[trafficserver] branch master updated: Fix old MIMEHdr handling of HPACK
This is an automated email from the ASF dual-hosted git repository.
masaori pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new c2d6405 Fix old MIMEHdr handling of HPACK
c2d6405 is described below
commit c2d6405b19a7b3234b74221f281f687955da81bd
Author: Masaori Koshiba
AuthorDate: Fri May 8 12:27:44 2020 +0900
Fix old MIMEHdr handling of HPACK
1. Clear all MIMEFields from old MIMEHdr when new entry is larger than the
maximum size
2. Delete MIMEFields from old MIMEHdr on eviction
---
proxy/http2/HPACK.cc | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/proxy/http2/HPACK.cc b/proxy/http2/HPACK.cc
index 97a2626..774ed2e 100644
--- a/proxy/http2/HPACK.cc
+++ b/proxy/http2/HPACK.cc
@@ -372,6 +372,14 @@ HpackDynamicTable::add_header_field(const MIMEField *field)
// table causes the table to be emptied of all existing entries.
this->_headers.clear();
this->_mhdr->fields_clear();
+
+if (this->_mhdr_old) {
+ this->_mhdr_old->fields_clear();
+ this->_mhdr_old->destroy();
+ delete this->_mhdr_old;
+ this->_mhdr_old = nullptr;
+}
+
this->_current_size = 0;
} else {
this->_current_size += header_size;
@@ -430,7 +438,13 @@ HpackDynamicTable::_evict_overflowed_entries()
(*h)->value_get(_len);
this->_current_size -= ADDITIONAL_OCTETS + name_len + value_len;
-this->_mhdr->field_delete(*h, false);
+
+if (this->_mhdr_old && this->_mhdr_old->fields_count() != 0) {
+ this->_mhdr_old->field_delete(*h, false);
+} else {
+ this->_mhdr->field_delete(*h, false);
+}
+
this->_headers.pop_back();
if (this->_current_size <= this->_maximum_size) {
[trafficserver] branch master updated: Customize Max IOBuffer Size (#6869)
This is an automated email from the ASF dual-hosted git repository. sudheerv pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 6239297 Customize Max IOBuffer Size (#6869) 6239297 is described below commit 6239297fe7cf448915d41f2298f402e24520d896 Author: Sudheer Vinukonda AuthorDate: Thu Jun 18 18:23:35 2020 -0700 Customize Max IOBuffer Size (#6869) * Customize Max IOBuffer Size. Allow callers explicitly configure and pass in the max buffer sizes when asking for unknown sized memory chunks depending on the usecase instead of relying on a common/global default config. - Remove proxy.config.io.max_buffer_size - Add docs for the new configs --- doc/admin-guide/files/records.config.en.rst| 25 iocore/cache/CachePages.cc | 2 +- iocore/cache/CacheTest.cc | 4 +- iocore/eventsystem/EventSystem.cc | 13 +- iocore/eventsystem/I_IOBuffer.h| 23 +-- iocore/eventsystem/P_IOBuffer.h| 8 +--- iocore/eventsystem/unit_tests/test_IOBuffer.cc | 22 -- iocore/hostdb/HostDB.cc| 3 ++ iocore/hostdb/I_HostDBProcessor.h | 4 +- iocore/net/NetVCTest.cc| 4 +- iocore/net/P_SSLConfig.h | 1 + iocore/net/P_SSLNetVConnection.h | 3 +- iocore/net/QUICNetVConnection.cc | 4 +- iocore/net/QUICPacketHandler.cc| 2 +- iocore/net/SSLConfig.cc| 3 ++ iocore/net/SSLNextProtocolAccept.cc| 5 ++- iocore/net/Socks.cc| 2 +- iocore/net/quic/QUICFrame.cc | 47 +++--- iocore/net/quic/QUICPacketPayloadProtector.cc | 4 +- iocore/net/quic/test/test_QUICFrame.cc | 18 - iocore/net/quic/test/test_QUICFrameDispatcher.cc | 2 +- .../net/quic/test/test_QUICFrameRetransmitter.cc | 6 +-- .../net/quic/test/test_QUICIncomingFrameBuffer.cc | 12 +++--- iocore/net/quic/test/test_QUICStreamManager.cc | 10 ++--- iocore/utils/OneWayMultiTunnel.cc | 4 +- iocore/utils/OneWayTunnel.cc | 4 +- mgmt/RecordsConfig.cc | 10 - plugins/experimental/memcache/tsmemcache.cc| 6 +-- proxy/Transform.cc | 8 ++-- proxy/http/HttpConfig.cc | 4 ++ proxy/http/HttpConfig.h| 3 ++ proxy/http/HttpSM.cc | 20 - proxy/http/HttpTransact.cc | 5 ++- proxy/http2/unit_tests/test_Http2Frame.cc | 2 +- proxy/http3/Http3HeaderFramer.cc | 2 +- proxy/http3/test/test_QPACK.cc | 2 +- proxy/logging/LogBuffer.cc | 4 +- proxy/logging/LogConfig.cc | 12 +- proxy/logging/LogConfig.h | 1 + src/traffic_quic/quic_client.cc| 4 +- src/traffic_server/InkAPITest.cc | 2 +- src/traffic_server/InkIOCoreAPI.cc | 2 +- src/traffic_server/SocksProxy.cc | 2 +- 43 files changed, 180 insertions(+), 144 deletions(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 2a24465..f24c359 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -4407,6 +4407,31 @@ Sockets platforms. (Currently only linux). IO buffers are allocated with the MADV_DONTDUMP with madvise() on linux platforms that support MADV_DONTDUMP. Enabled by default. +.. ts:cv:: CONFIG proxy.config.ssl.misc.io.max_buffer_index INT 8 + + Configures the max IOBuffer Block index used for various SSL Operations + such as Handshake or Protocol Probe. Default value is 8 which maps to a 32K buffer + +.. ts:cv:: CONFIG proxy.config.hostdb.io.max_buffer_index INT 8 + + Configures the max IOBuffer Block index used for storing HostDB records. + Default value is 8 which maps to a 32K buffer + +.. ts:cv:: CONFIG proxy.config.payload.io.max_buffer_index INT 8 + + Configures the max IOBuffer Block index used for storing request payload buffer + for a POST request. Default value is 8 which maps to a 32K buffer + +.. ts:cv:: CONFIG proxy.config.msg.io.max_buffer_index INT 8 + + Configures the max IOBuffer Block index used for storing miscellaneous transactional + buffers such as error response body. Default value is 8 which maps to a 32K buffer + +.. ts:cv:: CONFIG proxy.config.log.io.max_buffer_index INT 8 + + Configures the max IOBuffer Block
[trafficserver] branch 8.0.x updated: Updated STATUS file
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch 8.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.0.x by this push: new 52d49ff Updated STATUS file 52d49ff is described below commit 52d49ff6c458a4a67d350117ef312fe03e985716 Author: Bryan Call AuthorDate: Thu Jun 18 15:32:51 2020 -0700 Updated STATUS file --- STATUS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/STATUS b/STATUS index e2c5a44..2099cc1 100644 --- a/STATUS +++ b/STATUS @@ -6,7 +6,7 @@ The current version of this file can be found at: * https://github.com/apache/trafficserver/blob/master/STATUS Release history: -8.0.8 : Release on May xxth, 2020 +8.0.8 : Release on Jun xxth, 2020 8.0.7 : Release on Apr 16th, 2020 8.0.6 : Release on Feb 29th, 2020 8.0.5 : Release on Aug 20th, 2019
[trafficserver] branch 7.1.x updated: Bumped version to 7.1.11
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/7.1.x by this push: new 50d569d Bumped version to 7.1.11 50d569d is described below commit 50d569d13cfa3bf7328e2483380794507ad8e24b Author: Bryan Call AuthorDate: Thu Jun 18 15:31:25 2020 -0700 Bumped version to 7.1.11 --- STATUS | 2 +- configure.ac | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/STATUS b/STATUS index eb2a830..86cd9bb 100644 --- a/STATUS +++ b/STATUS @@ -6,7 +6,7 @@ The current version of this file can be found at: * https://github.com/apache/trafficserver/blob/master/STATUS Release history: -7.1.11 : Released on May xxth, 2020 +7.1.11 : Released on Jun xxth, 2020 7.1.10 : Released on Apr 16th, 2020 7.1.9 : Released on Feb 29th, 2020 7.1.8 : Released on Aug 20th, 2019 diff --git a/configure.ac b/configure.ac index f13ffa4..6324378 100644 --- a/configure.ac +++ b/configure.ac @@ -32,8 +32,8 @@ # Version number is calculated as MAJOR * 100 + MINOR * 1000 + MICRO # Version string is in the form of MAJOR.MINOR.MICRO[sufix] # -m4_define([TS_VERSION_S],[7.1.10]) -m4_define([TS_VERSION_N],[7001010]) +m4_define([TS_VERSION_S],[7.1.11]) +m4_define([TS_VERSION_N],[7001011]) AC_INIT([Apache Traffic Server], TS_VERSION_S(), [d...@trafficserver.apache.org], [trafficserver],[http://trafficserver.apache.org]) AC_PREREQ([2.59])
[trafficserver] branch 7.1.x updated: Updated Changelog
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/7.1.x by this push: new c8c5112 Updated Changelog c8c5112 is described below commit c8c511257f9d3574de3697b39962f2b0d39761cf Author: Bryan Call AuthorDate: Thu Jun 18 15:16:36 2020 -0700 Updated Changelog --- CHANGELOG-7.1.11 | 4 1 file changed, 4 insertions(+) diff --git a/CHANGELOG-7.1.11 b/CHANGELOG-7.1.11 new file mode 100644 index 000..81eeac6 --- /dev/null +++ b/CHANGELOG-7.1.11 @@ -0,0 +1,4 @@ +Changes with Apache Traffic Server 7.1.11 + #6741 - Remove using namespace std + #6788 - HPACK: send back an error to the client when the index is invalid + #6921 - Fixed bug in the calculation of the header block fragment length
[trafficserver] branch 8.1.x updated: Revert "crr and slice cherry picks, broken crr unit test"
This is an automated email from the ASF dual-hosted git repository. bnolsen pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 1ea2814 Revert "crr and slice cherry picks, broken crr unit test" 1ea2814 is described below commit 1ea28140351d2f22a5054df8b9b83fca747fe574 Author: Brian Olsen AuthorDate: Thu Jun 18 22:14:46 2020 + Revert "crr and slice cherry picks, broken crr unit test" This reverts commit 0405931b01ffa3c93595b471a70a4f3ffde2bab3. --- include/ts/experimental.h | 13 +- .../cache_range_requests/cache_range_requests.cc | 363 --- plugins/experimental/slice/Config.cc | 126 ++- plugins/experimental/slice/Config.h| 30 +- plugins/experimental/slice/ContentRange.h | 8 +- plugins/experimental/slice/Data.h | 76 ++-- plugins/experimental/slice/HttpHeader.cc | 66 +--- plugins/experimental/slice/HttpHeader.h| 8 - plugins/experimental/slice/Makefile.inc| 6 - plugins/experimental/slice/Range.h | 4 +- plugins/experimental/slice/client.cc | 44 +-- plugins/experimental/slice/server.cc | 344 -- plugins/experimental/slice/slice.cc| 68 +--- plugins/experimental/slice/slice.h | 31 +- plugins/experimental/slice/util.cc | 36 +- src/traffic_server/InkAPI.cc | 25 -- .../cache_range_requests.test.py | 23 +- .../cache_range_requests_cachekey.test.py | 3 + .../cache_range_requests_ims.test.py | 139 tests/gold_tests/pluginTest/slice/curlsort.sh | 33 ++ tests/gold_tests/pluginTest/slice/gold/aa.gold | 1 - tests/gold_tests/pluginTest/slice/gold/aaa.gold| 1 - tests/gold_tests/pluginTest/slice/gold/bb.gold | 1 - tests/gold_tests/pluginTest/slice/gold/bbb.gold| 1 - .../pluginTest/slice/gold/slice_200.stderr.gold| 2 +- .../pluginTest/slice/gold/slice_200.stdout.gold| 8 + .../pluginTest/slice/gold/slice_206.stderr.gold| 2 +- .../pluginTest/slice/gold/slice_206.stdout.gold| 9 + .../pluginTest/slice/gold/slice_first.stderr.gold | 2 +- .../pluginTest/slice/gold/slice_first.stdout.gold | 9 + .../pluginTest/slice/gold/slice_last.stderr.gold | 2 +- .../pluginTest/slice/gold/slice_last.stdout.gold | 9 + .../pluginTest/slice/gold/slice_mid.stderr.gold| 2 +- .../pluginTest/slice/gold/slice_mid.stdout.gold| 9 + .../slice/gold_error/contents.stderr.gold | 1 - .../pluginTest/slice/gold_error/crr.stderr.gold| 1 + .../pluginTest/slice/gold_error/crr.stdout.gold| 9 + .../pluginTest/slice/gold_error/etag.stderr.gold | 1 + .../pluginTest/slice/gold_error/etag.stdout.gold | 9 + .../pluginTest/slice/gold_error/lm.stderr.gold | 1 + .../pluginTest/slice/gold_error/lm.stdout.gold | 9 + .../pluginTest/slice/gold_error/non206.stderr.gold | 1 + .../pluginTest/slice/gold_error/non206.stdout.gold | 10 + tests/gold_tests/pluginTest/slice/slice.test.py| 141 .../pluginTest/slice/slice_error.test.py | 158 +++-- .../pluginTest/slice/slice_regex.test.py | 169 - .../pluginTest/slice/slice_selfhealing.test.py | 391 - 47 files changed, 556 insertions(+), 1849 deletions(-) diff --git a/include/ts/experimental.h b/include/ts/experimental.h index 061c2e6..b6cfd35 100644 --- a/include/ts/experimental.h +++ b/include/ts/experimental.h @@ -133,7 +133,7 @@ tsapi void TSHttpTxnServerRequestBodySet(TSHttpTxn txnp, char *buf, int64_t bufl /* // -// Map from units to ts_hrtime values +// Map from units to ts_hrtime values // */ @@ -426,17 +426,6 @@ tsapi TSMBuffer TSFetchRespHdrMBufGet(TSFetchSM fetch_sm); */ tsapi TSMLoc TSFetchRespHdrMLocGet(TSFetchSM fetch_sm); -/* - * Parse a MIME header date string. - */ -tsapi time_t TSMimeParseDate(char const *const value_str, int const value_len); - -/* - * Print as a MIME header date string. - */ -tsapi TSReturnCode TSMimeFormatDate(time_t const value_time, char *const value_str, int *const value_len); - - #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/plugins/experimental/cache_range_requests/cache_range_requests.cc b/plugins/experimental/cache_range_requests/cache_range_requests.cc index cf2e04f..22f4151 100644 --- a/plugins/experimental/cache_range_requests/cache_range_requests.cc +++ b/plugins/experimental/cache_range_requests/cache_range_requests.cc @@ -21,7 +21,7 @@ * This plugin looks for range requests and then creates a new * cache key
[trafficserver] branch 8.0.x updated: Fixed bug in the calculation of the header block fragment length
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.0.x by this push:
new 4cf5b88 Fixed bug in the calculation of the header block fragment
length
4cf5b88 is described below
commit 4cf5b887b3f7dc081988f1b7d71d37bee2f35c96
Author: Bryan Call
AuthorDate: Wed Apr 22 13:35:00 2020 -0700
Fixed bug in the calculation of the header block fragment length
Co-authored-by: Masaori Koshiba
---
proxy/http2/HPACK.cc| 6 -
proxy/http2/Http2ConnectionState.cc | 49 +
proxy/http2/Http2Stream.h | 6 ++---
3 files changed, 35 insertions(+), 26 deletions(-)
diff --git a/proxy/http2/HPACK.cc b/proxy/http2/HPACK.cc
index 70a6805..93090d6 100644
--- a/proxy/http2/HPACK.cc
+++ b/proxy/http2/HPACK.cc
@@ -946,7 +946,11 @@ hpack_decode_header_block(HpackIndexingTable
_table, HTTPHdr *hdr, cons
field->name_get(_len);
field->value_get(_len);
-total_header_size += name_len + value_len;
+
+// [RFC 7540] 6.5.2. SETTINGS_MAX_HEADER_LIST_SIZE:
+// The value is based on the uncompressed size of header fields, including
the length of the name and value in octets plus an
+// overhead of 32 octets for each header field.
+total_header_size += name_len + value_len + ADDITIONAL_OCTETS;
if (total_header_size > max_header_size) {
return HPACK_ERROR_SIZE_EXCEEDED_ERROR;
diff --git a/proxy/http2/Http2ConnectionState.cc
b/proxy/http2/Http2ConnectionState.cc
index 3eaa558..5bc1408 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -227,13 +227,6 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
}
- // keep track of how many bytes we get in the frame
- stream->request_header_length += payload_length;
- if (stream->request_header_length > Http2::max_header_list_size) {
-return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
- "recv headers payload for headers greater than header
length");
- }
-
Http2HeadersParameter params;
uint32_t header_block_fragment_offset = 0;
uint32_t header_block_fragment_length = payload_length;
@@ -252,7 +245,8 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
"recv headers failed to parse");
}
-if (params.pad_length > payload_length) {
+// Payload length can't be smaller than the pad length
+if ((params.pad_length + HTTP2_HEADERS_PADLEN_LEN) >
header_block_fragment_length) {
return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
"recv headers pad > payload length");
}
@@ -268,7 +262,7 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
frame.reader()->memcpy(buf, HTTP2_PRIORITY_LEN,
header_block_fragment_offset);
if (!http2_parse_priority_parameter(make_iovec(buf, HTTP2_PRIORITY_LEN),
params.priority)) {
return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
-"recv headers prioirity parameters failed parse");
+"recv headers priority parameters failed parse");
}
// Protocol error if the stream depends on itself
if (stream_id == params.priority.stream_dependency) {
@@ -276,6 +270,12 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
"recv headers self dependency");
}
+// Payload length can't be smaller than the priority length
+if (HTTP2_PRIORITY_LEN > header_block_fragment_length) {
+ return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
+"recv priority length > payload length");
+}
+
header_block_fragment_offset += HTTP2_PRIORITY_LEN;
header_block_fragment_length -= HTTP2_PRIORITY_LEN;
}
@@ -295,11 +295,19 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
}
}
+ stream->header_blocks_length = header_block_fragment_length;
+
+ // ATS advertises SETTINGS_MAX_HEADER_LIST_SIZE as a limit of total header
blocks length. (Details in [RFC 7560] 10.5.1.)
+ // Make it double to relax the limit in cases of 1) HPACK is used naively,
or 2) Huffman Encoding generates large header blocks.
+ // The total "decoded" header length is strictly checked by
hpack_decode_header_block().
+ if (stream->header_blocks_length > std::max(Http2::max_header_list_size,
Http2::max_header_list_size * 2)) {
+return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM,
+ "header
[trafficserver] branch 7.1.x updated: Fixed bug in the calculation of the header block fragment length
This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/7.1.x by this push:
new d80440c Fixed bug in the calculation of the header block fragment
length
d80440c is described below
commit d80440c92afd53b68196a83a82e66975748f9402
Author: Bryan Call
AuthorDate: Wed Apr 29 13:39:17 2020 -0700
Fixed bug in the calculation of the header block fragment length
Co-authored-by: Masaori Koshiba
---
proxy/http2/HPACK.cc| 6 -
proxy/http2/Http2ConnectionState.cc | 49 +
proxy/http2/Http2Stream.h | 6 +
3 files changed, 34 insertions(+), 27 deletions(-)
diff --git a/proxy/http2/HPACK.cc b/proxy/http2/HPACK.cc
index e06b7b7..cd6aee6 100644
--- a/proxy/http2/HPACK.cc
+++ b/proxy/http2/HPACK.cc
@@ -941,7 +941,11 @@ hpack_decode_header_block(HpackIndexingTable
_table, HTTPHdr *hdr, cons
field->name_get(_len);
field->value_get(_len);
-total_header_size += name_len + value_len;
+
+// [RFC 7540] 6.5.2. SETTINGS_MAX_HEADER_LIST_SIZE:
+// The value is based on the uncompressed size of header fields, including
the length of the name and value in octets plus an
+// overhead of 32 octets for each header field.
+total_header_size += name_len + value_len + ADDITIONAL_OCTETS;
if (total_header_size > max_header_size) {
return HPACK_ERROR_SIZE_EXCEEDED_ERROR;
diff --git a/proxy/http2/Http2ConnectionState.cc
b/proxy/http2/Http2ConnectionState.cc
index e33a08e..75ef601 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -218,13 +218,6 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
}
}
- // keep track of how many bytes we get in the frame
- stream->request_header_length += payload_length;
- if (stream->request_header_length > Http2::max_header_list_size) {
-return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
- "recv headers payload for headers greater than header
length");
- }
-
Http2HeadersParameter params;
uint32_t header_block_fragment_offset = 0;
uint32_t header_block_fragment_length = payload_length;
@@ -243,7 +236,8 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
"recv headers failed to parse");
}
-if (params.pad_length > payload_length) {
+// Payload length can't be smaller than the pad length
+if ((params.pad_length + HTTP2_HEADERS_PADLEN_LEN) >
header_block_fragment_length) {
return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
"recv headers pad > payload length");
}
@@ -259,7 +253,7 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
frame.reader()->memcpy(buf, HTTP2_PRIORITY_LEN,
header_block_fragment_offset);
if (!http2_parse_priority_parameter(make_iovec(buf, HTTP2_PRIORITY_LEN),
params.priority)) {
return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
-"recv headers prioirity parameters failed parse");
+"recv headers priority parameters failed parse");
}
// Protocol error if the stream depends on itself
if (stream_id == params.priority.stream_dependency) {
@@ -267,6 +261,12 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
"recv headers self dependency");
}
+// Payload length can't be smaller than the priority length
+if (HTTP2_PRIORITY_LEN > header_block_fragment_length) {
+ return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
+"recv priority length > payload length");
+}
+
header_block_fragment_offset += HTTP2_PRIORITY_LEN;
header_block_fragment_length -= HTTP2_PRIORITY_LEN;
}
@@ -286,11 +286,19 @@ rcv_headers_frame(Http2ConnectionState , const
Http2Frame )
}
}
+ stream->header_blocks_length = header_block_fragment_length;
+
+ // ATS advertises SETTINGS_MAX_HEADER_LIST_SIZE as a limit of total header
blocks length. (Details in [RFC 7560] 10.5.1.)
+ // Make it double to relax the limit in cases of 1) HPACK is used naively,
or 2) Huffman Encoding generates large header blocks.
+ // The total "decoded" header length is strictly checked by
hpack_decode_header_block().
+ if (stream->header_blocks_length > std::max(Http2::max_header_list_size,
Http2::max_header_list_size * 2)) {
+return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION,
Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM,
+ "header blocks too large");
+ }
+
stream->header_blocks =
[trafficserver] branch 8.1.x updated: crr and slice cherry picks, broken crr unit test
This is an automated email from the ASF dual-hosted git repository. bnolsen pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 0405931 crr and slice cherry picks, broken crr unit test 0405931 is described below commit 0405931b01ffa3c93595b471a70a4f3ffde2bab3 Author: Brian Olsen AuthorDate: Thu Jun 18 22:08:06 2020 + crr and slice cherry picks, broken crr unit test --- include/ts/experimental.h | 13 +- .../cache_range_requests/cache_range_requests.cc | 363 +++ plugins/experimental/slice/Config.cc | 126 +-- plugins/experimental/slice/Config.h| 30 +- plugins/experimental/slice/ContentRange.h | 8 +- plugins/experimental/slice/Data.h | 76 ++-- plugins/experimental/slice/HttpHeader.cc | 66 +++- plugins/experimental/slice/HttpHeader.h| 8 + plugins/experimental/slice/Makefile.inc| 6 + plugins/experimental/slice/Range.h | 4 +- plugins/experimental/slice/client.cc | 44 ++- plugins/experimental/slice/server.cc | 344 ++ plugins/experimental/slice/slice.cc| 68 +++- plugins/experimental/slice/slice.h | 31 +- plugins/experimental/slice/util.cc | 36 +- src/traffic_server/InkAPI.cc | 25 ++ .../cache_range_requests.test.py | 23 +- .../cache_range_requests_cachekey.test.py | 3 - ...ey.test.py => cache_range_requests_ims.test.py} | 113 ++ tests/gold_tests/pluginTest/slice/curlsort.sh | 33 -- tests/gold_tests/pluginTest/slice/gold/aa.gold | 1 + tests/gold_tests/pluginTest/slice/gold/aaa.gold| 1 + tests/gold_tests/pluginTest/slice/gold/bb.gold | 1 + tests/gold_tests/pluginTest/slice/gold/bbb.gold| 1 + .../pluginTest/slice/gold/slice_200.stderr.gold| 2 +- .../pluginTest/slice/gold/slice_200.stdout.gold| 8 - .../pluginTest/slice/gold/slice_206.stderr.gold| 2 +- .../pluginTest/slice/gold/slice_206.stdout.gold| 9 - .../pluginTest/slice/gold/slice_first.stderr.gold | 2 +- .../pluginTest/slice/gold/slice_first.stdout.gold | 9 - .../pluginTest/slice/gold/slice_last.stderr.gold | 2 +- .../pluginTest/slice/gold/slice_last.stdout.gold | 9 - .../pluginTest/slice/gold/slice_mid.stderr.gold| 2 +- .../pluginTest/slice/gold/slice_mid.stdout.gold| 9 - .../slice/gold_error/contents.stderr.gold | 1 + .../pluginTest/slice/gold_error/crr.stderr.gold| 1 - .../pluginTest/slice/gold_error/crr.stdout.gold| 9 - .../pluginTest/slice/gold_error/etag.stderr.gold | 1 - .../pluginTest/slice/gold_error/etag.stdout.gold | 9 - .../pluginTest/slice/gold_error/lm.stderr.gold | 1 - .../pluginTest/slice/gold_error/lm.stdout.gold | 9 - .../pluginTest/slice/gold_error/non206.stderr.gold | 1 - .../pluginTest/slice/gold_error/non206.stdout.gold | 10 - tests/gold_tests/pluginTest/slice/slice.test.py| 141 .../pluginTest/slice/slice_error.test.py | 158 ++--- .../pluginTest/slice/slice_regex.test.py | 169 + .../pluginTest/slice/slice_selfhealing.test.py | 391 + 47 files changed, 1737 insertions(+), 642 deletions(-) diff --git a/include/ts/experimental.h b/include/ts/experimental.h index b6cfd35..061c2e6 100644 --- a/include/ts/experimental.h +++ b/include/ts/experimental.h @@ -133,7 +133,7 @@ tsapi void TSHttpTxnServerRequestBodySet(TSHttpTxn txnp, char *buf, int64_t bufl /* // -// Map from units to ts_hrtime values +// Map from units to ts_hrtime values // */ @@ -426,6 +426,17 @@ tsapi TSMBuffer TSFetchRespHdrMBufGet(TSFetchSM fetch_sm); */ tsapi TSMLoc TSFetchRespHdrMLocGet(TSFetchSM fetch_sm); +/* + * Parse a MIME header date string. + */ +tsapi time_t TSMimeParseDate(char const *const value_str, int const value_len); + +/* + * Print as a MIME header date string. + */ +tsapi TSReturnCode TSMimeFormatDate(time_t const value_time, char *const value_str, int *const value_len); + + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/plugins/experimental/cache_range_requests/cache_range_requests.cc b/plugins/experimental/cache_range_requests/cache_range_requests.cc index 22f4151..cf2e04f 100644 --- a/plugins/experimental/cache_range_requests/cache_range_requests.cc +++ b/plugins/experimental/cache_range_requests/cache_range_requests.cc @@ -21,7 +21,7 @@ * This plugin looks for range requests and then creates a new * cache key url so that each individual range requests is written * to the cache as a individual
[trafficserver] branch master updated (fcbcd73 -> f214fcf)
This is an automated email from the ASF dual-hosted git repository. sudheerv pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from fcbcd73 Removes SSLNetVConnection::sslContextSet add f214fcf Ensure read_avail is set for the first non-empty block (#6916) No new revisions were added by this update. Summary of changes: src/traffic_server/FetchSM.cc | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-)
[trafficserver] branch master updated (fcbcd73 -> f214fcf)
This is an automated email from the ASF dual-hosted git repository. sudheerv pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from fcbcd73 Removes SSLNetVConnection::sslContextSet add f214fcf Ensure read_avail is set for the first non-empty block (#6916) No new revisions were added by this update. Summary of changes: src/traffic_server/FetchSM.cc | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-)
[trafficserver] branch master updated: Removes SSLNetVConnection::sslContextSet
This is an automated email from the ASF dual-hosted git repository.
rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new fcbcd73 Removes SSLNetVConnection::sslContextSet
fcbcd73 is described below
commit fcbcd73f86b7d3835e632e4f26579efda9f51a17
Author: Randall Meyer
AuthorDate: Thu Jun 18 10:47:21 2020 -0700
Removes SSLNetVConnection::sslContextSet
This was introduced in 044da6999442449434b282d8b537d8858505bbfc but was
never used
---
iocore/net/P_SSLNetVConnection.h | 4
iocore/net/SSLNetVConnection.cc | 12
2 files changed, 16 deletions(-)
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index 4e63e63..8f09590 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -177,10 +177,6 @@ public:
/// Reenable the VC after a pre-accept or SNI hook is called.
virtual void reenable(NetHandler *nh, int event = TS_EVENT_CONTINUE);
- /// Set the SSL context.
- /// @note This must be called after the SSL endpoint has been created.
- virtual bool sslContextSet(void *ctx);
-
int64_t read_raw_data();
void
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index 94a9815..8d19880 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -1652,18 +1652,6 @@ SSLNetVConnection::reenable(NetHandler *nh, int event)
}
bool
-SSLNetVConnection::sslContextSet(void *ctx)
-{
- bool zret = true;
- if (ssl) {
-SSL_set_SSL_CTX(ssl, static_cast(ctx));
- } else {
-zret = false;
- }
- return zret;
-}
-
-bool
SSLNetVConnection::callHooks(TSEvent eventId)
{
// Only dealing with the SNI/CERT hook so far.
[trafficserver] branch master updated: Disable lua_stats autest until we can reliably wait for stats
This is an automated email from the ASF dual-hosted git repository.
bnolsen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 2f645db Disable lua_stats autest until we can reliably wait for stats
new 1a84546 Merge pull request #6917 from shinrich/disable-lua-stats-test
2f645db is described below
commit 2f645db0b838317d542f1696ab2df8c4d19cb94a
Author: Susan Hinrichs
AuthorDate: Thu Jun 18 15:34:22 2020 +
Disable lua_stats autest until we can reliably wait for stats
---
tests/gold_tests/pluginTest/lua/lua_states_stats.test.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/gold_tests/pluginTest/lua/lua_states_stats.test.py
b/tests/gold_tests/pluginTest/lua/lua_states_stats.test.py
index abd3a16..6167d24 100644
--- a/tests/gold_tests/pluginTest/lua/lua_states_stats.test.py
+++ b/tests/gold_tests/pluginTest/lua/lua_states_stats.test.py
@@ -23,6 +23,7 @@ Test lua states and stats functionality
Test.SkipUnless(
Condition.PluginExists('tslua.so'),
)
+Test.SkipIf(Condition.true("Test cannot deterministically wait until the stats
appear"))
Test.ContinueOnFail = True
# Define default ATS
