[trafficserver] branch master updated: set sni_name with remapped origin name if sni_policy is not the default value (#6898)
This is an automated email from the ASF dual-hosted git repository. sudheerv pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 6f564de set sni_name with remapped origin name if sni_policy is not the default value (#6898) 6f564de is described below commit 6f564de71cda287b5b79b89d1c8c327a24ba5472 Author: Xin Li <33378623+whut...@users.noreply.github.com> AuthorDate: Mon Jun 15 18:59:49 2020 -0700 set sni_name with remapped origin name if sni_policy is not the default value (#6898) Co-authored-by: xinli1 --- proxy/http/HttpSM.cc | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 4c308b6..96c6b32 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -4800,11 +4800,13 @@ HttpSM::get_outbound_sni() const { const char *sni_name = nullptr; size_t len = 0; - if (t_state.txn_conf->ssl_client_sni_policy != nullptr && !strcmp(t_state.txn_conf->ssl_client_sni_policy, "remap")) { + if (t_state.txn_conf->ssl_client_sni_policy == nullptr || !strcmp(t_state.txn_conf->ssl_client_sni_policy, "host")) { +// By default the host header field value is used for the SNI. +sni_name = t_state.hdr_info.server_request.host_get(reinterpret_cast()); + } else { +// If other is specified, like "remap" and "verify_with_name_source", the remapped origin name is used for the SNI value len = strlen(t_state.server_info.name); sni_name = t_state.server_info.name; - } else { // Do the default of host header for SNI -sni_name = t_state.hdr_info.server_request.host_get(reinterpret_cast()); } return std::string_view(sni_name, len); }
[trafficserver] branch master updated: Make h2spec test more resiliant by extending timeout (#6891)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new bbe03bb Make h2spec test more resiliant by extending timeout (#6891) bbe03bb is described below commit bbe03bbf645492e595f9a872ae2e7e22afeedce2 Author: Susan Hinrichs AuthorDate: Mon Jun 15 20:58:16 2020 -0500 Make h2spec test more resiliant by extending timeout (#6891) Co-authored-by: Susan Hinrichs --- tests/gold_tests/h2/h2spec.test.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/gold_tests/h2/h2spec.test.py b/tests/gold_tests/h2/h2spec.test.py index 5c9e3d6..1c1f2a6 100644 --- a/tests/gold_tests/h2/h2spec.test.py +++ b/tests/gold_tests/h2/h2spec.test.py @@ -53,8 +53,8 @@ ts.Disk.records_config.update({ 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir), 'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir), 'proxy.config.ssl.client.verify.server': 0, -'proxy.config.diags.debug.enabled': 1, -'proxy.config.diags.debug.tags': 'http2', +'proxy.config.diags.debug.enabled': 0, +'proxy.config.diags.debug.tags': 'http', }) # @@ -65,7 +65,7 @@ ts.Disk.records_config.update({ h2spec_targets = "http2/1 http2/2 http2/3 http2/4 http2/5 http2/6.1 http2/6.2 http2/6.3 http2/6.5 http2/6.6 http2/6.7 http2/6.8 http2/7 http2/8 hpack" test_run = Test.AddTestRun() -test_run.Processes.Default.Command = 'h2spec {0} -t -k -p {1}'.format(h2spec_targets, ts.Variables.ssl_port) +test_run.Processes.Default.Command = 'h2spec {0} -t -k --timeout 10 -p {1}'.format(h2spec_targets, ts.Variables.ssl_port) test_run.Processes.Default.ReturnCode = 0 test_run.Processes.Default.StartBefore(httpbin, ready=When.PortOpen(httpbin.Variables.Port)) test_run.Processes.Default.StartBefore(Test.Processes.ts, ready=When.PortOpen(ts.Variables.ssl_port))
[trafficserver] branch 9.0.x updated: Require 1.1.1 as minimum openssl lib version for tls_check_dual_cert_selection Au test.
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new 84c8b81 Require 1.1.1 as minimum openssl lib version for tls_check_dual_cert_selection Au test. 84c8b81 is described below commit 84c8b815876b41f94a6a0d6fea48b2d833a71ce4 Author: Walter Karas AuthorDate: Tue Mar 17 12:33:07 2020 -0500 Require 1.1.1 as minimum openssl lib version for tls_check_dual_cert_selection Au test. (cherry picked from commit e872a701e1f1e7ad5672fa883fffe56cccbef446) --- tests/gold_tests/tls/tls_check_dual_cert_selection.test.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/gold_tests/tls/tls_check_dual_cert_selection.test.py b/tests/gold_tests/tls/tls_check_dual_cert_selection.test.py index 8c1a25d..bc2682a 100644 --- a/tests/gold_tests/tls/tls_check_dual_cert_selection.test.py +++ b/tests/gold_tests/tls/tls_check_dual_cert_selection.test.py @@ -20,6 +20,8 @@ Test.Summary = ''' Test ATS offering both RSA and EC certificates ''' +Test.SkipUnless(Condition.HasOpenSSLVersion('1.1.1')) + # Define default ATS ts = Test.MakeATSProcess("ts", select_ports=True, enable_tls=True) server = Test.MakeOriginServer("server", ssl=True)
[trafficserver] branch 9.0.x updated: Add extension ip.test.ext to Au Test, with Test method to allocate extra TCP ports.
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new f3f7ce7 Add extension ip.test.ext to Au Test, with Test method to allocate extra TCP ports. f3f7ce7 is described below commit f3f7ce72c9b16e57608aeefe6ce8e3901e02d0db Author: Walter Karas AuthorDate: Mon Dec 23 18:58:57 2019 -0600 Add extension ip.test.ext to Au Test, with Test method to allocate extra TCP ports. And change the chunked_encoding_h2 Au test to use this capability. (cherry picked from commit f8a8b2f770bdc92f095f1a8a74cd591e9d37a4d0) --- .../case1.sh => autest-site/ip.test.ext} | 24 +++--- tests/gold_tests/chunked_encoding/case1.sh | 2 +- tests/gold_tests/chunked_encoding/case2.sh | 2 +- tests/gold_tests/chunked_encoding/case3.sh | 2 +- .../chunked_encoding/chunked_encoding_h2.test.py | 12 ++- 5 files changed, 31 insertions(+), 11 deletions(-) diff --git a/tests/gold_tests/chunked_encoding/case1.sh b/tests/gold_tests/autest-site/ip.test.ext old mode 100644 new mode 100755 similarity index 51% copy from tests/gold_tests/chunked_encoding/case1.sh copy to tests/gold_tests/autest-site/ip.test.ext index fff931f..cc951cf --- a/tests/gold_tests/chunked_encoding/case1.sh +++ b/tests/gold_tests/autest-site/ip.test.ext @@ -1,3 +1,6 @@ +''' +Extend Autest with IP-related utilities. +''' # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information @@ -14,6 +17,21 @@ # See the License for the specific language governing permissions and # limitations under the License. -nc -l -o outserver1 -c "sh ./delay-server.sh" & -sleep 1 -nghttp -vv https://127.0.0.1:${1}/delay-chunked-response + +from ports import get_port + +# this forms is for the global process define + +# New member function for Test object, that reserves TCP port(s) from the list of available TCP ports, for +# use in the test. Each argument is a string, containing the name of a variable to add to Test.Variables . +# For each argument, a port will be reserved, and its number will be assigned to the new variable for the +# argument. +# +def get_tcp_port(obj, *newVariables): +for v in newVariables: +if not isinstance(v, str): +raise TypeError("all function arguments must be strings") +get_port(obj, v) + +#AddTestEntityMember(get_tcp_port, name="GetTcpPort") +ExtendTest(get_tcp_port, name="GetTcpPort") diff --git a/tests/gold_tests/chunked_encoding/case1.sh b/tests/gold_tests/chunked_encoding/case1.sh index fff931f..4262283 100644 --- a/tests/gold_tests/chunked_encoding/case1.sh +++ b/tests/gold_tests/chunked_encoding/case1.sh @@ -14,6 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -nc -l -o outserver1 -c "sh ./delay-server.sh" & +nc -l ${2} -o outserver1 -c "sh ./delay-server.sh" & sleep 1 nghttp -vv https://127.0.0.1:${1}/delay-chunked-response diff --git a/tests/gold_tests/chunked_encoding/case2.sh b/tests/gold_tests/chunked_encoding/case2.sh index 55a9c11..be4d76f 100644 --- a/tests/gold_tests/chunked_encoding/case2.sh +++ b/tests/gold_tests/chunked_encoding/case2.sh @@ -14,6 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -nc -l -o outserver2 -c "sh ./server2.sh" & +nc -l ${2} -o outserver2 -c "sh ./server2.sh" & sleep 1 curl --http2 -k https://127.0.0.1:${1}/post --verbose -H "Transfer-encoding: chunked" -d "Knock knock" diff --git a/tests/gold_tests/chunked_encoding/case3.sh b/tests/gold_tests/chunked_encoding/case3.sh index 6ed3b3c..4af2d92 100644 --- a/tests/gold_tests/chunked_encoding/case3.sh +++ b/tests/gold_tests/chunked_encoding/case3.sh @@ -14,6 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -nc -l -o outserver3 -c "sh ./server3.sh" & +nc -l ${2} -o outserver3 -c "sh ./server3.sh" & sleep 1 curl --http2 -k https://127.0.0.1:${1}/post-chunked --verbose -H "Transfer-encoding: chunked" -d "Knock knock" diff --git a/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py b/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py index 75d8a79..d5022c0 100644 --- a/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py +++ b/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py @@ -27,6 +27,8 @@ Test.SkipUnless( ) Test.ContinueOnFail = True +Test.GetTcpPort("upstream_port") + # Define default ATS ts = Test.MakeATSProcess("ts", select_ports=True, enable_tls=True) @@ -44,10 +46,10 @@ ts.Disk.records_config.update({ }) ts.Disk.remap_config.AddLine( -