[trafficserver] branch 9.0.x updated: Updated ChangeLog
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new 26dbba2 Updated ChangeLog 26dbba2 is described below commit 26dbba2c9201bca2081af2370da43ae9f8eb3385 Author: Leif Hedstrom AuthorDate: Tue Sep 15 11:05:31 2020 -0600 Updated ChangeLog --- CHANGELOG-9.0.0 | 8 1 file changed, 8 insertions(+) diff --git a/CHANGELOG-9.0.0 b/CHANGELOG-9.0.0 index 11cd5aa..19333f5 100644 --- a/CHANGELOG-9.0.0 +++ b/CHANGELOG-9.0.0 @@ -1069,6 +1069,7 @@ Changes with Apache Traffic Server 9.0.0 #7128 - Protect TSActionCancel from null INKContInternal actions #7129 - Comment out a wrong assertion in QUIC Loss Detection logic #7131 - Don't make an error on duplicated RETIRE_CONNECTION frames + #7134 - Do not lose original inactivity timeout on disable #7135 - Replace ACTION_RESULT_NONE with nullptr #7137 - Removes duplicated listing of files in same Makefile target #7138 - Remove useless shortopt @@ -1083,5 +1084,12 @@ Changes with Apache Traffic Server 9.0.0 #7159 - MicroDNS Extension: handle different 'default' types #7160 - Fix memory leaks in multiplexer plugin #7161 - Traffic Dump documentation for post_process.py + #7162 - Removes references to non-existent function handle_conditional_headers #7165 - Build test C/C++ files with Automake. (#6945) + #7166 - Fix #7164 Changing Warning to Debug and creating a stat #7168 - Fix #7167, make pep8 failure + #7169 - AuTest: Properly handle experimental plugins. (#6971) + #7172 - Fix leaks in BaseLogFiles.cc + #7178 - AuTest: Reuse venv if it exists already + #7181 - TS_API for Note,Status,Warning,Alert,Fatal + #7183 - Emits log when OCSP fails to connect to server
[trafficserver] branch 8.1.x updated: Updated ChangeLog
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 502ee35 Updated ChangeLog 502ee35 is described below commit 502ee35dd85a9f3f9936f886fc4e4d56507b7fbb Author: Leif Hedstrom AuthorDate: Tue Sep 15 11:05:58 2020 -0600 Updated ChangeLog --- CHANGELOG-8.1.1 | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG-8.1.1 b/CHANGELOG-8.1.1 index 193441e..026abf8 100644 --- a/CHANGELOG-8.1.1 +++ b/CHANGELOG-8.1.1 @@ -1,3 +1,4 @@ Changes with Apache Traffic Server 8.1.1 #7154 - Fixes H2 toggling using ssl_server_name.yaml #7156 - Fixes garbled logs when using % log tag + #7191 - Emits log when OCSP fails to connect to server
[trafficserver] branch 9.0.x updated: leaks in logs (#7172)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new c6e73b6 leaks in logs (#7172) c6e73b6 is described below commit c6e73b68a03eea683543a79af86a4d736de25d5f Author: Fei Deng AuthorDate: Wed Sep 9 13:50:23 2020 -0500 leaks in logs (#7172) (cherry picked from commit e4e3ea31667c45af4cadbff5731bddfeb91b252f) --- src/tscore/BaseLogFile.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/tscore/BaseLogFile.cc b/src/tscore/BaseLogFile.cc index 26f567e..280ad17 100644 --- a/src/tscore/BaseLogFile.cc +++ b/src/tscore/BaseLogFile.cc @@ -361,6 +361,8 @@ BaseLogFile::close_file() ret = fclose(m_fp); m_fp = nullptr; m_is_init = false; +delete m_meta_info; +m_meta_info = nullptr; } return ret; }
[trafficserver] branch 9.0.x updated: AuTest: Reuse venv if it exists already (#7178)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new 30ae230 AuTest: Reuse venv if it exists already (#7178) 30ae230 is described below commit 30ae2302de2d069f0da396d444e7c2124029630d Author: Brian Neradt AuthorDate: Fri Sep 11 14:29:42 2020 -0500 AuTest: Reuse venv if it exists already (#7178) Before this change, every call to autest.sh would re-install the pipenv virtual environment. This reuses the virtual environment on subsequent runs to autest.sh. (cherry picked from commit 3cfebc9b8129e24e55309588b6e77959f4a49cf0) --- tests/test-env-check.sh | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/tests/test-env-check.sh b/tests/test-env-check.sh index 7087964..d280d2d 100755 --- a/tests/test-env-check.sh +++ b/tests/test-env-check.sh @@ -42,10 +42,15 @@ fi # check for pipenv pipenv --version &> /dev/null -if [ $? = 0 ]; then +if [ $? -eq 0 ]; then echo "pipenv detected!" -pipenv install -# pipenv shell +pipenv --venv &> /dev/null +if [ $? -ne 0 ]; then +echo "Installing a new virtual environment via pipenv" +pipenv install +else +echo "Using the pre-existing virtual environment." +fi else echo "pipenv is not installed/enabled. " fi
[trafficserver] branch 9.0.x updated: Emits log when OCSP fails to connect to server (#7183)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new adf7331 Emits log when OCSP fails to connect to server (#7183) adf7331 is described below commit adf73316881e91883b247d122cf02550c72d8c1a Author: Randall Meyer AuthorDate: Mon Sep 14 10:00:08 2020 -0700 Emits log when OCSP fails to connect to server (#7183) This also adds a pair of log messages for the initial OCSP update. ATS doesn't respond until this is complete and may give operators an understanding where it on load. Fixes issue #6801 (cherry picked from commit b353df22e09ffaecac1fd561a598cf8c13437f62) --- iocore/net/OCSPStapling.cc| 25 ++--- iocore/net/SSLNetProcessor.cc | 3 +++ 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/iocore/net/OCSPStapling.cc b/iocore/net/OCSPStapling.cc index d39bf6b..7c39d2b 100644 --- a/iocore/net/OCSPStapling.cc +++ b/iocore/net/OCSPStapling.cc @@ -374,10 +374,12 @@ query_responder(BIO *b, char *host, char *path, OCSP_REQUEST *req, int req_timeo OCSP_REQ_CTX_free(ctx); - if (rv) { + if (rv == 1) { return resp; } + Error("failed to connect to OCSP server; host=%s path=%s", host, path); + return nullptr; } @@ -396,7 +398,7 @@ process_responder(OCSP_REQUEST *req, char *host, char *path, char *port, int req BIO_set_nbio(cbio, 1); if (BIO_do_connect(cbio) <= 0 && !BIO_should_retry(cbio)) { -Debug("ssl_ocsp", "process_responder: failed to connect to OCSP response server. host=%s port=%s path=%s", host, port, path); +Debug("ssl_ocsp", "process_responder: failed to connect to OCSP server; host=%s port=%s path=%s", host, port, path); goto end; } resp = query_responder(cbio, host, path, req, req_timeout); @@ -415,16 +417,18 @@ stapling_refresh_response(certinfo *cinf, OCSP_RESPONSE **prsp) OCSP_REQUEST *req = nullptr; OCSP_CERTID *id = nullptr; char *host = nullptr, *port = nullptr, *path = nullptr; - int ssl_flag= 0; - int req_timeout = -1; + int ssl_flag= 0; + int response_status = 0; - Debug("ssl_ocsp", "stapling_refresh_response: querying responder"); *prsp = nullptr; if (!OCSP_parse_url(cinf->uri, , , , _flag)) { +Debug("ssl_ocsp", "stapling_refresh_response: OCSP_parse_url failed; uri=%s", cinf->uri); goto err; } + Debug("ssl_ocsp", "stapling_refresh_response: querying responder; host=%s port=%s path=%s", host, port, path); + req = OCSP_REQUEST_new(); if (!req) { goto err; @@ -437,19 +441,18 @@ stapling_refresh_response(certinfo *cinf, OCSP_RESPONSE **prsp) goto err; } - req_timeout = SSLConfigParams::ssl_ocsp_request_timeout; - *prsp = process_responder(req, host, path, port, req_timeout); - + *prsp = process_responder(req, host, path, port, SSLConfigParams::ssl_ocsp_request_timeout); if (*prsp == nullptr) { goto done; } - if (OCSP_response_status(*prsp) == OCSP_RESPONSE_STATUS_SUCCESSFUL) { + response_status = OCSP_response_status(*prsp); + if (response_status == OCSP_RESPONSE_STATUS_SUCCESSFUL) { Debug("ssl_ocsp", "stapling_refresh_response: query response received"); stapling_check_response(cinf, *prsp); } else { -// TODO: We should log the actual openssl error -Error("stapling_refresh_response: responder error"); +Error("stapling_refresh_response: responder response error; host=%s port=%s path=%s response_status=%d", host, port, path, + response_status); } if (!stapling_cache_response(*prsp, cinf)) { diff --git a/iocore/net/SSLNetProcessor.cc b/iocore/net/SSLNetProcessor.cc index fd85508..0707cc3 100644 --- a/iocore/net/SSLNetProcessor.cc +++ b/iocore/net/SSLNetProcessor.cc @@ -78,7 +78,10 @@ SSLNetProcessor::start(int, size_t stacksize) #if TS_USE_TLS_OCSP if (SSLConfigParams::ssl_ocsp_enabled) { // Call the update initially to get things populated +Note("Initial OCSP refresh started"); ocsp_update(); +Note("Initial OCSP refresh finished"); + EventType ET_OCSP = eventProcessor.spawn_event_threads("ET_OCSP", 1, stacksize); eventProcessor.schedule_every(new OCSPContinuation(), HRTIME_SECONDS(SSLConfigParams::ssl_ocsp_update_period), ET_OCSP); }
[trafficserver] branch 9.0.x updated: Do not lose original inactivity timeout on disable (#7134)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/9.0.x by this push: new 47724ce Do not lose original inactivity timeout on disable (#7134) 47724ce is described below commit 47724ce4125a9a95585d2b5014be298c7f154e83 Author: Susan Hinrichs AuthorDate: Mon Sep 14 12:05:09 2020 -0500 Do not lose original inactivity timeout on disable (#7134) (cherry picked from commit a4e203da740abe9b10661576d54476d5d8700c90) --- iocore/net/P_UnixNet.h | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/iocore/net/P_UnixNet.h b/iocore/net/P_UnixNet.h index 2c74a3e..cd87219 100644 --- a/iocore/net/P_UnixNet.h +++ b/iocore/net/P_UnixNet.h @@ -548,7 +548,9 @@ static inline void read_disable(NetHandler *nh, NetEvent *ne) { if (!ne->write.enabled) { -ne->set_inactivity_timeout(0); +// Clear the next scheduled inactivity time, but don't clear inactivity_timeout_in, +// so the current timeout is used when the NetEvent is reenabled and not the default inactivity timeout +ne->next_inactivity_timeout_at = 0; Debug("socket", "read_disable updating inactivity_at %" PRId64 ", NetEvent=%p", ne->next_inactivity_timeout_at, ne); } ne->read.enabled = 0; @@ -569,7 +571,9 @@ static inline void write_disable(NetHandler *nh, NetEvent *ne) { if (!ne->read.enabled) { -ne->set_inactivity_timeout(0); +// Clear the next scheduled inactivity time, but don't clear inactivity_timeout_in, +// so the current timeout is used when the NetEvent is reenabled and not the default inactivity timeout +ne->next_inactivity_timeout_at = 0; Debug("socket", "write_disable updating inactivity_at %" PRId64 ", NetEvent=%p", ne->next_inactivity_timeout_at, ne); } ne->write.enabled = 0;
[trafficserver] branch 8.1.x updated: Emits log when OCSP fails to connect to server (#7183) (#7191)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new f78b4e0 Emits log when OCSP fails to connect to server (#7183) (#7191) f78b4e0 is described below commit f78b4e0b01dd10dd68fce93199b668e04f04af4f Author: Randall Meyer AuthorDate: Tue Sep 15 09:54:46 2020 -0700 Emits log when OCSP fails to connect to server (#7183) (#7191) This also adds a pair of log messages for the initial OCSP update. ATS doesn't respond until this is complete and may give operators an understanding where it on load. Fixes issue #6801 (cherry picked from commit b353df22e09ffaecac1fd561a598cf8c13437f62) --- iocore/net/OCSPStapling.cc| 25 ++--- iocore/net/SSLNetProcessor.cc | 3 +++ 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/iocore/net/OCSPStapling.cc b/iocore/net/OCSPStapling.cc index eb6c240..3123e86 100644 --- a/iocore/net/OCSPStapling.cc +++ b/iocore/net/OCSPStapling.cc @@ -336,10 +336,12 @@ query_responder(BIO *b, char *host, char *path, OCSP_REQUEST *req, int req_timeo OCSP_REQ_CTX_free(ctx); - if (rv) { + if (rv == 1) { return resp; } + Error("failed to connect to OCSP server; host=%s path=%s", host, path); + return nullptr; } @@ -358,7 +360,7 @@ process_responder(OCSP_REQUEST *req, char *host, char *path, char *port, int req BIO_set_nbio(cbio, 1); if (BIO_do_connect(cbio) <= 0 && !BIO_should_retry(cbio)) { -Debug("ssl_ocsp", "process_responder: failed to connect to OCSP response server. host=%s port=%s path=%s", host, port, path); +Debug("ssl_ocsp", "process_responder: failed to connect to OCSP server; host=%s port=%s path=%s", host, port, path); goto end; } resp = query_responder(cbio, host, path, req, req_timeout); @@ -377,16 +379,18 @@ stapling_refresh_response(certinfo *cinf, OCSP_RESPONSE **prsp) OCSP_REQUEST *req = nullptr; OCSP_CERTID *id = nullptr; char *host = nullptr, *port = nullptr, *path = nullptr; - int ssl_flag= 0; - int req_timeout = -1; + int ssl_flag= 0; + int response_status = 0; - Debug("ssl_ocsp", "stapling_refresh_response: querying responder"); *prsp = nullptr; if (!OCSP_parse_url(cinf->uri, , , , _flag)) { +Debug("ssl_ocsp", "stapling_refresh_response: OCSP_parse_url failed; uri=%s", cinf->uri); goto err; } + Debug("ssl_ocsp", "stapling_refresh_response: querying responder; host=%s port=%s path=%s", host, port, path); + req = OCSP_REQUEST_new(); if (!req) { goto err; @@ -399,19 +403,18 @@ stapling_refresh_response(certinfo *cinf, OCSP_RESPONSE **prsp) goto err; } - req_timeout = SSLConfigParams::ssl_ocsp_request_timeout; - *prsp = process_responder(req, host, path, port, req_timeout); - + *prsp = process_responder(req, host, path, port, SSLConfigParams::ssl_ocsp_request_timeout); if (*prsp == nullptr) { goto done; } - if (OCSP_response_status(*prsp) == OCSP_RESPONSE_STATUS_SUCCESSFUL) { + response_status = OCSP_response_status(*prsp); + if (response_status == OCSP_RESPONSE_STATUS_SUCCESSFUL) { Debug("ssl_ocsp", "stapling_refresh_response: query response received"); stapling_check_response(cinf, *prsp); } else { -// TODO: We should log the actual openssl error -Error("stapling_refresh_response: responder error"); +Error("stapling_refresh_response: responder response error; host=%s port=%s path=%s response_status=%d", host, port, path, + response_status); } if (!stapling_cache_response(*prsp, cinf)) { diff --git a/iocore/net/SSLNetProcessor.cc b/iocore/net/SSLNetProcessor.cc index df12b31..00087f8 100644 --- a/iocore/net/SSLNetProcessor.cc +++ b/iocore/net/SSLNetProcessor.cc @@ -78,7 +78,10 @@ SSLNetProcessor::start(int, size_t stacksize) #if TS_USE_TLS_OCSP if (SSLConfigParams::ssl_ocsp_enabled) { // Call the update initially to get things populated +Note("Initial OCSP refresh started"); ocsp_update(); +Note("Initial OCSP refresh finished"); + EventType ET_OCSP = eventProcessor.spawn_event_threads("ET_OCSP", 1, stacksize); eventProcessor.schedule_every(new OCSPContinuation(), HRTIME_SECONDS(SSLConfigParams::ssl_ocsp_update_period), ET_OCSP); }
[trafficserver] branch master updated: Updates the list of supported / linked Docs versions (#7152)
This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 39c7be5 Updates the list of supported / linked Docs versions (#7152) 39c7be5 is described below commit 39c7be57e453fe92b20f769d7b9a70f1d21d2ece Author: Leif Hedstrom AuthorDate: Tue Sep 15 10:53:49 2020 -0600 Updates the list of supported / linked Docs versions (#7152) --- doc/static/languages.json | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/doc/static/languages.json b/doc/static/languages.json index eb11a87..5769c1b 100644 --- a/doc/static/languages.json +++ b/doc/static/languages.json @@ -4,9 +4,8 @@ "versions": [ "latest", "9.0.x", -"8.0.x", -"7.1.x", -"6.2.x" +"8.1.x", +"7.1.x" ] }, "ja": { @@ -14,9 +13,8 @@ "versions": [ "latest", "9.0.x", -"8.0.x", -"7.1.x", -"6.2.x" +"8.1.x", +"7.1.x" ] } }
[trafficserver] branch master updated: Make custom xdebug HTTP header name available to other plugins. (#7193)
This is an automated email from the ASF dual-hosted git repository. wkaras pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new b09e043 Make custom xdebug HTTP header name available to other plugins. (#7193) b09e043 is described below commit b09e04390717422e7b9917b158cd3e63c78709d1 Author: Walt Karas AuthorDate: Tue Sep 15 11:43:44 2020 -0500 Make custom xdebug HTTP header name available to other plugins. (#7193) The custom header name is passed to the xdebug plugin as plugin parameter. This change makes it available as a global TS API user parameter. --- plugins/xdebug/xdebug.cc | 7 +++ 1 file changed, 7 insertions(+) diff --git a/plugins/xdebug/xdebug.cc b/plugins/xdebug/xdebug.cc index 5e81190..30a1d10 100644 --- a/plugins/xdebug/xdebug.cc +++ b/plugins/xdebug/xdebug.cc @@ -706,6 +706,13 @@ TSPluginInit(int argc, const char *argv[]) } xDebugHeader.len = strlen(xDebugHeader.str); + // Make xDebugHeader available to other plugins, as a C-style string. + // + int idx = -1; + TSReleaseAssert(TSUserArgIndexReserve(TS_USER_ARGS_GLB, "XDebugHeader", "XDebug header name", ) == TS_SUCCESS); + TSReleaseAssert(idx >= 0); + TSUserArgSet(nullptr, idx, const_cast(xDebugHeader.str)); + AuxDataMgr::init("xdebug"); // Setup the global hook
[trafficserver] branch master updated: Update sni outbound policy to allow directly setting the outbound SNI. (#7188)
This is an automated email from the ASF dual-hosted git repository. amc pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 50ef963 Update sni outbound policy to allow directly setting the outbound SNI. (#7188) 50ef963 is described below commit 50ef963e42376d8fee0585597cf406274dde6be9 Author: Alan M. Carroll AuthorDate: Tue Sep 15 09:37:59 2020 -0500 Update sni outbound policy to allow directly setting the outbound SNI. (#7188) --- doc/admin-guide/files/records.config.en.rst | 38 +++-- proxy/http/HttpSM.cc| 18 -- 2 files changed, 36 insertions(+), 20 deletions(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 78e3551..9060916 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -3621,23 +3621,35 @@ Client-Related Configuration .. ts:cv:: CONFIG proxy.config.ssl.client.sni_policy STRING NULL :overridable: - Indicate how the SNI value for the TLS connection to the origin is selected. By default it is - `host` which means the host header field value is used for the SNI. If `remap` is specified, the - remapped origin name is used for the SNI value. If `verify_with_name_source` is specified, the - SNI will be the host header value and the name to check in the server certificate will be the - remap header value. + Indicate how the SNI value for the TLS connection to the origin is selected. + + ``host`` + This is the default. The value of the ``Host`` field in the proxy request is used. + + ``remap`` + The remapped upstream name is used. + + ``verify_with_name_source`` + The value of the ``Host`` field in the proxy request is used. In addition, if the names in the + server certificate of the upstream are checked, they are checked against the remapped upstream + name, not the SNI. + + ``@...`` + If the policy starts with the ``@`` character, it is treated as a literal, less the leading + ``@``. E.g. if the policy is "@apache.org" the SNI will be "apache.org". + We have two names that could be used in the transaction host header and the SNI value to the origin. These could be the host header from the client or the remap host name. Unless you have pristine host header enabled, these are likely the same values. - If sni_policy = host, both the sni and the host header to origin will be the same. - If sni_policy = remap, the sni value with be the remap host name and the host header will be the - host header from the client. - In addition, We may want to set the SNI and host headers the same (makes some common web servers - happy), but the certificate served by the origin may have a name that corresponds to the remap - name. So instead of using the SNI name for the name check, we may want to use the remap name. - So if sni_policy = verify_with_name_source, the sni will be the host header value and the name to - check in the server certificate will be the remap header value. + If sni_policy = ``host``, both the sni and the value of the ``Host`` field to origin will be the + same. If sni_policy = ``remap``, the sni value will be the remap host name and the host header + will be the host header from the client. + In addition, We may want to set the SNI and host headers the same (makes some common web servers + happy), but the server certificate for the upstream may have a name that corresponds to the remap + name. So instead of using the SNI name for the name check, we may want to use the remap name. So + if sni_policy = ``verify_with_name_source``, the sni will be the host header value and the name + to check in the server certificate will be the remap header value. .. ts:cv:: CONFIG proxy.config.ssl.client.TLSv1 INT 0 diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index b401c8f..c6ee656 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -4820,17 +4820,21 @@ HttpSM::get_outbound_cert() const std::string_view HttpSM::get_outbound_sni() const { - const char *sni_name = nullptr; - size_t len = 0; - if (t_state.txn_conf->ssl_client_sni_policy == nullptr || !strcmp(t_state.txn_conf->ssl_client_sni_policy, "host")) { + using namespace ts::literals; + ts::TextView zret; + ts::TextView policy{t_state.txn_conf->ssl_client_sni_policy, ts::TextView::npos}; + if (policy.empty() || !strcmp(policy, "host"_tv)) { // By default the host header field value is used for the SNI. -sni_name = t_state.hdr_info.server_request.host_get(reinterpret_cast()); +int len; +char const *ptr = t_state.hdr_info.server_request.host_get(); +zret.assign(ptr, len); + } else if (policy.front() == '@') { // guaranteed non-empty from
[trafficserver] branch quic-latest updated (112fc71 -> 42e8898)
This is an automated email from the ASF dual-hosted git repository. maskit pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 112fc71 Merge branch 'master' into quic-latest add 42e8898 Simplify interface between H3 and QUIC, and remove memcopy between them No new revisions were added by this update. Summary of changes: iocore/net/quic/Makefile.am| 3 + iocore/net/quic/Mock.h | 90 +++- iocore/net/quic/QUICApplication.cc | 248 +- iocore/net/quic/QUICApplication.h | 52 +-- iocore/net/quic/QUICBidirectionalStream.cc | 347 -- iocore/net/quic/QUICBidirectionalStream.h | 23 +- iocore/net/quic/QUICStream.cc | 144 +- iocore/net/quic/QUICStream.h | 45 +- .../net/quic/QUICStreamAdapter.cc | 16 +- .../{QUICFrameDispatcher.h => QUICStreamAdapter.h} | 49 +- iocore/net/quic/QUICStreamFactory.cc | 8 +- iocore/net/quic/QUICStreamFactory.h| 6 +- iocore/net/quic/QUICStreamManager.cc | 60 ++- iocore/net/quic/QUICStreamManager.h| 6 +- iocore/net/quic/QUICStreamVCAdapter.cc | 320 + iocore/net/quic/QUICStreamVCAdapter.h | 105 + iocore/net/quic/QUICTransferProgressProvider.cc| 83 iocore/net/quic/QUICTransferProgressProvider.h | 44 +- iocore/net/quic/QUICUnidirectionalStream.cc| 503 - iocore/net/quic/QUICUnidirectionalStream.h | 20 +- iocore/net/quic/test/test_QUICStream.cc| 189 +--- proxy/http3/Http09App.cc | 53 ++- proxy/http3/Http09App.h| 4 + proxy/http3/Http3App.cc| 157 --- proxy/http3/Http3App.h | 28 +- proxy/http3/Http3DataFramer.cc | 8 +- proxy/http3/Http3DataFramer.h | 2 +- proxy/http3/Http3Frame.cc | 127 -- proxy/http3/Http3Frame.h | 12 +- proxy/http3/Http3FrameCollector.cc | 22 +- proxy/http3/Http3FrameCollector.h | 4 +- proxy/http3/Http3FrameDispatcher.cc| 15 +- proxy/http3/Http3FrameDispatcher.h | 4 +- proxy/http3/Http3FrameGenerator.h | 4 +- proxy/http3/Http3HeaderFramer.cc | 9 +- proxy/http3/Http3HeaderFramer.h| 2 +- proxy/http3/Http3HeaderVIOAdaptor.cc | 122 - proxy/http3/Http3HeaderVIOAdaptor.h| 23 +- proxy/http3/Http3Transaction.cc| 178 ++-- proxy/http3/Http3Transaction.h | 19 +- proxy/http3/QPACK.cc | 159 --- proxy/http3/QPACK.h| 33 +- proxy/http3/test/main.cc | 8 + proxy/http3/test/test_Http3Frame.cc| 24 +- proxy/http3/test/test_QPACK.cc | 22 +- src/traffic_quic/quic_client.cc| 67 ++- src/traffic_quic/quic_client.h | 11 + 47 files changed, 1686 insertions(+), 1792 deletions(-) copy proxy/http3/Http3FrameGenerator.h => iocore/net/quic/QUICStreamAdapter.cc (78%) copy iocore/net/quic/{QUICFrameDispatcher.h => QUICStreamAdapter.h} (50%) create mode 100644 iocore/net/quic/QUICStreamVCAdapter.cc create mode 100644 iocore/net/quic/QUICStreamVCAdapter.h create mode 100644 iocore/net/quic/QUICTransferProgressProvider.cc
[trafficserver] branch quic-latest updated (112fc71 -> 42e8898)
This is an automated email from the ASF dual-hosted git repository. maskit pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 112fc71 Merge branch 'master' into quic-latest add 42e8898 Simplify interface between H3 and QUIC, and remove memcopy between them No new revisions were added by this update. Summary of changes: iocore/net/quic/Makefile.am| 3 + iocore/net/quic/Mock.h | 90 +++- iocore/net/quic/QUICApplication.cc | 248 +- iocore/net/quic/QUICApplication.h | 52 +-- iocore/net/quic/QUICBidirectionalStream.cc | 347 -- iocore/net/quic/QUICBidirectionalStream.h | 23 +- iocore/net/quic/QUICStream.cc | 144 +- iocore/net/quic/QUICStream.h | 45 +- .../net/quic/QUICStreamAdapter.cc | 16 +- .../{QUICFrameDispatcher.h => QUICStreamAdapter.h} | 49 +- iocore/net/quic/QUICStreamFactory.cc | 8 +- iocore/net/quic/QUICStreamFactory.h| 6 +- iocore/net/quic/QUICStreamManager.cc | 60 ++- iocore/net/quic/QUICStreamManager.h| 6 +- iocore/net/quic/QUICStreamVCAdapter.cc | 320 + iocore/net/quic/QUICStreamVCAdapter.h | 105 + iocore/net/quic/QUICTransferProgressProvider.cc| 83 iocore/net/quic/QUICTransferProgressProvider.h | 44 +- iocore/net/quic/QUICUnidirectionalStream.cc| 503 - iocore/net/quic/QUICUnidirectionalStream.h | 20 +- iocore/net/quic/test/test_QUICStream.cc| 189 +--- proxy/http3/Http09App.cc | 53 ++- proxy/http3/Http09App.h| 4 + proxy/http3/Http3App.cc| 157 --- proxy/http3/Http3App.h | 28 +- proxy/http3/Http3DataFramer.cc | 8 +- proxy/http3/Http3DataFramer.h | 2 +- proxy/http3/Http3Frame.cc | 127 -- proxy/http3/Http3Frame.h | 12 +- proxy/http3/Http3FrameCollector.cc | 22 +- proxy/http3/Http3FrameCollector.h | 4 +- proxy/http3/Http3FrameDispatcher.cc| 15 +- proxy/http3/Http3FrameDispatcher.h | 4 +- proxy/http3/Http3FrameGenerator.h | 4 +- proxy/http3/Http3HeaderFramer.cc | 9 +- proxy/http3/Http3HeaderFramer.h| 2 +- proxy/http3/Http3HeaderVIOAdaptor.cc | 122 - proxy/http3/Http3HeaderVIOAdaptor.h| 23 +- proxy/http3/Http3Transaction.cc| 178 ++-- proxy/http3/Http3Transaction.h | 19 +- proxy/http3/QPACK.cc | 159 --- proxy/http3/QPACK.h| 33 +- proxy/http3/test/main.cc | 8 + proxy/http3/test/test_Http3Frame.cc| 24 +- proxy/http3/test/test_QPACK.cc | 22 +- src/traffic_quic/quic_client.cc| 67 ++- src/traffic_quic/quic_client.h | 11 + 47 files changed, 1686 insertions(+), 1792 deletions(-) copy proxy/http3/Http3FrameGenerator.h => iocore/net/quic/QUICStreamAdapter.cc (78%) copy iocore/net/quic/{QUICFrameDispatcher.h => QUICStreamAdapter.h} (50%) create mode 100644 iocore/net/quic/QUICStreamVCAdapter.cc create mode 100644 iocore/net/quic/QUICStreamVCAdapter.h create mode 100644 iocore/net/quic/QUICTransferProgressProvider.cc
[trafficserver] branch quic-latest updated (112fc71 -> 42e8898)
This is an automated email from the ASF dual-hosted git repository. maskit pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 112fc71 Merge branch 'master' into quic-latest add 42e8898 Simplify interface between H3 and QUIC, and remove memcopy between them No new revisions were added by this update. Summary of changes: iocore/net/quic/Makefile.am| 3 + iocore/net/quic/Mock.h | 90 +++- iocore/net/quic/QUICApplication.cc | 248 +- iocore/net/quic/QUICApplication.h | 52 +-- iocore/net/quic/QUICBidirectionalStream.cc | 347 -- iocore/net/quic/QUICBidirectionalStream.h | 23 +- iocore/net/quic/QUICStream.cc | 144 +- iocore/net/quic/QUICStream.h | 45 +- .../net/quic/QUICStreamAdapter.cc | 16 +- .../{QUICFrameDispatcher.h => QUICStreamAdapter.h} | 49 +- iocore/net/quic/QUICStreamFactory.cc | 8 +- iocore/net/quic/QUICStreamFactory.h| 6 +- iocore/net/quic/QUICStreamManager.cc | 60 ++- iocore/net/quic/QUICStreamManager.h| 6 +- iocore/net/quic/QUICStreamVCAdapter.cc | 320 + iocore/net/quic/QUICStreamVCAdapter.h | 105 + iocore/net/quic/QUICTransferProgressProvider.cc| 83 iocore/net/quic/QUICTransferProgressProvider.h | 44 +- iocore/net/quic/QUICUnidirectionalStream.cc| 503 - iocore/net/quic/QUICUnidirectionalStream.h | 20 +- iocore/net/quic/test/test_QUICStream.cc| 189 +--- proxy/http3/Http09App.cc | 53 ++- proxy/http3/Http09App.h| 4 + proxy/http3/Http3App.cc| 157 --- proxy/http3/Http3App.h | 28 +- proxy/http3/Http3DataFramer.cc | 8 +- proxy/http3/Http3DataFramer.h | 2 +- proxy/http3/Http3Frame.cc | 127 -- proxy/http3/Http3Frame.h | 12 +- proxy/http3/Http3FrameCollector.cc | 22 +- proxy/http3/Http3FrameCollector.h | 4 +- proxy/http3/Http3FrameDispatcher.cc| 15 +- proxy/http3/Http3FrameDispatcher.h | 4 +- proxy/http3/Http3FrameGenerator.h | 4 +- proxy/http3/Http3HeaderFramer.cc | 9 +- proxy/http3/Http3HeaderFramer.h| 2 +- proxy/http3/Http3HeaderVIOAdaptor.cc | 122 - proxy/http3/Http3HeaderVIOAdaptor.h| 23 +- proxy/http3/Http3Transaction.cc| 178 ++-- proxy/http3/Http3Transaction.h | 19 +- proxy/http3/QPACK.cc | 159 --- proxy/http3/QPACK.h| 33 +- proxy/http3/test/main.cc | 8 + proxy/http3/test/test_Http3Frame.cc| 24 +- proxy/http3/test/test_QPACK.cc | 22 +- src/traffic_quic/quic_client.cc| 67 ++- src/traffic_quic/quic_client.h | 11 + 47 files changed, 1686 insertions(+), 1792 deletions(-) copy proxy/http3/Http3FrameGenerator.h => iocore/net/quic/QUICStreamAdapter.cc (78%) copy iocore/net/quic/{QUICFrameDispatcher.h => QUICStreamAdapter.h} (50%) create mode 100644 iocore/net/quic/QUICStreamVCAdapter.cc create mode 100644 iocore/net/quic/QUICStreamVCAdapter.h create mode 100644 iocore/net/quic/QUICTransferProgressProvider.cc
[trafficserver] branch quic-latest updated (112fc71 -> 42e8898)
This is an automated email from the ASF dual-hosted git repository. maskit pushed a change to branch quic-latest in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 112fc71 Merge branch 'master' into quic-latest add 42e8898 Simplify interface between H3 and QUIC, and remove memcopy between them No new revisions were added by this update. Summary of changes: iocore/net/quic/Makefile.am| 3 + iocore/net/quic/Mock.h | 90 +++- iocore/net/quic/QUICApplication.cc | 248 +- iocore/net/quic/QUICApplication.h | 52 +-- iocore/net/quic/QUICBidirectionalStream.cc | 347 -- iocore/net/quic/QUICBidirectionalStream.h | 23 +- iocore/net/quic/QUICStream.cc | 144 +- iocore/net/quic/QUICStream.h | 45 +- .../net/quic/QUICStreamAdapter.cc | 16 +- .../{QUICFrameDispatcher.h => QUICStreamAdapter.h} | 49 +- iocore/net/quic/QUICStreamFactory.cc | 8 +- iocore/net/quic/QUICStreamFactory.h| 6 +- iocore/net/quic/QUICStreamManager.cc | 60 ++- iocore/net/quic/QUICStreamManager.h| 6 +- iocore/net/quic/QUICStreamVCAdapter.cc | 320 + iocore/net/quic/QUICStreamVCAdapter.h | 105 + iocore/net/quic/QUICTransferProgressProvider.cc| 83 iocore/net/quic/QUICTransferProgressProvider.h | 44 +- iocore/net/quic/QUICUnidirectionalStream.cc| 503 - iocore/net/quic/QUICUnidirectionalStream.h | 20 +- iocore/net/quic/test/test_QUICStream.cc| 189 +--- proxy/http3/Http09App.cc | 53 ++- proxy/http3/Http09App.h| 4 + proxy/http3/Http3App.cc| 157 --- proxy/http3/Http3App.h | 28 +- proxy/http3/Http3DataFramer.cc | 8 +- proxy/http3/Http3DataFramer.h | 2 +- proxy/http3/Http3Frame.cc | 127 -- proxy/http3/Http3Frame.h | 12 +- proxy/http3/Http3FrameCollector.cc | 22 +- proxy/http3/Http3FrameCollector.h | 4 +- proxy/http3/Http3FrameDispatcher.cc| 15 +- proxy/http3/Http3FrameDispatcher.h | 4 +- proxy/http3/Http3FrameGenerator.h | 4 +- proxy/http3/Http3HeaderFramer.cc | 9 +- proxy/http3/Http3HeaderFramer.h| 2 +- proxy/http3/Http3HeaderVIOAdaptor.cc | 122 - proxy/http3/Http3HeaderVIOAdaptor.h| 23 +- proxy/http3/Http3Transaction.cc| 178 ++-- proxy/http3/Http3Transaction.h | 19 +- proxy/http3/QPACK.cc | 159 --- proxy/http3/QPACK.h| 33 +- proxy/http3/test/main.cc | 8 + proxy/http3/test/test_Http3Frame.cc| 24 +- proxy/http3/test/test_QPACK.cc | 22 +- src/traffic_quic/quic_client.cc| 67 ++- src/traffic_quic/quic_client.h | 11 + 47 files changed, 1686 insertions(+), 1792 deletions(-) copy proxy/http3/Http3FrameGenerator.h => iocore/net/quic/QUICStreamAdapter.cc (78%) copy iocore/net/quic/{QUICFrameDispatcher.h => QUICStreamAdapter.h} (50%) create mode 100644 iocore/net/quic/QUICStreamVCAdapter.cc create mode 100644 iocore/net/quic/QUICStreamVCAdapter.h create mode 100644 iocore/net/quic/QUICTransferProgressProvider.cc