/Makefile.am | 15 ++--
iocore/net/quic/test/stub.cc | 51 --
iocore/net/test_I_UDPNet.cc | 142 -
5 files changed, 173 insertions(+), 199 deletions(-)
diff --git a/iocore/net/Makefile.am b/iocore/net/Makefile.am
index 76a1bdc..dc0a385 100644
--- a/iocore/net/Makefile.am
+++ b/iocore/net/Makefile.am
@@ -83,6 +83,7 @@ test_UDPNet_LDADD = \
@HWLOC_LIBS@ @OPENSSL_LIBS@ @LIBPCRE@ @YAMLCPP_LIBS@
test_UDPNet_SOURCES = \
+ libinknet_stub.cc \
test_I_UDPNet.cc
libinknet_a_SOURCES = \
diff --git a/iocore/net/libinknet_stub.cc b/iocore/net/libinknet_stub.cc
new file mode 100644
index 000..91fbf1f
--- /dev/null
+++ b/iocore/net/libinknet_stub.cc
@@ -0,0 +1,163 @@
+/** @file
+
+ Stub file for linking libinknet.a from unit tests
+
+ @section license License
+
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ */
+
+#include "HttpSessionManager.h"
+
+void
+initialize_thread_for_http_sessions(EThread *, int)
+{
+ ink_assert(false);
+}
+
+#include "P_UnixNet.h"
+#include "P_DNSConnection.h"
+int
+DNSConnection::close()
+{
+ ink_assert(false);
+ return 0;
+}
+
+void
+DNSConnection::trigger()
+{
+ ink_assert(false);
+}
+
+#include "StatPages.h"
+void
+StatPagesManager::register_http(char const *, Action *(*)(Continuation *,
HTTPHdr *))
+{
+ ink_assert(false);
+}
+
+#include "ParentSelection.h"
+void
+SocksServerConfig::startup()
+{
+ ink_assert(false);
+}
+
+int SocksServerConfig::m_id = 0;
+
+void
+ParentConfigParams::findParent(HttpRequestData *, ParentResult *, unsigned
int, unsigned int)
+{
+ ink_assert(false);
+}
+
+void
+ParentConfigParams::nextParent(HttpRequestData *, ParentResult *, unsigned
int, unsigned int)
+{
+ ink_assert(false);
+}
+
+#include "Log.h"
+void
+Log::trace_in(sockaddr const *, unsigned short, char const *, ...)
+{
+ ink_assert(false);
+}
+
+void
+Log::trace_out(sockaddr const *, unsigned short, char const *, ...)
+{
+ ink_assert(false);
+}
+
+#include "InkAPIInternal.h"
+int
+APIHook::invoke(int, void *)
+{
+ ink_assert(false);
+ return 0;
+}
+
+APIHook *
+APIHook::next() const
+{
+ ink_assert(false);
+ return nullptr;
+}
+
+APIHook *
+APIHooks::get() const
+{
+ ink_assert(false);
+ return nullptr;
+}
+
+void
+ConfigUpdateCbTable::invoke(const char * /* name ATS_UNUSED */)
+{
+ ink_release_assert(false);
+}
+
+#include "ControlMatcher.h"
+char *
+HttpRequestData::get_string()
+{
+ ink_assert(false);
+ return nullptr;
+}
+
+const char *
+HttpRequestData::get_host()
+{
+ ink_assert(false);
+ return nullptr;
+}
+
+sockaddr const *
+HttpRequestData::get_ip()
+{
+ ink_assert(false);
+ return nullptr;
+}
+
+sockaddr const *
+HttpRequestData::get_client_ip()
+{
+ ink_assert(false);
+ return nullptr;
+}
+
+SslAPIHooks *ssl_hooks = nullptr;
+StatPagesManager statPagesManager;
+
+#include "ProcessManager.h"
+inkcoreapi ProcessManager *pmgmt = nullptr;
+
+int
+BaseManager::registerMgmtCallback(int, MgmtCallback const &)
+{
+ ink_assert(false);
+ return 0;
+}
+
+void
+ProcessManager::signalManager(int, char const *, int)
+{
+ ink_assert(false);
+ return;
+}
diff --git a/iocore/net/quic/Makefile.am b/iocore/net/quic/Makefile.am
index b5b571e..ceddc26 100644
--- a/iocore/net/quic/Makefile.am
+++ b/iocore/net/quic/Makefile.am
@@ -124,20 +124,23 @@ test_CPPFLAGS = \
test_LDADD = \
libquic.a \
$(top_builddir)/lib/records/librecords_p.a \
+ $(top_builddir)/lib/tsconfig/libtsconfig.la \
[trafficserver] branch quic-latest updated: Fix unit tests using QUICBidirectionalStream
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new 13e12de Fix unit tests using QUICBidirectionalStream
13e12de is described below
commit 13e12de1a4e9ad1df22557e9e1bf187cd275a688
Author: Masaori Koshiba
AuthorDate: Thu Mar 7 10:46:31 2019 +0900
Fix unit tests using QUICBidirectionalStream
---
iocore/net/quic/test/test_QUICFrame.cc | 2 +-
iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/iocore/net/quic/test/test_QUICFrame.cc
b/iocore/net/quic/test/test_QUICFrame.cc
index 1f50273..2ef3dcb 100644
--- a/iocore/net/quic/test/test_QUICFrame.cc
+++ b/iocore/net/quic/test/test_QUICFrame.cc
@@ -1522,7 +1522,7 @@ TEST_CASE("QUICFrameFactory Create RESET_STREAM with a
QUICStreamError", "[quic]
uint8_t frame_buf[QUICFrame::MAX_INSTANCE_SIZE];
MockQUICRTTProvider mock_rtt;
MockQUICConnection mock_connection;
- QUICStream stream(&mock_rtt, &mock_connection, 0x1234, 0, 0);
+ QUICBidirectionalStream stream(&mock_rtt, &mock_connection, 0x1234, 0, 0);
std::unique_ptr error =
std::unique_ptr(new QUICStreamError(&stream,
static_cast(0x01)));
const QUICRstStreamFrame *rst_stream_frame1 =
QUICFrameFactory::create_rst_stream_frame(frame_buf, *error);
diff --git a/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc
b/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc
index 7a56743..32eee34 100644
--- a/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc
+++ b/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc
@@ -30,7 +30,7 @@
TEST_CASE("QUICIncomingStreamFrameBuffer_fin_offset", "[quic]")
{
uint8_t frame_buf[QUICFrame::MAX_INSTANCE_SIZE];
- QUICStream *stream = new QUICStream();
+ QUICBidirectionalStream *stream = new QUICBidirectionalStream();
QUICIncomingStreamFrameBuffer buffer;
QUICErrorUPtr err = nullptr;
@@ -122,7 +122,7 @@ TEST_CASE("QUICIncomingStreamFrameBuffer_fin_offset",
"[quic]")
TEST_CASE("QUICIncomingStreamFrameBuffer_pop", "[quic]")
{
- QUICStream *stream = new QUICStream();
+ QUICBidirectionalStream *stream = new QUICBidirectionalStream();
QUICIncomingStreamFrameBuffer buffer;
QUICErrorUPtr err = nullptr;
@@ -195,7 +195,7 @@ TEST_CASE("QUICIncomingStreamFrameBuffer_pop", "[quic]")
TEST_CASE("QUICIncomingStreamFrameBuffer_dup_frame", "[quic]")
{
- QUICStream *stream = new QUICStream();
+ QUICBidirectionalStream *stream = new QUICBidirectionalStream();
QUICIncomingStreamFrameBuffer buffer;
QUICErrorUPtr err = nullptr;
[trafficserver] branch quic-latest updated: Remove test_QUICHandshake
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new 8c157d7 Remove test_QUICHandshake
8c157d7 is described below
commit 8c157d759b5db530d15a342e7b234c33e961d5fb
Author: Masaori Koshiba
AuthorDate: Thu Mar 7 10:38:28 2019 +0900
Remove test_QUICHandshake
---
iocore/net/quic/Makefile.am| 8 ---
iocore/net/quic/Mock.h | 48 ---
iocore/net/quic/test/test_QUICHandshake.cc | 95 --
3 files changed, 151 deletions(-)
diff --git a/iocore/net/quic/Makefile.am b/iocore/net/quic/Makefile.am
index a480ecb..b5b571e 100644
--- a/iocore/net/quic/Makefile.am
+++ b/iocore/net/quic/Makefile.am
@@ -181,14 +181,6 @@ test_QUICLossDetector_SOURCES = \
$(test_event_main_SOURCES) \
./test/test_QUICLossDetector.cc
-# TODO: fix unit test using QUICCryptoStream
-# test_QUICHandshake_CPPFLAGS = $(test_CPPFLAGS)
-# test_QUICHandshake_LDFLAGS = @AM_LDFLAGS@
-# test_QUICHandshake_LDADD = $(test_LDADD)
-# test_QUICHandshake_SOURCES = \
-# $(test_event_main_SOURCES) \
-# ./test/test_QUICHandshake.cc
-
test_QUICHandshakeProtocol_CPPFLAGS = $(test_CPPFLAGS)
test_QUICHandshakeProtocol_LDFLAGS = @AM_LDFLAGS@
test_QUICHandshakeProtocol_LDADD = $(test_LDADD)
diff --git a/iocore/net/quic/Mock.h b/iocore/net/quic/Mock.h
index 7cabff5..6d66dfa 100644
--- a/iocore/net/quic/Mock.h
+++ b/iocore/net/quic/Mock.h
@@ -425,54 +425,6 @@ public:
}
};
-class MockQUICStream : public QUICStream
-{
-public:
- MockQUICStream(QUICRTTProvider *rtt_provider, QUICConnectionInfoProvider
*info, QUICStreamId sid, uint64_t recv_max_stream_data,
- uint64_t send_max_stream_data)
-: QUICStream(info, sid)
- {
- }
-
-private:
- int64_t
- _process_read_vio() override
- {
-return 0;
- }
-
- int64_t
- _process_write_vio() override
- {
-return 0;
- }
-};
-
-class MockQUICStreamIO : public QUICStreamIO
-{
-public:
- MockQUICStreamIO(QUICApplication *app, QUICStream *stream) :
QUICStreamIO(app, stream) {}
- ~MockQUICStreamIO() {}
- int64_t
- transfer()
- {
-int64_t n = this->_write_buffer_reader->read_avail();
-this->_read_buffer->write(this->_write_buffer_reader, n);
-this->_write_buffer_reader->consume(n);
-return n;
- }
-
-private:
- void
- read_reenable() override
- {
- }
- void
- write_reenable() override
- {
- }
-};
-
class MockQUICPacketProtectionKeyInfo : public QUICPacketProtectionKeyInfo
{
public:
diff --git a/iocore/net/quic/test/test_QUICHandshake.cc
b/iocore/net/quic/test/test_QUICHandshake.cc
deleted file mode 100644
index 2043ce2..000
--- a/iocore/net/quic/test/test_QUICHandshake.cc
+++ /dev/null
@@ -1,95 +0,0 @@
-/** @file
- *
- * A brief file description
- *
- * @section license License
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "catch.hpp"
-
-#include "Mock.h"
-#include "QUICHandshake.h"
-
-#include "./server_cert.h"
-
-TEST_CASE("1-RTT handshake ", "[quic]")
-{
- // setup client
- QUICConnection *client_qc = new MockQUICConnection(NET_VCONNECTION_OUT);
-
- SSL_CTX *client_ssl_ctx = SSL_CTX_new(TLS_method());
- SSL_CTX_set_min_proto_version(client_ssl_ctx, TLS1_3_VERSION);
- SSL_CTX_set_max_proto_version(client_ssl_ctx, TLS1_3_VERSION);
- SSL_CTX_clear_options(client_ssl_ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
-
- QUICConnectionId client_conn_id = {reinterpret_cast("\x01\x23\x45"), 3};
-
- QUICHandshake *client = new QUICHandshake(client_qc, client_ssl_ctx);
-
- // setup server
- QUICConnection *server_qc = new MockQUICConnection(NET_VCONNECTION_IN);
-
- SSL_CTX *server_ssl_ctx = SSL_CTX_new(TLS_method());
- SSL_CTX_set_min_proto_version(server_ssl_ctx, TLS1_3_VERSION);
- SSL_CTX_set_max_proto_version(server_ssl_ctx, TLS1_3_VERSION);
- SSL_CTX_clear_options(server_ssl_ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
- BIO *crt_bio(BIO_new_mem_buf(server_crt, sizeof(server_crt)));
- SSL_CTX_use_certificate(server_ssl_ctx, PEM_read_bio_X509(crt_bio, nullptr,
nullptr, nullptr)
[trafficserver] branch quic-latest updated (5e3ca19 -> 4088245)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 5e3ca19 QUIC: Load multiple certs new aa10729 QUIC: Introduce base stream class new b0cd800 QUIC: Use QUICStream as base class new f6972d4 QUIC: Introduce QUICStreamVConnection to process VIO new 4088245 QUIC: Rename quicStreamAllocator to quicBidiStreamAllocator The 12869 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: iocore/eventsystem/I_Thread.h | 2 +- iocore/net/quic/Mock.h | 2 +- iocore/net/quic/QUICApplication.cc | 30 +- iocore/net/quic/QUICApplication.h | 12 +- iocore/net/quic/QUICStream.cc | 658 ++-- iocore/net/quic/QUICStream.h| 187 + iocore/net/quic/QUICStreamManager.cc| 41 +- iocore/net/quic/QUICStreamManager.h | 8 +- iocore/net/quic/test/test_QUICStream.cc | 25 +- 9 files changed, 551 insertions(+), 414 deletions(-)
[trafficserver] branch master updated: fix crash in CacheVC::openReadFromWriter
This is an automated email from the ASF dual-hosted git repository.
scw00 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new d91ca9e fix crash in CacheVC::openReadFromWriter
d91ca9e is described below
commit d91ca9ee43973fcce9cfccbb146788eb95ae6ffc
Author: rienzi2012 <51553...@qq.com>
AuthorDate: Wed Mar 6 11:54:33 2019 +0800
fix crash in CacheVC::openReadFromWriter
---
proxy/hdrs/HTTP.cc | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index 74e79df..8faf57e 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -2035,8 +2035,7 @@ HTTPInfo::marshal(char *buf, int len)
buf += m_alt->m_frag_offset_count * sizeof(FragOffset);
used += m_alt->m_frag_offset_count * sizeof(FragOffset);
} else {
-// the data stored in intergral buffer
-m_alt->m_frag_offsets = nullptr;
+marshal_alt->m_frag_offsets = nullptr;
}
// The m_{request,response}_hdr->m_heap pointers are converted
[trafficserver] branch quic-latest updated: QUIC: Load multiple certs
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new 5e3ca19 QUIC: Load multiple certs
5e3ca19 is described below
commit 5e3ca198bc73f493c1df3b97aae6ecb058adf06f
Author: Masaori Koshiba
AuthorDate: Wed Feb 20 12:16:14 2019 +0900
QUIC: Load multiple certs
---
iocore/net/QUICNetProcessor.cc | 1 +
iocore/net/QUICNetVConnection.cc | 4 +-
iocore/net/SSLUtils.cc | 75
iocore/net/quic/QUICConfig.cc| 255 ++-
iocore/net/quic/QUICConfig.h | 32 -
iocore/net/quic/QUICGlobals.cc | 63 +-
iocore/net/quic/QUICGlobals.h| 2 +
7 files changed, 321 insertions(+), 111 deletions(-)
diff --git a/iocore/net/QUICNetProcessor.cc b/iocore/net/QUICNetProcessor.cc
index 8c63668..5a2e373 100644
--- a/iocore/net/QUICNetProcessor.cc
+++ b/iocore/net/QUICNetProcessor.cc
@@ -63,6 +63,7 @@ QUICNetProcessor::start(int, size_t stacksize)
// This initialization order matters ...
// QUICInitializeLibrary();
QUICConfig::startup();
+ QUICCertConfig::startup();
#ifdef TLS1_3_VERSION_DRAFT_TXT
// FIXME: remove this when TLS1_3_VERSION_DRAFT_TXT is removed
diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc
index 410b235..e8c7b53 100644
--- a/iocore/net/QUICNetVConnection.cc
+++ b/iocore/net/QUICNetVConnection.cc
@@ -240,10 +240,12 @@ QUICNetVConnection::start()
this->_five_tuple.update(this->local_addr, this->remote_addr, SOCK_DGRAM);
// Version 0x0001 uses stream 0 for cryptographic handshake with TLS
1.3, but newer version may not
if (this->direction() == NET_VCONNECTION_IN) {
+QUICCertConfig::scoped_config server_cert;
+
this->_pp_key_info.set_context(QUICPacketProtectionKeyInfo::Context::SERVER);
this->_ack_frame_manager.set_ack_delay_exponent(params->ack_delay_exponent_in());
this->_reset_token =
QUICStatelessResetToken(this->_quic_connection_id, params->instance_id());
-this->_hs_protocol =
this->_setup_handshake_protocol(params->server_ssl_ctx());
+this->_hs_protocol =
this->_setup_handshake_protocol(server_cert->ssl_default);
this->_handshake_handler = new QUICHandshake(this, this->_hs_protocol,
this->_reset_token, params->stateless_retry());
this->_ack_frame_manager.set_max_ack_delay(params->max_ack_delay_in());
this->_schedule_ack_manager_periodic(params->max_ack_delay_in());
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 7c7c7fe..c83b314 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -1557,81 +1557,6 @@ ssl_extract_certificate(const matcher_line *line_info,
SSLMultiCertConfigParams
return true;
}
-// TODO: remove this function and setup SSL_CTX for QUIC somehow
-bool
-SSLParseCertificateConfiguration(const SSLConfigParams *params, SSL_CTX
*ssl_ctx)
-{
- char *tok_state = nullptr;
- char *line = nullptr;
- ats_scoped_str file_buf;
- unsigned line_num = 0;
- matcher_line line_info;
-
- const matcher_tags sslCertTags = {nullptr, nullptr, nullptr, nullptr,
nullptr, nullptr, false};
-
- Note("loading SSL certificate configuration from %s",
params->configFilePath);
-
- if (params->configFilePath) {
-file_buf = readIntoBuffer(params->configFilePath, __func__, nullptr);
- }
-
- if (!file_buf) {
-Error("failed to read SSL certificate configuration from %s",
params->configFilePath);
-return false;
- }
-
- // Optionally elevate/allow file access to read root-only
- // certificates. The destructor will drop privilege for us.
- uint32_t elevate_setting = 0;
- REC_ReadConfigInteger(elevate_setting,
"proxy.config.ssl.cert.load_elevated");
- ElevateAccess elevate_access(elevate_setting ? ElevateAccess::FILE_PRIVILEGE
: 0);
-
- line = tokLine(file_buf, &tok_state);
- while (line != nullptr) {
-line_num++;
-
-// Skip all blank spaces at beginning of line.
-while (*line && isspace(*line)) {
- line++;
-}
-
-if (*line != '\0' && *line != '#') {
- SSLMultiCertConfigParams sslMultiCertSettings;
- const char *errPtr;
-
- errPtr = parseConfigLine(line, &line_info, &sslCertTags);
-
- if (errPtr != nullptr) {
-RecSignalWarning(REC_SIGNAL_CONFIG_ERROR, "%s: discarding %s entry at
line %d: %s", __func__, params->configFilePath,
- line_num, errPtr);
- } else {
-if (ssl_extract_certificate(&line_info, sslMultiCertSettings)) {
- // There must be a certificate specified unless the tunnel action is
set
- if (sslMultiCertSettings.cert || sslMultiCertSettings.opt !=
SSLCertContext::OPT_TUNNEL) {
-if (SSL_CTX_use_PrivateKey_file(ssl_ctx,
sslMultiCertSettings.key.get(), SSL_FILETYPE_PEM) != 1) {
- Error("Coul
[trafficserver] branch quic-latest updated (e0cc477 -> c7e43ea)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from e0cc477 Fix tests new 4fdc01c Remove extra vars to bwprint in SSLConfigParams::getCTX new 9c4bfa3 Merge url_scheme_get into only calling class method new f78dcdc MIME: Fix line_is_real false positive. new 3340005 set thread affinity to current thread if the current thread type is the same as the target thread new a105fd3 Add support for the old lua formatted ease of use conventions and the numeric log rolling values new 9a93757 tscore/eventnotify: change fcntl include path new e0c6dc1 tscore/ink_hrtime: add missing cstdint import new 656f25a traffic_layout/engine: add missing stat import new 2a334d8 Remove duplicate calls to TSHttpTxnReenable in xdebug new f202f84 Fixing a previous fix to fully allocate strings when heap mismatch detected. new ca609e5 Override delete in Extendible new 773108b Fix #5094: Fix use after free in test_IntrusiveHashMap.cc new 82e1497 Fix #5093: new/delete mismatch in test_IntrusivePtr.cc. new 012d437 Implement aud claim in Uri Signing Plugin new 1514bab Fix SessionProtocolNameRegistry lookup new 814ccc5 Move minimum OpenSSL version to 1.0.2 new c7e43ea Merge branch 'asf/master' into quic-latest The 12864 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: build/crypto.m4| 120 -- configure.ac | 20 +-- include/tscore/Extendible.h| 11 ++ include/tscore/ink_config.h.in | 4 - include/tscore/ink_hrtime.h| 1 + iocore/eventsystem/P_UnixEventProcessor.h | 10 +- iocore/net/SSLClientUtils.cc | 10 +- iocore/net/SSLConfig.cc| 5 +- iocore/net/SSLNetVConnection.cc| 9 -- iocore/net/SSLUtils.cc | 133 +++ lib/records/RecHttp.cc | 5 +- plugins/experimental/uri_signing/config.c | 25 +++ plugins/experimental/uri_signing/config.h | 1 + plugins/experimental/uri_signing/jwt.c | 57 ++- plugins/experimental/uri_signing/jwt.h | 3 +- plugins/experimental/uri_signing/parse.c | 5 + .../uri_signing/unit_tests/testConfig.config | 102 .../uri_signing/unit_tests/uri_signing_test.cc | 179 + plugins/xdebug/xdebug.cc | 2 - proxy/hdrs/HTTP.cc | 2 +- proxy/hdrs/HdrHeap.h | 20 +++ proxy/hdrs/MIME.cc | 8 +- proxy/hdrs/URL.cc | 33 ++-- proxy/hdrs/URL.h | 21 ++- proxy/logging/YamlLogConfig.cc | 14 +- src/traffic_layout/engine.h| 1 + src/traffic_layout/info.cc | 4 - src/traffic_server/InkAPI.cc | 7 - src/tscore/EventNotify.cc | 2 +- src/tscore/unit_tests/test_IntrusiveHashMap.cc | 7 +- src/tscore/unit_tests/test_IntrusivePtr.cc | 2 +- tests/README.md| 10 +- .../cont_schedule/gold/schedule_on_pool.gold | 3 +- tests/gold_tests/headers/forwarded.test.py | 1 - tests/gold_tests/headers/via.test.py | 1 - tests/gold_tests/logging/ccid_ctid.test.py | 1 - .../pluginTest/sslheaders/sslheaders.test.py | 1 - .../pluginTest/test_hooks/test_hooks.test.py | 1 - tests/gold_tests/pluginTest/tsapi/tsapi.test.py| 1 - .../gold_tests/pluginTest/url_sig/url_sig.test.py | 3 - tests/tools/plugins/cont_schedule.cc | 8 +- 41 files changed, 533 insertions(+), 320 deletions(-) create mode 100644 plugins/experimental/uri_signing/unit_tests/testConfig.config
[trafficserver] branch master updated: Move minimum OpenSSL version to 1.0.2
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 814ccc5 Move minimum OpenSSL version to 1.0.2
814ccc5 is described below
commit 814ccc5ea60942eb0a5f0bf71f6a777f0535df12
Author: Masaori Koshiba
AuthorDate: Tue Feb 26 12:37:26 2019 +0900
Move minimum OpenSSL version to 1.0.2
Remove following macros by assuming OpenSSL 1.0.2 API and headers
- HAVE_OPENSSL_EC_H
- HAVE_OPENSSL_EVP_H
- HAVE_EC_KEY_NEW_BY_CURVE_NAME
- HAVE_SSL_SELECT_NEXT_PROTO
- TS_USE_TLS_NPN
- TS_USE_TLS_ALPN
- TS_USE_CERT_CB
- TS_USE_TLS_ECKEY
---
build/crypto.m4| 120 ++-
configure.ac | 20 +---
include/tscore/ink_config.h.in | 4 -
iocore/net/SSLClientUtils.cc | 10 +-
iocore/net/SSLConfig.cc| 3 +-
iocore/net/SSLNetVConnection.cc| 9 --
iocore/net/SSLUtils.cc | 133 -
src/traffic_layout/info.cc | 4 -
src/traffic_server/InkAPI.cc | 7 --
tests/README.md| 10 +-
tests/gold_tests/headers/forwarded.test.py | 1 -
tests/gold_tests/headers/via.test.py | 1 -
tests/gold_tests/logging/ccid_ctid.test.py | 1 -
.../pluginTest/sslheaders/sslheaders.test.py | 1 -
.../pluginTest/test_hooks/test_hooks.test.py | 1 -
tests/gold_tests/pluginTest/tsapi/tsapi.test.py| 1 -
.../gold_tests/pluginTest/url_sig/url_sig.test.py | 3 -
17 files changed, 64 insertions(+), 265 deletions(-)
diff --git a/build/crypto.m4 b/build/crypto.m4
index 248be9e..09d4086 100644
--- a/build/crypto.m4
+++ b/build/crypto.m4
@@ -39,38 +39,28 @@ AC_DEFUN([TS_CHECK_CRYPTO], [
dnl add checks for other varieties of ssl here
])
-dnl
-
-AC_DEFUN([TS_CHECK_CRYPTO_EC_KEYS], [
- _eckeys_saved_LIBS=$LIBS
-
- TS_ADDTO(LIBS, [$OPENSSL_LIBS])
- AC_CHECK_HEADERS(openssl/ec.h)
- AC_CHECK_FUNCS(EC_KEY_new_by_curve_name, [enable_tls_eckey=yes],
[enable_tls_eckey=no])
- LIBS=$_eckeys_saved_LIBS
- AC_MSG_CHECKING(whether EC keys are supported)
- AC_MSG_RESULT([$enable_tls_eckey])
- TS_ARG_ENABLE_VAR([use], [tls-eckey])
- AC_SUBST(use_tls_eckey)
-])
-
-AC_DEFUN([TS_CHECK_CRYPTO_NEXTPROTONEG], [
- enable_tls_npn=yes
- _npn_saved_LIBS=$LIBS
-
- TS_ADDTO(LIBS, [$OPENSSL_LIBS])
- AC_CHECK_FUNCS(SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_next_proto_select_cb SSL_select_next_proto
SSL_get0_next_proto_negotiated,
-[], [enable_tls_npn=no]
- )
- LIBS=$_npn_saved_LIBS
-
- AC_MSG_CHECKING(whether to enable Next Protocol Negotiation TLS extension
support)
- AC_MSG_RESULT([$enable_tls_npn])
- TS_ARG_ENABLE_VAR([use], [tls-npn])
- AC_SUBST(use_tls_npn)
+dnl
+dnl Check OpenSSL Version
+dnl
+AC_DEFUN([TS_CHECK_CRYPTO_VERSION], [
+ AC_MSG_CHECKING([OpenSSL version])
+ AC_TRY_RUN([
+#include
+int main() {
+ if (OPENSSL_VERSION_NUMBER < 0x1000200fL) {
+return 1;
+ }
+ return 0;
+}
+],
+ [AC_MSG_RESULT([ok])],
+ [AC_MSG_FAILURE([requires an OpenSSL version 1.0.2 or greater])])
])
+dnl
+dnl Since OpenSSL 1.1.0
+dnl
AC_DEFUN([TS_CHECK_CRYPTO_ASYNC], [
enable_tls_async=yes
_async_saved_LIBS=$LIBS
@@ -87,63 +77,9 @@ AC_DEFUN([TS_CHECK_CRYPTO_ASYNC], [
AC_SUBST(use_tls_async)
])
-AC_DEFUN([TS_CHECK_CRYPTO_ALPN], [
- enable_tls_alpn=yes
- _alpn_saved_LIBS=$LIBS
-
- TS_ADDTO(LIBS, [$OPENSSL_LIBS])
- AC_CHECK_FUNCS(SSL_CTX_set_alpn_protos SSL_CTX_set_alpn_select_cb
SSL_get0_alpn_selected SSL_select_next_proto,
-[], [enable_tls_alpn=no]
- )
- LIBS=$_alpn_saved_LIBS
-
- AC_MSG_CHECKING(whether to enable Application Layer Protocol Negotiation TLS
extension support)
- AC_MSG_RESULT([$enable_tls_alpn])
- TS_ARG_ENABLE_VAR([use], [tls-alpn])
- AC_SUBST(use_tls_alpn)
-])
-
-AC_DEFUN([TS_CHECK_CRYPTO_CERT_CB], [
- _cert_saved_LIBS=$LIBS
- enable_cert_cb=yes
-
- TS_ADDTO(LIBS, [$OPENSSL_LIBS])
- AC_CHECK_HEADERS(openssl/ssl.h openssl/ts.h)
- AC_CHECK_HEADERS(openssl/tls1.h, [], [],
-[ #if HAVE_OPENSSL_SSL_H
-#include
-#include
-#endif ])
-
- AC_MSG_CHECKING([for SSL_CTX_set_cert_cb])
- AC_LINK_IFELSE(
- [
-AC_LANG_PROGRAM([[
-#if HAVE_OPENSSL_SSL_H
-#include
-#endif
-#if HAVE_OPENSSL_TLS1_H
-#include
-#endif
- ]],
- [[SSL_CTX_set_cert_cb(NULL, NULL, NULL);]])
- ],
- [
-AC_MSG_RESULT([yes])
- ],
- [
-AC_MSG_RESULT([no])
-enable_cert_cb=no
- ])
-
- LIBS=$_cert_saved_LIBS
-
- AC_MSG_CHECKING(whether to enable TLS certificate callback support)
- AC_MSG_RESULT([$enable_cert_cb])
- TS_ARG_ENABLE_VAR([use], [cert-cb])
- AC_SUBST(use_cert_cb)
-])
-
+dnl
+dnl Since OpenSSL 1.
[trafficserver] branch master updated: Fix SessionProtocolNameRegistry lookup
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 1514bab Fix SessionProtocolNameRegistry lookup
1514bab is described below
commit 1514babe826f2f44608c5cca7b150900e4592150
Author: Masaori Koshiba
AuthorDate: Wed Mar 6 14:51:52 2019 +0900
Fix SessionProtocolNameRegistry lookup
Prior this change, SessionProtocolNameRegistry::indexFor() always returns 0.
Because `spot` never reach to `m_names.end()`.
This is introduced by 5ad8eec303b5f9c38da0de3775e0aadb7186fc38.
---
lib/records/RecHttp.cc | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/records/RecHttp.cc b/lib/records/RecHttp.cc
index d20ab3a..0ad3378 100644
--- a/lib/records/RecHttp.cc
+++ b/lib/records/RecHttp.cc
@@ -751,8 +751,9 @@ SessionProtocolNameRegistry::toIndexConst(TextView name)
int
SessionProtocolNameRegistry::indexFor(TextView name) const
{
- auto spot = std::find(m_names.begin(), m_names.begin() + m_n, name);
- if (spot != m_names.end()) {
+ const ts::TextView *end = m_names.begin() + m_n;
+ auto spot = std::find(m_names.begin(), end, name);
+ if (spot != end) {
return static_cast(spot - m_names.begin());
}
return INVALID;
[trafficserver] branch master updated: Implement aud claim in Uri Signing Plugin
This is an automated email from the ASF dual-hosted git repository.
eze pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 012d437 Implement aud claim in Uri Signing Plugin
012d437 is described below
commit 012d437f54daedaf0cc6d67d2d15f836c38d0bf6
Author: Dylan Souza
AuthorDate: Fri Feb 15 22:45:25 2019 +
Implement aud claim in Uri Signing Plugin
The Aud claim is implemented as per the RFC version 16 that
can be found here:https://tools.ietf.org/html/draft-ietf-cdni-uri-signing-16
As per the specification, the aud claim can be either a JSON array or
a string. The aud claim is stored as raw json in the jwt class
in this implementation. It is converted either to an array or a
string at validation time.
This commit also expands the unit tests quite a bit. Test configs
can be provided in the unit_tests directory and parsed in the test
framework.
JWS validation is also testable now.
This commit also fixes two memory leaks
1. Issuers were never being freed on configuration cleanup.
2. Token renewal allocates a tmp json_object without freeing.
---
plugins/experimental/uri_signing/config.c | 25 +++
plugins/experimental/uri_signing/config.h | 1 +
plugins/experimental/uri_signing/jwt.c | 57 ++-
plugins/experimental/uri_signing/jwt.h | 3 +-
plugins/experimental/uri_signing/parse.c | 5 +
.../uri_signing/unit_tests/testConfig.config | 102
.../uri_signing/unit_tests/uri_signing_test.cc | 179 +
7 files changed, 364 insertions(+), 8 deletions(-)
diff --git a/plugins/experimental/uri_signing/config.c
b/plugins/experimental/uri_signing/config.c
index b52b944..9642914 100644
--- a/plugins/experimental/uri_signing/config.c
+++ b/plugins/experimental/uri_signing/config.c
@@ -45,6 +45,7 @@ struct config {
char **issuer_names;
struct signer signer;
struct auth_directive *auth_directives;
+ char *id;
};
cjose_jwk_t **
@@ -80,6 +81,12 @@ find_key_by_kid(struct config *cfg, const char *issuer,
const char *kid)
return NULL;
}
+const char *
+config_get_id(struct config *cfg)
+{
+ return cfg->id;
+}
+
struct config *
config_new(size_t n)
{
@@ -105,6 +112,7 @@ config_new(size_t n)
cfg->signer.alg= NULL;
cfg->auth_directives = NULL;
+ cfg->id = NULL;
PluginDebug("New config object created at %p", cfg);
return cfg;
@@ -117,6 +125,7 @@ config_delete(struct config *cfg)
return;
}
hdestroy_r(cfg->issuers);
+ free(cfg->issuers);
for (cjose_jwk_t ***jwkis = cfg->jwkis; *jwkis; ++jwkis) {
for (cjose_jwk_t **jwks = *jwkis; *jwks; ++jwks) {
@@ -126,6 +135,10 @@ config_delete(struct config *cfg)
}
free(cfg->jwkis);
+ if (cfg->id) {
+free(cfg->id);
+ }
+
for (char **name = cfg->issuer_names; *name; ++name) {
free(*name);
}
@@ -259,6 +272,18 @@ read_config(const char *path)
renewal_kid = json_string_value(renewal_kid_json);
}
+json_t *id_json = json_object_get(jwks, "id");
+const char *id;
+if (id_json) {
+ id = json_string_value(id_json);
+ if (id) {
+cfg->id = malloc(strlen(id) + 1);
+strcpy(cfg->id, id);
+PluginDebug("Found Id in the config: %s", cfg->id);
+ }
+}
+json_decref(id_json);
+
size_t jwks_ct = json_array_size(key_ary);
cjose_jwk_t **jwks = (*jwkis++ = malloc((jwks_ct + 1) * sizeof *jwks));
PluginDebug("Created table with size %d", cfg->issuers->size);
diff --git a/plugins/experimental/uri_signing/config.h
b/plugins/experimental/uri_signing/config.h
index 75a82f2..a22ec5d 100644
--- a/plugins/experimental/uri_signing/config.h
+++ b/plugins/experimental/uri_signing/config.h
@@ -33,3 +33,4 @@ struct signer *config_signer(struct config *);
struct _cjose_jwk_int **find_keys(struct config *cfg, const char *issuer);
struct _cjose_jwk_int *find_key_by_kid(struct config *cfg, const char *issuer,
const char *kid);
bool uri_matches_auth_directive(struct config *cfg, const char *uri, size_t
uri_ct);
+const char *config_get_id(struct config *cfg);
diff --git a/plugins/experimental/uri_signing/jwt.c
b/plugins/experimental/uri_signing/jwt.c
index 69a07e3..aeaa218 100644
--- a/plugins/experimental/uri_signing/jwt.c
+++ b/plugins/experimental/uri_signing/jwt.c
@@ -56,7 +56,7 @@ parse_jwt(json_t *raw)
jwt->raw= raw;
jwt->iss= json_string_value(json_object_get(raw, "iss"));
jwt->sub= json_string_value(json_object_get(raw, "sub"));
- jwt->aud= json_string_value(json_object_get(raw, "aud"));
+ jwt->aud= json_object_get(raw, "aud");
jwt->exp= parse_number(json_object_get(raw, "exp"));
jwt->nbf= parse_number(json_object_get(raw, "nbf"));
jwt->iat= pa
[trafficserver] branch master updated: Fix #5093: new/delete mismatch in test_IntrusivePtr.cc.
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 82e1497 Fix #5093: new/delete mismatch in test_IntrusivePtr.cc.
82e1497 is described below
commit 82e1497cc8bf8d8648d303881c60378369043134
Author: Alan M. Carroll
AuthorDate: Mon Mar 4 15:45:11 2019 -0600
Fix #5093: new/delete mismatch in test_IntrusivePtr.cc.
---
src/tscore/unit_tests/test_IntrusivePtr.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tscore/unit_tests/test_IntrusivePtr.cc
b/src/tscore/unit_tests/test_IntrusivePtr.cc
index c2fcf7e..ffacbc6 100644
--- a/src/tscore/unit_tests/test_IntrusivePtr.cc
+++ b/src/tscore/unit_tests/test_IntrusivePtr.cc
@@ -28,7 +28,7 @@
struct Thing : public ts::IntrusivePtrCounter {
Thing() { ++_count; }
- ~Thing() { --_count; }
+ virtual ~Thing() { --_count; }
std::string _name;
static int _count; // instance count.
};
[trafficserver] branch master updated: Fix #5094: Fix use after free in test_IntrusiveHashMap.cc
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 773108b Fix #5094: Fix use after free in test_IntrusiveHashMap.cc
773108b is described below
commit 773108b0469770691a750e4ed42b7b66cd41678a
Author: Alan M. Carroll
AuthorDate: Mon Mar 4 15:37:43 2019 -0600
Fix #5094: Fix use after free in test_IntrusiveHashMap.cc
---
src/tscore/unit_tests/test_IntrusiveHashMap.cc | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/tscore/unit_tests/test_IntrusiveHashMap.cc
b/src/tscore/unit_tests/test_IntrusiveHashMap.cc
index a0521a2..5e615c0 100644
--- a/src/tscore/unit_tests/test_IntrusiveHashMap.cc
+++ b/src/tscore/unit_tests/test_IntrusiveHashMap.cc
@@ -90,9 +90,10 @@ TEST_CASE("IntrusiveHashMap", "[libts][IntrusiveHashMap]")
map.insert(new Thing("dave"));
map.insert(new Thing("persia"));
REQUIRE(map.count() == 3);
- for (auto &thing : map) {
-delete &thing;
- }
+ // Need to be bit careful cleaning up, since the link pointers are in the
objects and deleting
+ // the object makes it unsafe to use an iterator referencing that object.
For a full cleanup,
+ // the best option is to first delete everything, then clean up the map.
+ map.apply([](Thing *thing) { delete thing; });
map.clear();
REQUIRE(map.count() == 0);
[trafficserver] branch master updated: Override delete in Extendible
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new ca609e5 Override delete in Extendible
ca609e5 is described below
commit ca609e5931703fb6664422b145a4cc1e7dfbaf87
Author: Bryan Call
AuthorDate: Thu Feb 28 16:28:55 2019 -0800
Override delete in Extendible
---
include/tscore/Extendible.h | 11 +++
1 file changed, 11 insertions(+)
diff --git a/include/tscore/Extendible.h b/include/tscore/Extendible.h
index 16c9c87..c6a1920 100644
--- a/include/tscore/Extendible.h
+++ b/include/tscore/Extendible.h
@@ -105,6 +105,8 @@ template struct Extendible {
Extendible(Extendible &) = delete;
/** allocate a new object with additional field data */
void *operator new(size_t size);
+ /** free the object */
+ void operator delete(void *ptr);
/** construct all fields */
Extendible() { schema.call_construct(this_as_char_ptr()); }
/** destruct all fields */
@@ -550,6 +552,15 @@ Extendible::operator new(size_t size)
return ptr;
}
+/// free the object
+template
+void
+Extendible::operator delete(void *ptr)
+{
+ ats_free(ptr);
+ ink_release_assert(ptr != nullptr);
+}
+
// private
template
char *
