[trafficserver] branch quic-latest updated: Rename QUICSimpleApp to Http09App
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new 2c53847 Rename QUICSimpleApp to Http09App 2c53847 is described below commit 2c538479077a23a1e5c2d2cd54fee02e76c2ea16 Author: Masaori Koshiba AuthorDate: Thu Mar 7 15:22:30 2019 +0900 Rename QUICSimpleApp to Http09App --- proxy/http3/{QUICSimpleApp.cc => Http09App.cc} | 10 +- proxy/http3/{QUICSimpleApp.h => Http09App.h} | 7 --- proxy/http3/Http3SessionAccept.cc | 4 ++-- proxy/http3/Makefile.am| 4 ++-- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/proxy/http3/QUICSimpleApp.cc b/proxy/http3/Http09App.cc similarity index 91% rename from proxy/http3/QUICSimpleApp.cc rename to proxy/http3/Http09App.cc index cbff215..f89d0bb 100644 --- a/proxy/http3/QUICSimpleApp.cc +++ b/proxy/http3/Http09App.cc @@ -21,7 +21,7 @@ * limitations under the License. */ -#include "QUICSimpleApp.h" +#include "Http09App.h" #include "P_Net.h" #include "P_VConnection.h" @@ -33,7 +33,7 @@ static constexpr char debug_tag[] = "quic_simple_app"; static constexpr char debug_tag_v[] = "v_quic_simple_app"; -QUICSimpleApp::QUICSimpleApp(QUICNetVConnection *client_vc, IpAllow::ACL session_acl) : QUICApplication(client_vc) +Http09App::Http09App(QUICNetVConnection *client_vc, IpAllow::ACL session_acl) : QUICApplication(client_vc) { this->_client_session = new Http3ClientSession(client_vc); this->_client_session->acl = std::move(session_acl); @@ -41,16 +41,16 @@ QUICSimpleApp::QUICSimpleApp(QUICNetVConnection *client_vc, IpAllow::ACL session this->_qc->stream_manager()->set_default_application(this); - SET_HANDLER(&QUICSimpleApp::main_event_handler); + SET_HANDLER(&Http09App::main_event_handler); } -QUICSimpleApp::~QUICSimpleApp() +Http09App::~Http09App() { delete this->_client_session; } int -QUICSimpleApp::main_event_handler(int event, Event *data) +Http09App::main_event_handler(int event, Event *data) { Debug(debug_tag_v, "[%s] %s (%d)", this->_qc->cids().data(), get_vc_event_name(event), event); diff --git a/proxy/http3/QUICSimpleApp.h b/proxy/http3/Http09App.h similarity index 86% rename from proxy/http3/QUICSimpleApp.h rename to proxy/http3/Http09App.h index fcb9c9a..1132ef2 100644 --- a/proxy/http3/QUICSimpleApp.h +++ b/proxy/http3/Http09App.h @@ -33,13 +33,14 @@ class Http3ClientSession; /** * @brief A simple multi-streamed application. * @detail Response to simple HTTP/0.9 GETs + * This will be removed when HTTP/0.9 over QUIC support is dropped * */ -class QUICSimpleApp : public QUICApplication +class Http09App : public QUICApplication { public: - QUICSimpleApp(QUICNetVConnection *client_vc, IpAllow::ACL session_acl); - ~QUICSimpleApp(); + Http09App(QUICNetVConnection *client_vc, IpAllow::ACL session_acl); + ~Http09App(); int main_event_handler(int event, Event *data); diff --git a/proxy/http3/Http3SessionAccept.cc b/proxy/http3/Http3SessionAccept.cc index c542abc..6a12f3a 100644 --- a/proxy/http3/Http3SessionAccept.cc +++ b/proxy/http3/Http3SessionAccept.cc @@ -27,7 +27,7 @@ #include "I_Machine.h" #include "IPAllow.h" -#include "QUICSimpleApp.h" +#include "Http09App.h" #include "Http3App.h" Http3SessionAccept::Http3SessionAccept(const HttpSessionAccept::Options &_o) : SessionAccept(nullptr), options(_o) @@ -68,7 +68,7 @@ Http3SessionAccept::accept(NetVConnection *netvc, MIOBuffer *iobuf, IOBufferRead Debug("http3", "[%s] start HTTP/0.9 app (ALPN=%s)", qvc->cids().data(), IP_PROTO_TAG_HTTP_QUIC.data()); } -new QUICSimpleApp(qvc, std::move(session_acl)); +new Http09App(qvc, std::move(session_acl)); } else if (IP_PROTO_TAG_HTTP_3.compare(alpn) == 0) { Debug("http3", "[%s] start HTTP/3 app (ALPN=%s)", qvc->cids().data(), IP_PROTO_TAG_HTTP_3.data()); diff --git a/proxy/http3/Makefile.am b/proxy/http3/Makefile.am index 50e51b8..b8d8920 100644 --- a/proxy/http3/Makefile.am +++ b/proxy/http3/Makefile.am @@ -35,6 +35,7 @@ AM_CPPFLAGS += \ noinst_LIBRARIES = libhttp3.a libhttp3_a_SOURCES = \ + Http09App.cc \ Http3.cc \ Http3Config.cc \ Http3App.cc \ @@ -50,8 +51,7 @@ libhttp3_a_SOURCES = \ Http3DataFramer.cc \ Http3HeaderVIOAdaptor.cc \ Http3StreamDataVIOAdaptor.cc \ - QPACK.cc \ - QUICSimpleApp.cc + QPACK.cc # # Check Programs
[trafficserver] branch quic-latest updated: fix crash in CacheVC::openReadFromWriter
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new d91ca9e fix crash in CacheVC::openReadFromWriter new 0843eba Merge branch 'asf/master' into quic-latest d91ca9e is described below commit d91ca9ee43973fcce9cfccbb146788eb95ae6ffc Author: rienzi2012 <51553...@qq.com> AuthorDate: Wed Mar 6 11:54:33 2019 +0800 fix crash in CacheVC::openReadFromWriter --- proxy/hdrs/HTTP.cc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc index 74e79df..8faf57e 100644 --- a/proxy/hdrs/HTTP.cc +++ b/proxy/hdrs/HTTP.cc @@ -2035,8 +2035,7 @@ HTTPInfo::marshal(char *buf, int len) buf += m_alt->m_frag_offset_count * sizeof(FragOffset); used += m_alt->m_frag_offset_count * sizeof(FragOffset); } else { -// the data stored in intergral buffer -m_alt->m_frag_offsets = nullptr; +marshal_alt->m_frag_offsets = nullptr; } // The m_{request,response}_hdr->m_heap pointers are converted
[trafficserver] branch quic-latest updated: Fix QUICStreamManager to use QUICStreamVConnection
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new ecc8f02 Fix QUICStreamManager to use QUICStreamVConnection ecc8f02 is described below commit ecc8f02e3ad988de7051c73d19a70892d55c81a1 Author: Masaori Koshiba AuthorDate: Thu Mar 7 12:26:14 2019 +0900 Fix QUICStreamManager to use QUICStreamVConnection --- iocore/net/quic/QUICStreamManager.cc | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/iocore/net/quic/QUICStreamManager.cc b/iocore/net/quic/QUICStreamManager.cc index 33d36b4..a4d3188 100644 --- a/iocore/net/quic/QUICStreamManager.cc +++ b/iocore/net/quic/QUICStreamManager.cc @@ -339,7 +339,7 @@ QUICStreamManager::total_reordered_bytes() const uint64_t total_bytes = 0; // FIXME Iterating all (open + closed) streams is expensive - for (QUICStream *s = this->stream_list.head; s; s = s->link.next) { + for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next) { total_bytes += s->reordered_bytes(); } return total_bytes; @@ -351,7 +351,7 @@ QUICStreamManager::total_offset_received() const uint64_t total_offset_received = 0; // FIXME Iterating all (open + closed) streams is expensive - for (QUICStream *s = this->stream_list.head; s; s = s->link.next) { + for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next) { total_offset_received += s->largest_offset_received(); } return total_offset_received; @@ -374,7 +374,7 @@ uint32_t QUICStreamManager::stream_count() const { uint32_t count = 0; - for (QUICStream *s = this->stream_list.head; s; s = s->link.next) { + for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next) { ++count; } return count; @@ -398,7 +398,7 @@ QUICStreamManager::will_generate_frame(QUICEncryptionLevel level, ink_hrtime tim return false; } - for (QUICStream *s = this->stream_list.head; s; s = s->link.next) { + for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next) { if (s->will_generate_frame(level, timestamp)) { return true; } @@ -423,7 +423,7 @@ QUICStreamManager::generate_frame(uint8_t *buf, QUICEncryptionLevel level, uint6 } // FIXME We should pick a stream based on priority - for (QUICStream *s = this->stream_list.head; s; s = s->link.next) { + for (QUICStreamVConnection *s = this->stream_list.head; s; s = s->link.next) { frame = s->generate_frame(buf, level, connection_credit, maximum_frame_size, timestamp); if (frame) { break;
[trafficserver] branch quic-latest updated: Fix building unit tests for QUIC
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new e5a65d7 Fix building unit tests for QUIC e5a65d7 is described below commit e5a65d77da2d2f3b50ca5be7930488352ae896bb Author: Masaori Koshiba AuthorDate: Thu Mar 7 11:16:54 2019 +0900 Fix building unit tests for QUIC Prior this change, there're many undefined symbols comes from SSLMultiCertConfigLoader. As workaround fix, link unit tests to libinknet.a. --- iocore/net/Makefile.am | 1 + iocore/net/libinknet_stub.cc | 163 +++ iocore/net/quic/Makefile.am | 15 ++-- iocore/net/quic/test/stub.cc | 51 -- iocore/net/test_I_UDPNet.cc | 142 - 5 files changed, 173 insertions(+), 199 deletions(-) diff --git a/iocore/net/Makefile.am b/iocore/net/Makefile.am index 76a1bdc..dc0a385 100644 --- a/iocore/net/Makefile.am +++ b/iocore/net/Makefile.am @@ -83,6 +83,7 @@ test_UDPNet_LDADD = \ @HWLOC_LIBS@ @OPENSSL_LIBS@ @LIBPCRE@ @YAMLCPP_LIBS@ test_UDPNet_SOURCES = \ + libinknet_stub.cc \ test_I_UDPNet.cc libinknet_a_SOURCES = \ diff --git a/iocore/net/libinknet_stub.cc b/iocore/net/libinknet_stub.cc new file mode 100644 index 000..91fbf1f --- /dev/null +++ b/iocore/net/libinknet_stub.cc @@ -0,0 +1,163 @@ +/** @file + + Stub file for linking libinknet.a from unit tests + + @section license License + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#include "HttpSessionManager.h" + +void +initialize_thread_for_http_sessions(EThread *, int) +{ + ink_assert(false); +} + +#include "P_UnixNet.h" +#include "P_DNSConnection.h" +int +DNSConnection::close() +{ + ink_assert(false); + return 0; +} + +void +DNSConnection::trigger() +{ + ink_assert(false); +} + +#include "StatPages.h" +void +StatPagesManager::register_http(char const *, Action *(*)(Continuation *, HTTPHdr *)) +{ + ink_assert(false); +} + +#include "ParentSelection.h" +void +SocksServerConfig::startup() +{ + ink_assert(false); +} + +int SocksServerConfig::m_id = 0; + +void +ParentConfigParams::findParent(HttpRequestData *, ParentResult *, unsigned int, unsigned int) +{ + ink_assert(false); +} + +void +ParentConfigParams::nextParent(HttpRequestData *, ParentResult *, unsigned int, unsigned int) +{ + ink_assert(false); +} + +#include "Log.h" +void +Log::trace_in(sockaddr const *, unsigned short, char const *, ...) +{ + ink_assert(false); +} + +void +Log::trace_out(sockaddr const *, unsigned short, char const *, ...) +{ + ink_assert(false); +} + +#include "InkAPIInternal.h" +int +APIHook::invoke(int, void *) +{ + ink_assert(false); + return 0; +} + +APIHook * +APIHook::next() const +{ + ink_assert(false); + return nullptr; +} + +APIHook * +APIHooks::get() const +{ + ink_assert(false); + return nullptr; +} + +void +ConfigUpdateCbTable::invoke(const char * /* name ATS_UNUSED */) +{ + ink_release_assert(false); +} + +#include "ControlMatcher.h" +char * +HttpRequestData::get_string() +{ + ink_assert(false); + return nullptr; +} + +const char * +HttpRequestData::get_host() +{ + ink_assert(false); + return nullptr; +} + +sockaddr const * +HttpRequestData::get_ip() +{ + ink_assert(false); + return nullptr; +} + +sockaddr const * +HttpRequestData::get_client_ip() +{ + ink_assert(false); + return nullptr; +} + +SslAPIHooks *ssl_hooks = nullptr; +StatPagesManager statPagesManager; + +#include "ProcessManager.h" +inkcoreapi ProcessManager *pmgmt = nullptr; + +int +BaseManager::registerMgmtCallback(int, MgmtCallback const &) +{ + ink_assert(false); + return 0; +} + +void +ProcessManager::signalManager(int, char const *, int) +{ + ink_assert(false); + return; +} diff --git a/iocore/net/quic/Makefile.am b/iocore/net/quic/Makefile.am index b5b571e..ceddc26 100644 --- a/iocore/net/quic/Makefile.am +++ b/iocore/net/quic/Makefile.am @@ -124,20 +124,23 @@ test_CPPFLAGS = \ test_LDADD = \ libquic.a \ $(top_builddir)/lib/records/librecords_p.a \ + $(top_builddir)/lib/tsconfig/libtsconfig.la \
[trafficserver] branch quic-latest updated: Fix unit tests using QUICBidirectionalStream
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new 13e12de Fix unit tests using QUICBidirectionalStream 13e12de is described below commit 13e12de1a4e9ad1df22557e9e1bf187cd275a688 Author: Masaori Koshiba AuthorDate: Thu Mar 7 10:46:31 2019 +0900 Fix unit tests using QUICBidirectionalStream --- iocore/net/quic/test/test_QUICFrame.cc | 2 +- iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/iocore/net/quic/test/test_QUICFrame.cc b/iocore/net/quic/test/test_QUICFrame.cc index 1f50273..2ef3dcb 100644 --- a/iocore/net/quic/test/test_QUICFrame.cc +++ b/iocore/net/quic/test/test_QUICFrame.cc @@ -1522,7 +1522,7 @@ TEST_CASE("QUICFrameFactory Create RESET_STREAM with a QUICStreamError", "[quic] uint8_t frame_buf[QUICFrame::MAX_INSTANCE_SIZE]; MockQUICRTTProvider mock_rtt; MockQUICConnection mock_connection; - QUICStream stream(&mock_rtt, &mock_connection, 0x1234, 0, 0); + QUICBidirectionalStream stream(&mock_rtt, &mock_connection, 0x1234, 0, 0); std::unique_ptr error = std::unique_ptr(new QUICStreamError(&stream, static_cast(0x01))); const QUICRstStreamFrame *rst_stream_frame1 = QUICFrameFactory::create_rst_stream_frame(frame_buf, *error); diff --git a/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc b/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc index 7a56743..32eee34 100644 --- a/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc +++ b/iocore/net/quic/test/test_QUICIncomingFrameBuffer.cc @@ -30,7 +30,7 @@ TEST_CASE("QUICIncomingStreamFrameBuffer_fin_offset", "[quic]") { uint8_t frame_buf[QUICFrame::MAX_INSTANCE_SIZE]; - QUICStream *stream = new QUICStream(); + QUICBidirectionalStream *stream = new QUICBidirectionalStream(); QUICIncomingStreamFrameBuffer buffer; QUICErrorUPtr err = nullptr; @@ -122,7 +122,7 @@ TEST_CASE("QUICIncomingStreamFrameBuffer_fin_offset", "[quic]") TEST_CASE("QUICIncomingStreamFrameBuffer_pop", "[quic]") { - QUICStream *stream = new QUICStream(); + QUICBidirectionalStream *stream = new QUICBidirectionalStream(); QUICIncomingStreamFrameBuffer buffer; QUICErrorUPtr err = nullptr; @@ -195,7 +195,7 @@ TEST_CASE("QUICIncomingStreamFrameBuffer_pop", "[quic]") TEST_CASE("QUICIncomingStreamFrameBuffer_dup_frame", "[quic]") { - QUICStream *stream = new QUICStream(); + QUICBidirectionalStream *stream = new QUICBidirectionalStream(); QUICIncomingStreamFrameBuffer buffer; QUICErrorUPtr err = nullptr;
[trafficserver] branch quic-latest updated: Remove test_QUICHandshake
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new 8c157d7 Remove test_QUICHandshake 8c157d7 is described below commit 8c157d759b5db530d15a342e7b234c33e961d5fb Author: Masaori Koshiba AuthorDate: Thu Mar 7 10:38:28 2019 +0900 Remove test_QUICHandshake --- iocore/net/quic/Makefile.am| 8 --- iocore/net/quic/Mock.h | 48 --- iocore/net/quic/test/test_QUICHandshake.cc | 95 -- 3 files changed, 151 deletions(-) diff --git a/iocore/net/quic/Makefile.am b/iocore/net/quic/Makefile.am index a480ecb..b5b571e 100644 --- a/iocore/net/quic/Makefile.am +++ b/iocore/net/quic/Makefile.am @@ -181,14 +181,6 @@ test_QUICLossDetector_SOURCES = \ $(test_event_main_SOURCES) \ ./test/test_QUICLossDetector.cc -# TODO: fix unit test using QUICCryptoStream -# test_QUICHandshake_CPPFLAGS = $(test_CPPFLAGS) -# test_QUICHandshake_LDFLAGS = @AM_LDFLAGS@ -# test_QUICHandshake_LDADD = $(test_LDADD) -# test_QUICHandshake_SOURCES = \ -# $(test_event_main_SOURCES) \ -# ./test/test_QUICHandshake.cc - test_QUICHandshakeProtocol_CPPFLAGS = $(test_CPPFLAGS) test_QUICHandshakeProtocol_LDFLAGS = @AM_LDFLAGS@ test_QUICHandshakeProtocol_LDADD = $(test_LDADD) diff --git a/iocore/net/quic/Mock.h b/iocore/net/quic/Mock.h index 7cabff5..6d66dfa 100644 --- a/iocore/net/quic/Mock.h +++ b/iocore/net/quic/Mock.h @@ -425,54 +425,6 @@ public: } }; -class MockQUICStream : public QUICStream -{ -public: - MockQUICStream(QUICRTTProvider *rtt_provider, QUICConnectionInfoProvider *info, QUICStreamId sid, uint64_t recv_max_stream_data, - uint64_t send_max_stream_data) -: QUICStream(info, sid) - { - } - -private: - int64_t - _process_read_vio() override - { -return 0; - } - - int64_t - _process_write_vio() override - { -return 0; - } -}; - -class MockQUICStreamIO : public QUICStreamIO -{ -public: - MockQUICStreamIO(QUICApplication *app, QUICStream *stream) : QUICStreamIO(app, stream) {} - ~MockQUICStreamIO() {} - int64_t - transfer() - { -int64_t n = this->_write_buffer_reader->read_avail(); -this->_read_buffer->write(this->_write_buffer_reader, n); -this->_write_buffer_reader->consume(n); -return n; - } - -private: - void - read_reenable() override - { - } - void - write_reenable() override - { - } -}; - class MockQUICPacketProtectionKeyInfo : public QUICPacketProtectionKeyInfo { public: diff --git a/iocore/net/quic/test/test_QUICHandshake.cc b/iocore/net/quic/test/test_QUICHandshake.cc deleted file mode 100644 index 2043ce2..000 --- a/iocore/net/quic/test/test_QUICHandshake.cc +++ /dev/null @@ -1,95 +0,0 @@ -/** @file - * - * A brief file description - * - * @section license License - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "catch.hpp" - -#include "Mock.h" -#include "QUICHandshake.h" - -#include "./server_cert.h" - -TEST_CASE("1-RTT handshake ", "[quic]") -{ - // setup client - QUICConnection *client_qc = new MockQUICConnection(NET_VCONNECTION_OUT); - - SSL_CTX *client_ssl_ctx = SSL_CTX_new(TLS_method()); - SSL_CTX_set_min_proto_version(client_ssl_ctx, TLS1_3_VERSION); - SSL_CTX_set_max_proto_version(client_ssl_ctx, TLS1_3_VERSION); - SSL_CTX_clear_options(client_ssl_ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); - - QUICConnectionId client_conn_id = {reinterpret_cast("\x01\x23\x45"), 3}; - - QUICHandshake *client = new QUICHandshake(client_qc, client_ssl_ctx); - - // setup server - QUICConnection *server_qc = new MockQUICConnection(NET_VCONNECTION_IN); - - SSL_CTX *server_ssl_ctx = SSL_CTX_new(TLS_method()); - SSL_CTX_set_min_proto_version(server_ssl_ctx, TLS1_3_VERSION); - SSL_CTX_set_max_proto_version(server_ssl_ctx, TLS1_3_VERSION); - SSL_CTX_clear_options(server_ssl_ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); - BIO *crt_bio(BIO_new_mem_buf(server_crt, sizeof(server_crt))); - SSL_CTX_use_certificate(server_ssl_ctx, PEM_read_bio_X509(crt_bio, nullptr, nullptr, nullptr)
[trafficserver] branch quic-latest updated (5e3ca19 -> 4088245)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 5e3ca19 QUIC: Load multiple certs new aa10729 QUIC: Introduce base stream class new b0cd800 QUIC: Use QUICStream as base class new f6972d4 QUIC: Introduce QUICStreamVConnection to process VIO new 4088245 QUIC: Rename quicStreamAllocator to quicBidiStreamAllocator The 12869 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: iocore/eventsystem/I_Thread.h | 2 +- iocore/net/quic/Mock.h | 2 +- iocore/net/quic/QUICApplication.cc | 30 +- iocore/net/quic/QUICApplication.h | 12 +- iocore/net/quic/QUICStream.cc | 658 ++-- iocore/net/quic/QUICStream.h| 187 + iocore/net/quic/QUICStreamManager.cc| 41 +- iocore/net/quic/QUICStreamManager.h | 8 +- iocore/net/quic/test/test_QUICStream.cc | 25 +- 9 files changed, 551 insertions(+), 414 deletions(-)
[trafficserver] branch master updated: fix crash in CacheVC::openReadFromWriter
This is an automated email from the ASF dual-hosted git repository. scw00 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new d91ca9e fix crash in CacheVC::openReadFromWriter d91ca9e is described below commit d91ca9ee43973fcce9cfccbb146788eb95ae6ffc Author: rienzi2012 <51553...@qq.com> AuthorDate: Wed Mar 6 11:54:33 2019 +0800 fix crash in CacheVC::openReadFromWriter --- proxy/hdrs/HTTP.cc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc index 74e79df..8faf57e 100644 --- a/proxy/hdrs/HTTP.cc +++ b/proxy/hdrs/HTTP.cc @@ -2035,8 +2035,7 @@ HTTPInfo::marshal(char *buf, int len) buf += m_alt->m_frag_offset_count * sizeof(FragOffset); used += m_alt->m_frag_offset_count * sizeof(FragOffset); } else { -// the data stored in intergral buffer -m_alt->m_frag_offsets = nullptr; +marshal_alt->m_frag_offsets = nullptr; } // The m_{request,response}_hdr->m_heap pointers are converted
[trafficserver] branch quic-latest updated: QUIC: Load multiple certs
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/quic-latest by this push: new 5e3ca19 QUIC: Load multiple certs 5e3ca19 is described below commit 5e3ca198bc73f493c1df3b97aae6ecb058adf06f Author: Masaori Koshiba AuthorDate: Wed Feb 20 12:16:14 2019 +0900 QUIC: Load multiple certs --- iocore/net/QUICNetProcessor.cc | 1 + iocore/net/QUICNetVConnection.cc | 4 +- iocore/net/SSLUtils.cc | 75 iocore/net/quic/QUICConfig.cc| 255 ++- iocore/net/quic/QUICConfig.h | 32 - iocore/net/quic/QUICGlobals.cc | 63 +- iocore/net/quic/QUICGlobals.h| 2 + 7 files changed, 321 insertions(+), 111 deletions(-) diff --git a/iocore/net/QUICNetProcessor.cc b/iocore/net/QUICNetProcessor.cc index 8c63668..5a2e373 100644 --- a/iocore/net/QUICNetProcessor.cc +++ b/iocore/net/QUICNetProcessor.cc @@ -63,6 +63,7 @@ QUICNetProcessor::start(int, size_t stacksize) // This initialization order matters ... // QUICInitializeLibrary(); QUICConfig::startup(); + QUICCertConfig::startup(); #ifdef TLS1_3_VERSION_DRAFT_TXT // FIXME: remove this when TLS1_3_VERSION_DRAFT_TXT is removed diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc index 410b235..e8c7b53 100644 --- a/iocore/net/QUICNetVConnection.cc +++ b/iocore/net/QUICNetVConnection.cc @@ -240,10 +240,12 @@ QUICNetVConnection::start() this->_five_tuple.update(this->local_addr, this->remote_addr, SOCK_DGRAM); // Version 0x0001 uses stream 0 for cryptographic handshake with TLS 1.3, but newer version may not if (this->direction() == NET_VCONNECTION_IN) { +QUICCertConfig::scoped_config server_cert; + this->_pp_key_info.set_context(QUICPacketProtectionKeyInfo::Context::SERVER); this->_ack_frame_manager.set_ack_delay_exponent(params->ack_delay_exponent_in()); this->_reset_token = QUICStatelessResetToken(this->_quic_connection_id, params->instance_id()); -this->_hs_protocol = this->_setup_handshake_protocol(params->server_ssl_ctx()); +this->_hs_protocol = this->_setup_handshake_protocol(server_cert->ssl_default); this->_handshake_handler = new QUICHandshake(this, this->_hs_protocol, this->_reset_token, params->stateless_retry()); this->_ack_frame_manager.set_max_ack_delay(params->max_ack_delay_in()); this->_schedule_ack_manager_periodic(params->max_ack_delay_in()); diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc index 7c7c7fe..c83b314 100644 --- a/iocore/net/SSLUtils.cc +++ b/iocore/net/SSLUtils.cc @@ -1557,81 +1557,6 @@ ssl_extract_certificate(const matcher_line *line_info, SSLMultiCertConfigParams return true; } -// TODO: remove this function and setup SSL_CTX for QUIC somehow -bool -SSLParseCertificateConfiguration(const SSLConfigParams *params, SSL_CTX *ssl_ctx) -{ - char *tok_state = nullptr; - char *line = nullptr; - ats_scoped_str file_buf; - unsigned line_num = 0; - matcher_line line_info; - - const matcher_tags sslCertTags = {nullptr, nullptr, nullptr, nullptr, nullptr, nullptr, false}; - - Note("loading SSL certificate configuration from %s", params->configFilePath); - - if (params->configFilePath) { -file_buf = readIntoBuffer(params->configFilePath, __func__, nullptr); - } - - if (!file_buf) { -Error("failed to read SSL certificate configuration from %s", params->configFilePath); -return false; - } - - // Optionally elevate/allow file access to read root-only - // certificates. The destructor will drop privilege for us. - uint32_t elevate_setting = 0; - REC_ReadConfigInteger(elevate_setting, "proxy.config.ssl.cert.load_elevated"); - ElevateAccess elevate_access(elevate_setting ? ElevateAccess::FILE_PRIVILEGE : 0); - - line = tokLine(file_buf, &tok_state); - while (line != nullptr) { -line_num++; - -// Skip all blank spaces at beginning of line. -while (*line && isspace(*line)) { - line++; -} - -if (*line != '\0' && *line != '#') { - SSLMultiCertConfigParams sslMultiCertSettings; - const char *errPtr; - - errPtr = parseConfigLine(line, &line_info, &sslCertTags); - - if (errPtr != nullptr) { -RecSignalWarning(REC_SIGNAL_CONFIG_ERROR, "%s: discarding %s entry at line %d: %s", __func__, params->configFilePath, - line_num, errPtr); - } else { -if (ssl_extract_certificate(&line_info, sslMultiCertSettings)) { - // There must be a certificate specified unless the tunnel action is set - if (sslMultiCertSettings.cert || sslMultiCertSettings.opt != SSLCertContext::OPT_TUNNEL) { -if (SSL_CTX_use_PrivateKey_file(ssl_ctx, sslMultiCertSettings.key.get(), SSL_FILETYPE_PEM) != 1) { - Error("Coul
[trafficserver] branch quic-latest updated (e0cc477 -> c7e43ea)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from e0cc477 Fix tests new 4fdc01c Remove extra vars to bwprint in SSLConfigParams::getCTX new 9c4bfa3 Merge url_scheme_get into only calling class method new f78dcdc MIME: Fix line_is_real false positive. new 3340005 set thread affinity to current thread if the current thread type is the same as the target thread new a105fd3 Add support for the old lua formatted ease of use conventions and the numeric log rolling values new 9a93757 tscore/eventnotify: change fcntl include path new e0c6dc1 tscore/ink_hrtime: add missing cstdint import new 656f25a traffic_layout/engine: add missing stat import new 2a334d8 Remove duplicate calls to TSHttpTxnReenable in xdebug new f202f84 Fixing a previous fix to fully allocate strings when heap mismatch detected. new ca609e5 Override delete in Extendible new 773108b Fix #5094: Fix use after free in test_IntrusiveHashMap.cc new 82e1497 Fix #5093: new/delete mismatch in test_IntrusivePtr.cc. new 012d437 Implement aud claim in Uri Signing Plugin new 1514bab Fix SessionProtocolNameRegistry lookup new 814ccc5 Move minimum OpenSSL version to 1.0.2 new c7e43ea Merge branch 'asf/master' into quic-latest The 12864 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: build/crypto.m4| 120 -- configure.ac | 20 +-- include/tscore/Extendible.h| 11 ++ include/tscore/ink_config.h.in | 4 - include/tscore/ink_hrtime.h| 1 + iocore/eventsystem/P_UnixEventProcessor.h | 10 +- iocore/net/SSLClientUtils.cc | 10 +- iocore/net/SSLConfig.cc| 5 +- iocore/net/SSLNetVConnection.cc| 9 -- iocore/net/SSLUtils.cc | 133 +++ lib/records/RecHttp.cc | 5 +- plugins/experimental/uri_signing/config.c | 25 +++ plugins/experimental/uri_signing/config.h | 1 + plugins/experimental/uri_signing/jwt.c | 57 ++- plugins/experimental/uri_signing/jwt.h | 3 +- plugins/experimental/uri_signing/parse.c | 5 + .../uri_signing/unit_tests/testConfig.config | 102 .../uri_signing/unit_tests/uri_signing_test.cc | 179 + plugins/xdebug/xdebug.cc | 2 - proxy/hdrs/HTTP.cc | 2 +- proxy/hdrs/HdrHeap.h | 20 +++ proxy/hdrs/MIME.cc | 8 +- proxy/hdrs/URL.cc | 33 ++-- proxy/hdrs/URL.h | 21 ++- proxy/logging/YamlLogConfig.cc | 14 +- src/traffic_layout/engine.h| 1 + src/traffic_layout/info.cc | 4 - src/traffic_server/InkAPI.cc | 7 - src/tscore/EventNotify.cc | 2 +- src/tscore/unit_tests/test_IntrusiveHashMap.cc | 7 +- src/tscore/unit_tests/test_IntrusivePtr.cc | 2 +- tests/README.md| 10 +- .../cont_schedule/gold/schedule_on_pool.gold | 3 +- tests/gold_tests/headers/forwarded.test.py | 1 - tests/gold_tests/headers/via.test.py | 1 - tests/gold_tests/logging/ccid_ctid.test.py | 1 - .../pluginTest/sslheaders/sslheaders.test.py | 1 - .../pluginTest/test_hooks/test_hooks.test.py | 1 - tests/gold_tests/pluginTest/tsapi/tsapi.test.py| 1 - .../gold_tests/pluginTest/url_sig/url_sig.test.py | 3 - tests/tools/plugins/cont_schedule.cc | 8 +- 41 files changed, 533 insertions(+), 320 deletions(-) create mode 100644 plugins/experimental/uri_signing/unit_tests/testConfig.config
[trafficserver] branch master updated: Move minimum OpenSSL version to 1.0.2
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 814ccc5 Move minimum OpenSSL version to 1.0.2 814ccc5 is described below commit 814ccc5ea60942eb0a5f0bf71f6a777f0535df12 Author: Masaori Koshiba AuthorDate: Tue Feb 26 12:37:26 2019 +0900 Move minimum OpenSSL version to 1.0.2 Remove following macros by assuming OpenSSL 1.0.2 API and headers - HAVE_OPENSSL_EC_H - HAVE_OPENSSL_EVP_H - HAVE_EC_KEY_NEW_BY_CURVE_NAME - HAVE_SSL_SELECT_NEXT_PROTO - TS_USE_TLS_NPN - TS_USE_TLS_ALPN - TS_USE_CERT_CB - TS_USE_TLS_ECKEY --- build/crypto.m4| 120 ++- configure.ac | 20 +--- include/tscore/ink_config.h.in | 4 - iocore/net/SSLClientUtils.cc | 10 +- iocore/net/SSLConfig.cc| 3 +- iocore/net/SSLNetVConnection.cc| 9 -- iocore/net/SSLUtils.cc | 133 - src/traffic_layout/info.cc | 4 - src/traffic_server/InkAPI.cc | 7 -- tests/README.md| 10 +- tests/gold_tests/headers/forwarded.test.py | 1 - tests/gold_tests/headers/via.test.py | 1 - tests/gold_tests/logging/ccid_ctid.test.py | 1 - .../pluginTest/sslheaders/sslheaders.test.py | 1 - .../pluginTest/test_hooks/test_hooks.test.py | 1 - tests/gold_tests/pluginTest/tsapi/tsapi.test.py| 1 - .../gold_tests/pluginTest/url_sig/url_sig.test.py | 3 - 17 files changed, 64 insertions(+), 265 deletions(-) diff --git a/build/crypto.m4 b/build/crypto.m4 index 248be9e..09d4086 100644 --- a/build/crypto.m4 +++ b/build/crypto.m4 @@ -39,38 +39,28 @@ AC_DEFUN([TS_CHECK_CRYPTO], [ dnl add checks for other varieties of ssl here ]) -dnl - -AC_DEFUN([TS_CHECK_CRYPTO_EC_KEYS], [ - _eckeys_saved_LIBS=$LIBS - - TS_ADDTO(LIBS, [$OPENSSL_LIBS]) - AC_CHECK_HEADERS(openssl/ec.h) - AC_CHECK_FUNCS(EC_KEY_new_by_curve_name, [enable_tls_eckey=yes], [enable_tls_eckey=no]) - LIBS=$_eckeys_saved_LIBS - AC_MSG_CHECKING(whether EC keys are supported) - AC_MSG_RESULT([$enable_tls_eckey]) - TS_ARG_ENABLE_VAR([use], [tls-eckey]) - AC_SUBST(use_tls_eckey) -]) - -AC_DEFUN([TS_CHECK_CRYPTO_NEXTPROTONEG], [ - enable_tls_npn=yes - _npn_saved_LIBS=$LIBS - - TS_ADDTO(LIBS, [$OPENSSL_LIBS]) - AC_CHECK_FUNCS(SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_proto_select_cb SSL_select_next_proto SSL_get0_next_proto_negotiated, -[], [enable_tls_npn=no] - ) - LIBS=$_npn_saved_LIBS - - AC_MSG_CHECKING(whether to enable Next Protocol Negotiation TLS extension support) - AC_MSG_RESULT([$enable_tls_npn]) - TS_ARG_ENABLE_VAR([use], [tls-npn]) - AC_SUBST(use_tls_npn) +dnl +dnl Check OpenSSL Version +dnl +AC_DEFUN([TS_CHECK_CRYPTO_VERSION], [ + AC_MSG_CHECKING([OpenSSL version]) + AC_TRY_RUN([ +#include +int main() { + if (OPENSSL_VERSION_NUMBER < 0x1000200fL) { +return 1; + } + return 0; +} +], + [AC_MSG_RESULT([ok])], + [AC_MSG_FAILURE([requires an OpenSSL version 1.0.2 or greater])]) ]) +dnl +dnl Since OpenSSL 1.1.0 +dnl AC_DEFUN([TS_CHECK_CRYPTO_ASYNC], [ enable_tls_async=yes _async_saved_LIBS=$LIBS @@ -87,63 +77,9 @@ AC_DEFUN([TS_CHECK_CRYPTO_ASYNC], [ AC_SUBST(use_tls_async) ]) -AC_DEFUN([TS_CHECK_CRYPTO_ALPN], [ - enable_tls_alpn=yes - _alpn_saved_LIBS=$LIBS - - TS_ADDTO(LIBS, [$OPENSSL_LIBS]) - AC_CHECK_FUNCS(SSL_CTX_set_alpn_protos SSL_CTX_set_alpn_select_cb SSL_get0_alpn_selected SSL_select_next_proto, -[], [enable_tls_alpn=no] - ) - LIBS=$_alpn_saved_LIBS - - AC_MSG_CHECKING(whether to enable Application Layer Protocol Negotiation TLS extension support) - AC_MSG_RESULT([$enable_tls_alpn]) - TS_ARG_ENABLE_VAR([use], [tls-alpn]) - AC_SUBST(use_tls_alpn) -]) - -AC_DEFUN([TS_CHECK_CRYPTO_CERT_CB], [ - _cert_saved_LIBS=$LIBS - enable_cert_cb=yes - - TS_ADDTO(LIBS, [$OPENSSL_LIBS]) - AC_CHECK_HEADERS(openssl/ssl.h openssl/ts.h) - AC_CHECK_HEADERS(openssl/tls1.h, [], [], -[ #if HAVE_OPENSSL_SSL_H -#include -#include -#endif ]) - - AC_MSG_CHECKING([for SSL_CTX_set_cert_cb]) - AC_LINK_IFELSE( - [ -AC_LANG_PROGRAM([[ -#if HAVE_OPENSSL_SSL_H -#include -#endif -#if HAVE_OPENSSL_TLS1_H -#include -#endif - ]], - [[SSL_CTX_set_cert_cb(NULL, NULL, NULL);]]) - ], - [ -AC_MSG_RESULT([yes]) - ], - [ -AC_MSG_RESULT([no]) -enable_cert_cb=no - ]) - - LIBS=$_cert_saved_LIBS - - AC_MSG_CHECKING(whether to enable TLS certificate callback support) - AC_MSG_RESULT([$enable_cert_cb]) - TS_ARG_ENABLE_VAR([use], [cert-cb]) - AC_SUBST(use_cert_cb) -]) - +dnl +dnl Since OpenSSL 1.
[trafficserver] branch master updated: Fix SessionProtocolNameRegistry lookup
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 1514bab Fix SessionProtocolNameRegistry lookup 1514bab is described below commit 1514babe826f2f44608c5cca7b150900e4592150 Author: Masaori Koshiba AuthorDate: Wed Mar 6 14:51:52 2019 +0900 Fix SessionProtocolNameRegistry lookup Prior this change, SessionProtocolNameRegistry::indexFor() always returns 0. Because `spot` never reach to `m_names.end()`. This is introduced by 5ad8eec303b5f9c38da0de3775e0aadb7186fc38. --- lib/records/RecHttp.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/records/RecHttp.cc b/lib/records/RecHttp.cc index d20ab3a..0ad3378 100644 --- a/lib/records/RecHttp.cc +++ b/lib/records/RecHttp.cc @@ -751,8 +751,9 @@ SessionProtocolNameRegistry::toIndexConst(TextView name) int SessionProtocolNameRegistry::indexFor(TextView name) const { - auto spot = std::find(m_names.begin(), m_names.begin() + m_n, name); - if (spot != m_names.end()) { + const ts::TextView *end = m_names.begin() + m_n; + auto spot = std::find(m_names.begin(), end, name); + if (spot != end) { return static_cast(spot - m_names.begin()); } return INVALID;
[trafficserver] branch master updated: Implement aud claim in Uri Signing Plugin
This is an automated email from the ASF dual-hosted git repository. eze pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 012d437 Implement aud claim in Uri Signing Plugin 012d437 is described below commit 012d437f54daedaf0cc6d67d2d15f836c38d0bf6 Author: Dylan Souza AuthorDate: Fri Feb 15 22:45:25 2019 + Implement aud claim in Uri Signing Plugin The Aud claim is implemented as per the RFC version 16 that can be found here:https://tools.ietf.org/html/draft-ietf-cdni-uri-signing-16 As per the specification, the aud claim can be either a JSON array or a string. The aud claim is stored as raw json in the jwt class in this implementation. It is converted either to an array or a string at validation time. This commit also expands the unit tests quite a bit. Test configs can be provided in the unit_tests directory and parsed in the test framework. JWS validation is also testable now. This commit also fixes two memory leaks 1. Issuers were never being freed on configuration cleanup. 2. Token renewal allocates a tmp json_object without freeing. --- plugins/experimental/uri_signing/config.c | 25 +++ plugins/experimental/uri_signing/config.h | 1 + plugins/experimental/uri_signing/jwt.c | 57 ++- plugins/experimental/uri_signing/jwt.h | 3 +- plugins/experimental/uri_signing/parse.c | 5 + .../uri_signing/unit_tests/testConfig.config | 102 .../uri_signing/unit_tests/uri_signing_test.cc | 179 + 7 files changed, 364 insertions(+), 8 deletions(-) diff --git a/plugins/experimental/uri_signing/config.c b/plugins/experimental/uri_signing/config.c index b52b944..9642914 100644 --- a/plugins/experimental/uri_signing/config.c +++ b/plugins/experimental/uri_signing/config.c @@ -45,6 +45,7 @@ struct config { char **issuer_names; struct signer signer; struct auth_directive *auth_directives; + char *id; }; cjose_jwk_t ** @@ -80,6 +81,12 @@ find_key_by_kid(struct config *cfg, const char *issuer, const char *kid) return NULL; } +const char * +config_get_id(struct config *cfg) +{ + return cfg->id; +} + struct config * config_new(size_t n) { @@ -105,6 +112,7 @@ config_new(size_t n) cfg->signer.alg= NULL; cfg->auth_directives = NULL; + cfg->id = NULL; PluginDebug("New config object created at %p", cfg); return cfg; @@ -117,6 +125,7 @@ config_delete(struct config *cfg) return; } hdestroy_r(cfg->issuers); + free(cfg->issuers); for (cjose_jwk_t ***jwkis = cfg->jwkis; *jwkis; ++jwkis) { for (cjose_jwk_t **jwks = *jwkis; *jwks; ++jwks) { @@ -126,6 +135,10 @@ config_delete(struct config *cfg) } free(cfg->jwkis); + if (cfg->id) { +free(cfg->id); + } + for (char **name = cfg->issuer_names; *name; ++name) { free(*name); } @@ -259,6 +272,18 @@ read_config(const char *path) renewal_kid = json_string_value(renewal_kid_json); } +json_t *id_json = json_object_get(jwks, "id"); +const char *id; +if (id_json) { + id = json_string_value(id_json); + if (id) { +cfg->id = malloc(strlen(id) + 1); +strcpy(cfg->id, id); +PluginDebug("Found Id in the config: %s", cfg->id); + } +} +json_decref(id_json); + size_t jwks_ct = json_array_size(key_ary); cjose_jwk_t **jwks = (*jwkis++ = malloc((jwks_ct + 1) * sizeof *jwks)); PluginDebug("Created table with size %d", cfg->issuers->size); diff --git a/plugins/experimental/uri_signing/config.h b/plugins/experimental/uri_signing/config.h index 75a82f2..a22ec5d 100644 --- a/plugins/experimental/uri_signing/config.h +++ b/plugins/experimental/uri_signing/config.h @@ -33,3 +33,4 @@ struct signer *config_signer(struct config *); struct _cjose_jwk_int **find_keys(struct config *cfg, const char *issuer); struct _cjose_jwk_int *find_key_by_kid(struct config *cfg, const char *issuer, const char *kid); bool uri_matches_auth_directive(struct config *cfg, const char *uri, size_t uri_ct); +const char *config_get_id(struct config *cfg); diff --git a/plugins/experimental/uri_signing/jwt.c b/plugins/experimental/uri_signing/jwt.c index 69a07e3..aeaa218 100644 --- a/plugins/experimental/uri_signing/jwt.c +++ b/plugins/experimental/uri_signing/jwt.c @@ -56,7 +56,7 @@ parse_jwt(json_t *raw) jwt->raw= raw; jwt->iss= json_string_value(json_object_get(raw, "iss")); jwt->sub= json_string_value(json_object_get(raw, "sub")); - jwt->aud= json_string_value(json_object_get(raw, "aud")); + jwt->aud= json_object_get(raw, "aud"); jwt->exp= parse_number(json_object_get(raw, "exp")); jwt->nbf= parse_number(json_object_get(raw, "nbf")); jwt->iat= pa
[trafficserver] branch master updated: Fix #5093: new/delete mismatch in test_IntrusivePtr.cc.
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 82e1497 Fix #5093: new/delete mismatch in test_IntrusivePtr.cc. 82e1497 is described below commit 82e1497cc8bf8d8648d303881c60378369043134 Author: Alan M. Carroll AuthorDate: Mon Mar 4 15:45:11 2019 -0600 Fix #5093: new/delete mismatch in test_IntrusivePtr.cc. --- src/tscore/unit_tests/test_IntrusivePtr.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tscore/unit_tests/test_IntrusivePtr.cc b/src/tscore/unit_tests/test_IntrusivePtr.cc index c2fcf7e..ffacbc6 100644 --- a/src/tscore/unit_tests/test_IntrusivePtr.cc +++ b/src/tscore/unit_tests/test_IntrusivePtr.cc @@ -28,7 +28,7 @@ struct Thing : public ts::IntrusivePtrCounter { Thing() { ++_count; } - ~Thing() { --_count; } + virtual ~Thing() { --_count; } std::string _name; static int _count; // instance count. };
[trafficserver] branch master updated: Fix #5094: Fix use after free in test_IntrusiveHashMap.cc
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 773108b Fix #5094: Fix use after free in test_IntrusiveHashMap.cc 773108b is described below commit 773108b0469770691a750e4ed42b7b66cd41678a Author: Alan M. Carroll AuthorDate: Mon Mar 4 15:37:43 2019 -0600 Fix #5094: Fix use after free in test_IntrusiveHashMap.cc --- src/tscore/unit_tests/test_IntrusiveHashMap.cc | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/tscore/unit_tests/test_IntrusiveHashMap.cc b/src/tscore/unit_tests/test_IntrusiveHashMap.cc index a0521a2..5e615c0 100644 --- a/src/tscore/unit_tests/test_IntrusiveHashMap.cc +++ b/src/tscore/unit_tests/test_IntrusiveHashMap.cc @@ -90,9 +90,10 @@ TEST_CASE("IntrusiveHashMap", "[libts][IntrusiveHashMap]") map.insert(new Thing("dave")); map.insert(new Thing("persia")); REQUIRE(map.count() == 3); - for (auto &thing : map) { -delete &thing; - } + // Need to be bit careful cleaning up, since the link pointers are in the objects and deleting + // the object makes it unsafe to use an iterator referencing that object. For a full cleanup, + // the best option is to first delete everything, then clean up the map. + map.apply([](Thing *thing) { delete thing; }); map.clear(); REQUIRE(map.count() == 0);
[trafficserver] branch master updated: Override delete in Extendible
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new ca609e5 Override delete in Extendible ca609e5 is described below commit ca609e5931703fb6664422b145a4cc1e7dfbaf87 Author: Bryan Call AuthorDate: Thu Feb 28 16:28:55 2019 -0800 Override delete in Extendible --- include/tscore/Extendible.h | 11 +++ 1 file changed, 11 insertions(+) diff --git a/include/tscore/Extendible.h b/include/tscore/Extendible.h index 16c9c87..c6a1920 100644 --- a/include/tscore/Extendible.h +++ b/include/tscore/Extendible.h @@ -105,6 +105,8 @@ template struct Extendible { Extendible(Extendible &) = delete; /** allocate a new object with additional field data */ void *operator new(size_t size); + /** free the object */ + void operator delete(void *ptr); /** construct all fields */ Extendible() { schema.call_construct(this_as_char_ptr()); } /** destruct all fields */ @@ -550,6 +552,15 @@ Extendible::operator new(size_t size) return ptr; } +/// free the object +template +void +Extendible::operator delete(void *ptr) +{ + ats_free(ptr); + ink_release_assert(ptr != nullptr); +} + // private template char *