[trafficserver] branch master updated: Make Http2ClientSession inactive on EOS event
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new e9c3a13 Make Http2ClientSession inactive on EOS event e9c3a13 is described below commit e9c3a136bfd5b06178c22b095263eb34673eb657 Author: Masaori Koshiba AuthorDate: Tue Jun 9 16:04:16 2020 +0900 Make Http2ClientSession inactive on EOS event --- proxy/http2/Http2ClientSession.cc | 3 +++ proxy/http2/Http2ConnectionState.cc | 2 ++ 2 files changed, 5 insertions(+) diff --git a/proxy/http2/Http2ClientSession.cc b/proxy/http2/Http2ClientSession.cc index 361f2f8..638679f 100644 --- a/proxy/http2/Http2ClientSession.cc +++ b/proxy/http2/Http2ClientSession.cc @@ -103,6 +103,9 @@ Http2ClientSession::free() REMEMBER(NO_EVENT, this->recursion) Http2SsnDebug("session free"); + // Don't free active ProxySession + ink_release_assert(is_active() == false); + this->_milestones.mark(Http2SsnMilestone::CLOSE); ink_hrtime total_time = this->_milestones.elapsed(Http2SsnMilestone::OPEN, Http2SsnMilestone::CLOSE); diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc index 8966c73..d2a1cc2 100644 --- a/proxy/http2/Http2ConnectionState.cc +++ b/proxy/http2/Http2ConnectionState.cc @@ -1406,6 +1406,8 @@ Http2ConnectionState::release_stream() if (total_client_streams_count == 0) { if (fini_received) { +ua_session->clear_session_active(); + // We were shutting down, go ahead and terminate the session // this is a member of Http2ConnectionState and will be freed // when ua_session is destroyed
[trafficserver] branch master updated: LGTM: Remove superfluous const qualifier in return type (#7412)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 09dadf5 LGTM: Remove superfluous const qualifier in return type (#7412) 09dadf5 is described below commit 09dadf50a70681dcc2fd1b599d6ba2bb91e8c36f Author: Masaori Koshiba AuthorDate: Tue Jan 12 08:01:55 2021 +0900 LGTM: Remove superfluous const qualifier in return type (#7412) --- include/tscore/AtomicBit.h | 2 +- include/tscore/Extendible.h | 4 ++-- iocore/net/quic/QUICTypes.cc| 2 +- iocore/net/quic/QUICTypes.h | 2 +- plugins/experimental/ssl_session_reuse/src/connection.h | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/tscore/AtomicBit.h b/include/tscore/AtomicBit.h index 72581d3..5744d77 100644 --- a/include/tscore/AtomicBit.h +++ b/include/tscore/AtomicBit.h @@ -64,7 +64,7 @@ public: } // allow cast to bool - explicit operator const bool() const { return (*_byte_ptr) & _mask; } + explicit operator bool() const { return (*_byte_ptr) & _mask; } // allows compare with bool bool diff --git a/include/tscore/Extendible.h b/include/tscore/Extendible.h index 2ac826f..ea94a74 100644 --- a/include/tscore/Extendible.h +++ b/include/tscore/Extendible.h @@ -359,7 +359,7 @@ namespace details /// Bool specializations template - const bool + bool fieldGet(const void *fld_ptr, FieldId const ) { return bool((*static_cast(fld_ptr)) & field.desc->mask); @@ -395,7 +395,7 @@ namespace details /// std::atomic specializations (same as bool) template - inline const bool + inline bool fieldGet(void const *fld_ptr, FieldId> const ) { return bool(fld_ptr & field.mask); diff --git a/iocore/net/quic/QUICTypes.cc b/iocore/net/quic/QUICTypes.cc index 305abc2..3b7d586 100644 --- a/iocore/net/quic/QUICTypes.cc +++ b/iocore/net/quic/QUICTypes.cc @@ -355,7 +355,7 @@ QUICResumptionToken::cid() const return QUICTypeUtil::read_QUICConnectionId(this->_token + (1 + 20 + 4), this->_token_len - (1 + 20 + 4)); } -const ink_hrtime +ink_hrtime QUICResumptionToken::expire_time() const { return QUICIntUtil::read_nbytes_as_uint(this->_token + (1 + 20), 4); diff --git a/iocore/net/quic/QUICTypes.h b/iocore/net/quic/QUICTypes.h index 021ccea..50e8752 100644 --- a/iocore/net/quic/QUICTypes.h +++ b/iocore/net/quic/QUICTypes.h @@ -373,7 +373,7 @@ public: bool is_valid(const IpEndpoint ) const; const QUICConnectionId cid() const; - const ink_hrtime expire_time() const; + ink_hrtime expire_time() const; }; class QUICRetryToken : public QUICAddressValidationToken diff --git a/plugins/experimental/ssl_session_reuse/src/connection.h b/plugins/experimental/ssl_session_reuse/src/connection.h index eb99c50..597f496 100644 --- a/plugins/experimental/ssl_session_reuse/src/connection.h +++ b/plugins/experimental/ssl_session_reuse/src/connection.h @@ -55,7 +55,7 @@ public: * management. * @return */ - inline redisContext *const + inline redisContext * c_ptr() const { return c;
[trafficserver] branch master updated: Fix lookup split dns rule with fast path (#7320)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 4e2ac3b Fix lookup split dns rule with fast path (#7320) 4e2ac3b is described below commit 4e2ac3b2be8b535ab89d0f5762b3201647e5efba Author: Masaori Koshiba AuthorDate: Fri Nov 27 07:57:57 2020 +0900 Fix lookup split dns rule with fast path (#7320) --- iocore/dns/P_SplitDNSProcessor.h | 8 +--- iocore/dns/SplitDNS.cc | 22 ++ 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/iocore/dns/P_SplitDNSProcessor.h b/iocore/dns/P_SplitDNSProcessor.h index ef20b0e..5fa119e 100644 --- a/iocore/dns/P_SplitDNSProcessor.h +++ b/iocore/dns/P_SplitDNSProcessor.h @@ -32,6 +32,8 @@ #include "ProxyConfig.h" +#include "tscore/HostLookup.h" + /* --- forward declarations ... --- */ @@ -88,9 +90,9 @@ struct SplitDNS : public ConfigInfo { required by the alleged fast path */ - bool m_bEnableFastPath = false; - void *m_pxLeafArray= nullptr; - int m_numEle = 0; + bool m_bEnableFastPath = false; + HostLookup::LeafArray *m_pxLeafArray = nullptr; + int m_numEle = 0; }; /* -- diff --git a/iocore/dns/SplitDNS.cc b/iocore/dns/SplitDNS.cc index cf6a9b9..6747c16 100644 --- a/iocore/dns/SplitDNS.cc +++ b/iocore/dns/SplitDNS.cc @@ -222,7 +222,7 @@ SplitDNS::findServer(RequestData *rdata, SplitDNSResult *result) /* --- the 'alleged' fast path ... --- */ - if (m_bEnableFastPath) { + if (m_bEnableFastPath && m_pxLeafArray) { SplitDNSRecord *data_ptr = nullptr; char *pHost = const_cast(rdata->get_host()); if (nullptr == pHost) { @@ -230,30 +230,28 @@ SplitDNS::findServer(RequestData *rdata, SplitDNSResult *result) return; } -int len= strlen(pHost); -HostLeaf *pxHL = static_cast(m_pxLeafArray); -for (int i = 0; i < m_numEle; i++) { - if (nullptr == pxHL) { -break; - } +int len = strlen(pHost); +int n = std::min(static_cast(m_numEle), m_pxLeafArray->size()); +for (int i = 0; i < n; i++) { + const HostLeaf = m_pxLeafArray->at(i); - if (false == pxHL[i].isNot && static_cast(pxHL[i].match.size()) > len) { + if (false == pxHL.isNot && static_cast(pxHL.match.size()) > len) { continue; } - int idx= len - pxHL[i].match.size(); + int idx= len - pxHL.match.size(); char *pH = [idx]; - const char *pMatch = pxHL[i].match.data(); + const char *pMatch = pxHL.match.data(); char cNot = *pMatch; if ('!' == cNot) { pMatch++; } - int res = memcmp(pH, pMatch, pxHL[i].match.size()); + int res = memcmp(pH, pMatch, pxHL.match.size()); if ((0 != res && '!' == cNot) || (0 == res && '!' != cNot)) { -data_ptr = static_cast(pxHL[i].opaque_data); +data_ptr = static_cast(pxHL.opaque_data); data_ptr->UpdateMatch(result, rdata); break; }
[trafficserver] branch master updated (4e2ac3b -> 3f11f15)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 4e2ac3b Fix lookup split dns rule with fast path (#7320) add 3f11f15 Set thread mutex to the DNSHandler mutex of SplitDNS (#7321) No new revisions were added by this update. Summary of changes: iocore/dns/DNS.cc | 1 + iocore/dns/SplitDNS.cc | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-)
[trafficserver] branch master updated: Cleanup: Remove SSL Wire Trace releated code in UnixNetVConnection (#7368)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 00366d9 Cleanup: Remove SSL Wire Trace releated code in UnixNetVConnection (#7368) 00366d9 is described below commit 00366d91470bfcff7e25494ef130afc0e946 Author: Masaori Koshiba AuthorDate: Fri Dec 4 10:16:03 2020 +0900 Cleanup: Remove SSL Wire Trace releated code in UnixNetVConnection (#7368) --- iocore/net/P_UnixNetVConnection.h | 23 --- 1 file changed, 23 deletions(-) diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index e636814..64e1738 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -268,11 +268,6 @@ public: bool from_accept_thread = false; NetAccept *accept_object = nullptr; - // es - origin_trace associated connections - bool origin_trace; - const sockaddr *origin_trace_addr; - int origin_trace_port; - int startEvent(int event, Event *e); int acceptEvent(int event, Event *e); int mainEvent(int event, Event *e); @@ -296,24 +291,6 @@ public: void apply_options() override; friend void write_to_net_io(NetHandler *, UnixNetVConnection *, EThread *); - - void - setOriginTrace(bool t) - { -origin_trace = t; - } - - void - setOriginTraceAddr(const sockaddr *addr) - { -origin_trace_addr = addr; - } - - void - setOriginTracePort(int port) - { -origin_trace_port = port; - } }; extern ClassAllocator netVCAllocator;
[trafficserver] branch master updated (019973a -> f7526b6)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 019973a In CI, only run autopep8 on branches that enforce autopep8 (#7270) add f7526b6 Cleanup incoming PROXY Protocol v1 (#7331) No new revisions were added by this update. Summary of changes: iocore/net/I_NetVConnection.h | 91 +++- iocore/net/NetVConnection.cc| 57 + iocore/net/P_NetVConnection.h | 3 +- iocore/net/ProxyProtocol.cc | 161 +--- iocore/net/ProxyProtocol.h | 51 ++-- iocore/net/SSLNetVConnection.cc | 6 +- proxy/ProtocolProbeSessionAccept.cc | 6 +- proxy/http/HttpTransact.cc | 10 +-- proxy/http/HttpTransact.h | 2 +- proxy/logging/LogAccess.cc | 12 +-- 10 files changed, 188 insertions(+), 211 deletions(-)
[trafficserver] branch master updated (526952f -> 3f27d75)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 526952f Fix vc close migration race condition (#7337) add 3f27d75 AuTest for incoming PROXY Protocol v1 (#7326) No new revisions were added by this update. Summary of changes: .../proxy_protocol/gold/test_case_0_stderr.gold| 11 +++ .../proxy_protocol/gold/test_case_0_stdout.gold| 9 +++ .../proxy_protocol/gold/test_case_1_stderr.gold| 11 +++ .../proxy_protocol/gold/test_case_1_stdout.gold| 9 +++ .../proxy_protocol/proxy_protocol.test.py | 91 ++ .../{tls_hooks => proxy_protocol}/ssl/server.key | 0 .../ssl/server.pem | 0 7 files changed, 131 insertions(+) create mode 100644 tests/gold_tests/proxy_protocol/gold/test_case_0_stderr.gold create mode 100644 tests/gold_tests/proxy_protocol/gold/test_case_0_stdout.gold create mode 100644 tests/gold_tests/proxy_protocol/gold/test_case_1_stderr.gold create mode 100644 tests/gold_tests/proxy_protocol/gold/test_case_1_stdout.gold create mode 100644 tests/gold_tests/proxy_protocol/proxy_protocol.test.py copy tests/gold_tests/{tls_hooks => proxy_protocol}/ssl/server.key (100%) copy tests/gold_tests/{pluginTest/server_push_preload => proxy_protocol}/ssl/server.pem (100%)
[trafficserver] branch master updated: Cleanup: Get rid of NetVConnection::outstanding() (#7366)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 95db097 Cleanup: Get rid of NetVConnection::outstanding() (#7366) 95db097 is described below commit 95db097d39bb09e1646def75baccc930bbd554a1 Author: Masaori Koshiba AuthorDate: Thu Dec 3 10:21:14 2020 +0900 Cleanup: Get rid of NetVConnection::outstanding() (#7366) --- iocore/net/I_NetVConnection.h | 8 iocore/net/P_UnixNetVConnection.h | 1 - iocore/net/UnixNetVConnection.cc | 13 - 3 files changed, 22 deletions(-) diff --git a/iocore/net/I_NetVConnection.h b/iocore/net/I_NetVConnection.h index c2aa346..88d8ec6 100644 --- a/iocore/net/I_NetVConnection.h +++ b/iocore/net/I_NetVConnection.h @@ -357,14 +357,6 @@ struct NetVCOptions { class NetVConnection : public VConnection, public PluginUserArgs { public: - // How many bytes have been queued to the OS for sending by haven't been sent yet - // Not all platforms support this, and if they don't we'll return -1 for them - virtual int64_t - outstanding() - { -return -1; - }; - /** Initiates read. Thread safe, may be called when not handling an event from the NetVConnection, or the NetVConnection creation diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index 0361fb0..e636814 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -107,7 +107,6 @@ enum tcp_congestion_control_t { CLIENT_SIDE, SERVER_SIDE }; class UnixNetVConnection : public NetVConnection, public NetEvent { public: - int64_t outstanding() override; VIO *do_io_read(Continuation *c, int64_t nbytes, MIOBuffer *buf) override; VIO *do_io_write(Continuation *c, int64_t nbytes, IOBufferReader *buf, bool owner = false) override; diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index 0d5ad00..3aac686 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -571,19 +571,6 @@ UnixNetVConnection::get_data(int id, void *data) } } -int64_t -UnixNetVConnection::outstanding() -{ - int n; - int ret = ioctl(this->get_socket(), TIOCOUTQ, ); - // if there was an error (such as ioctl doesn't support this call on this platform) then - // we return -1 - if (ret == -1) { -return ret; - } - return n; -} - VIO * UnixNetVConnection::do_io_read(Continuation *c, int64_t nbytes, MIOBuffer *buf) {
[trafficserver] branch master updated: Cleanup: Remove unused functions (#7365)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new e322367 Cleanup: Remove unused functions (#7365) e322367 is described below commit e322367daa2701d7b33cd7746caea44cece5e639 Author: Masaori Koshiba AuthorDate: Thu Dec 3 07:40:30 2020 +0900 Cleanup: Remove unused functions (#7365) --- iocore/net/P_SSLNetVConnection.h | 7 --- iocore/net/P_UnixNetVConnection.h | 22 -- 2 files changed, 29 deletions(-) diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index 5f33467..aa415cb 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -102,13 +102,6 @@ public: void clear() override; void free(EThread *t) override; - virtual void - enableRead() - { -read.enabled = 1; -write.enabled = 1; - } - bool trackFirstHandshake() override { diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index 1d61200..0361fb0 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -119,28 +119,6 @@ public: Action *send_OOB(Continuation *cont, char *buf, int len) override; void cancel_OOB() override; - virtual void - setSSLHandshakeWantsRead(bool /* flag */) - { -return; - } - virtual bool - getSSLHandshakeWantsRead() - { -return false; - } - virtual void - setSSLHandshakeWantsWrite(bool /* flag */) - { -return; - } - - virtual bool - getSSLHandshakeWantsWrite() - { -return false; - } - const char * get_server_name() const override {
[trafficserver] branch master updated: AuTest for Split DNS (#7325)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new ba36d58 AuTest for Split DNS (#7325) ba36d58 is described below commit ba36d581c058bbd34e233a241aeebfb3c752cf44 Author: Masaori Koshiba AuthorDate: Tue Dec 1 07:46:35 2020 +0900 AuTest for Split DNS (#7325) --- .../splitdns/gold/test_case_0_stderr.gold | 10 +++ .../splitdns/gold/test_case_1_stderr.gold | 10 +++ tests/gold_tests/splitdns/splitdns.test.py | 79 ++ 3 files changed, 99 insertions(+) diff --git a/tests/gold_tests/splitdns/gold/test_case_0_stderr.gold b/tests/gold_tests/splitdns/gold/test_case_0_stderr.gold new file mode 100644 index 000..9e86235 --- /dev/null +++ b/tests/gold_tests/splitdns/gold/test_case_0_stderr.gold @@ -0,0 +1,10 @@ +`` +> GET /foo/ HTTP/1.1 +> Host: localhost:`` +> User-Agent: curl/`` +`` +< HTTP/1.1 200 OK +< Server: ATS/`` +< Date: `` +< Age: `` +`` diff --git a/tests/gold_tests/splitdns/gold/test_case_1_stderr.gold b/tests/gold_tests/splitdns/gold/test_case_1_stderr.gold new file mode 100644 index 000..34c0e15 --- /dev/null +++ b/tests/gold_tests/splitdns/gold/test_case_1_stderr.gold @@ -0,0 +1,10 @@ +`` +> GET /bar/ HTTP/1.1 +> Host: localhost:`` +> User-Agent: curl/`` +`` +< HTTP/1.1 200 OK +< Server: ATS/`` +< Date: `` +< Age: `` +`` diff --git a/tests/gold_tests/splitdns/splitdns.test.py b/tests/gold_tests/splitdns/splitdns.test.py new file mode 100644 index 000..23e277c --- /dev/null +++ b/tests/gold_tests/splitdns/splitdns.test.py @@ -0,0 +1,79 @@ +''' +''' +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +Test.Summary = 'Test Split DNS' + + +class SplitDNSTest: +def __init__(self): +self.setupDNSServer() +self.setupOriginServer() +self.setupTS() + +def setupDNSServer(self): +self.dns = Test.MakeDNServer("dns") +self.dns.addRecords(records={'foo.ts.a.o.': ['127.0.0.1']}) + +def setupOriginServer(self): +self.origin_server = Test.MakeOriginServer("origin_server") +self.origin_server.addResponse("sessionlog.json", + {"headers": "GET / HTTP/1.1\r\nHost: localhost\r\n\r\n"}, + {"headers": "HTTP/1.1 200 OK\r\nServer: microserver\r\nConnection: close\r\n\r\n"}) + +def setupTS(self): +self.ts = Test.MakeATSProcess( +"ts", select_ports=True, enable_cache=False) +self.ts.Disk.records_config.update({ +"proxy.config.dns.splitDNS.enabled": 1, +"proxy.config.diags.debug.enabled": 1, +"proxy.config.diags.debug.tags": "dns|splitdns", +}) +self.ts.Disk.splitdns_config.AddLine( +f"dest_domain=foo.ts.a.o named=127.0.0.1:{self.dns.Variables.Port}") +self.ts.Disk.remap_config.AddLine( +f"map /foo/ http://foo.ts.a.o:{self.origin_server.Variables.Port}/;) +self.ts.Disk.remap_config.AddLine( +f"map /bar/ http://127.0.0.1:{self.origin_server.Variables.Port}/;) + +def addTestCase0(self): +tr = Test.AddTestRun() +tr.Processes.Default.Command = f"curl -v http://localhost:{self.ts.Variables.port}/foo/; +tr.Processes.Default.ReturnCode = 0 +tr.Processes.Default.Streams.stderr = "gold/test_case_0_stderr.gold" +tr.Processes.Default.StartBefore(self.dns) +tr.Processes.Default.StartBefore(self.origin_server) +tr.Processes.Default.StartBefore(self.ts) +tr.StillRunningAfter = self.dns +tr.StillRunningAfter = self.origin_server +tr.StillRunningAfter = self.ts + +def addTestCase1(self): +tr = Test.AddTestRun() +tr.Processes.Default.Command = f"curl -v http://localhost:{self.ts.Variables.port}/bar/; +tr.Processes.
[trafficserver] branch master updated: Doc: Fix INPUT tag of Doxyfile (#7404)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new afc356b Doc: Fix INPUT tag of Doxyfile (#7404) afc356b is described below commit afc356b83a3cf2321bf7b0c7ec431bdab5d56561 Author: Masaori Koshiba AuthorDate: Fri Dec 25 09:00:39 2020 +0900 Doc: Fix INPUT tag of Doxyfile (#7404) --- doc/Doxyfile | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/doc/Doxyfile b/doc/Doxyfile index 083f1d0..f41990f 100644 --- a/doc/Doxyfile +++ b/doc/Doxyfile @@ -746,11 +746,12 @@ WARN_LOGFILE = # Note: If this tag is empty the current directory is searched. INPUT = mainpage.doc \ + ../include \ ../iocore \ - ../lib/cppapi/include/atscppapi \ ../lib/records \ - ../lib/ts \ - ../proxy + ../mgmt \ + ../proxy \ + ../src # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
[trafficserver] branch master updated: Reverting to old negative_caching conditional behavior (#7401)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 80f2c3f Reverting to old negative_caching conditional behavior (#7401) 80f2c3f is described below commit 80f2c3f40133a59c00db05d8d3a6bc428b4d20f0 Author: Shinya Kawano AuthorDate: Wed Dec 23 13:32:54 2020 +0900 Reverting to old negative_caching conditional behavior (#7401) https://github.com/apache/trafficserver/pull/7361 fixed negative caching for non-cacheable negative responses, but it broke certain logic concerning checks for whether a given response was cacheable because of negative caching configuration. This fixes the latter behavior so it now behaves as it did before. Co-authored-by: bneradt --- proxy/http/HttpSM.cc | 8 proxy/http/HttpTransact.cc | 10 +- proxy/http/HttpTransact.h | 22 +++--- 3 files changed, 16 insertions(+), 24 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 8e5f46d..427e4a0 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -3055,7 +3055,7 @@ HttpSM::tunnel_handler_server(int event, HttpTunnelProducer *p) // the reason string being written to the client and a bad CL when reading from cache. // I didn't find anywhere this appended reason is being used, so commenting it out. /* -if (t_state.is_cacheable_and_negative_caching_is_enabled && p->bytes_read == 0) { +if (t_state.is_cacheable_due_to_negative_caching_configuration && p->bytes_read == 0) { int reason_len; const char *reason = t_state.hdr_info.server_response.reason_get(_len); if (reason == NULL) @@ -3111,8 +3111,8 @@ HttpSM::tunnel_handler_server(int event, HttpTunnelProducer *p) } // turn off negative caching in case there are multiple server contacts - if (t_state.is_cacheable_and_negative_caching_is_enabled) { -t_state.is_cacheable_and_negative_caching_is_enabled = false; + if (t_state.is_cacheable_due_to_negative_caching_configuration) { +t_state.is_cacheable_due_to_negative_caching_configuration = false; } // If we had a ground fill, check update our status @@ -6735,7 +6735,7 @@ HttpSM::setup_server_transfer() nbytes = server_transfer_init(buf, hdr_size); - if (t_state.is_cacheable_and_negative_caching_is_enabled && + if (t_state.is_cacheable_due_to_negative_caching_configuration && t_state.hdr_info.server_response.status_get() == HTTP_STATUS_NO_CONTENT) { int s = sizeof("No Content") - 1; buf->write("No Content", s); diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 85ea71b..ea38992 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -4402,7 +4402,7 @@ HttpTransact::handle_cache_operation_on_forward_server_response(State *s) client_response_code = server_response_code; base_response= >hdr_info.server_response; -s->is_cacheable_and_negative_caching_is_enabled = cacheable && s->txn_conf->negative_caching_enabled; +s->is_cacheable_due_to_negative_caching_configuration = cacheable && is_negative_caching_appropriate(s); // determine the correct cache action given the original cache action, // cacheability of server response, and request method @@ -4464,7 +4464,7 @@ HttpTransact::handle_cache_operation_on_forward_server_response(State *s) // before issuing a 304 if (s->cache_info.action == CACHE_DO_WRITE || s->cache_info.action == CACHE_DO_NO_ACTION || s->cache_info.action == CACHE_DO_REPLACE) { - if (s->is_cacheable_and_negative_caching_is_enabled) { + if (s->is_cacheable_due_to_negative_caching_configuration) { HTTPHdr *resp; s->cache_info.object_store.create(); s->cache_info.object_store.request_set(>hdr_info.client_request); @@ -4500,8 +4500,8 @@ HttpTransact::handle_cache_operation_on_forward_server_response(State *s) SET_VIA_STRING(VIA_PROXY_RESULT, VIA_PROXY_SERVER_REVALIDATED); } } -} else if (s->is_cacheable_and_negative_caching_is_enabled) { - s->is_cacheable_and_negative_caching_is_enabled = false; +} else if (s->is_cacheable_due_to_negative_caching_configuration) { + s->is_cacheable_due_to_negative_caching_configuration = false; } break; @@ -4911,7 +4911,7 @@ HttpTransact::set_headers_for_cache_write(State *s, HTTPInfo *cache_info, HTTPHd sites yields no insight. So the assert is removed and we keep the behavior that if the response in @a cache_info is already set, we don't override it. */ - if (!s->is_cacheable_and_negative_caching_is_enabled || !cache_in
[trafficserver] branch master updated: Add incoming PROXY Protocol v2 support (#7340)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new f7bdee6 Add incoming PROXY Protocol v2 support (#7340) f7bdee6 is described below commit f7bdee616ebec26b2746ce50c75eaacab7571554 Author: Masaori Koshiba AuthorDate: Tue Jan 26 08:04:44 2021 +0900 Add incoming PROXY Protocol v2 support (#7340) TCP support only for now. UDP, UNIX Domain Socket, and TLVs are out of scope. --- .../configuration/proxy-protocol.en.rst| 6 +- iocore/net/ProxyProtocol.cc| 137 +- iocore/net/ProxyProtocol.h | 2 +- iocore/net/unit_tests/test_ProxyProtocol.cc| 292 - 4 files changed, 424 insertions(+), 13 deletions(-) diff --git a/doc/admin-guide/configuration/proxy-protocol.en.rst b/doc/admin-guide/configuration/proxy-protocol.en.rst index 8df27d1..adf61f6 100644 --- a/doc/admin-guide/configuration/proxy-protocol.en.rst +++ b/doc/admin-guide/configuration/proxy-protocol.en.rst @@ -31,7 +31,7 @@ TLS connections. .. note:: -The current version only supports transforming client IP from PROXY Version 1 +The current version only supports transforming client IP from PROXY Version 1/2 header to the Forwarded: header. In the current implementation, the client IP address in the PROXY protocol header @@ -41,7 +41,7 @@ is passed to the origin server via an HTTP `Forwarded: The Proxy Protocol must be enabled on each port. See :ts:cv:`proxy.config.http.server_ports` for information on how to enable the Proxy Protocol on a port. Once enabled, all incoming requests must be prefaced -with the PROXY v1 header. Any request not preface by this header will be +with the PROXY v1/v2 header. Any request not preface by this header will be dropped. As a security measure, an optional list of trusted IP addresses may be @@ -50,7 +50,7 @@ configured with :ts:cv:`proxy.config.http.proxy_protocol_allowlist`. .. important:: If the allowlist is configured, requests will only be accepted from these - IP addresses and must be prefaced with the PROXY v1 header. + IP addresses and must be prefaced with the PROXY v1/v2 header. See :ts:cv:`proxy.config.http.insert_forwarded` for configuration information. Detection of the PROXY protocol header is automatic. If the PROXY header diff --git a/iocore/net/ProxyProtocol.cc b/iocore/net/ProxyProtocol.cc index 2de8673..452f63b 100644 --- a/iocore/net/ProxyProtocol.cc +++ b/iocore/net/ProxyProtocol.cc @@ -34,15 +34,57 @@ namespace using namespace std::literals; constexpr ts::TextView PPv1_CONNECTION_PREFACE = "PROXY"sv; -constexpr ts::TextView PPv2_CONNECTION_PREFACE = "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A\x02"sv; +constexpr ts::TextView PPv2_CONNECTION_PREFACE = "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A"sv; constexpr size_t PPv1_CONNECTION_HEADER_LEN_MIN = 15; -constexpr size_t PPv2_CONNECTION_HEADER_LEN_MIN = 16; constexpr ts::TextView PPv1_PROTO_UNKNOWN = "UNKNOWN"sv; constexpr ts::TextView PPv1_PROTO_TCP4= "TCP4"sv; constexpr ts::TextView PPv1_PROTO_TCP6= "TCP6"sv; +constexpr uint8_t PPv2_CMD_LOCAL = 0x20; +constexpr uint8_t PPv2_CMD_PROXY = 0x21; + +constexpr uint8_t PPv2_PROTO_UNSPEC= 0x00; +constexpr uint8_t PPv2_PROTO_TCP4 = 0x11; +constexpr uint8_t PPv2_PROTO_UDP4 = 0x12; +constexpr uint8_t PPv2_PROTO_TCP6 = 0x21; +constexpr uint8_t PPv2_PROTO_UDP6 = 0x22; +constexpr uint8_t PPv2_PROTO_UNIX_STREAM = 0x31; +constexpr uint8_t PPv2_PROTO_UNIX_DATAGRAM = 0x32; + +constexpr uint16_t PPv2_ADDR_LEN_INET = 4 + 4 + 2 + 2; +constexpr uint16_t PPv2_ADDR_LEN_INET6 = 16 + 16 + 2 + 2; +// constexpr uint16_t PPv2_ADDR_LEN_UNIX = 108 + 108; + +struct PPv2Hdr { + uint8_t sig[12]; ///< preface + uint8_t ver_cmd; ///< protocol version and command + uint8_t fam; ///< protocol family and transport + uint16_t len;///< number of following bytes part of the header + union { +// for TCP/UDP over IPv4, len = 12 (PPv2_ADDR_LEN_INET) +struct { + uint32_t src_addr; + uint32_t dst_addr; + uint16_t src_port; + uint16_t dst_port; +} ip4; +// for TCP/UDP over IPv6, len = 36 (PPv2_ADDR_LEN_INET6) +struct { + uint8_t src_addr[16]; + uint8_t dst_addr[16]; + uint16_t src_port; + uint16_t dst_port; +} ip6; +// for AF_UNIX sockets, len = 216 (PPv2_ADDR_LEN_UNIX) +struct { + uint8_t src_addr[108]; + uint8_t dst_addr[108]; +} unix; + } addr; +}; + /** PROXY Protocol v1 Parser @@ -166,13 +208,100 @@ proxy_protocol_v1_parse(ProxyProtocol *pp_info, ts::TextView hdr) /** PROXY Protocol v
[trafficserver] branch master updated (04e6b33 -> b6b61fb)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 04e6b33 Small fix to regex_remap PR # 7347. (#7437) add b6b61fb Cleanup: Remove unused members of NextHopProperty (#7436) No new revisions were added by this update. Summary of changes: iocore/net/P_SSLSNI.h | 3 --- iocore/net/SSLSNIConfig.cc | 1 - 2 files changed, 4 deletions(-)
[trafficserver] branch master updated: Fix stall on outbound TLS handshake (#7432)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 9a12173 Fix stall on outbound TLS handshake (#7432) 9a12173 is described below commit 9a121730229ddf1b3a8dba962f318a5bfd3e8b0f Author: Masaori Koshiba AuthorDate: Wed Jan 20 09:13:03 2021 +0900 Fix stall on outbound TLS handshake (#7432) --- proxy/http/HttpSM.cc | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 427e4a0..dcde8fd 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -6119,9 +6119,7 @@ HttpSM::attach_server_session(Http1ServerSession *s) // first tunnel was sometimes behind handled by the consumer of the // first tunnel instead of the producer of the second tunnel. // The real read is setup in setup_server_read_response_header() - // - // Keep the read disabled until setup_server_read_response_header - server_entry->read_vio = server_session->do_io_read(this, 0, nullptr); + server_entry->read_vio = server_session->do_io_read(this, 0, server_session->read_buffer); // Transfer control of the write side as well server_entry->write_vio = server_session->do_io_write(this, 0, nullptr);
[trafficserver] branch master updated: Doc: Fix typo in negative_revalidating_lifetime (#7427)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 95b8d57 Doc: Fix typo in negative_revalidating_lifetime (#7427) 95b8d57 is described below commit 95b8d575af8a95f722c13851ca0400bddb465b51 Author: Masaori Koshiba AuthorDate: Fri Jan 15 14:51:08 2021 +0900 Doc: Fix typo in negative_revalidating_lifetime (#7427) --- doc/admin-guide/files/records.config.en.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 8ec7b22..6f78682 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -1703,7 +1703,7 @@ Negative Response Caching .. ts:cv:: CONFIG proxy.config.http.negative_revalidating_lifetime INT 1800 - How long, in seconds, to consider a stale cached document valid if If + How long, in seconds, to consider a stale cached document valid if :ts:cv:`proxy.config.http.negative_revalidating_enabled` is enabled and |TS| receives a negative (``5xx`` only) response from the origin server during revalidation.
[trafficserver] branch master updated: Add unit tests for PROXY Protocol v1 parser (#7332)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 0ce2a09 Add unit tests for PROXY Protocol v1 parser (#7332) 0ce2a09 is described below commit 0ce2a09155d33bc70adfb5cb430f0933f5e882ae Author: Masaori Koshiba AuthorDate: Thu Jan 14 07:46:24 2021 +0900 Add unit tests for PROXY Protocol v1 parser (#7332) --- .gitignore | 1 + iocore/net/Makefile.am | 32 +- iocore/net/ProxyProtocol.cc | 57 --- iocore/net/unit_tests/test_ProxyProtocol.cc | 147 4 files changed, 224 insertions(+), 13 deletions(-) diff --git a/.gitignore b/.gitignore index d503dab..64feec8 100644 --- a/.gitignore +++ b/.gitignore @@ -94,6 +94,7 @@ lib/perl/lib/Apache/TS.pm iocore/net/test_certlookup iocore/net/test_UDPNet +iocore/net/test_libinknet iocore/net/quic/test_QUIC* iocore/aio/test_AIO iocore/eventsystem/test_IOBuffer diff --git a/iocore/net/Makefile.am b/iocore/net/Makefile.am index fa60587..0209c3a 100644 --- a/iocore/net/Makefile.am +++ b/iocore/net/Makefile.am @@ -37,7 +37,7 @@ AM_CPPFLAGS += \ TESTS = $(check_PROGRAMS) -check_PROGRAMS = test_certlookup test_UDPNet +check_PROGRAMS = test_certlookup test_UDPNet test_libinknet noinst_LIBRARIES = libinknet.a test_certlookup_LDFLAGS = \ @@ -85,6 +85,36 @@ test_UDPNet_SOURCES = \ libinknet_stub.cc \ test_I_UDPNet.cc +test_libinknet_SOURCES = \ + unit_tests/test_ProxyProtocol.cc + +test_libinknet_CPPFLAGS = \ + $(AM_CPPFLAGS) \ + $(iocore_include_dirs) \ + -I$(abs_top_srcdir)/tests/include \ + -I$(abs_top_srcdir)/proxy \ + -I$(abs_top_srcdir)/proxy/hdrs \ + -I$(abs_top_srcdir)/proxy/http \ + -I$(abs_top_srcdir)/proxy/logging \ + -I$(abs_top_srcdir)/mgmt \ + -I$(abs_top_srcdir)/mgmt/utils \ + @OPENSSL_INCLUDES@ + +test_libinknet_LDFLAGS = \ + @AM_LDFLAGS@ \ + @OPENSSL_LDFLAGS@ \ + @YAMLCPP_LDFLAGS@ + +test_libinknet_LDADD = \ + libinknet.a \ + $(top_builddir)/iocore/eventsystem/libinkevent.a \ + $(top_builddir)/mgmt/libmgmt_p.la \ + $(top_builddir)/lib/records/librecords_p.a \ + $(top_builddir)/src/tscore/libtscore.la \ + $(top_builddir)/src/tscpp/util/libtscpputil.la \ + $(top_builddir)/proxy/ParentSelectionStrategy.o \ + @HWLOC_LIBS@ @OPENSSL_LIBS@ @LIBPCRE@ @YAMLCPP_LIBS@ + libinknet_a_SOURCES = \ ALPNSupport.cc \ BIO_fastopen.cc \ diff --git a/iocore/net/ProxyProtocol.cc b/iocore/net/ProxyProtocol.cc index c0cd45a..2de8673 100644 --- a/iocore/net/ProxyProtocol.cc +++ b/iocore/net/ProxyProtocol.cc @@ -39,6 +39,10 @@ constexpr ts::TextView PPv2_CONNECTION_PREFACE = "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x constexpr size_t PPv1_CONNECTION_HEADER_LEN_MIN = 15; constexpr size_t PPv2_CONNECTION_HEADER_LEN_MIN = 16; +constexpr ts::TextView PPv1_PROTO_UNKNOWN = "UNKNOWN"sv; +constexpr ts::TextView PPv1_PROTO_TCP4= "TCP4"sv; +constexpr ts::TextView PPv1_PROTO_TCP6= "TCP6"sv; + /** PROXY Protocol v1 Parser @@ -47,15 +51,21 @@ constexpr size_t PPv2_CONNECTION_HEADER_LEN_MIN = 16; size_t proxy_protocol_v1_parse(ProxyProtocol *pp_info, ts::TextView hdr) { - // Find the terminating newline + ink_release_assert(hdr.size() >= PPv1_CONNECTION_HEADER_LEN_MIN); + + // Find the terminating newline ts::TextView::size_type pos = hdr.find('\n'); if (pos == hdr.npos) { -Debug("proxyprotocol_v1", "ssl_has_proxy_v1: newline not found"); +Debug("proxyprotocol_v1", "ssl_has_proxy_v1: LF not found"); +return 0; + } + + if (hdr[pos - 1] != '\r') { +Debug("proxyprotocol_v1", "ssl_has_proxy_v1: CR not found"); return 0; } ts::TextView token; - in_port_t port; // All the cases are special and sequence, might as well unroll them. @@ -69,8 +79,28 @@ proxy_protocol_v1_parse(ProxyProtocol *pp_info, ts::TextView hdr) Debug("proxyprotocol_v1", "proxy_protov1_parse: [%.*s] = PREFACE", static_cast(token.size()), token.data()); // The INET protocol family - TCP4, TCP6 or UNKNOWN - token = hdr.split_prefix_at(' '); - if (0 == token.size()) { + if (PPv1_PROTO_UNKNOWN.isPrefixOf(hdr)) { +Debug("proxyprotocol_v1", "proxy_protov1_parse: [UNKNOWN] = INET Family"); + +// Ignore anything presented before the CRLF +pp_info->version = ProxyProtocolVersion::V1; + +return pos + 1; + } else if (PPv1_PROTO_TCP4.isPrefixOf(hdr)) { +token = hdr.split_prefix_at(' '); +if (0 == token.size()) { + return 0; +} + +pp_info->ip_family = AF_INET; + } else if (PPv1_PROTO_TCP6.isPr
[trafficserver] branch master updated (1f9536c -> a51baf6)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 1f9536c Proxy Verifier: Making use of delay directives for caching tests. (#7468) add a51baf6 Cleanup: Get rid of MIMEFieldWrapper from HPACK encoding (#6520) No new revisions were added by this update. Summary of changes: proxy/http2/HPACK.cc | 256 ++ proxy/http2/HPACK.h | 20 +- proxy/http2/unit_tests/test_HpackIndexingTable.cc | 17 +- 3 files changed, 135 insertions(+), 158 deletions(-)
[trafficserver] branch master updated (a1a47b9 -> 7b56041)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from a1a47b9 Generalize SNI support (#6870) add 7b56041 Do not provide a stale negative cache (#7422) No new revisions were added by this update. Summary of changes: proxy/http/HttpTransact.cc | 98 -- 1 file changed, 51 insertions(+), 47 deletions(-)
[trafficserver] branch master updated (b62da7d -> 026bf04)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from b62da7d Adjust vc read errors (#7923) add 026bf04 AuTest: Enable h2spec generic test cases (#7926) No new revisions were added by this update. Summary of changes: tests/gold_tests/h2/h2spec.test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[trafficserver] branch master updated (be54329 -> b62da7d)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from be54329 Remove bucket search from IntrusiveHashMap::erase (#7848) add b62da7d Adjust vc read errors (#7923) No new revisions were added by this update. Summary of changes: iocore/net/UnixNetVConnection.cc | 7 +-- 1 file changed, 1 insertion(+), 6 deletions(-)
[trafficserver] branch master updated (a2ee5ab -> e6c0aed)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from a2ee5ab Fixed compile error with Linux AIO unit test (#7958) add e6c0aed Cleanup: Constify MIMEHdr (#7949) No new revisions were added by this update. Summary of changes: proxy/hdrs/MIME.h | 88 +++ 1 file changed, 44 insertions(+), 44 deletions(-)
[trafficserver] branch master updated (4e14f48 -> 5a9339d)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 4e14f48 Compilation error fixes for QUIC unit tests (#7944) add 5a9339d Fix dynamic-stack-buffer-overflow of cachekey plugin (#7945) No new revisions were added by this update. Summary of changes: plugins/cachekey/cachekey.cc | 2 +- proxy/logging/LogUtils.cc| 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
[trafficserver] branch master updated: Fix stall on sending response for request with trailer header (#7831)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 183d376 Fix stall on sending response for request with trailer header (#7831) 183d376 is described below commit 183d3761c7ffd92082f85cf6b3411127506298be Author: Masaori Koshiba AuthorDate: Fri May 14 08:53:27 2021 +0900 Fix stall on sending response for request with trailer header (#7831) --- proxy/http2/Http2Stream.cc| 2 +- tests/gold_tests/h2/gold/nghttp_0_stdout.gold | 3 +-- tests/gold_tests/h2/nghttp.test.py| 19 +++ 3 files changed, 5 insertions(+), 19 deletions(-) diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc index 9f83206..143058f 100644 --- a/proxy/http2/Http2Stream.cc +++ b/proxy/http2/Http2Stream.cc @@ -298,7 +298,7 @@ Http2Stream::change_state(uint8_t type, uint8_t flags) case Http2StreamState::HTTP2_STREAM_STATE_OPEN: if (type == HTTP2_FRAME_TYPE_RST_STREAM) { _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED; -} else if (type == HTTP2_FRAME_TYPE_DATA) { +} else if (type == HTTP2_FRAME_TYPE_HEADERS || type == HTTP2_FRAME_TYPE_DATA) { if (recv_end_stream) { _state = Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE; } else if (send_end_stream) { diff --git a/tests/gold_tests/h2/gold/nghttp_0_stdout.gold b/tests/gold_tests/h2/gold/nghttp_0_stdout.gold index 1487943..e8e9aca 100644 --- a/tests/gold_tests/h2/gold/nghttp_0_stdout.gold +++ b/tests/gold_tests/h2/gold/nghttp_0_stdout.gold @@ -12,6 +12,5 @@ `` [``] recv (stream_id=1) :status: 200 `` -[``] recv RST_STREAM frame -``(error_code=NO_ERROR(0x00)) +``; END_STREAM `` diff --git a/tests/gold_tests/h2/nghttp.test.py b/tests/gold_tests/h2/nghttp.test.py index 4c66265..8cc94f7 100644 --- a/tests/gold_tests/h2/nghttp.test.py +++ b/tests/gold_tests/h2/nghttp.test.py @@ -29,7 +29,6 @@ Test.ContinueOnFail = True # # Setup Origin Server # -microserver = Test.MakeOriginServer("microserver") httpbin = Test.MakeHttpBinServer("httpbin") # 128KB @@ -38,15 +37,6 @@ post_body_file = open(os.path.join(Test.RunDirectory, "post_body"), "w") post_body_file.write(post_body) post_body_file.close() -# For Test Case 0 -microserver.addResponse("sessionlog.json", -{"headers": "POST /post HTTP/1.1\r\nHost: www.example.com\r\nTrailer: foo\r\n\r\n", - "timestamp": "1469733493.993", - "body": post_body}, -{"headers": "HTTP/1.1 200 OK\r\nServer: microserver\r\nConnection: close\r\n\r\n", -"timestamp": "1469733493.993", -"body": ""}) - # # Setup ATS # @@ -59,7 +49,6 @@ ts.addDefaultSSLFiles() ts.Setup.CopyAs('rules/graceful_shutdown.conf', Test.RunDirectory) ts.Disk.remap_config.AddLines([ -'map /post http://127.0.0.1:{0}/post'.format(microserver.Variables.Port), 'map /httpbin/ http://127.0.0.1:{0}/ @plugin=header_rewrite.so @pparam={1}/graceful_shutdown.conf'.format( httpbin.Variables.Port, Test.RunDirectory) ]) @@ -82,13 +71,12 @@ ts.Disk.records_config.update({ # Test Case 0: Trailer tr = Test.AddTestRun() tr.TimeOut = 10 -tr.Processes.Default.Command = "nghttp -v --no-dep 'https://127.0.0.1:{0}/post' --trailer 'foo: bar' -d 'post_body'".format( -ts.Variables.ssl_port) +tr.Processes.Default.Command = f"nghttp -vn --no-dep 'https://127.0.0.1:{ts.Variables.ssl_port}/httpbin/post' --trailer 'foo: bar' -d 'post_body'" tr.Processes.Default.ReturnCode = 0 -tr.Processes.Default.StartBefore(microserver, ready=When.PortOpen(microserver.Variables.Port)) +tr.Processes.Default.StartBefore(httpbin, ready=When.PortOpen(httpbin.Variables.Port)) tr.Processes.Default.StartBefore(Test.Processes.ts) tr.Processes.Default.Streams.stdout = "gold/nghttp_0_stdout.gold" -tr.StillRunningAfter = microserver +tr.StillRunningAfter = httpbin tr.StillRunningAfter = ts # Test Case 1: Graceful Shutdown @@ -98,7 +86,6 @@ tr = Test.AddTestRun() tr.TimeOut = 10 tr.Processes.Default.Command = f"nghttp -vn --no-dep 'https://127.0.0.1:{ts.Variables.ssl_port}/httpbin/drip?duration=3'" tr.Processes.Default.ReturnCode = 0 -tr.Processes.Default.StartBefore(httpbin, ready=When.PortOpen(httpbin.Variables.Port)) tr.Processes.Default.Streams.stdout = "gold/nghttp_1_stdout.gold" tr.StillRunningAfter = httpbin tr.StillRunningAfter = ts
[trafficserver] branch master updated (aaccaa2 -> 249619c)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from aaccaa2 Cancel cross_thread_event on clear_io_events (#7815) add 249619c Cleanup: unused functions of Http2ClientSession (#7812) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ClientSession.h | 8 1 file changed, 8 deletions(-)
[trafficserver] branch master updated (f8564fe -> aaccaa2)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from f8564fe Cleanup: Remove a meaningless Http2Stream::do_io_close() call (#7814) add aaccaa2 Cancel cross_thread_event on clear_io_events (#7815) No new revisions were added by this update. Summary of changes: proxy/http2/Http2Stream.cc | 9 + 1 file changed, 5 insertions(+), 4 deletions(-)
[trafficserver] branch master updated (f8ddad1 -> f8564fe)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from f8ddad1 Eliminate next dup call using stale mime field mloc is s3_auth plugin. (#7825) add f8564fe Cleanup: Remove a meaningless Http2Stream::do_io_close() call (#7814) No new revisions were added by this update. Summary of changes: proxy/http2/Http2Stream.cc | 1 - 1 file changed, 1 deletion(-)
[trafficserver] branch master updated (249619c -> d547f9e)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 249619c Cleanup: unused functions of Http2ClientSession (#7812) add d547f9e Cleanup: Remove unused members of Http2Stream (#7813) No new revisions were added by this update. Summary of changes: proxy/http2/Http2Stream.cc | 7 --- proxy/http2/Http2Stream.h | 14 +- 2 files changed, 5 insertions(+), 16 deletions(-)
[trafficserver] branch master updated: Cleanup: Move member functions defined inside of class definitions of Http2ConnectionState & Http2ConnectionSettings (#7854)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 8715068 Cleanup: Move member functions defined inside of class definitions of Http2ConnectionState & Http2ConnectionSettings (#7854) 8715068 is described below commit 8715068f83f35bbe44bf6bec236f7e67995e865f Author: Masaori Koshiba AuthorDate: Thu May 20 10:15:21 2021 +0900 Cleanup: Move member functions defined inside of class definitions of Http2ConnectionState & Http2ConnectionSettings (#7854) --- proxy/http2/Http2ConnectionState.cc | 116 +++ proxy/http2/Http2ConnectionState.h | 380 +++- 2 files changed, 274 insertions(+), 222 deletions(-) diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc index bda5b5d..323790e 100644 --- a/proxy/http2/Http2ConnectionState.cc +++ b/proxy/http2/Http2ConnectionState.cc @@ -973,6 +973,122 @@ static const http2_frame_dispatch frame_handlers[HTTP2_FRAME_TYPE_MAX] = { rcv_continuation_frame, // HTTP2_FRAME_TYPE_CONTINUATION }; + +// Http2ConnectionSettings +// +Http2ConnectionSettings::Http2ConnectionSettings() +{ + // 6.5.2. Defined SETTINGS Parameters. These should generally not be + // modified, + // only if the protocol changes should these change. + settings[indexof(HTTP2_SETTINGS_ENABLE_PUSH)]= HTTP2_ENABLE_PUSH; + settings[indexof(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)] = HTTP2_MAX_CONCURRENT_STREAMS; + settings[indexof(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE)]= HTTP2_INITIAL_WINDOW_SIZE; + settings[indexof(HTTP2_SETTINGS_MAX_FRAME_SIZE)] = HTTP2_MAX_FRAME_SIZE; + settings[indexof(HTTP2_SETTINGS_HEADER_TABLE_SIZE)] = HTTP2_HEADER_TABLE_SIZE; + settings[indexof(HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE)] = HTTP2_MAX_HEADER_LIST_SIZE; +} + +void +Http2ConnectionSettings::settings_from_configs() +{ + settings[indexof(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)] = Http2::max_concurrent_streams_in; + settings[indexof(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE)]= Http2::initial_window_size; + settings[indexof(HTTP2_SETTINGS_MAX_FRAME_SIZE)] = Http2::max_frame_size; + settings[indexof(HTTP2_SETTINGS_HEADER_TABLE_SIZE)] = Http2::header_table_size; + settings[indexof(HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE)] = Http2::max_header_list_size; +} + +unsigned +Http2ConnectionSettings::get(Http2SettingsIdentifier id) const +{ + if (0 < id && id < HTTP2_SETTINGS_MAX) { +return this->settings[indexof(id)]; + } else { +ink_assert(!"Bad Settings Identifier"); + } + + return 0; +} + +unsigned +Http2ConnectionSettings::set(Http2SettingsIdentifier id, unsigned value) +{ + if (0 < id && id < HTTP2_SETTINGS_MAX) { +return this->settings[indexof(id)] = value; + } else { +// Do nothing - 6.5.2 Unsupported parameters MUST be ignored + } + + return 0; +} + +unsigned +Http2ConnectionSettings::indexof(Http2SettingsIdentifier id) +{ + ink_assert(0 < id && id < HTTP2_SETTINGS_MAX); + + return id - 1; +} + + +// Http2ConnectionState +// +Http2ConnectionState::Http2ConnectionState() : stream_list() +{ + SET_HANDLER(::main_event_handler); +} + +void +Http2ConnectionState::init() +{ + this->_server_rwnd = Http2::initial_window_size; + + local_hpack_handle = new HpackHandle(HTTP2_HEADER_TABLE_SIZE); + remote_hpack_handle = new HpackHandle(HTTP2_HEADER_TABLE_SIZE); + if (Http2::stream_priority_enabled) { +dependency_tree = new DependencyTree(Http2::max_concurrent_streams_in); + } + + _cop = ActivityCop(this->mutex, _list, 1); + _cop.start(); +} + +void +Http2ConnectionState::destroy() +{ + if (in_destroy) { +schedule_zombie_event(); +return; + } + in_destroy = true; + + _cop.stop(); + + if (shutdown_cont_event) { +shutdown_cont_event->cancel(); +shutdown_cont_event = nullptr; + } + cleanup_streams(); + + delete local_hpack_handle; + local_hpack_handle = nullptr; + delete remote_hpack_handle; + remote_hpack_handle = nullptr; + delete dependency_tree; + dependency_tree = nullptr; + this->ua_session = nullptr; + + if (fini_event) { +fini_event->cancel(); + } + if (zombie_event) { +zombie_event->cancel(); + } + // release the mutex after the events are cancelled and sessions are destroyed. + mutex = nullptr; // magic happens - assigning to nullptr frees the ProxyMutex +} + int Http2ConnectionState::main_event_handler(int event, void *edata) { diff --git a/proxy/http2/Http2ConnectionState.h b/proxy/http2/Http2ConnectionState.h index 1c4986d..b79464d 100644 --- a/proxy/http2/Http2ConnectionState.h +++ b/proxy/http2/Http2ConnectionState.h @@ -49,62 +49,15 @@ enum Http2ShutdownState { HTTP2_SHUTDOWN_NONE, HTTP2_SHUTDOWN_NOT_
[trafficserver] branch master updated (5066bde -> 050b2df)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 5066bde Cleanup Http2ClientSession SessionHandler (#7876) add 050b2df Fix crash in open_close_h2 (#7586) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc | 7 ++- proxy/http2/Http2Stream.cc | 17 ++--- 2 files changed, 12 insertions(+), 12 deletions(-)
[trafficserver] branch master updated: Cleanup: refer Http2ClientSession::mutex (#7853)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 088e767 Cleanup: refer Http2ClientSession::mutex (#7853) 088e767 is described below commit 088e767b2fd7076193a696f41ada49705a9a9a81 Author: Masaori Koshiba AuthorDate: Tue May 25 07:49:02 2021 +0900 Cleanup: refer Http2ClientSession::mutex (#7853) --- proxy/http2/Http2ClientSession.cc | 6 +- proxy/http2/Http2Stream.cc| 18 +- 2 files changed, 10 insertions(+), 14 deletions(-) diff --git a/proxy/http2/Http2ClientSession.cc b/proxy/http2/Http2ClientSession.cc index 55e4a4a..637cece 100644 --- a/proxy/http2/Http2ClientSession.cc +++ b/proxy/http2/Http2ClientSession.cc @@ -241,10 +241,7 @@ Http2ClientSession::do_io_close(int alerrno) ink_assert(this->mutex->thread_holding == this_ethread()); send_connection_event(>connection_state, HTTP2_SESSION_EVENT_FINI, this); - { -SCOPED_MUTEX_LOCK(lock, this->connection_state.mutex, this_ethread()); -this->connection_state.release_stream(); - } + this->connection_state.release_stream(); this->clear_session_active(); @@ -571,7 +568,6 @@ Http2ClientSession::state_process_frame_read(int event, VIO *vio, bool inside_fr if (err > Http2ErrorCode::HTTP2_ERROR_NO_ERROR || do_start_frame_read(err) < 0) { // send an error if specified. Otherwise, just go away if (err > Http2ErrorCode::HTTP2_ERROR_NO_ERROR) { -SCOPED_MUTEX_LOCK(lock, this->connection_state.mutex, this_ethread()); if (!this->connection_state.is_state_closed()) { this->connection_state.send_goaway_frame(this->connection_state.get_latest_stream_id_in(), err); this->set_half_close_local_flag(true); diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc index 143058f..92b44e5 100644 --- a/proxy/http2/Http2Stream.cc +++ b/proxy/http2/Http2Stream.cc @@ -78,7 +78,7 @@ Http2Stream::~Http2Stream() cid = _proxy_ssn->connection_id(); Http2ClientSession *h2_proxy_ssn = static_cast(_proxy_ssn); -SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->connection_state.mutex, this_ethread()); +SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread()); // Make sure the stream is removed from the stream list and priority tree // In many cases, this has been called earlier, so this call is a no-op h2_proxy_ssn->connection_state.delete_stream(this); @@ -433,7 +433,7 @@ Http2Stream::do_io_close(int /* flags */) // Make sure any trailing end of stream frames are sent // Wee will be removed at send_data_frames or closing connection phase Http2ClientSession *h2_proxy_ssn = static_cast(this->_proxy_ssn); - SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->connection_state.mutex, this_ethread()); + SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread()); h2_proxy_ssn->connection_state.send_data_frames(this); } @@ -475,7 +475,7 @@ Http2Stream::terminate_if_possible() REMEMBER(NO_EVENT, this->reentrancy_count); Http2ClientSession *h2_proxy_ssn = static_cast(this->_proxy_ssn); -SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->connection_state.mutex, this_ethread()); +SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread()); THREAD_FREE(this, http2StreamAllocator, this_ethread()); } } @@ -656,7 +656,7 @@ Http2Stream::update_write_request(bool call_update) int len; const char *value = field->value_get(); if (memcmp(HTTP_VALUE_CLOSE, value, HTTP_LEN_CLOSE) == 0) { - SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->connection_state.mutex, this_ethread()); + SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread()); if (h2_proxy_ssn->connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NONE) { h2_proxy_ssn->connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NOT_INITIATED, Http2ErrorCode::HTTP2_ERROR_NO_ERROR); } @@ -664,7 +664,7 @@ Http2Stream::update_write_request(bool call_update) } { -SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->connection_state.mutex, this_ethread()); +SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread()); // Send the response header back h2_proxy_ssn->connection_state.send_headers_frame(this); } @@ -769,7 +769,7 @@ bool Http2Stream::push_promise(URL , const MIMEField *accept_encoding) { Http2ClientSession *h2_proxy_ssn = static_cast(this->_proxy_ssn); - SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->connection_state.mutex, this_ethread()); + SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread()); return h2_proxy_ssn->connection_state.send_push_promise_frame(this, url, accept_
[trafficserver] branch master updated (01b91f3 -> 0f641cc)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 01b91f3 Add dead server policy control and metric. Improve messages. (#7757) add 0f641cc Reset Http1Transaction before adding vc to keep_alive_queue (#7892) No new revisions were added by this update. Summary of changes: proxy/http/Http1ClientSession.cc | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-)
[trafficserver] branch master updated (0f641cc -> 01d2150)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 0f641cc Reset Http1Transaction before adding vc to keep_alive_queue (#7892) add 01d2150 Set accept_options of Http1Transaction in Http1ClientSession::new_connection() (#7894) No new revisions were added by this update. Summary of changes: proxy/http/Http1ClientSession.cc | 2 ++ proxy/http/HttpSessionAccept.cc | 2 -- 2 files changed, 2 insertions(+), 2 deletions(-)
[trafficserver] branch master updated (f36cf6a -> 5066bde)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from f36cf6a Enforce HTTP parsing restrictions on HTTP versions supported (#7875) add 5066bde Cleanup Http2ClientSession SessionHandler (#7876) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ClientSession.cc | 6 +++--- proxy/http2/Http2ClientSession.h | 24 +++- 2 files changed, 22 insertions(+), 8 deletions(-)
[trafficserver] branch master updated (0c9aaaf -> c6d3f6f)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 0c9aaaf Timing and permissions update for regex_revalidate test (#7998) add c6d3f6f Cleanup: Get rid of HTTP2_SESSION_EVENT_RECV (#7879) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ClientSession.cc | 3 +- proxy/http2/Http2ConnectionState.cc | 131 ++-- proxy/http2/Http2ConnectionState.h | 2 + 3 files changed, 69 insertions(+), 67 deletions(-)
[trafficserver] branch master updated (1baffec -> 13285d1)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 1baffec Add PROXY Protocol Builder (#7445) add 13285d1 Perf: Replace casecmp with memcmp in HPACK static table lookup (#6521) No new revisions were added by this update. Summary of changes: proxy/http2/HPACK.cc | 36 1 file changed, 16 insertions(+), 20 deletions(-)
[trafficserver] branch master updated (926dd71 -> 1baffec)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 926dd71 Adjust so transfer-encoding header can be treated hop-by-hop (#7473) add 1baffec Add PROXY Protocol Builder (#7445) No new revisions were added by this update. Summary of changes: include/tscore/ink_inet.h | 6 +- iocore/net/ProxyProtocol.cc | 186 +++- iocore/net/ProxyProtocol.h | 3 + iocore/net/unit_tests/test_ProxyProtocol.cc | 100 +++ 4 files changed, 292 insertions(+), 3 deletions(-)
[trafficserver] branch master updated (29f63ee -> f658828)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 29f63ee AuTest: Upgrade to Proxy Verifier 2.0.2 (#7493) add f658828 Avoid -Warray-bounds on PROXY Protocol Builder (#7488) No new revisions were added by this update. Summary of changes: iocore/net/ProxyProtocol.cc | 14 -- 1 file changed, 4 insertions(+), 10 deletions(-)
[trafficserver] branch master updated (8dc2cbe -> a3d8068)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 8dc2cbe Updating to Proxy Verifier v2.0.0 (#7454) add a3d8068 Cleanup: Add SNIRoutingType (#7453) No new revisions were added by this update. Summary of changes: iocore/net/P_SNIActionPerformer.h | 19 iocore/net/P_SSLNetVConnection.h | 54 ++ iocore/net/SSLSNIConfig.cc | 2 +- .../test_RecordsConfig.h => iocore/net/SSLTypes.h | 7 ++- iocore/net/YamlSNIConfig.cc| 9 ++-- iocore/net/YamlSNIConfig.h | 7 +-- 6 files changed, 58 insertions(+), 40 deletions(-) copy lib/records/test_RecordsConfig.h => iocore/net/SSLTypes.h (91%)
[trafficserver] branch master updated (6b28f19 -> ba97714)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 6b28f19 Remove erroneous manager.log mesg with remap include file reload (#7646) add ba97714 Update server_response_body_bytes when background fill worked (#7621) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc | 4 1 file changed, 4 insertions(+)
[trafficserver] branch master updated: Add proxy.process.http.background_fill_total_count (#7625)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 9e38df9 Add proxy.process.http.background_fill_total_count (#7625) 9e38df9 is described below commit 9e38df945c091c557afe280bb6b0fb8a3492536b Author: Masaori Koshiba AuthorDate: Mon Mar 29 09:17:06 2021 +0900 Add proxy.process.http.background_fill_total_count (#7625) --- doc/admin-guide/monitoring/statistics/core/cache.en.rst | 10 +- proxy/http/HttpConfig.cc| 3 +++ proxy/http/HttpConfig.h | 1 + proxy/http/HttpSM.cc| 2 ++ 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/doc/admin-guide/monitoring/statistics/core/cache.en.rst b/doc/admin-guide/monitoring/statistics/core/cache.en.rst index 9e0e593..3ee22e1 100644 --- a/doc/admin-guide/monitoring/statistics/core/cache.en.rst +++ b/doc/admin-guide/monitoring/statistics/core/cache.en.rst @@ -168,8 +168,17 @@ Cache :ungathered: .. ts:stat:: global proxy.process.http.background_fill_current_count integer + :type: gauge :ungathered: + Represents the current number of background fill + +.. ts:stat:: global proxy.process.http.background_fill_total_count integer + :type: counter + :ungathered: + + Represents the total number of background fill + .. ts:stat:: global proxy.process.http.cache_deletes integer .. ts:stat:: global proxy.process.http.cache_hit_fresh integer .. ts:stat:: global proxy.process.http.cache_hit_ims integer @@ -223,4 +232,3 @@ Cache .. ts:stat:: global proxy.process.http.tcp_refresh_miss_count_stat integer .. ts:stat:: global proxy.process.http.tcp_refresh_miss_origin_server_bytes_stat integer .. ts:stat:: global proxy.process.http.tcp_refresh_miss_user_agent_bytes_stat integer - diff --git a/proxy/http/HttpConfig.cc b/proxy/http/HttpConfig.cc index 756ecbc..9e0179d 100644 --- a/proxy/http/HttpConfig.cc +++ b/proxy/http/HttpConfig.cc @@ -352,6 +352,9 @@ register_stat_callbacks() RecRegisterRawStat(http_rsb, RECT_PROCESS, "proxy.process.http.total_parent_marked_down_count", RECD_COUNTER, RECP_PERSISTENT, (int)http_total_parent_marked_down_count, RecRawStatSyncCount); + RecRegisterRawStat(http_rsb, RECT_PROCESS, "proxy.process.http.background_fill_total_count", RECD_INT, RECP_PERSISTENT, + (int)http_background_fill_total_count_stat, RecRawStatSyncCount); + // Stats to track causes of ATS initiated origin shutdowns RecRegisterRawStat(http_rsb, RECT_PROCESS, "proxy.process.http.origin_shutdown.pool_lock_contention", RECD_INT, RECP_NON_PERSISTENT, (int)http_origin_shutdown_pool_lock_contention, RecRawStatSyncCount); diff --git a/proxy/http/HttpConfig.h b/proxy/http/HttpConfig.h index 718de04..9067a23 100644 --- a/proxy/http/HttpConfig.h +++ b/proxy/http/HttpConfig.h @@ -84,6 +84,7 @@ enum { http_total_parent_switches_stat, http_total_parent_retries_exhausted_stat, http_total_parent_marked_down_count, + http_background_fill_total_count_stat, http_current_parent_proxy_connections_stat, http_current_server_connections_stat, http_current_cache_connections_stat, diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 011a84f..48f9d38 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -3318,6 +3318,8 @@ HttpSM::tunnel_handler_ua(int event, HttpTunnelConsumer *c) // detach the user agent if (background_fill == BACKGROUND_FILL_STARTED) { HTTP_INCREMENT_DYN_STAT(http_background_fill_current_count_stat); +HTTP_INCREMENT_DYN_STAT(http_background_fill_total_count_stat); + ink_assert(server_entry->vc == server_session); ink_assert(c->is_downstream_from(server_session)); server_session->set_active_timeout(HRTIME_SECONDS(t_state.txn_conf->background_fill_active_timeout));
[trafficserver] branch 8.1.x updated: Do not provide a stale negative cache (#7422) (#7659)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 70a0b77 Do not provide a stale negative cache (#7422) (#7659) 70a0b77 is described below commit 70a0b7703d0fa96d1ee61e12a405b924767d3d3f Author: Masaori Koshiba AuthorDate: Fri Apr 2 07:56:56 2021 +0900 Do not provide a stale negative cache (#7422) (#7659) (cherry picked from commit 7b560411b2949b0648c134019bce3731e2d8f056) Co-authored-by: Kazuhiko --- proxy/http/HttpTransact.cc | 98 -- 1 file changed, 51 insertions(+), 47 deletions(-) diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 3801774..10e2908 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -4141,61 +4141,65 @@ HttpTransact::handle_cache_operation_on_forward_server_response(State *s) server_response_code == HTTP_STATUS_BAD_GATEWAY || server_response_code == HTTP_STATUS_SERVICE_UNAVAILABLE) && s->cache_info.action == CACHE_DO_UPDATE && s->txn_conf->negative_revalidating_enabled && is_stale_cache_response_returnable(s)) { - TxnDebug("http_trans", "[hcoofsr] negative revalidating: revalidate stale object and serve from cache"); - - s->cache_info.object_store.create(); - s->cache_info.object_store.request_set(>hdr_info.client_request); - s->cache_info.object_store.response_set(s->cache_info.object_read->response_get()); - base_response = s->cache_info.object_store.response_get(); - time_t exp_time = s->txn_conf->negative_revalidating_lifetime + ink_local_time(); - base_response->set_expires(exp_time); - - SET_VIA_STRING(VIA_CACHE_FILL_ACTION, VIA_CACHE_UPDATED); - HTTP_INCREMENT_DYN_STAT(http_cache_updates_stat); - - // unset Cache-control: "need-revalidate-once" (if it's set) - // This directive is used internally by T.S. to invalidate - // documents so that an invalidated document needs to be - // revalidated again. - base_response->unset_cooked_cc_need_revalidate_once(); - - if (is_request_conditional(>hdr_info.client_request) && - HttpTransactCache::match_response_to_request_conditionals(>hdr_info.client_request, - s->cache_info.object_read->response_get(), - s->response_received_time) == HTTP_STATUS_NOT_MODIFIED) { -s->next_action = SM_ACTION_INTERNAL_CACHE_UPDATE_HEADERS; -client_response_code = HTTP_STATUS_NOT_MODIFIED; - } else { -if (s->method == HTTP_WKSIDX_HEAD) { - s->cache_info.action = CACHE_DO_UPDATE; - s->next_action = SM_ACTION_INTERNAL_CACHE_NOOP; + HTTPStatus cached_response_code = s->cache_info.object_read->response_get()->status_get(); + if (!(cached_response_code == HTTP_STATUS_INTERNAL_SERVER_ERROR || cached_response_code == HTTP_STATUS_GATEWAY_TIMEOUT || +cached_response_code == HTTP_STATUS_BAD_GATEWAY || cached_response_code == HTTP_STATUS_SERVICE_UNAVAILABLE)) { +TxnDebug("http_trans", "[hcoofsr] negative revalidating: revalidate stale object and serve from cache"); + +s->cache_info.object_store.create(); +s->cache_info.object_store.request_set(>hdr_info.client_request); + s->cache_info.object_store.response_set(s->cache_info.object_read->response_get()); +base_response = s->cache_info.object_store.response_get(); +time_t exp_time = s->txn_conf->negative_revalidating_lifetime + ink_local_time(); +base_response->set_expires(exp_time); + +SET_VIA_STRING(VIA_CACHE_FILL_ACTION, VIA_CACHE_UPDATED); +HTTP_INCREMENT_DYN_STAT(http_cache_updates_stat); + +// unset Cache-control: "need-revalidate-once" (if it's set) +// This directive is used internally by T.S. to invalidate +// documents so that an invalidated document needs to be +// revalidated again. +base_response->unset_cooked_cc_need_revalidate_once(); + +if (is_request_conditional(>hdr_info.client_request) && + HttpTransactCache::match_response_to_request_conditionals(>hdr_info.client_request, + s->cache_info.object_read->response_get(), + s->response_received_time) == HTTP_STATUS_NOT_MODIFIED) { + s->next_action = SM_ACTION_INTERNAL_CACHE_UPDATE_HEADE
[trafficserver] branch 8.1.x updated: Update server_response_body_bytes when background fill worked (#7621) (#7658)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch 8.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/8.1.x by this push: new 693e4db Update server_response_body_bytes when background fill worked (#7621) (#7658) 693e4db is described below commit 693e4dbfe4366b253da5c20cad49c5a6e9b2ea80 Author: Masaori Koshiba AuthorDate: Fri Apr 2 07:56:44 2021 +0900 Update server_response_body_bytes when background fill worked (#7621) (#7658) (cherry picked from commit ba977148eb4bf7b4c4da818f2e4f797f576280ce) --- proxy/http/HttpSM.cc | 4 1 file changed, 4 insertions(+) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index eb1dc93..e43fd32 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -3403,6 +3403,10 @@ HttpSM::tunnel_handler_cache_write(int event, HttpTunnelConsumer *c) break; } + if (background_fill != BACKGROUND_FILL_NONE) { +server_response_body_bytes = c->bytes_written; + } + HTTP_DECREMENT_DYN_STAT(http_current_cache_connections_stat); return 0; }
[trafficserver] branch master updated (36440ef -> 270ca6e)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 36440ef AuTest: address various permissions issues (#7668) add 270ca6e Do NOT kill tunnel if it has any consumer besides HT_HTTP_CLIENT (#7641) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.cc| 4 ++-- proxy/http/HttpTunnel.h | 26 ++ 2 files changed, 28 insertions(+), 2 deletions(-)
[trafficserver] branch master updated (270ca6e -> f11cab6)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 270ca6e Do NOT kill tunnel if it has any consumer besides HT_HTTP_CLIENT (#7641) add f11cab6 Add AuTest for Background Fill (#7613) No new revisions were added by this update. Summary of changes: tests/gold_tests/cache/background_fill.test.py | 140 + .../cache/gold/background_fill_0_stderr.gold | 19 +++ .../cache/gold/background_fill_1_stderr.gold | 19 +++ .../cache/gold/background_fill_2_stderr.gold | 19 +++ 4 files changed, 197 insertions(+) create mode 100644 tests/gold_tests/cache/background_fill.test.py create mode 100644 tests/gold_tests/cache/gold/background_fill_0_stderr.gold create mode 100644 tests/gold_tests/cache/gold/background_fill_1_stderr.gold create mode 100644 tests/gold_tests/cache/gold/background_fill_2_stderr.gold
[trafficserver] branch master updated: Cleanup: Rename IOBufferReader of Http2ClientSession (#7569)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 664b3ad Cleanup: Rename IOBufferReader of Http2ClientSession (#7569) 664b3ad is described below commit 664b3ad145ee8193408a55f968398f5df1289cad Author: Masaori Koshiba AuthorDate: Fri Mar 5 08:53:45 2021 +0900 Cleanup: Rename IOBufferReader of Http2ClientSession (#7569) --- proxy/http2/Http2ClientSession.cc | 36 ++-- proxy/http2/Http2ClientSession.h | 15 ++- 2 files changed, 28 insertions(+), 23 deletions(-) diff --git a/proxy/http2/Http2ClientSession.cc b/proxy/http2/Http2ClientSession.cc index ce51258..cdf2a9f 100644 --- a/proxy/http2/Http2ClientSession.cc +++ b/proxy/http2/Http2ClientSession.cc @@ -177,12 +177,12 @@ Http2ClientSession::start() HTTP2_SET_SESSION_HANDLER(::state_read_connection_preface); VIO *read_vio = this->do_io_read(this, INT64_MAX, this->read_buffer); - write_vio = this->do_io_write(this, INT64_MAX, this->sm_writer); + write_vio = this->do_io_write(this, INT64_MAX, this->_write_buffer_reader); this->connection_state.init(); send_connection_event(>connection_state, HTTP2_SESSION_EVENT_INIT, this); - if (this->_reader->is_read_avail_more_than(0)) { + if (this->_read_buffer_reader->is_read_avail_more_than(0)) { this->handleEvent(VC_EVENT_READ_READY, read_vio); } } @@ -217,12 +217,12 @@ Http2ClientSession::new_connection(NetVConnection *new_vc, MIOBuffer *iobuf, IOB this->read_buffer = iobuf ? iobuf : new_MIOBuffer(HTTP2_HEADER_BUFFER_SIZE_INDEX); this->read_buffer->water_mark = connection_state.server_settings.get(HTTP2_SETTINGS_MAX_FRAME_SIZE); - this->_reader = reader ? reader : this->read_buffer->alloc_reader(); + this->_read_buffer_reader = reader ? reader : this->read_buffer->alloc_reader(); // This block size is the buffer size that we pass to SSLWriteBuffer auto buffer_block_size_index = iobuffer_size_to_index(Http2::write_buffer_block_size, MAX_BUFFER_SIZE_INDEX); this->write_buffer = new_MIOBuffer(buffer_block_size_index); - this->sm_writer = this->write_buffer->alloc_reader(); + this->_write_buffer_reader = this->write_buffer->alloc_reader(); this->_write_size_threshold = index_to_buffer_size(buffer_block_size_index) * Http2::write_size_threshold; this->_handle_if_ssl(new_vc); @@ -392,11 +392,11 @@ Http2ClientSession::state_read_connection_preface(int event, void *edata) STATE_ENTER(::state_read_connection_preface, event); ink_assert(event == VC_EVENT_READ_COMPLETE || event == VC_EVENT_READ_READY); - if (this->_reader->read_avail() >= static_cast(HTTP2_CONNECTION_PREFACE_LEN)) { + if (this->_read_buffer_reader->read_avail() >= static_cast(HTTP2_CONNECTION_PREFACE_LEN)) { char buf[HTTP2_CONNECTION_PREFACE_LEN]; unsigned nbytes; -nbytes = copy_from_buffer_reader(buf, this->_reader, sizeof(buf)); +nbytes = copy_from_buffer_reader(buf, this->_read_buffer_reader, sizeof(buf)); ink_release_assert(nbytes == HTTP2_CONNECTION_PREFACE_LEN); if (memcmp(HTTP2_CONNECTION_PREFACE, buf, nbytes) != 0) { @@ -411,7 +411,7 @@ Http2ClientSession::state_read_connection_preface(int event, void *edata) } Http2SsnDebug("received connection preface"); -this->_reader->consume(nbytes); +this->_read_buffer_reader->consume(nbytes); HTTP2_SET_SESSION_HANDLER(::state_start_frame_read); _vc->set_inactivity_timeout(HRTIME_SECONDS(Http2::no_activity_timeout_in)); @@ -420,7 +420,7 @@ Http2ClientSession::state_read_connection_preface(int event, void *edata) // XXX start the write VIO ... // If we have unconsumed data, start tranferring frames now. -if (this->_reader->is_read_avail_more_than(0)) { +if (this->_read_buffer_reader->is_read_avail_more_than(0)) { return this->handleEvent(VC_EVENT_READ_READY, vio); } } @@ -448,13 +448,13 @@ int Http2ClientSession::do_start_frame_read(Http2ErrorCode _error) { ret_error = Http2ErrorCode::HTTP2_ERROR_NO_ERROR; - ink_release_assert(this->_reader->read_avail() >= (int64_t)HTTP2_FRAME_HEADER_LEN); + ink_release_assert(this->_read_buffer_reader->read_avail() >= (int64_t)HTTP2_FRAME_HEADER_LEN); uint8_t buf[HTTP2_FRAME_HEADER_LEN]; unsigned nbytes; Http2SsnDebug("receiving frame header"); - nbytes = copy_from_buffer_reader(buf, this->_reader, sizeof(buf)); + nbytes = copy_from_buffer_reader(buf, this->_read_buffer_reader, sizeof(buf)); this->cur_frame_from_early_data = false; if (!http2_parse_f
[trafficserver] branch master updated (3aba5ce -> a87ceb8)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 3aba5ce enable origin server session cache by default (#7537) add a87ceb8 Cleanup: Remove unused member of Http2ClientSession (#7570) No new revisions were added by this update. Summary of changes: proxy/http2/Http2ClientSession.cc | 1 - proxy/http2/Http2ClientSession.h | 1 - 2 files changed, 2 deletions(-)
[trafficserver] branch master updated (325aa81 -> 884f4a4)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 325aa81 Fix a crash on origin session reuse (#7543) add 884f4a4 Add server_name option to proxy.config.ssl.client.sni_policy (#7533) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.config.en.rst| 3 +++ proxy/http/HttpSM.cc | 2 ++ .../tls/tls_verify_override_base.test.py | 26 +- 3 files changed, 30 insertions(+), 1 deletion(-)
[trafficserver] branch master updated (884f4a4 -> e629118)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 884f4a4 Add server_name option to proxy.config.ssl.client.sni_policy (#7533) add e629118 Add ALPN support on TLS Partial Blind Tunnel (#7511) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/sni.yaml.en.rst | 5 + iocore/net/P_SNIActionPerformer.h | 10 +- iocore/net/SSLNetVConnection.cc | 23 ++- iocore/net/SSLSNIConfig.cc| 2 +- iocore/net/YamlSNIConfig.cc | 32 +++- iocore/net/YamlSNIConfig.h| 2 ++ lib/records/I_RecHttp.h | 11 +++ lib/records/RecHttp.cc| 31 +++ proxy/http/HttpSM.cc | 8 9 files changed, 120 insertions(+), 4 deletions(-)
[trafficserver] branch master updated (2f36ec6 -> d1ea8f1)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 2f36ec6 header_rewrite: allow for use of maxminddb as source of geo truth (#7695) add d1ea8f1 Add DynamicStats (#7704) No new revisions were added by this update. Summary of changes: .gitignore | 1 + lib/records/DynamicStats.h | 170 + lib/records/Makefile.am| 19 ++- .../records/unit_tests/test_DynamicStats.cc| 47 +++--- .../unit_tests/unit_test_main_on_eventsystem.cc| 34 - 5 files changed, 240 insertions(+), 31 deletions(-) create mode 100644 lib/records/DynamicStats.h copy src/tscore/unit_tests/test_scoped_resource.cc => lib/records/unit_tests/test_DynamicStats.cc (57%) copy proxy/http/unit_tests/unit_test_main.cc => lib/records/unit_tests/unit_test_main_on_eventsystem.cc (55%)
[trafficserver] branch master updated: Override proxy.config.ssl.client.sni_policy from sni.yaml (#7703)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new d430efe Override proxy.config.ssl.client.sni_policy from sni.yaml (#7703) d430efe is described below commit d430efe76ba0726ae64e8da9b8853c986d18af40 Author: Masaori Koshiba AuthorDate: Wed Apr 21 07:27:04 2021 +0900 Override proxy.config.ssl.client.sni_policy from sni.yaml (#7703) --- doc/admin-guide/files/sni.yaml.en.rst | 4 iocore/net/I_NetVConnection.h | 4 iocore/net/P_SNIActionPerformer.h | 24 iocore/net/P_UnixNetVConnection.h | 1 + iocore/net/SSLSNIConfig.cc| 3 +++ iocore/net/YamlSNIConfig.cc | 4 iocore/net/YamlSNIConfig.h| 2 ++ proxy/http/HttpSM.cc | 7 +++ 8 files changed, 49 insertions(+) diff --git a/doc/admin-guide/files/sni.yaml.en.rst b/doc/admin-guide/files/sni.yaml.en.rst index 94b88c8..8478c50 100644 --- a/doc/admin-guide/files/sni.yaml.en.rst +++ b/doc/admin-guide/files/sni.yaml.en.rst @@ -114,6 +114,10 @@ client_keyThe file containing the client private key that corres |TS| tries to use a private key in client_cert. Otherwise, :ts:cv:`proxy.config.ssl.client.private_key.filename` is used. +client_sni_policy Policy of SNI on outbound connection. + + If not specified, the value of :ts:cv:`proxy.config.ssl.client.sni_policy` is used. + http2 Indicates whether the H2 protocol should be added to or removed from the protocol negotiation list. The valid values are :code:`on` or :code:`off`. diff --git a/iocore/net/I_NetVConnection.h b/iocore/net/I_NetVConnection.h index 9f42e5b..ea29017 100644 --- a/iocore/net/I_NetVConnection.h +++ b/iocore/net/I_NetVConnection.h @@ -202,6 +202,10 @@ struct NetVCOptions { */ ats_scoped_str sni_hostname; + /** Outbound sni policy which overrides proxy.ssl.client.sni_policy + */ + ats_scoped_str outbound_sni_policy; + /** * Client certificate to use in response to OS's certificate request */ diff --git a/iocore/net/P_SNIActionPerformer.h b/iocore/net/P_SNIActionPerformer.h index 636a07a..bcaec2b 100644 --- a/iocore/net/P_SNIActionPerformer.h +++ b/iocore/net/P_SNIActionPerformer.h @@ -344,3 +344,27 @@ public: return retval; } }; + +/** + Override proxy.config.ssl.client.sni_policy by client_sni_policy in sni.yaml + */ +class OutboundSNIPolicy : public ActionItem +{ +public: + OutboundSNIPolicy(const std::string_view ) : policy(p) {} + ~OutboundSNIPolicy() override {} + + int + SNIAction(TLSSNISupport *snis, const Context ) const override + { +// TODO: change design to avoid this dynamic_cast +auto ssl_vc = dynamic_cast(snis); +if (ssl_vc && !policy.empty()) { + ssl_vc->options.outbound_sni_policy = policy; +} +return SSL_TLSEXT_ERR_OK; + } + +private: + std::string_view policy{}; +}; diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index 8d34bf8..399e1d9 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -72,6 +72,7 @@ NetVCOptions::reset() sni_hostname= nullptr; ssl_client_cert_name= nullptr; ssl_client_private_key_name = nullptr; + outbound_sni_policy = nullptr; } inline void diff --git a/iocore/net/SSLSNIConfig.cc b/iocore/net/SSLSNIConfig.cc index 647b687..ee92eb0 100644 --- a/iocore/net/SSLSNIConfig.cc +++ b/iocore/net/SSLSNIConfig.cc @@ -79,6 +79,9 @@ SNIConfigParams::loadSNIConfig() if (item.tunnel_destination.length() > 0) { ai->actions.push_back(std::make_unique(item.tunnel_destination, item.tunnel_type, item.tunnel_alpn)); } +if (!item.client_sni_policy.empty()) { + ai->actions.push_back(std::make_unique(item.client_sni_policy)); +} ai->actions.push_back(std::make_unique(item.ip_allow, item.fqdn)); diff --git a/iocore/net/YamlSNIConfig.cc b/iocore/net/YamlSNIConfig.cc index 6744bd3..0b66917 100644 --- a/iocore/net/YamlSNIConfig.cc +++ b/iocore/net/YamlSNIConfig.cc @@ -133,6 +133,7 @@ std::set valid_sni_config_keys = {TS_fqdn, TS_verify_server_properties, TS_client_cert, TS_client_key, + TS_client_sni_policy, TS_http2, TS_ip_allow, #if TS_USE_HELLO_CB @@ -266,6 +267,9 @@ template <> struct convert { if (node[TS_client_key]) { item.cl
[trafficserver] branch master updated (5528ab6 -> c87c650)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 5528ab6 Updates the Dockerfile for debian (#7518) add c87c650 Add Outbound PROXY Protocol (v1/v2) Support (#7446) No new revisions were added by this update. Summary of changes: .../configuration/proxy-protocol.en.rst| 16 --- doc/admin-guide/files/records.config.en.rst| 15 ++ include/ts/apidefs.h.in| 1 + iocore/net/I_NetVConnection.h | 4 ++ iocore/net/P_NetVConnection.h | 21 iocore/net/SSLNetVConnection.cc| 29 +++ mgmt/RecordsConfig.cc | 2 + plugins/lua/ts_lua_http_config.c | 2 + proxy/http/HttpConfig.cc | 3 ++ proxy/http/HttpConfig.h| 1 + proxy/http/HttpSM.cc | 56 -- src/shared/overridable_txn_vars.cc | 1 + src/traffic_server/InkAPI.cc | 3 ++ src/traffic_server/InkAPITest.cc | 1 + 14 files changed, 145 insertions(+), 10 deletions(-)
[trafficserver] branch master updated (c87c650 -> 55439ff)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from c87c650 Add Outbound PROXY Protocol (v1/v2) Support (#7446) add 55439ff Add new log field for negotiated ALPN Protocol ID with the client (#7491) No new revisions were added by this update. Summary of changes: doc/admin-guide/logging/formatting.en.rst | 2 ++ iocore/net/P_ALPNSupport.h| 20 iocore/net/QUICNetVConnection.cc | 2 ++ iocore/net/SSLNetVConnection.cc | 2 ++ proxy/http/HttpSM.cc | 2 ++ proxy/http/HttpSM.h | 1 + proxy/http/Makefile.am| 2 +- proxy/logging/Log.cc | 5 + proxy/logging/LogAccess.cc| 18 ++ proxy/logging/LogAccess.h | 1 + 10 files changed, 54 insertions(+), 1 deletion(-)
[trafficserver] branch master updated: Doc: Notes of setting Environment Variables for traffic_server (#8258)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 45f155f Doc: Notes of setting Environment Variables for traffic_server (#8258) 45f155f is described below commit 45f155f28a455a9f2599e5e1540bc3b5bdef82a2 Author: Masaori Koshiba AuthorDate: Thu Aug 19 07:46:02 2021 +0900 Doc: Notes of setting Environment Variables for traffic_server (#8258) --- doc/admin-guide/files/records.config.en.rst | 10 ++ 1 file changed, 10 insertions(+) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 2b7470d..0ff2048 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -191,6 +191,16 @@ System Variables The name of the executable that runs the :program:`traffic_server` process. + If you want to set Environment Variables for :program:`traffic_server` process, use a wrapper script like below. :: + + CONFIG proxy.config.proxy_binary STRING start_traffic_server.sh + + :: + + #!/bin/sh + export ASAN_OPTIONS=detect_leaks=1 + /opt/ats/bin/traffic_server "$@" + .. ts:cv:: CONFIG proxy.config.proxy_binary_opts STRING -M The :ref:`command-line options ` for starting |TS|.
[trafficserver] branch master updated (5d3ad8f -> 0c53eae)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 5d3ad8f Upgrade to latest fastlz version (#8245) add 0c53eae Doc: Clarify connection direction of configs in sni.yaml (#7676) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/sni.yaml.en.rst | 148 +- 1 file changed, 74 insertions(+), 74 deletions(-)
[trafficserver] branch master updated (e2d7512 -> 8f8064b)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from e2d7512 Docs: Fix typo in CONTRIBUTING.md (#8250) add 8f8064b Add links to docs for debugging (#8251) No new revisions were added by this update. Summary of changes: configs/records.config.default.in | 5 - 1 file changed, 4 insertions(+), 1 deletion(-)
[trafficserver] branch master updated (8f8064b -> 4b312ca)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 8f8064b Add links to docs for debugging (#8251) add 4b312ca Cleanup: Get rid of deprecated functions of NetVConnection (#8252) No new revisions were added by this update. Summary of changes: iocore/net/I_NetVConnection.h | 11 --- iocore/net/P_NetVConnection.h | 14 -- 2 files changed, 25 deletions(-)
[trafficserver] branch master updated (6e57f07 -> 675d77a)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 6e57f07 Align strategies.yaml loading logging with other config files (#8262) add 675d77a Add ACCEPT_FILTER Support on FreeBSD (#8263) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.config.en.rst | 1 + iocore/net/Connection.cc| 40 + iocore/net/P_Connection.h | 1 + 3 files changed, 42 insertions(+)
[trafficserver] branch master updated (97d4fce -> 5019248)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 97d4fce Add mTLS scenario documentation (#8314) add 5019248 Cleanup: Move member function definitions of HttpSM & HttpTunnel (#8324) No new revisions were added by this update. Summary of changes: proxy/http/HttpSM.h | 115 +++- proxy/http/HttpTunnel.h | 16 --- 2 files changed, 77 insertions(+), 54 deletions(-)
[trafficserver] branch master updated: Micro benchmark tool for global freelist (#8019)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new e5ea9fc Micro benchmark tool for global freelist (#8019) e5ea9fc is described below commit e5ea9fc5305110123796abb208c815c331fb6f53 Author: Masaori Koshiba AuthorDate: Wed Jul 14 07:14:28 2021 +0900 Micro benchmark tool for global freelist (#8019) --- .gitignore | 1 + src/tscore/Makefile.am | 6 +- src/tscore/unit_tests/freelist_benchmark.cc | 228 3 files changed, 234 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 849f3ef..914d1d7 100644 --- a/.gitignore +++ b/.gitignore @@ -81,6 +81,7 @@ src/tscore/CompileParseRules src/tscore/ParseRulesCType src/tscore/ParseRulesCTypeToLower src/tscore/ParseRulesCTypeToUpper +src/tscore/freelist_benchmark src/tscore/mkdfa src/tscore/test_atomic src/tscore/test_freelist diff --git a/src/tscore/Makefile.am b/src/tscore/Makefile.am index 9610b22..a1cef02 100644 --- a/src/tscore/Makefile.am +++ b/src/tscore/Makefile.am @@ -18,7 +18,7 @@ include $(top_srcdir)/build/tidy.mk -noinst_PROGRAMS = mkdfa CompileParseRules +noinst_PROGRAMS = mkdfa CompileParseRules freelist_benchmark check_PROGRAMS = test_geometry test_X509HostnameValidator test_tscore if EXPENSIVE_TESTS @@ -199,6 +199,10 @@ test_tscore_SOURCES += \ unit_tests/test_HKDF.cc endif +freelist_benchmark_CXXFLAGS = -Wno-array-bounds $(AM_CXXFLAGS) -I$(abs_top_srcdir)/tests/include +freelist_benchmark_LDADD = libtscore.la @HWLOC_LIBS@ +freelist_benchmark_SOURCES = unit_tests/freelist_benchmark.cc + CompileParseRules_SOURCES = CompileParseRules.cc clean-local: diff --git a/src/tscore/unit_tests/freelist_benchmark.cc b/src/tscore/unit_tests/freelist_benchmark.cc new file mode 100644 index 000..8ff3e2b --- /dev/null +++ b/src/tscore/unit_tests/freelist_benchmark.cc @@ -0,0 +1,228 @@ +/** @file + + Micro Benchmark tool for global freelist - requires Catch2 v2.9.0+ + + @section license License + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#define CATCH_CONFIG_ENABLE_BENCHMARKING +#define CATCH_CONFIG_RUNNER + +#include "catch.hpp" + +#include "tscore/ink_thread.h" +#include "tscore/ink_memory.h" +#include "tscore/ink_queue.h" +#include "tscore/hugepages.h" + +#include + +#if TS_USE_HWLOC +#include +#endif + +namespace +{ +InkFreeList *flist = nullptr; + +// Args +int nloop = 100; +int nthreads = 1; +int affinity = 0; +int thread_assiging_order = 0; +bool debug_enabled= false; + +#if TS_USE_HWLOC +hwloc_obj_type_t +thread_affinity() +{ + hwloc_obj_type_t obj_type = HWLOC_OBJ_MACHINE; + char const *obj_name = nullptr; + + switch (affinity) { + case 3: { +// assign threads to real cores +obj_type = HWLOC_OBJ_CORE; +obj_name = "Core"; +break; + } + case 1: { +// assign threads to NUMA nodes (often 1:1 with sockets) +obj_type = HWLOC_OBJ_NODE; +obj_name = "NUMA Node"; +if (hwloc_get_nbobjs_by_type(ink_get_topology(), obj_type) > 0) { + break; +} +[[fallthrough]]; + } + case 2: { +// assign threads to sockets +obj_type = HWLOC_OBJ_SOCKET; +obj_name = "Socket"; +break; + } + case 4: { +// assign threads to logical processing units +#if HAVE_HWLOC_OBJ_PU +// Older versions of libhwloc (eg. Ubuntu 10.04) don't have HWLOC_OBJ_PU. +obj_type = HWLOC_OBJ_PU; +obj_name = "Logical Processor"; +break; +#endif // HAVE_HWLOC_OBJ_PU +[[fallthrough]]; + } + default: // assign threads to the machine as a whole (a level below SYSTEM) +obj_type = HWLOC_OBJ_MACHINE; +obj_name = "Machine"; + } + + if (debug_enabled) { +std::cout << "thread affinity type = " << obj_name << " (" << affinity << ")" << std::endl; + } + + return o
[trafficserver] branch master updated (56868c1 -> 6efb8d8)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 56868c1 Ran clang-tidy over the master branch (#8187) add 6efb8d8 Revert "Remove UnixNetVConnection::startEvent - not actually called. (#7596) No new revisions were added by this update. Summary of changes: iocore/net/P_QUICNetVConnection.h | 1 + iocore/net/P_UnixNetVConnection.h | 1 + iocore/net/QUICNetProcessor.cc| 1 + iocore/net/QUICNetVConnection.cc | 20 iocore/net/SSLNetVConnection.cc | 1 + iocore/net/UnixNetVConnection.cc | 22 +- 6 files changed, 45 insertions(+), 1 deletion(-)
[trafficserver] branch master updated (7a31783 -> aafc41f)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 7a31783 SNI: updating SNI/hostname mismatch logging (#8326) add aafc41f Add current active SNI Routing Tunnel stats (#8323) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.config.en.rst| 9 +++ .../monitoring/statistics/core/ssl.en.rst | 5 ++ mgmt/RecordsConfig.cc | 8 +++ proxy/http/HttpConfig.cc | 9 +++ proxy/http/HttpConfig.h| 2 + proxy/http/HttpSM.cc | 18 +++-- proxy/http/HttpSM.h| 4 +- proxy/http/HttpTunnel.cc | 80 ++ proxy/http/HttpTunnel.h| 12 9 files changed, 142 insertions(+), 5 deletions(-)
[trafficserver] branch master updated: Update CacheWrite.cc (#8405)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new a54abe7 Update CacheWrite.cc (#8405) a54abe7 is described below commit a54abe771df8e7d0546d0107b8a24690b9941222 Author: hankai17 <867614...@qq.com> AuthorDate: Mon Oct 11 09:04:57 2021 +0800 Update CacheWrite.cc (#8405) code optimize for cache_evac debug log --- iocore/cache/CacheWrite.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/iocore/cache/CacheWrite.cc b/iocore/cache/CacheWrite.cc index cf8d024..605588d 100644 --- a/iocore/cache/CacheWrite.cc +++ b/iocore/cache/CacheWrite.cc @@ -458,7 +458,7 @@ CacheVC::evacuateReadHead(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */ } alternate_tmp = vector.get(alternate_index); doc_len = alternate_tmp->object_size_get(); -Debug("cache_evac", "evacuateReadHead http earliest %X first: %X len: %" PRId64, first_key.slice32(0), earliest_key.slice32(0), +Debug("cache_evac", "evacuateReadHead http earliest %X first: %X len: %" PRId64, earliest_key.slice32(0), first_key.slice32(0), doc_len); } else { // non-http document @@ -468,8 +468,8 @@ CacheVC::evacuateReadHead(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */ goto Ldone; } doc_len = doc->total_len; -DDebug("cache_evac", "evacuateReadHead non-http earliest %X first: %X len: %" PRId64, first_key.slice32(0), - earliest_key.slice32(0), doc_len); +DDebug("cache_evac", "evacuateReadHead non-http earliest %X first: %X len: %" PRId64, earliest_key.slice32(0), + first_key.slice32(0), doc_len); } if (doc_len == total_len) { // the whole document has been evacuated. Insert the directory
[trafficserver] branch master updated (a0c5ac3 -> c92cef8)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from a0c5ac3 Make sni.yaml errors cause an unrecoverable TS crash at startup. (#8208) add c92cef8 Fix SSLAddressLookup Test (#8436) No new revisions were added by this update. Summary of changes: iocore/net/test_certlookup.cc | 22 +- 1 file changed, 9 insertions(+), 13 deletions(-)
[trafficserver] branch master updated (c92cef8 -> 5e53758)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from c92cef8 Fix SSLAddressLookup Test (#8436) add 5e53758 Fix timeout checks of NetHandler::manage_active_queue() (#8287) No new revisions were added by this update. Summary of changes: iocore/net/UnixNet.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
[trafficserver] branch master updated (ed66e7d -> 48f34d7)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from ed66e7d Adds new API: TSVConnSslSniGet (#8313) add 48f34d7 Fix null-pointer-subtraction warning (#8433) No new revisions were added by this update. Summary of changes: lib/records/RecRawStats.cc | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)
[trafficserver] branch master updated (48f34d7 -> bf975cd)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 48f34d7 Fix null-pointer-subtraction warning (#8433) add bf975cd Fix deprecated-copy warning (#8434) No new revisions were added by this update. Summary of changes: include/tscore/HTTPVersion.h | 2 ++ include/tscpp/util/MemSpan.h | 1 + 2 files changed, 3 insertions(+)
[trafficserver] branch master updated (bf975cd -> fcc7268)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from bf975cd Fix deprecated-copy warning (#8434) add fcc7268 Fix unused-but-set-variable warnings (#8435) No new revisions were added by this update. Summary of changes: mgmt/api/CoreAPIShared.cc | 3 --- plugins/esi/lib/EsiGunzip.cc| 2 -- plugins/experimental/statichit/statichit.cc | 4 +--- plugins/generator/generator.cc | 4 +--- src/traffic_logcat/logcat.cc| 3 +-- tests/gold_tests/tls/ssl-post.c | 2 -- 6 files changed, 3 insertions(+), 15 deletions(-)
[trafficserver] branch master updated (de96b04 -> b369551)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from de96b04 Increased the max number of operations for marking PR and issues stale to 100 (#8394) add b369551 Add AuTest for stats-over-http plugin (#8422) No new revisions were added by this update. Summary of changes: .../gold/stats_over_http_0_stderr.gold | 11 .../gold/stats_over_http_0_stdout.gold | 4 ++ .../stats_over_http/stats_over_http.test.py| 76 ++ 3 files changed, 91 insertions(+) create mode 100644 tests/gold_tests/pluginTest/stats_over_http/gold/stats_over_http_0_stderr.gold create mode 100644 tests/gold_tests/pluginTest/stats_over_http/gold/stats_over_http_0_stdout.gold create mode 100644 tests/gold_tests/pluginTest/stats_over_http/stats_over_http.test.py
[trafficserver] branch master updated: Pre-warming TLS Tunnel (#7661)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new d1e2dd8 Pre-warming TLS Tunnel (#7661) d1e2dd8 is described below commit d1e2dd8aac6a1c2cd340418b9534923413d1650c Author: Masaori Koshiba AuthorDate: Mon Oct 4 11:21:47 2021 +0900 Pre-warming TLS Tunnel (#7661) --- .gitignore |1 + doc/admin-guide/files/records.config.en.rst| 24 + doc/admin-guide/files/sni.yaml.en.rst | 21 + doc/admin-guide/layer-4-routing.en.rst | 48 + .../monitoring/statistics/core/ssl.en.rst | 42 + doc/uml/l4-pre-warming-overview.uml| 32 + iocore/eventsystem/I_EThread.h |3 + iocore/eventsystem/I_Thread.h |1 + iocore/net/P_SNIActionPerformer.h | 12 +- iocore/net/P_SSLNetVConnection.h | 23 +- iocore/net/SSLSNIConfig.cc |8 +- iocore/net/YamlSNIConfig.cc| 64 +- iocore/net/YamlSNIConfig.h | 16 + iocore/net/libinknet_stub.cc | 10 + mgmt/RecordsConfig.cc |8 + proxy/http/HttpConfig.h|2 + proxy/http/HttpProxyServerMain.cc |3 + proxy/http/HttpSM.cc | 54 +- proxy/http/HttpSM.h|2 + proxy/http/Makefile.am | 16 +- proxy/http/PreWarmAlgorithm.h | 122 ++ proxy/http/PreWarmConfig.cc| 75 ++ proxy/http/PreWarmConfig.h | 57 + proxy/http/PreWarmManager.cc | 1170 proxy/http/PreWarmManager.h| 341 ++ proxy/http/unit_tests/test_PreWarm.cc | 223 src/traffic_quic/traffic_quic.cc |8 + 27 files changed, 2367 insertions(+), 19 deletions(-) diff --git a/.gitignore b/.gitignore index 801e96e..0de9256 100644 --- a/.gitignore +++ b/.gitignore @@ -116,6 +116,7 @@ proxy/http/remap/test_PluginDso proxy/http/remap/test_PluginFactory proxy/http/remap/test_RemapPluginInfo proxy/http/test_proxy_http +proxy/http/test_PreWarm proxy/http/remap/test_* proxy/http2/test_libhttp2 proxy/http2/test_Http2DependencyTree diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index b73c834..03e9e29 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -3949,6 +3949,30 @@ SNI Routing Frequency of checking the activity of SNI Routing Tunnel. Set to ``0`` to disable monitoring of the activity of the SNI tunnels. The feature is disabled by default. +.. ts:cv:: CONFIG proxy.config.tunnel.prewarm INT 0 + + Enable :ref:`pre-warming-tls-tunnel`. The feature is disabled by default. + +.. ts:cv:: CONFIG proxy.config.tunnel.prewarm.max_stats_size INT 100 + + Max size of :ref:`dynamic stats for Pre-warming TLS Tunnel `. + +.. ts:cv:: CONFIG proxy.config.tunnel.prewarm.algorithm INT 2 + + Version of pre-warming algorithm. + + = == + Value Description + = == + ``1`` Periodical pre-warming only + ``2`` Event based pre-warming + Periodical pre-warming + = == + +.. ts:cv:: CONFIG proxy.config.tunnel.prewarm.event_period INT 1000 + :units: milliseconds + + Frequency of periodical pre-warming in milli-seconds. + OCSP Stapling Configuration === diff --git a/doc/admin-guide/files/sni.yaml.en.rst b/doc/admin-guide/files/sni.yaml.en.rst index c1ff0a6..7a04e4b 100644 --- a/doc/admin-guide/files/sni.yaml.en.rst +++ b/doc/admin-guide/files/sni.yaml.en.rst @@ -159,6 +159,27 @@ tunnel_alpn Inbound List of ALPN Protocol Ids for Partial Blind This only works with ``partial_blind_route``. = = +Pre-warming TLS Tunnel +-- + +=== +Key Meaning +=== +tunnel_prewarm Override :ts:cv:`proxy.config.tunnel.prewarm` in records.config. + +tunnel_prewarm_srv
[trafficserver] branch master updated (a13fd3d -> 61c0fcc)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from a13fd3d Relax key validation of sni.yaml (#8549) add 61c0fcc Clear random header value by AIO read error (#8559) No new revisions were added by this update. Summary of changes: iocore/cache/CacheDisk.cc | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-)
[trafficserver] branch master updated: Remove drand48() usage (#8560)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 5d5920e Remove drand48() usage (#8560) 5d5920e is described below commit 5d5920e54a1416dc66643539f3b447705f880925 Author: v1siuol <1098741...@qq.com> AuthorDate: Thu Dec 23 19:13:17 2021 -0500 Remove drand48() usage (#8560) --- iocore/aio/test_AIO.cc | 9 ++-- iocore/cache/CacheDir.cc | 4 +- iocore/cache/CacheTest.cc | 6 +-- plugins/cache_promote/policy.cc| 4 +- proxy/hdrs/unit_tests/test_Hdrs.cc | 4 +- src/tscore/unit_tests/test_MMH.cc | 5 +- tools/jtest/jtest.cc | 96 ++ 7 files changed, 51 insertions(+), 77 deletions(-) diff --git a/iocore/aio/test_AIO.cc b/iocore/aio/test_AIO.cc index 87e6f06..e3dccef 100644 --- a/iocore/aio/test_AIO.cc +++ b/iocore/aio/test_AIO.cc @@ -25,6 +25,7 @@ #include "InkAPIInternal.h" #include "tscore/I_Layout.h" #include "tscore/TSSystemState.h" +#include "tscore/Random.h" #include #include @@ -282,7 +283,7 @@ AIO_Device::do_fd(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */) io->action = this; io->thread = mutex->thread_holding; - switch (select_mode(drand48())) { + switch (select_mode(ts::Random::drandom())) { case READ_MODE: io->aiocb.aio_offset = seq_read_point; io->aiocb.aio_nbytes = seq_read_size; @@ -311,8 +312,8 @@ AIO_Device::do_fd(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */) case RANDOM_READ_MODE: { // fprintf(stderr, "random read started \n"); double p, f; -p = drand48(); -f = drand48(); +p = ts::Random::drandom(); +f = ts::Random::drandom(); off_t o = 0; if (f < hotset_frequency) { o = static_cast(p) * max_hotset_offset; @@ -430,7 +431,7 @@ main(int /* argc ATS_UNUSED */, char *argv[]) RecProcessStart(); ink_aio_init(AIO_MODULE_PUBLIC_VERSION); - srand48(time(nullptr)); + ts::Random::seed(time(nullptr)); printf("input file %s\n", argv[1]); if (!read_config(argv[1])) { exit(1); diff --git a/iocore/cache/CacheDir.cc b/iocore/cache/CacheDir.cc index 42928b6..4787323 100644 --- a/iocore/cache/CacheDir.cc +++ b/iocore/cache/CacheDir.cc @@ -25,6 +25,7 @@ #include "tscore/hugepages.h" #include "tscore/Regression.h" +#include "tscore/Random.h" // #define LOOP_CHECK_MODE 1 #ifdef LOOP_CHECK_MODE @@ -1400,8 +1401,7 @@ regress_rand_CacheKey(const CacheKey *key) void dir_corrupt_bucket(Dir *b, int s, Vol *d) { - // coverity[dont_call] - int l= (static_cast(dir_bucket_length(b, s, d) * drand48())); + int l= (static_cast(dir_bucket_length(b, s, d) * ts::Random::drandom())); Dir *e = b; Dir *seg = d->dir_segment(s); for (int i = 0; i < l; i++) { diff --git a/iocore/cache/CacheTest.cc b/iocore/cache/CacheTest.cc index d4f1b0c..97f1301 100644 --- a/iocore/cache/CacheTest.cc +++ b/iocore/cache/CacheTest.cc @@ -24,6 +24,7 @@ #include "P_Cache.h" #include "P_CacheTest.h" +#include "tscore/Random.h" #include #include #include @@ -590,11 +591,10 @@ test_RamCache(RegressionTest *t, RamCache *cache, const char *name, int64_t cach int sample_size = cache_size >> 6; build_zipf(); - srand48(13); + ts::Random::seed(13); int *r = static_cast(ats_malloc(sample_size * sizeof(int))); for (int i = 0; i < sample_size; i++) { -// coverity[dont_call] -r[i] = get_zipf(drand48()); +r[i] = get_zipf(ts::Random::drandom()); } data.clear(); int misses = 0; diff --git a/plugins/cache_promote/policy.cc b/plugins/cache_promote/policy.cc index 8bfaf4f..3e8c9ee 100644 --- a/plugins/cache_promote/policy.cc +++ b/plugins/cache_promote/policy.cc @@ -16,14 +16,14 @@ limitations under the License. */ #include "tscore/BufferWriter.h" +#include "tscore/Random.h" #include "policy.h" bool PromotionPolicy::doSample() const { if (_sample > 0) { -// coverity[dont_call] -double r = drand48(); +double r = ts::Random::drandom(); if (_sample > r) { TSDebug(PLUGIN_NAME, "checking sampling, is %f > %f? Yes!", _sample, r); diff --git a/proxy/hdrs/unit_tests/test_Hdrs.cc b/proxy/hdrs/unit_tests/test_Hdrs.cc index 73022bf..40448ae 100644 --- a/proxy/hdrs/unit_tests/test_Hdrs.cc +++ b/proxy/hdrs/unit_tests/test_Hdrs.cc @@ -31,6 +31,7 @@ #include "tscore/Regex.h" #include "tscore/ink_time.h" +#include "tscore/Random.h" #include "catch.hpp" @@ -616,8 +617,7 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]") //
[trafficserver] branch master updated (1b78c10 -> 356e3e9)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 1b78c10 Makes proxy_serve_stale version independent (#8508) add 356e3e9 Add proxy.config.http2.stream_error_sampling_threshold (#8506) No new revisions were added by this update. Summary of changes: doc/admin-guide/files/records.config.en.rst | 5 +++ mgmt/RecordsConfig.cc | 2 ++ proxy/http2/HTTP2.cc| 56 +++-- proxy/http2/HTTP2.h | 1 + proxy/http2/Http2ConnectionState.h | 4 +++ 5 files changed, 41 insertions(+), 27 deletions(-)
[trafficserver] branch master updated (8371a24 -> 93179fc)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 8371a24 Update control mechanism changes in lua plugin (#8482) add 93179fc Add AuTest for HTTP CONNECT (#8449) No new revisions were added by this update. Summary of changes: .../connect.test.py} | 58 +- .../gold_tests/connect/gold/connect_0_stderr.gold | 21 tests/gold_tests/connect/gold/connect_access.gold | 1 + 3 files changed, 67 insertions(+), 13 deletions(-) copy tests/gold_tests/{pluginTest/stats_over_http/stats_over_http.test.py => connect/connect.test.py} (50%) create mode 100644 tests/gold_tests/connect/gold/connect_0_stderr.gold create mode 100644 tests/gold_tests/connect/gold/connect_access.gold
[trafficserver] branch master updated (bfd5f89 -> 332617f)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from bfd5f89 Update HostDBContinuation timeout handling to clear pending queue. (#8480) add 332617f Define TS_HTTP_VALUE_BROTLI and TS_HTTP_LEN_BROTLI (#8477) No new revisions were added by this update. Summary of changes: include/ts/apidefs.h.in | 2 ++ plugins/compress/compress.cc | 2 -- plugins/stats_over_http/stats_over_http.c | 6 +- proxy/hdrs/HTTP.cc| 4 proxy/hdrs/HTTP.h | 2 ++ proxy/hdrs/HdrToken.cc| 10 -- proxy/hdrs/MIME.cc| 2 ++ proxy/hdrs/MIME.h | 2 ++ src/traffic_server/InkAPI.cc | 4 9 files changed, 25 insertions(+), 9 deletions(-)
[trafficserver] branch master updated: Add AuTest for POST & connect_attempts_timeout (#8286)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new e866536 Add AuTest for POST & connect_attempts_timeout (#8286) e866536 is described below commit e86653638f8ca282e69e4ce15c9f54976b617244 Author: Masaori Koshiba AuthorDate: Tue Oct 26 10:17:29 2021 +0900 Add AuTest for POST & connect_attempts_timeout (#8286) --- .../post_slow_server_max_requests_in_0_stderr.gold | 5 ++ .../post_slow_server_max_requests_in_0_stdout.gold | 14 .../post_slow_server_max_requests_in.test.py | 74 ++ 3 files changed, 93 insertions(+) diff --git a/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold b/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold new file mode 100644 index 000..0d5e92c --- /dev/null +++ b/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold @@ -0,0 +1,5 @@ +`` +> POST / HTTP/1.1 +`` +< HTTP/1.1 502 Broken pipe +`` diff --git a/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stdout.gold b/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stdout.gold new file mode 100644 index 000..aff210e --- /dev/null +++ b/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stdout.gold @@ -0,0 +1,14 @@ + + +Could Not Connect + + + +Could Not Connect + + + +Description: Could not connect to the requested server host. + + + diff --git a/tests/gold_tests/post_slow_server/post_slow_server_max_requests_in.test.py b/tests/gold_tests/post_slow_server/post_slow_server_max_requests_in.test.py new file mode 100644 index 000..f07d924 --- /dev/null +++ b/tests/gold_tests/post_slow_server/post_slow_server_max_requests_in.test.py @@ -0,0 +1,74 @@ +''' +''' +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from enum import Enum + +Test.Summary = 'Exercise POST request with max_requests_in' +Test.ContinueOnFail = True + + +class PostAndMaxRequestsInTest: +""" +Cover #8273 - Make sure inbound side inactive timeout doesn't happens during outbound side TLS handshake +""" + +def __init__(self): +self.__setupOriginServer() +self.__setupTS() + +def __setupOriginServer(self): +Test.GetTcpPort("server_port") +self.origin_server = Test.Processes.Process( +"server", "bash -c '" + Test.TestDirectory + "/server.sh {}'".format(Test.Variables.server_port) +) + +def __setupTS(self): +self.ts = Test.MakeATSProcess("ts", select_ports=True) + +self.ts.Disk.records_config.update({ +"proxy.config.http.server_ports": f"{self.ts.Variables.port}", +"proxy.config.net.max_requests_in": 1000, +'proxy.config.http.connect_attempts_timeout': 1, +"proxy.config.diags.debug.enabled": 1, +"proxy.config.diags.debug.tags": "http|socket|v_net_queue", +}) + +self.ts.Disk.remap_config.AddLines([ +f"map / https://127.0.0.1:{Test.Variables.server_port}/;, +]) + +def __testCase0(self): +""" +- POST request +- Outbound side TLS Handshake hits connect_attempts_timeout +- Client gets 502 +""" +tr = Test.AddTestRun() +tr.Processes.Default.StartBefore(self.origin_server) +tr.Processes.Default.StartBefore(self.ts) +tr.Processes.Default.Command = f"curl -X POST --http1.1 -vs http://127.0.0.1:{self.ts.Variables.port}/ --data key=value" +tr.Processes.Default.ReturnCode = 0 +tr.Processes.Default.Streams.stdout = "gold/post_slow_server_max_requests_in_0_stdout.gold" +tr.Processes.Default.Streams.stderr = "gold/post_slow_server_max_requests_in_0_stderr.gold" +tr.StillRunningAfter = self.ts + +def run(self): +self.__testCase0() + + +PostAndMaxRequestsInTest().run()
[trafficserver] branch master updated (2fc91a8 -> 02b17db)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 2fc91a8 Dismiss stale reviews when PR has been updated (#8470) add 02b17db Check length before search accept-encoding header (#8475) No new revisions were added by this update. Summary of changes: plugins/stats_over_http/stats_over_http.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-)
[trafficserver] branch master updated (02b17db -> 6b32b74)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 02b17db Check length before search accept-encoding header (#8475) add 6b32b74 Fix case of brotli (#8476) No new revisions were added by this update. Summary of changes: plugins/stats_over_http/stats_over_http.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[trafficserver] branch master updated: Relax key validation of sni.yaml (#8549)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new a13fd3d Relax key validation of sni.yaml (#8549) a13fd3d is described below commit a13fd3da532eae1261cec3185a7041228dcd4131 Author: Masaori Koshiba AuthorDate: Thu Dec 16 10:32:12 2021 +0900 Relax key validation of sni.yaml (#8549) --- iocore/net/YamlSNIConfig.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iocore/net/YamlSNIConfig.cc b/iocore/net/YamlSNIConfig.cc index cadeb77..a5d2778 100644 --- a/iocore/net/YamlSNIConfig.cc +++ b/iocore/net/YamlSNIConfig.cc @@ -158,7 +158,7 @@ template <> struct convert { for (const auto : node) { if (std::none_of(valid_sni_config_keys.begin(), valid_sni_config_keys.end(), [](const std::string ) { return s == elem.first.as(); })) { -throw YAML::ParserException(elem.first.Mark(), "unsupported key " + elem.first.as()); +Warning("unsupported key '%s' in SNI config", elem.first.as().c_str()); } }
[trafficserver] branch master updated (03267ba -> bb782a7)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 03267ba Port #7749 from core strategy to plugin (#8571) add bb782a7 Exclude 3rd party libs from LGTM checks (#8577) No new revisions were added by this update. Summary of changes: .lgtm.yml | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-)
[trafficserver] branch master updated (bb782a7 -> f0a69cd)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from bb782a7 Exclude 3rd party libs from LGTM checks (#8577) add f0a69cd LGTM: Fix pointless comparison of unsigined value to zero (#8575) No new revisions were added by this update. Summary of changes: include/tscpp/util/TextView.h | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-)
[trafficserver] branch master updated (4f68338 -> d5ecba8)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 4f68338 Eliminate erroneous self-loop error on transparent mode (#8586) add d5ecba8 LGTM: Remove function declaration in block (HdrHeap.cc) (#8588) No new revisions were added by this update. Summary of changes: proxy/hdrs/HdrHeap.cc | 5 - 1 file changed, 5 deletions(-)
[trafficserver] branch master updated (d5ecba8 -> 87c36f1)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from d5ecba8 LGTM: Remove function declaration in block (HdrHeap.cc) (#8588) add 87c36f1 LGTM: Fix constant comparison (#8576) No new revisions were added by this update. Summary of changes: iocore/net/UnixUDPNet.cc| 4 +-- plugins/experimental/magick/magick.cc | 2 +- plugins/experimental/memcache/tsmemcache.cc | 45 + plugins/header_rewrite/header_rewrite.cc| 2 +- proxy/logging/Log.h | 2 +- src/traffic_layout/engine.cc| 2 +- src/traffic_logstats/logstats.cc| 2 +- src/traffic_manager/traffic_manager.cc | 6 +++- src/traffic_server/InkAPITest.cc| 12 9 files changed, 25 insertions(+), 52 deletions(-)
[trafficserver] branch master updated (ca2a06e -> 81fe416)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from ca2a06e Fixes compacting spaces in S3 auth plugin (#8579) add 81fe416 Cleanup: Remove old SDKTest for thread_pool example plugin (#8596) No new revisions were added by this update. Summary of changes: example/plugins/c-api/thread_pool/README.txt | 19 --- example/plugins/c-api/thread_pool/TESTPLAN.txt | 30 .../plugins/c-api/thread_pool/include/gen_inc.sh | 2 - .../thread_pool/test/SDKTest/SDKtest_server.config | 15 -- .../c-api/thread_pool/test/SDKTest/psi_server.c| 185 - 5 files changed, 251 deletions(-) delete mode 100644 example/plugins/c-api/thread_pool/test/SDKTest/SDKtest_server.config delete mode 100644 example/plugins/c-api/thread_pool/test/SDKTest/psi_server.c
[trafficserver] branch master updated (92d238a -> 8d5f148)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 92d238a Revert "DNS: Fix lack of nameserver failover in low use circumstances. (#7843)" (#8663) add 8d5f148 Add a new --enable-event-tracker configure option (#8179) No new revisions were added by this update. Summary of changes: configure.ac | 12 +++ include/tscore/ink_stack_trace.h | 7 iocore/eventsystem/I_Event.h | 13 +++ iocore/eventsystem/P_UnixEThread.h| 57 ++- iocore/eventsystem/P_UnixEventProcessor.h | 20 +++ iocore/eventsystem/UnixEvent.cc | 18 ++ src/tscore/ink_stack_trace.cc | 25 ++ 7 files changed, 144 insertions(+), 8 deletions(-)
[trafficserver] branch master updated: Move ChangeLog and README.md to the lib/fastlz/ (#8629)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new e67e4c4 Move ChangeLog and README.md to the lib/fastlz/ (#8629) e67e4c4 is described below commit e67e4c463af279f82b4be1bf66cc137f7575330a Author: Masaori Koshiba AuthorDate: Wed Feb 2 09:49:35 2022 +0900 Move ChangeLog and README.md to the lib/fastlz/ (#8629) --- lib/{ => fastlz}/ChangeLog | 0 lib/{ => fastlz}/README.md | 0 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/lib/ChangeLog b/lib/fastlz/ChangeLog similarity index 100% rename from lib/ChangeLog rename to lib/fastlz/ChangeLog diff --git a/lib/README.md b/lib/fastlz/README.md similarity index 100% rename from lib/README.md rename to lib/fastlz/README.md
[trafficserver] branch master updated: Update descriptions of sni.yaml.default (#8568)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 016a82d Update descriptions of sni.yaml.default (#8568) 016a82d is described below commit 016a82d8372af00611008528320479e53ab42917 Author: takkitano <35422141+takkit...@users.noreply.github.com> AuthorDate: Wed Feb 2 13:12:33 2022 +0900 Update descriptions of sni.yaml.default (#8568) --- configs/sni.yaml.default | 39 +-- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/configs/sni.yaml.default b/configs/sni.yaml.default index e14fee0..3d95c10 100644 --- a/configs/sni.yaml.default +++ b/configs/sni.yaml.default @@ -1,26 +1,45 @@ # sni.yaml # +# Documentation: +# https://docs.trafficserver.apache.org/en/latest/admin-guide/files/sni.yaml.en.html +# +# # This configuration file -# - sets the SSL actions to be performed based on the servername provided during SSL handhshake phase (SNI extension) +# - sets the SSL actions to be performed based on the servername provided during SSL handshake phase (SNI extension) # - sets the SSL properties required to make SSL connection with the next hop or origin server. # # YAML-based Configuration file # Format : # Actions available: -#http2 - adds or removes HTTP/2 (H2) from the protocol list advertised by ATS; parameter required = None, parameters = on or off -#verify_client - sets the verification flag for verifying the client certificate; parameters = one of 'NONE', 'MODERATE' or 'STRICT' -#verify_origin_server - sets the verification flag for verifying the server certificate; parameters = one of 'NONE', 'MODERATE' or 'STRICT' -#client_cert - sets the client certificate to present to the server specified in dest_host; parameters = certificate file . -# The location of the certificate file is relative to proxy.config.ssl.server.cert.path directory. -#tunnel_route - sets the e2e tunnel route -#ip_allow - lists or range of client IP addresses, subnets that are allowed for this connection. This accepts CIDR format -# for subnet specification. +#ip_allow - lists or range of client IP addresses, subnets that are allowed for this connection. This accepts CIDR format +# for subnet specification. +#verify_server_policy - sets the verification flag for verifying the server certificate; parameters = one of 'DISABLED', 'PERMISSIVE', 'ENFORCED' +#verify_server_properties - sets the flag to control what Traffic Server checks when evaluating the origin certificate; +# parameters = one of 'NONE', 'SIGNATURE', 'NAME', and 'ALL' +#verify_client- sets the verification flag for verifying the client certificate; parameters = one of 'NONE', 'MODERATE' or 'STRICT' +#verify_client_ca_certs - specifies an alternate set of certificate authority certs to use to verify the client cert. +#host_sni_policy - sets the flag to control how policy impacting mismatches between host header and SNI values are dealt with; +# parameters = one of 'DISABLED', 'PERMISSIVE', or 'ENFORCED' +#valid_tls_versions_in- sets the list of TLS protocols that will be offered to user agents during the TLS negotiation; +# parameters = one of 'TLSv1', 'TLSv1_1', 'TLSv1_2', and 'TLSv1_3'. +#client_cert - sets the client certificate to present to the server specified in dest_host; parameters = certificate file . +# The location of the certificate file is relative to proxy.config.ssl.server.cert.path directory. +#client_key - sets the file containing the client private key that corresponds to the certificate for the outbound connection. +#client_sni_policy- policy of SNI on outbound connection. +#http2- adds or removes HTTP/2 (H2) from the protocol list advertised by ATS; parameter required = None, parameters = on or off +#tunnel_route - sets the e2e tunnel route +#forward_route- destination as an FQDN and port, separated by a colon :. +# this is similar to tunnel_route, but it terminates the TLS connection and forwards the decrypted traffic. +#partial_blind_route - destination as an FQDN and port, separated by a colon :. +# this is similar to forward_route in that Traffic Server terminates the incoming TLS connection. +# in addition partial_blind_route creates a new TLS connection to the specified origin. +#tunnel_alpn - list of ALPN Protocol Ids for Partial
[trafficserver] branch master updated (8bb6043 -> 0d3fd22)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 8bb6043 Move the string_view utilities out of TextView into their own files. (#8627) add 0d3fd22 Rate Limit Plugin: Re-enable VConnection when SNI is empty (#8625) No new revisions were added by this update. Summary of changes: plugins/experimental/rate_limit/sni_limiter.cc | 3 +++ 1 file changed, 3 insertions(+)
[trafficserver] branch master updated: Fix example plugins build (#10326)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new a727dcc361 Fix example plugins build (#10326) a727dcc361 is described below commit a727dcc3617532f12aa89a109ce43cc4c38893f8 Author: Masaori Koshiba AuthorDate: Mon Sep 4 14:18:47 2023 +0900 Fix example plugins build (#10326) --- .../plugins/plugin-management/logging-api.en.rst | 4 ++-- example/plugins/c-api/denylist_1/denylist_1.cc | 10 +- example/plugins/c-api/thread_pool/psi.cc | 14 +++--- src/traffic_server/InkAPITest.cc | 10 +- 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/doc/developer-guide/plugins/plugin-management/logging-api.en.rst b/doc/developer-guide/plugins/plugin-management/logging-api.en.rst index bcca4931ce..7bb017d14a 100644 --- a/doc/developer-guide/plugins/plugin-management/logging-api.en.rst +++ b/doc/developer-guide/plugins/plugin-management/logging-api.en.rst @@ -65,14 +65,14 @@ The steps below show how the logging API is used in the .. code-block:: c - static TSTextLogObject log; + static TSTextLogObject ts_log; #. In ``TSPluginInit``, a new log object is allocated: .. code-block:: c TSReturnCode error = TSTextLogObjectCreate("denylist", -TS_LOG_MODE_ADD_TIMESTAMP, ); +TS_LOG_MODE_ADD_TIMESTAMP, _log); The new log is named ``denylist.log``. Each entry written to the log will have a timestamp. The ``nullptr`` argument specifies that the new diff --git a/example/plugins/c-api/denylist_1/denylist_1.cc b/example/plugins/c-api/denylist_1/denylist_1.cc index fca46db433..ce1883a506 100644 --- a/example/plugins/c-api/denylist_1/denylist_1.cc +++ b/example/plugins/c-api/denylist_1/denylist_1.cc @@ -35,7 +35,7 @@ static char *sites[MAX_NSITES]; static int nsites; static TSMutex sites_mutex; -static TSTextLogObject log; +static TSTextLogObject ts_log; static TSCont global_contp; static void handle_txn_start(TSCont contp, TSHttpTxn txnp); @@ -108,8 +108,8 @@ handle_dns(TSHttpTxn txnp, TSCont contp) for (i = 0; i < nsites; i++) { if (strncmp(host, sites[i], host_length) == 0) { - if (log) { -TSTextLogObjectWrite(log, "denylisting site: %s", sites[i]); + if (ts_log) { +TSTextLogObjectWrite(ts_log, "denylisting site: %s", sites[i]); } else { TSDebug(PLUGIN_NAME, "denylisting site: %s", sites[i]); } @@ -322,8 +322,8 @@ TSPluginInit(int argc ATS_UNUSED, const char *argv[] ATS_UNUSED) } /* create an TSTextLogObject to log denied requests to */ - error = TSTextLogObjectCreate("denylist", TS_LOG_MODE_ADD_TIMESTAMP, ); - if (!log || error == TS_ERROR) { + error = TSTextLogObjectCreate("denylist", TS_LOG_MODE_ADD_TIMESTAMP, _log); + if (!ts_log || error == TS_ERROR) { TSDebug(PLUGIN_NAME, "error while creating log"); } diff --git a/example/plugins/c-api/thread_pool/psi.cc b/example/plugins/c-api/thread_pool/psi.cc index 21a38670f1..499a935182 100644 --- a/example/plugins/c-api/thread_pool/psi.cc +++ b/example/plugins/c-api/thread_pool/psi.cc @@ -100,7 +100,7 @@ typedef enum { extern Queue job_queue; -static TSTextLogObject log; +static TSTextLogObject ts_log; static char psi_directory[PSI_PATH_MAX_SIZE]; static int trylock_handler(TSCont contp, TSEvent event, void *edata); @@ -499,13 +499,13 @@ psi_include(TSCont contp, void *edata ATS_UNUSED) } TSfclose(filep); data->psi_success = 1; -if (log) { - TSTextLogObjectWrite(log, "Successfully included file: %s", inc_file); +if (ts_log) { + TSTextLogObjectWrite(ts_log, "Successfully included file: %s", inc_file); } } else { data->psi_success = 0; -if (log) { - TSTextLogObjectWrite(log, "Failed to include file: %s", inc_file); +if (ts_log) { + TSTextLogObjectWrite(ts_log, "Failed to include file: %s", inc_file); } } @@ -972,10 +972,10 @@ TSPluginInit(int argc ATS_UNUSED, const char *argv[] ATS_UNUSED) snprintf(psi_directory, sizeof(psi_directory), "%s/%s", TSPluginDirGet(), PSI_PATH); /* create an TSTextLogObject to log any psi include */ - retval = TSTextLogObjectCreate("psi", TS_LOG_MODE_ADD_TIMESTAMP, ); + retval = TSTextLogObjectCreate("psi", TS_LOG_MODE_ADD_TIMESTAMP, _log); if (retval == TS_ERROR) { TSError("[%s] Failed creating log for psi plugin", PLUGIN_NAME); -log = nullptr; +ts_log = nullptr; } /* Create working threads */ diff --git a/src/traffic_server/InkAPITest.cc b/src/tr
[trafficserver] branch master updated: Adjust CMakeLists with git worktree (#10298)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new d50428d9a8 Adjust CMakeLists with git worktree (#10298) d50428d9a8 is described below commit d50428d9a81c21a1a46d2169ffa99a472124bea7 Author: Masaori Koshiba AuthorDate: Mon Sep 4 15:29:47 2023 +0900 Adjust CMakeLists with git worktree (#10298) --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 97ff35f022..1b9914ad93 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -479,7 +479,7 @@ add_custom_target(format COMMENT "formatting all files" ) -if(NOT EXISTS ${CMAKE_SOURCE_DIR}/.git/hooks/pre-commit) +if(IS_DIRECTORY ${CMAKE_SOURCE_DIR}/.git AND NOT EXISTS ${CMAKE_SOURCE_DIR}/.git/hooks/pre-commit) message(STATUS "Installing github hook") configure_file(${CMAKE_SOURCE_DIR}/tools/git/pre-commit ${CMAKE_SOURCE_DIR}/.git/hooks/pre-commit COPYONLY) endif()
[trafficserver] branch master updated (dcc83d3a70 -> 9d3d3c2fce)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from dcc83d3a70 Fix slice head request memory issue (#10285) add 9d3d3c2fce CID 1516688: Fix uninitialized member of AcceptOptions (#10152) No new revisions were added by this update. Summary of changes: iocore/net/AcceptOptions.cc | 49 - iocore/net/AcceptOptions.h | 42 -- iocore/net/CMakeLists.txt | 1 - iocore/net/Connection.cc| 2 +- iocore/net/Makefile.am | 1 - iocore/net/UnixNetAccept.cc | 13 ++-- 6 files changed, 24 insertions(+), 84 deletions(-) delete mode 100644 iocore/net/AcceptOptions.cc
[trafficserver] branch master updated (236b749b2b -> 2dd01b51b3)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 236b749b2b Allow origins to do TLS renegotiation (#10385) add 2dd01b51b3 Fix hwloc build (#10406) No new revisions were added by this update. Summary of changes: configure.ac| 16 +++- iocore/aio/Makefile.am | 3 ++- iocore/eventsystem/Makefile.am | 4 +++- src/traffic_layout/Makefile.inc | 1 + src/traffic_server/Makefile.inc | 1 + src/tscore/Makefile.am | 1 + tools/benchmark/Makefile.am | 1 + 7 files changed, 20 insertions(+), 7 deletions(-)
[trafficserver] branch master updated: LSan: Fix memory leak of test_proxy_hdrs (#10542)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 344950e997 LSan: Fix memory leak of test_proxy_hdrs (#10542) 344950e997 is described below commit 344950e99736681e58e6a2455fb306862570c2ed Author: Masaori Koshiba AuthorDate: Tue Oct 17 07:27:36 2023 +0900 LSan: Fix memory leak of test_proxy_hdrs (#10542) * LSan: Fix memory leak of test_proxy_hdrs * Suppress test_http_hdr_print_and_copy_aux leak --- ci/asan_leak_suppression/unit_tests.txt| 2 ++ proxy/hdrs/Makefile.am | 1 + proxy/hdrs/unit_tests/test_Hdrs.cc | 5 + proxy/http/unit_tests/test_HttpTransact.cc | 21 + 4 files changed, 29 insertions(+) diff --git a/ci/asan_leak_suppression/unit_tests.txt b/ci/asan_leak_suppression/unit_tests.txt index f1848dacd5..da34e83c61 100644 --- a/ci/asan_leak_suppression/unit_tests.txt +++ b/ci/asan_leak_suppression/unit_tests.txt @@ -6,3 +6,5 @@ leak:CRYPTO_realloc leak:ConsCell # PR#10295 leak:pcre_jit_stack_alloc +# PR#10541 +leak:test_http_hdr_print_and_copy_aux diff --git a/proxy/hdrs/Makefile.am b/proxy/hdrs/Makefile.am index 670317c1b2..b1691d6610 100644 --- a/proxy/hdrs/Makefile.am +++ b/proxy/hdrs/Makefile.am @@ -72,6 +72,7 @@ check_PROGRAMS = \ test_XPACK TESTS = $(check_PROGRAMS) +TESTS_ENVIRONMENT = LSAN_OPTIONS=suppressions=$(abs_top_srcdir)/ci/asan_leak_suppression/unit_tests.txt test_proxy_hdrs_CPPFLAGS = $(AM_CPPFLAGS) \ -I$(abs_top_srcdir)/lib/catch2 diff --git a/proxy/hdrs/unit_tests/test_Hdrs.cc b/proxy/hdrs/unit_tests/test_Hdrs.cc index 4f70c2d063..265edb0993 100644 --- a/proxy/hdrs/unit_tests/test_Hdrs.cc +++ b/proxy/hdrs/unit_tests/test_Hdrs.cc @@ -32,6 +32,7 @@ #include "tscore/Regex.h" #include "tscore/ink_time.h" #include "tscore/Random.h" +#include "tscpp/util/PostScript.h" #include "catch.hpp" @@ -280,6 +281,7 @@ test_http_hdr_null_char(int testnum, const char *request, const char * /*request { int err; HTTPHdr hdr; + ts::PostScript hdr_defer([&]() -> void { hdr.destroy(); }); HTTPParser parser; const char *start; char cpy_buf[2048]; @@ -308,6 +310,7 @@ test_http_hdr_null_char(int testnum, const char *request, const char * /*request break; } } + if (err != PARSE_RESULT_ERROR) { std::printf("FAILED: (test #%d) no parse error parsing request with null char\n", testnum); return (0); @@ -320,6 +323,7 @@ test_http_hdr_ctl_char(int testnum, const char *request, const char * /*request_ { int err; HTTPHdr hdr; + ts::PostScript hdr_defer([&]() -> void { hdr.destroy(); }); HTTPParser parser; const char *start; char cpy_buf[2048]; @@ -571,6 +575,7 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]") }; MIMEHdr hdr; +ts::PostScript hdr_defer([&]() -> void { hdr.destroy(); }); MIMEParser parser; mime_parser_init(); diff --git a/proxy/http/unit_tests/test_HttpTransact.cc b/proxy/http/unit_tests/test_HttpTransact.cc index 518e173236..25cf06ce9c 100644 --- a/proxy/http/unit_tests/test_HttpTransact.cc +++ b/proxy/http/unit_tests/test_HttpTransact.cc @@ -22,7 +22,10 @@ */ #include + #include "tscore/Diags.h" +#include "tscpp/util/PostScript.h" + #include "HttpTransact.h" #include "records/I_RecordsConfig.h" @@ -40,6 +43,9 @@ TEST_CASE("HttpTransact", "[http]") { HTTPHdr hdr1; HTTPHdr hdr2; + ts::PostScript hdr1_defer([&]() -> void { hdr1.destroy(); }); + ts::PostScript hdr2_defer([&]() -> void { hdr2.destroy(); }); + MIMEField *field; const char *str; int len; @@ -125,6 +131,9 @@ TEST_CASE("HttpTransact", "[http]") { HTTPHdr hdr1; HTTPHdr hdr2; + ts::PostScript hdr1_defer([&]() -> void { hdr1.destroy(); }); + ts::PostScript hdr2_defer([&]() -> void { hdr2.destroy(); }); + MIMEField *field; const char *str; int len; @@ -203,6 +212,9 @@ TEST_CASE("HttpTransact", "[http]") { HTTPHdr hdr1; HTTPHdr hdr2; + ts::PostScript hdr1_defer([&]() -> void { hdr1.destroy(); }); + ts::PostScript hdr2_defer([&]() -> void { hdr2.destroy(); }); + MIMEField *field; const char *str; int len; @@ -281,6 +293,9 @@ TEST_CASE("HttpTransact", "[http]") { HTTPHdr hdr1; HTTPHdr hdr2; + ts::PostScript hdr1_defer([&]() -> void { hdr1.destroy(); }); + ts::PostScript hdr2_defer([&]() -> void { hdr2.destroy(); }); + MIMEField *field; const char *str;
[trafficserver] branch master updated: LSan: Fix memory leak of test_libhttp2 (#10543)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 1882950bdc LSan: Fix memory leak of test_libhttp2 (#10543) 1882950bdc is described below commit 1882950bdcb03449c1b946d8a99981edbf323556 Author: Masaori Koshiba AuthorDate: Tue Oct 17 07:27:44 2023 +0900 LSan: Fix memory leak of test_libhttp2 (#10543) * LSan: Fix memory leak of test_libhttp2 * Remove duplicated lambdas --- proxy/http2/unit_tests/test_HpackIndexingTable.cc | 30 +-- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/proxy/http2/unit_tests/test_HpackIndexingTable.cc b/proxy/http2/unit_tests/test_HpackIndexingTable.cc index 26baba3493..98b3e68611 100644 --- a/proxy/http2/unit_tests/test_HpackIndexingTable.cc +++ b/proxy/http2/unit_tests/test_HpackIndexingTable.cc @@ -36,6 +36,20 @@ static constexpr int MAX_TEST_FIELD_NUM = 8; static constexpr int MAX_REQUEST_HEADER_SIZE= 131072; static constexpr int MAX_TABLE_SIZE = 4096; +namespace +{ +/** + When HTTHdr::create is called, HTTPHdr::destroy needs to be called to free HdrHeap. + When Issue #10541 is fixed, we don't need this helper. +*/ +void +destroy_http_hdr(HTTPHdr *hdr) +{ + hdr->destroy(); + delete hdr; +} +} // namespace + TEST_CASE("HPACK low level APIs", "[hpack]") { SECTION("indexed_header_field") @@ -71,7 +85,7 @@ TEST_CASE("HPACK low level APIs", "[hpack]") HpackIndexingTable indexing_table(4096); for (const auto : indexed_test_case) { -std::unique_ptr headers(new HTTPHdr); +std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); MIMEField *field = mime_field_create(headers->m_heap, headers->m_http->m_fields_impl); MIMEFieldWrapper header(field, headers->m_heap, headers->m_http->m_fields_impl); @@ -206,7 +220,7 @@ TEST_CASE("HPACK low level APIs", "[hpack]") HpackIndexingTable indexing_table(4096); for (const auto : literal_test_case) { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); MIMEField *field = mime_field_create(headers->m_heap, headers->m_http->m_fields_impl); MIMEFieldWrapper header(field, headers->m_heap, headers->m_http->m_fields_impl); @@ -328,7 +342,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]") indexing_table.update_maximum_size(DYNAMIC_TABLE_SIZE_FOR_REGRESSION_TEST); for (unsigned int i = 0; i < sizeof(encoded_field_response_test_case) / sizeof(encoded_field_response_test_case[0]); i++) { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_RESPONSE); for (unsigned int j = 0; j < sizeof(raw_field_response_test_case[i]) / sizeof(raw_field_response_test_case[i][0]); j++) { @@ -432,7 +446,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]") HpackIndexingTable indexing_table(4096); for (unsigned int i = 0; i < sizeof(encoded_field_request_test_case) / sizeof(encoded_field_request_test_case[0]); i++) { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); hpack_decode_header_block(indexing_table, headers.get(), encoded_field_request_test_case[i].encoded_field, @@ -465,7 +479,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]") // add entries in dynamic table { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); // C.3.1. First Request @@ -481,7 +495,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]") // clear all entries by setting a maximum size of 0 { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); uint8_t data[] = {0x20}; @@ -495,7 +509,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]") // make the maximum size back to 4096 { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); uint8_t data[] = {0x3f, 0xe1, 0x1f}; @@ -509,7 +523,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]") // error with exceeding the limit (MAX_TABLE_SIZE) { - std::unique_ptr headers(new HTTPHdr); + std::unique_ptr headers(new HTTPHdr, destroy_http_hdr); headers->create(HTTP_TYPE_REQUEST); uint8_t data[] = {0x3f, 0xe2, 0x1f};
(trafficserver) branch master updated (595c1ec6f3 -> 14f2d496aa)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 595c1ec6f3 Revert "coverity 1497413: Use of 32-bit time_t (#9556)" (#10697) add 14f2d496aa Rename Vol to Stripe (#10666) No new revisions were added by this update. Summary of changes: .../cache-architecture/architecture.en.rst | 28 ++--- .../cache-architecture/core-cache-functions.en.rst | 2 +- .../cache-architecture/data-structures.en.rst | 46 - include/iocore/cache/CacheVC.h | 4 +- src/iocore/cache/CMakeLists.txt| 2 +- src/iocore/cache/Cache.cc | 70 ++--- src/iocore/cache/CacheDir.cc | 58 +-- src/iocore/cache/CacheDisk.cc | 56 +- src/iocore/cache/CacheHosting.cc | 4 +- src/iocore/cache/CachePagesInternal.cc | 10 +- src/iocore/cache/CacheRead.cc | 4 +- src/iocore/cache/CacheTest.cc | 8 +- src/iocore/cache/CacheVC.cc| 10 +- src/iocore/cache/CacheWrite.cc | 46 - src/iocore/cache/Makefile.am | 2 +- src/iocore/cache/P_CacheDir.h | 42 src/iocore/cache/P_CacheDisk.h | 30 +++--- src/iocore/cache/P_CacheHosting.h | 4 +- src/iocore/cache/P_CacheInternal.h | 30 +++--- src/iocore/cache/P_CacheVol.h | 114 ++--- src/iocore/cache/P_RamCache.h | 2 +- src/iocore/cache/RamCacheCLFUS.cc | 6 +- src/iocore/cache/RamCacheLRU.cc| 6 +- src/iocore/cache/{Vol.cc => Stripe.cc} | 82 +++ src/iocore/cache/unit_tests/test_CacheDir.cc | 4 +- src/iocore/cache/unit_tests/test_CacheVol.cc | 15 +-- src/traffic_cache_tool/CacheDefs.h | 8 +- 27 files changed, 347 insertions(+), 346 deletions(-) rename src/iocore/cache/{Vol.cc => Stripe.cc} (93%)
(trafficserver) branch master updated (d96ecb32a9 -> 5088bbae4a)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from d96ecb32a9 Removes the cache_key_genid plugin, as agreed (#10708) add 5088bbae4a Add assert of CacheDisk is not nullptr (#10704) No new revisions were added by this update. Summary of changes: src/iocore/cache/Cache.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
(trafficserver) branch master updated (6c8b9ccdc1 -> 1c486cad89)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git from 6c8b9ccdc1 ConectionTracker: remove depepency on proxy/http (#10740) add 1c486cad89 Fix typo in autopep8.sh (#10747) No new revisions were added by this update. Summary of changes: tools/autopep8.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(trafficserver) branch master updated: Cleanup: Remove unused members of CacheHostRecord (#10689)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 7ddb0fa8fb Cleanup: Remove unused members of CacheHostRecord (#10689) 7ddb0fa8fb is described below commit 7ddb0fa8fb2bacdec06c2ccac52c84f35f7ce74d Author: Masaori Koshiba AuthorDate: Tue Oct 31 07:17:26 2023 +0900 Cleanup: Remove unused members of CacheHostRecord (#10689) --- src/iocore/cache/P_CacheHosting.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/iocore/cache/P_CacheHosting.h b/src/iocore/cache/P_CacheHosting.h index bd899efac7..456c44dac3 100644 --- a/src/iocore/cache/P_CacheHosting.h +++ b/src/iocore/cache/P_CacheHosting.h @@ -52,9 +52,7 @@ struct CacheHostRecord { CacheType type = CACHE_NONE_TYPE; Vol **vols = nullptr; - int good_num_vols = 0; int num_vols = 0; - int num_initialized= 0; unsigned short *vol_hash_table = nullptr; CacheVol **cp = nullptr; int num_cachevols = 0;
[trafficserver] branch master updated: Convert CacheDir regression tests into unit tests (#10635)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new e084750c69 Convert CacheDir regression tests into unit tests (#10635) e084750c69 is described below commit e084750c6943920cae0fe611d9ebf416c09d2c97 Author: Masaori Koshiba AuthorDate: Thu Oct 19 10:11:20 2023 +0900 Convert CacheDir regression tests into unit tests (#10635) * Convert CacheDir regression tests into unit tests * Fix clang-format * Fix LOOP_CHECK_MODE --- src/iocore/cache/CacheDir.cc | 217 +-- src/iocore/cache/Makefile.am | 8 + src/iocore/cache/P_CacheDir.h | 6 + src/iocore/cache/test/test_CacheDir.cc | 262 + src/tests/CMakeLists.txt | 1 + 5 files changed, 278 insertions(+), 216 deletions(-) diff --git a/src/iocore/cache/CacheDir.cc b/src/iocore/cache/CacheDir.cc index 97e309b810..ea7ea0d732 100644 --- a/src/iocore/cache/CacheDir.cc +++ b/src/iocore/cache/CacheDir.cc @@ -22,12 +22,11 @@ */ #include "P_Cache.h" +#include "P_CacheDir.h" #include "tscore/hugepages.h" -#include "tscore/Regression.h" #include "tscore/Random.h" -// #define LOOP_CHECK_MODE 1 #ifdef LOOP_CHECK_MODE #define DIR_LOOP_THRESHOLD 1000 #endif @@ -1241,217 +1240,3 @@ const uint8_t CacheKey_prev_table[256] = { 209, 247, 189, 72, 69, 238, 133, 13, 167, 31, 235, 116, 201, 190, 213, 203, 104, 115, 12, 212, 52, 63, 149, 135, 183, 84, 147, 163, 249, 65, 217, 174, 70, 6, 64, 90, 155, 177, 185, 182, 108, 121, 164, 136, 58, 220, 241, 4, }; - -// -// Regression -// -unsigned int regress_rand_seed = 0; -void -regress_rand_init(unsigned int i) -{ - regress_rand_seed = i; -} - -static void -regress_rand_CacheKey(const CacheKey *key) -{ - unsigned int *x = (unsigned int *)key; - for (int i = 0; i < 4; i++) { -x[i] = next_rand(_rand_seed); - } -} - -void -dir_corrupt_bucket(Dir *b, int s, Vol *vol) -{ - int l= (static_cast(dir_bucket_length(b, s, vol) * ts::Random::drandom())); - Dir *e = b; - Dir *seg = vol->dir_segment(s); - for (int i = 0; i < l; i++) { -ink_release_assert(e); -e = next_dir(e, seg); - } - ink_release_assert(e); - dir_set_next(e, dir_to_offset(e, seg)); -} - -EXCLUSIVE_REGRESSION_TEST(Cache_dir)(RegressionTest *t, int /* atype ATS_UNUSED */, int *status) -{ - ink_hrtime ttime; - int ret = REGRESSION_TEST_PASSED; - - if ((CacheProcessor::IsCacheEnabled() != CACHE_INITIALIZED) || gnvol < 1) { -rprintf(t, "cache not ready/configured"); -*status = REGRESSION_TEST_FAILED; -return; - } - Vol *vol= gvol[0]; - EThread *thread = this_ethread(); - MUTEX_TRY_LOCK(lock, vol->mutex, thread); - ink_release_assert(lock.is_locked()); - rprintf(t, "clearing vol 0\n", free); - vol_dir_clear(vol); - - // coverity[var_decl] - Dir dir; - dir_clear(); - dir_set_phase(, 0); - dir_set_head(, true); - dir_set_offset(, 1); - - vol->header->agg_pos = vol->header->write_pos += 1024; - - CacheKey key; - rand_CacheKey(, thread->mutex); - - int s= key.slice32(0) % vol->segments, i, j; - Dir *seg = vol->dir_segment(s); - - // test insert - rprintf(t, "insert test\n", free); - int inserted = 0; - int free = dir_freelist_length(vol, s); - int n= free; - rprintf(t, "free: %d\n", free); - while (n--) { -if (!dir_insert(, vol, )) { - break; -} -inserted++; - } - rprintf(t, "inserted: %d\n", inserted); - if (static_cast(inserted - free) > 1) { -ret = REGRESSION_TEST_FAILED; - } - - // test delete - rprintf(t, "delete test\n"); - for (i = 0; i < vol->buckets; i++) { -for (j = 0; j < DIR_DEPTH; j++) { - dir_set_offset(dir_bucket_row(dir_bucket(i, seg), j), 0); // delete -} - } - dir_clean_segment(s, vol); - int newfree = dir_freelist_length(vol, s); - rprintf(t, "newfree: %d\n", newfree); - if (static_cast(newfree - free) > 1) { -ret = REGRESSION_TEST_FAILED; - } - - // test insert-delete - rprintf(t, "insert-delete test\n"); - regress_rand_init(13); - ttime = ink_get_hrtime(); - for (i = 0; i < newfree; i++) { -regress_rand_CacheKey(); -dir_insert(, vol, ); - } - uint64_t us = (ink_get_hrtime() - ttime) / HRTIME_USECOND; - // On windows us is sometimes 0. I don't know why. - // printout the insert rate only if its not 0 - if (us) { -rprintf(t, "insert rate = %d / second\n", static_cast((newfree * static_cast(100)) / us)); - } - regress_rand_init(13); - ttime = ink_get_hrtime(); - for (i = 0; i < newfree; i++) { -Dir *last_collision = nullptr; -regres
[trafficserver] branch master updated: Use ts::Metrics for PreWarm stats (#10465)
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new c1336f6d7d Use ts::Metrics for PreWarm stats (#10465) c1336f6d7d is described below commit c1336f6d7dc74feeb0a7755b5a3bc8d92f0dbe5d Author: Masaori Koshiba AuthorDate: Fri Sep 29 07:44:27 2023 +0900 Use ts::Metrics for PreWarm stats (#10465) * Use ts::Metrics for PreWarm stats * Use ts::Metrics::increment and store --- doc/admin-guide/files/records.yaml.en.rst | 4 -- iocore/net/PreWarmManager.cc | 68 ++ iocore/net/PreWarmManager.h| 11 +--- proxy/http/PreWarmConfig.cc| 1 - proxy/http/PreWarmConfig.h | 7 +-- src/records/RecordsConfig.cc | 2 - tests/gold_tests/records/gold/full_records.yaml| 1 - .../records/legacy_config/full_records.config | 1 - 8 files changed, 38 insertions(+), 57 deletions(-) diff --git a/doc/admin-guide/files/records.yaml.en.rst b/doc/admin-guide/files/records.yaml.en.rst index f87157ac52..048b92927d 100644 --- a/doc/admin-guide/files/records.yaml.en.rst +++ b/doc/admin-guide/files/records.yaml.en.rst @@ -4227,10 +4227,6 @@ SNI Routing Enable :ref:`pre-warming-tls-tunnel`. The feature is disabled by default. -.. ts:cv:: CONFIG proxy.config.tunnel.prewarm.max_stats_size INT 100 - - Max size of :ref:`dynamic stats for Pre-warming TLS Tunnel `. - .. ts:cv:: CONFIG proxy.config.tunnel.prewarm.algorithm INT 2 Version of pre-warming algorithm. diff --git a/iocore/net/PreWarmManager.cc b/iocore/net/PreWarmManager.cc index 2a569cb8c7..51ee2f3eff 100644 --- a/iocore/net/PreWarmManager.cc +++ b/iocore/net/PreWarmManager.cc @@ -29,6 +29,7 @@ #include "P_VConnection.h" #include "I_NetProcessor.h" +#include "api/Metrics.h" #include "tscore/ink_time.h" #include "tscpp/util/PostScript.h" @@ -83,21 +84,16 @@ parse_authority(std::string , int32_t , std::string_view authority) // constexpr std::string_view STAT_NAME_PREFIX = "proxy.process.tunnel.prewarm"sv; -struct StatEntry { - std::string_view name; - RecRawStatSyncCb cb; -}; - // the order is the same as PreWarm::Stat // clang-format off -constexpr StatEntry STAT_ENTRIES[] = { - {"current_init"sv, RecRawStatSyncSum}, - {"current_open"sv, RecRawStatSyncSum}, - {"total_hit"sv, RecRawStatSyncSum}, - {"total_miss"sv, RecRawStatSyncSum}, - {"total_handshake_time"sv, RecRawStatSyncSum}, - {"total_handshake_count"sv, RecRawStatSyncSum}, - {"total_retry"sv, RecRawStatSyncSum}, +constexpr std::string_view STAT_ENTRIES[] = { + "current_init"sv, + "current_open"sv, + "total_hit"sv, + "total_miss"sv, + "total_handshake_time"sv, + "total_handshake_count"sv, + "total_retry"sv, }; // clang-format on @@ -140,7 +136,8 @@ PreWarmSM::retry() ink_hrtime delay = HRTIME_SECONDS(1 << _retry_counter); ++_retry_counter; - prewarmManager.stats.increment(_stats_ids->at(static_cast(PreWarm::Stat::RETRY)), 1); + + ts::Metrics::increment(_stats_ids->at(static_cast(PreWarm::Stat::RETRY))); EThread *ethread = this_ethread(); _retry_event = ethread->schedule_in_local(this, delay, EVENT_IMMEDIATE); @@ -630,8 +627,8 @@ PreWarmSM::_record_handshake_time() return; } - prewarmManager.stats.increment(_stats_ids->at(static_cast(PreWarm::Stat::HANDSHAKE_TIME)), duration); - prewarmManager.stats.increment(_stats_ids->at(static_cast(PreWarm::Stat::HANDSHAKE_COUNT)), 1); + ts::Metrics::increment(_stats_ids->at(static_cast(PreWarm::Stat::HANDSHAKE_TIME)), duration); + ts::Metrics::increment(_stats_ids->at(static_cast(PreWarm::Stat::HANDSHAKE_COUNT)), 1); } @@ -704,10 +701,10 @@ PreWarmQueue::state_running(int event, void *data) dst->port, (int)dst->type, dst->alpn_index, info.stat.miss, info.stat.hit, (int)info.init_list->size(), (int)info.open_list->size()); - prewarmManager.stats.set_sum(info.stats_ids->at(static_cast(PreWarm::Stat::INIT_LIST_SIZE)), info.init_list->size()); - prewarmManager.stats.set_sum(info.stats_ids->at(static_cast(PreWarm::Stat::OPEN_LIST_SIZE)), info.open_list->size()); - prewarmManager.stats.increment(info.stats_ids->at(static_cast(PreWarm::Stat::HIT)), info.stat.hit); - prewarmManager.stats.increment(info.stats_ids->at(static_cast(PreWarm::Stat::MISS)), info.stat.miss); + ts::Metrics::write(info.stats_ids->at(static_cast(PreWarm::Stat::INIT_LIST_SIZE)), info.init_list->size()); + ts::M