[trafficserver] branch quic-latest updated (0a4524d -> 54be99c)

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a change to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.


from 0a4524d  [draft-14] Remove 
QUICTransErrorCode::UNSOLICITED_PATH_RESPONSE
 new 0c34702  Add unit tests using draft-14 test vectors for clear text 
AEAD key derivation
 new 54be99c  Simplify content type strings and handshake type strings

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 iocore/net/quic/QUICTLS_openssl.cc| 34 +++
 iocore/net/quic/test/test_QUICKeyGenerator.cc | 61 ++-
 2 files changed, 77 insertions(+), 18 deletions(-)

[trafficserver] 02/02: Simplify content type strings and handshake type strings

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 54be99c2bc1fcbdca1f586f491432654a4067d6e
Author: Masaori Koshiba 
AuthorDate: Wed Sep 12 16:10:28 2018 +0900

Simplify content type strings and handshake type strings
---
 iocore/net/quic/QUICTLS_openssl.cc | 34 +-
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/iocore/net/quic/QUICTLS_openssl.cc 
b/iocore/net/quic/QUICTLS_openssl.cc
index 9fffe46..7754ed3 100644
--- a/iocore/net/quic/QUICTLS_openssl.cc
+++ b/iocore/net/quic/QUICTLS_openssl.cc
@@ -38,21 +38,21 @@ content_type_str(int type)
 {
   switch (type) {
   case SSL3_RT_CHANGE_CIPHER_SPEC:
-return "SSL3_RT_CHANGE_CIPHER_SPEC";
+return "CHANGE_CIPHER_SPEC";
   case SSL3_RT_ALERT:
-return "SSL3_RT_ALERT";
+return "ALERT";
   case SSL3_RT_HANDSHAKE:
-return "SSL3_RT_HANDSHAKE";
+return "HANDSHAKE";
   case SSL3_RT_APPLICATION_DATA:
-return "SSL3_RT_APPLICATION_DATA";
+return "APPLICATION_DATA";
   case SSL3_RT_HEADER:
 // The buf contains the record header bytes only
-return "SSL3_RT_HEADER";
+return "HEADER";
   case SSL3_RT_INNER_CONTENT_TYPE:
 // Used when an encrypted TLSv1.3 record is sent or received. In encrypted 
TLSv1.3 records the content type in the record header
 // is always SSL3_RT_APPLICATION_DATA. The real content type for the 
record is contained in an "inner" content type. buf
 // contains the encoded "inner" content type byte.
-return "SSL3_RT_INNER_CONTENT_TYPE";
+return "INNER_CONTENT_TYPE";
   default:
 return "UNKNOWN";
   }
@@ -63,25 +63,25 @@ hs_type_str(int type)
 {
   switch (type) {
   case SSL3_MT_CLIENT_HELLO:
-return "SSL3_MT_CLIENT_HELLO";
+return "CLIENT_HELLO";
   case SSL3_MT_SERVER_HELLO:
-return "SSL3_MT_SERVER_HELLO";
+return "SERVER_HELLO";
   case SSL3_MT_NEWSESSION_TICKET:
-return "SSL3_MT_NEWSESSION_TICKET";
+return "NEWSESSION_TICKET";
   case SSL3_MT_END_OF_EARLY_DATA:
-return "SSL3_MT_END_OF_EARLY_DATA";
+return "END_OF_EARLY_DATA";
   case SSL3_MT_ENCRYPTED_EXTENSIONS:
-return "SSL3_MT_ENCRYPTED_EXTENSIONS";
+return "ENCRYPTED_EXTENSIONS";
   case SSL3_MT_CERTIFICATE:
-return "SSL3_MT_CERTIFICATE";
+return "CERTIFICATE";
   case SSL3_MT_CERTIFICATE_VERIFY:
-return "SSL3_MT_CERTIFICATE_VERIFY";
+return "CERTIFICATE_VERIFY";
   case SSL3_MT_FINISHED:
-return "SSL3_MT_FINISHED";
+return "FINISHED";
   case SSL3_MT_KEY_UPDATE:
-return "SSL3_MT_KEY_UPDATE";
+return "KEY_UPDATE";
   case SSL3_MT_MESSAGE_HASH:
-return "SSL3_MT_MESSAGE_HASH";
+return "MESSAGE_HASH";
   default:
 return "UNKNOWN";
   }
@@ -95,7 +95,7 @@ msg_cb(int write_p, int version, int content_type, const void 
*buf, size_t len,
 const uint8_t *tmp = reinterpret_cast(buf);
 int msg_type   = tmp[0];
 
-Debug("v_quic_crypto", "%s (%d), %s (%d)", content_type_str(content_type), 
content_type, hs_type_str(msg_type), msg_type);
+Debug(tag, "%s (%d), %s (%d)", content_type_str(content_type), 
content_type, hs_type_str(msg_type), msg_type);
 return;
   }
 

[trafficserver] 01/02: Add unit tests using draft-14 test vectors for clear text AEAD key derivation

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 0c3470265ca930b9a98c78cfb05d740d4a964f95
Author: Masaori Koshiba 
AuthorDate: Wed Sep 12 15:51:47 2018 +0900

Add unit tests using draft-14 test vectors for clear text AEAD key 
derivation
---
 iocore/net/quic/test/test_QUICKeyGenerator.cc | 61 ++-
 1 file changed, 60 insertions(+), 1 deletion(-)

diff --git a/iocore/net/quic/test/test_QUICKeyGenerator.cc 
b/iocore/net/quic/test/test_QUICKeyGenerator.cc
index 1c19a2c..d0a2ec0 100644
--- a/iocore/net/quic/test/test_QUICKeyGenerator.cc
+++ b/iocore/net/quic/test/test_QUICKeyGenerator.cc
@@ -32,7 +32,6 @@
 
 #include 
 
-// #include "Mock.h"
 #include "QUICKeyGenerator.h"
 
 TEST_CASE("QUICKeyGenerator", "[quic]")
@@ -59,6 +58,8 @@ TEST_CASE("QUICKeyGenerator", "[quic]")
 CHECK(memcmp(actual_km->key, expected_client_key, 
sizeof(expected_client_key)) == 0);
 CHECK(actual_km->iv_len == sizeof(expected_client_iv));
 CHECK(memcmp(actual_km->iv, expected_client_iv, 
sizeof(expected_client_iv)) == 0);
+CHECK(actual_km->pn_len == sizeof(expected_client_pn));
+CHECK(memcmp(actual_km->pn, expected_client_pn, 
sizeof(expected_client_pn)) == 0);
   }
 
   SECTION("SERVER Initial")
@@ -83,5 +84,63 @@ TEST_CASE("QUICKeyGenerator", "[quic]")
 CHECK(memcmp(actual_km->key, expected_server_key, 
sizeof(expected_server_key)) == 0);
 CHECK(actual_km->iv_len == sizeof(expected_server_iv));
 CHECK(memcmp(actual_km->iv, expected_server_iv, 
sizeof(expected_server_iv)) == 0);
+CHECK(actual_km->pn_len == sizeof(expected_server_pn));
+CHECK(memcmp(actual_km->pn, expected_server_pn, 
sizeof(expected_server_pn)) == 0);
+  }
+}
+
+// 
https://github.com/quicwg/base-drafts/wiki/Test-Vector-for-the-Clear-Text-AEAD-key-derivation#draft-14-test-vectors
+TEST_CASE("draft-14 Test Vectors", "[quic]")
+{
+  SECTION("CLIENT Initial")
+  {
+QUICKeyGenerator keygen(QUICKeyGenerator::Context::CLIENT);
+
+QUICConnectionId cid = {reinterpret_cast("\x83\x94\xc8\xf0\x3e\x51\x57\x08"), 8};
+
+uint8_t expected_client_key[] = {
+  0xf2, 0x92, 0x8f, 0x26, 0x14, 0xad, 0x6c, 0x20, 0xb9, 0xbd, 0x00, 0x8e, 
0x9c, 0x89, 0x63, 0x1c,
+};
+uint8_t expected_client_iv[] = {
+  0xab, 0x95, 0x0b, 0x01, 0x98, 0x63, 0x79, 0x78, 0xcf, 0x44, 0xaa, 0xb9,
+};
+uint8_t expected_client_pn[] = {
+  0x68, 0xc3, 0xf6, 0x4e, 0x2d, 0x66, 0x34, 0x41, 0x2b, 0x8e, 0x32, 0x94, 
0x62, 0x8d, 0x76, 0xf1,
+};
+
+std::unique_ptr actual_km = keygen.generate(cid);
+
+CHECK(actual_km->key_len == sizeof(expected_client_key));
+CHECK(memcmp(actual_km->key, expected_client_key, 
sizeof(expected_client_key)) == 0);
+CHECK(actual_km->iv_len == sizeof(expected_client_iv));
+CHECK(memcmp(actual_km->iv, expected_client_iv, 
sizeof(expected_client_iv)) == 0);
+CHECK(actual_km->pn_len == sizeof(expected_client_pn));
+CHECK(memcmp(actual_km->pn, expected_client_pn, 
sizeof(expected_client_pn)) == 0);
+  }
+
+  SECTION("SERVER Initial")
+  {
+QUICKeyGenerator keygen(QUICKeyGenerator::Context::SERVER);
+
+QUICConnectionId cid = {reinterpret_cast("\x83\x94\xc8\xf0\x3e\x51\x57\x08"), 8};
+
+uint8_t expected_server_key[] = {
+  0xf5, 0x68, 0x17, 0xd0, 0xfc, 0x59, 0x5c, 0xfc, 0x0a, 0x2b, 0x0b, 0xcf, 
0xb1, 0x87, 0x35, 0xec,
+};
+uint8_t expected_server_iv[] = {
+  0x32, 0x05, 0x03, 0x5a, 0x3c, 0x93, 0x7c, 0x90, 0x2e, 0xe4, 0xf4, 0xd6,
+};
+uint8_t expected_server_pn[] = {
+  0xa3, 0x13, 0xc8, 0x6d, 0x13, 0x73, 0xec, 0xbc, 0xcb, 0x32, 0x94, 0xb1, 
0x49, 0x74, 0x22, 0x6c,
+};
+
+std::unique_ptr actual_km = keygen.generate(cid);
+
+CHECK(actual_km->key_len == sizeof(expected_server_key));
+CHECK(memcmp(actual_km->key, expected_server_key, 
sizeof(expected_server_key)) == 0);
+CHECK(actual_km->iv_len == sizeof(expected_server_iv));
+CHECK(memcmp(actual_km->iv, expected_server_iv, 
sizeof(expected_server_iv)) == 0);
+CHECK(actual_km->pn_len == sizeof(expected_server_pn));
+CHECK(memcmp(actual_km->pn, expected_server_pn, 
sizeof(expected_server_pn)) == 0);
   }
 }

[trafficserver] 05/05: Fix dup header name bug in QPACK test driver

[maskit]

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 00397dfa42846b68f9e4b6345e656e3e35151ce9
Author: Masakazu Kitajo 
AuthorDate: Wed Sep 12 17:21:40 2018 +0900

Fix dup header name bug in QPACK test driver
---
 proxy/hq/test/test_QPACK.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/proxy/hq/test/test_QPACK.cc b/proxy/hq/test/test_QPACK.cc
index 81b6971..d1906e2 100644
--- a/proxy/hq/test/test_QPACK.cc
+++ b/proxy/hq/test/test_QPACK.cc
@@ -132,7 +132,9 @@ load_qif_file(const char *filename, HTTPHdr **headers)
   auto tab   = line.find_first_of('\t');
   auto name  = line.substr(0, tab);
   auto value = line.substr(tab + 1);
-  hdr->value_set(name.c_str(), tab, value.c_str(), line.length() - tab - 
1);
+  auto field = hdr->field_create(name.c_str(), tab);
+  hdr->field_attach(field);
+  hdr->field_value_set(field, value.c_str(), line.length() - tab - 1);
 }
   }
   if (hdr) {

[trafficserver] 01/05: Update QPACK static table

[maskit]

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 0af26d2decd6b60c135eafc968e2a36b66b35429
Author: Masakazu Kitajo 
AuthorDate: Wed Sep 12 17:14:01 2018 +0900

Update QPACK static table
---
 proxy/hq/QPACK.cc | 70 ++-
 1 file changed, 64 insertions(+), 6 deletions(-)

diff --git a/proxy/hq/QPACK.cc b/proxy/hq/QPACK.cc
index 127e305..626d5ae 100644
--- a/proxy/hq/QPACK.cc
+++ b/proxy/hq/QPACK.cc
@@ -28,12 +28,70 @@
 #include "ts/ink_memory.h"
 
 #define QPACKDebug(fmt, ...) Debug("qpack", "[%s] " fmt, 
this->_qc->cids().data(), ##__VA_ARGS__)
-
-const QPACK::Header QPACK::StaticTable::STATIC_HEADER_FIELDS[] = {
-  {"", ""}, // Index 0 is invalid
-  {"static_1", "svalue1"},
-  {"static_2", ""},
-};
+#define QPACKDTDebug(fmt, ...) Debug("qpack", "" fmt, ##__VA_ARGS__)
+
+const QPACK::Header QPACK::StaticTable::STATIC_HEADER_FIELDS[] = {{"", ""}, // 
Index 0 is invalid
+  
{":authority", ""},
+  {":method", 
"GET"},
+  {":method", 
"POST"},
+  {":path", 
"/"},
+  {":path", 
"/index.html"},
+  {":scheme", 
"http"},
+  {":scheme", 
"https"},
+  {":status", 
"200"},
+  {":status", 
"204"},
+  {":status", 
"206"},
+  {":status", 
"304"},
+  {":status", 
"400"},
+  {":status", 
"404"},
+  {":status", 
"500"},
+  
{"accept-charset", ""},
+  
{"accept-encoding", "gzip, deflate"},
+  
{"accept-language", ""},
+  
{"accept-ranges", ""},
+  {"accept", 
""},
+  
{"access-control-allow-origin", ""},
+  {"age", ""},
+  {"allow", 
""},
+  
{"authorization", ""},
+  
{"cache-control", ""},
+  
{"content-disposition", ""},
+  
{"content-encoding", ""},
+  
{"content-language", ""},
+  
{"content-length", ""},
+  
{"content-location", ""},
+  
{"content-range", ""},
+  
{"content-type", ""},
+  {"cookie", 
""},
+  {"date", ""},
+  {"etag", ""},
+  {"expect", 
""},
+  {"expires", 
""},
+  {"from", ""},
+  {"host", ""},
+  {"if-match", 
""},
+  
{"if-modified-since", ""},
+  
{"if-none-match", ""},
+  {"if-range", 
""},
+  
{"if-unmodified-since", ""},
+  
{"last-modified", "

[trafficserver] 03/05: Fix a sizeof/countof bug in QPACK

[maskit]

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit b5de7df0b6d8cac355f212b50f63aa72c653e388
Author: Masakazu Kitajo 
AuthorDate: Wed Sep 12 17:19:14 2018 +0900

Fix a sizeof/countof bug in QPACK
---
 proxy/hq/QPACK.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/proxy/hq/QPACK.h b/proxy/hq/QPACK.h
index 53845ef..bc340f8 100644
--- a/proxy/hq/QPACK.h
+++ b/proxy/hq/QPACK.h
@@ -138,8 +138,8 @@ private:
 
 // FIXME It may be better to split this array into small arrays to reduce 
memory footprint
 struct DynamicTableEntry _entries[SETTINGS_HEADER_TABLE_SIZE] = {{}};
-uint16_t _entries_head= 
sizeof(_entries) - 1;
-uint16_t _entries_tail= 
sizeof(_entries) - 1;
+uint16_t _entries_head= 
countof(_entries) - 1;
+uint16_t _entries_tail= 
countof(_entries) - 1;
 DynamicTableStorage *_storage = nullptr;
   };
 

[trafficserver] branch quic-latest updated (54be99c -> 00397df)

[maskit]

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a change to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.


from 54be99c  Simplify content type strings and handshake type strings
 new 0af26d2  Update QPACK static table
 new da89f69  Convert heaeder names to lowercase befor encoding and after 
decoding
 new b5de7df  Fix a sizeof/countof bug in QPACK
 new bfd0417  Increase maximum number of test sequences for QPACK test
 new 00397df  Fix dup header name bug in QPACK test driver

The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 proxy/hq/QPACK.cc   | 111 ++--
 proxy/hq/QPACK.h|   4 +-
 proxy/hq/test/test_QPACK.cc |  27 +++
 3 files changed, 107 insertions(+), 35 deletions(-)

[trafficserver] 04/05: Increase maximum number of test sequences for QPACK test

[maskit]

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit bfd04179ba77d1ba3e1ea0b619b84510137c6705
Author: Masakazu Kitajo 
AuthorDate: Wed Sep 12 17:20:39 2018 +0900

Increase maximum number of test sequences for QPACK test
---
 proxy/hq/test/test_QPACK.cc | 14 --
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/proxy/hq/test/test_QPACK.cc b/proxy/hq/test/test_QPACK.cc
index b8f8c07..81b6971 100644
--- a/proxy/hq/test/test_QPACK.cc
+++ b/proxy/hq/test/test_QPACK.cc
@@ -40,6 +40,8 @@ extern char appname[256];
 constexpr int ACK_MODE_IMMEDIATE = 1;
 constexpr int ACK_MODE_NONE  = 0;
 
+constexpr int MAX_SEQUENCE = 1024;
+
 class TestQUICConnection : public MockQUICConnection
 {
 };
@@ -279,8 +281,8 @@ test_encode(const char *qif_file, int dts, int mbs, int am)
   sprintf(output_filename, "%s.ats.%d.%d.%d", qif_file, dts, mbs, am);
   FILE *fd = fopen(output_filename, "w");
 
-  HTTPHdr *requests[256] = {nullptr};
-  int n_requests = load_qif_file(qif_file, requests);
+  HTTPHdr *requests[MAX_SEQUENCE] = {nullptr};
+  int n_requests  = load_qif_file(qif_file, requests);
 
   QUICApplicationDriver driver;
   QPACK *qpack   = new QPACK(driver.get_connection(), dts);
@@ -328,7 +330,7 @@ test_decode(const char *qif_file, int dts, int mbs, int am, 
const char *app_name
   sprintf(output_filename, "%s.decoded", data_filename);
   FILE *fd_out = fopen(output_filename, "w");
 
-  HTTPHdr *requests[256];
+  HTTPHdr *requests[MAX_SEQUENCE];
   int n_requests = load_qif_file(qif_file, requests);
 
   TestQPACKEventHandler *event_handler = new TestQPACKEventHandler();
@@ -343,9 +345,9 @@ test_decode(const char *qif_file, int dts, int mbs, int am, 
const char *app_name
   uint32_t block_len;
   int read_len = 0;
 
-  uint64_t stream_id= 1;
-  HTTPHdr *header_sets[256] = {nullptr};
-  int n_headers = 0;
+  uint64_t stream_id = 1;
+  HTTPHdr *header_sets[MAX_SEQUENCE] = {nullptr};
+  int n_headers  = 0;
   while ((read_len = read_block(fd_in, stream_id, &block, block_len)) >= 0) {
 if (stream_id == encoder_stream->id()) {
   encoder_stream->write(block, block_len, offset, false);

[trafficserver] 02/05: Convert heaeder names to lowercase befor encoding and after decoding

[maskit]

This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit da89f6932ec8ef2c49d67c3340685710737e73d9
Author: Masakazu Kitajo 
AuthorDate: Wed Sep 12 17:16:10 2018 +0900

Convert heaeder names to lowercase befor encoding and after decoding
---
 proxy/hq/QPACK.cc   | 41 +++--
 proxy/hq/test/test_QPACK.cc |  9 +++--
 2 files changed, 30 insertions(+), 20 deletions(-)

diff --git a/proxy/hq/QPACK.cc b/proxy/hq/QPACK.cc
index 626d5ae..404d88a 100644
--- a/proxy/hq/QPACK.cc
+++ b/proxy/hq/QPACK.cc
@@ -237,8 +237,13 @@ QPACK::_encode_prefix(uint16_t largest_reference, uint16_t 
base_index, IOBufferB
 int
 QPACK::_encode_header(const MIMEField &field, uint16_t base_index, 
IOBufferBlock *compressed_header, uint16_t &referred_index)
 {
+  Arena arena;
   int name_len;
-  const char *name = field.name_get(&name_len);
+  const char *name   = field.name_get(&name_len);
+  char *lowered_name = arena.str_store(name, name_len);
+  for (int i = 0; i < name_len; i++) {
+lowered_name[i] = ParseRules::ink_tolower(lowered_name[i]);
+  }
   int value_len;
   const char *value = field.value_get(&value_len);
 
@@ -248,9 +253,9 @@ QPACK::_encode_header(const MIMEField &field, uint16_t 
base_index, IOBufferBlock
   // Find from tables, and insert / duplicate a entry prior to encode it
   LookupResult lookup_result_static;
   LookupResult lookup_result_dynamic;
-  lookup_result_static = StaticTable::lookup(name, name_len, value, value_len);
+  lookup_result_static = StaticTable::lookup(lowered_name, name_len, value, 
value_len);
   if (lookup_result_static.match_type != LookupResult::MatchType::EXACT) {
-lookup_result_dynamic = this->_dynamic_table.lookup(name, name_len, value, 
value_len);
+lookup_result_dynamic = this->_dynamic_table.lookup(lowered_name, 
name_len, value, value_len);
 if (lookup_result_dynamic.match_type == LookupResult::MatchType::EXACT) {
   if (this->_dynamic_table.should_duplicate(lookup_result_dynamic.index)) {
 // Duplicate an entry and use the new entry
@@ -266,10 +271,10 @@ QPACK::_encode_header(const MIMEField &field, uint16_t 
base_index, IOBufferBlock
 // Name in static table is always available. Do nothing.
   } else {
 // Insert both the name and the value
-lookup_result_dynamic = this->_dynamic_table.insert_entry(name, 
name_len, value, value_len);
+lookup_result_dynamic = 
this->_dynamic_table.insert_entry(lowered_name, name_len, value, value_len);
 if (lookup_result_dynamic.match_type != LookupResult::MatchType::NONE) 
{
-  this->_write_insert_without_name_ref(name, name_len, value, 
value_len);
-  QPACKDebug("Wrote Insert Without Name Ref: name=%.*s value=%.*s", 
name_len, name, value_len, value);
+  this->_write_insert_without_name_ref(lowered_name, name_len, value, 
value_len);
+  QPACKDebug("Wrote Insert Without Name Ref: name=%.*s value=%.*s", 
name_len, lowered_name, value_len, value);
 }
   }
 } else if (lookup_result_dynamic.match_type == 
LookupResult::MatchType::NAME) {
@@ -294,27 +299,27 @@ QPACK::_encode_header(const MIMEField &field, uint16_t 
base_index, IOBufferBlock
   }
 } else {
   // Insert both the name and the value
-  lookup_result_dynamic = this->_dynamic_table.insert_entry(name, 
name_len, value, value_len);
+  lookup_result_dynamic = 
this->_dynamic_table.insert_entry(lowered_name, name_len, value, value_len);
   if (lookup_result_dynamic.match_type != 
LookupResult::MatchType::NONE) {
-this->_write_insert_without_name_ref(name, name_len, value, 
value_len);
-QPACKDebug("Wrote Insert Without Name Ref: name=%.*s value=%.*s", 
name_len, name, value_len, value);
+this->_write_insert_without_name_ref(lowered_name, name_len, 
value, value_len);
+QPACKDebug("Wrote Insert Without Name Ref: name=%.*s value=%.*s", 
name_len, lowered_name, value_len, value);
   }
 }
   }
 } else {
   if (never_index) {
 // Insert only the name
-lookup_result_dynamic = this->_dynamic_table.insert_entry(name, 
name_len, "", 0);
+lookup_result_dynamic = 
this->_dynamic_table.insert_entry(lowered_name, name_len, "", 0);
 if (lookup_result_dynamic.match_type != LookupResult::MatchType::NONE) 
{
-  this->_write_insert_without_name_ref(name, name_len, "", 0);
-  QPACKDebug("Wrote Insert Without Name Ref: name=%.*s value=%.*s", 
name_len, name, 0, "");
+  this->_write_insert_without_name_ref(lowered_name, name_len, "", 0);
+  QPACKDebug("Wrote Insert Without Name Ref: name=%.*s value=%.*s", 
name_len, lowered_name, 0, "");
 }
   } else {
 // Insert both the name and the value
-lookup_result_dynamic 

[trafficserver] branch master updated: Fix link error on macOS

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 23b8d5b  Fix link error on macOS
23b8d5b is described below

commit 23b8d5b56a6edb1f31a1d2d3dfecd7e33ac7149c
Author: Masaori Koshiba 
AuthorDate: Wed Sep 12 14:54:05 2018 +0900

Fix link error on macOS
---
 src/tscore/Makefile.am | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/tscore/Makefile.am b/src/tscore/Makefile.am
index 2dfe66c..ee915e9 100644
--- a/src/tscore/Makefile.am
+++ b/src/tscore/Makefile.am
@@ -38,6 +38,7 @@ AM_CPPFLAGS += \
 
 libtscore_la_LDFLAGS = -no-undefined -version-info @TS_LIBTOOL_VERSION@ 
@YAMLCPP_LDFLAGS@
 libtscore_la_LIBADD = \
+   $(top_builddir)/src/tscpp/util/libtscpputil.la \
@HWLOC_LIBS@ \
@LIBOBJS@ \
@LIBPCRE@ \

[trafficserver] branch master updated: Allow enabling MPTCP on a listening socket through the records.config

[zwoop]

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 2755a80  Allow enabling MPTCP on a listening socket through the 
records.config
2755a80 is described below

commit 2755a80a8c55866591f20345ea5e275084fc4e03
Author: Christoph Paasch 
AuthorDate: Tue Aug 28 15:52:20 2018 -0700

Allow enabling MPTCP on a listening socket through the records.config
---
 doc/admin-guide/files/records.config.en.rst |  6 ++
 lib/records/I_RecHttp.h |  3 +++
 lib/records/RecHttp.cc  | 31 -
 mgmt/LocalManager.cc| 23 +
 4 files changed, 62 insertions(+), 1 deletion(-)

diff --git a/doc/admin-guide/files/records.config.en.rst 
b/doc/admin-guide/files/records.config.en.rst
index 9d14ccb..e873d53 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -609,6 +609,7 @@ HTTP Engine
tr-in   Inbound transparent.
tr-out  Outbound transparent.
tr-pass Pass through enabled.
+   mptcp   Multipath TCP.
=== === 
 
 *number*
@@ -674,6 +675,11 @@ ip-resolve
 
Not compatible with: ``tr-out`` - this option requires a value of 
``client;none`` which is forced and should not be explicitly specified.
 
+mptcp
+   Enable Multipath TCP on this proxy port.
+
+   Requires custom Linux kernel available at https://multipath-tcp.org.
+
 .. topic:: Example
 
Listen on port 80 on any address for IPv4 and IPv6.::
diff --git a/lib/records/I_RecHttp.h b/lib/records/I_RecHttp.h
index d69204d..7e831fc 100644
--- a/lib/records/I_RecHttp.h
+++ b/lib/records/I_RecHttp.h
@@ -245,6 +245,8 @@ public:
   bool m_outbound_transparent_p;
   // True if transparent pass-through is enabled on this port.
   bool m_transparent_passthrough;
+  /// True if MPTCP is enabled on this port.
+  bool m_mptcp;
   /// Local address for inbound connections (listen address).
   IpAddr m_inbound_ip;
   /// Local address for outbound connections (to origin server).
@@ -395,6 +397,7 @@ public:
   static const char *const OPT_COMPRESSED;  ///< Compressed.
   static const char *const OPT_HOST_RES_PREFIX; ///< Set DNS family 
preference.
   static const char *const OPT_PROTO_PREFIX;///< Transport layer 
protocols.
+  static const char *const OPT_MPTCP;   ///< MPTCP.
 
   static std::vector &m_global; ///< Global ("default") data.
 
diff --git a/lib/records/RecHttp.cc b/lib/records/RecHttp.cc
index f7873fc..c4b997c 100644
--- a/lib/records/RecHttp.cc
+++ b/lib/records/RecHttp.cc
@@ -25,6 +25,7 @@
 #include 
 #include "tscore/ink_defs.h"
 #include "tscore/ink_hash_table.h"
+#include "tscore/TextBuffer.h"
 #include "tscore/Tokenizer.h"
 #include 
 #include "tscore/ink_inet.h"
@@ -70,6 +71,22 @@ SessionProtocolSet HTTP2_PROTOCOL_SET;
 SessionProtocolSet DEFAULT_NON_TLS_SESSION_PROTOCOL_SET;
 SessionProtocolSet DEFAULT_TLS_SESSION_PROTOCOL_SET;
 
+static bool
+mptcp_supported()
+{
+  ats_scoped_fd fd(::open("/proc/sys/net/mptcp/mptcp_enabled", O_RDONLY));
+  int value = 0;
+
+  if (fd) {
+TextBuffer buffer(16);
+
+buffer.slurp(fd.get());
+value = atoi(buffer.bufPtr());
+  }
+
+  return value != 0;
+}
+
 void
 RecHttpLoadIp(const char *value_name, IpAddr &ip4, IpAddr &ip6)
 {
@@ -130,6 +147,7 @@ const char *const HttpProxyPort::OPT_SSL
 = "ssl";
 const char *const HttpProxyPort::OPT_PLUGIN  = "plugin";
 const char *const HttpProxyPort::OPT_BLIND_TUNNEL= "blind";
 const char *const HttpProxyPort::OPT_COMPRESSED  = "compressed";
+const char *const HttpProxyPort::OPT_MPTCP   = "mptcp";
 
 // File local constants.
 namespace
@@ -160,7 +178,8 @@ HttpProxyPort::HttpProxyPort()
 m_family(AF_INET),
 m_inbound_transparent_p(false),
 m_outbound_transparent_p(false),
-m_transparent_passthrough(false)
+m_transparent_passthrough(false),
+m_mptcp(false)
 {
   memcpy(m_host_res_preference, host_res_default_preference_order, 
sizeof(m_host_res_preference));
 }
@@ -364,6 +383,12 @@ HttpProxyPort::processOptions(const char *opts)
 #else
   Warning("Transparent pass-through requested [%s] in port descriptor '%s' 
but TPROXY was not configured.", item, opts);
 #endif
+} else if (0 == strcasecmp(OPT_MPTCP, item)) {
+  if (mptcp_supported()) {
+m_mptcp = true;
+  } else {
+Warning("Multipath TCP requested [%s] in port descriptor '%s' but it 
is not supported by this host.", item, opts);
+  }
 } else if (nullptr != (value = this->checkPrefix(item, 
OPT_HOST_RES_PREFIX, OPT_HOST_RES_PREFIX_LEN))) {

[trafficserver] branch master updated: Fixed error getting h2 HEADERS frame after stream is closed

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 0d462f9  Fixed error getting h2 HEADERS frame after stream is closed
0d462f9 is described below

commit 0d462f930d7f23ff7f43e0ecb63262d07b8d7c80
Author: Bryan Call 
AuthorDate: Mon Sep 10 09:59:47 2018 -0700

Fixed error getting h2 HEADERS frame after stream is closed
---
 proxy/http2/Http2ConnectionState.cc | 5 +
 1 file changed, 5 insertions(+)

diff --git a/proxy/http2/Http2ConnectionState.cc 
b/proxy/http2/Http2ConnectionState.cc
index 01c0125..040a7e7 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -229,6 +229,11 @@ rcv_headers_frame(Http2ConnectionState &cstate, const 
Http2Frame &frame)
 }
   }
 
+  // Ignoring HEADERS frame on a closed stream.  The HdrHeap has gone away and 
it will core.
+  if (stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_CLOSED) {
+return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+  }
+
   // keep track of how many bytes we get in the frame
   stream->request_header_length += payload_length;
   if (stream->request_header_length > Http2::max_request_header_size) {

[trafficserver] 01/03: Corrects IPv4 multicast ip address check

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit a9ae8ad3bc2f3a69dbb94421bf13d16e51587518
Author: Derek Dagit 
AuthorDate: Thu Aug 23 11:36:51 2018 -0500

Corrects IPv4 multicast ip address check

(cherry picked from commit bb0275ea2ea9c0f86080b4a1596038f898eb39ac)
---
 include/tscore/ink_inet.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/tscore/ink_inet.h b/include/tscore/ink_inet.h
index d5d810d..4cbf14c 100644
--- a/include/tscore/ink_inet.h
+++ b/include/tscore/ink_inet.h
@@ -620,7 +620,7 @@ ats_is_ip_loopback(IpEndpoint const *ip)
 inline bool
 ats_is_ip_multicast(sockaddr const *ip)
 {
-  return ip && ((AF_INET == ip->sa_family && 0xe == *ats_ip_addr8_cast(ip)) ||
+  return ip && ((AF_INET == ip->sa_family && 0xe == (ats_ip_addr8_cast(ip)[0] 
>> 4)) ||
 (AF_INET6 == ip->sa_family && 
IN6_IS_ADDR_MULTICAST(&ats_ip6_addr_cast(ip;
 }
 /// Check for multicast.

[trafficserver] 03/03: Disable the HttpSM half open logic if the underlying transport is TLS

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 9305278f547ad4b8fb69b33dacc9f1d21829a734
Author: Susan Hinrichs 
AuthorDate: Thu Sep 6 16:34:29 2018 -0500

Disable the HttpSM half open logic if the underlying transport is TLS

(cherry picked from commit 422e81057070d405a1aa24575d36383e8a7c8d2e)
---
 proxy/http/Http1ClientSession.h  | 7 +++
 proxy/http/Http1ClientTransaction.cc | 7 ++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/proxy/http/Http1ClientSession.h b/proxy/http/Http1ClientSession.h
index 6591202..4221002 100644
--- a/proxy/http/Http1ClientSession.h
+++ b/proxy/http/Http1ClientSession.h
@@ -76,6 +76,13 @@ public:
   void do_io_shutdown(ShutdownHowTo_t howto) override;
   void reenable(VIO *vio) override;
 
+  bool
+  allow_half_open()
+  {
+// Only allow half open connections if the not over TLS
+return (client_vc && dynamic_cast(client_vc) == 
nullptr);
+  }
+
   void
   set_half_close_flag(bool flag) override
   {
diff --git a/proxy/http/Http1ClientTransaction.cc 
b/proxy/http/Http1ClientTransaction.cc
index 2d4edb0..5c5f175 100644
--- a/proxy/http/Http1ClientTransaction.cc
+++ b/proxy/http/Http1ClientTransaction.cc
@@ -71,5 +71,10 @@ Http1ClientTransaction::transaction_done()
 bool
 Http1ClientTransaction::allow_half_open() const
 {
-  return current_reader ? current_reader->t_state.txn_conf->allow_half_open > 
0 : true;
+  bool config_allows_it = (current_reader) ? 
current_reader->t_state.txn_conf->allow_half_open > 0 : true;
+  if (config_allows_it) {
+// Check with the session to make sure the underlying transport allows the 
half open scenario
+return static_cast(parent)->allow_half_open();
+  }
+  return false;
 }

[trafficserver] 02/03: Fix inconsistent links in docs.

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 35b5c94cbdcbd39efe5b3460232ed01cef89a9ec
Author: Susan Hinrichs 
AuthorDate: Thu Sep 6 09:36:03 2018 -0500

Fix inconsistent links in docs.

(cherry picked from commit 385c2f5d759ceba57ebb9a9a917fa845f1f1082b)
---
 doc/admin-guide/files/records.config.en.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/admin-guide/files/records.config.en.rst 
b/doc/admin-guide/files/records.config.en.rst
index 57d6e5b..de434e1 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3084,7 +3084,7 @@ SSL Termination
Configures the pair of the AEAD algorithm and hash algorithm to be
used with HKDF provided by OpenSSL which |TS| will use for TLSv1.3
connections. For the list of algorithms and instructions, see
-   The ``-ciphersuites`` section of `OpenSSL Ciphers 
`_.
+   The ``-ciphersuites`` section of `OpenSSL Ciphers 
`_.
 
The current default value with OpenSSL is:
 

[trafficserver] branch 8.0.x updated (0b703a4 -> 9305278)

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a change to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.


from 0b703a4  PR #3724: Backport to ATS 8. Cherry-pick from 
079a40277a450ead4eecb4f5cf00a448ac7db025
 new a9ae8ad  Corrects IPv4 multicast ip address check
 new 35b5c94  Fix inconsistent links in docs.
 new 9305278  Disable the HttpSM half open logic if the underlying 
transport is TLS

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 doc/admin-guide/files/records.config.en.rst | 2 +-
 include/tscore/ink_inet.h   | 2 +-
 proxy/http/Http1ClientSession.h | 7 +++
 proxy/http/Http1ClientTransaction.cc| 7 ++-
 4 files changed, 15 insertions(+), 3 deletions(-)

[trafficserver] 02/02: Fix link error on macOS

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit ad43863e9a4c8c27b90c10d081578f91e0e29868
Author: Masaori Koshiba 
AuthorDate: Wed Sep 12 14:54:05 2018 +0900

Fix link error on macOS

(cherry picked from commit 23b8d5b56a6edb1f31a1d2d3dfecd7e33ac7149c)
---
 src/tscore/Makefile.am | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/tscore/Makefile.am b/src/tscore/Makefile.am
index 65d6dbe..25b7ecd 100644
--- a/src/tscore/Makefile.am
+++ b/src/tscore/Makefile.am
@@ -38,6 +38,7 @@ AM_CPPFLAGS += \
 
 libtscore_la_LDFLAGS = -no-undefined -version-info @TS_LIBTOOL_VERSION@ 
@YAMLCPP_LDFLAGS@
 libtscore_la_LIBADD = \
+   $(top_builddir)/src/tscpp/util/libtscpputil.la \
@HWLOC_LIBS@ \
@LIBOBJS@ \
@LIBPCRE@ \

[trafficserver] branch 8.0.x updated (9305278 -> ad43863)

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a change to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.


from 9305278  Disable the HttpSM half open logic if the underlying 
transport is TLS
 new aaa9d0c  Fixed error getting h2 HEADERS frame after stream is closed
 new ad43863  Fix link error on macOS

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 proxy/http2/Http2ConnectionState.cc | 5 +
 src/tscore/Makefile.am  | 1 +
 2 files changed, 6 insertions(+)

[trafficserver] 01/02: Fixed error getting h2 HEADERS frame after stream is closed

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit aaa9d0cff5293e022ee1213a7155c7192308a46c
Author: Bryan Call 
AuthorDate: Mon Sep 10 09:59:47 2018 -0700

Fixed error getting h2 HEADERS frame after stream is closed

(cherry picked from commit 0d462f930d7f23ff7f43e0ecb63262d07b8d7c80)
---
 proxy/http2/Http2ConnectionState.cc | 5 +
 1 file changed, 5 insertions(+)

diff --git a/proxy/http2/Http2ConnectionState.cc 
b/proxy/http2/Http2ConnectionState.cc
index 01c0125..040a7e7 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -229,6 +229,11 @@ rcv_headers_frame(Http2ConnectionState &cstate, const 
Http2Frame &frame)
 }
   }
 
+  // Ignoring HEADERS frame on a closed stream.  The HdrHeap has gone away and 
it will core.
+  if (stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_CLOSED) {
+return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+  }
+
   // keep track of how many bytes we get in the frame
   stream->request_header_length += payload_length;
   if (stream->request_header_length > Http2::max_request_header_size) {

[trafficserver] branch master updated: heap use after free

[duke8253]

This is an automated email from the ASF dual-hosted git repository.

duke8253 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 480ba87  heap use after free
480ba87 is described below

commit 480ba87c17badad20a20d85f88c8a992b893cfe0
Author: Fei Deng 
AuthorDate: Wed Sep 12 10:03:19 2018 -0500

heap use after free
---
 proxy/http/HttpTransact.cc | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index a861e60..76187b6 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -8146,7 +8146,12 @@ HttpTransact::client_result_stat(State *s, ink_hrtime 
total_time, ink_hrtime req
   ///
   // don't count errors we generated as hits or misses //
   ///
-  if ((s->source == SOURCE_INTERNAL) && 
(s->hdr_info.client_response.status_get() >= 400)) {
+  int client_response_status = HTTP_STATUS_NONE;
+  if (s->hdr_info.client_response.valid()) {
+client_response_status = s->hdr_info.client_response.status_get();
+  }
+
+  if ((s->source == SOURCE_INTERNAL) && client_response_status >= 400) {
 client_transaction_result = CLIENT_TRANSACTION_RESULT_ERROR_OTHER;
   }
 
@@ -8241,9 +8246,8 @@ HttpTransact::client_result_stat(State *s, ink_hrtime 
total_time, ink_hrtime req
   }
   // Count the status codes, assuming the client didn't abort (i.e. there is 
an m_http)
   if ((s->source != SOURCE_NONE) && (s->client_info.abort == DIDNOT_ABORT)) {
-int status_code = s->hdr_info.client_response.status_get();
 
-switch (status_code) {
+switch (client_response_status) {
 case 100:
   HTTP_INCREMENT_DYN_STAT(http_response_status_100_count_stat);
   break;
@@ -8364,7 +8368,7 @@ HttpTransact::client_result_stat(State *s, ink_hrtime 
total_time, ink_hrtime req
 default:
   break;
 }
-switch (status_code / 100) {
+switch (client_response_status / 100) {
 case 1:
   HTTP_INCREMENT_DYN_STAT(http_response_status_1xx_count_stat);
   break;

[trafficserver] branch 8.0.x updated: Updated Changelog

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/8.0.x by this push:
 new 5f0ab22  Updated Changelog
5f0ab22 is described below

commit 5f0ab22f3b007c71f9669040422b6cb4aec43680
Author: Bryan Call 
AuthorDate: Wed Sep 12 11:52:04 2018 -0700

Updated Changelog
---
 CHANGELOG-8.0.0 | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG-8.0.0 b/CHANGELOG-8.0.0
index 0bcbc5f..8f730fe 100644
--- a/CHANGELOG-8.0.0
+++ b/CHANGELOG-8.0.0
@@ -953,7 +953,6 @@ Changes with Apache Traffic Server 8.0.0
   #3597 - Fixes null pointer dereference in print_http_hdr
   #3598 - Fix a nullptr dereference
   #3600 - clang: Logic error
-  #3601 - Add TLSv1.3 cipher suites for OpenSSL-1.1.1
   #3602 - Clang6: Fix nullptr use in AtomicList.
   #3603 - Prevent memcpy overlapping buffers when assigning a CryptoHash to 
itself
   #3605 - Testing: Update to Catch 2.2.2
@@ -1185,7 +1184,6 @@ Changes with Apache Traffic Server 8.0.0
   #4025 - Removes non-FS ciphers to make SSLLabs not warn on weak ciphers
   #4027 - Fixes ticket loading from filesystems without a mtime
   #4030 - Fixes Spelling
-  #4031 - Revert "Add TLSv1.3 cipher suites for OpenSSL-1.1.1"
   #4035 - Fixing copy paste error in SNI yaml parsing
   #4036 - Removes more references to traffic_cop and cop related functionality
   #4037 - Add configs for TLSv1.3 ciphersuites
@@ -1216,6 +1214,7 @@ Changes with Apache Traffic Server 8.0.0
   #4124 - Removes references to STAT_PROCESSOR
   #4131 - Completes code comment for redirect configs
   #4138 - Follows 308 Permanent Redirect
+  #4151 - Corrects IPv4 multicast ip address check
   #4165 - Update the header_rewrite doc for clarification on CLIENT-URL:HOST
   #4169 - Multiplexer fixes
   #4170 - Fix for when multiplexer gets a 0 byte read event
@@ -1223,3 +1222,7 @@ Changes with Apache Traffic Server 8.0.0
   #4183 - Default config change with 
proxy.config.http.negative_revalidating_enabled
   #4196 - Back-port to 8.0.x - Log Collation Memory Leak
   #4199 - Remove unneeded aio header file
+  #4208 - Fix inconsistent links in docs.
+  #4213 - Disable the HttpSM half open logic if the underlying transport is TLS
+  #4225 - Fixed error getting h2 HEADERS frame after stream is closed
+  #4232 - PR #3724: Backport to ATS 8.

[trafficserver] annotated tag 8.0.0-rc1 updated (5f0ab22 -> 0fabf98)

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a change to annotated tag 8.0.0-rc1
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.


*** WARNING: tag 8.0.0-rc1 was modified! ***

from 5f0ab22  (commit)
  to 0fabf98  (tag)
 tagging 5f0ab22f3b007c71f9669040422b6cb4aec43680 (commit)
 replaces 8.0.0-rc0
  by Bryan Call
  on Wed Sep 12 11:54:37 2018 -0700

- Log -
Release Candidate 8.0.0-rc1
-BEGIN PGP SIGNATURE-

iQIcBAABAgAGBQJbmWDtAAoJEE0VQRC4RQjshNYP/j/hy5DJLcwiy/8fkhL9BhZH
wC/B/7rkRhecTGQqSMyIDOa11NDBg26K9AIe32h70Y1F3P1dLQKQo80gtkavb4R6
fMA4WqlL3/ruaFXhcuG94TWCyiltcalVXyIN3tdYbOwnetlB55eUoZ7nyt7xSVDM
PgokzAJEHoLqZo/dQHR/XQo0fsuJ9GW9cCn3m+QcXX48gKMRXV199YXl6fInBxI+
+Zz4Kcz52eVLHl/YbZS+QxXC0uruA5WRFfLfuZbLrSWbPSkgtHdrxvmGkgILNQ2Z
Pm4f2IIFFmGaTDNfzb8uV4KGcgXs3OhiYeDDVrZsWUVHLO8Ige2iJ9Q7cHUHSZZ5
bmhb27tv870HdaVTqll2efmdSGGysvNOudrmlb9vtz196zch2anb7mdKwnxLNTVe
AZGml9Yj5+Ugve6/WKQxfbF0aak8X7a3zFlNeSO8F3GqBinwOz7K9kG1JfSd8xio
kw8F4JqrTVVZL1yx5/ogQO3DBMVBh/15AEcHxQAmuRhvT/Zmv24wOfbJTV0ul7en
DoNHYH/NpGyE3ZO2VwmofOs+9GzMagiK7e1NN1ZKXN1DfR2BNP7xDiHjoSNlWNyV
DCZfJETAq+w0fbg0Dlw0Z1znWKS+woMCWYMpo2ste4fyHDhEjfeKtShWImE9FH+S
aBWnJt07UbHeJx3bR424
=he52
-END PGP SIGNATURE-
---


No new revisions were added by this update.

Summary of changes:

[trafficserver] branch master updated: IntrusiveHashMap: Fix find where it returns a false positive in some cases.

[amc]

This is an automated email from the ASF dual-hosted git repository.

amc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 347a11f  IntrusiveHashMap: Fix find where it returns a false positive 
in some cases.
347a11f is described below

commit 347a11f757c38e58cf322b897b87efa48e28843c
Author: Alan M. Carroll 
AuthorDate: Sat Sep 8 21:32:56 2018 -0500

IntrusiveHashMap: Fix find where it returns a false positive in some cases.
---
 include/tscore/IntrusiveHashMap.h  |  2 +-
 src/tscore/unit_tests/test_IntrusiveHashMap.cc | 16 
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/include/tscore/IntrusiveHashMap.h 
b/include/tscore/IntrusiveHashMap.h
index f419880..06c5030 100644
--- a/include/tscore/IntrusiveHashMap.h
+++ b/include/tscore/IntrusiveHashMap.h
@@ -452,7 +452,7 @@ IntrusiveHashMap::find(key_type key) -> iterator
   while (v != limit && !H::equal(key, H::key_of(v))) {
 v = H::next_ptr(v);
   }
-  return _list.iterator_for(v);
+  return v == limit ? _list.end() : _list.iterator_for(v);
 }
 
 template 
diff --git a/src/tscore/unit_tests/test_IntrusiveHashMap.cc 
b/src/tscore/unit_tests/test_IntrusiveHashMap.cc
index 31659be..a0521a2 100644
--- a/src/tscore/unit_tests/test_IntrusiveHashMap.cc
+++ b/src/tscore/unit_tests/test_IntrusiveHashMap.cc
@@ -216,4 +216,20 @@ TEST_CASE("IntrusiveHashMapManyStrings", 
"[IntrusiveHashMap]")
 }
   }
   REQUIRE(miss_p == false);
+
+  // Check for misses.
+  miss_p = false;
+  for (int i = 0; i < 99; ++i) {
+char s[41];
+auto len = length_gen(randu);
+for (decltype(len) j = 0; j < len; ++j) {
+  s[j] = char_gen(randu);
+}
+std::string_view name(s, len);
+auto spot = ihm.find(name);
+if (spot != ihm.end() && name != spot->_payload) {
+  miss_p = true;
+}
+  }
+  REQUIRE(miss_p == false);
 };

[trafficserver] branch master updated: Corrects path to test file in docs

[amc]

This is an automated email from the ASF dual-hosted git repository.

amc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new b53b66d  Corrects path to test file in docs
b53b66d is described below

commit b53b66db070f4fabcd4795974d723d2f554605fa
Author: Derek Dagit 
AuthorDate: Wed Sep 12 09:24:59 2018 -0500

Corrects path to test file in docs
---
 doc/developer-guide/internal-libraries/intrusive-list.en.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/developer-guide/internal-libraries/intrusive-list.en.rst 
b/doc/developer-guide/internal-libraries/intrusive-list.en.rst
index 251df9a..d5f79f3 100644
--- a/doc/developer-guide/internal-libraries/intrusive-list.en.rst
+++ b/doc/developer-guide/internal-libraries/intrusive-list.en.rst
@@ -190,13 +190,13 @@ In some cases the elements of the list are subclasses and 
the links are declared
 and are therefore of the super class type. For instance, in the unit test a 
class :code:`Thing` is
 defined for testing.
 
-.. literalinclude:: ../../../lib/ts/unit-tests/test_IntrusiveDList.cc
+.. literalinclude:: ../../../src/tscore/unit_tests/test_IntrusiveDList.cc
:lines: 159
 
 Later on, to validate use on a subclass, :code:`PrivateThing` is defined as a 
subclass of
 :code:`Thing`.
 
-.. literalinclude:: ../../../lib/ts/unit-tests/test_IntrusiveDList.cc
+.. literalinclude:: ../../../src/tscore/unit_tests/test_IntrusiveDList.cc
:lines: 181
 
 However, the link members :code:`_next` and :code:`_prev` are of type 
:code:`Thing*` but the
@@ -205,7 +205,7 @@ descriptor for a list of :code:`PrivateThing` must have 
link accessors that retu
 :code:`ts::ptr_ref_cast` that converts a member of type :code:`T*` to a 
reference to a pointer
 to :code:`X`, e.g. :code:`X*&`. This is used in the setup for testing 
:code:`PrivateThing`.
 
-.. literalinclude:: ../../../lib/ts/unit-tests/test_IntrusiveDList.cc
+.. literalinclude:: ../../../src/tscore/unit_tests/test_IntrusiveDList.cc
:lines: 190-199
 
 While this can be done directly with :code:`reinterpret_cast<>`, use of 
:code:`ts::ptr_cast` avoids

[trafficserver] branch master updated: revoke promise when provider is gone

[zzz]

This is an automated email from the ASF dual-hosted git repository.

zzz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 4442c62  revoke promise when provider is gone
4442c62 is described below

commit 4442c629e93e3cc1c75dde59050b3e9b20442cde
Author: Zizhong Zhang 
AuthorDate: Wed Aug 22 16:58:48 2018 -0700

revoke promise when provider is gone
---
 include/tscpp/api/Async.h | 20 +++-
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/include/tscpp/api/Async.h b/include/tscpp/api/Async.h
index d5227f0..b392f49 100644
--- a/include/tscpp/api/Async.h
+++ b/include/tscpp/api/Async.h
@@ -23,9 +23,9 @@
 
 #pragma once
 
-#include 
 #include 
 #include 
+#include 
 
 #include "tscpp/api/noncopyable.h"
 
@@ -91,7 +91,7 @@ public:
 }
   }
 
-  virtual ~AsyncProvider() {}
+  virtual ~AsyncProvider() { this->cancel(); }
 
 protected:
   std::shared_ptr
@@ -137,7 +137,10 @@ public:
   disable() override
   {
 std::lock_guard scopedLock(*dispatch_mutex_);
-event_receiver_ = nullptr;
+if (event_receiver_ != nullptr) {
+  event_receiver_->revokePromise(this);
+  event_receiver_ = nullptr;
+}
   }
 
   bool
@@ -209,13 +212,20 @@ public:
*/
   virtual void handleAsyncComplete(AsyncProviderType &provider) = 0;
   virtual ~AsyncReceiver() {}
+  void
+  revokePromise(AsyncDispatchController, 
AsyncProviderType> *dispatch_controller_ptr)
+  {
+receiver_promises_.erase(dispatch_controller_ptr);
+  }
 
 protected:
   AsyncReceiver() {}
   friend class Async;
 
 private:
-  mutable 
std::list,
 AsyncProviderType>>> receiver_promises_;
+  mutable 
std::unordered_map, 
AsyncProviderType> *,
+ 
std::shared_ptr, 
AsyncProviderType>>>
+receiver_promises_;
 };
 
 /**
@@ -246,7 +256,7 @@ public:
   new AsyncDispatchController, 
AsyncProviderType>(event_receiver, provider, mutex));
 std::shared_ptr, 
AsyncProviderType>> receiver_promise(
   new AsyncReceiverPromise, 
AsyncProviderType>(dispatcher));
-event_receiver->receiver_promises_.push_back(receiver_promise); // now if 
the event receiver dies, we're safe.
+event_receiver->receiver_promises_[dispatcher.get()] = receiver_promise;
 provider->doRun(dispatcher);
   }
 };

[trafficserver] branch quic-latest updated: Print derived secret on key_cb for debug

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/quic-latest by this push:
 new f1da5b0  Print derived secret on key_cb for debug
f1da5b0 is described below

commit f1da5b0872f67a587ed81c57e9f9c9a912715c88
Author: Masaori Koshiba 
AuthorDate: Thu Sep 13 10:32:44 2018 +0900

Print derived secret on key_cb for debug
---
 iocore/net/quic/QUICDebugNames.h   | 2 +-
 iocore/net/quic/QUICTLS_openssl.cc | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/iocore/net/quic/QUICDebugNames.h b/iocore/net/quic/QUICDebugNames.h
index 25411cf..8bc2c10 100644
--- a/iocore/net/quic/QUICDebugNames.h
+++ b/iocore/net/quic/QUICDebugNames.h
@@ -47,7 +47,7 @@ class QUICDebug
 {
 public:
   static void
-  to_hex(uint8_t *out, uint8_t *in, int in_len)
+  to_hex(uint8_t *out, const uint8_t *in, int in_len)
   {
 for (int i = 0; i < in_len; ++i) {
   int u4 = in[i] / 16;
diff --git a/iocore/net/quic/QUICTLS_openssl.cc 
b/iocore/net/quic/QUICTLS_openssl.cc
index 7754ed3..7863e7b 100644
--- a/iocore/net/quic/QUICTLS_openssl.cc
+++ b/iocore/net/quic/QUICTLS_openssl.cc
@@ -172,7 +172,9 @@ key_cb(SSL *ssl, int name, const unsigned char *secret, 
size_t secret_len, const
   break;
 }
 
-uint8_t print_buf[512];
+uint8_t print_buf[128];
+QUICDebug::to_hex(print_buf, static_cast(secret), 
secret_len);
+Debug("vv_quic_crypto", "secret=%s", print_buf);
 QUICDebug::to_hex(print_buf, km->key, km->key_len);
 Debug("vv_quic_crypto", "key=%s", print_buf);
 QUICDebug::to_hex(print_buf, km->iv, km->iv_len);

[trafficserver] branch quic-latest updated: Print error reason on debug log only if it is provided

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/quic-latest by this push:
 new 730a57d  Print error reason on debug log only if it is provided
730a57d is described below

commit 730a57dda5a197427090c950d192d057582a9849
Author: Masaori Koshiba 
AuthorDate: Thu Sep 13 10:39:54 2018 +0900

Print error reason on debug log only if it is provided
---
 iocore/net/QUICNetVConnection.cc | 5 +
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc
index 55a347b..7be9e29 100644
--- a/iocore/net/QUICNetVConnection.cc
+++ b/iocore/net/QUICNetVConnection.cc
@@ -1734,9 +1734,8 @@ 
QUICNetVConnection::_switch_to_closing_state(QUICConnectionErrorUPtr error)
   }
   if (error->msg) {
 QUICConDebug("Reason: %.*s", static_cast(strlen(error->msg)), 
error->msg);
-  } else {
-QUICConDebug("Reason was not provided");
   }
+
   this->_connection_error = std::move(error);
   this->_schedule_packet_write_ready();
 
@@ -1763,8 +1762,6 @@ 
QUICNetVConnection::_switch_to_draining_state(QUICConnectionErrorUPtr error)
   }
   if (error->msg) {
 QUICConDebug("Reason: %.*s", static_cast(strlen(error->msg)), 
error->msg);
-  } else {
-QUICConDebug("Reason was not provided");
   }
 
   this->remove_from_active_queue();

[trafficserver] branch quic-latest updated: Ignore VN packets on closing state

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/quic-latest by this push:
 new d673c78  Ignore VN packets on closing state
d673c78 is described below

commit d673c783ac7c4469ed174f0a2fb5d99df02f8179
Author: Masaori Koshiba 
AuthorDate: Thu Sep 13 15:14:12 2018 +0900

Ignore VN packets on closing state
---
 iocore/net/QUICNetVConnection.cc | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc
index 7be9e29..46557af 100644
--- a/iocore/net/QUICNetVConnection.cc
+++ b/iocore/net/QUICNetVConnection.cc
@@ -1028,7 +1028,14 @@ QUICNetVConnection::_state_closing_receive_packet()
 QUICPacketCreationResult result;
 QUICPacketUPtr packet = this->_dequeue_recv_packet(result);
 if (result == QUICPacketCreationResult::SUCCESS) {
-  this->_recv_and_ack(std::move(packet));
+  switch (packet->type()) {
+  case QUICPacketType::VERSION_NEGOTIATION:
+// Ignore VN packets on closing state
+break;
+  default:
+this->_recv_and_ack(std::move(packet));
+break;
+  }
 }
 ++this->_state_closing_recv_packet_count;