[trafficserver] branch master updated: Disables "virtual host not used with AWS auth v4" error in s3_auth
This is an automated email from the ASF dual-hosted git repository.
rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 05556de Disables "virtual host not used with AWS auth v4" error in
s3_auth
05556de is described below
commit 05556de2a3b06400e7f587ab4accf1cbf8b2a88e
Author: Randall Meyer
AuthorDate: Thu Mar 19 14:52:26 2020 -0700
Disables "virtual host not used with AWS auth v4" error in s3_auth
This would error on every request
---
plugins/s3_auth/s3_auth.cc | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/plugins/s3_auth/s3_auth.cc b/plugins/s3_auth/s3_auth.cc
index ce76020..8352195 100644
--- a/plugins/s3_auth/s3_auth.cc
+++ b/plugins/s3_auth/s3_auth.cc
@@ -203,9 +203,7 @@ public:
}
} else {
/* 4 == _version */
- if (_virt_host_modified) {
-TSError("[%s] virtual host not used with AWS auth v4, parameter
ignored", PLUGIN_NAME);
- }
+ // NOTE: virtual host not used with AWS auth v4, parameter ignored
}
return true;
}
[trafficserver] 02/02: fix crash in CacheVC::openReadFromWriter
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit f18e6f446c116d8ad8eaa74b09b97b3e90d9f3a6
Author: rienzi2012 <51553...@qq.com>
AuthorDate: Wed Mar 6 11:54:33 2019 +0800
fix crash in CacheVC::openReadFromWriter
(cherry picked from commit d91ca9ee43973fcce9cfccbb146788eb95ae6ffc)
---
proxy/hdrs/HTTP.cc | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index 441526e..d9b8eaa 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -2039,8 +2039,7 @@ HTTPInfo::marshal(char *buf, int len)
buf += m_alt->m_frag_offset_count * sizeof(FragOffset);
used += m_alt->m_frag_offset_count * sizeof(FragOffset);
} else {
-// the data stored in intergral buffer
-m_alt->m_frag_offsets = nullptr;
+marshal_alt->m_frag_offsets = nullptr;
}
// The m_{request,response}_hdr->m_heap pointers are converted
[trafficserver] branch 8.1.x updated (0abd277 -> f18e6f4)
This is an automated email from the ASF dual-hosted git repository. bcall pushed a change to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 0abd277 Do not run clang-format for @default_stack_size@ new b181be2 Avoid ats_malloc in unmarshal new f18e6f4 fix crash in CacheVC::openReadFromWriter The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: proxy/hdrs/HTTP.cc | 41 +++-- 1 file changed, 7 insertions(+), 34 deletions(-)
[trafficserver] 01/02: Avoid ats_malloc in unmarshal
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit b181be23d6db1c9edcba50601a3565fef7afce04
Author: scw00
AuthorDate: Mon Jan 28 15:35:08 2019 +0800
Avoid ats_malloc in unmarshal
(cherry picked from commit 42ca94353919aa1f45b0577a97dc3997e39c4818)
---
proxy/hdrs/HTTP.cc | 44 +---
1 file changed, 9 insertions(+), 35 deletions(-)
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index 595ed62..441526e 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -2002,7 +2002,6 @@ HTTPInfo::marshal_length()
}
if (m_alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
-len -= sizeof(m_alt->m_integral_frag_offsets);
len += sizeof(FragOffset) * m_alt->m_frag_offset_count;
}
@@ -2017,23 +2016,11 @@ HTTPInfo::marshal(char *buf, int len)
HTTPCacheAlt *marshal_alt = (HTTPCacheAlt *)buf;
// non-zero only if the offsets are external. Otherwise they get
// marshalled along with the alt struct.
- int frag_len = (0 == m_alt->m_frag_offset_count || m_alt->m_frag_offsets ==
m_alt->m_integral_frag_offsets) ?
- 0 :
- sizeof(HTTPCacheAlt::FragOffset) *
m_alt->m_frag_offset_count;
-
ink_assert(m_alt->m_magic == CACHE_ALT_MAGIC_ALIVE);
// Make sure the buffer is aligned
//ink_assert(((intptr_t)buf) & 0x3 == 0);
- // If we have external fragment offsets, copy the initial ones
- // into the integral data.
- if (frag_len) {
-memcpy(m_alt->m_integral_frag_offsets, m_alt->m_frag_offsets,
sizeof(m_alt->m_integral_frag_offsets));
-frag_len -= sizeof(m_alt->m_integral_frag_offsets);
-// frag_len should never be non-zero at this point, as the offsets
-// should be external only if too big for the internal table.
- }
// Memcpy the whole object so that we can use it
// live later. This involves copying a few
// extra bytes now but will save copying any
@@ -2046,13 +2033,14 @@ HTTPInfo::marshal(char *buf, int len)
buf += HTTP_ALT_MARSHAL_SIZE;
used += HTTP_ALT_MARSHAL_SIZE;
- if (frag_len > 0) {
+ if (m_alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
marshal_alt->m_frag_offsets = static_cast(reinterpret_cast(used));
-memcpy(buf, m_alt->m_frag_offsets + HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS,
frag_len);
-buf += frag_len;
-used += frag_len;
+memcpy(buf, m_alt->m_frag_offsets, m_alt->m_frag_offset_count *
sizeof(FragOffset));
+buf += m_alt->m_frag_offset_count * sizeof(FragOffset);
+used += m_alt->m_frag_offset_count * sizeof(FragOffset);
} else {
-marshal_alt->m_frag_offsets = nullptr;
+// the data stored in intergral buffer
+m_alt->m_frag_offsets = nullptr;
}
// The m_{request,response}_hdr->m_heap pointers are converted
@@ -2109,23 +2097,9 @@ HTTPInfo::unmarshal(char *buf, int len, RefCountObj
*block_ref)
len -= HTTP_ALT_MARSHAL_SIZE;
if (alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
-// stuff that didn't fit in the integral slots.
-int extra = sizeof(FragOffset) * alt->m_frag_offset_count -
sizeof(alt->m_integral_frag_offsets);
-char *extra_src = buf + reinterpret_cast(alt->m_frag_offsets);
-// Actual buffer size, which must be a power of two.
-// Well, technically not, because we never modify an unmarshalled fragment
-// offset table, but it would be a nasty bug should that be done in the
-// future.
-int bcount = HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS * 2;
-
-while (bcount < alt->m_frag_offset_count) {
- bcount *= 2;
-}
-alt->m_frag_offsets =
- static_cast(ats_malloc(bcount * sizeof(FragOffset))); //
WRONG - must round up to next power of 2.
-memcpy(alt->m_frag_offsets, alt->m_integral_frag_offsets,
sizeof(alt->m_integral_frag_offsets));
-memcpy(alt->m_frag_offsets + HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS,
extra_src, extra);
-len -= extra;
+alt->m_frag_offsets = reinterpret_cast(buf +
reinterpret_cast(alt->m_frag_offsets));
+len -= sizeof(FragOffset) * alt->m_frag_offset_count;
+ink_assert(len >= 0);
} else if (alt->m_frag_offset_count > 0) {
alt->m_frag_offsets = alt->m_integral_frag_offsets;
} else {
[trafficserver] branch 8.1.x updated: Do not run clang-format for @default_stack_size@
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 0abd277 Do not run clang-format for @default_stack_size@ 0abd277 is described below commit 0abd277dade347fd7ffa87218323dcd72f5f2318 Author: Masaori Koshiba AuthorDate: Thu Mar 7 09:25:29 2019 +0900 Do not run clang-format for @default_stack_size@ (cherry picked from commit a181db6f5948d2f35e73a82332695ad35bc2bc33) Conflicts: include/tscore/ink_config.h.in --- include/tscore/ink_config.h.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/tscore/ink_config.h.in b/include/tscore/ink_config.h.in index e125296..d8d0c56 100644 --- a/include/tscore/ink_config.h.in +++ b/include/tscore/ink_config.h.in @@ -125,8 +125,9 @@ #define TS_BUILD_CANONICAL_HOST "@host@" #define TS_BUILD_DEFAULT_LOOPBACK_IFACE "@default_loopback_iface@" -/* clang-format on */ static const int DEFAULT_STACKSIZE = @default_stack_size@; +/* clang-format on */ + #endif /* _ink_config_h */
[trafficserver] branch 8.1.x updated: Password can not be nullptr here, so don't check
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new d71a59c Password can not be nullptr here, so don't check
d71a59c is described below
commit d71a59c7f50a1679c81766b8c24045287268b9f5
Author: Leif Hedstrom
AuthorDate: Wed Apr 24 17:05:36 2019 +0800
Password can not be nullptr here, so don't check
(cherry picked from commit 969a41ce590fa725d7560cd07b9ec53af30a26ef)
---
src/traffic_server/InkAPITest.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/traffic_server/InkAPITest.cc b/src/traffic_server/InkAPITest.cc
index 2769d49..5b5f6cd 100644
--- a/src/traffic_server/InkAPITest.cc
+++ b/src/traffic_server/InkAPITest.cc
@@ -3836,7 +3836,7 @@ REGRESSION_TEST(SDK_API_TSUrl)(RegressionTest *test, int
/* atype ATS_UNUSED */,
SDK_RPRINT(test, "TSUrlPasswordSet", "TestCase1", TC_FAIL, "Returned
TS_ERROR");
} else {
password_get = TSUrlPasswordGet(bufp1, url_loc1, );
-if (((password_get == nullptr) && (password == nullptr)) ||
(strncmp(password_get, password, length) == 0)) {
+if ((password_get == nullptr) || (strncmp(password_get, password, length)
== 0)) {
SDK_RPRINT(test, "TSUrlPasswordSet", "TestCase1", TC_PASS, "ok");
test_passed_password = true;
} else {
[trafficserver] branch 8.1.x updated: Cleanup: remove lib/cppapi from clang-format, it's been moved.
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 2989478 Cleanup: remove lib/cppapi from clang-format, it's been moved. 2989478 is described below commit 2989478ffb586117194581dcd2e14048c10df384 Author: Alan M. Carroll AuthorDate: Fri Jan 25 20:52:54 2019 -0600 Cleanup: remove lib/cppapi from clang-format, it's been moved. (cherry picked from commit ad3b95123d43b7ebf8ef24fb3cb6e4df444b865c) --- Makefile.am | 1 - 1 file changed, 1 deletion(-) diff --git a/Makefile.am b/Makefile.am index 51246e0..cdb37ea 100644 --- a/Makefile.am +++ b/Makefile.am @@ -129,7 +129,6 @@ clang-format-iocore: clang-format-lib: @$(top_srcdir)/tools/clang-format.sh $(top_srcdir)/include - @$(top_srcdir)/tools/clang-format.sh $(top_srcdir)/lib/cppapi @$(top_srcdir)/tools/clang-format.sh $(top_srcdir)/lib/records clang-format-mgmt:
[trafficserver] branch 8.1.x updated: Doc: Remove local path to MathJax.
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 60d0278 Doc: Remove local path to MathJax. 60d0278 is described below commit 60d0278451c546e16b628dea8000fc0f3f54af0e Author: Alan M. Carroll AuthorDate: Sat Nov 16 14:17:31 2019 -0600 Doc: Remove local path to MathJax. (cherry picked from commit b63ba6fcc41c947c879c0b12d5f7ef7a3b67d250) --- doc/conf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/conf.py b/doc/conf.py index 86a9958..0a8449d 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -500,7 +500,7 @@ epub_copyright = u'2013, d...@trafficserver.apache.org' # Allow duplicate toc entries. #epub_tocdup = True -mathjax_path = 'https://docs.trafficserver.apache.org/__RTD/MathJax.js' +#mathjax_path = 'https://docs.trafficserver.apache.org/__RTD/MathJax.js' # Enabling marking bit fields as 'bitfield_N`. # Currently parameterized fields don't work. When they do, we should change to
[trafficserver] branch 8.1.x updated: Limit this check to Linux, where ldd always works (#6191)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new be86bf9 Limit this check to Linux, where ldd always works (#6191) be86bf9 is described below commit be86bf98ce8f5dae5bb3ac69872559bca4158f00 Author: Leif Hedstrom AuthorDate: Mon Nov 18 18:56:51 2019 +0800 Limit this check to Linux, where ldd always works (#6191) (cherry picked from commit 4520de9091fd3427146d2ab319622e0387f7a2cf) --- Makefile.am | 4 +++- configure.ac | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am index 2705e0c..51246e0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -96,7 +96,9 @@ if BUILD_DOCS @cd doc && $(MAKE) $(AM_MAKEFLAGS) install-man endif -TESTS = tools/check-unused-dependencies +if OS_LINUX +TESTS = tools/check-unused-dependencies +endif rat: java -jar $(top_srcdir)/ci/apache-rat-0.13-SNAPSHOT.jar -E $(top_srcdir)/ci/rat-regex.txt -d $(top_srcdir) diff --git a/configure.ac b/configure.ac index a9aa836..285a54d 100644 --- a/configure.ac +++ b/configure.ac @@ -721,6 +721,7 @@ case $host_os in esac TS_ADDTO(AM_CPPFLAGS, [-D$host_os_def]) +AM_CONDITIONAL([OS_LINUX], [test "x$host_os_def" = "xlinux"]) dnl AM_PROG_AR is not always available, but it doesn't seem to be needed in older versions. ifdef([AM_PROG_AR],
[trafficserver] branch 8.1.x updated: Document the order of the X-Cache header
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 47a436a Document the order of the X-Cache header 47a436a is described below commit 47a436a6e2cabeaf90371217a2732357ac9fc140 Author: Miles Libbey AuthorDate: Thu Jan 16 09:21:43 2020 -0800 Document the order of the X-Cache header (cherry picked from commit b67060751ed8b62a437c14ff545f1bb71ef53ec7) --- doc/admin-guide/plugins/xdebug.en.rst | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/admin-guide/plugins/xdebug.en.rst b/doc/admin-guide/plugins/xdebug.en.rst index f840e69..fd92bc0 100644 --- a/doc/admin-guide/plugins/xdebug.en.rst +++ b/doc/admin-guide/plugins/xdebug.en.rst @@ -66,7 +66,7 @@ X-Cache-Key key is being used. X-Cache -The ``X-Cache`` header contains the results of any cache lookup. +The ``X-Cache`` header contains the results of any cache lookups. == === Value Description @@ -78,6 +78,10 @@ X-Cache skipped The cache lookup was skipped. == === +If a request goes through multiple proxies, each one prepends its X-Cache header content +at the beginning of the existing X-Cache header. As a result, the order is reversed from +the Via: header. + X-Cache-Generation The cache generation ID for this transaction, as specified by the :ts:cv:`proxy.config.http.cache.generation` configuration variable.
[trafficserver] branch 8.1.x updated: Free TSMgmtString after using it.
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 3a350a4 Free TSMgmtString after using it. 3a350a4 is described below commit 3a350a4969f2f42c12360d3b05b970894fd0ce84 Author: David Calavera AuthorDate: Tue Feb 4 13:23:50 2020 -0800 Free TSMgmtString after using it. Fixes memory leak. Signed-off-by: David Calavera (cherry picked from commit 544d29bde833a5cad673bb3ccf344f3da8bec387) --- plugins/compress/misc.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/compress/misc.cc b/plugins/compress/misc.cc index 8c4b3bb..6335c80 100644 --- a/plugins/compress/misc.cc +++ b/plugins/compress/misc.cc @@ -142,6 +142,7 @@ init_hidden_header_name() hidden_header_name = (char *)TSmalloc(hidden_header_name_len + 1); hidden_header_name[hidden_header_name_len] = 0; sprintf(hidden_header_name, "x-accept-encoding-%s", result); +TSfree(result); } return hidden_header_name; }
[trafficserver] branch 8.1.x updated: tslua: Exposes set/get version for server request objects
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 4c66e3e tslua: Exposes set/get version for server request objects
4c66e3e is described below
commit 4c66e3e09c7727beabee3bd38143e5a31d5bcd8c
Author: Randall Meyer
AuthorDate: Sun Nov 17 10:38:32 2019 +0800
tslua: Exposes set/get version for server request objects
(cherry picked from commit ddb6e33ae5067262b8df5a1ac0663649308a6ca7)
---
doc/admin-guide/plugins/lua.en.rst | 37 +++-
plugins/lua/ts_lua_server_request.c | 56 +
2 files changed, 92 insertions(+), 1 deletion(-)
diff --git a/doc/admin-guide/plugins/lua.en.rst
b/doc/admin-guide/plugins/lua.en.rst
index e01aa15..ef556f5 100644
--- a/doc/admin-guide/plugins/lua.en.rst
+++ b/doc/admin-guide/plugins/lua.en.rst
@@ -1819,11 +1819,46 @@ ts.server_request.set_method
**description:** This function can be used to override the current server
request's method with METHOD_NAME.
::
-
ts.server_request.set_method('HEAD')
:ref:`TOP `
+ts.server_request_get_version
+--
+**syntax:** *ver = ts.server_request.get_version()*
+
+**context:** function @ TS_LUA_HOOK_SEND_REQUEST_HDR hook point or later.
+
+**description:** Return the http version string of the server request.
+
+Current possible values are 1.0, 1.1, and 0.9.
+::
+function send_request()
+local version = ts.server_request.get_version()
+ts.debug(version)
+end
+
+function do_remap()
+ts.hook(TS_LUA_HOOK_SEND_REQUEST_HDR, send_request)
+return 0
+end
+
+:ref:`TOP `
+
+ts.server_request.set_version
+--
+**syntax:** *ts.server_request.set_version(VERSION_STR)*
+
+**context:** function @ TS_LUA_HOOK_READ_RESPONSE_HDR hook point
+
+**description:** Set the http version of the server request with the
VERSION_STR
+
+::
+
+ts.server_request.set_version('1.0')
+
+:ref:`TOP `
+
ts.server_response.get_status
-
**syntax:** *status = ts.server_response.get_status()*
diff --git a/plugins/lua/ts_lua_server_request.c
b/plugins/lua/ts_lua_server_request.c
index d31a53f..065103f 100644
--- a/plugins/lua/ts_lua_server_request.c
+++ b/plugins/lua/ts_lua_server_request.c
@@ -70,6 +70,8 @@ static int ts_lua_server_request_get_url_host(lua_State *L);
static int ts_lua_server_request_set_url_host(lua_State *L);
static int ts_lua_server_request_get_url_scheme(lua_State *L);
static int ts_lua_server_request_set_url_scheme(lua_State *L);
+static int ts_lua_server_request_get_version(lua_State *L);
+static int ts_lua_server_request_set_version(lua_State *L);
static int ts_lua_server_request_server_addr_get_ip(lua_State *L);
static int ts_lua_server_request_server_addr_get_port(lua_State *L);
@@ -562,6 +564,11 @@ ts_lua_inject_server_request_url_api(lua_State *L)
lua_setfield(L, -2, "get_url_scheme");
lua_pushcfunction(L, ts_lua_server_request_set_url_scheme);
lua_setfield(L, -2, "set_url_scheme");
+
+ lua_pushcfunction(L, ts_lua_server_request_get_version);
+ lua_setfield(L, -2, "get_version");
+ lua_pushcfunction(L, ts_lua_server_request_set_version);
+ lua_setfield(L, -2, "set_version");
}
static int
@@ -659,6 +666,55 @@ ts_lua_server_request_set_url_scheme(lua_State *L)
}
static int
+ts_lua_server_request_get_version(lua_State *L)
+{
+ int version;
+ char buf[32];
+ int n;
+
+ ts_lua_http_ctx *http_ctx;
+
+ GET_HTTP_CONTEXT(http_ctx, L);
+ TS_LUA_CHECK_SERVER_REQUEST_HDR(http_ctx);
+
+ version = TSHttpHdrVersionGet(http_ctx->server_request_bufp,
http_ctx->server_request_hdrp);
+
+ n = snprintf(buf, sizeof(buf), "%d.%d", TS_HTTP_MAJOR(version),
TS_HTTP_MINOR(version));
+
+ if (n >= (int)sizeof(buf)) {
+lua_pushlstring(L, buf, sizeof(buf) - 1);
+ } else if (n > 0) {
+lua_pushlstring(L, buf, n);
+ }
+
+ return 1;
+}
+
+static int
+ts_lua_server_request_set_version(lua_State *L)
+{
+ const char *version;
+ size_t len;
+ int major, minor;
+
+ ts_lua_http_ctx *http_ctx;
+
+ GET_HTTP_CONTEXT(http_ctx, L);
+
+ TS_LUA_CHECK_SERVER_REQUEST_HDR(http_ctx);
+
+ version = luaL_checklstring(L, 1, );
+
+ if (sscanf(version, "%2u.%2u", , ) != 2) {
+return luaL_error(L, "failed to set version. Format must be X.Y");
+ }
+
+ TSHttpHdrVersionSet(http_ctx->server_request_bufp,
http_ctx->server_request_hdrp, TS_HTTP_VERSION(major, minor));
+
+ return 0;
+}
+
+static int
ts_lua_server_request_server_addr_get_ip(lua_State *L)
{
struct sockaddr const *server_ip;
[trafficserver] branch 8.1.x updated: tslua: Exposes set/get method for server request objects
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 43f6786 tslua: Exposes set/get method for server request objects
43f6786 is described below
commit 43f67861643d9f4a4d679aa38e3793b90637e74d
Author: Randall Meyer
AuthorDate: Thu Nov 7 16:06:39 2019 -0800
tslua: Exposes set/get method for server request objects
(cherry picked from commit 97692a552c8ad72a1cc8a890cdf11e53d3a6a1bc)
---
doc/admin-guide/plugins/lua.en.rst | 42
plugins/lua/ts_lua_server_request.c | 55 -
2 files changed, 96 insertions(+), 1 deletion(-)
diff --git a/doc/admin-guide/plugins/lua.en.rst
b/doc/admin-guide/plugins/lua.en.rst
index 8369fbd..e01aa15 100644
--- a/doc/admin-guide/plugins/lua.en.rst
+++ b/doc/admin-guide/plugins/lua.en.rst
@@ -1782,6 +1782,48 @@ ts.server_request.set_url_scheme
`TOP <#ts-lua-plugin>`_
+ts.server_request.get_method
+
+**syntax:** *ts.server_request.get_method()*
+
+**context:** function @ TS_LUA_HOOK_SEND_REQUEST_HDR hook point or later
+
+**description:** This function can be used to retrieve the current server
request's method name. String like "GET" or "POST" is returned.
+
+Here is an example:
+
+::
+
+function send_request()
+local method = ts.server_request.get_method()
+ts.debug(method)
+end
+
+function do_remap()
+ts.hook(TS_LUA_HOOK_SEND_REQUEST_HDR, send_request)
+return 0
+end
+
+Then ``HEAD /`` will yield the output:
+
+``HEAD``
+
+:ref:`TOP `
+
+ts.server_request.set_method
+
+**syntax:** *ts.server_request.set_method()*
+
+**context:** function @ TS_LUA_HOOK_SEND_REQUEST_HDR hook point or later
+
+**description:** This function can be used to override the current server
request's method with METHOD_NAME.
+
+::
+
+ts.server_request.set_method('HEAD')
+
+:ref:`TOP `
+
ts.server_response.get_status
-
**syntax:** *status = ts.server_response.get_status()*
diff --git a/plugins/lua/ts_lua_server_request.c
b/plugins/lua/ts_lua_server_request.c
index d0b26e0..d31a53f 100644
--- a/plugins/lua/ts_lua_server_request.c
+++ b/plugins/lua/ts_lua_server_request.c
@@ -51,6 +51,7 @@ static void ts_lua_inject_server_request_uri_api(lua_State
*L);
static void ts_lua_inject_server_request_uri_args_api(lua_State *L);
static void ts_lua_inject_server_request_uri_params_api(lua_State *L);
static void ts_lua_inject_server_request_url_api(lua_State *L);
+static void ts_lua_inject_server_request_method_api(lua_State *L);
static int ts_lua_server_request_header_get(lua_State *L);
static int ts_lua_server_request_header_set(lua_State *L);
@@ -63,6 +64,8 @@ static int ts_lua_server_request_set_uri_args(lua_State *L);
static int ts_lua_server_request_get_uri_args(lua_State *L);
static int ts_lua_server_request_set_uri_params(lua_State *L);
static int ts_lua_server_request_get_uri_params(lua_State *L);
+static int ts_lua_server_request_get_method(lua_State *L);
+static int ts_lua_server_request_set_method(lua_State *L);
static int ts_lua_server_request_get_url_host(lua_State *L);
static int ts_lua_server_request_set_url_host(lua_State *L);
static int ts_lua_server_request_get_url_scheme(lua_State *L);
@@ -86,7 +89,7 @@ ts_lua_inject_server_request_api(lua_State *L)
ts_lua_inject_server_request_headers_api(L);
ts_lua_inject_server_request_get_header_size_api(L);
ts_lua_inject_server_request_get_body_size_api(L);
-
+ ts_lua_inject_server_request_method_api(L);
ts_lua_inject_server_request_uri_api(L);
ts_lua_inject_server_request_uri_args_api(L);
ts_lua_inject_server_request_uri_params_api(L);
@@ -901,3 +904,53 @@
ts_lua_server_request_server_addr_set_outgoing_addr(lua_State *L)
return 0;
}
+
+static void
+ts_lua_inject_server_request_method_api(lua_State *L)
+{
+ lua_pushcfunction(L, ts_lua_server_request_get_method);
+ lua_setfield(L, -2, "get_method");
+
+ lua_pushcfunction(L, ts_lua_server_request_set_method);
+ lua_setfield(L, -2, "set_method");
+}
+
+static int
+ts_lua_server_request_get_method(lua_State *L)
+{
+ const char *method;
+ int method_len;
+
+ ts_lua_http_ctx *http_ctx;
+
+ GET_HTTP_CONTEXT(http_ctx, L);
+
+ method = TSHttpHdrMethodGet(http_ctx->server_request_bufp,
http_ctx->server_request_hdrp, _len);
+
+ if (method && method_len) {
+lua_pushlstring(L, method, method_len);
+ } else {
+lua_pushnil(L);
+ }
+
+ return 1;
+}
+
+static int
+ts_lua_server_request_set_method(lua_State *L)
+{
+ const char *method;
+ size_t method_len;
+
+ ts_lua_http_ctx *http_ctx;
+
+ GET_HTTP_CONTEXT(http_ctx, L);
+
+ method = luaL_checklstring(L, 1, _len);
+
+ if (method) {
+TSHttpHdrMethodSet(http_ctx->server_request_bufp,
[trafficserver] branch 8.1.x updated: Add MIMEHdr Garbage Collection to HPACK Dynamic Table
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 50a5366 Add MIMEHdr Garbage Collection to HPACK Dynamic Table
50a5366 is described below
commit 50a5366574c2569e24fc80cf4f6e102b8330cc79
Author: Masaori Koshiba
AuthorDate: Tue Jul 2 13:04:20 2019 +0900
Add MIMEHdr Garbage Collection to HPACK Dynamic Table
This is a combination of 2 commits.
1. Reverse internal order of HPACK Dynamic Table Entries
Prioir this change, HpackDynamicTable::add_header_field() always inserts
the entry in front of the vector.
(cherry picked from commit 206384e84b6ae876c41028b44bf4c5cf8585f748)
Conflicts:
proxy/http2/HPACK.cc
2. Add MIMEHdr Garbage Collection to HPACK Dynamic Table
Prior this change, the size of HdrHeap which is owned by MIMEHdr of
HpackDynamicTable had no limit.
Because when MIMEFiled is deleted the allocated memory of the HdrHeap was
not freed.
To mitigate this issue, when HdrHeap size exceeds the threshold,
HpackDynamicTable start using new MIMEHdr and HdrHeap.
The old MIMEHdr and HdrHeap will be freed, when all MIMEFiled is deleted by
HPACK Dynamic Table Entry Eviction.
(cherry picked from commit 2bbcc48195e98b65b681a7e28c9ae1c2ab5d6994)
Conflicts:
proxy/http2/HPACK.cc
---
proxy/hdrs/HdrHeap.cc | 18 +++
proxy/hdrs/HdrHeap.h | 2 +
proxy/http2/HPACK.cc | 131 +-
proxy/http2/HPACK.h | 18 +++
4 files changed, 125 insertions(+), 44 deletions(-)
diff --git a/proxy/hdrs/HdrHeap.cc b/proxy/hdrs/HdrHeap.cc
index 0de45b2..0a8831f 100644
--- a/proxy/hdrs/HdrHeap.cc
+++ b/proxy/hdrs/HdrHeap.cc
@@ -1117,6 +1117,24 @@ HdrHeap::dump_heap(int len)
fprintf(stderr, "\n-- End header heap dump ---\n");
}
+uint64_t
+HdrHeap::total_used_size() const
+{
+ uint64_t size= 0;
+ const HdrHeap *h = this;
+
+ while (h) {
+size += (h->m_free_start - h->m_data_start);
+h = h->m_next;
+ }
+
+ return size;
+}
+
+//
+// HdrStrHeap
+//
+
void
HdrStrHeap::free()
{
diff --git a/proxy/hdrs/HdrHeap.h b/proxy/hdrs/HdrHeap.h
index faa8c48..4268768 100644
--- a/proxy/hdrs/HdrHeap.h
+++ b/proxy/hdrs/HdrHeap.h
@@ -266,6 +266,8 @@ public:
size_t required_space_for_evacuation();
bool attach_str_heap(char *h_start, int h_len, RefCountObj *h_ref_obj, int
*index);
+ uint64_t total_used_size() const;
+
/** Struct to prevent garbage collection on heaps.
This bumps the reference count to the heap containing the pointer
while the instance of this class exists. When it goes out of scope
diff --git a/proxy/http2/HPACK.cc b/proxy/http2/HPACK.cc
index 1c45d1e..80b4c06 100644
--- a/proxy/http2/HPACK.cc
+++ b/proxy/http2/HPACK.cc
@@ -166,6 +166,21 @@ static const StaticTable STATIC_TABLE[] = {{"", ""},
{"via", ""},
{"www-authenticate", ""}};
+/**
+ Threshold for total HdrHeap size which used by HPAK Dynamic Table.
+ The HdrHeap is filled by MIMEHdrImpl and MIMEFieldBlockImpl like below.
+ This threshold allow to allocate 3 HdrHeap at maximum.
+
+ +--+-+
+ HdrHeap 1 (2048): | MIMEHdrImpl(592) | MIMEFieldBlockImpl(528) x 2 |
+ +--+-+--...--+
+ HdrHeap 2 (4096): | MIMEFieldBlockImpl(528) x 7|
+
++--...--+--...--+
+ HdrHeap 3 (8192): | MIMEFieldBlockImpl(528) x 15
|
+
++--...--+--...--+
+*/
+static constexpr uint32_t HPACK_HDR_HEAP_THRESHOLD = sizeof(MIMEHdrImpl) +
sizeof(MIMEFieldBlockImpl) * (2 + 7 + 15);
+
/**
* Local functions
**/
@@ -318,10 +333,28 @@ HpackIndexingTable::update_maximum_size(uint32_t new_size)
return _dynamic_table->update_maximum_size(new_size);
}
+//
+// HpackDynamicTable
+//
+HpackDynamicTable::~HpackDynamicTable()
+{
+ this->_headers.clear();
+
+ this->_mhdr->fields_clear();
+ this->_mhdr->destroy();
+ delete this->_mhdr;
+
+ if (this->_mhdr_old != nullptr) {
+this->_mhdr_old->fields_clear();
+this->_mhdr_old->destroy();
+delete this->_mhdr_old;
+ }
+}
+
const MIMEField *
HpackDynamicTable::get_header_field(uint32_t index) const
{
- return _headers.at(index);
+ return this->_headers.at(this->_headers.size() - index - 1);
}
void
@@ -337,28 +370,18 @@ HpackDynamicTable::add_header_field(const MIMEField
*field)
// It is not an error to attempt to add an entry that is larger than
// the
[trafficserver] branch 8.1.x updated: Revert "Move websocket upgrade later in state machine"
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 23730e9 Revert "Move websocket upgrade later in state machine"
23730e9 is described below
commit 23730e9cf64497e407445e640d7b4903ccd2d4e3
Author: Leif Hedstrom
AuthorDate: Thu Mar 19 14:54:36 2020 -0600
Revert "Move websocket upgrade later in state machine"
This reverts commit ac2f0fdaedefb36a3e5922429251d5dc66ce4362.
---
proxy/http/HttpTransact.cc | 22 +-
1 file changed, 9 insertions(+), 13 deletions(-)
diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index 0534036..2bab304 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -647,14 +647,6 @@ HttpTransact::StartRemapRequest(State *s)
}
TxnDebug("http_trans", "END HttpTransact::StartRemapRequest");
-
- TxnDebug("http_trans", "Checking if transaction wants to upgrade");
- if (handle_upgrade_request(s)) {
-// everything should be handled by the upgrade handler.
-TxnDebug("http_trans", "Transaction will be upgraded by the appropriate
upgrade handler.");
-return;
- }
-
TRANSACT_RETURN(SM_ACTION_API_PRE_REMAP, HttpTransact::PerformRemap);
}
@@ -846,9 +838,6 @@ done:
bool
HttpTransact::handle_upgrade_request(State *s)
{
- HTTPHdr = s->hdr_info.client_request;
- s->method= request.method_get_wksidx();
-
// Quickest way to determine that this is defintely not an upgrade.
/* RFC 6455 The method of the request MUST be GET, and the HTTP version MUST
be at least 1.1. */
@@ -961,7 +950,7 @@ HttpTransact::handle_websocket_upgrade_pre_remap(State *s)
TRANSACT_RETURN(SM_ACTION_SEND_ERROR_CACHE_NOOP, nullptr);
}
- TRANSACT_RETURN(SM_ACTION_API_PRE_REMAP, HttpTransact::PerformRemap);
+ TRANSACT_RETURN(SM_ACTION_API_READ_REQUEST_HDR,
HttpTransact::StartRemapRequest);
}
void
@@ -1006,7 +995,7 @@ HttpTransact::ModifyRequest(State *s)
bootstrap_state_variables_from_request(s, );
- // If there is no scheme, default to http //
+ // If there is no scheme default to http //
URL *url = request.url_get();
@@ -1075,6 +1064,13 @@ HttpTransact::ModifyRequest(State *s)
}
TxnDebug("http_trans", "END HttpTransact::ModifyRequest");
+ TxnDebug("http_trans", "Checking if transaction wants to upgrade");
+
+ if (handle_upgrade_request(s)) {
+// everything should be handled by the upgrade handler.
+TxnDebug("http_trans", "Transaction will be upgraded by the appropriate
upgrade handler.");
+return;
+ }
TRANSACT_RETURN(SM_ACTION_API_READ_REQUEST_HDR,
HttpTransact::StartRemapRequest);
}
[trafficserver] branch 8.1.x updated: Ignore MgmtMessageHdr if ProcessManager is not running
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 005a802 Ignore MgmtMessageHdr if ProcessManager is not running
005a802 is described below
commit 005a80292a487d516cd5fc8f63564e821358f585
Author: Masaori Koshiba
AuthorDate: Wed Oct 23 13:48:17 2019 +0900
Ignore MgmtMessageHdr if ProcessManager is not running
(cherry picked from commit 5936dcdda6d8f6695ce613e6022bf735732ca566)
Conflicts:
mgmt/ProcessManager.cc
---
mgmt/ProcessManager.cc | 5 +
1 file changed, 5 insertions(+)
diff --git a/mgmt/ProcessManager.cc b/mgmt/ProcessManager.cc
index 86fe41c..889a38f 100644
--- a/mgmt/ProcessManager.cc
+++ b/mgmt/ProcessManager.cc
@@ -240,6 +240,11 @@ ProcessManager::signalManager(int msg_id, const char
*data_str)
void
ProcessManager::signalManager(int msg_id, const char *data_raw, int data_len)
{
+ if (!this->running) {
+Warning("MgmtMessageHdr is ignored. Because ProcessManager is not
running");
+return;
+ }
+
MgmtMessageHdr *mh;
mh = (MgmtMessageHdr *)ats_malloc(sizeof(MgmtMessageHdr) +
data_len);
[trafficserver] branch 8.1.x updated: Move websocket upgrade later in state machine
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new ac2f0fd Move websocket upgrade later in state machine
ac2f0fd is described below
commit ac2f0fdaedefb36a3e5922429251d5dc66ce4362
Author: Randall Meyer
AuthorDate: Thu Oct 31 12:31:26 2019 -0700
Move websocket upgrade later in state machine
This allows for hooks to be applied to ws requests
(cherry picked from commit f7afea3d6e2a41ccaf6b866bd5d29e5075b84497)
---
proxy/http/HttpTransact.cc | 22 +-
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index 2bab304..0534036 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -647,6 +647,14 @@ HttpTransact::StartRemapRequest(State *s)
}
TxnDebug("http_trans", "END HttpTransact::StartRemapRequest");
+
+ TxnDebug("http_trans", "Checking if transaction wants to upgrade");
+ if (handle_upgrade_request(s)) {
+// everything should be handled by the upgrade handler.
+TxnDebug("http_trans", "Transaction will be upgraded by the appropriate
upgrade handler.");
+return;
+ }
+
TRANSACT_RETURN(SM_ACTION_API_PRE_REMAP, HttpTransact::PerformRemap);
}
@@ -838,6 +846,9 @@ done:
bool
HttpTransact::handle_upgrade_request(State *s)
{
+ HTTPHdr = s->hdr_info.client_request;
+ s->method= request.method_get_wksidx();
+
// Quickest way to determine that this is defintely not an upgrade.
/* RFC 6455 The method of the request MUST be GET, and the HTTP version MUST
be at least 1.1. */
@@ -950,7 +961,7 @@ HttpTransact::handle_websocket_upgrade_pre_remap(State *s)
TRANSACT_RETURN(SM_ACTION_SEND_ERROR_CACHE_NOOP, nullptr);
}
- TRANSACT_RETURN(SM_ACTION_API_READ_REQUEST_HDR,
HttpTransact::StartRemapRequest);
+ TRANSACT_RETURN(SM_ACTION_API_PRE_REMAP, HttpTransact::PerformRemap);
}
void
@@ -995,7 +1006,7 @@ HttpTransact::ModifyRequest(State *s)
bootstrap_state_variables_from_request(s, );
- // If there is no scheme default to http //
+ // If there is no scheme, default to http //
URL *url = request.url_get();
@@ -1064,13 +1075,6 @@ HttpTransact::ModifyRequest(State *s)
}
TxnDebug("http_trans", "END HttpTransact::ModifyRequest");
- TxnDebug("http_trans", "Checking if transaction wants to upgrade");
-
- if (handle_upgrade_request(s)) {
-// everything should be handled by the upgrade handler.
-TxnDebug("http_trans", "Transaction will be upgraded by the appropriate
upgrade handler.");
-return;
- }
TRANSACT_RETURN(SM_ACTION_API_READ_REQUEST_HDR,
HttpTransact::StartRemapRequest);
}
[trafficserver] branch 8.1.x updated: Change HTTP/2 error rate log to warning
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 086b1fc Change HTTP/2 error rate log to warning
086b1fc is described below
commit 086b1fc81ce1d0a00f46cf607b95100ed8955491
Author: Masaori Koshiba
AuthorDate: Wed Dec 18 08:02:34 2019 +0900
Change HTTP/2 error rate log to warning
(cherry picked from commit 2d13010119b923d674f9bab555f1c49e00f1d29a)
---
proxy/http2/Http2ClientSession.cc | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/proxy/http2/Http2ClientSession.cc
b/proxy/http2/Http2ClientSession.cc
index 8b68db3..cddc4ec 100644
--- a/proxy/http2/Http2ClientSession.cc
+++ b/proxy/http2/Http2ClientSession.cc
@@ -387,9 +387,9 @@ Http2ClientSession::main_event_handler(int event, void
*edata)
Http2::stream_error_rate_threshold) { // For a case many stream
errors happened
ip_port_text_buffer ipb;
const char *client_ip = ats_ip_ntop(get_client_addr(), ipb, sizeof(ipb));
- Error("HTTP/2 session error client_ip=%s session_id=%" PRId64
-" closing a connection, because its stream error rate (%f)
exceeded the threshold (%f)",
-client_ip, connection_id(),
this->connection_state.get_stream_error_rate(),
Http2::stream_error_rate_threshold);
+ Warning("HTTP/2 session error client_ip=%s session_id=%" PRId64
+ " closing a connection, because its stream error rate (%f)
exceeded the threshold (%f)",
+ client_ip, connection_id(),
this->connection_state.get_stream_error_rate(),
Http2::stream_error_rate_threshold);
Http2SsnDebug("Preparing for graceful shutdown because of a high stream
error rate");
cause_of_death = Http2SessionCod::HIGH_ERROR_RATE;
this->connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NOT_INITIATED,
Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM);
@@ -566,9 +566,9 @@ Http2ClientSession::state_process_frame_read(int event, VIO
*vio, bool inside_fr
if (this->connection_state.get_stream_error_rate() > std::min(1.0,
Http2::stream_error_rate_threshold * 2.0)) {
ip_port_text_buffer ipb;
const char *client_ip = ats_ip_ntop(get_client_addr(), ipb, sizeof(ipb));
- Error("HTTP/2 session error client_ip=%s session_id=%" PRId64
-" closing a connection, because its stream error rate (%f) is too
high",
-client_ip, connection_id(),
this->connection_state.get_stream_error_rate());
+ Warning("HTTP/2 session error client_ip=%s session_id=%" PRId64
+ " closing a connection, because its stream error rate (%f) is
too high",
+ client_ip, connection_id(),
this->connection_state.get_stream_error_rate());
err = Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM;
}
[trafficserver] branch 8.1.x updated: Adds a missing header field for the tcpinfo log
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new f715552 Adds a missing header field for the tcpinfo log
f715552 is described below
commit f715552a04612d7ac98a9f08b975d749811bc421
Author: Leif Hedstrom
AuthorDate: Sun Apr 7 12:32:31 2019 -0600
Adds a missing header field for the tcpinfo log
(cherry picked from commit b20ba1e2d3d3a76829070ee9802cfc3d9cb1cd09)
---
plugins/tcpinfo/tcpinfo.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plugins/tcpinfo/tcpinfo.cc b/plugins/tcpinfo/tcpinfo.cc
index dccb4c2..588ba34 100644
--- a/plugins/tcpinfo/tcpinfo.cc
+++ b/plugins/tcpinfo/tcpinfo.cc
@@ -57,7 +57,7 @@
static const char *tcpi_headers[] = {
"timestamp event client server rtt",
"timestamp event client server rtt rttvar last_sent last_recv "
- "snd_ssthresh rcv_ssthresh unacked sacked lost retrans fackets all_retrans",
+ "snd_cwnd snd_ssthresh rcv_ssthresh unacked sacked lost retrans fackets
all_retrans",
};
struct Config {
[trafficserver] branch 8.1.x updated: Normalize on negative value for milsetone metrics
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 6a4c02e Normalize on negative value for milsetone metrics
6a4c02e is described below
commit 6a4c02e63460c5ea8f81ea0b2641b6205fac575d
Author: Leif Hedstrom
AuthorDate: Wed Apr 3 14:40:11 2019 -0600
Normalize on negative value for milsetone metrics
Rather than giving (now) arbitrary negative value, or zero as it
was before, we now return -1 as an indicator that this metric does
not have a sensible value semantically.
(cherry picked from commit eb8cd942a950a99dc2210476e962f6d0bf55d5a2)
---
proxy/logging/LogAccess.cc | 20 ++--
1 file changed, 6 insertions(+), 14 deletions(-)
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index 69433fe..7f8388a 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -2198,9 +2198,7 @@ int
LogAccess::marshal_server_resp_time_ms(char *buf)
{
if (buf) {
-ink_hrtime elapsed = m_http_sm->milestones[TS_MILESTONE_SERVER_CLOSE] -
m_http_sm->milestones[TS_MILESTONE_SERVER_CONNECT];
-int64_t val= (int64_t)ink_hrtime_to_msec(elapsed);
-marshal_int(buf, val);
+marshal_int(buf,
m_http_sm->milestones.difference_msec(TS_MILESTONE_SERVER_CONNECT,
TS_MILESTONE_SERVER_CLOSE));
}
return INK_MIN_ALIGN;
}
@@ -2209,9 +2207,8 @@ int
LogAccess::marshal_server_resp_time_s(char *buf)
{
if (buf) {
-ink_hrtime elapsed = m_http_sm->milestones[TS_MILESTONE_SERVER_CLOSE] -
m_http_sm->milestones[TS_MILESTONE_SERVER_CONNECT];
-int64_t val= (int64_t)ink_hrtime_to_sec(elapsed);
-marshal_int(buf, val);
+marshal_int(buf,
+
static_cast(m_http_sm->milestones.difference_sec(TS_MILESTONE_SERVER_CONNECT,
TS_MILESTONE_SERVER_CLOSE)));
}
return INK_MIN_ALIGN;
}
@@ -2394,9 +2391,7 @@ int
LogAccess::marshal_transfer_time_ms(char *buf)
{
if (buf) {
-ink_hrtime elapsed = m_http_sm->milestones[TS_MILESTONE_SM_FINISH] -
m_http_sm->milestones[TS_MILESTONE_SM_START];
-int64_t val= (int64_t)ink_hrtime_to_msec(elapsed);
-marshal_int(buf, val);
+marshal_int(buf,
m_http_sm->milestones.difference_msec(TS_MILESTONE_SM_START,
TS_MILESTONE_SM_FINISH));
}
return INK_MIN_ALIGN;
}
@@ -2405,9 +2400,7 @@ int
LogAccess::marshal_transfer_time_s(char *buf)
{
if (buf) {
-ink_hrtime elapsed = m_http_sm->milestones[TS_MILESTONE_SM_FINISH] -
m_http_sm->milestones[TS_MILESTONE_SM_START];
-int64_t val= (int64_t)ink_hrtime_to_sec(elapsed);
-marshal_int(buf, val);
+marshal_int(buf,
static_cast(m_http_sm->milestones.difference_sec(TS_MILESTONE_SM_START,
TS_MILESTONE_SM_FINISH)));
}
return INK_MIN_ALIGN;
}
@@ -2719,8 +2712,7 @@ int
LogAccess::marshal_milestone_diff(TSMilestonesType ms1, TSMilestonesType ms2,
char *buf)
{
if (buf) {
-ink_hrtime elapsed = m_http_sm->milestones.elapsed(ms2, ms1);
-int64_t val= (int64_t)ink_hrtime_to_msec(elapsed);
+int64_t val = m_http_sm->milestones.difference_msec(ms2, ms1);
marshal_int(buf, val);
}
return INK_MIN_ALIGN;
[trafficserver] branch 8.1.x updated: Correct interpretation of proxy.config.ssl.client.verify.server
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new c1ec5b0 Correct interpretation of
proxy.config.ssl.client.verify.server
c1ec5b0 is described below
commit c1ec5b0fdd9dd3099b46af5c984851ff1ff0f3e3
Author: Susan Hinrichs
AuthorDate: Thu Sep 6 09:25:13 2018 -0500
Correct interpretation of proxy.config.ssl.client.verify.server
(cherry picked from commit 5b8136e335e2bef67194a658b3ea6501d62369d9)
Conflicts:
src/traffic_server/InkAPI.cc
src/traffic_server/InkAPITest.cc
(cherry picked from commit bd24f08b137b054f8d481b6c9629c37de66bfa9d)
---
doc/admin-guide/files/records.config.en.rst | 4 +++-
doc/admin-guide/files/ssl_server_name.yaml.en.rst | 2 ++
doc/developer-guide/api/types/TSOverridableConfigKey.en.rst | 1 -
include/ts/apidefs.h.in | 1 -
iocore/net/SSLNetVConnection.cc | 5 +++--
plugins/lua/ts_lua_http_config.c| 2 --
proxy/http/HttpConfig.cc| 2 --
proxy/http/HttpSM.cc| 10 --
src/traffic_server/InkAPI.cc| 5 -
src/traffic_server/InkAPITest.cc| 1 -
10 files changed, 12 insertions(+), 21 deletions(-)
diff --git a/doc/admin-guide/files/records.config.en.rst
b/doc/admin-guide/files/records.config.en.rst
index d12309e..653503d 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3328,15 +3328,17 @@ Client-Related Configuration
.. ts:cv:: CONFIG proxy.config.ssl.client.verify.server INT 0
:reloadable:
- :overridable:
Configures Traffic Server to verify the origin server certificate
with the Certificate Authority (CA). This configuration takes a value
between 0 to 2.
+ You can override this global setting on a per domain basis in the
ssl_servername.yaml file using the :ref:`verify_origin_server
attribute`.
+
:0: Server Certificate will not be verified
:1: Certificate will be verified and the connection will not be established if
verification fails.
:2: The provided certificate will be verified and the connection will be
established irrespective of the verification result. If verification fails the
name of the server will be logged.
+
.. ts:cv:: CONFIG proxy.config.ssl.client.cert.filename STRING NULL
:overridable:
diff --git a/doc/admin-guide/files/ssl_server_name.yaml.en.rst
b/doc/admin-guide/files/ssl_server_name.yaml.en.rst
index 4aa1ebc..4da0c0f 100644
--- a/doc/admin-guide/files/ssl_server_name.yaml.en.rst
+++ b/doc/admin-guide/files/ssl_server_name.yaml.en.rst
@@ -42,6 +42,8 @@ Each table is a set of key / value pairs that create a
configuration item. This
wildcard entries. To apply an SNI based setting on all the servernames with a
common upper level domain name,
the user needs to enter the fqdn in the configuration with a ``*.`` followed
by the common domain name. (``*.yahoo.com`` for e.g.,).
+.. _override-verify-origin-server:
+
===
==
Key Meaning
===
==
diff --git a/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
b/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
index cb815af..f391d15 100644
--- a/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
+++ b/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
@@ -131,7 +131,6 @@ Enumeration Members
.. c:macro:: TS_CONFIG_SSL_CERT_FILENAME
.. c:macro:: TS_CONFIG_SSL_CERT_FILEPATH
.. c:macro:: TS_CONFIG_PARENT_FAILURES_UPDATE_HOSTDB
- .. c:macro:: TS_CONFIG_SSL_CLIENT_VERIFY_SERVER
.. c:macro:: TS_CONFIG_HTTP_CACHE_ENABLE_DEFAULT_VARY_HEADER
.. c:macro:: TS_CONFIG_HTTP_CACHE_VARY_DEFAULT_TEXT
.. c:macro:: TS_CONFIG_HTTP_CACHE_VARY_DEFAULT_IMAGES
diff --git a/include/ts/apidefs.h.in b/include/ts/apidefs.h.in
index ae68bbd..862ac31 100644
--- a/include/ts/apidefs.h.in
+++ b/include/ts/apidefs.h.in
@@ -752,7 +752,6 @@ typedef enum {
TS_CONFIG_SSL_CERT_FILENAME,
TS_CONFIG_SSL_CERT_FILEPATH,
TS_CONFIG_PARENT_FAILURES_UPDATE_HOSTDB,
- TS_CONFIG_SSL_CLIENT_VERIFY_SERVER,
TS_CONFIG_HTTP_CACHE_ENABLE_DEFAULT_VARY_HEADER,
TS_CONFIG_HTTP_CACHE_VARY_DEFAULT_TEXT,
TS_CONFIG_HTTP_CACHE_VARY_DEFAULT_IMAGES,
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index ce0e9d0..72b6913 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -1054,8 +1054,9 @@
[trafficserver] branch 8.1.x updated: Fix lost pending_actions causing actions on stale objects.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new f791f2e Fix lost pending_actions causing actions on stale objects.
f791f2e is described below
commit f791f2e6eb8af0017b167dabe88fa4a13a1172a3
Author: Susan Hinrichs
AuthorDate: Wed Aug 22 23:50:54 2018 +
Fix lost pending_actions causing actions on stale objects.
(cherry picked from commit 493803c4e26348a9c707320a134709d832f9a182)
Conflicts:
proxy/http/HttpSM.cc
(cherry picked from commit 912000fb764d0df73eacb7077fd3e37eaaf2782d)
---
iocore/net/P_UnixNetVConnection.h | 7 +++
proxy/http/HttpSM.cc | 29 ++---
2 files changed, 29 insertions(+), 7 deletions(-)
diff --git a/iocore/net/P_UnixNetVConnection.h
b/iocore/net/P_UnixNetVConnection.h
index 2900e39..9c1b904 100644
--- a/iocore/net/P_UnixNetVConnection.h
+++ b/iocore/net/P_UnixNetVConnection.h
@@ -155,6 +155,7 @@ public:
void cancel_active_timeout() override;
void cancel_inactivity_timeout() override;
void set_action(Continuation *c) override;
+ const Action *get_action() const;
void add_to_keep_alive_queue() override;
void remove_from_keep_alive_queue() override;
bool add_to_active_queue() override;
@@ -409,6 +410,12 @@ UnixNetVConnection::set_action(Continuation *c)
action_ = c;
}
+TS_INLINE const Action *
+UnixNetVConnection::get_action() const
+{
+ return _;
+}
+
// declarations for local use (within the net module)
void write_to_net(NetHandler *nh, UnixNetVConnection *vc, EThread *thread);
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index de15c13..7e44fbe 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -1707,14 +1707,16 @@ HttpSM::state_http_server_open(int event, void *data)
{
SMDebug("http_track", "entered inside state_http_server_open");
STATE_ENTER(::state_http_server_open, event);
- // TODO decide whether to uncomment after finish testing redirect
- // ink_assert(server_entry == NULL);
- pending_action = nullptr;
+ ink_release_assert(event == EVENT_INTERVAL || event == NET_EVENT_OPEN ||
event == NET_EVENT_OPEN_FAILED ||
+ pending_action == nullptr);
+ if (event != NET_EVENT_OPEN) {
+pending_action = nullptr;
+ }
milestones[TS_MILESTONE_SERVER_CONNECT_END] = Thread::get_hrtime();
HttpServerSession *session;
switch (event) {
- case NET_EVENT_OPEN:
+ case NET_EVENT_OPEN: {
session = (TS_SERVER_SESSION_SHARING_POOL_THREAD ==
t_state.http_config_param->server_session_sharing_pool) ?
THREAD_ALLOC_INIT(httpServerSessionAllocator,
mutex->thread_holding) :
httpServerSessionAllocator.alloc();
@@ -1734,7 +1736,12 @@ HttpSM::state_http_server_open(int event, void *data)
printf("client fd is :%d , server fd is %d\n",vc->con.fd,
server_vc->con.fd); */
session->attach_hostname(t_state.current.server->name);
-session->new_connection(static_cast(data));
+UnixNetVConnection *vc = static_cast(data);
+ink_release_assert(pending_action == nullptr || pending_action ==
vc->get_action());
+pending_action = nullptr;
+
+session->new_connection(vc);
+
session->state = HSS_ACTIVE;
attach_server_session(session);
@@ -1771,6 +1778,7 @@ HttpSM::state_http_server_open(int event, void *data)
}
handle_http_server_open();
return 0;
+ }
case EVENT_INTERVAL: // Delayed call from another thread
if (server_session == nullptr) {
do_http_server_open();
@@ -1803,6 +1811,9 @@ HttpSM::state_http_server_open(int event, void *data)
HTTP_INCREMENT_DYN_STAT(http_origin_connections_throttled_stat);
send_origin_throttled_response();
} else {
+ // Go ahead and release the failed server session. Since it didn't
receive a response, the release logic will
+ // see that it didn't get a valid response and it will close it rather
than returning it to the server session pool
+ release_server_session();
call_transact_and_set_next_state(HttpTransact::HandleResponse);
}
return 0;
@@ -2289,6 +2300,7 @@ HttpSM::state_hostdb_reverse_lookup(int event, void *data)
int
HttpSM::state_mark_os_down(int event, void *data)
{
+ STATE_ENTER(::state_mark_os_down, event);
HostDBInfo *mark_down = nullptr;
if (event == EVENT_HOST_DB_LOOKUP && data) {
@@ -5381,7 +5393,7 @@ HttpSM::handle_http_server_open()
(t_state.hdr_info.request_content_length > 0 ||
t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING) &&
do_post_transform_open()) {
do_setup_post_tunnel(HTTP_TRANSFORM_VC);
- } else {
+ } else if (server_session != nullptr) {
setup_server_send_request_api();
}
}
@@ -6848,7 +6860,10 @@ HttpSM::kill_this()
[trafficserver] branch 8.1.x updated: Update documentation for SSL VERIFY hooks.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new d7357cd Update documentation for SSL VERIFY hooks.
d7357cd is described below
commit d7357cd7f87d21ff12b2b8b1c9633935d14641ff
Author: Susan Hinrichs
AuthorDate: Wed Oct 10 16:13:51 2018 -0500
Update documentation for SSL VERIFY hooks.
(cherry picked from commit 458bb1f2c4c2917e103701acddf9ea1aab462105)
(cherry picked from commit 4734a95426243bc18e48fe42077ef441de30dc0f)
---
doc/developer-guide/api/types/TSHttpHookID.en.rst | 2 ++
.../hooks-and-transactions/ssl-hooks.en.rst| 27 ++
include/ts/apidefs.h.in| 2 ++
iocore/net/SSLClientUtils.cc | 2 +-
iocore/net/SSLNetVConnection.cc| 6 ++---
proxy/InkAPIInternal.h | 2 +-
proxy/http/HttpDebugNames.cc | 4 ++--
src/traffic_server/InkAPITest.cc | 2 +-
8 files changed, 39 insertions(+), 8 deletions(-)
diff --git a/doc/developer-guide/api/types/TSHttpHookID.en.rst
b/doc/developer-guide/api/types/TSHttpHookID.en.rst
index f03444a..852b672 100644
--- a/doc/developer-guide/api/types/TSHttpHookID.en.rst
+++ b/doc/developer-guide/api/types/TSHttpHookID.en.rst
@@ -82,6 +82,8 @@ Enumeration Members
.. c:macro:: TSHttpHookID TS_SSL_VERIFY_CLIENT_HOOK
+.. c:macro:: TSHttpHookID TS_SSL_VERIFY_SERVER_HOOK
+
.. c:macro:: TSHttpHookID TS_SSL_LAST_HOOK
.. c:macro:: TSHttpHookID TS_HTTP_LAST_HOOK
diff --git
a/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
b/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
index 518d0e8..1fa1a20 100644
--- a/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
+++ b/doc/developer-guide/plugins/hooks-and-transactions/ssl-hooks.en.rst
@@ -84,6 +84,29 @@ handshake processing will not proceed until
:c:func:`TSSslVConnReenable()` is ca
It may be useful to delay the TLS handshake processing if other resources must
be consulted to select or create
a certificate.
+TS_SSL_VERIFY_CLIENT_HOOK
+-
+
+This hook is called when a client connects to Traffic Server and presents a
+client certificate in the case of a mutual TLS handshake. The callback can
+get the SSL object from the TSVConn argument and use that to access the client
+certificate and make any additional checks.
+
+Processing will continue regardless of whether the hook callback executes
+:c:func:`TSSslVConnReenable()` since the openssl implementation does not allow
+for pausing processing during the certificate verify callback.
+
+TS_SSL_VERIFY_SERVER_HOOK
+-
+
+This hooks is called when a Traffic Server connects to an origin and the origin
+presents a certificate. The callback can get the SSL object from the TSVConn
+argument and use that to access the origin certificate and make any additional
checks.
+
+Processing will continue regardless of whether the hook callback executes
+:c:func:`TSSslVConnReenable()` since the openssl implementation does not allow
+for pausing processing during the certificate verify callback.
+
TLS Hook State Diagram
--
@@ -92,9 +115,11 @@ TLS Hook State Diagram
digraph tls_hook_state_diagram{
HANDSHAKE_HOOKS_PRE -> TS_VCONN_START_HOOK;
+ HANDSHAKE_HOOKS_PRE -> TS_SSL_VERIFY_CLIENT_HOOK;
HANDSHAKE_HOOKS_PRE -> TS_SSL_CERT_HOOK;
HANDSHAKE_HOOKS_PRE -> TS_SSL_SERVERNAME_HOOK;
HANDSHAKE_HOOKS_PRE -> HANDSHAKE_HOOKS_DONE;
+ TS_SSL_VERIFY_CLIENT_HOOK -> HANDSHAKE_HOOKS_PRE;
TS_VCONN_START_HOOK -> HANDSHAKE_HOOKS_PRE_INVOKE;
HANDSHAKE_HOOKS_PRE_INVOKE -> TSSslVConnReenable;
TSSslVConnReenable -> HANDSHAKE_HOOKS_PRE;
@@ -110,6 +135,8 @@ TLS Hook State Diagram
HANDSHAKE_HOOKS_DONE -> TS_VCONN_CLOSE_HOOK;
HANDSHAKE_HOOKS_PRE [shape=box];
+ TS_VCONN_START_HOOK [shape=box];
+ TS_SSL_VERIFY_CLIENT_HOOK [shape=box];
HANDSHAKE_HOOKS_PRE_INVOKE [shape=box];
HANDSHAKE_HOOKS_SNI [shape=box];
HANDSHAKE_HOOKS_CERT [shape=box];
diff --git a/include/ts/apidefs.h.in b/include/ts/apidefs.h.in
index 84a1aee..ae68bbd 100644
--- a/include/ts/apidefs.h.in
+++ b/include/ts/apidefs.h.in
@@ -290,6 +290,7 @@ typedef enum {
TS_SSL_CERT_HOOK = TS_SSL_SNI_HOOK,
TS_SSL_SERVERNAME_HOOK,
TS_SSL_SERVER_VERIFY_HOOK,
+ TS_SSL_VERIFY_SERVER_HOOK = TS_SSL_SERVER_VERIFY_HOOK,
TS_SSL_VERIFY_CLIENT_HOOK,
TS_SSL_SESSION_HOOK,
TS_SSL_LAST_HOOK = TS_SSL_SESSION_HOOK,
@@ -462,6 +463,7 @@ typedef enum {
TS_EVENT_SSL_CERT = 60203,
TS_EVENT_SSL_SERVERNAME = 60204,
TS_EVENT_SSL_SERVER_VERIFY_HOOK = 60205,
+ TS_EVENT_SSL_VERIFY_SERVER
[trafficserver] branch 8.1.x updated: Allows logging of negative values
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 6189c9a Allows logging of negative values
6189c9a is described below
commit 6189c9aaf86e5309e80241dce7dbe0c598f55641
Author: Leif Hedstrom
AuthorDate: Wed Mar 27 10:33:35 2019 +0100
Allows logging of negative values
Before, all negative values would be logged as exactly "0".
(cherry picked from commit 0d333ed3b3c08b7270b90a835f721603fa40ddf4)
---
proxy/logging/LogAccess.cc | 22 +-
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index adfa746..69433fe 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -490,23 +490,27 @@ LogAccess::unmarshal_itoa(int64_t val, char *dest, int
field_width, char leading
{
ink_assert(dest != nullptr);
- char *p = dest;
+ char *p = dest;
+ bool negative = false;
- if (val <= 0) {
-*p-- = '0';
-while (dest - p < field_width) {
- *p-- = leading_char;
-}
-return (int)(dest - p);
+ if (val < 0) {
+negative = true;
+val = -val;
}
- while (val) {
+ do {
*p-- = '0' + (val % 10);
val /= 10;
- }
+ } while (val);
+
while (dest - p < field_width) {
*p-- = leading_char;
}
+
+ if (negative) {
+*p-- = '-';
+ }
+
return (int)(dest - p);
}
[trafficserver] branch 8.1.x updated: Adds the log tag cqint for internal requests
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new a31bdd5 Adds the log tag cqint for internal requests
a31bdd5 is described below
commit a31bdd5e50fcaaf049ef03a8aabfa8aaf779e24e
Author: Leif Hedstrom
AuthorDate: Thu Oct 18 17:33:06 2018 -0600
Adds the log tag cqint for internal requests
(cherry picked from commit 0d55280c07bd54a2438c9a9ffc901372b1975c97)
---
doc/admin-guide/logging/formatting.en.rst | 25 +++--
proxy/http/HttpSM.cc | 12 +---
proxy/http/HttpSM.h | 1 +
proxy/logging/Log.cc | 5 +
proxy/logging/LogAccess.cc| 27 ---
proxy/logging/LogAccess.h | 1 +
6 files changed, 39 insertions(+), 32 deletions(-)
diff --git a/doc/admin-guide/logging/formatting.en.rst
b/doc/admin-guide/logging/formatting.en.rst
index fce1edd..3f15da6 100644
--- a/doc/admin-guide/logging/formatting.en.rst
+++ b/doc/admin-guide/logging/formatting.en.rst
@@ -496,20 +496,25 @@ Plugin Details
.. _piid:
.. _pitag:
+.. _cqint:
Logging fields which may be used to obtain details of plugins involved in the
transaction.
-=
-Field Source Description
-=
-piid Proxy Plugin Plugin ID for the current transaction. This is set for
- plugin driven transactions via
- :c:func:`TSHttpConnectWithPluginId`.
-pitag Proxy Plugin Plugin tag for the current transaction. This is set for
- plugin driven transactions via
- :c:func:`TSHttpConnectWithPluginId`.
-=
+=
+Field Source Description
+=
+piid Proxy Plugin Plugin ID for the current transaction. This is set for
+ plugin driven transactions via
+ :c:func:`TSHttpConnectWithPluginId`.
+pitag Proxy Plugin Plugin tag for the current transaction. This is set for
+ plugin driven transactions via
+ :c:func:`TSHttpConnectWithPluginId`.
+cqint Client Request If a request was generated internally (via a plugin),
then
+ this has a value of ``1``, otherwise ``0``. This can be
+ useful when tracking internal only requests, such as
those
+ generated by the ``authproxy`` plugin.
+=
.. _admin-logging-fields-proto:
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 703b88c..de15c13 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -435,10 +435,13 @@ HttpSM::attach_client_session(ProxyClientTransaction
*client_vc, IOBufferReader
_client_transaction_id = ua_txn->get_transaction_id();
{
auto p = ua_txn->get_parent();
+
if (p) {
_client_connection_id = p->connection_id();
}
}
+ // We've already verified that the netvc is !nullptr above, and netvc ==
ua_txn->get_netvc()
+ is_internal = netvc->get_is_internal_request();
// Collect log & stats information
client_tcp_reused = !(ua_txn->is_first_transaction());
@@ -3262,13 +3265,8 @@ HttpSM::tunnel_handler_ua(int event, HttpTunnelConsumer
*c)
// set the ua_txn into half close mode
// only external POSTs should be subject to this logic; ruling out
internal POSTs here
-bool is_eligible_post_request = (t_state.method == HTTP_WKSIDX_POST);
-if (is_eligible_post_request) {
- NetVConnection *vc = ua_txn->get_netvc();
- if (vc) {
-is_eligible_post_request &= !vc->get_is_internal_request();
- }
-}
+bool is_eligible_post_request = ((t_state.method == HTTP_WKSIDX_POST) &&
!is_internal);
+
if ((is_eligible_post_request || t_state.client_info.pipeline_possible ==
true) && c->producer->vc_type != HT_STATIC &&
event == VC_EVENT_WRITE_COMPLETE) {
ua_txn->set_half_close_flag(true);
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index 1f3ac23..b49e203 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -543,6 +543,7 @@ public:
// Info about client's SSL connection.
bool client_ssl_reused = false;
bool client_connection_is_ssl = false;
+ bool is_internal= false;
const char *client_protocol = "-";
const char *client_sec_protocol = "-";
const char
[trafficserver] branch 8.1.x updated: Fix OSCP stapling with dual cert
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 882d48d Fix OSCP stapling with dual cert
882d48d is described below
commit 882d48d4c29a00ee77c1764e6f6d4f0a1eb61f6c
Author: Susan Hinrichs
AuthorDate: Mon Jan 7 21:05:16 2019 +
Fix OSCP stapling with dual cert
(cherry picked from commit 57ecc4b56cbf619d65dd9c860f4df7cf44ca588d)
---
iocore/net/OCSPStapling.cc| 120 ++
iocore/net/SSLNetProcessor.cc | 2 +
2 files changed, 76 insertions(+), 46 deletions(-)
diff --git a/iocore/net/OCSPStapling.cc b/iocore/net/OCSPStapling.cc
index cfcb343..55060be 100644
--- a/iocore/net/OCSPStapling.cc
+++ b/iocore/net/OCSPStapling.cc
@@ -46,25 +46,32 @@ struct certinfo {
time_t expire_time;
};
+/*
+ * In the case of multiple certificates associated with a SSL_CTX, we must
store a map
+ * of cached responses
+ */
+using certinfo_map = std::map;
+
void
-certinfo_free(void * /*parent*/, void *ptr, CRYPTO_EX_DATA * /*ad*/, int
/*idx*/, long /*argl*/, void * /*argp*/)
+certinfo_map_free(void * /*parent*/, void *ptr, CRYPTO_EX_DATA * /*ad*/, int
/*idx*/, long /*argl*/, void * /*argp*/)
{
- certinfo *cinf = (certinfo *)ptr;
+ certinfo_map *map = (certinfo_map *)ptr;
- if (!cinf) {
+ if (!map) {
return;
}
- if (cinf->uri) {
-OPENSSL_free(cinf->uri);
- }
- if (cinf->certname) {
-ats_free(cinf->certname);
- }
- if (cinf->cid) {
-OCSP_CERTID_free(cinf->cid);
+
+ for (certinfo_map::iterator iter = map->begin(); iter != map->end(); ++iter)
{
+if (iter->second->uri) {
+ OPENSSL_free(iter->second->uri);
+}
+if (iter->second->certname) {
+ ats_free(iter->second->certname);
+}
+ink_mutex_destroy(>second->stapling_mutex);
+OPENSSL_free(iter->second);
}
- ink_mutex_destroy(>stapling_mutex);
- OPENSSL_free(cinf);
+ free(map);
}
static int ssl_stapling_index = -1;
@@ -75,7 +82,7 @@ ssl_stapling_ex_init()
if (ssl_stapling_index != -1) {
return;
}
- ssl_stapling_index = SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr,
certinfo_free);
+ ssl_stapling_index = SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr,
certinfo_map_free);
}
static X509 *
@@ -136,7 +143,6 @@ end:
bool
ssl_stapling_init_cert(SSL_CTX *ctx, X509 *cert, const char *certname)
{
- certinfo *cinf;
scoped_X509 issuer;
STACK_OF(OPENSSL_STRING) *aia = nullptr;
@@ -145,15 +151,19 @@ ssl_stapling_init_cert(SSL_CTX *ctx, X509 *cert, const
char *certname)
return false;
}
- cinf = (certinfo *)SSL_CTX_get_ex_data(ctx, ssl_stapling_index);
- if (cinf) {
+ certinfo_map *map = static_cast(SSL_CTX_get_ex_data(ctx,
ssl_stapling_index));
+ if (map && map->find(cert) != map->end()) {
Note("certificate already initialized for %s", certname);
return false;
}
- cinf = (certinfo *)OPENSSL_malloc(sizeof(certinfo));
+ if (!map) {
+map = new certinfo_map;
+ }
+ certinfo *cinf = static_cast(OPENSSL_malloc(sizeof(certinfo)));
if (!cinf) {
Error("error allocating memory for %s", certname);
+delete map;
return false;
}
@@ -190,7 +200,8 @@ ssl_stapling_init_cert(SSL_CTX *ctx, X509 *cert, const char
*certname)
goto err;
}
- SSL_CTX_set_ex_data(ctx, ssl_stapling_index, cinf);
+ map->insert(std::make_pair(cert, cinf));
+ SSL_CTX_set_ex_data(ctx, ssl_stapling_index, map);
Note("successfully initialized stapling for %s into SSL_CTX: %p", certname,
ctx);
return true;
@@ -207,17 +218,21 @@ err:
if (cinf) {
OPENSSL_free(cinf);
}
+ if (map) {
+delete map;
+ }
return false;
}
-static certinfo *
+static certinfo_map *
stapling_get_cert_info(SSL_CTX *ctx)
{
- certinfo *cinf;
+ certinfo_map *map;
- cinf = (certinfo *)SSL_CTX_get_ex_data(ctx, ssl_stapling_index);
- if (cinf && cinf->cid) {
-return cinf;
+ // Only return the map if it contains at least one element with a valid entry
+ map = static_cast(SSL_CTX_get_ex_data(ctx,
ssl_stapling_index));
+ if (map && !map->empty() && map->begin()->second &&
map->begin()->second->cid) {
+return map;
}
return nullptr;
@@ -427,7 +442,6 @@ void
ocsp_update()
{
SSL_CTX *ctx;
- certinfo *cinf = nullptr;
OCSP_RESPONSE *resp = nullptr;
time_t current_time;
@@ -437,22 +451,27 @@ ocsp_update()
for (unsigned i = 0; i < ctxCount; i++) {
SSLCertContext *cc = certLookup->get(i);
if (cc && cc->ctx) {
- ctx = cc->ctx;
- cinf = stapling_get_cert_info(ctx);
- if (cinf) {
-ink_mutex_acquire(>stapling_mutex);
-current_time = time(nullptr);
-if (cinf->resp_derlen == 0 || cinf->is_expire || cinf->expire_time <
current_time) {
- ink_mutex_release(>stapling_mutex);
- if
[trafficserver] branch 8.1.x updated: Use optionally provided hash string for hashing
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 1df4a8d Use optionally provided hash string for hashing
1df4a8d is described below
commit 1df4a8d3e58e9a1b4050501d52d7bbfdecf27850
Author: Vijay Mamidi
AuthorDate: Thu Nov 29 11:40:24 2018 -0700
Use optionally provided hash string for hashing
(cherry picked from commit f22b06f3f7c2aba5b14d8e633b2aefc7a4a14ef7)
---
doc/admin-guide/files/parent.config.en.rst | 8 +++
proxy/ParentSelection.cc | 89 --
proxy/ParentSelection.h| 1 +
3 files changed, 80 insertions(+), 18 deletions(-)
diff --git a/doc/admin-guide/files/parent.config.en.rst
b/doc/admin-guide/files/parent.config.en.rst
index 3a26e95..ca54825 100644
--- a/doc/admin-guide/files/parent.config.en.rst
+++ b/doc/admin-guide/files/parent.config.en.rst
@@ -141,6 +141,14 @@ The following list shows the possible actions and their
allowed values.
parent="p1.x.com:8080|2.0, 192.168.0.3:80|3.0, 192.168.0.4:80|5.0"
+If ``round_robin`` is set to ``consistent_hash``, you may add a ``unique
hash string``
+following the ``weight`` for each parent. The ``hash string`` must start
with ``&``
+ and is used to build both the primary and secondary rings using the
``hash string``
+for each parent insted of the parents ``hostname`` or ``ip address``. This
can be
+useful so that two different hosts may be used to cache the same requests.
Example::
+
+parent="p1.x.com:80|1.0, p2.x.com:80|1.0,
p3.x.com:80|1.0" round_robin=consistent_hash
+
.. _parent-config-format-secondary-parent:
``secondary_parent``
diff --git a/proxy/ParentSelection.cc b/proxy/ParentSelection.cc
index 496146d..692cf6a 100644
--- a/proxy/ParentSelection.cc
+++ b/proxy/ParentSelection.cc
@@ -414,7 +414,7 @@ ParentRecord::ProcessParents(char *val, bool isPrimary)
int numTok = 0;
const char *current = nullptr;
int port= 0;
- char *tmp = nullptr, *tmp2 = nullptr;
+ char *tmp = nullptr, *tmp2 = nullptr, *tmp3 = nullptr;
const char *errPtr = nullptr;
float weight = 1.0;
@@ -467,23 +467,27 @@ ParentRecord::ProcessParents(char *val, bool isPrimary)
}
}
+tmp3 = (char *)strchr(current, '&');
+
// Make sure that is no garbage beyond the parent
-// port or weight
-char *scan;
-if (tmp2) {
- scan = tmp2 + 1;
-} else {
- scan = tmp + 1;
-}
-for (; *scan != '\0' && (ParseRules::is_digit(*scan) || *scan == '.');
scan++) {
- ;
-}
-for (; *scan != '\0' && ParseRules::is_wslfcr(*scan); scan++) {
- ;
-}
-if (*scan != '\0') {
- errPtr = "Garbage trailing entry or invalid separator";
- goto MERROR;
+// port or weight
+if (!tmp3) {
+ char *scan;
+ if (tmp2) {
+scan = tmp2 + 1;
+ } else {
+scan = tmp + 1;
+ }
+ for (; *scan != '\0' && (ParseRules::is_digit(*scan) || *scan == '.');
scan++) {
+;
+ }
+ for (; *scan != '\0' && ParseRules::is_wslfcr(*scan); scan++) {
+;
+ }
+ if (*scan != '\0') {
+errPtr = "Garbage trailing entry or invalid separator";
+goto MERROR;
+ }
}
// Check to make sure that the string will fit in the
// pRecord
@@ -506,6 +510,10 @@ ParentRecord::ProcessParents(char *val, bool isPrimary)
this->parents[i].name= this->parents[i].hostname;
this->parents[i].available = true;
this->parents[i].weight = weight;
+ if (tmp3) {
+memcpy(this->parents[i].hash_string, tmp3 + 1, strlen(tmp3));
+this->parents[i].name = this->parents[i].hash_string;
+ }
hs.createHostStat(this->parents[i].hostname);
} else {
memcpy(this->secondary_parents[i].hostname, current, tmp - current);
@@ -518,8 +526,13 @@ ParentRecord::ProcessParents(char *val, bool isPrimary)
this->secondary_parents[i].name=
this->secondary_parents[i].hostname;
this->secondary_parents[i].available = true;
this->secondary_parents[i].weight = weight;
+ if (tmp3) {
+memcpy(this->secondary_parents[i].hash_string, tmp3 + 1, strlen(tmp3));
+this->secondary_parents[i].name =
this->secondary_parents[i].hash_string;
+ }
hs.createHostStat(this->secondary_parents[i].hostname);
}
+tmp3 = nullptr;
}
if (isPrimary) {
@@ -804,7 +817,7 @@ ParentRecord::Print()
{
printf("\t\t");
for (int i = 0; i < num_parents; i++) {
-printf(" %s:%d ", parents[i].hostname, parents[i].port);
+printf(" %s:%d|%f&%s ", parents[i].hostname, parents[i].port,
parents[i].weight, parents[i].name);
}
[trafficserver] branch 8.1.x updated: lua plugin: add support for relative path scripts; moves inline script to switch
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new 72e582d lua plugin: add support for relative path scripts; moves
inline script to switch
72e582d is described below
commit 72e582d3de630008641e7849f7cd42b11f6f081b
Author: Randall Meyer
AuthorDate: Mon Feb 4 12:47:10 2019 -0800
lua plugin: add support for relative path scripts; moves inline script to
switch
To use inline scripts, prefix with --inline;
eg:
@plugin=tslua.so @pparam=--states=4 @pparam=--inline=print(123)
(cherry picked from commit 21c82cf370a5c4c53ebdde23f161af3485b95aa8)
---
plugins/lua/ts_lua.c | 39 +++
plugins/lua/ts_lua_util.c | 2 +-
2 files changed, 28 insertions(+), 13 deletions(-)
diff --git a/plugins/lua/ts_lua.c b/plugins/lua/ts_lua.c
index 0d8af2c..5aef7b5 100644
--- a/plugins/lua/ts_lua.c
+++ b/plugins/lua/ts_lua.c
@@ -63,11 +63,14 @@ TSRemapInit(TSRemapInterface *api_info, char *errbuf, int
errbuf_size)
TSReturnCode
TSRemapNewInstance(int argc, char *argv[], void **ih, char *errbuf, int
errbuf_size)
{
- int fn;
int ret;
+ char script[TS_LUA_MAX_SCRIPT_FNAME_LENGTH];
+ char *inline_script = "";
+ int fn = 0;
int states = TS_LUA_MAX_STATE_COUNT;
static const struct option longopt[] = {
{"states", required_argument, 0, 's'},
+{"inline", required_argument, 0, 'i'},
{0, 0, 0, 0},
};
@@ -84,6 +87,8 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char
*errbuf, int errbuf_s
TSDebug(TS_LUA_DEBUG_TAG, "[%s] setting number of lua VM [%d]",
__FUNCTION__, states);
// set state
break;
+case 'i':
+ inline_script = optarg;
}
if (opt == -1) {
@@ -97,17 +102,24 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char
*errbuf, int errbuf_s
return TS_ERROR;
}
- if (argc - optind < 1) {
+ if (argc - optind > 0) {
+fn = 1;
+if (argv[optind][0] == '/') {
+ snprintf(script, sizeof(script), "%s", argv[optind]);
+} else {
+ snprintf(script, sizeof(script), "%s/%s", TSConfigDirGet(),
argv[optind]);
+}
+ }
+
+ if (strlen(inline_script) == 0 && argc - optind < 1) {
strncpy(errbuf, "[TSRemapNewInstance] - lua script file or string is
required !!", errbuf_size - 1);
errbuf[errbuf_size - 1] = '\0';
return TS_ERROR;
}
- fn = 1;
-
- if (argv[optind][0] != '/') {
-fn = 0;
- } else if (strlen(argv[optind]) >= TS_LUA_MAX_SCRIPT_FNAME_LENGTH - 16) {
+ if (strlen(script) >= TS_LUA_MAX_SCRIPT_FNAME_LENGTH - 16) {
+strncpy(errbuf, "[TSRemapNewInstance] - lua script file name too long !!",
errbuf_size - 1);
+errbuf[errbuf_size - 1] = '\0';
return TS_ERROR;
}
@@ -116,8 +128,7 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char
*errbuf, int errbuf_s
// check to make sure it is a lua file and there is no parameter for the lua
file
if (fn && (argc - optind < 2)) {
TSDebug(TS_LUA_DEBUG_TAG, "[%s] checking if script has been registered",
__FUNCTION__);
-char script[TS_LUA_MAX_SCRIPT_FNAME_LENGTH];
-snprintf(script, TS_LUA_MAX_SCRIPT_FNAME_LENGTH, "%s", argv[optind]);
+
// we only need to check the first lua VM for script registration
conf = ts_lua_script_registered(ts_lua_main_ctx_array[0].lua, script);
}
@@ -138,9 +149,9 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char
*errbuf, int errbuf_s
conf->init_func = 0;
if (fn) {
- snprintf(conf->script, TS_LUA_MAX_SCRIPT_FNAME_LENGTH, "%s",
argv[optind]);
+ snprintf(conf->script, TS_LUA_MAX_SCRIPT_FNAME_LENGTH, "%s", script);
} else {
- conf->content = argv[optind];
+ conf->content = inline_script;
}
ts_lua_init_instance(conf);
@@ -508,7 +519,11 @@ TSPluginInit(int argc, const char *argv[])
conf->remap = 0;
conf->states = states;
- snprintf(conf->script, TS_LUA_MAX_SCRIPT_FNAME_LENGTH, "%s", argv[optind]);
+ if (argv[optind][0] == '/') {
+snprintf(conf->script, TS_LUA_MAX_SCRIPT_FNAME_LENGTH, "%s", argv[optind]);
+ } else {
+snprintf(conf->script, TS_LUA_MAX_SCRIPT_FNAME_LENGTH, "%s/%s",
TSConfigDirGet(), argv[optind]);
+ }
ts_lua_init_instance(conf);
diff --git a/plugins/lua/ts_lua_util.c b/plugins/lua/ts_lua_util.c
index b72b076..34d2b1e 100644
--- a/plugins/lua/ts_lua_util.c
+++ b/plugins/lua/ts_lua_util.c
@@ -201,7 +201,7 @@ ts_lua_add_module(ts_lua_instance_conf *conf,
ts_lua_main_ctx *arr, int n, int a
if (conf->content) {
if (luaL_loadstring(L, conf->content)) {
-snprintf(errbuf, errbuf_size, "[%s] luaL_loadstring %s failed: %s",
__FUNCTION__, conf->script, lua_tostring(L, -1));
+snprintf(errbuf, errbuf_size, "[%s]
[trafficserver] branch 8.1.x updated: Allow enabling MPTCP on a listening socket through the records.config
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.1.x by this push:
new eec4c9e Allow enabling MPTCP on a listening socket through the
records.config
eec4c9e is described below
commit eec4c9e1a8b6fea73f2ecfa923070d4fc0b09476
Author: Christoph Paasch
AuthorDate: Tue Aug 28 15:52:20 2018 -0700
Allow enabling MPTCP on a listening socket through the records.config
(cherry picked from commit 2755a80a8c55866591f20345ea5e275084fc4e03)
---
doc/admin-guide/files/records.config.en.rst | 6 ++
lib/records/I_RecHttp.h | 3 +++
lib/records/RecHttp.cc | 31 -
mgmt/LocalManager.cc| 23 +
4 files changed, 62 insertions(+), 1 deletion(-)
diff --git a/doc/admin-guide/files/records.config.en.rst
b/doc/admin-guide/files/records.config.en.rst
index 0213466..d12309e 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -614,6 +614,7 @@ HTTP Engine
tr-in Inbound transparent.
tr-out Outbound transparent.
tr-pass Pass through enabled.
+ mptcp Multipath TCP.
=== ===
*number*
@@ -685,6 +686,11 @@ ip-resolve
Not compatible with: ``tr-out`` - this option requires a value of
``client;none`` which is forced and should not be explicitly specified.
+mptcp
+ Enable Multipath TCP on this proxy port.
+
+ Requires custom Linux kernel available at https://multipath-tcp.org.
+
.. topic:: Example
Listen on port 80 on any address for IPv4 and IPv6.::
diff --git a/lib/records/I_RecHttp.h b/lib/records/I_RecHttp.h
index df3672e..1c95ef7 100644
--- a/lib/records/I_RecHttp.h
+++ b/lib/records/I_RecHttp.h
@@ -253,6 +253,8 @@ public:
bool m_outbound_transparent_p;
// True if transparent pass-through is enabled on this port.
bool m_transparent_passthrough;
+ /// True if MPTCP is enabled on this port.
+ bool m_mptcp;
/// Local address for inbound connections (listen address).
IpAddr m_inbound_ip;
/// Local address for outbound connections (to origin server).
@@ -404,6 +406,7 @@ public:
static const char *const OPT_COMPRESSED; ///< Compressed.
static const char *const OPT_HOST_RES_PREFIX; ///< Set DNS family
preference.
static const char *const OPT_PROTO_PREFIX;///< Transport layer
protocols.
+ static const char *const OPT_MPTCP; ///< MPTCP.
static std::vector _global; ///< Global ("default") data.
diff --git a/lib/records/RecHttp.cc b/lib/records/RecHttp.cc
index abb1439..f3e5039 100644
--- a/lib/records/RecHttp.cc
+++ b/lib/records/RecHttp.cc
@@ -25,6 +25,7 @@
#include
#include "tscore/ink_defs.h"
#include "tscore/ink_hash_table.h"
+#include "tscore/TextBuffer.h"
#include "tscore/Tokenizer.h"
#include
#include "tscore/ink_inet.h"
@@ -71,6 +72,22 @@ SessionProtocolSet HTTP2_PROTOCOL_SET;
SessionProtocolSet DEFAULT_NON_TLS_SESSION_PROTOCOL_SET;
SessionProtocolSet DEFAULT_TLS_SESSION_PROTOCOL_SET;
+static bool
+mptcp_supported()
+{
+ ats_scoped_fd fd(::open("/proc/sys/net/mptcp/mptcp_enabled", O_RDONLY));
+ int value = 0;
+
+ if (fd) {
+TextBuffer buffer(16);
+
+buffer.slurp(fd.get());
+value = atoi(buffer.bufPtr());
+ }
+
+ return value != 0;
+}
+
void
RecHttpLoadIp(const char *value_name, IpAddr , IpAddr )
{
@@ -156,6 +173,7 @@ const char *const HttpProxyPort::OPT_PROXY_PROTO
= "pp";
const char *const HttpProxyPort::OPT_PLUGIN = "plugin";
const char *const HttpProxyPort::OPT_BLIND_TUNNEL= "blind";
const char *const HttpProxyPort::OPT_COMPRESSED = "compressed";
+const char *const HttpProxyPort::OPT_MPTCP = "mptcp";
// File local constants.
namespace
@@ -187,7 +205,8 @@ HttpProxyPort::HttpProxyPort()
m_proxy_protocol(false),
m_inbound_transparent_p(false),
m_outbound_transparent_p(false),
-m_transparent_passthrough(false)
+m_transparent_passthrough(false),
+m_mptcp(false)
{
memcpy(m_host_res_preference, host_res_default_preference_order,
sizeof(m_host_res_preference));
}
@@ -393,6 +412,12 @@ HttpProxyPort::processOptions(const char *opts)
#else
Warning("Transparent pass-through requested [%s] in port descriptor '%s'
but TPROXY was not configured.", item, opts);
#endif
+} else if (0 == strcasecmp(OPT_MPTCP, item)) {
+ if (mptcp_supported()) {
+m_mptcp = true;
+ } else {
+Warning("Multipath TCP requested [%s] in port descriptor '%s' but it
is not supported by this host.", item, opts);
+ }
} else if (nullptr != (value =
[trafficserver] 01/02: proxy.config.http.connect_attempts_timeout tracks TTBF instead of connect
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 58459ab9dc4390144f386798a73555863a620c45
Author: Susan Hinrichs
AuthorDate: Fri Jul 27 22:01:23 2018 +
proxy.config.http.connect_attempts_timeout tracks TTBF instead of connect
(cherry picked from commit 9b47aa6799db12fd302ea58e3ae0ba8485fd0bbe)
---
iocore/net/I_NetProcessor.h | 23
iocore/net/P_SSLNetVConnection.h | 10
iocore/net/P_UnixNetVConnection.h | 6 ++
iocore/net/UnixNetProcessor.cc| 116 --
iocore/net/UnixNetVConnection.cc | 7 +++
proxy/http/HttpSM.cc | 52 -
6 files changed, 48 insertions(+), 166 deletions(-)
diff --git a/iocore/net/I_NetProcessor.h b/iocore/net/I_NetProcessor.h
index 03934ec..b8dee4e 100644
--- a/iocore/net/I_NetProcessor.h
+++ b/iocore/net/I_NetProcessor.h
@@ -170,8 +170,6 @@ public:
call back with success. If this behaviour is desired use
synchronous connect connet_s method.
-@see connect_s()
-
@param cont Continuation to be called back with events.
@param addr target address and port to connect to.
@param options @see NetVCOptions.
@@ -181,27 +179,6 @@ public:
inkcoreapi Action *connect_re(Continuation *cont, sockaddr const *addr,
NetVCOptions *options = nullptr);
/**
-Open a NetVConnection for connection oriented I/O. This call
-is simliar to connect method except that the cont is called
-back only after the connections has been established. In the
-case of connect the cont could be called back with NET_EVENT_OPEN
-event and OS could still be in the process of establishing the
-connection. Re-entrant Callbacks: same as connect. If unix
-asynchronous type connect is desired use connect_re().
-
-@param cont Continuation to be called back with events.
-@param addr Address to which to connect (includes port).
-@param timeout for connect, the cont will get NET_EVENT_OPEN_FAILED
- if connection could not be established for timeout msecs. The
- default is 30 secs.
-@param options @see NetVCOptions.
-
-@see connect_re()
-
- */
- Action *connect_s(Continuation *cont, sockaddr const *addr, int timeout =
NET_CONNECT_TIMEOUT, NetVCOptions *opts = nullptr);
-
- /**
Initializes the net processor. This must be called before the event
threads are started.
*/
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index 66505fd..ff7a801 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -101,6 +101,16 @@ public:
}
bool
+ trackFirstHandshake() override
+ {
+bool retval = sslHandshakeBeginTime == 0;
+if (retval) {
+ sslHandshakeBeginTime = Thread::get_hrtime();
+}
+return retval;
+ }
+
+ bool
getSSLHandShakeComplete() const override
{
return sslHandShakeComplete;
diff --git a/iocore/net/P_UnixNetVConnection.h
b/iocore/net/P_UnixNetVConnection.h
index d258e7c..2900e39 100644
--- a/iocore/net/P_UnixNetVConnection.h
+++ b/iocore/net/P_UnixNetVConnection.h
@@ -206,6 +206,12 @@ public:
return (true);
}
+ virtual bool
+ trackFirstHandshake()
+ {
+return false;
+ }
+
virtual void net_read_io(NetHandler *nh, EThread *lthread);
virtual int64_t load_buffer_and_write(int64_t towrite, MIOBufferAccessor
, int64_t _written, int );
void readDisable(NetHandler *nh);
diff --git a/iocore/net/UnixNetProcessor.cc b/iocore/net/UnixNetProcessor.cc
index 589c843..653ca5c 100644
--- a/iocore/net/UnixNetProcessor.cc
+++ b/iocore/net/UnixNetProcessor.cc
@@ -305,122 +305,6 @@ UnixNetProcessor::connect(Continuation *cont,
UnixNetVConnection ** /* avc */, s
return connect_re(cont, target, opt);
}
-struct CheckConnect : public Continuation {
- UnixNetVConnection *vc;
- Action action_;
- MIOBuffer *buf;
- IOBufferReader *reader;
- int connect_status;
- int recursion;
- ink_hrtime timeout;
-
- int
- handle_connect(int event, Event *e)
- {
-connect_status = event;
-switch (event) {
-case NET_EVENT_OPEN:
- vc = (UnixNetVConnection *)e;
- Debug("iocore_net_connect", "connect Net open");
- vc->do_io_write(this, 10, /* some non-zero number just to get the poll
going */
- reader);
- /* dont wait for more than timeout secs */
- vc->set_inactivity_timeout(timeout);
- return EVENT_CONT;
- break;
-
-case NET_EVENT_OPEN_FAILED:
- Debug("iocore_net_connect", "connect Net open failed");
- if (!action_.cancelled) {
-action_.continuation->handleEvent(NET_EVENT_OPEN_FAILED, (void *)e);
- }
- break;
-
-case VC_EVENT_WRITE_READY:
- int sl, ret;
- socklen_t sz;
- if (!action_.cancelled) {
-sz = sizeof(int);
-ret = getsockopt(vc->con.fd,
[trafficserver] branch 8.1.x updated (67b141a -> b88709e)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a change to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 67b141a Fixed use after free when running regression under ASAN new 58459ab proxy.config.http.connect_attempts_timeout tracks TTBF instead of connect new b88709e Fix no_activity timeout for server session reuse. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: iocore/net/I_NetProcessor.h | 23 iocore/net/P_SSLNetVConnection.h | 10 iocore/net/P_UnixNetVConnection.h | 6 ++ iocore/net/UnixNetProcessor.cc| 116 -- iocore/net/UnixNetVConnection.cc | 7 +++ proxy/http/HttpSM.cc | 59 ++- 6 files changed, 55 insertions(+), 166 deletions(-)
[trafficserver] 02/02: Fix no_activity timeout for server session reuse.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit b88709e58f5a849d3a19f88a5c7c092ba7613a6a
Author: Susan Hinrichs
AuthorDate: Fri Aug 9 20:27:49 2019 +
Fix no_activity timeout for server session reuse.
(cherry picked from commit 924c8f9f70a9d30d70f4b130a43af82b79c90eda)
---
proxy/http/HttpSM.cc | 7 +++
1 file changed, 7 insertions(+)
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index a54238a..703b88c 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -6000,6 +6000,13 @@ HttpSM::setup_server_send_request()
milestones[TS_MILESTONE_SERVER_BEGIN_WRITE] = Thread::get_hrtime();
server_entry->write_vio =
server_entry->vc->do_io_write(this, hdr_length, buf_start);
+
+ // Make sure the VC is using correct timeouts. We may be reusing a
previously used server session
+ if (t_state.api_txn_no_activity_timeout_value != -1) {
+
server_session->get_netvc()->set_inactivity_timeout(HRTIME_MSECONDS(t_state.api_txn_no_activity_timeout_value));
+ } else {
+
server_session->get_netvc()->set_inactivity_timeout(HRTIME_SECONDS(t_state.txn_conf->transaction_no_activity_timeout_out));
+ }
}
void
