trafficserver git commit: TS-3573: Fix connection leak
Repository: trafficserver
Updated Branches:
refs/heads/master cec7e3c2a - e895bcc6a
TS-3573: Fix connection leak
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/e895bcc6
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/e895bcc6
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/e895bcc6
Branch: refs/heads/master
Commit: e895bcc6aa64e595c31f682a5acf8e6537235c89
Parents: cec7e3c
Author: shinrich shinr...@yahoo-inc.com
Authored: Thu Apr 30 13:19:07 2015 -0500
Committer: shinrich shinr...@yahoo-inc.com
Committed: Thu Apr 30 13:19:07 2015 -0500
--
CHANGES | 2 ++
iocore/net/UnixNetVConnection.cc | 19 +--
2 files changed, 19 insertions(+), 2 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e895bcc6/CHANGES
--
diff --git a/CHANGES b/CHANGES
index eae4f99..cb8ba65 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
-*- coding: utf-8 -*-
Changes with Apache Traffic Server 6.0.0
+ *) [TS-3575]: Fix connection leak.
+
*) [TS-3538]: Perform server certificate validity check.
*) [TS-3549]: Configurable option to avoid thundering herd problem
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e895bcc6/iocore/net/UnixNetVConnection.cc
--
diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc
index ae4d028..2e44010 100644
--- a/iocore/net/UnixNetVConnection.cc
+++ b/iocore/net/UnixNetVConnection.cc
@@ -143,7 +143,7 @@ read_signal_and_update(int event, UnixNetVConnection *vc)
case VC_EVENT_ERROR:
case VC_EVENT_ACTIVE_TIMEOUT:
case VC_EVENT_INACTIVITY_TIMEOUT:
- Debug(inactivity_cop, event %d: null cont, closing vc %p, event, vc);
+ Debug(inactivity_cop, event %d: null read.vio cont, closing vc %p,
event, vc);
vc-closed = 1;
break;
default:
@@ -166,8 +166,23 @@ static inline int
write_signal_and_update(int event, UnixNetVConnection *vc)
{
vc-recursion++;
- if (NULL != vc-write.vio._cont)
+ if (vc-write.vio._cont) {
vc-write.vio._cont-handleEvent(event, vc-write.vio);
+ } else {
+switch (event) {
+case VC_EVENT_EOS:
+case VC_EVENT_ERROR:
+case VC_EVENT_ACTIVE_TIMEOUT:
+case VC_EVENT_INACTIVITY_TIMEOUT:
+ Debug(inactivity_cop, event %d: null write.vio cont, closing vc %p,
event, vc);
+ vc-closed = 1;
+ break;
+default:
+ Error(Unexpected event %d for vc %p, event, vc);
+ ink_release_assert(0);
+ break;
+}
+ }
if (!--vc-recursion vc-closed) {
/* BZ 31932 */
ink_assert(vc-thread == this_ethread());
[2/2] trafficserver git commit: Remove deprecated code paths
Remove deprecated code paths
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/2e51a727
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/2e51a727
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/2e51a727
Branch: refs/heads/master
Commit: 2e51a7273871bbabc4154e29bc52ffa2af8c3a3c
Parents: 1687830
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 14:17:29 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 14:17:29 2015 -0700
--
ci/tsqa/tests/test_regressions.py | 17 -
1 file changed, 17 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/2e51a727/ci/tsqa/tests/test_regressions.py
--
diff --git a/ci/tsqa/tests/test_regressions.py
b/ci/tsqa/tests/test_regressions.py
index 8fec2eb..f8cd1f0 100644
--- a/ci/tsqa/tests/test_regressions.py
+++ b/ci/tsqa/tests/test_regressions.py
@@ -54,23 +54,6 @@ class TestRegressions(helpers.EnvironmentCase):
cmd = [os.path.join(self.environment.layout.bindir, 'traffic_server'),
'-R', '1']
tsqa.utils.run_sync_command(cmd, stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
-class TestRegressionsReclaimableFreelist(TestRegressions):
-'''
-Run the built-in traffic_server regression test suite with
---enable-reclaimable-freelist.
-'''
-environment_factory = {
-'configure': { 'enable-reclaimable-freelist': None },
-}
-
-class TestRegressionsInterimCache(TestRegressions):
-'''
-Run the built-in traffic_server regression test suite with
---enable-interim-cache.
-'''
-environment_factory = {
-'configure': { 'enable-interim-cache': None },
-}
class TestRegressionsLinuxNativeAIO(TestRegressions):
'''
[1/2] trafficserver git commit: Add xunit output of the test results
Repository: trafficserver Updated Branches: refs/heads/master 157dd5032 - 2e51a7273 Add xunit output of the test results Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/1687830e Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/1687830e Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/1687830e Branch: refs/heads/master Commit: 1687830ecb2a0783c788ff2e62661e1d554c5189 Parents: 157dd50 Author: Thomas Jackson jackso...@apache.org Authored: Thu Apr 30 14:04:22 2015 -0700 Committer: Thomas Jackson jackso...@apache.org Committed: Thu Apr 30 14:04:22 2015 -0700 -- ci/tsqa/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/1687830e/ci/tsqa/Makefile -- diff --git a/ci/tsqa/Makefile b/ci/tsqa/Makefile index a46a684..c692857 100644 --- a/ci/tsqa/Makefile +++ b/ci/tsqa/Makefile @@ -20,7 +20,7 @@ VIRTUALENV_DIR = virtualenv # Run all tests. test: $(VIRTUALENV_DIR) - @source $(VIRTUALENV_DIR)/bin/activate $(VIRTUALENV_DIR)/bin/nosetests -sv --logging-level=INFO + $(VIRTUALENV_DIR)/bin/nosetests --with-xunit -sv --logging-level=INFO # Scan and list the tests. list: $(VIRTUALENV_DIR)
trafficserver-qa git commit: Allow for directory overrides
Repository: trafficserver-qa
Updated Branches:
refs/heads/master 3ed1bcd90 - 37f87d70b
Allow for directory overrides
Project: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/commit/37f87d70
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/tree/37f87d70
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/diff/37f87d70
Branch: refs/heads/master
Commit: 37f87d70bdea70385bbf0c923e88128cb343bc87
Parents: 3ed1bcd
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 13:25:21 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 13:25:21 2015 -0700
--
tsqa/endpoint.py| 3 +++
tsqa/environment.py | 3 ++-
2 files changed, 5 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver-qa/blob/37f87d70/tsqa/endpoint.py
--
diff --git a/tsqa/endpoint.py b/tsqa/endpoint.py
index 76c9773..a2db090 100644
--- a/tsqa/endpoint.py
+++ b/tsqa/endpoint.py
@@ -18,6 +18,7 @@ import os
import threading
import requests
import flask
+import socket
import SocketServer
import ssl
@@ -223,6 +224,8 @@ class DynamicHTTPEndpoint(threading.Thread):
self.server = make_server('',
self.port,
self.app.wsgi_app)
+# mark the socket as SO_REUSEADDR
+self.server.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR,
1)
# mark it as ready
self.ready.set()
# serve it
http://git-wip-us.apache.org/repos/asf/trafficserver-qa/blob/37f87d70/tsqa/environment.py
--
diff --git a/tsqa/environment.py b/tsqa/environment.py
index ef73b08..33589e8 100644
--- a/tsqa/environment.py
+++ b/tsqa/environment.py
@@ -332,7 +332,8 @@ class Environment(object):
# First, make the prefix directory.
if self.layout is None:
-self.layout =
Layout(tempfile.mkdtemp(prefix=os.environ.get('TSQA_LAYOUT_PREFIX',
'tsqa.env.')))
+self.layout =
Layout(tempfile.mkdtemp(prefix=os.environ.get('TSQA_LAYOUT_PREFIX',
'tsqa.env.'),
+
dir=os.environ.get('TSQA_LAYOUR_DIR', None)))
else:
os.makedirs(self.layout.prefix)
os.chmod(self.layout.prefix, 0777) # Make the tmp dir readable by all
[4/4] trafficserver git commit: Remove old tsqa, and replace it with the new python based one.
Remove old tsqa, and replace it with the new python based one. This includes a move of the actual tests as well as a replacement of the jenkins script. TS-3574 Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/51ea4aa9 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/51ea4aa9 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/51ea4aa9 Branch: refs/heads/master Commit: 51ea4aa9d81ae8d93c7e7e137cb0aca178497b01 Parents: e895bcc Author: Thomas Jackson jackso...@apache.org Authored: Thu Apr 30 13:35:57 2015 -0700 Committer: Thomas Jackson jackso...@apache.org Committed: Thu Apr 30 13:39:30 2015 -0700 -- ci/jenkins/bin/tsqa.sh | 37 +- ci/new_tsqa/Makefile | 43 -- ci/new_tsqa/TODO | 7 - ci/new_tsqa/files/cert.pem | 20 - ci/new_tsqa/files/ec_keys/README.rst | 29 -- ci/new_tsqa/files/ec_keys/ca.crt | 12 - ci/new_tsqa/files/ec_keys/ca.key | 8 - ci/new_tsqa/files/ec_keys/intermediate.crt | 10 - ci/new_tsqa/files/ec_keys/intermediate.key | 8 - ci/new_tsqa/files/ec_keys/www.example.com.pem | 15 - ci/new_tsqa/files/ec_keys/www.test.com.pem | 15 - ci/new_tsqa/files/key.pem | 28 -- ci/new_tsqa/files/rsa_keys/README.rst | 28 -- ci/new_tsqa/files/rsa_keys/ca.crt | 30 -- ci/new_tsqa/files/rsa_keys/ca.key | 51 --- ci/new_tsqa/files/rsa_keys/intermediate.crt| 29 -- ci/new_tsqa/files/rsa_keys/intermediate.key| 51 --- ci/new_tsqa/files/rsa_keys/www.example.com.pem | 52 --- ci/new_tsqa/files/rsa_keys/www.test.com.pem| 52 --- ci/new_tsqa/requirements.txt | 6 - ci/new_tsqa/tests/helpers.py | 56 --- ci/new_tsqa/tests/test_buildoptions.py | 61 --- ci/new_tsqa/tests/test_chunked.py | 196 ci/new_tsqa/tests/test_connect_attempts.py | 209 - ci/new_tsqa/tests/test_example.py | 234 -- ci/new_tsqa/tests/test_hostdb.py | 86 ci/new_tsqa/tests/test_https.py| 273 --- ci/new_tsqa/tests/test_keepalive.py| 476 ci/new_tsqa/tests/test_redirection.py | 41 -- ci/new_tsqa/tests/test_regressions.py | 82 ci/new_tsqa/tests/test_remap.py| 125 - ci/new_tsqa/tests/test_spdy_protocol_select.py | 156 --- ci/tsqa/Makefile | 43 ++ ci/tsqa/TODO | 7 + ci/tsqa/files/cert.pem | 20 + ci/tsqa/files/ec_keys/README.rst | 29 ++ ci/tsqa/files/ec_keys/ca.crt | 12 + ci/tsqa/files/ec_keys/ca.key | 8 + ci/tsqa/files/ec_keys/intermediate.crt | 10 + ci/tsqa/files/ec_keys/intermediate.key | 8 + ci/tsqa/files/ec_keys/www.example.com.pem | 15 + ci/tsqa/files/ec_keys/www.test.com.pem | 15 + ci/tsqa/files/key.pem | 28 ++ ci/tsqa/files/rsa_keys/README.rst | 28 ++ ci/tsqa/files/rsa_keys/ca.crt | 30 ++ ci/tsqa/files/rsa_keys/ca.key | 51 +++ ci/tsqa/files/rsa_keys/intermediate.crt| 29 ++ ci/tsqa/files/rsa_keys/intermediate.key| 51 +++ ci/tsqa/files/rsa_keys/www.example.com.pem | 52 +++ ci/tsqa/files/rsa_keys/www.test.com.pem| 52 +++ ci/tsqa/functions | 303 - ci/tsqa/requirements.txt | 6 + ci/tsqa/run_all.sh | 85 ci/tsqa/test-bootstrap | 41 -- ci/tsqa/test-log-configuration | 68 --- ci/tsqa/test-log-refcounting | 112 - ci/tsqa/test-multicert-loading | 81 ci/tsqa/test-privilege-elevation | 83 ci/tsqa/test-server-intercept | 80 ci/tsqa/test-ssl-certificates | 153 --- ci/tsqa/test-trafficline-metrics | 56 --- ci/tsqa/tests/helpers.py | 57 +++ ci/tsqa/tests/test_buildoptions.py | 61 +++ ci/tsqa/tests/test_chunked.py | 196 ci/tsqa/tests/test_connect_attempts.py | 209 + ci/tsqa/tests/test_example.py | 234 ++ ci/tsqa/tests/test_hostdb.py | 86 ci/tsqa/tests/test_https.py| 273 +++ ci/tsqa/tests/test_keepalive.py| 476 ci/tsqa/tests/test_redirection.py | 41 ++ ci/tsqa/tests/test_regressions.py | 82
[2/4] trafficserver git commit: Remove old tsqa, and replace it with the new python based one.
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/functions
--
diff --git a/ci/tsqa/functions b/ci/tsqa/functions
deleted file mode 100644
index f839108..000
--- a/ci/tsqa/functions
+++ /dev/null
@@ -1,303 +0,0 @@
-#! /usr/bin/env bash
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# License); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an AS IS BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-NCPU=${NCPU:-$(( $(getconf _NPROCESSORS_ONLN) * 2 ))} # Numer of CPUs to build
with
-PORT=${PORT:-9090}# Initial listen port
for Traffic Server
-VALGRIND=${VALGRIND:-N} # Whether to run under
valgrind
-TMPDIR=${TMPDIR:-/tmp}# Scratch directory for
test instance construction
-
-TSQA_FAIL=0 # Test failure count
-TSQA_TESNAME=${TSQA_TESTNAME:-tsqa} # Name of current test
-TSQA_ROOT=${TSQA_ROOT:-/tmp/$TSQA_TESTNAME.$RANDOM} # Filesystem root for
current test
-TSQA_TSXS=${TSQA_TSXS:-tsxs}
-
-# Print a log message/
-msg() {
- echo MSG: $@
-}
-
-msgwait() {
- local secs=$1
- shift
-
- echo MSG: waiting ${secs}s $@
- sleep $secs
-}
-
-# Print a failure message and increment the failure count.
-fail() {
- TSQA_FAIL=$(($TSQA_FAIL + 1))
- echo FAIL: $@ 12
-}
-
-# Fail and exit.
-fatal() {
- TSQA_FAIL=$(($TSQA_FAIL + 1))
- echo FATAL: $@ 12
- exit $TSQA_FAIL
-}
-
-# Run a command and silence any output on stderr.
-quiet() {
- $@ 2/dev/null
-}
-
-# Run a command with all output redirected to the pest log file.
-logexec() {
- echo $@ $TSQA_ROOT/$TSQA_TESTNAME.log 21
- $@ $TSQA_ROOT/$TSQA_TESTNAME.log 21
-}
-
-tsxs() {
- $TSQA_TSXS $@
-}
-
-tsexec() {
- local cmd=$1
- local run
- shift
-
- case $VALGRIND in
-y|yes|Y|YES|1) run=valgrind --trace-children=yes
--trace-children-skip=env env ;;
-*) run=env ;;
- esac
-
- # XXX enabling MallocStackLogging on all processes is annoying
- # because it logs 3 lines to stderr every time. We generally only
- # want leaks detection on traffic_server, so this is a bit of a
- # waste ...
-
- # MALLOC_CHECK_=2 = enable glibc malloc checking, abort on error
- # MallocStackLogging=1 = record OS X malloc stacks for leak checking
- $run \
- MALLOC_CHECK_=2 \
- MallocErrorAbort=1 \
- TS_ROOT=$TSQA_ROOT \
-$(bindir)/$cmd $@
-}
-
-reconfigure() {
- local srcdir=$1
- msg running autoreconf in $srcdir ...
- (
-cd $srcdir
-autoreconf -i
- ) autoreconf.log 21
-}
-
-install () {
- [[ -d $BUILD ]] rm -rf $BUILD
- [[ -d $PREFIX ]] rm -rf $PREFIX
-
- msg installing ...
- mkdir -p $BUILD (
-cd $BUILD
-$SRC/configure \
- --prefix=$PREFIX \
- --with-user=$(id -un) \
- --enable-debug \
- CCFLAGS=-O0 CXXFLAGS=-O0
-make -j $NCPU make install
- ) /dev/null
-
- msg installed to $PREFIX
-}
-
-logdir() {
- local prefix=$(tsxs -q PREFIX)
- tsxs -q LOGDIR | sed -es+$prefix/++
-}
-
-runtimedir() {
- local prefix=$(tsxs -q PREFIX)
- tsxs -q RUNTIMEDIR | sed -es+$prefix/++
-}
-
-sysconfdir() {
- local prefix=$(tsxs -q PREFIX)
- tsxs -q SYSCONFDIR | sed -es+$prefix/++
-}
-
-bindir() {
- tsxs -q BINDIR
-}
-
-# pidof(name): echo the pid of the given process name
-pidof() {
- case $1 in
- cop|manager|server);;
- *) fatal no such process name: $1
- esac
- quiet cat $TSQA_ROOT/$(runtimedir)/${1}.lock
-}
-
-# alive(name): Test whether the process name is alive.
-alive() {
- local pid=$(pidof $1)
- if [[ ! -z $pid ]] ; then
-quiet kill -0 $pid
-return $?
- fi
-
- false
-}
-
-# Start up Traffic Server. Test for all the processes so that we have a better
-# chance of delaying the test until traffic_server is ready.
-startup() {
- local log=$TSQA_ROOT/$(logdir)/cop.log
- ( tsexec traffic_cop --stdout $log )
- for proc in cop manager server; do
-for i in $(seq 10) ; do
- alive $proc msg $proc is alive break
- sleep 1
-done
- done
-
- # And a final sleep to let traffic_server come up ...
- sleep 2
-}
-
-# Shut down Traffic Server.
-shutdown() {
-
- # Quick'n'dirty cleanup of background jobs.
- jobs -p | while read pid ; do
-kill $pid
- done
-
- local pid=$(pidof cop)
- if [[ -z $pid ]] ; then
[1/4] trafficserver git commit: Remove old tsqa, and replace it with the new python based one.
Repository: trafficserver
Updated Branches:
refs/heads/master e895bcc6a - 51ea4aa9d
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/tests/test_keepalive.py
--
diff --git a/ci/tsqa/tests/test_keepalive.py b/ci/tsqa/tests/test_keepalive.py
new file mode 100644
index 000..0e501ce
--- /dev/null
+++ b/ci/tsqa/tests/test_keepalive.py
@@ -0,0 +1,476 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# License); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an AS IS BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import uuid
+import requests
+import time
+import logging
+import socket
+
+import helpers
+
+import tsqa.test_cases
+import tsqa.utils
+import tsqa.endpoint
+
+log = logging.getLogger(__name__)
+
+import SocketServer
+
+
+class KeepaliveTCPHandler(SocketServer.BaseRequestHandler):
+
+A subclass of RequestHandler which will return a connection uuid
+
+
+def handle(self):
+# Receive the data in small chunks and retransmit it
+start = time.time()
+conn_id = uuid.uuid4().hex
+while True:
+now = time.time() - start
+data = self.request.recv(4096).strip()
+if data:
+log.debug('Sending data back to the client:
{uid}'.format(uid=conn_id))
+else:
+log.debug('Client disconnected:
{timeout}seconds'.format(timeout=now))
+break
+body = conn_id
+resp = ('HTTP/1.1 200 OK\r\n'
+'Content-Length: {content_length}\r\n'
+'Content-Type: text/html; charset=UTF-8\r\n'
+'Connection: keep-alive\r\n'
+'\r\n'
+'{body}'.format(content_length=len(body), body=body))
+self.request.sendall(resp)
+
+
+class KeepAliveInMixin(object):
+Mixin for keep alive in.
+
+ TODO: Allow protocol to be specified for ssl traffic
+
+def _get_socket(self):
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+s.connect(('127.0.0.1',
int(self.configs['records.config']['CONFIG']['proxy.config.http.server_ports'])))
+return s
+
+def _headers_to_str(self, headers):
+if headers is None:
+headers = {}
+request = ''
+for k, v in headers.iteritems():
+request += '{0}: {1}\r\n'.format(k, v)
+return request
+
+def _aux_KA_working_path_connid(self, protocol, headers=None):
+# connect tcp
+s = self._get_socket()
+
+request = ('GET / HTTP/1.1\r\n'
+ 'Host: foobar.com\r\n')
+request += self._headers_to_str(headers)
+request += '\r\n'
+
+for x in xrange(1, 10):
+s.send(request)
+response = s.recv(4096)
+# cheat, since we know what the body should have
+if '\r\n\r\n' not in response:
+response += s.recv(4096)
+self.assertIn('HTTP/1.1 200 OK', response)
+self.assertIn('hello', response)
+
+def _aux_working_path(self, protocol, headers=None):
+# connect tcp
+s = self._get_socket()
+
+request = ('GET /exists/ HTTP/1.1\r\n'
+ 'Host: foobar.com\r\n')
+request += self._headers_to_str(headers)
+request += '\r\n'
+
+for x in xrange(1, 10):
+s.send(request)
+response = s.recv(4096)
+# cheat, since we know what the body should have
+if not response.endswith('hello'):
+response += s.recv(4096)
+self.assertIn('HTTP/1.1 200 OK', response)
+self.assertIn('hello', response)
+
+def _aux_error_path(self, protocol, headers=None):
+# connect tcp
+s = self._get_socket()
+
+request = ('GET / HTTP/1.1\r\n'
+ 'Host: foobar.com\r\n')
+request += self._headers_to_str(headers)
+request += '\r\n'
+for x in xrange(1, 10):
+s.send(request)
+response = s.recv(4096)
+self.assertIn('HTTP/1.1 404 Not Found on Accelerator', response)
+
+def _aux_error_path_post(self, protocol, headers=None):
+'''
+Ensure that sending a request with a body doesn't break
[3/4] trafficserver git commit: Remove old tsqa, and replace it with the new python based one.
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_https.py
--
diff --git a/ci/new_tsqa/tests/test_https.py b/ci/new_tsqa/tests/test_https.py
deleted file mode 100644
index a8914e6..000
--- a/ci/new_tsqa/tests/test_https.py
+++ /dev/null
@@ -1,273 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# License); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an AS IS BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import logging
-from OpenSSL import SSL
-import socket
-
-import helpers
-import tsqa.utils
-
-# some ciphers to test with
-CIPHER_MAP = {
-'rsa': 'ECDHE-RSA-AES256-GCM-SHA384',
-'ecdsa': 'ECDHE-ECDSA-AES256-GCM-SHA384',
-}
-
-
-class CertSelectionMixin(object):
-def _get_cert(self, addr, sni_name=None, ciphers=None):
-'''
-Return the certificate for addr. Optionally sending sni_name
-'''
-ctx = SSL.Context(SSL.TLSv1_2_METHOD)
-# Set up client
-sock = SSL.Connection(ctx, socket.socket(socket.AF_INET,
socket.SOCK_STREAM))
-sock.connect(addr)
-if sni_name is not None:
-sock.set_tlsext_host_name(sni_name)
-if ciphers is not None:
-ctx.set_cipher_list(ciphers)
-sock.do_handshake()
-return sock.get_peer_certificate()
-
-def _get_cert_chain(self, addr, sni_name=None, ciphers=None):
-'''
-Return the certificate chain for addr. Optionally sending sni_name
-'''
-ctx = SSL.Context(SSL.TLSv1_2_METHOD)
-# Set up client
-sock = SSL.Connection(ctx, socket.socket(socket.AF_INET,
socket.SOCK_STREAM))
-sock.connect(addr)
-if sni_name is not None:
-sock.set_tlsext_host_name(sni_name)
-if ciphers is not None:
-ctx.set_cipher_list(ciphers)
-sock.do_handshake()
-return sock.get_peer_cert_chain()
-
-def test_star_ordering(self):
-'''
-We should be served the first match, since we aren't sending SNI
headers
-'''
-addr = ('127.0.0.1', self.ssl_port)
-cert = self._get_cert(addr)
-self.assertEqual(cert.get_subject().commonName.decode(),
'www.example.com')
-
-def test_star_sni(self):
-'''
-Make sure we get the certificate we asked for if we pass in SNI headers
-'''
-addr = ('127.0.0.1', self.ssl_port)
-cert = self._get_cert(addr, sni_name='www.test.com')
-self.assertEqual(cert.get_subject().commonName.decode(),
'www.test.com')
-
-cert = self._get_cert(addr, sni_name='www.example.com')
-self.assertEqual(cert.get_subject().commonName.decode(),
'www.example.com')
-
-def test_ip_ordering(self):
-'''
-We should be served the first match, since we aren't sending SNI
headers
-'''
-addr = ('127.0.0.2', self.ssl_port)
-cert = self._get_cert(addr)
-self.assertEqual(cert.get_subject().commonName.decode(),
'www.example.com')
-
-def test_ip_sni(self):
-'''
-Make sure we get the certificate we asked for if we pass in SNI headers
-'''
-addr = ('127.0.0.2', self.ssl_port)
-cert = self._get_cert(addr, sni_name='www.test.com')
-self.assertEqual(cert.get_subject().commonName.decode(),
'www.test.com')
-
-cert = self._get_cert(addr, sni_name='www.example.com')
-self.assertEqual(cert.get_subject().commonName.decode(),
'www.example.com')
-
-def _intermediate_ca_t(self, cipher):
-'''
-Method for testing intermediate CAs. We assume that www.example.com
should
-return a certificate chaing of len 2 which includes intermediate.
-We also assume that www.test.com returns a single cert in the chain
which
-is *not* intermediate
-'''
-# send a request that *should* get an intermediate CA
-addr = ('127.0.0.1', self.ssl_port)
-cert_chain = self._get_cert_chain(addr, ciphers=CIPHER_MAP[cipher])
-self.assertEqual(len(cert_chain), 2)
-self.assertEqual(cert_chain[0].get_subject().commonName.decode(),
'www.example.com')
-self.assertEqual(cert_chain[1].get_subject().commonName.decode(),
'intermediate')
-
-# send a request that
trafficserver git commit: Correct path for source
Repository: trafficserver
Updated Branches:
refs/heads/master 51ea4aa9d - 157dd5032
Correct path for source
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/157dd503
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/157dd503
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/157dd503
Branch: refs/heads/master
Commit: 157dd50324f88922265f24fe4570c517c5c5d884
Parents: 51ea4aa
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 13:43:33 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 13:43:33 2015 -0700
--
ci/jenkins/bin/tsqa.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/157dd503/ci/jenkins/bin/tsqa.sh
--
diff --git a/ci/jenkins/bin/tsqa.sh b/ci/jenkins/bin/tsqa.sh
index ca7f895..5531d24 100755
--- a/ci/jenkins/bin/tsqa.sh
+++ b/ci/jenkins/bin/tsqa.sh
@@ -18,7 +18,7 @@
# Run all the TSQA tests.
TSQA_LAYOUT_DIR=${WORKSPACE}/${BUILD_NUMBER}
-cd ci/tsqa || exit 2
+cd ${WORKSPACE}/src/ci/tsqa || exit 2
make test
status=$?
trafficserver git commit: pass a layout dir with make test
Repository: trafficserver
Updated Branches:
refs/heads/master 2e51a7273 - 189c843f3
pass a layout dir with make test
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/189c843f
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/189c843f
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/189c843f
Branch: refs/heads/master
Commit: 189c843f3bafe306a5d1869ab73286c036b27cf1
Parents: 2e51a72
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 16:30:09 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 16:30:09 2015 -0700
--
ci/jenkins/bin/tsqa.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/189c843f/ci/jenkins/bin/tsqa.sh
--
diff --git a/ci/jenkins/bin/tsqa.sh b/ci/jenkins/bin/tsqa.sh
index 5531d24..744bdb5 100755
--- a/ci/jenkins/bin/tsqa.sh
+++ b/ci/jenkins/bin/tsqa.sh
@@ -19,7 +19,7 @@
# Run all the TSQA tests.
TSQA_LAYOUT_DIR=${WORKSPACE}/${BUILD_NUMBER}
cd ${WORKSPACE}/src/ci/tsqa || exit 2
-make test
+make test TSQA_LAYOUT_DIR=${TSQA_LAYOUT_DIR}
status=$?
# Exit with proper status
trafficserver git commit: Fix import error
Repository: trafficserver Updated Branches: refs/heads/master 7e75f960f - 5bb5b237b Fix import error Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/5bb5b237 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/5bb5b237 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/5bb5b237 Branch: refs/heads/master Commit: 5bb5b237b7a5324390fbd495e9027f54ed9b1706 Parents: 7e75f96 Author: Thomas Jackson jackso...@apache.org Authored: Thu Apr 30 17:22:51 2015 -0700 Committer: Thomas Jackson jackso...@apache.org Committed: Thu Apr 30 17:22:51 2015 -0700 -- ci/tsqa/tests/test_connect_attempts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/5bb5b237/ci/tsqa/tests/test_connect_attempts.py -- diff --git a/ci/tsqa/tests/test_connect_attempts.py b/ci/tsqa/tests/test_connect_attempts.py index 0a29632..08dc74b 100644 --- a/ci/tsqa/tests/test_connect_attempts.py +++ b/ci/tsqa/tests/test_connect_attempts.py @@ -182,7 +182,7 @@ class TestOriginServerConnectAttempts(helpers.EnvironmentCase): # TODO: FIX THIS!!! The test is correct, ATS isn't! # we should fail in this case-- or at least have a config which lets you control # TODO: remove once TS-3440 is resolved -@unittest.expectedFailure +@helpers.unittest.expectedFailure def test_partial_response_origin(self): ''' Verify that we get 504s from origins that return a partial_response
trafficserver git commit: TS-3576: Added comments in code on what I am doing
Repository: trafficserver
Updated Branches:
refs/heads/master d09c98003 - e09749ca9
TS-3576: Added comments in code on what I am doing
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/e09749ca
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/e09749ca
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/e09749ca
Branch: refs/heads/master
Commit: e09749ca94e8667079076a290180ca35589ea2d8
Parents: d09c980
Author: Bryan Call bc...@apache.org
Authored: Thu Apr 30 19:02:31 2015 -0700
Committer: Bryan Call bc...@apache.org
Committed: Thu Apr 30 19:02:31 2015 -0700
--
iocore/net/SSLUtils.cc | 3 +++
1 file changed, 3 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e09749ca/iocore/net/SSLUtils.cc
--
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 0b73244..881ca2f 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -143,6 +143,7 @@ SSL_locking_callback(int mode, int type, const char *file,
int line)
ink_assert(type CRYPTO_num_locks());
#ifdef OPENSSL_FIPS
+ // don't need to lock for FIPS if it has POSTed and we are not going to
change the mode on the fly
if (type == CRYPTO_LOCK_FIPS || type == CRYPTO_LOCK_FIPS2) {
return;
}
@@ -766,6 +767,8 @@ SSLInitializeLibrary()
SSL_library_init();
#ifdef OPENSSL_FIPS
+// calling FIPS_mode_set() will force FIPS to POST (Power On Self Test)
+// After POST we don't have to lock for FIPS
int mode = FIPS_mode();
FIPS_mode_set(mode);
Debug(ssl, FIPS_mode: %d, mode);
trafficserver git commit: Flake8 cleanup
Repository: trafficserver
Updated Branches:
refs/heads/master e09749ca9 - 9b5235de8
Flake8 cleanup
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/9b5235de
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/9b5235de
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/9b5235de
Branch: refs/heads/master
Commit: 9b5235de8cb24445ae51500627ead9b77ebbcbf1
Parents: e09749c
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 19:25:34 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 19:25:50 2015 -0700
--
ci/tsqa/tests/helpers.py | 2 ++
ci/tsqa/tests/test_buildoptions.py | 20 ---
ci/tsqa/tests/test_chunked.py | 6 ++--
ci/tsqa/tests/test_connect_attempts.py | 46 ++---
ci/tsqa/tests/test_example.py | 16 +
ci/tsqa/tests/test_hostdb.py | 3 --
ci/tsqa/tests/test_https.py| 27 ---
ci/tsqa/tests/test_keepalive.py| 46 +++--
ci/tsqa/tests/test_redirection.py | 1 +
ci/tsqa/tests/test_regressions.py | 6 ++--
ci/tsqa/tests/test_remap.py| 19 ++
ci/tsqa/tests/test_spdy_protocol_select.py | 44 +--
12 files changed, 129 insertions(+), 107 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9b5235de/ci/tsqa/tests/helpers.py
--
diff --git a/ci/tsqa/tests/helpers.py b/ci/tsqa/tests/helpers.py
index 7333569..167c0dc 100644
--- a/ci/tsqa/tests/helpers.py
+++ b/ci/tsqa/tests/helpers.py
@@ -22,6 +22,7 @@ import tsqa.utils
unittest = tsqa.utils.import_unittest()
+
# TODO: check that the given path is relative
def tests_file_path(path):
'''
@@ -30,6 +31,7 @@ def tests_file_path(path):
base = os.path.realpath(os.path.join(__file__, '..', '..', 'files'))
return os.path.join(base, path)
+
class EnvironmentCase(tsqa.test_cases.EnvironmentCase):
'''
This class will get an environment (which is unique) but won't start it
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9b5235de/ci/tsqa/tests/test_buildoptions.py
--
diff --git a/ci/tsqa/tests/test_buildoptions.py
b/ci/tsqa/tests/test_buildoptions.py
index 986e53d..d3588bb 100644
--- a/ci/tsqa/tests/test_buildoptions.py
+++ b/ci/tsqa/tests/test_buildoptions.py
@@ -18,16 +18,8 @@ Test that configuration options successfully compile
# See the License for the specific language governing permissions and
# limitations under the License.
-import os
-import sys
-import requests
-import time
-import subprocess
import logging
-
import helpers
-import tsqa.test_cases
-import tsqa.utils
log = logging.getLogger(__name__)
@@ -42,29 +34,31 @@ class TestBuildOption(helpers.EnvironmentCase):
class TestBuildOptionFastSDK(TestBuildOption):
'''Build with --enable-fast-sdk'''
-environment_factory = { 'configure': { 'enable-fast-sdk': None }, }
+environment_factory = {'configure': {'enable-fast-sdk': None}}
class TestBuildOptionDisableDiags(TestBuildOption):
'''Build with --disable-diags'''
-environment_factory = { 'configure': { 'disable-diags': None }, }
+environment_factory = {'configure': {'disable-diags': None}}
class TestBuildOptionDisableTests(TestBuildOption):
'''Build with --disable-tests'''
-environment_factory = { 'configure': { 'disable-tests': None }, }
+environment_factory = {'configure': {'disable-tests': None}}
class TestBuildOptionEnableStaticProxy(TestBuildOption):
'''Build with --enable-static-proxy'''
-environment_factory = { 'configure': { 'enable-static-proxy': None }, }
+environment_factory = {'configure': {'enable-static-proxy': None}}
+
@classmethod
def setUpClass(cls):
raise helpers.unittest.SkipTest('Skip until TS-3577 is resolved')
+
class TestBuildOptionEnableCxxApi(TestBuildOption):
'''Build with --enable-cppapi'''
-environment_factory = { 'configure': { 'enable-cppapi': None }, }
+environment_factory = {'configure': {'enable-cppapi': None}}
@classmethod
def setUpClass(cls):
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9b5235de/ci/tsqa/tests/test_chunked.py
--
diff --git a/ci/tsqa/tests/test_chunked.py b/ci/tsqa/tests/test_chunked.py
index 5d265f4..8d2e3af 100644
--- a/ci/tsqa/tests/test_chunked.py
+++ b/ci/tsqa/tests/test_chunked.py
@@ -17,7 +17,6 @@ Test chunked request/responses
# See the License for the specific language governing
trafficserver git commit: Fix naming collision
Repository: trafficserver
Updated Branches:
refs/heads/master 9b5235de8 - 31c544114
Fix naming collision
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/31c54411
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/31c54411
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/31c54411
Branch: refs/heads/master
Commit: 31c54411470ea8965a757fa4c0928907e4d489d4
Parents: 9b5235d
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 19:49:04 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 19:49:04 2015 -0700
--
ci/tsqa/tests/test_connect_attempts.py | 15 ---
1 file changed, 8 insertions(+), 7 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/31c54411/ci/tsqa/tests/test_connect_attempts.py
--
diff --git a/ci/tsqa/tests/test_connect_attempts.py
b/ci/tsqa/tests/test_connect_attempts.py
index ce44fe2..bb5e1a2 100644
--- a/ci/tsqa/tests/test_connect_attempts.py
+++ b/ci/tsqa/tests/test_connect_attempts.py
@@ -57,7 +57,7 @@ def thread_delayed_accept_after_connect(sock):
'HTTP/1.1 200 OK\r\n'
'Content-Length: {body_len}\r\n'
'Content-Type: text/html; charset=UTF-8\r\n'
-'Connection:
close\r\n\r\n{body}'.format(body_len=len(str(requests)), body=requests)
+'Connection:
close\r\n\r\n{body}'.format(body_len=len(str(num_requests)), body=num_requests)
))
connection.close()
num_requests += 1
@@ -71,10 +71,10 @@ def thread_delayed_accept_after_connect(sock):
def thread_reset_after_accept(sock):
sock.listen(0)
first = True
-requests = 0
+num_requests = 0
while True:
connection, addr = sock.accept()
-requests += 1
+num_requests += 1
if first:
first = False
connection.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER,
struct.pack('ii', 1, 0))
@@ -84,7 +84,7 @@ def thread_reset_after_accept(sock):
'HTTP/1.1 200 OK\r\n'
'Content-Length: {body_len}\r\n'
'Content-Type: text/html; charset=UTF-8\r\n'
-'Connection:
close\r\n\r\n{body}'.format(body_len=len(str(requests)), body=requests)
+'Connection:
close\r\n\r\n{body}'.format(body_len=len(str(num_requests)), body=num_requests)
))
connection.close()
@@ -92,10 +92,10 @@ def thread_reset_after_accept(sock):
def thread_partial_response(sock):
sock.listen(0)
first = True
-requests = 0
+num_requests = 0
while True:
connection, addr = sock.accept()
-requests += 1
+num_requests += 1
if first:
connection.send('HTTP/1.1 200 OK\r\n')
connection.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER,
struct.pack('ii', 1, 0))
@@ -106,7 +106,7 @@ def thread_partial_response(sock):
'HTTP/1.1 200 OK\r\n'
'Content-Length: {body_len}\r\n'
'Content-Type: text/html; charset=UTF-8\r\n'
-'Connection:
close\r\n\r\n{body}'.format(body_len=len(str(requests)), body=requests)
+'Connection:
close\r\n\r\n{body}'.format(body_len=len(str(num_requests)), body=num_requests)
))
connection.close()
@@ -212,4 +212,5 @@ class
TestOriginServerConnectAttempts(helpers.EnvironmentCase):
# make sure it worked
self.assertEqual(ret.status_code, 200)
# make sure its not the first one (otherwise the test messed up
somehow)
+print ret.text
self.assertGreater(int(ret.text), 0)
[2/2] trafficserver git commit: TS-3576: Remove the need for FIPS locking for OpenSSL
TS-3576: Remove the need for FIPS locking for OpenSSL
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/d41e96fa
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/d41e96fa
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/d41e96fa
Branch: refs/heads/master
Commit: d41e96fafb097c0918c7c57728adf1afd08f3e91
Parents: ba1d6f7
Author: Bryan Call bc...@apache.org
Authored: Thu Apr 30 18:42:30 2015 -0700
Committer: Bryan Call bc...@apache.org
Committed: Thu Apr 30 18:44:45 2015 -0700
--
iocore/net/SSLUtils.cc | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/d41e96fa/iocore/net/SSLUtils.cc
--
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 2fae482..0b73244 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -137,10 +137,17 @@ SSL_pthreads_thread_id()
}
static void
-SSL_locking_callback(int mode, int type, const char * /* file ATS_UNUSED */,
int /* line ATS_UNUSED */)
+SSL_locking_callback(int mode, int type, const char *file, int line)
{
+ Debug(ssl_lock, file: %s line: %d type: %d, file, line, type);
ink_assert(type CRYPTO_num_locks());
+#ifdef OPENSSL_FIPS
+ if (type == CRYPTO_LOCK_FIPS || type == CRYPTO_LOCK_FIPS2) {
+return;
+ }
+#endif
+
if (mode CRYPTO_LOCK) {
pthread_mutex_lock(mutex_buf[type]);
} else if (mode CRYPTO_UNLOCK) {
@@ -151,6 +158,7 @@ SSL_locking_callback(int mode, int type, const char * /*
file ATS_UNUSED */, int
}
}
+
static bool
SSL_CTX_add_extra_chain_cert_file(SSL_CTX *ctx, const char *chainfile)
{
@@ -757,6 +765,12 @@ SSLInitializeLibrary()
SSL_load_error_strings();
SSL_library_init();
+#ifdef OPENSSL_FIPS
+int mode = FIPS_mode();
+FIPS_mode_set(mode);
+Debug(ssl, FIPS_mode: %d, mode);
+#endif
+
mutex_buf = (pthread_mutex_t *)OPENSSL_malloc(CRYPTO_num_locks() *
sizeof(pthread_mutex_t));
for (int i = 0; i CRYPTO_num_locks(); i++) {
[2/2] trafficserver git commit: Correctly pass headers in request to ATS
Correctly pass headers in request to ATS
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/502a3b50
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/502a3b50
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/502a3b50
Branch: refs/heads/master
Commit: 502a3b5040fcf86a9d836a13029843299f3b8c0d
Parents: ba2f123
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 17:49:37 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 17:49:37 2015 -0700
--
ci/tsqa/tests/test_keepalive.py | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/502a3b50/ci/tsqa/tests/test_keepalive.py
--
diff --git a/ci/tsqa/tests/test_keepalive.py b/ci/tsqa/tests/test_keepalive.py
index 3e77388..5216282 100644
--- a/ci/tsqa/tests/test_keepalive.py
+++ b/ci/tsqa/tests/test_keepalive.py
@@ -77,11 +77,13 @@ class KeepAliveInMixin(object):
return request
def _aux_KA_working_path_connid(self, protocol, headers=None):
+if headers is None:
+headers = {}
with requests.Session() as s:
url = '{0}://127.0.0.1:{1}/'.format(protocol,
int(self.configs['records.config']['CONFIG']['proxy.config.http.server_ports']))
conn_id = None
for x in xrange(1, 10):
-ret = requests.get(url)
+ret = requests.get(url, headers=headers)
self.assertEqual(ret.status_code, 200)
if conn_id is None:
conn_id = ret.text
@@ -440,6 +442,7 @@ class
TestKeepAlive_Authorization_private(helpers.EnvironmentCase, BasicTestsOut
self._aux_KA_working_path_connid(http, headers={'Authorization':
'Foo'})
+
class TestKeepAlive_Authorization_no_private(helpers.EnvironmentCase,
BasicTestsOutMixin, KeepAliveInMixin):
@classmethod
def setUpEnv(cls, env):
[1/2] trafficserver git commit: Disable tests of enable-static-proxy until TS-3577 is resolved
Repository: trafficserver
Updated Branches:
refs/heads/master 5bb5b237b - 502a3b504
Disable tests of enable-static-proxy until TS-3577 is resolved
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/ba2f1239
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/ba2f1239
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/ba2f1239
Branch: refs/heads/master
Commit: ba2f1239d5b4cc1ece8c1df199310d12a5e9de86
Parents: 5bb5b23
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 17:35:47 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 17:35:47 2015 -0700
--
ci/tsqa/tests/test_buildoptions.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/ba2f1239/ci/tsqa/tests/test_buildoptions.py
--
diff --git a/ci/tsqa/tests/test_buildoptions.py
b/ci/tsqa/tests/test_buildoptions.py
index 35e97b7..986e53d 100644
--- a/ci/tsqa/tests/test_buildoptions.py
+++ b/ci/tsqa/tests/test_buildoptions.py
@@ -58,7 +58,9 @@ class TestBuildOptionDisableTests(TestBuildOption):
class TestBuildOptionEnableStaticProxy(TestBuildOption):
'''Build with --enable-static-proxy'''
environment_factory = { 'configure': { 'enable-static-proxy': None }, }
-
+@classmethod
+def setUpClass(cls):
+raise helpers.unittest.SkipTest('Skip until TS-3577 is resolved')
class TestBuildOptionEnableCxxApi(TestBuildOption):
'''Build with --enable-cppapi'''
trafficserver git commit: Initial add of README for tests
Repository: trafficserver Updated Branches: refs/heads/master 502a3b504 - ba1d6f7c9 Initial add of README for tests Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/ba1d6f7c Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/ba1d6f7c Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/ba1d6f7c Branch: refs/heads/master Commit: ba1d6f7c9394c5efadb68cf9cf06f9b90f267b09 Parents: 502a3b5 Author: Thomas Jackson jackso...@apache.org Authored: Thu Apr 30 18:21:46 2015 -0700 Committer: Thomas Jackson jackso...@apache.org Committed: Thu Apr 30 18:30:07 2015 -0700 -- ci/tsqa/README.rst | 52 + 1 file changed, 52 insertions(+) -- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/ba1d6f7c/ci/tsqa/README.rst -- diff --git a/ci/tsqa/README.rst b/ci/tsqa/README.rst new file mode 100644 index 000..236ffb7 --- /dev/null +++ b/ci/tsqa/README.rst @@ -0,0 +1,52 @@ +.. Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + License); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. + +== +How do I run TSQA? +== +TSQA is mostly self contained (using python's virutalenv). There are currently only +two external depencies (below package names are for RHEL/Centos): +- python-virtualenv +- libcffi-devel + +Once these two packages are available you simply need to run make test in this +directory to run all tests. + +If you wish to run single tests you may do so by using nosetests from the +virtualenv directly-- this can be done by running something like: + +./virtualenv/bin/nosetests tests/test_example.py + + += +How do I write tests? += +There are examples here in the trafficserver source tree (test_example.py), in +trafficserver-qa (https://github.com/apache/trafficserver-qa/tree/master/examples), +and other test cases to read through. If you have any questions please feel free +to send mail to the mailing lists, or pop onto IRC. + + += +Where do I put tests? += +At this point there aren't a lot of tests, so it may be difficult to know *where* +to put your test. The general plan is to group tests by functionality. For example, +if you have a keepalive test it should go with the rest of the keepalive tests. +In general where we put the test is a lot less important than the test itself. +So if you are confused about where to put it please write the test and submit a +patch or pull request, and someone will help you place it.
[2/2] trafficserver-qa git commit: Add info messages for build start/complete
Add info messages for build start/complete
Project: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/commit/9ba51c9a
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/tree/9ba51c9a
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/diff/9ba51c9a
Branch: refs/heads/master
Commit: 9ba51c9a2f0c64abf2cd617cb69963626c1e4835
Parents: 4baa3a0
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 16:31:49 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 16:31:49 2015 -0700
--
tsqa/environment.py | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver-qa/blob/9ba51c9a/tsqa/environment.py
--
diff --git a/tsqa/environment.py b/tsqa/environment.py
index 7fff3ed..0e5c78d 100644
--- a/tsqa/environment.py
+++ b/tsqa/environment.py
@@ -160,8 +160,11 @@ class EnvironmentFactory(object):
}
if log.isEnabledFor(logging.DEBUG):
-kwargs.pop('stdout')
-kwargs.pop('stderr')
+# if this is debug, lets not capture the output and let it
go to
+# stdout and stderr
+kwargs['stdout'] = None
+kwargs['stderr'] = None
+log.info('Starting build ({0}): configure {1}'.format(key,
configure))
# configure
args = [os.path.join(self.source_dir, 'configure'),
'--prefix=/'] + tsqa.utils.configure_list(configure)
@@ -181,6 +184,7 @@ class EnvironmentFactory(object):
'configuration': args,
'env': env_key,
}
+log.info('Build completed ({0}): configure {1}'.format(key,
configure))
except Exception as e:
EnvironmentFactory.negative_cache[key] = e
raise
[1/2] trafficserver-qa git commit: Correct debug output of builds
Repository: trafficserver-qa
Updated Branches:
refs/heads/master 12e3fa62b - 9ba51c9a2
Correct debug output of builds
Project: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/commit/4baa3a0a
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/tree/4baa3a0a
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/diff/4baa3a0a
Branch: refs/heads/master
Commit: 4baa3a0aaddc502960a6c1f69b16eae67037e1a9
Parents: 12e3fa6
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 16:26:06 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 16:26:06 2015 -0700
--
tsqa/environment.py | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver-qa/blob/4baa3a0a/tsqa/environment.py
--
diff --git a/tsqa/environment.py b/tsqa/environment.py
index 513588c..7fff3ed 100644
--- a/tsqa/environment.py
+++ b/tsqa/environment.py
@@ -160,8 +160,8 @@ class EnvironmentFactory(object):
}
if log.isEnabledFor(logging.DEBUG):
-kwargs['stdout'] = sys.stdout.fileno()
-kwargs['stderr'] = sys.stderr.fileno()
+kwargs.pop('stdout')
+kwargs.pop('stderr')
# configure
args = [os.path.join(self.source_dir, 'configure'),
'--prefix=/'] + tsqa.utils.configure_list(configure)
@@ -178,7 +178,8 @@ class EnvironmentFactory(object):
# stash the env
self.environment_stash[key] = {
'path': installdir,
-'configuration': args
+'configuration': args,
+'env': env_key,
}
except Exception as e:
EnvironmentFactory.negative_cache[key] = e
trafficserver git commit: Increase proxy.config.hostdb.lookup_timeout for tests, since Jenkins is a bit slow
Repository: trafficserver
Updated Branches:
refs/heads/master 6f71be9b3 - c52ad16c0
Increase proxy.config.hostdb.lookup_timeout for tests, since Jenkins is a bit
slow
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c52ad16c
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c52ad16c
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c52ad16c
Branch: refs/heads/master
Commit: c52ad16c0bee26e40777f3841e35db219dfdbc63
Parents: 6f71be9
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 17:03:03 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 17:03:03 2015 -0700
--
ci/tsqa/tests/test_hostdb.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c52ad16c/ci/tsqa/tests/test_hostdb.py
--
diff --git a/ci/tsqa/tests/test_hostdb.py b/ci/tsqa/tests/test_hostdb.py
index 46bec6a..6d0ce9c 100644
--- a/ci/tsqa/tests/test_hostdb.py
+++ b/ci/tsqa/tests/test_hostdb.py
@@ -37,7 +37,7 @@ class TestHostDBPartiallyFailedDNS(helpers.EnvironmentCase):
cls.configs['records.config']['CONFIG'].update({
'proxy.config.http.response_server_enabled': 2, # only add server
headers when there weren't any
-'proxy.config.hostdb.lookup_timeout': 1,
+'proxy.config.hostdb.lookup_timeout': 2,
'proxy.config.dns.resolv_conf': resolv_conf_path,
'proxy.config.url_remap.remap_required': 0,
@@ -66,7 +66,7 @@ class TestHostDBFailedDNS(helpers.EnvironmentCase):
cls.configs['records.config']['CONFIG'].update({
'proxy.config.http.response_server_enabled': 2, # only add server
headers when there weren't any
-'proxy.config.hostdb.lookup_timeout': 1,
+'proxy.config.hostdb.lookup_timeout': 2,
'proxy.config.dns.resolv_conf': resolv_conf_path,
'proxy.config.url_remap.remap_required': 0,
trafficserver git commit: Skip atscppapi builds until it supports out-of-tree builds
Repository: trafficserver
Updated Branches:
refs/heads/master c52ad16c0 - 7e75f960f
Skip atscppapi builds until it supports out-of-tree builds
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/7e75f960
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/7e75f960
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/7e75f960
Branch: refs/heads/master
Commit: 7e75f960ffc75fbbf2cab597ba0daf3c140c15af
Parents: c52ad16
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 17:13:31 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 17:13:31 2015 -0700
--
ci/tsqa/tests/test_buildoptions.py | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/7e75f960/ci/tsqa/tests/test_buildoptions.py
--
diff --git a/ci/tsqa/tests/test_buildoptions.py
b/ci/tsqa/tests/test_buildoptions.py
index 2279062..35e97b7 100644
--- a/ci/tsqa/tests/test_buildoptions.py
+++ b/ci/tsqa/tests/test_buildoptions.py
@@ -31,31 +31,39 @@ import tsqa.utils
log = logging.getLogger(__name__)
+
class TestBuildOption(helpers.EnvironmentCase):
'''
Run the built-in traffic_server regression test suite.
'''
-
def test_buildoption(self):
pass
+
class TestBuildOptionFastSDK(TestBuildOption):
'''Build with --enable-fast-sdk'''
environment_factory = { 'configure': { 'enable-fast-sdk': None }, }
+
class TestBuildOptionDisableDiags(TestBuildOption):
'''Build with --disable-diags'''
environment_factory = { 'configure': { 'disable-diags': None }, }
+
class TestBuildOptionDisableTests(TestBuildOption):
'''Build with --disable-tests'''
environment_factory = { 'configure': { 'disable-tests': None }, }
+
class TestBuildOptionEnableStaticProxy(TestBuildOption):
'''Build with --enable-static-proxy'''
environment_factory = { 'configure': { 'enable-static-proxy': None }, }
+
class TestBuildOptionEnableCxxApi(TestBuildOption):
'''Build with --enable-cppapi'''
environment_factory = { 'configure': { 'enable-cppapi': None }, }
+@classmethod
+def setUpClass(cls):
+raise helpers.unittest.SkipTest('Skip until atscppapi supports out of
tree builds')
trafficserver-qa git commit: Stop doing distclean between builds. This will significantly reduce build times
Repository: trafficserver-qa Updated Branches: refs/heads/master 37f87d70b - 12e3fa62b Stop doing distclean between builds. This will significantly reduce build times Project: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/commit/12e3fa62 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/tree/12e3fa62 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver-qa/diff/12e3fa62 Branch: refs/heads/master Commit: 12e3fa62b05b0e354cc69ff6259db75f4bc07dae Parents: 37f87d7 Author: Thomas Jackson jackso...@apache.org Authored: Thu Apr 30 15:58:02 2015 -0700 Committer: Thomas Jackson jackso...@apache.org Committed: Thu Apr 30 15:58:02 2015 -0700 -- tsqa/environment.py | 5 - 1 file changed, 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/trafficserver-qa/blob/12e3fa62/tsqa/environment.py -- diff --git a/tsqa/environment.py b/tsqa/environment.py index 33589e8..513588c 100644 --- a/tsqa/environment.py +++ b/tsqa/environment.py @@ -83,11 +83,6 @@ class EnvironmentFactory(object): kwargs['stdout'] = None kwargs['stderr'] = None -# run autoreconf in source tree -try: -tsqa.utils.run_sync_command(['make', 'distclean'], **kwargs) -except: -pass tsqa.utils.run_sync_command(['autoreconf', '-if'], **kwargs) @property
[4/4] trafficserver git commit: Correct exception name, now that we enforce a timeout
Correct exception name, now that we enforce a timeout
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/6f71be9b
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/6f71be9b
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/6f71be9b
Branch: refs/heads/master
Commit: 6f71be9b33e9f64581ec06529b90377fdc890208
Parents: 3ac5114
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 17:00:38 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 17:00:48 2015 -0700
--
ci/tsqa/tests/test_chunked.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6f71be9b/ci/tsqa/tests/test_chunked.py
--
diff --git a/ci/tsqa/tests/test_chunked.py b/ci/tsqa/tests/test_chunked.py
index 9b7fdc0..5d265f4 100644
--- a/ci/tsqa/tests/test_chunked.py
+++ b/ci/tsqa/tests/test_chunked.py
@@ -192,5 +192,5 @@ class TestChunked(helpers.EnvironmentCase):
def test_chunked_bad_close(self):
url = 'http://127.0.0.1:{0}/5/0.1/false'.format(self.port)
-with self.assertRaises(requests.exceptions.ConnectionError):
+with self.assertRaises(socket.timeout):
ret = requests.get(url, proxies=self.proxies, timeout=2)
[3/4] trafficserver git commit: Add ExpectedFailure for testcase of TS-3440
Add ExpectedFailure for testcase of TS-3440 Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/3ac5114c Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/3ac5114c Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/3ac5114c Branch: refs/heads/master Commit: 3ac5114cd4d9c11db4ad7052ba5612c7399b4d10 Parents: 7759b24 Author: Thomas Jackson jackso...@apache.org Authored: Thu Apr 30 16:53:19 2015 -0700 Committer: Thomas Jackson jackso...@apache.org Committed: Thu Apr 30 16:53:19 2015 -0700 -- ci/tsqa/tests/test_connect_attempts.py | 2 ++ 1 file changed, 2 insertions(+) -- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/3ac5114c/ci/tsqa/tests/test_connect_attempts.py -- diff --git a/ci/tsqa/tests/test_connect_attempts.py b/ci/tsqa/tests/test_connect_attempts.py index 9979e33..0a29632 100644 --- a/ci/tsqa/tests/test_connect_attempts.py +++ b/ci/tsqa/tests/test_connect_attempts.py @@ -181,6 +181,8 @@ class TestOriginServerConnectAttempts(helpers.EnvironmentCase): # TODO: FIX THIS!!! The test is correct, ATS isn't! # we should fail in this case-- or at least have a config which lets you control +# TODO: remove once TS-3440 is resolved +@unittest.expectedFailure def test_partial_response_origin(self): ''' Verify that we get 504s from origins that return a partial_response
[1/4] trafficserver git commit: Use requests instead of raw sockets
Repository: trafficserver
Updated Branches:
refs/heads/master 189c843f3 - 6f71be9b3
Use requests instead of raw sockets
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c4a18790
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c4a18790
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c4a18790
Branch: refs/heads/master
Commit: c4a187905cbdb719b428010d2d4c032e00b76fe1
Parents: 189c843
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 16:44:04 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 16:44:04 2015 -0700
--
ci/tsqa/tests/test_keepalive.py | 26 ++
1 file changed, 10 insertions(+), 16 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c4a18790/ci/tsqa/tests/test_keepalive.py
--
diff --git a/ci/tsqa/tests/test_keepalive.py b/ci/tsqa/tests/test_keepalive.py
index 0e501ce..3e77388 100644
--- a/ci/tsqa/tests/test_keepalive.py
+++ b/ci/tsqa/tests/test_keepalive.py
@@ -77,22 +77,16 @@ class KeepAliveInMixin(object):
return request
def _aux_KA_working_path_connid(self, protocol, headers=None):
-# connect tcp
-s = self._get_socket()
-
-request = ('GET / HTTP/1.1\r\n'
- 'Host: foobar.com\r\n')
-request += self._headers_to_str(headers)
-request += '\r\n'
-
-for x in xrange(1, 10):
-s.send(request)
-response = s.recv(4096)
-# cheat, since we know what the body should have
-if '\r\n\r\n' not in response:
-response += s.recv(4096)
-self.assertIn('HTTP/1.1 200 OK', response)
-self.assertIn('hello', response)
+with requests.Session() as s:
+url = '{0}://127.0.0.1:{1}/'.format(protocol,
int(self.configs['records.config']['CONFIG']['proxy.config.http.server_ports']))
+conn_id = None
+for x in xrange(1, 10):
+ret = requests.get(url)
+self.assertEqual(ret.status_code, 200)
+if conn_id is None:
+conn_id = ret.text
+else:
+self.assertEqual(ret.text, conn_id)
def _aux_working_path(self, protocol, headers=None):
# connect tcp
[2/4] trafficserver git commit: Mark the failures from TS-3518 as expected failures until a fix is committed
Mark the failures from TS-3518 as expected failures until a fix is committed
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/7759b247
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/7759b247
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/7759b247
Branch: refs/heads/master
Commit: 7759b24709625f1f6e619713108efed1526f8b3b
Parents: c4a1879
Author: Thomas Jackson jackso...@apache.org
Authored: Thu Apr 30 16:47:21 2015 -0700
Committer: Thomas Jackson jackso...@apache.org
Committed: Thu Apr 30 16:47:21 2015 -0700
--
ci/tsqa/tests/test_https.py | 5 +
1 file changed, 5 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/7759b247/ci/tsqa/tests/test_https.py
--
diff --git a/ci/tsqa/tests/test_https.py b/ci/tsqa/tests/test_https.py
index a8914e6..9273b4f 100644
--- a/ci/tsqa/tests/test_https.py
+++ b/ci/tsqa/tests/test_https.py
@@ -20,6 +20,7 @@ import socket
import helpers
import tsqa.utils
+unittest = tsqa.utils.import_unittest()
# some ciphers to test with
CIPHER_MAP = {
@@ -266,8 +267,12 @@ class TestMix(helpers.EnvironmentCase, CertSelectionMixin):
cert = self._get_cert(addr, ciphers=CIPHER_MAP['ecdsa'])
self.assertEqual(cert.get_subject().commonName.decode(),
'www.example.com')
+# TODO: remove once TS-3518 is resolved
+@unittest.expectedFailure
def test_intermediate_ca_rsa(self):
self._intermediate_ca_t('rsa')
+# TODO: remove once TS-3518 is resolved
+@unittest.expectedFailure
def test_intermediate_ca_ecdsa(self):
self._intermediate_ca_t('ecdsa')
trafficserver git commit: TS-3538: ATS should perform validity checks on certificate prior to serving. This closes #195.
Repository: trafficserver
Updated Branches:
refs/heads/master c2ed99714 - ac5f73a03
TS-3538: ATS should perform validity checks on certificate prior to serving.
This closes #195.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/ac5f73a0
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/ac5f73a0
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/ac5f73a0
Branch: refs/heads/master
Commit: ac5f73a0398df7581ccb34b0d6c6d400ea810336
Parents: c2ed997
Author: Dave Thompson da...@yahoo-inc.com
Authored: Thu Apr 30 10:19:32 2015 -0500
Committer: shinrich shinr...@yahoo-inc.com
Committed: Thu Apr 30 10:19:32 2015 -0500
--
CHANGES| 2 ++
iocore/net/SSLUtils.cc | 76 +
2 files changed, 78 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/ac5f73a0/CHANGES
--
diff --git a/CHANGES b/CHANGES
index 7760948..eae4f99 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
-*- coding: utf-8 -*-
Changes with Apache Traffic Server 6.0.0
+ *) [TS-3538]: Perform server certificate validity check.
+
*) [TS-3549]: Configurable option to avoid thundering herd problem
for multiple concurrent requests. The initial POC patch for this
solution came from Justin Laue. This patch will further be
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/ac5f73a0/iocore/net/SSLUtils.cc
--
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 76727c5..2fae482 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -1148,6 +1148,74 @@ SSLPrivateKeyHandler(SSL_CTX *ctx, const SSLConfigParams
*params, const ats_scop
return true;
}
+static int
+SSLCheckServerCertNow(const char *certFilename)
+{
+BIO*bioFP = NULL;
+X509 *myCert;
+inttimeCmpValue;
+time_t currentTime;
+
+// SSLCheckServerCertNow() - returns 0 on OK or negative value on failure
+// and update log as appropriate.
+// Will check:
+// - if file exists, and has read permissions
+// - for truncation or other PEM read fail
+// - current time is between notBefore and notAfter dates of certificate
+// if anything is not kosher, a negative value is returned and appropriate
error logged.
+
+if ((!certFilename) || (!(*certFilename))) {
+return -2;
+}
+
+if ((bioFP = BIO_new(BIO_s_file())) == NULL) {
+Error(BIO_new() failed for server certificate check. Out of
memory?);
+return -1;
+}
+
+if (BIO_read_filename(bioFP, certFilename) = 0) {
+// file not found, or not accessible due to permissions
+Error(Can't open server certificate file: \%s\\n,certFilename);
+BIO_free(bioFP);
+return -2;
+}
+
+myCert = PEM_read_bio_X509(bioFP, NULL, 0, NULL);
+BIO_free(bioFP);
+if (! myCert) {
+// a truncated certificate would fall into here
+Error(Error during server certificate PEM read. Is this a PEM format
certificate?: \%s\\n,certFilename);
+return -3;
+}
+
+time(currentTime);
+if (!(timeCmpValue = X509_cmp_time(X509_get_notBefore(myCert),
currentTime))) {
+// an error occured parsing the time, which we'll call a bogosity
+Error(Error occured while parsing server certificate notBefore
time.);
+return -3;
+} else if ( 0 timeCmpValue) {
+// cert contains a date before the notBefore
+Error(Server certificate notBefore date is in the future - INVALID
CERTIFICATE: %s,certFilename);
+return -4;
+}
+
+if (!(timeCmpValue = X509_cmp_time(X509_get_notAfter(myCert),
currentTime))) {
+// an error occured parsing the time, which we'll call a bogosity
+Error(Error occured while parsing server certificate notAfter time.);
+return -3;
+} else if ( 0 timeCmpValue) {
+// cert is expired
+Error(Server certificate EXPIRED - INVALID CERTIFICATE:
%s,certFilename);
+return -5;
+}
+
+Debug(ssl,Server certificate passed accessibility and date checks:
\%s\,certFilename);
+return 0; // all good
+
+} /* CheckServerCertNow() */
+
+
+
SSL_CTX *
SSLInitServerContext(const SSLConfigParams *params, const ssl_user_config
sslMultCertSettings)
{
@@ -1624,6 +1692,14 @@ ssl_store_ssl_context(const SSLConfigParams *params,
SSLCertLookup *lookup, cons
certpath = NULL;
}
+ if (0 SSLCheckServerCertNow((const char *) certpath)) {
+/* At this point, we know cert is bad, and we've already printed a
+ descriptive reason as to why cert is bad to the log file */
+
trafficserver git commit: Remove the normalization for the @header, which are never leaked externally (Incidentally, the @DataInfo has also been renamed as @Ats-Internal with TS-3549)
Repository: trafficserver Updated Branches: refs/heads/master ac5f73a03 - cec7e3c2a Remove the normalization for the @header, which are never leaked externally (Incidentally, the @DataInfo has also been renamed as @Ats-Internal with TS-3549) Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/cec7e3c2 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/cec7e3c2 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/cec7e3c2 Branch: refs/heads/master Commit: cec7e3c2a6a373ff37430d6bb03976d1e42f3726 Parents: ac5f73a Author: Sudheer Vinukonda sudhe...@yahoo-inc.com Authored: Thu Apr 30 16:12:14 2015 + Committer: Sudheer Vinukonda sudhe...@yahoo-inc.com Committed: Thu Apr 30 16:12:14 2015 + -- plugins/experimental/header_normalize/header_normalize.cc | 1 - 1 file changed, 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cec7e3c2/plugins/experimental/header_normalize/header_normalize.cc -- diff --git a/plugins/experimental/header_normalize/header_normalize.cc b/plugins/experimental/header_normalize/header_normalize.cc index 1a49965..97e6bbf 100644 --- a/plugins/experimental/header_normalize/header_normalize.cc +++ b/plugins/experimental/header_normalize/header_normalize.cc @@ -134,7 +134,6 @@ buildHdrMap() hdrMap[warning] = Warning; hdrMap[www-authenticate] = Www-Authenticate; hdrMap[xref] = Xref; - hdrMap[@datainfo] = @DataInfo; hdrMap[x-id] = X-ID; hdrMap[x-forwarded-for] = X-Forwarded-For; hdrMap[sec-websocket-key] = Sec-WebSocket-Key;
