(trafficserver) branch avx-ats10 created (now a31995236e)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch avx-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git at a31995236e Add another file This branch includes the following new commits: new 98ea2783ee Move Aviatrix plugins to ats10 new a1f9a051cf Checkpoint dagger changes new a31995236e Add another file The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
(trafficserver) 02/03: Checkpoint dagger changes
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch avx-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit a1f9a051cf930c1400427784012d09e2bd63913f Author: Susan Hinrichs AuthorDate: Thu Mar 28 21:18:06 2024 + Checkpoint dagger changes --- .gitignore | 2 +- CMakePresets.json | 20 + aviatrix/10_0_0.0001/avx-gw-trafficserver.service | 18 + aviatrix/10_0_0.0001/configs/logging.yaml | 53 ++ aviatrix/10_0_0.0001/configs/plugin.config | 15 + aviatrix/10_0_0.0001/configs/records.yaml | 224 aviatrix/10_0_0.0001/control | 6 + .../10_0_0.0001/logrotate/avx-gw-trafficserver | 11 + aviatrix/10_0_0.0001/postinst | 25 + aviatrix/build/.gitignore | 3 + aviatrix/build/docker_scripts/env_command.sh | 179 ++ aviatrix/build/docker_scripts/setup_debug.sh | 3 + aviatrix/build/docker_scripts/setup_local.sh | 94 aviatrix/build/docker_scripts/setup_release.sh | 3 + aviatrix/build/dockerfile-atsbuild | 116 aviatrix/build/dockerfile-atsbuildv2 | 61 +++ aviatrix/build/dockerfile-buildtools | 37 ++ aviatrix/build/dockerfile-openssl | 51 ++ aviatrix/build/makeprotos.sh | 3 + aviatrix/build/setup_build_tools.sh| 21 + aviatrix/build/setup_build_tools_1.sh | 66 +++ aviatrix/build/setup_build_tools_2.sh | 24 + aviatrix/dagger/Makefile | 59 ++ aviatrix/dagger/build.go | 605 + aviatrix/dagger/build_manifest.sh | 27 + aviatrix/dagger/builder.sh | 13 + aviatrix/dagger/go.mod | 23 + aviatrix/dagger/go.sum | 48 ++ aviatrix/dagger/main.go| 312 +++ aviatrix/plugins/avx_certifier/CMakeLists.txt | 2 +- aviatrix/plugins/avx_policy_driver/CMakeLists.txt | 23 +- 31 files changed, 2140 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index e1fd4bc749..65e49bb2b8 100644 --- a/.gitignore +++ b/.gitignore @@ -44,7 +44,7 @@ m4/ltversion.m4 m4/lt~obsolete.m4 # common directory name for out-of-tree CMake builds -build* +#build* configs/records.yaml.default configs/storage.config.default diff --git a/CMakePresets.json b/CMakePresets.json index 4ea2a27dda..fcf3a3a6e4 100644 --- a/CMakePresets.json +++ b/CMakePresets.json @@ -375,6 +375,26 @@ "CMAKE_CXX_FLAGS_DEBUG": "--coverage", "CMAKE_C_FLAGS_DEBUG": "--coverage" } +}, +{ + "name": "aviatrix", + "displayName": "Aviatrix", + "description": "Aviatrix Presets", + "inherits": ["release"], + "generator": "Unix Makefiles", + "cacheVariables": { +"CMAKE_BUILD_TYPE": "RelWithDebInfo", +"jemalloc_ROOT": "/usr", +"ENABLE_LUAJIT": false, +"ENABLE_JEMALLOC": true, +"ENABLE_MIMALLOC": false, +"ENABLE_MALLOC_ALLOCATOR": true, + "ENABLE_AUTEST": false, +"BUILD_EXPERIMENTAL_PLUGINS": false, +"BUILD_REGRESSION_TESTING": false, + "CLOUDN_SOURCE_ROOT": "/src/cloudn", + "CMAKE_INSTALL_PREFIX": "/opt/ats/ats_10.0.0" + } } ], "buildPresets": [ diff --git a/aviatrix/10_0_0.0001/avx-gw-trafficserver.service b/aviatrix/10_0_0.0001/avx-gw-trafficserver.service new file mode 100644 index 00..90fb3b88ee --- /dev/null +++ b/aviatrix/10_0_0.0001/avx-gw-trafficserver.service @@ -0,0 +1,18 @@ +[Unit] +Description=Service that runs the trafficserver + + +[Service] +Type=simple +User=ats-user +ExecStart=-/opt/ats/ats_10.0.0/bin/traffic_server --bind_stdout /var/log/tslogs/traffic.out --bind_stderr /var/log/tslogs/traffic.out +Restart=on-failure +RestartSec=5s +LimitNOFILE=100 +PIDFile=/opt/ats/ats_10.0.0/var/trafficserver/server.lock +TimeoutStopSec=5s +#ExecReload=@exp_bindir@/traffic_ctl config reload +KillMode=process + +[Install] +WantedBy=multi-user.target diff --git a/aviatrix/10_0_0.0001/configs/logging.yaml b/aviatrix/10_0_0.0001/configs/logging.yaml new file mode 100755 index 00..087e2cde40 --- /dev/null +++ b/aviatrix/10_0_0.0001/configs/logging.yaml @@ -0,0 +1,53 @@ +# Custom log configuration +# +# Documentation on logging: +# https://docs.trafficserver.apache.org/en/9.0.x/admin-guide/logging/index.en.html +# +# Do
(trafficserver) 03/03: Add another file
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch avx-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit a31995236e822f9789f978ad996df6d133e7dbc9 Author: Susan Hinrichs AuthorDate: Thu Mar 28 21:18:51 2024 + Add another file --- aviatrix/plugins/CMakeLists.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/aviatrix/plugins/CMakeLists.txt b/aviatrix/plugins/CMakeLists.txt new file mode 100644 index 00..cf0996dd6e --- /dev/null +++ b/aviatrix/plugins/CMakeLists.txt @@ -0,0 +1,3 @@ +add_subdirectory(avx_tee_decrypt) +add_subdirectory(avx_certifier) +add_subdirectory(avx_policy_driver)
(trafficserver) branch master updated: Adjust ReturnCode for MakeATSProcess on ubuntu22 (#10904)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 11c3f8d82c Adjust ReturnCode for MakeATSProcess on ubuntu22 (#10904) 11c3f8d82c is described below commit 11c3f8d82c52203da82d1442ed9d2228cc3e6c21 Author: Susan Hinrichs AuthorDate: Tue Dec 12 10:15:50 2023 -0600 Adjust ReturnCode for MakeATSProcess on ubuntu22 (#10904) --- tests/gold_tests/next_hop/strategies_ch/strategies_ch.test.py| 1 + tests/gold_tests/next_hop/strategies_ch2/strategies_ch2.test.py | 1 + tests/gold_tests/next_hop/strategies_stale/strategies_stale.test.py | 1 + .../gold_tests/next_hop/zzz_strategies_peer/zzz_strategies_peer.test.py | 1 + .../next_hop/zzz_strategies_peer2/zzz_strategies_peer2.test.py | 1 + tests/gold_tests/pluginTest/prefetch/prefetch_bignum.test.py | 1 + tests/gold_tests/pluginTest/prefetch/prefetch_overflow.test.py | 1 + tests/gold_tests/pluginTest/prefetch/prefetch_simple.test.py | 1 + 8 files changed, 8 insertions(+) diff --git a/tests/gold_tests/next_hop/strategies_ch/strategies_ch.test.py b/tests/gold_tests/next_hop/strategies_ch/strategies_ch.test.py index 29f67ec417..d8d48bf704 100644 --- a/tests/gold_tests/next_hop/strategies_ch/strategies_ch.test.py +++ b/tests/gold_tests/next_hop/strategies_ch/strategies_ch.test.py @@ -59,6 +59,7 @@ for i in range(num_nh): 'proxy.config.dns.resolv_conf': "NULL", }) ts.Disk.remap_config.AddLine(f"map / http://127.0.0.1:{server.Variables.Port};) +ts.ReturnCode = Any(0, -2) ts_nh.append(ts) ts = Test.MakeATSProcess("ts") diff --git a/tests/gold_tests/next_hop/strategies_ch2/strategies_ch2.test.py b/tests/gold_tests/next_hop/strategies_ch2/strategies_ch2.test.py index 08331fc64d..1dde7079db 100644 --- a/tests/gold_tests/next_hop/strategies_ch2/strategies_ch2.test.py +++ b/tests/gold_tests/next_hop/strategies_ch2/strategies_ch2.test.py @@ -62,6 +62,7 @@ for i in range(num_nh): ts_nh.append(ts) ts = Test.MakeATSProcess("ts", use_traffic_out=False, command="traffic_server 2> trace.log") +ts.ReturnCode = Any(0, -2) ts.Disk.records_config.update( { diff --git a/tests/gold_tests/next_hop/strategies_stale/strategies_stale.test.py b/tests/gold_tests/next_hop/strategies_stale/strategies_stale.test.py index 10ed23c6d0..582bb6bdcc 100644 --- a/tests/gold_tests/next_hop/strategies_stale/strategies_stale.test.py +++ b/tests/gold_tests/next_hop/strategies_stale/strategies_stale.test.py @@ -55,6 +55,7 @@ ts_nh.Disk.records_config.update( 'proxy.config.dns.resolv_conf': "NULL", }) ts_nh.Disk.remap_config.AddLine(f"map / http://127.0.0.1:{server.Variables.Port};) +ts_nh.ReturnCode = Any(0, -2) ts = Test.MakeATSProcess("ts") diff --git a/tests/gold_tests/next_hop/zzz_strategies_peer/zzz_strategies_peer.test.py b/tests/gold_tests/next_hop/zzz_strategies_peer/zzz_strategies_peer.test.py index f5f977301c..13b4cea6fe 100644 --- a/tests/gold_tests/next_hop/zzz_strategies_peer/zzz_strategies_peer.test.py +++ b/tests/gold_tests/next_hop/zzz_strategies_peer/zzz_strategies_peer.test.py @@ -71,6 +71,7 @@ num_peer = 8 ts_peer = [] for i in range(num_peer): ts = Test.MakeATSProcess(f"ts_peer{i}", use_traffic_out=False, command=f"traffic_server 2> trace_peer{i}.log") +ts.ReturnCode = Any(0, -2) ts_peer.append(ts) for i in range(num_peer): ts = ts_peer[i] diff --git a/tests/gold_tests/next_hop/zzz_strategies_peer2/zzz_strategies_peer2.test.py b/tests/gold_tests/next_hop/zzz_strategies_peer2/zzz_strategies_peer2.test.py index adaea1b389..9d28939005 100644 --- a/tests/gold_tests/next_hop/zzz_strategies_peer2/zzz_strategies_peer2.test.py +++ b/tests/gold_tests/next_hop/zzz_strategies_peer2/zzz_strategies_peer2.test.py @@ -71,6 +71,7 @@ num_peer = 8 ts_peer = [] for i in range(num_peer): ts = Test.MakeATSProcess(f"ts_peer{i}", use_traffic_out=False, command=f"traffic_server 2> trace_peer{i}.log") +ts.ReturnCode = Any(0, -2) ts_peer.append(ts) for i in range(num_peer): ts = ts_peer[i] diff --git a/tests/gold_tests/pluginTest/prefetch/prefetch_bignum.test.py b/tests/gold_tests/pluginTest/prefetch/prefetch_bignum.test.py index 198f71f644..698a79edc4 100644 --- a/tests/gold_tests/pluginTest/prefetch/prefetch_bignum.test.py +++ b/tests/gold_tests/pluginTest/prefetch/prefetch_bignum.test.py @@ -57,6 +57,7 @@ ts.Disk.remap_config.AddLine( f"map http://domain.in http://127.0.0.1:{server.Variables.Port}; + " @plugin=cachekey.so @pparam=--remove-all-params=true" " @plugin=prefetch.so" + " @pparam=--front=true" + " @ppar
(trafficserver) branch master updated: Simplify bad-fmt test use of nc (#10861)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 780b51c8c8 Simplify bad-fmt test use of nc (#10861) 780b51c8c8 is described below commit 780b51c8c84d5c4e5aa54170a8b4d38c74e4c727 Author: Susan Hinrichs AuthorDate: Thu Nov 30 16:43:04 2023 -0600 Simplify bad-fmt test use of nc (#10861) --- tests/gold_tests/bad_http_fmt/bad_http_fmt.test.py | 159 ++--- tests/gold_tests/bad_http_fmt/method-server.sh | 44 ++ tests/gold_tests/bad_http_fmt/server.gold | 18 +-- 3 files changed, 151 insertions(+), 70 deletions(-) diff --git a/tests/gold_tests/bad_http_fmt/bad_http_fmt.test.py b/tests/gold_tests/bad_http_fmt/bad_http_fmt.test.py index 8e84e18e1e..58959f5a0a 100644 --- a/tests/gold_tests/bad_http_fmt/bad_http_fmt.test.py +++ b/tests/gold_tests/bad_http_fmt/bad_http_fmt.test.py @@ -28,6 +28,52 @@ random_method = "xyzxyz" ts = Test.MakeATSProcess("ts") +Test.GetTcpPort("upstream_port") + +method_server = Test.Processes.Process("method-server", "bash -c '" + Test.TestDirectory + + f"/method-server.sh {Test.Variables.upstream_port} outserver'") + +server = Test.MakeOriginServer("server", ssl=False) +request_header = { +"headers": "GET {}/0 HTTP/1.1\r\nX-Req-Id: 0\r\nHost: example.com\r\n\r\n".format(random_path), +"timestamp": "1469733493.993", +"body": ""} +response_header = { +"headers": "HTTP/1.1 200 OK\r\nX-Resp-Id: 1\r\nConnection: close\r\n\r\n", +"timestamp": "1469733493.993", +"body": ""} +server.addResponse("sessionlog.json", request_header, response_header) + +request_header = { +"headers": "GET {}/1 HTTP/1.1\r\nX-Req-Id: 1\r\nHost: example.com\r\n\r\n".format(random_path), +"timestamp": "1469733493.993", +"body": ""} +response_header = { +"headers": "HTTP/1.1 200 OK\r\nX-Resp-Id: 2\r\nConnection: close\r\n\r\n", +"timestamp": "1469733493.993", +"body": ""} +server.addResponse("sessionlog.json", request_header, response_header) + +request_header = { +"headers": "GET /example/1 HTTP/1.1\r\nX-Req-Id: 6\r\nHost: example.com\r\n\r\n", +"timestamp": "1469733493.993", +"body": ""} +response_header = { +"headers": "HTTP/1.1 200 OK\r\nX-Resp-Id: 3\r\nConnection: close\r\n\r\n", +"timestamp": "1469733493.993", +"body": ""} +server.addResponse("sessionlog.json", request_header, response_header) + +request_header = { +"headers": "GET /example/2 HTTP/1.1\r\nX-Req-Id: 7\r\nHost: example.com\r\n\r\n", +"timestamp": "1469733493.993", +"body": ""} +response_header = { +"headers": "HTTP/1.1 200 OK\r\nX-Resp-Id: 4\r\nConnection: close\r\n\r\n", +"timestamp": "1469733493.993", +"body": ""} +server.addResponse("sessionlog.json", request_header, response_header) + ts.Disk.records_config.update({ 'proxy.config.diags.debug.enabled': 1, 'proxy.config.diags.debug.tags': 'http|dns', @@ -55,108 +101,111 @@ ts.Disk.ip_allow_yaml.AddLines([ ' - GET' ]) -Test.GetTcpPort("server_port") - - -def server_cmd(resp_id): -dq = '"' -return (fr"(nc -o server{resp_id}.log " + -fr"--sh-exec 'sleep 1 ; printf {dq}HTTP/1.1 200 OK\r\n" + -fr"X-Resp-Id: {resp_id}\r\n" + -fr"Content-Length: 0\r\n\r\n{dq}' " + -fr"-l 127.0.0.1 {Test.Variables.server_port} & )") - +ts.Disk.remap_config.AddLine( +'map /add-method http://127.0.0.1:{0}/'.format(Test.Variables.upstream_port) +) +ts.Disk.remap_config.AddLine( +'map / http://127.0.0.1:{0}/'.format(server.Variables.Port) +) # Even if the request from the client is HTTP version 1.0, ATS's request to server will be HTTP version 1.1. # -tr = Test.AddTestRun() +tr = Test.AddTestRun("success-1.0") tr.Processes.Default.StartBefore(ts) +tr.Processes.Default.StartBefore(server) tr.Processes.Default.Command = ( -server_cmd(1) + -fr" ; printf 'GET {random_path}HTTP/1.0\r\n" + -fr"Host: localhost:{Test.Variables.server_port}\r\n" + -r"X-Req-Id: 0\r\n\r\n'" + +f"printf 'GET {random_path}/0HTTP/1.0\r\n"
(trafficserver) branch master updated: Fix double to watch for done like the other continuation tests (#10874)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new cd2e49031c Fix double to watch for done like the other continuation tests (#10874) cd2e49031c is described below commit cd2e49031c7918a066fb31fb091dfafaf6fb818e Author: Susan Hinrichs AuthorDate: Thu Nov 30 13:10:31 2023 -0600 Fix double to watch for done like the other continuation tests (#10874) --- tests/gold_tests/continuations/double.test.py | 37 +-- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/tests/gold_tests/continuations/double.test.py b/tests/gold_tests/continuations/double.test.py index 52b11ca694..110c971984 100644 --- a/tests/gold_tests/continuations/double.test.py +++ b/tests/gold_tests/continuations/double.test.py @@ -81,24 +81,33 @@ tr.StillRunningAfter = ts # Signal that all the curl processes have completed and poll for done metric tr = Test.AddTestRun("Curl Done") -tr.Processes.Default.Command = ( -"traffic_ctl plugin msg done done ; " -"N=60 ; " -"while (( N > 0 )) ; " -"do " -"sleep 1 ; " -'if [[ "$$( traffic_ctl metric get continuations_verify.test.done )" = ' -'"continuations_verify.test.done 1" ]] ; then exit 0 ; ' -"fi ; " -"let N=N-1 ; " -"done ; " -"echo TIMEOUT ; " -"exit 1" -) +tr.Processes.Default.Command = "traffic_ctl plugin msg done done" tr.Processes.Default.ReturnCode = 0 tr.Processes.Default.Env = ts.Env tr.StillRunningAfter = ts + +def make_done_stat_ready(tsenv): +def done_stat_ready(process, hasRunFor, **kw): +retval = subprocess.run( +"traffic_ctl metric get continuations_verify.test.done", +shell=True, +stdout=subprocess.PIPE, +stderr=subprocess.STDOUT, +env=tsenv) +return retval.returncode == 0 and b'1' in retval.stdout + +return done_stat_ready + + +watcher = Test.Processes.Process("watcher", "sleep 20") + +tr = Test.AddTestRun("Wait for stats") +tr.Processes.Default.StartBefore(watcher, ready=make_done_stat_ready(ts.Env)) +tr.Processes.Default.Command = "traffic_ctl metric get continuations_verify.test.done" +tr.Processes.Default.ReturnCode = 0 +tr.Processes.Default.Env = ts.Env + # number of sessions/transactions opened and closed are equal tr = Test.AddTestRun("Check Ssn") tr.Processes.Default.Command = comparator_command.format('ssn')
(trafficserver) branch master updated: Remove netcat from bigobj test (#10866)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 1ce86a82b6 Remove netcat from bigobj test (#10866) 1ce86a82b6 is described below commit 1ce86a82b63ce33756af68c8da1c3fb6d12fb2c6 Author: Susan Hinrichs AuthorDate: Thu Nov 30 10:38:29 2023 -0600 Remove netcat from bigobj test (#10866) --- tests/CMakeLists.txt | 1 - tests/gold_tests/bigobj/CMakeLists.txt | 19 -- tests/gold_tests/bigobj/bigobj.test.py | 112 +++-- tests/gold_tests/bigobj/check_ramp.c | 57 - tests/gold_tests/bigobj/log2.gold | 4 -- tests/gold_tests/bigobj/push_request.c | 79 --- 6 files changed, 66 insertions(+), 206 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index d58dcd3265..afd94746d3 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -27,7 +27,6 @@ function(ADD_AUTEST_PLUGIN _NAME) endfunction() add_subdirectory(tools/plugins) -add_subdirectory(gold_tests/bigobj) add_subdirectory(gold_tests/chunked_encoding) add_subdirectory(gold_tests/continuations/plugins) add_subdirectory(gold_tests/jsonrpc/plugins) diff --git a/tests/gold_tests/bigobj/CMakeLists.txt b/tests/gold_tests/bigobj/CMakeLists.txt deleted file mode 100644 index b56709f853..00 --- a/tests/gold_tests/bigobj/CMakeLists.txt +++ /dev/null @@ -1,19 +0,0 @@ -### -# -# Licensed to the Apache Software Foundation (ASF) under one or more contributor license -# agreements. See the NOTICE file distributed with this work for additional information regarding -# copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software distributed under the License -# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express -# or implied. See the License for the specific language governing permissions and limitations under -# the License. -# -### - -add_executable(check_ramp check_ramp.c) -add_executable(push_request push_request.c) diff --git a/tests/gold_tests/bigobj/bigobj.test.py b/tests/gold_tests/bigobj/bigobj.test.py index b46f417878..30b82541ee 100644 --- a/tests/gold_tests/bigobj/bigobj.test.py +++ b/tests/gold_tests/bigobj/bigobj.test.py @@ -28,11 +28,6 @@ Test.SkipUnless( Condition.HasCurlFeature('http2') ) -# push_request and check_ramp are built via `make`. Here we copy the built binary down to the test -# directory so that the test runs in this file can use it. -Test.Setup.Copy(os.path.join(Test.Variables.AtsBuildGoldTestsDir, 'bigobj', 'push_request')) -Test.Setup.Copy(os.path.join(Test.Variables.AtsBuildGoldTestsDir, 'bigobj', 'check_ramp')) - ts = Test.MakeATSProcess("ts1", enable_tls=True) ts.addDefaultSSLFiles() @@ -52,65 +47,88 @@ ts.Disk.ssl_multicert_config.AddLine( ) ts.Disk.remap_config.AddLine( -'map https://localhost http://localhost' +f'map https://localhost:{ts.Variables.ssl_port} http://localhost:{ts.Variables.port}' +) +ts.Disk.remap_config.AddLine( +f'map https://localhost:{ts.Variables.ssl_portv6} http://localhost:{ts.Variables.port}' ) - -# Set up to check the output after the tests have run. -# -log_id = Test.Disk.File("log2.txt") -log_id.Content = "log2.gold" # Size of object to get. (NOTE: If you increase this significantly you may also have to increase cache # capacity in tests/gold_tests/autest-size/min_cfg/storage.config. Also, for very large objects, if # proxy.config.diags.debug.enabled is 1, the PUSH request will timeout and fail.) # obj_kilobytes = 10 * 1024 +obj_bytes = obj_kilobytes * 10 +header = "HTTP/1.1 200 OK\r\nContent-length: {}\r\n\r\n".format(obj_bytes) + + +def create_pushfile(): +f = open(Test.RunDirectory + "/objfile", "w") +f.write(header) +f.write("x" * obj_bytes) +f.close() +return True + tr = Test.AddTestRun("PUSH an object to the cache") # Delay on readiness of TS IPv4 ssl port -tr.Processes.Default.StartBefore(ts) -# +tr.Processes.Default.StartBefore(ts, ready=lambda: create_pushfile()) # Put object with URL http://localhost/bigobj in cache using PUSH request. -tr.Processes.Default.Command = ( -f'./push_request {obj_kilobytes} | nc localhost {ts.Variables.port}' -) +tr.Processes.Default.Command = "curl -v -H 'Content-Type: application/octet-stream' --data-binary @{}/objfile -X PUSH http://localhost:{}/
(trafficserver) branch master updated: Fix logging path for regex_revalidate_state (#10884)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 95baa7e23d Fix logging path for regex_revalidate_state (#10884) 95baa7e23d is described below commit 95baa7e23dc714901dc067167be4f29258bf929f Author: Susan Hinrichs AuthorDate: Thu Nov 30 09:59:12 2023 -0600 Fix logging path for regex_revalidate_state (#10884) --- .../pluginTest/regex_revalidate/regex_revalidate_state.test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate_state.test.py b/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate_state.test.py index 88cdf836f2..74fd575f8a 100644 --- a/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate_state.test.py +++ b/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate_state.test.py @@ -61,7 +61,7 @@ response_header_0 = {"headers": server.addResponse("sessionlog.json", request_header_0, response_header_0) reval_conf_path = os.path.join(ts.Variables.CONFIGDIR, 'reval.conf') -reval_state_path = os.path.join(Test.Variables.RUNTIMEDIR, 'reval.state') +reval_state_path = os.path.join(ts.Variables.RUNTIMEDIR, 'reval.state') # Configure ATS server ts.Disk.plugin_config.AddLine(
(trafficserver) branch master updated: Fix nc use in tls-forward-test (#10887)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 8dce458105 Fix nc use in tls-forward-test (#10887) 8dce458105 is described below commit 8dce45810577179229b67f2c247226764236a418 Author: Susan Hinrichs AuthorDate: Thu Nov 30 09:58:34 2023 -0600 Fix nc use in tls-forward-test (#10887) --- tests/gold_tests/tls/test-nc-s_client.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/gold_tests/tls/test-nc-s_client.sh b/tests/gold_tests/tls/test-nc-s_client.sh index f08574e045..58ddaf743a 100644 --- a/tests/gold_tests/tls/test-nc-s_client.sh +++ b/tests/gold_tests/tls/test-nc-s_client.sh @@ -23,5 +23,5 @@ if openssl s_client --help 2>&1 | grep -q ignore_unexpected_eof then ignore_unexpected_eof='-ignore_unexpected_eof' fi -nc -l -p "$1" -c 'echo -e "This is a reply"' -o test.out & -echo "This is a test" | openssl s_client -servername bar.com -connect "localhost:$2" -ign_eof ${ignore_unexpected_eof} "${@:3}" +echo -e "This is a reply" | nc -l "$1" > test.out & +echo "This is a test" | openssl s_client -servername bar.com -connect "localhost:$2" -ign_eof ${ignore_unexpected_eof}
(trafficserver) branch master updated: Fix remap_inc test for systems with dash (#10885)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 40961fbf69 Fix remap_inc test for systems with dash (#10885) 40961fbf69 is described below commit 40961fbf69d33d9a19e8e0be706101efef4a3a7b Author: Susan Hinrichs AuthorDate: Wed Nov 29 19:47:42 2023 -0600 Fix remap_inc test for systems with dash (#10885) --- tests/gold_tests/traffic_ctl/remap_inc/remap_inc.test.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/gold_tests/traffic_ctl/remap_inc/remap_inc.test.py b/tests/gold_tests/traffic_ctl/remap_inc/remap_inc.test.py index 11b6541711..747be4333d 100644 --- a/tests/gold_tests/traffic_ctl/remap_inc/remap_inc.test.py +++ b/tests/gold_tests/traffic_ctl/remap_inc/remap_inc.test.py @@ -74,8 +74,8 @@ tr.Processes.Default.ReturnCode = 0 tr.StillRunningAfter = ts tr = Test.AddTestRun("Get response from generator") -tr.Processes.Default.Command = ( -f'test $$(curl --proxy 127.0.0.1:{ts.Variables.port} http://example.four/nocache/5 | wc -c) == 5' -) +tr.Processes.Default.Command = f'curl --proxy 127.0.0.1:{ts.Variables.port} http://example.four/nocache/5' tr.Processes.Default.ReturnCode = 0 tr.StillRunningAfter = ts +tr.Processes.Default.Streams.All = Testers.ContainsExpression("x", "Contains generated text") +tr.Processes.Default.Streams.All += Testers.ExcludesExpression("xx", "Not too much data")
(trafficserver) branch master updated: Adjust nc usage in fix-post-early-return test (#10878)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 0758341592 Adjust nc usage in fix-post-early-return test (#10878) 0758341592 is described below commit 0758341592b9ace99b71ae6a31e678483531140d Author: Susan Hinrichs AuthorDate: Wed Nov 29 15:26:52 2023 -0600 Adjust nc usage in fix-post-early-return test (#10878) --- tests/gold_tests/post/delay_client.sh | 25 ++ tests/gold_tests/post/delay_client2.sh | 27 +++ tests/gold_tests/post/delay_client3.sh | 26 +++ tests/gold_tests/post/post-early-return.test.py | 61 ++--- tests/gold_tests/post/server1.sh| 41 + 5 files changed, 164 insertions(+), 16 deletions(-) diff --git a/tests/gold_tests/post/delay_client.sh b/tests/gold_tests/post/delay_client.sh new file mode 100644 index 00..a2774becd7 --- /dev/null +++ b/tests/gold_tests/post/delay_client.sh @@ -0,0 +1,25 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +request () +{ + printf "POST /four HTTP/1.1\r\nHost: bob\r\nContent-Length: 20\r\n\r\n1234567890" + sleep 4 + printf "0123456789" +} + +outfile=$2 +request | nc 127.0.0.1 $1 > "$outfile" diff --git a/tests/gold_tests/post/delay_client2.sh b/tests/gold_tests/post/delay_client2.sh new file mode 100644 index 00..33f6f8b2c8 --- /dev/null +++ b/tests/gold_tests/post/delay_client2.sh @@ -0,0 +1,27 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +request () +{ + printf "POST /five HTTP/1.1\r\nHost: bob\r\nContent-Length: 20\r\n\r\n" + sleep 1 + printf "1234567890" + sleep 4 + printf "0123456789" +} + +outfile=$2 +request | nc 127.0.0.1 $1 > "$outfile" diff --git a/tests/gold_tests/post/delay_client3.sh b/tests/gold_tests/post/delay_client3.sh new file mode 100644 index 00..2f4de3a457 --- /dev/null +++ b/tests/gold_tests/post/delay_client3.sh @@ -0,0 +1,26 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +request () +{ + printf "POST /six HTTP/1.1\r\nHost: bob\r\nContent-Length: 20\r\n\r\n" + printf "1234567890" + sleep 4 + printf "0123456789" +} + +outfile=$2 +request | nc 127.0.0.1 $1 > "$outfile" diff --git a/tests/gold_tests/post/post-early-return.test.py b/tests/gold_tests/post/post-early-return.test.py index af9debbb64..1c13e97388 100644 --- a/tests/g
(trafficserver) branch master updated (da1f392084 -> 38cd7e984f)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from da1f392084 Coverity 1523685: Use of 32-bit time_t in test_mime (#10855) add 38cd7e984f Adjust gold file to deal curl case differences (#10875) No new revisions were added by this update. Summary of changes: tests/gold_tests/h2/gold/httpbin_0_stderr.gold | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
(trafficserver) branch allow-plain deleted (was 1be584aa52)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git was 1be584aa52 Address Maskit's comments The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
(trafficserver) branch simplify-bigobj deleted (was 122151592a)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch simplify-bigobj in repository https://gitbox.apache.org/repos/asf/trafficserver.git was 122151592a Finish cleaning out cmake The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
(trafficserver) branch fix-timeout-tests deleted (was 5f9285b5ea)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch fix-timeout-tests in repository https://gitbox.apache.org/repos/asf/trafficserver.git was 5f9285b5ea Fix idle wait time The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
(trafficserver) branch fix-timeout-tests created (now 5f9285b5ea)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch fix-timeout-tests in repository https://gitbox.apache.org/repos/asf/trafficserver.git at 5f9285b5ea Fix idle wait time This branch includes the following new commits: new 5f9285b5ea Fix idle wait time The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
(trafficserver) 01/01: Fix idle wait time
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch fix-timeout-tests in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 5f9285b5ea4af637482884baa03c50985cff4278 Author: Susan Hinrichs AuthorDate: Wed Nov 29 17:42:35 2023 + Fix idle wait time --- tests/gold_tests/timeout/create_request.sh | 17 - 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tests/gold_tests/timeout/create_request.sh b/tests/gold_tests/timeout/create_request.sh index 83e962dd1f..df7cdc2ccd 100755 --- a/tests/gold_tests/timeout/create_request.sh +++ b/tests/gold_tests/timeout/create_request.sh @@ -16,5 +16,20 @@ # See the License for the specific language governing permissions and # limitations under the License. -(printf "GET / HTTP/1.1" | nc -w 11 127.0.0.1 $1) +# Different vresions of nc have different wait options, +# so falling back to shell +printf "GET / HTTP/1.1" | nc 127.0.0.1 $1 & +targetPID=$! +count=11 +while [ $count -gt 0 ] +do + sleep 1 + output=`ps uax | grep $targetPID | grep "nc "` + if [ -z "$output" ] # process is gone + then + exit 0 + fi + count=`expr $count - 1` +done +kill $targetPID
(trafficserver) branch master updated: Remove unnecessary nc to fix u22 test (#10868)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 870e242eee Remove unnecessary nc to fix u22 test (#10868) 870e242eee is described below commit 870e242eee6d382750ad383abde03e416314bba0 Author: Susan Hinrichs AuthorDate: Wed Nov 29 10:57:55 2023 -0600 Remove unnecessary nc to fix u22 test (#10868) --- tests/gold_tests/headers/cache_and_req_body.test.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/gold_tests/headers/cache_and_req_body.test.py b/tests/gold_tests/headers/cache_and_req_body.test.py index dfdda324fa..95b4ebd400 100644 --- a/tests/gold_tests/headers/cache_and_req_body.test.py +++ b/tests/gold_tests/headers/cache_and_req_body.test.py @@ -99,8 +99,8 @@ tr.StillRunningAfter = ts # Test 2 - 200 cached response and using netcat tr = Test.AddTestRun() -tr.Processes.Default.Command = "printf 'GET / HTTP/1.1\r\n''x-debug: x-cache,x-cache-key,via\r\n''Host: www.example.com\r\n''\r\n'|nc 127.0.0.1 -w 1 {port}".format( -port=ts.Variables.port) +tr.Processes.Default.Command = 'curl -s -D - -v --ipv4 --http1.1 -H "x-debug: x-cache,x-cache-key,via" -H "Host: www.example.com" http://localhost:{}'.format( +ts.Variables.port) tr.Processes.Default.ReturnCode = 0 tr.Processes.Default.Streams.stdout = Testers.CurlHeader(cache_and_req_body_hit) tr.StillRunningAfter = ts
(trafficserver) branch master updated: Fix connect test for ubuntu22 (#10869)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new ab521556a1 Fix connect test for ubuntu22 (#10869) ab521556a1 is described below commit ab521556a1e098a098a24651798641f225cb7d97 Author: Susan Hinrichs AuthorDate: Wed Nov 29 10:57:04 2023 -0600 Fix connect test for ubuntu22 (#10869) --- tests/gold_tests/connect/gold/connect_0_stderr.gold | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/gold_tests/connect/gold/connect_0_stderr.gold b/tests/gold_tests/connect/gold/connect_0_stderr.gold index c114dc4cf4..48aad129bc 100644 --- a/tests/gold_tests/connect/gold/connect_0_stderr.gold +++ b/tests/gold_tests/connect/gold/connect_0_stderr.gold @@ -1,5 +1,5 @@ `` -* Connected to 127.0.0.1 (127.0.0.1) port `` +* Connected to `` (127.0.0.1) port `` `` * Establish HTTP proxy tunnel to foo.com:80 > CONNECT foo.com:80 HTTP/1.1
(trafficserver) 01/01: Finish cleaning out cmake
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch simplify-bigobj in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 122151592aaf5f9fb988f31821ec0603e53adfa7 Author: Susan Hinrichs AuthorDate: Wed Nov 29 05:47:00 2023 + Finish cleaning out cmake --- tests/CMakeLists.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index d58dcd3265..afd94746d3 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -27,7 +27,6 @@ function(ADD_AUTEST_PLUGIN _NAME) endfunction() add_subdirectory(tools/plugins) -add_subdirectory(gold_tests/bigobj) add_subdirectory(gold_tests/chunked_encoding) add_subdirectory(gold_tests/continuations/plugins) add_subdirectory(gold_tests/jsonrpc/plugins)
(trafficserver) branch simplify-bigobj created (now 122151592a)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch simplify-bigobj in repository https://gitbox.apache.org/repos/asf/trafficserver.git at 122151592a Finish cleaning out cmake This branch includes the following new commits: new 122151592a Finish cleaning out cmake The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
(trafficserver) branch master updated: Fix chunked-encoding test to run with more basic netcat (#10853)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 959a1b8aac Fix chunked-encoding test to run with more basic netcat (#10853) 959a1b8aac is described below commit 959a1b8aac2eb0bfc2ce176fcbc0b3e89c84cc62 Author: Susan Hinrichs AuthorDate: Tue Nov 28 17:29:50 2023 -0600 Fix chunked-encoding test to run with more basic netcat (#10853) --- tests/gold_tests/chunked_encoding/case1.sh | 19 - tests/gold_tests/chunked_encoding/case2.sh | 19 - tests/gold_tests/chunked_encoding/case3.sh | 19 - tests/gold_tests/chunked_encoding/case4.sh | 20 - .../chunked_encoding/chunked_encoding.test.py | 8 -- .../chunked_encoding/chunked_encoding_h2.test.py | 33 ++ tests/gold_tests/chunked_encoding/delay-server.sh | 31 +--- tests/gold_tests/chunked_encoding/server2.sh | 27 -- tests/gold_tests/chunked_encoding/server3.sh | 27 -- tests/gold_tests/chunked_encoding/server4.sh | 29 +-- 10 files changed, 131 insertions(+), 101 deletions(-) diff --git a/tests/gold_tests/chunked_encoding/case1.sh b/tests/gold_tests/chunked_encoding/case1.sh deleted file mode 100644 index 4262283977..00 --- a/tests/gold_tests/chunked_encoding/case1.sh +++ /dev/null @@ -1,19 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -nc -l ${2} -o outserver1 -c "sh ./delay-server.sh" & -sleep 1 -nghttp -vv https://127.0.0.1:${1}/delay-chunked-response diff --git a/tests/gold_tests/chunked_encoding/case2.sh b/tests/gold_tests/chunked_encoding/case2.sh deleted file mode 100644 index be4d76f57c..00 --- a/tests/gold_tests/chunked_encoding/case2.sh +++ /dev/null @@ -1,19 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -nc -l ${2} -o outserver2 -c "sh ./server2.sh" & -sleep 1 -curl --http2 -k https://127.0.0.1:${1}/post --verbose -H "Transfer-encoding: chunked" -d "Knock knock" diff --git a/tests/gold_tests/chunked_encoding/case3.sh b/tests/gold_tests/chunked_encoding/case3.sh deleted file mode 100644 index 4af2d92b9d..00 --- a/tests/gold_tests/chunked_encoding/case3.sh +++ /dev/null @@ -1,19 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -nc -l ${2} -o outserver3 -c "sh ./server3.sh" & -sleep 1 -curl --http2 -k htt
[trafficserver] branch master updated (5fbffc7df3 -> ef6f092731)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 5fbffc7df3 Fix unchecked dynamic_cast (#10483) add ef6f092731 Add support for transform plugins on tunnels. (#10314) No new revisions were added by this update. Summary of changes: .../hooks-and-transactions/adding-hooks.en.rst | 4 +- .../plugins/hooks-and-transactions/index.en.rst| 7 ++ proxy/http/HttpSM.cc | 42 +-- proxy/http/HttpSM.h| 9 ++ proxy/http/HttpTunnel.h| 4 +- src/api/InkAPI.cc | 13 ++- .../{txn_type.test.py => tunnel_transform.test.py} | 97 tests/gold_tests/tunnel/txn_type.test.py | 4 +- tests/tools/plugins/Makefile.inc | 3 + .../tools/plugins/tunnel_transform.cc | 124 +++-- 10 files changed, 183 insertions(+), 124 deletions(-) copy tests/gold_tests/tunnel/{txn_type.test.py => tunnel_transform.test.py} (65%) copy example/plugins/c-api/null_transform/null_transform.cc => tests/tools/plugins/tunnel_transform.cc (70%)
[trafficserver] branch master updated (38a247671f -> 63b4f0937c)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 38a247671f Coverity 1518592: check cachekey valid (#10491) add 63b4f0937c Add TS_HTTP_TUNNEL_START_HOOK and TSHttpTxnTypeGet API (#10308) No new revisions were added by this update. Summary of changes: ...tpHdrTypeGet.en.rst => TSHttpTxnTypeGet.en.rst} | 7 +- .../{TSRecordType.en.rst => TSTxnType.en.rst} | 27 ++-- .../hooks-and-transactions/adding-hooks.en.rst | 6 + include/ts/apidefs.h.in| 9 ++ include/ts/ts.h| 10 ++ proxy/ProxySession.cc | 1 + proxy/http/HttpDebugNames.cc | 7 + proxy/http/HttpSM.cc | 10 +- proxy/http/HttpTransact.h | 1 + src/api/InkAPI.cc | 18 +++ src/api/InkAPITest.cc | 1 + tests/gold_tests/tunnel/txn_type.test.py | 169 + tests/tools/plugins/CMakeLists.txt | 1 + tests/tools/plugins/Makefile.inc | 3 + tests/tools/plugins/hook_tunnel_plugin.cc | 104 + 15 files changed, 356 insertions(+), 18 deletions(-) copy doc/developer-guide/api/functions/{TSHttpHdrTypeGet.en.rst => TSHttpTxnTypeGet.en.rst} (89%) copy doc/developer-guide/api/types/{TSRecordType.en.rst => TSTxnType.en.rst} (60%) create mode 100644 tests/gold_tests/tunnel/txn_type.test.py create mode 100644 tests/tools/plugins/hook_tunnel_plugin.cc
[trafficserver] branch start-tunnel-hook deleted (was e47ef31749)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git was e47ef31749 Add connect method test case The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[trafficserver] 01/01: Add connect method test case
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit e47ef3174960c955e059f16d3079fff4cfe1817c Author: Susan Hinrichs AuthorDate: Mon Sep 25 16:22:04 2023 + Add connect method test case --- tests/gold_tests/tunnel/txn_type.test.py | 27 ++- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/tests/gold_tests/tunnel/txn_type.test.py b/tests/gold_tests/tunnel/txn_type.test.py index af61541c66..85f854f340 100644 --- a/tests/gold_tests/tunnel/txn_type.test.py +++ b/tests/gold_tests/tunnel/txn_type.test.py @@ -50,10 +50,12 @@ Test.PrepareTestPlugin(os.path.join(Test.Variables.AtsTestPluginsDir, server.addResponse("sessionfile.log", request_header, response_header) server.addResponse("sessionfile.log", request_tunnel_header, response_tunnel_header) ts.Disk.records_config.update({ -'proxy.config.diags.debug.enabled': 0, -'proxy.config.diags.debug.tags': 'http|ssl|test', +'proxy.config.diags.debug.enabled': 1, +'proxy.config.diags.debug.tags': 'http|test', 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir), -'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir) +'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir), +'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE', +'proxy.config.http.connect_ports': '{0}'.format(server.Variables.SSL_Port) }) ts.Disk.ssl_multicert_config.AddLine( @@ -61,7 +63,7 @@ ts.Disk.ssl_multicert_config.AddLine( ) ts.Disk.remap_config.AddLine( -'map http://http-test:{0} http://127.0.0.1:{1}'.format( +'map https://http-test:{0}/ https://127.0.0.1:{1}/'.format( ts.Variables.ssl_port, server.Variables.SSL_Port) ) @@ -76,6 +78,8 @@ cmd_http = 'curl -k --http1.1 -H "Connection: close" -vs --resolve "http-test:{0 ts.Variables.ssl_port) cmd_tunnel = 'curl -k --http1.1 -H "Connection: close" -vs --resolve "tunnel-test:{0}:127.0.0.1" https://tunnel-test:{0}/'.format( ts.Variables.ssl_port) +cmd_connect = 'curl -k --http1.1 -H "Connection: close" -vs --resolve "connect-proxy:{0}:127.0.0.1" -x http://connect-proxy:{0} --resolve "http-test:{1}:127.0.0.1" https://http-test:{1}/'.format( +ts.Variables.port, ts.Variables.ssl_port) # Send the http request tr = Test.AddTestRun("send http request") @@ -85,6 +89,7 @@ tr.Processes.Default.ReturnCode = 0 tr.Processes.Default.StartBefore(server, ready=When.PortOpen(server.Variables.SSL_Port)) tr.Processes.Default.StartBefore(Test.Processes.ts) tr.StillRunningAfter = ts +tr.StillRunningAfter = server # Send the tunnel request tr = Test.AddTestRun("send tunnel request") @@ -92,7 +97,18 @@ tr.Processes.Default.Env = ts.Env tr.Processes.Default.Command = cmd_tunnel tr.Processes.Default.ReturnCode = 0 tr.StillRunningAfter = ts +tr.StillRunningAfter = server +# Send the connect request +# while the connect method will set up a tunnel, it is processed in ATS as a +# transaction rather than a blind tunnel directly. Plugs can differentiate on the +# method to determine whether a connect tunnel will be set up +tr = Test.AddTestRun("send connect request") +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.Command = cmd_connect +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = ts +tr.StillRunningAfter = server # Signal that all the curl processes have completed tr = Test.AddTestRun("Curl Done") @@ -101,6 +117,7 @@ tr.Processes.Default.Command = "traffic_ctl plugin msg done done" tr.Processes.Default.ReturnCode = 0 tr.Processes.Default.Env = ts.Env tr.StillRunningAfter = ts +tr.StillRunningAfter = server # Parking this as a ready tester on a meaningless process # To stall the test runs that check for the stats until the @@ -147,6 +164,6 @@ tr.Processes.Default.Command = 'traffic_ctl metric get txn_type_verify.http.req' tr.Processes.Default.ReturnCode = 0 tr.Processes.Default.Env = ts.Env tr.Processes.Default.Streams.stdout = Testers.ContainsExpression( -"txn_type_verify.http.req 1", 'Should have a http request.') +"txn_type_verify.http.req 2", 'Should have a http request.') tr.StillRunningAfter = ts tr.StillRunningAfter = server
[trafficserver] branch start-tunnel-hook created (now e47ef31749)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git at e47ef31749 Add connect method test case This branch includes the following new commits: new e47ef31749 Add connect method test case The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] branch start-tunnel-hook deleted (was acd321487d)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git was acd321487d Update cmake for new test plugin The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[trafficserver] branch reloadable-server-policy deleted (was a385c9c37f)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch reloadable-server-policy in repository https://gitbox.apache.org/repos/asf/trafficserver.git was a385c9c37f Address Damian's comments The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[trafficserver] branch start-tunnel-hook created (now acd321487d)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git at acd321487d Update cmake for new test plugin No new revisions were added by this update.
[trafficserver] branch master updated (26db54022d -> 17d918a4de)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 26db54022d [Fuzzing] move build.sh in trafficserver (#10466) add 17d918a4de Add allow-plain server ports attribute (#9574) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.yaml.en.rst | 7 ++ include/records/I_RecHttp.h| 3 + iocore/net/P_SSLNetVConnection.h | 15 iocore/net/P_SSLNextProtocolAccept.h | 3 +- iocore/net/SSLNetVConnection.cc| 100 +++-- iocore/net/SSLNextProtocolAccept.cc| 57 +++- proxy/ProtocolProbeSessionAccept.cc| 10 ++- proxy/http/HttpProxyServerMain.cc | 2 +- src/records/RecHttp.cc | 18 tests/gold_tests/tls/allow-plain.test.py | 94 +++ .../replay/allow-plain.replay.yaml}| 16 11 files changed, 291 insertions(+), 34 deletions(-) create mode 100644 tests/gold_tests/tls/allow-plain.test.py copy tests/gold_tests/{post/replay/post-continue.replay.yaml => tls/replay/allow-plain.replay.yaml} (81%)
[trafficserver] branch allow-plain updated (3de3260bba -> 1be584aa52)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 3de3260bba Fix conflicting contants add 1be584aa52 Address Maskit's comments No new revisions were added by this update. Summary of changes: iocore/net/SSLNextProtocolAccept.cc | 16 +--- 1 file changed, 5 insertions(+), 11 deletions(-)
[trafficserver] branch allow-plain updated (72f067875b -> 3de3260bba)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git omit 72f067875b Back out the recursion tracking memory solution omit 0652345797 fix rebase omit 1578222c3c Avoid ink-assert for stopped ep omit 69716d7cd4 Fix use after free issue omit 2aa925e99d At least issue a warning if someone tries to enable quic and allow-plain omit 89137f777d Address comments and fix 32K buffer issue omit d7d6d52d4a Remove assert omit 1341d1e2e8 Fix nullptr crash identified by CICD omit 2e99e66848 Add doc and comment out unrelated line that is offending OSX omit 991eb34aef Add allow-plain server ports attribute add ac2e2df8d1 Add allow-plain server ports attribute add cca5a99ded Fix use after free issue add 467112f1aa Back out the recursion tracking memory solution add 3de3260bba Fix conflicting contants This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (72f067875b) \ N -- N -- N refs/heads/allow-plain (3de3260bba) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: iocore/net/SSLNetVConnection.cc | 9 ++--- tests/gold_tests/tls/allow-plain.test.py | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-)
[trafficserver] branch allow-plain updated (0652345797 -> 72f067875b)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 0652345797 fix rebase add 72f067875b Back out the recursion tracking memory solution No new revisions were added by this update. Summary of changes: iocore/net/P_UnixNetVConnection.h | 3 --- iocore/net/SSLNetVConnection.cc | 7 --- iocore/net/UnixNetVConnection.cc | 21 - 3 files changed, 8 insertions(+), 23 deletions(-)
[trafficserver] branch allow-plain updated (a2fe5fe2ce -> 0652345797)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git omit a2fe5fe2ce Avoid ink-assert for stopped ep omit 556f122391 Fix use after free issue omit 7eac946a2f At least issue a warning if someone tries to enable quic and allow-plain omit 21b6fc563e Address comments and fix 32K buffer issue omit a2ecafd721 Remove assert omit b4ff09175c Fix nullptr crash identified by CICD omit ca800c2fde Add doc and comment out unrelated line that is offending OSX omit b29b7e7f3e Add allow-plain server ports attribute add b6fa5a8d9e Plugin promotions, deprecations and deletions (#10303) add 541d174c8e Fix ip_allow optional methods specification (#10246) add bb1d435161 cmake: add tests for proxy/hdrs (#10283) add 068e184c81 setup default install path, runtime user and group (#10299) add f3631b11fc cmake: add unit tests for proxy/logging (#10301) add 6e56c81c17 add tests for src/records (#10302) add 2320ca36a6 Cmake: Add tests in proxy/http proxy/http2 (#10305) add e06d2404ed cmake: add tests for proxy/http3 (#10310) add ac37de5191 cmake: Add support for building benchmarks (#10316) add 70e2127e3a Fix lua plugin build (#10319) add c5d7b19d60 Update Proxy Verifier to v2.10.1 (#10322) add d7c19675e9 Make bad disk detection more robust (#10317) add 6f2194ee06 Remove test references to DelayTransformation.so (#10325) add 030afacb56 Constify cachekey tables and reduce aliasing. (#10311) add a727dcc361 Fix example plugins build (#10326) add d50428d9a8 Adjust CMakeLists with git worktree (#10298) add de68cd0224 cmake: add unit tests from mgmt/rpc (#10366) add cd3a3ea0ab Cmake autest (#10327) add 04c04e3c6e Disable copying/moving for DbgCtl. (#10321) add 3a5707f1b0 Add tests for disk failure (#10192) add 8b7c494aeb Eliminate unreachable code covered by switch default (#10370) add a4527f0488 Fixes some build issues that happens with other changes (#10374) add adac616644 Fix a couple of Coverity issues in health check plugin, around filenames (#10371) add fb41acc0c8 money_trace cid 1518569: string not null terminated (#10373) add f37fd7586e Fix more build dep issues, for later PRs to work (#10376) add f738aea0ed Allow DbgCtl tag to be set after instance construction. (#10375) add 6108d51dca Minor parent.config a/an change (#10372) add 6219de1dff Fixes the TSMgmt metrics APIs for new API metrics (#10379) add dcc83d3a70 Fix slice head request memory issue (#10285) add 9d3d3c2fce CID 1516688: Fix uninitialized member of AcceptOptions (#10152) add 62abe06545 Give a chance to send a response before receiving next request on H2 (#9997) add 964cd49fe5 prefetch_cmcd: make autests more robust by removing need for gold file wildcard (#10382) add 1f407a65ad Coverity 1518612: Remove dead code (#10384) add 18b3d553b9 fix: check whether a protocol is enabled during the length calculation in create_npn_advertisement (#10381) add 10081d6b22 make alternate tests wait a multiple of cache_config_mutex_retry_delay (#10378) add 48862f272d URL.cc: url_length_get consider ipv6 address with added [] (#10387) add b8e033a96e Restores the traffic_server option for --maxRecords (#10388) add 1232001b23 Removes all HostDB persistent storage (#10368) add a9bb761020 JSONRPC handler: Add check for the lifecycle hooks. (#10312) add 943358110b Don't set port number as part of hostname (#10386) add cf64a4d590 Fix bug with reverse dns lookup from hosts files (#10392) add 7884ff376c check return values, log errors, and more tests (#10383) add 561665d582 Coverity 1518564: fix off by one (#10401) add b34977f8cb CID-1508987 (#10398) add ecbc7d051c CID-1508974 (#10397) add ac849aa9a9 cmake: Add remaining plugins without external deps (#10395) add 752ab5a0e3 include/ts: comma on all last enum elements (#10400) add 7ddb721c4f Add TSVConnFdGet api (#10324) add 1952751112 Preserve unmapped url regardless of need for remapping (#10304) add 12e492ff14 Add support for OCSP requests by GET method (#10306) add 282526427b cmake: Generate files in rc, install the trafficserver script (#10367) add f03109c6bc Move InkAPI.cc into src/api (#10315) add 07d72fcd90 Removes unused Errata functions from WCCP (#10380) add 39341bdfbc Fixes some make test build problems (#10402) add 55f6901951 Remove deprecated debug output functions from 21 source files. (#9683) add 236b749b2b Allow origins to do TLS renegotiation (#10385) add 2dd01b51b3 Fix hwloc build (#10406) add 561b409f65 Fixed differences between cmake rc files and autotools (#10408) add 991eb34aef Add allow-plain server ports attribute add 2e99e66848 Add doc and comment
[trafficserver] branch master updated (561b409f65 -> 4fc1aac569)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 561b409f65 Fixed differences between cmake rc files and autotools (#10408) add 4fc1aac569 Fix use-after-free issue (#10399) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc | 3 +++ 1 file changed, 3 insertions(+)
[trafficserver] branch master updated (752ab5a0e3 -> 7ddb721c4f)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 752ab5a0e3 include/ts: comma on all last enum elements (#10400) add 7ddb721c4f Add TSVConnFdGet api (#10324) No new revisions were added by this update. Summary of changes: .../{TSHttpHdrReasonLookup.en.rst => TSVConnFdGet.en.rst} | 8 +--- include/ts/ts.h | 2 ++ src/traffic_server/InkAPI.cc | 8 3 files changed, 15 insertions(+), 3 deletions(-) copy doc/developer-guide/api/functions/{TSHttpHdrReasonLookup.en.rst => TSVConnFdGet.en.rst} (83%)
[trafficserver] branch allow-plain updated (556f122391 -> a2fe5fe2ce)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 556f122391 Fix use after free issue add a2fe5fe2ce Avoid ink-assert for stopped ep No new revisions were added by this update. Summary of changes: iocore/net/SSLNetVConnection.cc | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-)
[trafficserver] branch allow-plain updated (7eac946a2f -> 556f122391)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 7eac946a2f At least issue a warning if someone tries to enable quic and allow-plain add 556f122391 Fix use after free issue No new revisions were added by this update. Summary of changes: iocore/net/P_UnixNetVConnection.h | 3 +++ iocore/net/SSLNetVConnection.cc | 7 +++ iocore/net/UnixNetVConnection.cc | 21 + 3 files changed, 23 insertions(+), 8 deletions(-)
[trafficserver] branch aviatrix-integrate-ats10 deleted (was a2f4f3aa28)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git was a2f4f3aa28 memory fixes for ats10 in our environment This change permanently discards the following revisions: discard a2f4f3aa28 memory fixes for ats10 in our environment discard 0b8e165f72 Fix clang-format target discard 36bba73bc5 Another checkpoint. This one installs and starts up discard dabfcb5dc0 Checkpoint discard 811eb3ef6f Checkpoint discard 05b7e30583 Merge branch 'allow-plain' into add-tunnel-transform
[trafficserver] branch aviatrix-integrate-ats10 created (now a2f4f3aa28)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git at a2f4f3aa28 memory fixes for ats10 in our environment This branch includes the following new commits: new 05b7e30583 Merge branch 'allow-plain' into add-tunnel-transform new 811eb3ef6f Checkpoint new dabfcb5dc0 Checkpoint new 36bba73bc5 Another checkpoint. This one installs and starts up new 0b8e165f72 Fix clang-format target new a2f4f3aa28 memory fixes for ats10 in our environment The 6 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] 01/06: Merge branch 'allow-plain' into add-tunnel-transform
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 05b7e30583ba365afbfe85663e39331a8289f55e Merge: 6d70defc2f 7eac946a2f Author: Susan Hinrichs AuthorDate: Wed Aug 30 20:46:30 2023 + Merge branch 'allow-plain' into add-tunnel-transform CMakeLists.txt | 25 +-- configure.ac | 29 doc/admin-guide/files/records.yaml.en.rst | 7 + .../testing/blackbox-testing.en.rst| 5 - example/plugins/c-api/cache_scan/cache_scan.cc | 14 +- example/plugins/c-api/remap/remap.cc | 5 +- include/records/I_RecDefs.h| 1 + include/records/I_RecHttp.h| 3 + include/ts/DbgCtl.h| 120 ++ include/ts/Makefile.am | 4 +- include/ts/apidefs.h.in| 5 - include/ts/experimental.h | 4 - include/ts/remap_version.h | 43 + include/ts/ts.h| 49 +- include/tscore/DbgCtl.h| 62 --- include/tscore/Diags.h | 49 ++ include/tscore/DiagsTypes.h| 7 - include/tscore/Trie.h | 4 +- include/tscore/ink_config.h.cmake.in | 5 +- include/tscore/ink_config.h.in | 1 - include/tscore/ink_sys_control.h | 2 + include/tscpp/api/Cleanup.h| 11 -- iocore/aio/AIO.cc | 184 + iocore/aio/I_AIO.h | 69 iocore/aio/P_AIO.h | 33 iocore/aio/test_AIO.cc | 9 - iocore/cache/Cache.cc | 85 +- iocore/cache/CacheDir.cc | 2 +- iocore/cache/CacheHosting.cc | 4 +- iocore/cache/CacheRead.cc | 29 ++-- iocore/cache/CacheWrite.cc | 2 +- iocore/dns/DNS.cc | 4 +- iocore/dns/P_DNSProcessor.h| 2 +- iocore/dns/SplitDNS.cc | 4 +- iocore/eventsystem/I_EThread.h | 10 ++ iocore/eventsystem/I_SocketManager.h | 2 - iocore/eventsystem/UnixEThread.cc | 1 + iocore/net/I_Net.h | 1 - iocore/net/Net.cc | 9 +- iocore/net/P_SSLNetVConnection.h | 15 ++ iocore/net/P_SSLNextProtocolAccept.h | 3 +- iocore/net/P_UnixNet.h | 4 +- iocore/net/PollCont.cc | 2 +- iocore/net/PollCont.h | 4 +- iocore/net/SSLDiags.cc | 10 +- iocore/net/SSLNetVConnection.cc| 92 ++- iocore/net/SSLNextProtocolAccept.cc| 59 --- iocore/net/SSLUtils.cc | 4 +- iocore/net/TLSSessionResumptionSupport.cc | 2 +- iocore/net/UnixNet.cc | 1 - iocore/net/UnixUDPNet.cc | 3 +- iocore/net/test_I_UDPNet.cc| 1 - plugins/background_fetch/background_fetch.cc | 14 +- plugins/cache_promote/cache_promote.cc | 12 +- .../cache_range_requests/cache_range_requests.cc | 13 +- plugins/compress/compress.cc | 13 +- plugins/experimental/cache_fill/cache_fill.cc | 14 +- plugins/experimental/fq_pacing/fq_pacing.cc| 17 +- plugins/experimental/geoip_acl/geoip_acl.cc| 13 +- plugins/experimental/maxmind_acl/maxmind_acl.cc| 13 +- plugins/experimental/money_trace/money_trace.cc| 13 +- .../parent_select/consistenthash_config.cc | 115 ++--- .../experimental/parent_select/parent_select.cc| 17 +- plugins/experimental/rate_limit/ip_reputation.cc | 19 ++- plugins/experimental/rate_limit/rate_limit.cc | 13 +- .../experimental/ssl_session_reuse/src/publish.cc | 4 +- plugins/experimental/uri_signing/uri_signing.cc| 14 +- plugins/experimental/url_sig/url_sig.cc| 13 +- .../experimental/webp_transform/ImageTransform.cc | 24 +-- plugins/header_rewrite/header_rewrite.cc | 18 +- plugins/lua/ts_lua_transform.cc| 4 +- plugins/regex_remap/regex_remap.cc | 13 +- plugins/s3_auth/s3_auth.cc | 13 +- proxy/ProtocolProbeSessionAccept.cc| 10
[trafficserver] 06/06: memory fixes for ats10 in our environment
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit a2f4f3aa28026026978715b1843b416863fd2ce1 Author: Susan Hinrichs AuthorDate: Mon Sep 11 16:06:00 2023 + memory fixes for ats10 in our environment --- aviatrix/avx_plugins/tee_decrypt/tee_decrypt.cc | 2 +- iocore/net/P_UnixNetVConnection.h | 2 ++ iocore/net/SSLNetVConnection.cc | 6 ++ iocore/net/UnixNetVConnection.cc| 21 + proxy/http/HttpSM.cc| 1 + 5 files changed, 23 insertions(+), 9 deletions(-) diff --git a/aviatrix/avx_plugins/tee_decrypt/tee_decrypt.cc b/aviatrix/avx_plugins/tee_decrypt/tee_decrypt.cc index 70257c4a1f..23f0635d30 100644 --- a/aviatrix/avx_plugins/tee_decrypt/tee_decrypt.cc +++ b/aviatrix/avx_plugins/tee_decrypt/tee_decrypt.cc @@ -435,7 +435,7 @@ transform_plugin(TSCont contp, TSEvent event, void *edata) return 0; case TS_EVENT_HTTP_READ_RESPONSE_HDR: TSDebug(PLUGIN_NAME, "\tEvent is TS_EVENT_HTTP_READ_RESPONSE_HDR"); -if (TSUserArgGet(txnp, data_arg_index) != nullptr) { +if (data_arg_index != -1 && TSUserArgGet(txnp, data_arg_index) != nullptr) { check_txn_data(txnp); send_response_header(txnp); } diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index f978c9e2dc..08c6ba691a 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -115,6 +115,8 @@ public: void get_local_sa(); + bool testInlineClose(); + // these are not part of the pure virtual interface. They were // added to reduce the amount of duplicate code in classes inherited // from NetVConnection (SSL). diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index fb84411516..976f1238a4 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -586,6 +586,9 @@ SSLNetVConnection::net_read_io(NetHandler *nh, EThread *lthread) // Continue on if we are still in the handshake if (!getSSLHandShakeComplete()) { int err = 0; +// May get into logic that will clean up the current VC +// Increment the recursion to delay do_io_close cleaup. +this->recursion++; if (get_context() == NET_VCONNECTION_OUT) { ret = sslStartHandShake(SSL_EVENT_CLIENT, err); @@ -626,6 +629,7 @@ SSLNetVConnection::net_read_io(NetHandler *nh, EThread *lthread) this->readSignalDone(VC_EVENT_READ_COMPLETE, nh); } } +this->testInlineClose(); return; // Leave if we are tunneling } } @@ -642,6 +646,7 @@ SSLNetVConnection::net_read_io(NetHandler *nh, EThread *lthread) read.triggered = 0; nh->read_ready_list.remove(this); readSignalError(nh, ETIMEDOUT); + this->testInlineClose(); return; } } @@ -677,6 +682,7 @@ SSLNetVConnection::net_read_io(NetHandler *nh, EThread *lthread) } else { readReschedule(nh); } +this->testInlineClose(); return; } diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index ee7fe8a93f..ac2eae6028 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -98,10 +98,7 @@ read_signal_and_update(int event, UnixNetVConnection *vc) break; } } - if (!--vc->recursion && vc->closed) { -/* BZ 31932 */ -ink_assert(vc->thread == this_ethread()); -vc->nh->free_netevent(vc); + if (vc->testInlineClose()) { return EVENT_DONE; } else { return EVENT_CONT; @@ -132,10 +129,7 @@ write_signal_and_update(int event, UnixNetVConnection *vc) break; } } - if (!--vc->recursion && vc->closed) { -/* BZ 31932 */ -ink_assert(vc->thread == this_ethread()); -vc->nh->free_netevent(vc); + if (vc->testInlineClose()) { return EVENT_DONE; } else { return EVENT_CONT; @@ -1495,3 +1489,14 @@ UnixNetVConnection::set_tcp_congestion_control(int side) return -1; #endif } + +bool +UnixNetVConnection::testInlineClose() +{ + if (!--this->recursion && this->closed) { +ink_assert(this->thread == this_ethread()); +this->nh->free_netevent(this); +return true; + } + return false; +} diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 582cf34737..f3a3304694 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -7487,6 +7487,7 @@ HttpSM::kill_this() server_txn = nullptr; } if (_ua.get_txn()) { + _ua.get_txn()->attach_server_session(nullptr); _ua.get_txn()->transaction_done(); }
[trafficserver] 04/06: Another checkpoint. This one installs and starts up
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 36bba73bc5bda1fcd7987b612ac5fc33b636e32b Author: Susan Hinrichs AuthorDate: Fri Sep 8 16:36:50 2023 + Another checkpoint. This one installs and starts up --- aviatrix/10_0_0.0001/avx-gw-trafficserver.service | 16 aviatrix/10_0_0.0001/configs/logging.yaml | 53 +++ aviatrix/10_0_0.0001/configs/plugin.config | 16 aviatrix/10_0_0.0001/configs/records.yaml | 102 + .../10_0_0.0001/logrotate/avx-gw-trafficserver | 11 +++ aviatrix/10_0_0.0001/postinst | 25 + .../avx_plugins/policy_driver/policy_driver.cc | 5 +- aviatrix/avx_plugins/policy_driver/web_filter.cc | 5 +- build_debs.sh | 62 + include/ts/ts.h| 1 + src/traffic_server/InkAPI.cc | 23 +++-- 11 files changed, 309 insertions(+), 10 deletions(-) diff --git a/aviatrix/10_0_0.0001/avx-gw-trafficserver.service b/aviatrix/10_0_0.0001/avx-gw-trafficserver.service new file mode 100644 index 00..5bf0a6ea7d --- /dev/null +++ b/aviatrix/10_0_0.0001/avx-gw-trafficserver.service @@ -0,0 +1,16 @@ +[Unit] +Description=Service that runs the trafficserver + +[Service] +Type=simple +ExecStart=-/opt/ats/ats_10.0.0/bin/traffic_server -f -F --bind_stdout /var/log/tslogs/traffic.out --bind_stderr /var/log/tslogs/traffic.out +Restart=on-failure +RestartSec=5s +LimitNOFILE=100 +PIDFile=/opt/ats/ats_10.0.0/var/trafficserver/server.lock +TimeoutStopSec=5s +#ExecReload=@exp_bindir@/traffic_ctl config reload +KillMode=process + +[Install] +WantedBy=multi-user.target diff --git a/aviatrix/10_0_0.0001/configs/logging.yaml b/aviatrix/10_0_0.0001/configs/logging.yaml new file mode 100755 index 00..087e2cde40 --- /dev/null +++ b/aviatrix/10_0_0.0001/configs/logging.yaml @@ -0,0 +1,53 @@ +# Custom log configuration +# +# Documentation on logging: +# https://docs.trafficserver.apache.org/en/9.0.x/admin-guide/logging/index.en.html +# +# Documentation on logging.yaml file format: +# https://docs.trafficserver.apache.org/en/9.0.x/admin-guide/files/logging.yaml.en.html +# +# Example log configurations: +# https://docs.trafficserver.apache.org/en/9.0.x/admin-guide/logging/examples.en.html + + +logging: + formats: +# WebTrends Enhanced Log Format. +# +# The following is compatible with the WebTrends Enhanced Log Format. +# If you want to generate a log that can be parsed by WebTrends +# reporting tools, simply create a log that uses this format. +- name: welf + format: |- + id=firewall time="% %" fw=% pri=6 proto=% duration=% sent=% rcvd=% src=% dst=% dstname=% user=% op=% arg="%" result=% ref="%<{Referer}cqh>" agent="%<{user-agent}cqh>" cache=% +# Squid Log Format with seconds resolution timestamp. +# The following is the squid format but with a seconds-only timestamp +# (cqts) instead of a seconds and milliseconds timestamp (cqtq). +- name: squid_seconds_only_timestamp + format: '% % % %/% % % % % %/% %' + +# Squid Log Format. +- name: squid + format: '% % % %/% % % % % %/% %' + +- name: aviatrix + format: 'ts=% ttms=% sni=% meth=% cqpv=% pssc=% cqtr=% cqssl=% chi=% cqql=% shi=% shn=% psql=% sstc=% cquc=%' + +# Common Log Format. +- name: common + format: '% - % [%] "%" % %' + +# Extended Log Format. +- name: 'extended' + format: '% - % [%] "%" % % % % % % % % % % %' + + # Extended2 Log Formats +- name: "extended2" + format: '% - % [%] "%" % % % % % % % % % % % % % % %' + + logs: +- filename: access + format: aviatrix + mode: text + +# vim: set ft=yaml : diff --git a/aviatrix/10_0_0.0001/configs/plugin.config b/aviatrix/10_0_0.0001/configs/plugin.config new file mode 100644 index 00..168bcf691f --- /dev/null +++ b/aviatrix/10_0_0.0001/configs/plugin.config @@ -0,0 +1,16 @@ +# +# plugin.config +# +# Documentation: +# https://docs.trafficserver.apache.org/en/latest/admin-guide/files/plugin.config.en.html +# +# Comments start with a '#' and continue to the end of the line +# Blank lines are ignored + +policy_driver.so 5557 +# +tee_decrypt.so 127.255.0.10 127.255.0.20 +# +#use certifier to automatically run with MITM +avx_certifier.so --sign-cert=/opt/ats/ats_9.1.3/etc/local_ca/mitm_ca.cert --sign-key=/opt/ats/ats_9.1.3/etc/local_ca/mitm_ca.key --sign-serial=/opt/ats/ats_9.1.3/var/local_ca/serial.txt --store=/opt/ats/ats_9.1.3/var/local_ca/keys --max=200 +memory_profile.so diff --git a/aviatrix/10_0_0.0001/configs/records.yaml b/aviatrix/10_0_0.0001/configs/records.yam
[trafficserver] 05/06: Fix clang-format target
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 0b8e165f7242d7accb04cfc83510b815134169e8 Author: Susan Hinrichs AuthorDate: Fri Sep 8 16:37:49 2023 + Fix clang-format target --- Makefile.am | 4 1 file changed, 4 insertions(+) diff --git a/Makefile.am b/Makefile.am index 924a726b68..563874808f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -130,6 +130,7 @@ CLANG_FORMAT_DIR_TARGETS = \ clang-format-include \ clang-format-mgmt \ clang-format-plugins \ + clang-format-avx-plugins \ clang-format-proxy \ clang-format-tools \ clang-format-tests @@ -162,6 +163,9 @@ clang-format-mgmt: clang-format-plugins: @$(top_srcdir)/tools/clang-format.sh $(top_srcdir)/plugins +clang-format-avx-plugins: + @$(top_srcdir)/tools/clang-format.sh $(top_srcdir)/aviatrix/avx_plugins + clang-format-proxy: @$(top_srcdir)/tools/clang-format.sh $(top_srcdir)/proxy
[trafficserver] 03/06: Checkpoint
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch aviatrix-integrate-ats10 in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit dabfcb5dc0f23e9ced6f14843353ba4353e759f2 Author: Susan Hinrichs AuthorDate: Wed Sep 6 19:14:22 2023 + Checkpoint --- Makefile.am | 2 +- aviatrix/{plugins => avx_plugins}/Makefile.am| 0 aviatrix/{plugins => avx_plugins}/avx_certifier/Makefile.inc | 0 aviatrix/{plugins => avx_plugins}/avx_certifier/README | 0 aviatrix/{plugins => avx_plugins}/avx_certifier/avx_certifier.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/.gitignore | 0 aviatrix/{plugins => avx_plugins}/policy_driver/Makefile-proto | 0 aviatrix/{plugins => avx_plugins}/policy_driver/Makefile.inc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/empty.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/jsonwriter.h | 0 aviatrix/{plugins => avx_plugins}/policy_driver/logging.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/logging.h| 0 aviatrix/{plugins => avx_plugins}/policy_driver/plugin.h | 0 aviatrix/{plugins => avx_plugins}/policy_driver/policy.h | 0 aviatrix/{plugins => avx_plugins}/policy_driver/policy_client.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/policy_driver.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/rules/mitm_test.json | 0 aviatrix/{plugins => avx_plugins}/policy_driver/rules/no-ids.json| 0 aviatrix/{plugins => avx_plugins}/policy_driver/rules/rules1.json| 0 aviatrix/{plugins => avx_plugins}/policy_driver/test_client.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/test_server.cc | 0 aviatrix/{plugins => avx_plugins}/policy_driver/web_filter.cc| 0 aviatrix/{plugins => avx_plugins}/policy_driver/web_filter.h | 0 aviatrix/{plugins => avx_plugins}/tee_decrypt/Makefile.inc | 0 aviatrix/{plugins => avx_plugins}/tee_decrypt/plugin.h | 0 aviatrix/{plugins => avx_plugins}/tee_decrypt/remake_plugin.sh | 0 aviatrix/{plugins => avx_plugins}/tee_decrypt/tee_decrypt.cc | 0 aviatrix/{plugins => avx_plugins}/tee_decrypt/tee_info.cc| 0 aviatrix/{plugins => avx_plugins}/tee_decrypt/tee_info.h | 0 configure.ac | 2 +- 30 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index 51084c5ba2..924a726b68 100644 --- a/Makefile.am +++ b/Makefile.am @@ -27,7 +27,7 @@ export CCACHE_BASEDIR # and mgmt, hence we have to build proxy/hdrs first. # depends on the generates ts/ts.h include file. -SUBDIRS = include lib src/tscpp/util src/tscore src/records iocore proxy mgmt src plugins tools example rc configs tests aviatrix/plugins +SUBDIRS = include lib src/tscpp/util src/tscore src/records iocore proxy mgmt src plugins tools example rc configs tests aviatrix/avx_plugins if BUILD_DOCS SUBDIRS += doc include diff --git a/aviatrix/plugins/Makefile.am b/aviatrix/avx_plugins/Makefile.am similarity index 100% rename from aviatrix/plugins/Makefile.am rename to aviatrix/avx_plugins/Makefile.am diff --git a/aviatrix/plugins/avx_certifier/Makefile.inc b/aviatrix/avx_plugins/avx_certifier/Makefile.inc similarity index 100% rename from aviatrix/plugins/avx_certifier/Makefile.inc rename to aviatrix/avx_plugins/avx_certifier/Makefile.inc diff --git a/aviatrix/plugins/avx_certifier/README b/aviatrix/avx_plugins/avx_certifier/README similarity index 100% rename from aviatrix/plugins/avx_certifier/README rename to aviatrix/avx_plugins/avx_certifier/README diff --git a/aviatrix/plugins/avx_certifier/avx_certifier.cc b/aviatrix/avx_plugins/avx_certifier/avx_certifier.cc similarity index 100% rename from aviatrix/plugins/avx_certifier/avx_certifier.cc rename to aviatrix/avx_plugins/avx_certifier/avx_certifier.cc diff --git a/aviatrix/plugins/policy_driver/.gitignore b/aviatrix/avx_plugins/policy_driver/.gitignore similarity index 100% rename from aviatrix/plugins/policy_driver/.gitignore rename to aviatrix/avx_plugins/policy_driver/.gitignore diff --git a/aviatrix/plugins/policy_driver/Makefile-proto b/aviatrix/avx_plugins/policy_driver/Makefile-proto similarity index 100% rename from aviatrix/plugins/policy_driver/Makefile-proto rename to aviatrix/avx_plugins/policy_driver/Makefile-proto diff --git a/aviatrix/plugins/policy_driver/Makefile.inc b/aviatrix/avx_plugins/policy_driver/Makefile.inc similarity index 100% rename from aviatrix/plugins/policy_driver/Makefile.inc rename to aviatrix/avx_plugins/policy_driver/Makefile.inc diff --git a/aviatrix/plugins/policy_driver/empty.cc b/aviatrix/avx_plugins/pol
[trafficserver] branch start-tunnel-hook deleted (was 902e8de813)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git was 902e8de813 Remove trailing spaces in docs The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[trafficserver] branch add-ssl-apis deleted (was a306a2e646)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch add-ssl-apis in repository https://gitbox.apache.org/repos/asf/trafficserver.git was a306a2e646 Generalize the FdGet() call The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[trafficserver] 01/01: Generalize the FdGet() call
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch add-ssl-apis in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit a306a2e646b00e26df82966ee738e7cbe7daa652 Author: Susan Hinrichs AuthorDate: Wed Sep 6 20:01:10 2023 + Generalize the FdGet() call --- .../{TSVConnSslFdGet.en.rst => TSVConnFdGet.en.rst} | 8 include/ts/ts.h | 2 +- src/traffic_server/InkAPI.cc | 16 ++-- 3 files changed, 11 insertions(+), 15 deletions(-) diff --git a/doc/developer-guide/api/functions/TSVConnSslFdGet.en.rst b/doc/developer-guide/api/functions/TSVConnFdGet.en.rst similarity index 85% rename from doc/developer-guide/api/functions/TSVConnSslFdGet.en.rst rename to doc/developer-guide/api/functions/TSVConnFdGet.en.rst index dec2779427..7e5a808115 100644 --- a/doc/developer-guide/api/functions/TSVConnSslFdGet.en.rst +++ b/doc/developer-guide/api/functions/TSVConnFdGet.en.rst @@ -15,8 +15,8 @@ permissions and limitations under the License. -TSVConnSslFdGet -=== +TSVConnFdGet + Synopsis @@ -25,10 +25,10 @@ Synopsis #include -.. c:function:: int TSVConnSslFdGet(TSVConn sslp) +.. c:function:: int TSVConnFdGet(TSVConn vconnp) Description --- -Returns the file descriptor associated with the SSL connection :arg:`sslp`. +Returns the file descriptor associated with the network connection :arg:`sslp`. It returns -1 on error. diff --git a/include/ts/ts.h b/include/ts/ts.h index 94312d041d..9c3ab8e2fd 100644 --- a/include/ts/ts.h +++ b/include/ts/ts.h @@ -1316,7 +1316,7 @@ namespace c /* Return the SSL object associated with the connection */ TSSslConnection TSVConnSslConnectionGet(TSVConn sslp); /* Return the file descriptoer associated with the ssl connection */ - int TSVConnSslFdGet(TSVConn sslp); + int TSVConnFdGet(TSVConn sslp); /* Return the intermediate X509StoreCTX object that references the certificate being validated */ TSSslVerifyCTX TSVConnSslVerifyCTXGet(TSVConn sslp); /* Fetch a SSL context from the global lookup table */ diff --git a/src/traffic_server/InkAPI.cc b/src/traffic_server/InkAPI.cc index f5575e48c6..c1421b8ae8 100644 --- a/src/traffic_server/InkAPI.cc +++ b/src/traffic_server/InkAPI.cc @@ -9133,17 +9133,13 @@ tsapi::c::TSVConnSslConnectionGet(TSVConn sslp) } int -tsapi::c::TSVConnSslFdGet(TSVConn sslp) -{ - TSSslConnection sslvc = TSVConnSslConnectionGet(sslp); - int fd= -1; - if (sslvc != nullptr) { -SSL *sslObj = reinterpret_cast(sslvc); -if (sslObj != nullptr) { - fd = SSL_get_wfd(sslObj); -} +tsapi::c::TSVConnFdGet(TSVConn vconnp) +{ + NetVConnection *vc = reinterpret_cast(vconnp); + if (vc != nullptr) { +return vc->get_socket(); } - return fd; + return -1; } const char *
[trafficserver] branch add-ssl-apis created (now a306a2e646)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch add-ssl-apis in repository https://gitbox.apache.org/repos/asf/trafficserver.git at a306a2e646 Generalize the FdGet() call This branch includes the following new commits: new a306a2e646 Generalize the FdGet() call The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] branch allow-plain updated (21b6fc563e -> 7eac946a2f)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 21b6fc563e Address comments and fix 32K buffer issue add 7eac946a2f At least issue a warning if someone tries to enable quic and allow-plain No new revisions were added by this update. Summary of changes: src/records/RecHttp.cc | 11 +++ 1 file changed, 11 insertions(+)
[trafficserver] branch start-tunnel-hook created (now 902e8de813)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git at 902e8de813 Remove trailing spaces in docs This branch includes the following new commits: new 902e8de813 Remove trailing spaces in docs The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] 01/01: Remove trailing spaces in docs
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch start-tunnel-hook in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 902e8de81338d5278b332044a898256537213b00 Author: Susan Hinrichs AuthorDate: Tue Aug 29 21:50:54 2023 + Remove trailing spaces in docs --- doc/developer-guide/api/functions/TSHttpTxnTypeGet.en.rst | 2 +- doc/developer-guide/api/types/TSTxnType.en.rst| 8 .../plugins/hooks-and-transactions/adding-hooks.en.rst| 2 +- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/doc/developer-guide/api/functions/TSHttpTxnTypeGet.en.rst b/doc/developer-guide/api/functions/TSHttpTxnTypeGet.en.rst index a92354da92..ae3563dc5a 100644 --- a/doc/developer-guide/api/functions/TSHttpTxnTypeGet.en.rst +++ b/doc/developer-guide/api/functions/TSHttpTxnTypeGet.en.rst @@ -33,5 +33,5 @@ Synopsis Description === -Returns the type of the txnp argument. +Returns the type of the txnp argument. diff --git a/doc/developer-guide/api/types/TSTxnType.en.rst b/doc/developer-guide/api/types/TSTxnType.en.rst index c454c2cdeb..9182d62ea3 100644 --- a/doc/developer-guide/api/types/TSTxnType.en.rst +++ b/doc/developer-guide/api/types/TSTxnType.en.rst @@ -24,14 +24,6 @@ Synopsis .. code-block:: cpp -#include -+ typedef enum { - +TS_TXN_TYPE_UNKNOWN, -+TS_TXN_TYPE_HTTP, - +TS_TXN_TYPE_EXPLICIT_TUNNEL, -+TS_TXN_TYPE_TR_PASS_TUNNEL, - + } TSTxnType; - .. c:enum:: TSTxnType Specify the type of a transaction argument diff --git a/doc/developer-guide/plugins/hooks-and-transactions/adding-hooks.en.rst b/doc/developer-guide/plugins/hooks-and-transactions/adding-hooks.en.rst index 85f1f0b036..ee50526582 100644 --- a/doc/developer-guide/plugins/hooks-and-transactions/adding-hooks.en.rst +++ b/doc/developer-guide/plugins/hooks-and-transactions/adding-hooks.en.rst @@ -159,7 +159,7 @@ values for ``TSHttpHookID`` are: ``TS_HTTP_TUNNEL_START_HOOK`` Called when the transaction is processed as a tunnel. The tunnel can be due to an API call, a sni.yaml configuration, or a parse failure allowed due -to tr-pass. With this hook, a plugin can examine other information to +to tr-pass. With this hook, a plugin can examine other information to determine whether the tunnel should be allowed or not. The function you use to add a global HTTP hook is
[trafficserver] branch master updated (c5b4031b3 -> 6d1382def)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from c5b4031b3 Add CMake to the required PR CI builds (#9575) add 6d1382def Add logic to make the server.policy and server.properties settings reloadable (#9572) No new revisions were added by this update. Summary of changes: iocore/net/P_SSLConfig.h | 2 + iocore/net/SSLConfig.cc | 89 +++ tests/gold_tests/tls/tls_verify4.test.py | 190 +++ 3 files changed, 257 insertions(+), 24 deletions(-) create mode 100644 tests/gold_tests/tls/tls_verify4.test.py
[trafficserver] branch reloadable-server-policy updated (8dcfc2d62 -> a385c9c37)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch reloadable-server-policy in repository https://gitbox.apache.org/repos/asf/trafficserver.git discard 8dcfc2d62 Address Damian's comments discard 73f903245 Add logic to make the server.policy and server.properties settings reloadable add c5b4031b3 Add CMake to the required PR CI builds (#9575) add 360f0583a Add logic to make the server.policy and server.properties settings reloadable add a385c9c37 Address Damian's comments This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (8dcfc2d62) \ N -- N -- N refs/heads/reloadable-server-policy (a385c9c37) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: .asf.yaml | 1 + 1 file changed, 1 insertion(+)
[trafficserver] branch reloadable-server-policy updated (73f903245 -> 8dcfc2d62)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch reloadable-server-policy in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 73f903245 Add logic to make the server.policy and server.properties settings reloadable add 8dcfc2d62 Address Damian's comments No new revisions were added by this update. Summary of changes: iocore/net/SSLConfig.cc | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-)
[trafficserver] branch allow-plain updated (ae9c5de9a -> 93e8ff8e8)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from ae9c5de9a Fix nullptr crash identified by CICD add 93e8ff8e8 Remove assert No new revisions were added by this update. Summary of changes: iocore/net/SSLNextProtocolAccept.cc | 1 - 1 file changed, 1 deletion(-)
[trafficserver] branch allow-plain updated (99e23d785 -> ae9c5de9a)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 99e23d785 Add doc and comment out unrelated line that is offending OSX add ae9c5de9a Fix nullptr crash identified by CICD No new revisions were added by this update. Summary of changes: iocore/net/SSLNextProtocolAccept.cc | 9 - 1 file changed, 8 insertions(+), 1 deletion(-)
[trafficserver] branch reloadable-server-policy updated (40cc654b8 -> 73f903245)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch reloadable-server-policy in repository https://gitbox.apache.org/repos/asf/trafficserver.git discard 40cc654b8 Add logic to make the server.policy and server.properties settings reloadable add 710e9d7c8 Define BIO macros in ink_ssl.h (#9557) add 3c4c5fc59 Add `current_time_epoch_ms` stat to be appended before the server version. This allows computation of stats externally based on the cache time frame. This can help alleviate issues with sliding windows between various stats programs that generate discrepencies (#9567) add 849754c5e Fix log format specifications (#9568) add ddf53b5de QUIC: Ignore default_inactivity_timeout in favour of proxy.config.quic.no_activity_timeout_in. (#9564) add d58f1843b Drop support for old quiche (#9561) add 674fb2619 codeql 24: Multiplication result converted to larger type (#9569) add dfad359c2 Cleanup: Use swoc::meta instead of ts::meta. (#9566) add 99eb23a59 fixup cmake build for master and add conditional for io_uring support (#9571) add 73f903245 Add logic to make the server.policy and server.properties settings reloadable This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (40cc654b8) \ N -- N -- N refs/heads/reloadable-server-policy (73f903245) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: CMakeLists.txt | 18 +++ build/quiche.m4| 1 - configure.ac | 19 +++- doc/admin-guide/files/records.yaml.en.rst | 8 +++ include/tscore/ink_config.h.cmake.in | 6 +++ .../tscore/ink_ssl.h | 32 ++-- iocore/CMakeLists.txt | 2 + iocore/eventsystem/CMakeLists.txt | 3 +- iocore/net/BIO_fastopen.h | 1 + iocore/net/CMakeLists.txt | 7 +-- iocore/net/QUICNetVConnection_quiche.cc| 17 --- iocore/net/QUICPacketHandler_quiche.cc | 11 ++--- mgmt/rpc/jsonrpc/JsonRPCManager.cc | 57 +++--- mgmt/rpc/jsonrpc/JsonRPCManager.h | 1 - plugins/stats_over_http/stats_over_http.cc | 6 ++- proxy/http/CMakeLists.txt | 1 + proxy/http/HttpSM.cc | 2 +- proxy/http/HttpTunnel.cc | 4 +- proxy/http2/CMakeLists.txt | 1 + proxy/http2/Http2Stream.cc | 6 +-- src/traffic_ctl/CtrlPrinters.cc| 4 +- src/traffic_server/CMakeLists.txt | 3 +- src/tscore/ink_queue.cc| 2 +- src/tscpp/util/unit_tests/test_IntrusiveDList.cc | 6 +-- .../timeout/quic_no_activity_timeout.test.py | 20 +++- 25 files changed, 145 insertions(+), 93 deletions(-) copy iocore/net/P_QUICNetProcessor.h => include/tscore/ink_ssl.h (56%)
[trafficserver] branch allow-plain updated (bfb67341e -> 99e23d785)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git discard bfb67341e Add doc and comment out unrelated line that is offending OSX omit 13cac6ef4 Add allow-plain server ports attribute add 710e9d7c8 Define BIO macros in ink_ssl.h (#9557) add 3c4c5fc59 Add `current_time_epoch_ms` stat to be appended before the server version. This allows computation of stats externally based on the cache time frame. This can help alleviate issues with sliding windows between various stats programs that generate discrepencies (#9567) add 849754c5e Fix log format specifications (#9568) add ddf53b5de QUIC: Ignore default_inactivity_timeout in favour of proxy.config.quic.no_activity_timeout_in. (#9564) add d58f1843b Drop support for old quiche (#9561) add 674fb2619 codeql 24: Multiplication result converted to larger type (#9569) add dfad359c2 Cleanup: Use swoc::meta instead of ts::meta. (#9566) add 99eb23a59 fixup cmake build for master and add conditional for io_uring support (#9571) add c7ffd5e7d Add allow-plain server ports attribute add 99e23d785 Add doc and comment out unrelated line that is offending OSX This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (bfb67341e) \ N -- N -- N refs/heads/allow-plain (99e23d785) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: CMakeLists.txt | 18 +++ build/quiche.m4| 1 - configure.ac | 19 +++- doc/admin-guide/files/records.yaml.en.rst | 8 +++ include/tscore/ink_config.h.cmake.in | 6 +++ .../tscore/ink_ssl.h | 32 ++-- iocore/CMakeLists.txt | 2 + iocore/eventsystem/CMakeLists.txt | 3 +- iocore/net/BIO_fastopen.h | 1 + iocore/net/CMakeLists.txt | 7 +-- iocore/net/QUICNetVConnection_quiche.cc| 17 --- iocore/net/QUICPacketHandler_quiche.cc | 11 ++--- mgmt/rpc/jsonrpc/JsonRPCManager.cc | 57 +++--- mgmt/rpc/jsonrpc/JsonRPCManager.h | 1 - plugins/stats_over_http/stats_over_http.cc | 6 ++- proxy/http/CMakeLists.txt | 1 + proxy/http/HttpSM.cc | 2 +- proxy/http/HttpTunnel.cc | 4 +- proxy/http2/CMakeLists.txt | 1 + proxy/http2/Http2Stream.cc | 6 +-- src/traffic_ctl/CtrlPrinters.cc| 4 +- src/traffic_server/CMakeLists.txt | 3 +- src/tscore/ink_queue.cc| 2 +- src/tscpp/util/unit_tests/test_IntrusiveDList.cc | 6 +-- .../timeout/quic_no_activity_timeout.test.py | 20 +++- 25 files changed, 145 insertions(+), 93 deletions(-) copy iocore/net/P_QUICNetProcessor.h => include/tscore/ink_ssl.h (56%)
[trafficserver] branch allow-plain updated (13cac6ef4 -> bfb67341e)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 13cac6ef4 Add allow-plain server ports attribute add bfb67341e Add doc and comment out unrelated line that is offending OSX No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.yaml.en.rst | 6 ++ proxy/http/HttpSM.cc | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-)
[trafficserver] 01/01: Add allow-plain server ports attribute
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 13cac6ef4cebe05806a8dfda7a52f3096a41c761 Author: Susan Hinrichs AuthorDate: Fri Mar 31 17:32:21 2023 + Add allow-plain server ports attribute --- include/records/I_RecHttp.h | 3 ++ iocore/net/P_SSLNetVConnection.h | 15 ++ iocore/net/P_SSLNextProtocolAccept.h | 3 +- iocore/net/SSLNetVConnection.cc | 90 +--- iocore/net/SSLNextProtocolAccept.cc | 49 ++--- proxy/ProtocolProbeSessionAccept.cc | 10 +++- proxy/http/HttpProxyServerMain.cc| 2 +- src/records/RecHttp.cc | 7 +++ tests/gold_tests/tls/allow-plain.test.py | 80 9 files changed, 229 insertions(+), 30 deletions(-) diff --git a/include/records/I_RecHttp.h b/include/records/I_RecHttp.h index 9285828b6..817b5988f 100644 --- a/include/records/I_RecHttp.h +++ b/include/records/I_RecHttp.h @@ -271,6 +271,8 @@ public: bool m_outbound_transparent_p = false; // True if transparent pass-through is enabled on this port. bool m_transparent_passthrough = false; + // True if allow-plain is enabled on this port. + bool m_allow_plain = false; /// True if MPTCP is enabled on this port. bool m_mptcp = false; /// Local address for inbound connections (listen address). @@ -420,6 +422,7 @@ public: static const char *const OPT_TRANSPARENT_OUTBOUND;///< Outbound transparent. static const char *const OPT_TRANSPARENT_FULL;///< Full transparency. static const char *const OPT_TRANSPARENT_PASSTHROUGH; ///< Pass-through non-HTTP. + static const char *const OPT_ALLOW_PLAIN; ///< Backup to plain HTTP. static const char *const OPT_SSL; ///< SSL (experimental) static const char *const OPT_QUIC;///< QUIC (experimental) static const char *const OPT_PROXY_PROTO; ///< Proxy Protocol diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index 6fcacdf72..c1392c990 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -174,6 +174,18 @@ public: transparentPassThrough = val; } + bool + getAllowPlain() const + { +return allowPlain; + } + + void + setAllowPlain(bool val) + { +allowPlain = val; + } + // Copy up here so we overload but don't override using super::reenable; @@ -432,6 +444,7 @@ private: int handShakeBioStored = 0; bool transparentPassThrough = false; + bool allowPlain = false; int sent_cert = 0; @@ -476,6 +489,8 @@ private: void _make_ssl_connection(SSL_CTX *ctx); void _bindSSLObject(); void _unbindSSLObject(); + UnixNetVConnection *_migrateFromSSL(); + void _propagateHandShakeBuffer(UnixNetVConnection *target, EThread *t); int _ssl_read_from_net(EThread *lthread, int64_t ); ssl_error_t _ssl_read_buffer(void *buf, int64_t nbytes, int64_t ); diff --git a/iocore/net/P_SSLNextProtocolAccept.h b/iocore/net/P_SSLNextProtocolAccept.h index 18070cd6b..512960441 100644 --- a/iocore/net/P_SSLNextProtocolAccept.h +++ b/iocore/net/P_SSLNextProtocolAccept.h @@ -33,7 +33,7 @@ class SSLNextProtocolAccept : public SessionAccept { public: - SSLNextProtocolAccept(Continuation *, bool); + SSLNextProtocolAccept(Continuation *, bool, bool); ~SSLNextProtocolAccept() override; bool accept(NetVConnection *, MIOBuffer *, IOBufferReader *) override; @@ -60,6 +60,7 @@ private: SSLNextProtocolSet protoset; SessionProtocolSet protoenabled; bool transparent_passthrough; + bool allow_plain; friend struct SSLNextProtocolTrampoline; }; diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index 97c94082e..12e1567a8 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -1332,13 +1332,23 @@ SSLNetVConnection::sslServerHandShakeEvent(int ) err = errno; SSLVCDebug(this, "SSL handshake error: %s (%d), errno=%d", SSLErrorName(ssl_error), ssl_error, err); -// start a blind tunnel if tr-pass is set and data does not look like ClientHello char *buf = handShakeBuffer ? handShakeBuffer->buf() : nullptr; -if (getTransparentPassThrough() && buf && *buf != SSL_OP_HANDSHAKE) { - SSLVCDebug(this, "Data does not look like SSL handshake, starting blind tunnel"); - this->attributes = HttpProxyPort::TRANSPORT_BLIND_TUNNEL; - sslHandshakeStatus = SSL_HANDSHAKE_ONGOING; - return EVENT_CONT; +if (buf && *buf != SSL_OP_HANDSHAKE) { + if (getAllowPlain()) { +SSLVCDebug(this, "Try plain"); +// If this doesn't look like a ClientHello, convert this connection to a UnixNetVC a
[trafficserver] branch allow-plain created (now 13cac6ef4)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch allow-plain in repository https://gitbox.apache.org/repos/asf/trafficserver.git at 13cac6ef4 Add allow-plain server ports attribute This branch includes the following new commits: new 13cac6ef4 Add allow-plain server ports attribute The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] 01/01: Add logic to make the server.policy and server.properties settings reloadable
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch reloadable-server-policy in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 40cc654b8eb9c9498f08c8aca79c9a81102d790b Author: Susan Hinrichs AuthorDate: Fri Mar 31 15:36:58 2023 + Add logic to make the server.policy and server.properties settings reloadable --- iocore/net/P_SSLConfig.h | 2 + iocore/net/SSLConfig.cc | 87 ++ tests/gold_tests/tls/tls_verify4.test.py | 190 +++ 3 files changed, 255 insertions(+), 24 deletions(-) diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h index 6a25f7ce8..120aee4ae 100644 --- a/iocore/net/P_SSLConfig.h +++ b/iocore/net/P_SSLConfig.h @@ -173,6 +173,8 @@ struct SSLConfigParams : public ConfigInfo { void cleanup(); void reset(); void SSLConfigInit(swoc::IPRangeSet *global); + void SetServerPolicy(const char *); + void SetServerPolicyProperties(const char *); private: // c_str() of string passed to in-progess call to updateCTX(). diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index a55e34ac2..cb4aebfaa 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -189,6 +189,65 @@ set_paths_helper(const char *path, const char *filename, char **final_path, char } } +int +UpdateServerPolicy(const char * /* name ATS_UNUSED */, RecDataT /* data_type ATS_UNUSED */, RecData data, void *cookie) +{ + SSLConfigParams *params = SSLConfig::acquire(); + char *verify_server = data.rec_string; + if (params != nullptr && verify_server != nullptr) { +Debug("ssl_load", "New Server Policy %s", verify_server); +params->SetServerPolicy(verify_server); + } else { +Debug("ssl_load", "Failed to load new Server Policy %p %p", verify_server, params); + } + return 0; +} + +int +UpdateServerPolicyProperties(const char * /* name ATS_UNUSED */, RecDataT /* data_type ATS_UNUSED */, RecData data, void *cookie) +{ + SSLConfigParams *params = SSLConfig::acquire(); + char *verify_server = data.rec_string; + if (params != nullptr && verify_server != nullptr) { +params->SetServerPolicyProperties(verify_server); + } + return 0; +} + +void +SSLConfigParams::SetServerPolicyProperties(const char *verify_server) +{ + if (strcmp(verify_server, "SIGNATURE") == 0) { +verifyServerProperties = YamlSNIConfig::Property::SIGNATURE_MASK; + } else if (strcmp(verify_server, "NAME") == 0) { +verifyServerProperties = YamlSNIConfig::Property::NAME_MASK; + } else if (strcmp(verify_server, "ALL") == 0) { +verifyServerProperties = YamlSNIConfig::Property::ALL_MASK; + } else if (strcmp(verify_server, "NONE") == 0) { +verifyServerProperties = YamlSNIConfig::Property::NONE; + } else { +Warning("%s is invalid for proxy.config.ssl.client.verify.server.properties. Should be one of SIGNATURE, NAME, or ALL", +verify_server); +verifyServerProperties = YamlSNIConfig::Property::NONE; + } +} + +void +SSLConfigParams::SetServerPolicy(const char *verify_server) +{ + if (strcmp(verify_server, "DISABLED") == 0) { +verifyServerPolicy = YamlSNIConfig::Policy::DISABLED; + } else if (strcmp(verify_server, "PERMISSIVE") == 0) { +verifyServerPolicy = YamlSNIConfig::Policy::PERMISSIVE; + } else if (strcmp(verify_server, "ENFORCED") == 0) { +verifyServerPolicy = YamlSNIConfig::Policy::ENFORCED; + } else { +Warning("%s is invalid for proxy.config.ssl.client.verify.server.policy. Should be one of DISABLED, PERMISSIVE, or ENFORCED", +verify_server); +verifyServerPolicy = YamlSNIConfig::Policy::DISABLED; + } +} + void SSLConfigParams::initialize() { @@ -389,34 +448,14 @@ SSLConfigParams::initialize() char *verify_server = nullptr; REC_ReadConfigStringAlloc(verify_server, "proxy.config.ssl.client.verify.server.policy"); - if (strcmp(verify_server, "DISABLED") == 0) { -verifyServerPolicy = YamlSNIConfig::Policy::DISABLED; - } else if (strcmp(verify_server, "PERMISSIVE") == 0) { -verifyServerPolicy = YamlSNIConfig::Policy::PERMISSIVE; - } else if (strcmp(verify_server, "ENFORCED") == 0) { -verifyServerPolicy = YamlSNIConfig::Policy::ENFORCED; - } else { -Warning("%s is invalid for proxy.config.ssl.client.verify.server.policy. Should be one of DISABLED, PERMISSIVE, or ENFORCED", -verify_server); -verifyServerPolicy = YamlSNIConfig::Policy::DISABLED; - } + this->SetServerPolicy(verify_server); ats_free(verify_server); + REC_RegisterConfigUpdateFunc("proxy.config.ssl.client.verify.server.policy", UpdateServerPolicy, nullptr); REC_ReadConfigStringAlloc(verify_server, "p
[trafficserver] branch reloadable-server-policy created (now 40cc654b8)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch reloadable-server-policy in repository https://gitbox.apache.org/repos/asf/trafficserver.git at 40cc654b8 Add logic to make the server.policy and server.properties settings reloadable This branch includes the following new commits: new 40cc654b8 Add logic to make the server.policy and server.properties settings reloadable The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] branch master updated (b75eb0a73 -> 2506ec8a1)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from b75eb0a73 Clean up some errors in output of ASAN build. (#9004) add 2506ec8a1 Fix transparent tr-pass (#9150) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc | 25 +++-- proxy/http/HttpTransact.cc | 5 + 2 files changed, 20 insertions(+), 10 deletions(-)
[trafficserver] 01/01: Fix transparent tr-pass
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch skh/fix-transparent-pass-through in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 6c00faf88646c0371ca62a7c99bcbe738583cdce Author: Susan Hinrichs AuthorDate: Fri Oct 14 21:16:47 2022 -0500 Fix transparent tr-pass --- proxy/http/HttpSM.cc | 25 +++-- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index e349181bf..69ee672a6 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -651,17 +651,22 @@ HttpSM::setup_blind_tunnel_port() NetVConnection *netvc = ua_txn->get_netvc(); ink_release_assert(netvc); int host_len; - if (auto *tts = dynamic_cast(netvc)) { -if (!t_state.hdr_info.client_request.url_get()->host_get(_len)) { - // the URL object has not been created in the start of the transaction. Hence, we need to create the URL here - URL u; - t_state.hdr_info.client_request.create(HTTP_TYPE_REQUEST); - t_state.hdr_info.client_request.method_set(HTTP_METHOD_CONNECT, HTTP_LEN_CONNECT); - t_state.hdr_info.client_request.url_create(); - u.scheme_set(URL_SCHEME_TUNNEL, URL_LEN_TUNNEL); - t_state.hdr_info.client_request.url_set(); + // This applies to both the TLS and non TLS cases + if (!t_state.hdr_info.client_request.url_get()->host_get(_len)) { +// the URL object has not been created in the start of the transaction. Hence, we need to create the URL here +URL u; + +t_state.hdr_info.client_request.create(HTTP_TYPE_REQUEST); +t_state.hdr_info.client_request.method_set(HTTP_METHOD_CONNECT, HTTP_LEN_CONNECT); +t_state.hdr_info.client_request.url_create(); +u.scheme_set(URL_SCHEME_TUNNEL, URL_LEN_TUNNEL); +t_state.hdr_info.client_request.url_set(); + } + TLSTunnelSupport *tts = nullptr; + if (!ua_txn->is_outbound_transparent() && (tts = dynamic_cast(netvc))) { +if (!t_state.hdr_info.client_request.url_get()->host_get(_len)) { if (tts->has_tunnel_destination()) { const char *tunnel_host = tts->get_tunnel_host(); t_state.hdr_info.client_request.url_get()->host_set(tunnel_host, strlen(tunnel_host)); @@ -675,7 +680,7 @@ HttpSM::setup_blind_tunnel_port() t_state.hdr_info.client_request.url_get()->port_set(netvc->get_local_port()); } } - } else { + } else { // If outbound transparent or not TLS, just use the local IP as the origin char new_host[INET6_ADDRSTRLEN]; ats_ip_ntop(netvc->get_local_addr(), new_host, sizeof(new_host));
[trafficserver] branch skh/fix-transparent-pass-through created (now 6c00faf88)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch skh/fix-transparent-pass-through in repository https://gitbox.apache.org/repos/asf/trafficserver.git at 6c00faf88 Fix transparent tr-pass This branch includes the following new commits: new 6c00faf88 Fix transparent tr-pass The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] branch master updated (0960eb1 -> 4af0b77)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 0960eb1 remove unused argument, and make sure condition checks are consistent (#8572) add 4af0b77 Fix transparent mode documentation (#8593) No new revisions were added by this update. Summary of changes: .../configuration/transparent-proxy.en.rst | 45 -- doc/admin-guide/files/records.config.en.rst| 8 ++-- 2 files changed, 28 insertions(+), 25 deletions(-)
[trafficserver] branch master updated (71e4aba -> 0716c2e)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 71e4aba Clean up of next hop HostRecord class. (#8585) add 0716c2e Propagate accept options to HTTP/2 (#8594) No new revisions were added by this update. Summary of changes: proxy/http2/Http2Stream.cc | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-)
[trafficserver] branch master updated (f0a69cd -> 4f68338)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from f0a69cd LGTM: Fix pointless comparison of unsigined value to zero (#8575) add 4f68338 Eliminate erroneous self-loop error on transparent mode (#8586) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[trafficserver] branch master updated: Update nghttp gold file based on previous h2 fix (#8298)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new ce5afe3 Update nghttp gold file based on previous h2 fix (#8298) ce5afe3 is described below commit ce5afe32e0301584cdcf5c321be2d0fff674edae Author: Susan Hinrichs AuthorDate: Tue Aug 31 19:01:25 2021 -0500 Update nghttp gold file based on previous h2 fix (#8298) --- tests/gold_tests/h2/gold/nghttp_1_stdout.gold | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/gold_tests/h2/gold/nghttp_1_stdout.gold b/tests/gold_tests/h2/gold/nghttp_1_stdout.gold index fb9b831..c104532 100644 --- a/tests/gold_tests/h2/gold/nghttp_1_stdout.gold +++ b/tests/gold_tests/h2/gold/nghttp_1_stdout.gold @@ -7,6 +7,6 @@ [``] recv GOAWAY frame (last_stream_id=1, error_code=NO_ERROR(0x00), opaque_data(0)=[]) `` -[``] recv DATA frame +[``] recv DATA frame ; END_STREAM ``
[trafficserver] 02/02: Output crlf header endings
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch fix-output-line-endings in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 788d1da52b4f47e190b1241b0f89c98d45b51906 Author: Susan Hinrichs AuthorDate: Tue Aug 31 19:36:02 2021 + Output crlf header endings --- proxy/hdrs/MIME.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/proxy/hdrs/MIME.cc b/proxy/hdrs/MIME.cc index b88c5d5..3bf69fb 100644 --- a/proxy/hdrs/MIME.cc +++ b/proxy/hdrs/MIME.cc @@ -2580,6 +2580,8 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char } field_name.rtrim_if(::is_ws); raw_print_field = false; +} else if (parsed.suffix(2) != "\r\n") { + raw_print_field = false; } // find value first
[trafficserver] 01/02: Revert "Fail requests with incomplete line ends (#8096)"
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch fix-output-line-endings in repository https://gitbox.apache.org/repos/asf/trafficserver.git commit 157bc9a854ec86b818cc23d38e39cf83fac61eda Author: Susan Hinrichs AuthorDate: Tue Aug 31 19:20:03 2021 + Revert "Fail requests with incomplete line ends (#8096)" This reverts commit 2c8bb98b2cb364b1a820236dc83271af082e7434. --- ci/rat-regex.txt | 1 - proxy/hdrs/MIME.cc | 45 ++--- proxy/hdrs/unit_tests/test_Hdrs.cc | 14 +++ ...test_input => www.customplugin204.test_get.txt} | 4 +- ...st_input => www.customtemplate204.test_get.txt} | 4 +- ..._get.test_input => www.default204.test_get.txt} | 4 +- ..._get.test_input => www.default304.test_get.txt} | 4 +- ...200.test_input => www.example.test_get_200.txt} | 6 +-- ...304.test_input => www.example.test_get_304.txt} | 8 ++-- ...t_head.test_input => www.example.test_head.txt} | 6 +-- ...00.test_input => www.example.test_head_200.txt} | 6 +-- .../body_factory/http204_response.test.py | 4 +- .../body_factory/http204_response_plugin.test.py | 2 +- .../body_factory/http304_response.test.py | 2 +- .../body_factory/http_head_no_origin.test.py | 2 +- .../body_factory/http_with_origin.test.py | 6 +-- ...ttp408.test.test_input => www.http408.test.txt} | 10 ++--- ...get.test_input => www.passthrough.test_get.txt} | 4 +- ...t_get.test_input => www.redirect0.test_get.txt} | 4 +- ...get.test_input => www.redirect301.test_get.txt} | 4 +- ...get.test_input => www.redirect302.test_get.txt} | 4 +- ...get.test_input => www.redirect307.test_get.txt} | 4 +- ...get.test_input => www.redirect308.test_get.txt} | 4 +- .../headers/domain-blacklist-30x.test.py | 12 +++--- tests/gold_tests/headers/http408.test.py | 2 +- .../pluginTest/combo_handler/combo_handler.test.py | 16 .../x_cache_info/{none.test_input => none.in} | 8 ++-- .../xdebug/x_cache_info/{one.test_input => one.in} | 8 ++-- .../x_cache_info/{three.test_input => three.in}| 8 ++-- .../xdebug/x_cache_info/{two.test_input => two.in} | 8 ++-- .../xdebug/x_cache_info/x_cache_info.test.py | 4 +- .../x_effective_url/{none.test_input => none.in} | 10 ++--- .../x_effective_url/{one.test_input => one.in} | 10 ++--- .../x_effective_url/{three.test_input => three.in} | 10 ++--- .../x_effective_url/{two.test_input => two.in} | 10 ++--- .../xdebug/x_effective_url/x_effective_url.test.py | 2 +- .../xdebug/x_remap/{four.test_input => four.in}| 10 ++--- .../xdebug/x_remap/{fwd1.test_input => fwd1.in}| 10 ++--- .../xdebug/x_remap/{fwd2.test_input => fwd2.in}| 10 ++--- .../xdebug/x_remap/{fwd3.test_input => fwd3.in}| 10 ++--- .../xdebug/x_remap/{fwd4.test_input => fwd4.in}| 10 ++--- .../xdebug/x_remap/{fwd5.test_input => fwd5.in}| 10 ++--- .../xdebug/x_remap/{none.test_input => none.in}| 10 ++--- .../xdebug/x_remap/{one.test_input => one.in} | 10 ++--- .../xdebug/x_remap/{three.test_input => three.in} | 10 ++--- .../xdebug/x_remap/{two.test_input => two.in} | 10 ++--- .../pluginTest/xdebug/x_remap/x_remap.test.py | 2 +- .../{early_h1_get.test_input => early_h1_get.txt} | 6 +-- ...{early_h1_post.test_input => early_h1_post.txt} | 8 ++-- .../{early_h2_get.test_input => early_h2_get.txt} | Bin ...ly_h2_multi1.test_input => early_h2_multi1.txt} | Bin ...ly_h2_multi2.test_input => early_h2_multi2.txt} | Bin ...{early_h2_post.test_input => early_h2_post.txt} | Bin tests/gold_tests/tls/test-0rtt-s_client.py | 2 +- tests/gold_tests/tls/tls_0rtt_server.test.py | 12 +++--- tests/tools/tcp_client.py | 5 +-- 56 files changed, 195 insertions(+), 200 deletions(-) diff --git a/ci/rat-regex.txt b/ci/rat-regex.txt index dfea60e..26c63b9 100644 --- a/ci/rat-regex.txt +++ b/ci/rat-regex.txt @@ -24,7 +24,6 @@ .*\.config$ .*\.yaml$ .*\.gold$ -.*\.test_input$ ^\.gitignore$ ^\.gitmodules$ ^\.perltidyrc$ diff --git a/proxy/hdrs/MIME.cc b/proxy/hdrs/MIME.cc index 7376e3c..b88c5d5 100644 --- a/proxy/hdrs/MIME.cc +++ b/proxy/hdrs/MIME.cc @@ -2349,6 +2349,8 @@ ParseResult MIMEScanner::get(TextView , TextView , bool _shares_input, bool eof_p, ScanType scan_type) { ParseResult zret = PARSE_RESULT_CONT; + // Need this for handling dangling CR. + static const char RAW_CR{ParseRules::CHAR_CR}; auto text = input; while (PARSE_RESULT_CONT == zret && !text.empty()) { @@ -2366,7 +2368,7 @@ MIMEScanner::get(TextView , TextView , bool _shares_input, b } } else if (ParseRules::is_lf(*tex
[trafficserver] branch fix-output-line-endings created (now 788d1da)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch fix-output-line-endings in repository https://gitbox.apache.org/repos/asf/trafficserver.git. at 788d1da Output crlf header endings This branch includes the following new commits: new 157bc9a Revert "Fail requests with incomplete line ends (#8096)" new 788d1da Output crlf header endings The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[trafficserver] branch master updated (9b3cde5 -> 947d78b)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 9b3cde5 Cleanup generated LDFLAGS for jemalloc (#8285) add 947d78b Fix H2 logic when setting EOS flag on DATA frame (#8201) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ConnectionState.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
[trafficserver] branch master updated (277f795 -> db936ad)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 277f795 Fix some minor issues with loading the self identifying data in the Machine class. (#8275) add db936ad In preparation for H2 outbound, split out common Session (#8281) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ClientSession.cc | 419 + proxy/http2/Http2ClientSession.h | 163 +--- ...Http2ClientSession.cc => Http2CommonSession.cc} | 387 +++ .../{Http2ClientSession.h => Http2CommonSession.h} | 94 +++-- proxy/http2/Http2CommonSessionInternal.h | 43 +++ proxy/http2/Http2ConnectionState.cc| 239 ++-- proxy/http2/Http2ConnectionState.h | 8 +- proxy/http2/Makefile.am| 2 + 8 files changed, 281 insertions(+), 1074 deletions(-) copy proxy/http2/{Http2ClientSession.cc => Http2CommonSession.cc} (51%) copy proxy/http2/{Http2ClientSession.h => Http2CommonSession.h} (73%) create mode 100644 proxy/http2/Http2CommonSessionInternal.h
[trafficserver] branch master updated (675d77a -> e155fa0)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 675d77a Add ACCEPT_FILTER Support on FreeBSD (#8263) add e155fa0 Add warning message about why enhance your calm is being sent (#8271) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ConnectionState.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[trafficserver] branch master updated (45f155f -> 2c8bb98)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 45f155f Doc: Notes of setting Environment Variables for traffic_server (#8258) add 2c8bb98 Fail requests with incomplete line ends (#8096) No new revisions were added by this update. Summary of changes: ci/rat-regex.txt | 1 + proxy/hdrs/MIME.cc | 45 +++-- proxy/hdrs/unit_tests/test_Hdrs.cc | 14 --- ...txt => www.customplugin204.test_get.test_input} | 4 +- ...t => www.customtemplate204.test_get.test_input} | 4 +- ..._get.txt => www.default204.test_get.test_input} | 4 +- ..._get.txt => www.default304.test_get.test_input} | 4 +- ...200.txt => www.example.test_get_200.test_input} | 6 +-- ...304.txt => www.example.test_get_304.test_input} | 8 ++-- ...t_head.txt => www.example.test_head.test_input} | 6 +-- ...00.txt => www.example.test_head_200.test_input} | 6 +-- .../body_factory/http204_response.test.py | 4 +- .../body_factory/http204_response_plugin.test.py | 2 +- .../body_factory/http304_response.test.py | 2 +- .../body_factory/http_head_no_origin.test.py | 2 +- .../body_factory/http_with_origin.test.py | 6 +-- ...ttp408.test.txt => www.http408.test.test_input} | 10 ++--- ...get.txt => www.passthrough.test_get.test_input} | 4 +- ...t_get.txt => www.redirect0.test_get.test_input} | 4 +- ...get.txt => www.redirect301.test_get.test_input} | 4 +- ...get.txt => www.redirect302.test_get.test_input} | 4 +- ...get.txt => www.redirect307.test_get.test_input} | 4 +- ...get.txt => www.redirect308.test_get.test_input} | 4 +- .../headers/domain-blacklist-30x.test.py | 12 +++--- tests/gold_tests/headers/http408.test.py | 2 +- .../pluginTest/combo_handler/combo_handler.test.py | 16 .../x_cache_info/{none.in => none.test_input} | 8 ++-- .../xdebug/x_cache_info/{one.in => one.test_input} | 8 ++-- .../x_cache_info/{three.in => three.test_input}| 8 ++-- .../xdebug/x_cache_info/{two.in => two.test_input} | 8 ++-- .../xdebug/x_cache_info/x_cache_info.test.py | 4 +- .../x_effective_url/{none.in => none.test_input} | 10 ++--- .../x_effective_url/{one.in => one.test_input} | 10 ++--- .../x_effective_url/{three.in => three.test_input} | 10 ++--- .../x_effective_url/{two.in => two.test_input} | 10 ++--- .../xdebug/x_effective_url/x_effective_url.test.py | 2 +- .../xdebug/x_remap/{four.in => four.test_input}| 10 ++--- .../xdebug/x_remap/{fwd1.in => fwd1.test_input}| 10 ++--- .../xdebug/x_remap/{fwd2.in => fwd2.test_input}| 10 ++--- .../xdebug/x_remap/{fwd3.in => fwd3.test_input}| 10 ++--- .../xdebug/x_remap/{fwd4.in => fwd4.test_input}| 10 ++--- .../xdebug/x_remap/{fwd5.in => fwd5.test_input}| 10 ++--- .../xdebug/x_remap/{none.in => none.test_input}| 10 ++--- .../xdebug/x_remap/{one.in => one.test_input} | 10 ++--- .../xdebug/x_remap/{three.in => three.test_input} | 10 ++--- .../xdebug/x_remap/{two.in => two.test_input} | 10 ++--- .../pluginTest/xdebug/x_remap/x_remap.test.py | 2 +- .../{early_h1_get.txt => early_h1_get.test_input} | 6 +-- ...{early_h1_post.txt => early_h1_post.test_input} | 8 ++-- .../{early_h2_get.txt => early_h2_get.test_input} | Bin ...ly_h2_multi1.txt => early_h2_multi1.test_input} | Bin ...ly_h2_multi2.txt => early_h2_multi2.test_input} | Bin ...{early_h2_post.txt => early_h2_post.test_input} | Bin tests/gold_tests/tls/test-0rtt-s_client.py | 2 +- tests/gold_tests/tls/tls_0rtt_server.test.py | 12 +++--- tests/tools/tcp_client.py | 5 ++- 56 files changed, 200 insertions(+), 195 deletions(-) rename tests/gold_tests/body_factory/data/{www.customplugin204.test_get.txt => www.customplugin204.test_get.test_input} (95%) rename tests/gold_tests/body_factory/data/{www.customtemplate204.test_get.txt => www.customtemplate204.test_get.test_input} (96%) rename tests/gold_tests/body_factory/data/{www.default204.test_get.txt => www.default204.test_get.test_input} (95%) rename tests/gold_tests/body_factory/data/{www.default304.test_get.txt => www.default304.test_get.test_input} (95%) rename tests/gold_tests/body_factory/data/{www.example.test_get_200.txt => www.example.test_get_200.test_input} (93%) rename tests/gold_tests/body_factory/data/{www.example.test_get_304.txt => www.example.test_get_304.test_input} (95%) rename tests/gold_tests/body_factory/data/{www.example.test_head.txt => www.example.test_head.test_input} (95%) rename tests/gold_tests/body_factory/data/
[trafficserver] branch master updated: Add some header tests (#8221)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 0e98156 Add some header tests (#8221) 0e98156 is described below commit 0e981565cf8267199d3c20f7a790f824e5952a40 Author: Susan Hinrichs AuthorDate: Wed Aug 18 10:03:01 2021 -0500 Add some header tests (#8221) --- .../gold_tests/headers/good_request_after_bad.test.py | 19 +++ 1 file changed, 19 insertions(+) diff --git a/tests/gold_tests/headers/good_request_after_bad.test.py b/tests/gold_tests/headers/good_request_after_bad.test.py index f65d542..1e5ca87 100644 --- a/tests/gold_tests/headers/good_request_after_bad.test.py +++ b/tests/gold_tests/headers/good_request_after_bad.test.py @@ -92,6 +92,25 @@ tr.Processes.Default.Command = 'printf "GET / HTTP/1.1\r\nhost: bob\r\ntransfer- tr.Processes.Default.ReturnCode = 0 tr.Processes.Default.Streams.stdout = 'gold/bad_te_value.gold' +tr = Test.AddTestRun("Another unsupported Transfer Encoding value") +tr.Processes.Default.Command = 'printf "GET / HTTP/1.1\r\nhost: bob\r\ntransfer-encoding: \x08chunked\r\n\r\nGET / HTTP/1.1\r\nHost: boa\r\n\r\n" | nc 127.0.0.1 {}'.format( +ts.Variables.port) +tr.Processes.Default.ReturnCode = 0 +tr.Processes.Default.Streams.stdout = 'gold/bad_te_value.gold' + +tr = Test.AddTestRun("Extra characters in content-length") +tr.Processes.Default.Command = 'printf "GET / HTTP/1.1\r\nhost: bob\r\ncontent-length:+3\r\n\r\nGET / HTTP/1.1\r\nHost: boa\r\n\r\n" | nc 127.0.0.1 {}'.format( +ts.Variables.port) +tr.Processes.Default.ReturnCode = 0 +tr.Processes.Default.Streams.stdout = 'gold/bad_good_request_header.gold' + +tr = Test.AddTestRun("Different extra characters in content-length") +tr.Processes.Default.Command = 'printf "GET / HTTP/1.1\r\nhost: bob\r\ncontent-length:\x0c3\r\n\r\nGET / HTTP/1.1\r\nHost: boa\r\n\r\n" | nc 127.0.0.1 {}'.format( +ts.Variables.port) +tr.Processes.Default.ReturnCode = 0 +tr.Processes.Default.Streams.stdout = 'gold/bad_good_request_header.gold' + + # TRACE request with a body tr = Test.AddTestRun("Trace request with a body") tr.Processes.Default.Command = 'printf "TRACE /foo HTTP/1.1\r\nHost: bob\r\nContent-length:2\r\n\r\nokGET / HTTP/1.1\r\nHost: boa\r\n\r\n" | nc 127.0.0.1 {}'.format(
[trafficserver] branch master updated (1109f20 -> 532e30c)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 1109f20 Update documentation of the url log fields (#8015) add 532e30c Fix error connection logging crash (#8191) No new revisions were added by this update. Summary of changes: proxy/http/HttpTransact.cc | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-)
[trafficserver] branch master updated (8b78586 -> 1109f20)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 8b78586 Remove global g_rec_config_contents_llq (#8194) add 1109f20 Update documentation of the url log fields (#8015) No new revisions were added by this update. Summary of changes: doc/admin-guide/logging/formatting.en.rst | 17 ++--- 1 file changed, 10 insertions(+), 7 deletions(-)
[trafficserver] branch master updated (9590447 -> d00fb39)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 9590447 Merge quic-latest into master (#8010) add d00fb39 Cancel active timeout when releasing session (#8083) No new revisions were added by this update. Summary of changes: proxy/http/Http1ServerSession.cc | 5 + proxy/http/HttpSessionManager.cc | 17 ++--- 2 files changed, 11 insertions(+), 11 deletions(-)
[trafficserver] branch master updated: Abstract adding Connection: close header to avoid triggering H2 draining logic (#8178)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 658e3cd Abstract adding Connection: close header to avoid triggering H2 draining logic (#8178) 658e3cd is described below commit 658e3cde33a74353ec520fa18ead7035821485f1 Author: Susan Hinrichs AuthorDate: Thu Jul 29 08:56:24 2021 -0500 Abstract adding Connection: close header to avoid triggering H2 draining logic (#8178) --- proxy/ProxyTransaction.cc | 8 proxy/ProxyTransaction.h | 4 proxy/http/Http1Transaction.h | 7 +++ proxy/http/HttpSM.cc | 2 +- proxy/http/HttpTransact.cc| 11 +-- 5 files changed, 29 insertions(+), 3 deletions(-) diff --git a/proxy/ProxyTransaction.cc b/proxy/ProxyTransaction.cc index 3f1ace9..cb80b3c 100644 --- a/proxy/ProxyTransaction.cc +++ b/proxy/ProxyTransaction.cc @@ -240,3 +240,11 @@ ProxyTransaction::allow_half_open() const { return false; } + +// Most protocols will not want to set the Connection: header +// For H2 it will initiate the drain logic. So we make do nothing +// the default action. +void +ProxyTransaction::set_close_connection(HTTPHdr ) const +{ +} diff --git a/proxy/ProxyTransaction.h b/proxy/ProxyTransaction.h index 82a07d6..261af68 100644 --- a/proxy/ProxyTransaction.h +++ b/proxy/ProxyTransaction.h @@ -87,6 +87,10 @@ public: // Returns true if there is a request body for this request virtual bool has_request_body(int64_t content_length, bool is_chunked_set) const; + // Worker function to set Connection:close header if appropriate for + // underlying protocol + virtual void set_close_connection(HTTPHdr ) const; + sockaddr const *get_remote_addr() const; virtual HTTPVersion get_version(HTTPHdr ) const; diff --git a/proxy/http/Http1Transaction.h b/proxy/http/Http1Transaction.h index be0a174..aeb1d3a 100644 --- a/proxy/http/Http1Transaction.h +++ b/proxy/http/Http1Transaction.h @@ -43,6 +43,7 @@ public: // Methods int get_transaction_id() const override; void set_reader(IOBufferReader *reader); + void set_close_connection(HTTPHdr ) const override; // Variables @@ -71,3 +72,9 @@ Http1Transaction::set_reader(IOBufferReader *reader) { _reader = reader; } + +inline void +Http1Transaction::set_close_connection(HTTPHdr ) const +{ + hdr.value_set(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION, "close", 5); +} diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 67d18b8..4f6e06d 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -5873,7 +5873,7 @@ HttpSM::do_drain_request_body(HTTPHdr ) close_connection: t_state.client_info.keep_alive = HTTP_NO_KEEPALIVE; - response.value_set(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION, "close", 5); + ua_txn->set_close_connection(response); } void diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 6e66aa4..ce2d7fa 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -6891,7 +6891,10 @@ HttpTransact::handle_request_keep_alive_headers(State *s, HTTPVersion ver, HTTPH if (s->current.request_to == PARENT_PROXY && parent_is_proxy(s)) { heads->value_set(MIME_FIELD_PROXY_CONNECTION, MIME_LEN_PROXY_CONNECTION, "close", 5); } else { - heads->value_set(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION, "close", 5); + ProxyTransaction *svr = s->state_machine->get_server_txn(); + if (svr) { +svr->set_close_connection(*heads); + } } } // Note: if we are 1.1, we always need to send the close @@ -7050,7 +7053,11 @@ HttpTransact::handle_response_keep_alive_headers(State *s, HTTPVersion ver, HTTP case KA_CLOSE: case KA_DISABLED: if (s->client_info.keep_alive != HTTP_NO_KEEPALIVE || (ver == HTTP_1_1)) { - heads->value_set(c_hdr_field_str, c_hdr_field_len, "close", 5); + if (s->client_info.proxy_connect_hdr) { +heads->value_set(c_hdr_field_str, c_hdr_field_len, "close", 5); + } else if (s->state_machine->ua_txn != nullptr) { +s->state_machine->ua_txn->set_close_connection(*heads); + } s->client_info.keep_alive = HTTP_NO_KEEPALIVE; } // Note: if we are 1.1, we always need to send the close
[trafficserver] branch master updated (f2b4585 -> aeef325)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from f2b4585 Fix typo in documentation (#8177) add aeef325 Remove unused HdrCsvIter methods (#8167) No new revisions were added by this update. Summary of changes: proxy/hdrs/HdrUtils.cc | 22 -- proxy/hdrs/HdrUtils.h | 10 -- 2 files changed, 32 deletions(-)
[trafficserver] branch master updated (732df02 -> 1766d16)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 732df02 ensure hostname_offset is initialized to '0' to indicate null hostname (#8162) add 1766d16 Remove used url_copy_onto_as_server_url (#8169) No new revisions were added by this update. Summary of changes: proxy/hdrs/HTTP.h | 14 -- proxy/hdrs/URL.cc | 33 - proxy/hdrs/URL.h | 1 - 3 files changed, 48 deletions(-)
[trafficserver] branch master updated: Defer canceling UA inactivity timeout for chunked bodies too (#8084)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new bdf28e6 Defer canceling UA inactivity timeout for chunked bodies too (#8084) bdf28e6 is described below commit bdf28e6d05843e7a91a34b58af3f7361d7288664 Author: Susan Hinrichs AuthorDate: Thu Jul 22 10:41:48 2021 -0500 Defer canceling UA inactivity timeout for chunked bodies too (#8084) --- proxy/http/HttpSM.cc | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 1634c1e..1d697ba 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -2034,7 +2034,8 @@ HttpSM::state_read_server_response_header(int event, void *data) server_txn->set_inactivity_timeout(get_server_inactivity_timeout()); // For requests that contain a body, we can cancel the ua inactivity timeout. -if (ua_txn && t_state.hdr_info.request_content_length > 0) { +if (ua_txn && ua_txn->has_request_body(t_state.hdr_info.request_content_length, + t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING)) { ua_txn->cancel_inactivity_timeout(); } } @@ -3682,9 +3683,8 @@ HttpSM::tunnel_handler_post_ua(int event, HttpTunnelProducer *p) // Now that we have communicated the post body, turn off the inactivity timeout // until the server starts sending data back if (ua_txn) { - if (t_state.hdr_info.request_content_length > 0) { -ua_txn->cancel_inactivity_timeout(); - } + ua_txn->cancel_inactivity_timeout(); + // Initiate another read to catch aborts ua_entry->vc_handler = ::state_watch_for_client_abort; ua_entry->read_vio = p->vc->do_io_read(this, INT64_MAX, ua_txn->get_remote_reader()->mbuf); @@ -7551,14 +7551,14 @@ HttpSM::set_next_state() // Now that we have gotten the user agent request, we can cancel // the inactivity timeout associated with it. Note, however, that // we must not cancel the inactivity timeout if the message - // contains a body (as indicated by the non-zero request_content_length - // field). This indicates that a POST operation is taking place and + // contains a body. This indicates that a POST operation is taking place and // that the client is still sending data to the origin server. The // origin server cannot reply until the entire request is received. In // light of this dependency, TS must ensure that the client finishes // sending its request and for this reason, the inactivity timeout // cannot be cancelled. - if (ua_txn && t_state.hdr_info.request_content_length <= 0) { + if (ua_txn && !ua_txn->has_request_body(t_state.hdr_info.request_content_length, + t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING)) { ua_txn->cancel_inactivity_timeout(); } else if (!ua_txn) { terminate_sm = true; @@ -7595,14 +7595,14 @@ HttpSM::set_next_state() // Now that we have gotten the user agent request, we can cancel // the inactivity timeout associated with it. Note, however, that // we must not cancel the inactivity timeout if the message - // contains a body (as indicated by the non-zero request_content_length - // field). This indicates that a POST operation is taking place and + // contains a body. This indicates that a POST operation is taking place and // that the client is still sending data to the origin server. The // origin server cannot reply until the entire request is received. In // light of this dependency, TS must ensure that the client finishes // sending its request and for this reason, the inactivity timeout // cannot be cancelled. - if (ua_txn && t_state.hdr_info.request_content_length <= 0) { + if (ua_txn && !ua_txn->has_request_body(t_state.hdr_info.request_content_length, + t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING)) { ua_txn->cancel_inactivity_timeout(); } else if (!ua_txn) { terminate_sm = true;
[trafficserver] branch master updated: Remove unused multicast functions (#8158)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new d6b8ce0 Remove unused multicast functions (#8158) d6b8ce0 is described below commit d6b8ce009ea5fad785ee7d8c056635c28caf5484 Author: Susan Hinrichs AuthorDate: Thu Jul 22 10:41:02 2021 -0500 Remove unused multicast functions (#8158) --- iocore/net/P_Connection.h| 6 --- iocore/net/UnixConnection.cc | 124 --- 2 files changed, 130 deletions(-) diff --git a/iocore/net/P_Connection.h b/iocore/net/P_Connection.h index 4df1cc0..135a2b0 100644 --- a/iocore/net/P_Connection.h +++ b/iocore/net/P_Connection.h @@ -120,12 +120,6 @@ struct Connection { ats_ip_copy(, remote_addr); } - int setup_mc_send(sockaddr const *mc_addr, sockaddr const *my_addr, bool non_blocking = NON_BLOCKING, unsigned char mc_ttl = 1, -bool mc_loopback = DISABLE_MC_LOOPBACK, Continuation *c = nullptr); - - int setup_mc_receive(sockaddr const *from, sockaddr const *my_addr, bool non_blocking = NON_BLOCKING, - Connection *sendchan = nullptr, Continuation *c = nullptr); - int close(); // 0 on success, -errno on failure void apply_options(NetVCOptions const ); diff --git a/iocore/net/UnixConnection.cc b/iocore/net/UnixConnection.cc index 5657dc5..7be4de6 100644 --- a/iocore/net/UnixConnection.cc +++ b/iocore/net/UnixConnection.cc @@ -41,130 +41,6 @@ unsigned int const IP_TRANSPARENT = 19; #endif #endif -// -// Functions -// -int -Connection::setup_mc_send(sockaddr const *mc_addr, sockaddr const *my_addr, bool non_blocking, unsigned char mc_ttl, - bool mc_loopback, Continuation *c) -{ - (void)c; - ink_assert(fd == NO_FD); - int res = 0; - int enable_reuseaddr = 1; - in_addr_t mc_if = ats_ip4_addr_cast(my_addr); - - if ((res = socketManager.socket(my_addr->sa_family, SOCK_DGRAM, 0)) < 0) { -goto Lerror; - } - - fd = res; - - if ((res = safe_setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, reinterpret_cast(_reuseaddr), sizeof(enable_reuseaddr)) < - 0)) { -goto Lerror; - } - - if ((res = socketManager.ink_bind(fd, my_addr, ats_ip_size(my_addr), IPPROTO_UDP)) < 0) { -goto Lerror; - } - - ats_ip_copy(, mc_addr); - - if ((res = safe_fcntl(fd, F_SETFD, FD_CLOEXEC)) < 0) { -goto Lerror; - } - - if (non_blocking) { -if ((res = safe_nonblocking(fd)) < 0) { - goto Lerror; -} - } - - // Set MultiCast TTL to specified value - if ((res = safe_setsockopt(fd, IPPROTO_IP, IP_MULTICAST_TTL, reinterpret_cast(_ttl), sizeof(mc_ttl)) < 0)) { -goto Lerror; - } - - // Set MultiCast Interface to specified value - if ((res = safe_setsockopt(fd, IPPROTO_IP, IP_MULTICAST_IF, reinterpret_cast(_if), sizeof(mc_if)) < 0)) { -goto Lerror; - } - - // Disable MultiCast loopback if requested - if (!mc_loopback) { -char loop = 0; - -if ((res = safe_setsockopt(fd, IPPROTO_IP, IP_MULTICAST_LOOP, , sizeof(loop)) < 0)) { - goto Lerror; -} - } - return 0; - -Lerror: - if (fd != NO_FD) { -close(); - } - return res; -} - -int -Connection::setup_mc_receive(sockaddr const *mc_addr, sockaddr const *my_addr, bool non_blocking, Connection *sendChan, - Continuation *c) -{ - ink_assert(fd == NO_FD); - (void)sendChan; - (void)c; - int res = 0; - int enable_reuseaddr = 1; - IpAddr inaddr_any(INADDR_ANY); - - if ((res = socketManager.socket(mc_addr->sa_family, SOCK_DGRAM, 0)) < 0) { -goto Lerror; - } - - fd = res; - - if ((res = safe_fcntl(fd, F_SETFD, FD_CLOEXEC)) < 0) { -goto Lerror; - } - - if ((res = safe_setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, reinterpret_cast(_reuseaddr), sizeof(enable_reuseaddr)) < - 0)) { -goto Lerror; - } - - addr.assign(inaddr_any, ats_ip_port_cast(mc_addr)); - - if ((res = socketManager.ink_bind(fd, , ats_ip_size(), IPPROTO_TCP)) < 0) { -goto Lerror; - } - - if (non_blocking) { -if ((res = safe_nonblocking(fd)) < 0) { - goto Lerror; -} - } - - if (ats_is_ip4()) { -struct ip_mreq mc_request; -// Add ourselves to the MultiCast group -mc_request.imr_multiaddr.s_addr = ats_ip4_addr_cast(mc_addr); -mc_request.imr_interface.s_addr = ats_ip4_addr_cast(my_addr); - -if ((res = safe_setsockopt(fd, IPPROTO_IP, IP_ADD_MEMBERSHIP, reinterpret_cast(_request), sizeof(mc_request)) < 0)) { - goto Lerror; -} - } - return 0; - -Lerror: - if (fd != NO_FD) { -close(); - } - return res; -} - namespace { /** Struct to make cleaning up resources easier.
[trafficserver] branch master updated: Remove unused read_vio_cont/write_vio_cont methods (#8092)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 226687e Remove unused read_vio_cont/write_vio_cont methods (#8092) 226687e is described below commit 226687e491cf3cb6483cf6acecfaf75e66d42b91 Author: Susan Hinrichs AuthorDate: Tue Jul 20 12:27:51 2021 -0500 Remove unused read_vio_cont/write_vio_cont methods (#8092) --- iocore/net/I_NetVConnection.h | 11 --- iocore/net/P_UnixNetVConnection.h | 3 --- iocore/net/UnixNetVConnection.cc | 12 3 files changed, 26 deletions(-) diff --git a/iocore/net/I_NetVConnection.h b/iocore/net/I_NetVConnection.h index a23e08c..87a881c 100644 --- a/iocore/net/I_NetVConnection.h +++ b/iocore/net/I_NetVConnection.h @@ -389,12 +389,6 @@ public: */ VIO *do_io_read(Continuation *c, int64_t nbytes, MIOBuffer *buf) override = 0; - virtual Continuation * - read_vio_cont() - { -return nullptr; - } - /** Initiates write. Thread-safe, may be called when not handling an event from the NetVConnection, or the NetVConnection creation @@ -431,11 +425,6 @@ public: */ VIO *do_io_write(Continuation *c, int64_t nbytes, IOBufferReader *buf, bool owner = false) override = 0; - virtual Continuation * - write_vio_cont() - { -return nullptr; - } /** Closes the vconnection. A state machine MUST call do_io_close() when it has finished with a VConnection. do_io_close() indicates diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index ca79b76..e3fb922 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -94,9 +94,6 @@ public: VIO *do_io_read(Continuation *c, int64_t nbytes, MIOBuffer *buf) override; VIO *do_io_write(Continuation *c, int64_t nbytes, IOBufferReader *buf, bool owner = false) override; - Continuation *read_vio_cont() override; - Continuation *write_vio_cont() override; - bool get_data(int id, void *data) override; const char * diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index 8d1f382..6978247 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -633,18 +633,6 @@ UnixNetVConnection::do_io_write(Continuation *c, int64_t nbytes, IOBufferReader return } -Continuation * -UnixNetVConnection::read_vio_cont() -{ - return read.vio.cont; -} - -Continuation * -UnixNetVConnection::write_vio_cont() -{ - return write.vio.cont; -} - void UnixNetVConnection::do_io_close(int alerrno /* = -1 */) {
[trafficserver] branch master updated: Remove unused OOB network logic (#8094)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new a618b4b Remove unused OOB network logic (#8094) a618b4b is described below commit a618b4b2f2954f58f6904b16ef56d92754a8324e Author: Susan Hinrichs AuthorDate: Tue Jul 20 12:25:50 2021 -0500 Remove unused OOB network logic (#8094) --- iocore/eventsystem/I_VConnection.h | 2 -- iocore/net/I_NetVConnection.h | 24 iocore/net/NetVConnection.cc | 11 --- iocore/net/P_UnixNetVConnection.h | 21 -- iocore/net/SSLNetVConnection.cc| 2 -- iocore/net/UnixNetVConnection.cc | 59 -- 6 files changed, 119 deletions(-) diff --git a/iocore/eventsystem/I_VConnection.h b/iocore/eventsystem/I_VConnection.h index e739fc6..bfbeb0c 100644 --- a/iocore/eventsystem/I_VConnection.h +++ b/iocore/eventsystem/I_VConnection.h @@ -88,8 +88,6 @@ */ #define VC_EVENT_ACTIVE_TIMEOUT (VC_EVENT_EVENTS_START + 6) -#define VC_EVENT_OOB_COMPLETE (VC_EVENT_EVENTS_START + 7) - // // Event names // diff --git a/iocore/net/I_NetVConnection.h b/iocore/net/I_NetVConnection.h index ea29017..a23e08c 100644 --- a/iocore/net/I_NetVConnection.h +++ b/iocore/net/I_NetVConnection.h @@ -473,21 +473,6 @@ public: void do_io_shutdown(ShutdownHowTo_t howto) override = 0; /** -Sends out of band messages over the connection. This function -is used to send out of band messages (is this still useful?). -cont is called back with VC_EVENT_OOB_COMPLETE - on successful -send or VC_EVENT_EOS - if the other side has shutdown the -connection. These callbacks could be re-entrant. Only one -send_OOB can be in progress at any time for a VC. - -@param cont to be called back with events. -@param buf message buffer. -@param len length of the message. - - */ - virtual Action *send_OOB(Continuation *cont, char *buf, int len); - - /** Return the server name that is appropriate for the network VC type */ virtual const char * @@ -496,15 +481,6 @@ public: return nullptr; } - /** -Cancels a scheduled send_OOB. Part of the message could have -been sent already. Not callbacks to the cont are made after -this call. The Action returned by send_OOB should not be accessed -after cancel_OOB. - - */ - virtual void cancel_OOB(); - // Set the timeouts associated with this connection. // // active_timeout is for the total elapsed time of// diff --git a/iocore/net/NetVConnection.cc b/iocore/net/NetVConnection.cc index 512a1ce..df4c51f 100644 --- a/iocore/net/NetVConnection.cc +++ b/iocore/net/NetVConnection.cc @@ -36,17 +36,6 @@ // NetVConnection // -Action * -NetVConnection::send_OOB(Continuation *, char *, int) -{ - return ACTION_RESULT_DONE; -} - -void -NetVConnection::cancel_OOB() -{ - return; -} /** PROXY Protocol check with IOBufferReader diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index 399e1d9..ca79b76 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -86,23 +86,6 @@ NetVCOptions::set_sock_param(int _recv_bufsize, int _send_bufsize, unsigned long packet_tos = _packet_tos; } -struct OOB_callback : public Continuation { - char *data; - int length; - Event *trigger; - UnixNetVConnection *server_vc; - Continuation *server_cont; - int retry_OOB_send(int, Event *); - - OOB_callback(Ptr , NetVConnection *vc, Continuation *cont, char *buf, int len) -: Continuation(m), data(buf), length(len), trigger(nullptr) - { -server_vc = (UnixNetVConnection *)vc; -server_cont = cont; -SET_HANDLER(_callback::retry_OOB_send); - } -}; - enum tcp_congestion_control_t { CLIENT_SIDE, SERVER_SIDE }; class UnixNetVConnection : public NetVConnection, public NetEvent @@ -116,9 +99,6 @@ public: bool get_data(int id, void *data) override; - Action *send_OOB(Continuation *cont, char *buf, int len) override; - void cancel_OOB() override; - const char * get_server_name() const override { @@ -265,7 +245,6 @@ public: Connection con; int recursion= 0; - OOB_callback *oob_ptr= nullptr; bool from_accept_thread = false; NetAccept *accept_object = nullptr; diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index 50f3700..27c76bc 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -971,8 +971,6 @@ SSLNetVConnection::free(EThread *t) { ink_release_assert(t == this_ethread()); - // cancel OOB - cancel_OOB(); // close socket fd if (con.fd != NO_FD) { NET_SUM_GLOBAL_DYN_STAT(net_connections_currently_open_stat, -1); diff --git a/iocore
[trafficserver] branch master updated: Add pointer check in TSHttpTxnAborted (#8093)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 4124abf Add pointer check in TSHttpTxnAborted (#8093) 4124abf is described below commit 4124abf1e6959a4911265bd15ddd40fb24c5952f Author: YuanYingdong <1975643...@qq.com> AuthorDate: Tue Jul 20 22:15:30 2021 +0800 Add pointer check in TSHttpTxnAborted (#8093) Co-authored-by: yingdongyuan --- src/traffic_server/InkAPI.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/src/traffic_server/InkAPI.cc b/src/traffic_server/InkAPI.cc index ebe7ab9..427c6f1 100644 --- a/src/traffic_server/InkAPI.cc +++ b/src/traffic_server/InkAPI.cc @@ -5679,6 +5679,7 @@ TSReturnCode TSHttpTxnAborted(TSHttpTxn txnp, bool *client_abort) { sdk_assert(sdk_sanity_check_txn(txnp) == TS_SUCCESS); + sdk_assert(client_abort != nullptr); *client_abort = false; HttpSM *sm= (HttpSM *)txnp;
[trafficserver] branch master updated: Remove unused macros defined on ink_apidefs.h (#8073)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 20c0548 Remove unused macros defined on ink_apidefs.h (#8073) 20c0548 is described below commit 20c05480c7a232e6a5dcf2213530cbba702198dc Author: Masato Gosui <82705154+nekomachi-to...@users.noreply.github.com> AuthorDate: Tue Jul 20 09:48:04 2021 +0900 Remove unused macros defined on ink_apidefs.h (#8073) --- include/tscore/Arena.h| 4 +- include/tscore/Diags.h| 2 +- include/tscore/MMH.h | 8 +- include/tscore/ParseRules.h | 6 +- include/tscore/Tokenizer.h| 10 +- include/tscore/ink_apidefs.h | 5 - include/tscore/ink_assert.h | 2 +- include/tscore/ink_code.h | 8 +- include/tscore/ink_inet.h | 2 +- include/tscore/ink_queue.h| 18 +- include/tscore/ink_rand.h | 2 +- include/tscore/ink_sock.h | 2 +- include/tscore/ink_string.h | 8 +- include/tscore/ink_time.h | 4 +- iocore/cache/Cache.cc | 4 +- iocore/cache/I_Cache.h| 25 +-- iocore/cache/P_CacheInternal.h| 12 +- iocore/eventsystem/IOBuffer.cc| 8 +- iocore/eventsystem/I_EventProcessor.h | 2 +- iocore/eventsystem/I_IOBuffer.h | 16 +- iocore/eventsystem/I_Lock.h | 8 +- iocore/eventsystem/I_Thread.h | 2 +- iocore/eventsystem/I_VIO.h| 4 +- iocore/eventsystem/P_IOBuffer.h | 2 +- iocore/eventsystem/Thread.cc | 2 +- iocore/hostdb/I_HostDBProcessor.h | 4 +- iocore/net/I_NetProcessor.h | 12 +- iocore/net/I_UDPConnection.h | 2 +- iocore/net/I_UDPNet.h | 4 +- iocore/net/I_UDPPacket.h | 2 +- iocore/net/P_UDPPacket.h | 2 +- iocore/net/UnixUDPNet.cc | 2 +- iocore/net/libinknet_stub.cc | 2 +- mgmt/ProcessManager.cc| 2 +- mgmt/ProcessManager.h | 12 +- proxy/CacheControl.h | 12 +- proxy/ControlMatcher.h| 8 +- proxy/StatPages.h | 32 +-- proxy/hdrs/HTTP.h | 16 +- proxy/hdrs/HdrHeap.h | 8 +- proxy/hdrs/HdrToken.h | 2 +- proxy/hdrs/MIME.h | 11 +- proxy/http/HttpConfig.h | 4 +- proxy/http/HttpTransact.h | 2 +- proxy/http/remap/unit-tests/nexthop_test_stubs.cc | 2 +- proxy/logging/Log.cc | 2 +- proxy/logging/LogAccess.h | 254 +++--- proxy/logging/LogField.h | 2 +- proxy/logging/LogObject.h | 11 +- src/traffic_manager/traffic_manager.cc| 16 +- src/traffic_server/traffic_server.cc | 10 +- src/tscore/Diags.cc | 2 +- 52 files changed, 298 insertions(+), 306 deletions(-) diff --git a/include/tscore/Arena.h b/include/tscore/Arena.h index 6d359bd..4a456db 100644 --- a/include/tscore/Arena.h +++ b/include/tscore/Arena.h @@ -39,14 +39,14 @@ class Arena public: Arena() {} ~Arena() { reset(); } - inkcoreapi void *alloc(size_t size, size_t alignment = sizeof(double)); + void *alloc(size_t size, size_t alignment = sizeof(double)); void free(void *mem, size_t size); size_t str_length(const char *str); char *str_alloc(size_t len); void str_free(char *str); char *str_store(const char *str, size_t len); - inkcoreapi void reset(); + void reset(); private: ArenaBlock *m_blocks = nullptr; diff --git a/include/tscore/Diags.h b/include/tscore/Diags.h index be3e6bf..53cfd75 100644 --- a/include/tscore/Diags.h +++ b/include/tscore/Diags.h @@ -56,7 +56,7 @@ #endif #endif -extern inkcoreapi Diags *diags; +extern Diags *diags; // Note that the log functions being implemented as a macro has the advantage // that the pre-compiler expands this in place such that the call to diff --git a/include/tscore/MMH.h b/include/tscore/MMH.h index 877eb33..4489a5a 100644 --- a/include/tscore/MMH.h +++ b/include/tscore/MMH.h @@ -40,10 +40,10 @@ struct M
[trafficserver] branch master updated: Replace fix assert in error event processing (#8058)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 6f32b7c Replace fix assert in error event processing (#8058) 6f32b7c is described below commit 6f32b7c2c6552d919261d523cd60f14c058f3df2 Author: Susan Hinrichs AuthorDate: Mon Jul 19 15:44:01 2021 -0500 Replace fix assert in error event processing (#8058) Replace assert with non-release and process as write event in error event processing --- iocore/net/UnixNet.cc | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/iocore/net/UnixNet.cc b/iocore/net/UnixNet.cc index ca803ff..019bcaa 100644 --- a/iocore/net/UnixNet.cc +++ b/iocore/net/UnixNet.cc @@ -523,8 +523,14 @@ NetHandler::waitForActivity(ink_hrtime timeout) write_ready_list.enqueue(ne); } } else if (!(flags & (EVENTIO_READ))) { -Debug("iocore_net_main", "Unhandled epoll event: 0x%04x", get_ev_events(pd, x)); -ink_release_assert(false); +Debug("iocore_net_main", "Unhandled epoll event: 0x%04x", flags); +// In practice we sometimes see EPOLLERR and EPOLLHUP through there +// Anything else would be surprising +ink_assert((flags & ~(EVENTIO_ERROR)) == 0); +ne->write.triggered = 1; +if (!write_ready_list.in(ne)) { + write_ready_list.enqueue(ne); +} } } else if (epd->type == EVENTIO_DNS_CONNECTION) { if (epd->data.dnscon != nullptr) {
[trafficserver] branch master updated (870bbdb -> 1895340)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 870bbdb Log meta file: ensure the entire contents are written (#8062) add 1895340 Be ready to process response headers sent before the post tunnel is finished (#7976) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc| 104 +- proxy/http/HttpTunnel.cc| 20 + proxy/http/HttpTunnel.h | 1 + tests/gold_tests/post/post-early-return.test.py | 113 4 files changed, 195 insertions(+), 43 deletions(-) create mode 100644 tests/gold_tests/post/post-early-return.test.py
[trafficserver] branch master updated (f559a6b -> 284fe0a)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from f559a6b Fix use after free (#8022) add 284fe0a Add option to mostly strictly check URL characters (#8012) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.config.en.rst| 6 +- mgmt/RecordsConfig.cc | 2 +- proxy/hdrs/HTTP.cc | 2 +- proxy/hdrs/HTTP.h | 8 +-- proxy/hdrs/HdrTSOnly.cc| 2 +- proxy/hdrs/URL.cc | 28 - proxy/hdrs/URL.h | 2 +- proxy/hdrs/unit_tests/test_URL.cc | 45 ++- proxy/http/HttpConfig.cc | 2 +- ...od_request.gold => bad_good_request_http1.gold} | 3 +- .../headers/good_request_after_bad.test.py | 66 +- 11 files changed, 149 insertions(+), 17 deletions(-) copy tests/gold_tests/headers/gold/{bad_good_request.gold => bad_good_request_http1.gold} (71%)
[trafficserver] branch master updated: Fix use after free (#8022)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new f559a6b Fix use after free (#8022) f559a6b is described below commit f559a6b0917daa40d482728e79d545597f582804 Author: Susan Hinrichs AuthorDate: Mon Jul 12 16:56:32 2021 -0500 Fix use after free (#8022) --- proxy/http/Http1ServerSession.cc | 1 - 1 file changed, 1 deletion(-) diff --git a/proxy/http/Http1ServerSession.cc b/proxy/http/Http1ServerSession.cc index bcd09ac..002e4eb 100644 --- a/proxy/http/Http1ServerSession.cc +++ b/proxy/http/Http1ServerSession.cc @@ -207,7 +207,6 @@ Http1ServerSession ::release_transaction() HTTP_INCREMENT_DYN_STAT(http_origin_close_private); } this->do_io_close(); -ink_release_assert(transact_count == released_transactions); } else if (state == SSN_TO_RELEASE) { _vc->control_flags.set_flags(0);
[trafficserver] branch master updated (4525df0 -> e7778c6)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 4525df0 Treat Sphinx doc build warnings as errors. (#8033) add e7778c6 Fix the server cert reload (#8030) No new revisions were added by this update. Summary of changes: iocore/net/SSLClientCoordinator.cc | 6 ++ iocore/net/SSLConfig.cc| 7 -- py => tls_check_cert_selection_reload.test.py} | 100 +++-- 3 files changed, 59 insertions(+), 54 deletions(-) copy tests/gold_tests/tls/{tls_check_cert_selection.test.py => tls_check_cert_selection_reload.test.py} (50%)
[trafficserver] branch master updated (07250b7 -> f8be9dc)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 07250b7 Doc: Update documentation to build cleanly in Sphinx 3. Require Sphinx 3 or better. (#7978) add f8be9dc Stablize trace curl test in good_request_after_bad (#8032) No new revisions were added by this update. Summary of changes: tests/gold_tests/headers/gold/bad_good_request_header.gold | 5 + tests/gold_tests/headers/good_request_after_bad.test.py| 8 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 tests/gold_tests/headers/gold/bad_good_request_header.gold
[trafficserver] branch master updated (b490219 -> 363ad30)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from b490219 Do not invalidate cached resources upon error responses to unsafe methods (#7999) add 363ad30 Fix HPACK eviction iterator manipulation (#8004) No new revisions were added by this update. Summary of changes: proxy/http2/HPACK.cc | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-)
[trafficserver] branch master updated (5057c29 -> 08d1896)
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 5057c29 mem leak fix (#7883) add 08d1896 Reject TLS if client offers alpn with no match (#7981) No new revisions were added by this update. Summary of changes: iocore/net/ALPNSupport.cc | 18 --- proxy/http3/Http3SessionAccept.cc | 8 +--- ...orward_nonhttp.test.py => tls_bad_alpn.test.py} | 55 +++--- 3 files changed, 41 insertions(+), 40 deletions(-) copy tests/gold_tests/tls/{tls_forward_nonhttp.test.py => tls_bad_alpn.test.py} (51%)