[trafficserver] branch master updated: Enable logging of the Elliptic Curve used to communicate with the client
This is an automated email from the ASF dual-hosted git repository. masaori pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new effbc51 Enable logging of the Elliptic Curve used to communicate with the client effbc51 is described below commit effbc513139988c8a0971fd48adc586f883ba754 Author: Valentin Gutierrez AuthorDate: Tue Jul 16 11:50:55 2019 +0700 Enable logging of the Elliptic Curve used to communicate with the client --- doc/admin-guide/logging/formatting.en.rst | 3 +++ iocore/net/P_SSLNetVConnection.h | 16 proxy/http/HttpSM.cc | 2 ++ proxy/http/HttpSM.h | 1 + proxy/logging/Log.cc | 5 + proxy/logging/LogAccess.cc| 13 + proxy/logging/LogAccess.h | 1 + 7 files changed, 41 insertions(+) diff --git a/doc/admin-guide/logging/formatting.en.rst b/doc/admin-guide/logging/formatting.en.rst index e909f42..dc416d3 100644 --- a/doc/admin-guide/logging/formatting.en.rst +++ b/doc/admin-guide/logging/formatting.en.rst @@ -577,6 +577,7 @@ SSL / Encryption .. _cqssr: .. _cqssv: .. _cqssc: +.. _cqssu: .. _pqssl: Fields which expose the use, or lack thereof, of specific SSL and encryption @@ -592,6 +593,8 @@ cqssr Client Request SSL session ticket reused status; indicates if the current handshake. cqssv Client Request SSL version used to communicate with the client. cqssc Client Request SSL Cipher used by |TS| to communicate with the client. +cqssu Client Request SSL Elliptic Curve used by |TS| to communicate with the + client when using an ECDHE cipher. pqssl Proxy Request Indicates whether the connection from |TS| to the origin was over SSL or not. = == == diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index bea84aa..952cccb 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -37,6 +37,7 @@ #include #include +#include #include "P_EventSystem.h" #include "P_UnixNetVConnection.h" @@ -309,6 +310,21 @@ public: return ssl ? SSL_get_cipher_name(ssl) : nullptr; } + const char * + getSSLCurve() const + { +if (!ssl) { + return nullptr; +} + +int curve_nid = SSL_get_shared_curve(ssl, 0); + +if (curve_nid == NID_undef) { + return nullptr; +} +return OBJ_nid2sn(curve_nid); + } + bool has_tunnel_destination() const { diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 3b9ce8b..8c6afa1 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -481,6 +481,8 @@ HttpSM::attach_client_session(ProxyTransaction *client_vc, IOBufferReader *buffe client_sec_protocol = protocol ? protocol : "-"; const char *cipher = ssl_vc->getSSLCipherSuite(); client_cipher_suite = cipher ? cipher : "-"; +const char *curve= ssl_vc->getSSLCurve(); +client_curve = curve ? curve : "-"; if (!client_tcp_reused) { // Copy along the TLS handshake timings milestones[TS_MILESTONE_TLS_HANDSHAKE_START] = ssl_vc->sslHandshakeBeginTime; diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h index 95ca9d8..829958b 100644 --- a/proxy/http/HttpSM.h +++ b/proxy/http/HttpSM.h @@ -546,6 +546,7 @@ public: const char *client_protocol = "-"; const char *client_sec_protocol = "-"; const char *client_cipher_suite = "-"; + const char *client_curve= "-"; int server_transact_count = 0; TransactionMilestones milestones; diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc index 16e34e9..d38c099 100644 --- a/proxy/logging/Log.cc +++ b/proxy/logging/Log.cc @@ -505,6 +505,11 @@ Log::init_fields() global_field_list.add(field, false); field_symbol_hash.emplace("cqssc", field); + field = new LogField("client_curve", "cqssu", LogField::STRING, ::marshal_client_security_curve, + (LogField::UnmarshalFunc)::unmarshal_str); + global_field_list.add(field, false); + field_symbol_hash.emplace("cqssu", field); + Ptr finish_status_map = make_ptr(new LogFieldAliasTable); finish_status_map->init(N_LOG_FINISH_CODE_TYPES, LOG_FINISH_FIN, "FIN", LOG_FINISH_INTR, "INTR", LOG_FINISH_TIMEOUT, "TIMEOUT"); diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc index d673068..91f6c7f 100644 --- a/proxy/logging/LogAccess.cc +++ b/proxy/logging/LogAccess.cc @@ -1856,6 +1856,19 @@ LogAccess::marshal_client_security_cipher_suite(char *buf) return round_len; } +int +LogAccess::marshal_client_security_curve(char *buf) +{ + const char *curve = m_http_sm->client_curve; + int round_len = LogAccess::strlen(curve); + + if (buf) { +
[trafficserver] branch master updated: Fix typos in log.gold file for tsapi Au test case in merged PR 5706.
This is an automated email from the ASF dual-hosted git repository. rrm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new eb02167 Fix typos in log.gold file for tsapi Au test case in merged PR 5706. eb02167 is described below commit eb021674dc76ae2fe83adba698d02bca299960dc Author: Walter Karas AuthorDate: Tue Jul 16 18:51:23 2019 -0500 Fix typos in log.gold file for tsapi Au test case in merged PR 5706. --- tests/gold_tests/pluginTest/tsapi/log.gold | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/gold_tests/pluginTest/tsapi/log.gold b/tests/gold_tests/pluginTest/tsapi/log.gold index da86247..5274ed1 100644 --- a/tests/gold_tests/pluginTest/tsapi/log.gold +++ b/tests/gold_tests/pluginTest/tsapi/log.gold @@ -1,14 +1,14 @@ Global: event=TS_EVENT_HTTP_TXN_START Global: event=TS_EVENT_HTTP_READ_REQUEST_HDR TSHttpTxnEffectiveUrlStringGet(): http://mYhOsT.teSt:SERVER_PORT/ -TSHttpHdrEffectiveUrlBuffGet(): http://myhost.test:SERVER_PORT/ +TSHttpHdrEffectiveUrlBufGet(): http://myhost.test:SERVER_PORT/ Transaction: event=TS_EVENT_HTTP_READ_REQUEST_HDR TSHttpTxnEffectiveUrlStringGet(): http://mYhOsT.teSt:SERVER_PORT/ -TSHttpHdrEffectiveUrlBuffGet(): http://myhost.test:SERVER_PORT/ +TSHttpHdrEffectiveUrlBufGet(): http://myhost.test:SERVER_PORT/ Global: event=TS_EVENT_HTTP_TXN_START Global: event=TS_EVENT_HTTP_READ_REQUEST_HDR TSHttpTxnEffectiveUrlStringGet(): https://myhost.test:SERVER_PORT/ -TSHttpHdrEffectiveUrlBuffGet(): https://myhost.test:SERVER_PORT/ +TSHttpHdrEffectiveUrlBufGet(): https://myhost.test:SERVER_PORT/ Transaction: event=TS_EVENT_HTTP_READ_REQUEST_HDR TSHttpTxnEffectiveUrlStringGet(): https://myhost.test:SERVER_PORT/ -TSHttpHdrEffectiveUrlBuffGet(): https://myhost.test:SERVER_PORT/ +TSHttpHdrEffectiveUrlBufGet(): https://myhost.test:SERVER_PORT/
[trafficserver] branch master updated: Options to roll empty logs and log trimming
This is an automated email from the ASF dual-hosted git repository. gancho pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new b81422a Options to roll empty logs and log trimming b81422a is described below commit b81422ac723daca585fbe24247832b33309b21a9 Author: Gancho Tenev AuthorDate: Fri Jul 5 17:09:15 2019 -0700 Options to roll empty logs and log trimming Added 2 options: - proxy.config.log.rolling_allow_empty - ability to roll empty logs (i.e. rolling logs without traffic) - proxy.config.log.rolling_max_count - trimming logs to a certain number of rolled files on each rolling More info in records.config.en.rst and rotation.en.rst. --- doc/admin-guide/files/records.config.en.rst | 25 doc/admin-guide/logging/rotation.en.rst | 24 mgmt/RecordsConfig.cc | 4 ++ proxy/logging/LogConfig.cc | 14 - proxy/logging/LogConfig.h | 2 + proxy/logging/LogFile.cc| 89 - proxy/logging/LogFile.h | 3 +- proxy/logging/LogObject.cc | 25 ++-- proxy/logging/LogObject.h | 16 +++--- proxy/logging/YamlLogConfig.cc | 19 -- src/traffic_server/InkAPI.cc| 3 +- 11 files changed, 202 insertions(+), 22 deletions(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 11107d1..fd965b0 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -273,6 +273,31 @@ System Variables order of auto-deletion (if enabled). A default value of 0 means auto-deletion will try to keep output logs as much as possible. See :doc:`../logging/rotation.en` for guidance. +.. ts:cv:: CONFIG proxy.config.output.logfile.rolling_max_count INT 0 + :reloadable: + + Specifies the maximum count of rolled output logs to keep. This value will be used by the + auto-deletion (if enabled) to trim the number of rolled log files every time the log is rolled. + A default value of 0 means auto-deletion will not try to limit the number of output logs. + See :doc:`../logging/rotation.en` for an use-case for this option. + +.. ts:cv:: CONFIG proxy.config.output.logfile.rolling_allow_empty INT 0 + :reloadable: + + While rolling default behavior is to rename, close and re-open the log file *only* when/if there is + something to log to the log file. This option opens a new log file right after rolling even if there + is nothing to log (i.e. nothing to be logged due to lack of requests to the server) + which may lead to 0-sized log files while rollong. See :doc:`../logging/rotation.en` for an use-case + for this option. + + = == + Value Description + = == + ``0`` No empty log files created and rolloed if there was nothing to log + ``1`` Allow empty log files to be created and rolled even if there was nothing to log + = == + + Thread Variables diff --git a/doc/admin-guide/logging/rotation.en.rst b/doc/admin-guide/logging/rotation.en.rst index eaed409..64ed337 100644 --- a/doc/admin-guide/logging/rotation.en.rst +++ b/doc/admin-guide/logging/rotation.en.rst @@ -245,3 +245,27 @@ To set log management options, follow the steps below: #. Run the command :option:`traffic_ctl config reload` to apply the configuration changes. + +Retaining Logs For No More Than a Specified Period +-- + +If for security reasons logs need to be purged to make sure no log entry remains on the box +for more then a specified period of time, we could achieve this by setting the rolling interval, +the maximum number of rolled log files, and forcing |TS| to roll even when there is no traffic. + +Let us say we wanted the oldest log entry to be kept on the box to be no older than 2-hour old. + +Set :ts:cv:`proxy.config.output.logfile.rolling_interval_sec` (yaml: `rolling_interval_sec`) to 3600 (1h) +which will lead to rolling every 1h. + +Set :ts:cv:`proxy.config.output.logfile.rolling_max_count` (yaml: `rolling_max_count`) to 1 +which will lead to keeping only one rolled log file at any moment (rolled will be trimmed on every roll). + +Set :ts:cv:`proxy.config.output.logfile.rolling_allow_empty` (yaml: `rolling_allow_empty`) to 1 (default: 0) +which will allow logs to be open and rolled even if there was nothing to be logged during the previous period +(i.e. no requests to |TS|). + +The above will ensure logs are rolled every 1h hour, only 1 rolled log file to
[trafficserver] branch 0-rtt updated (206384e -> 8345dc1)
This is an automated email from the ASF dual-hosted git repository. duke8253 pushed a change to branch 0-rtt in repository https://gitbox.apache.org/repos/asf/trafficserver.git. from 206384e Reverse internal order of HPACK Dynamic Table Entries add c843446 Remove unused LibBulkIO add d47faa5 Remove unused header file ink_inout.h add 50803ba TSIOBufferReaderCopy: copy data from a reader to a fixed buffer. add eb87569 Separate out common header compression logic to hdrs directory add 8510a1c Log H2 errors with the codes add cfe3fb4 Fix indents in HttpTunnel.cc made by unifdef LAZY_BUF_ALLOC add 2b31945 ja3: append to the last dub if X-JA3-Sig/X-JA3-RAW exist in the client request headers add 7d3446f Make TSVConnInacitivityTimeoutCancel work as expected. add 8461afa Coalesce empty objects in HdrHeap add 3dafb1b Fix typo in lua plugin documentation add 4f9114b Fix client transaction stats add 4adfad3 Cleanup example directory add ee1467f Update autest for example plugins location add 26c039d HTTP/2 - tweak for better field name handling. add 8a8dfd2 Tries to use linux specific tcpinfo fields add 426fd28 fix race condition in test add 6a4b6ca Add a required library to "Getting Started" docs add 70ebf86 Change default proxy name to be "traffic-server", not the build machine. Closes issue 3135 add fd5c84a Convert regression tests for XPACK into Catch based unit tests add dd3d500 Update docs to document wipe_field_action that we use in production add 37bf053 Fix formatting add 1611d03 In test_hooks Au test case, add work-around for flakeyness of VCONN start/close events. add 37ae0d3 Remove header_rewrite conditions deprecated in previous versions add 3a6983f Fixes autodetect of brotli add 9b567e4 Add optional normalization of scheme and host to lower case letters in effective URLs. add 8345dc1 Sets macOS luajit linker flags only when luajit detected No new revisions were added by this update. Summary of changes: .gitignore | 3 +- build/brotli.m4| 9 +- build/luajit.m4| 6 +- configure.ac | 9 +- doc/admin-guide/files/logging.yaml.en.rst | 12 +- doc/admin-guide/plugins/header_rewrite.en.rst | 50 + doc/admin-guide/plugins/ja3_fingerprint.en.rst | 3 +- doc/admin-guide/plugins/lua.en.rst | 2 +- doc/admin-guide/plugins/tcpinfo.en.rst | 13 ++ .../api/functions/TSIOBufferReader.en.rst | 91 + .../api/functions/TSSslClientCertUpdate.en.rst | 4 +- .../api/functions/TSUrlStringGet.en.rst| 28 ++- doc/getting-started/index.en.rst | 1 + example/cert_update/cert_update.cc | 86 - example/client_context_dump/client_context_dump.cc | 190 -- include/ts/InkAPIPrivateIOCore.h | 1 - include/ts/ts.h| 14 +- include/tscore/ParseRules.h| 4 +- include/tscore/ink_inout.h | 82 iocore/eventsystem/IOBuffer.cc | 4 +- iocore/eventsystem/I_IOBuffer.h| 2 +- iocore/net/Makefile.am | 2 - iocore/net/P_InkBulkIO.h | 166 iocore/net/P_LibBulkIO.h | 172 - iocore/net/P_Net.h | 1 - iocore/net/P_UnixNetVConnection.h | 4 +- iocore/net/UnixUDPNet.cc | 2 - mgmt/RecordsConfig.cc | 2 +- .../ja3_fingerprint/ja3_fingerprint.cc | 43 +++-- plugins/header_rewrite/conditions.cc | 108 --- plugins/header_rewrite/conditions.h| 56 -- plugins/header_rewrite/factory.cc | 6 - plugins/header_rewrite/header_rewrite_test.cc | 12 +- plugins/tcpinfo/tcpinfo.cc | 28 ++- proxy/ProxyTransaction.cc | 3 + proxy/hdrs/HTTP.cc | 20 +- proxy/hdrs/HTTP.h | 19 +- proxy/hdrs/HdrHeap.cc | 20 +- proxy/{http2 => hdrs}/HuffmanCodec.cc | 0 proxy/{http2 => hdrs}/HuffmanCodec.h | 0 proxy/hdrs/MIME.cc | 35 +++- proxy/hdrs/MIME.h | 2 + proxy/hdrs/Makefile.am | 35 +++- proxy/hdrs/URL.cc | 16 +- proxy/hdrs/URL.h | 24 +-- proxy/hdrs/XPACK.cc| 202
[trafficserver] branch master updated: Sets macOS luajit linker flags only when luajit detected
This is an automated email from the ASF dual-hosted git repository. rrm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 8345dc1 Sets macOS luajit linker flags only when luajit detected 8345dc1 is described below commit 8345dc1c9e5fa0e88905318635f759a13672a3d3 Author: Randall Meyer AuthorDate: Mon Jul 15 09:21:28 2019 -0700 Sets macOS luajit linker flags only when luajit detected --- build/luajit.m4 | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/build/luajit.m4 b/build/luajit.m4 index 6ca0251..bb48619 100644 --- a/build/luajit.m4 +++ b/build/luajit.m4 @@ -168,9 +168,11 @@ fi TS_ARG_ENABLE_VAR([has],[luajit]) AM_CONDITIONAL([HAS_LUAJIT], [test 0 -ne $has_luajit]) -# On Darwin, LuaJIT requires magic link options for a program loading or running with LuaJIT, -# otherwise it will crash in luaL_openlibs() at startup. See http://luajit.org/install.html for more details +dnl On Darwin, LuaJIT requires magic link options for a program loading or running with LuaJIT, +dnl otherwise it will crash in luaL_openlibs() at startup. See http://luajit.org/install.html for more details +if test 0 "$has_luajit" -ne 0; then AC_SUBST([LUAJIT_DARWIN_LDFLAGS], ["-Wl,-pagezero_size,1 -Wl,-image_base,1"]) +fi AM_CONDITIONAL([IS_DARWIN], [test x$(uname) = xDarwin]) ])
[trafficserver] branch master updated: Add optional normalization of scheme and host to lower case letters in effective URLs.
This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 9b567e4 Add optional normalization of scheme and host to lower case letters in effective URLs. 9b567e4 is described below commit 9b567e4ee0b4cd5e32158b414e0b5383b998407e Author: Walter Karas AuthorDate: Mon Apr 1 13:08:29 2019 -0500 Add optional normalization of scheme and host to lower case letters in effective URLs. - Adds new TS API function TSHttpHdrEffectiveUrlBuffGet() (which also puts the URL in a user-allocated buffer). - Adds 'normalized' parameter (defaults to false) to HTTPHdr::url_string_get(). - Adds 'normalized' parameter (defaults to false) to url_print(), url_string_get(), url_string_get_ref(). - Adds 'normalized' parameter (defaults to false) to URL::string_get(), URL::string_get_ref(), URL::print(). This will make it possible to check URLs output by these functions for equivalence by doing a simple string compare. --- .../api/functions/TSUrlStringGet.en.rst| 28 +- include/ts/ts.h| 13 ++- proxy/hdrs/HTTP.cc | 20 -- proxy/hdrs/HTTP.h | 19 +++--- proxy/hdrs/MIME.cc | 35 ++--- proxy/hdrs/MIME.h | 2 + proxy/hdrs/URL.cc | 16 proxy/hdrs/URL.h | 24 ++-- src/traffic_server/InkAPI.cc | 37 ++ tests/gold_tests/pluginTest/tsapi/log.gold | 8 +++- tests/gold_tests/pluginTest/tsapi/tsapi.test.py| 6 +-- tests/tools/plugins/test_tsapi.cc | 44 ++ 12 files changed, 210 insertions(+), 42 deletions(-) diff --git a/doc/developer-guide/api/functions/TSUrlStringGet.en.rst b/doc/developer-guide/api/functions/TSUrlStringGet.en.rst index 46d7e23..506a5e8 100644 --- a/doc/developer-guide/api/functions/TSUrlStringGet.en.rst +++ b/doc/developer-guide/api/functions/TSUrlStringGet.en.rst @@ -31,6 +31,7 @@ Synopsis .. function:: char * TSUrlStringGet(TSMBuffer bufp, TSMLoc offset, int * length) .. function:: char * TSHttpTxnEffectiveUrlStringGet(TSHttpTxn txn, int * length) +.. function:: TSReturnCode TSHttpHdrEffectiveUrlBufGet(TSMBuffer hdr_buf, TSMLoc hdr_loc, char * buf, int64_t size, int64_t* length) .. function:: int TSUrlLengthGet(TSMBuffer bufp, TSMLoc offset) .. function:: void TSUrlPrint(TSMBuffer bufp, TSMLoc offset, TSIOBuffer iobufp) @@ -50,7 +51,7 @@ call to :func:`TSmalloc` and must be freed by a call to :func:`TSfree`. If lengt then no attempt is made to de-reference it. The returned string is not guaranteed to have a null terminator - :arg:`length` must be used to correctly display the string. -:func:`TSHttpTxnEffectiveUrlStringGet` is similar to :func:`TSUrlStringGet`. The two differences are +:func:`TSHttpTxnEffectiveUrlStringGet` is similar to :func:`TSUrlStringGet`. The two differences are: * The source is transaction :arg:`txn` and the URL is retrieved from the client request in that transaction. @@ -61,6 +62,31 @@ terminator - :arg:`length` must be used to correctly display the string. This function is useful to guarantee a URL that is as complete as possible given the specific request. +:func:`TSHttpHdrEffectiveUrlBufGet` returns the effective URL for any HTTP request (not just the client request). +If the request has a Host header field (and the URL does not contain a host specifier), the host specifier the header +provides is inserted into the URL. The host and +scheme in the returned URL will be normalized to lower case letters (to make URL comparisons simple and fast). +This prints the effective URL for the header specified by :arg:`hdr_buf` and +:arg:`hdr_loc` to the buffer starting at :arg:`buf`. If the effective URL is longer than :arg:`size`, nothing is +written to :arg:`buf`. Note that this is not considered an error case, the function will still return `TS_SUCCESS`. +It is the responsibility of the caller to check this result to determine if output was generated. +The full length of the URL is always returned in :arg:`*length` when the function returns `TS_SUCCESS`. + +The typical usage would be +:: + + TSMBuffer hdr_buf; + TSMLoc hdr_loc; + TSHttpTxnServerReqGet(txn, _buf, _loc); + int64_t length; + char store[2048]; + char *buf = store; + TSHttpHdrEffectiveUrlBufGet(hdr_buf, hdr_loc, buf, sizeof(store), ); + if (length > sizeof(store)) { +buf = static_cast(malloc(length)); +TSHttpHdrEffectiveUrlBufGet(hdr_buf, hdr_loc, buf, length, ); + } + :func:`TSUrlLengthGet` calculates the length of the URL located at :arg:`offset` within
[trafficserver] branch master updated: Remove header_rewrite conditions deprecated in previous versions
This is an automated email from the ASF dual-hosted git repository. rrm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 37ae0d3 Remove header_rewrite conditions deprecated in previous versions 37ae0d3 is described below commit 37ae0d34b2ad6a44e42c3fe88925f0f98682ba0c Author: Randall Meyer AuthorDate: Mon Jul 15 17:09:59 2019 -0700 Remove header_rewrite conditions deprecated in previous versions --- doc/admin-guide/plugins/header_rewrite.en.rst | 50 +--- plugins/header_rewrite/conditions.cc | 108 -- plugins/header_rewrite/conditions.h | 56 - plugins/header_rewrite/factory.cc | 6 -- plugins/header_rewrite/header_rewrite_test.cc | 12 +-- 5 files changed, 7 insertions(+), 225 deletions(-) diff --git a/doc/admin-guide/plugins/header_rewrite.en.rst b/doc/admin-guide/plugins/header_rewrite.en.rst index 05267b5..e5951e7 100644 --- a/doc/admin-guide/plugins/header_rewrite.en.rst +++ b/doc/admin-guide/plugins/header_rewrite.en.rst @@ -323,7 +323,7 @@ This condition provides access to information about the inbound (client, user ag The data that can be checked is :: %{INBOUND:LOCAL-ADDR} The local (ATS) address for the connection. Equivalent to %{IP:INBOUND}. - %{INBOUND:LOCAL-PORT} The local (ATS) port for the connection. Equivalent to %{INCOMING-PORT}. + %{INBOUND:LOCAL-PORT} The local (ATS) port for the connection. %{INBOUND:REMOTE-ADDR} The client address for the connection. Equivalent to %{IP:CLIENT}. %{INBOUND:REMOTE-PORT} The client port for the connection. %{INBOUND:TLS} The TLS protocol if the connection is over TLS, otherwise the empty string. @@ -351,17 +351,6 @@ which is true when the connection is not TLS. The arguments ``H2``, ``IPV4``, an same way. -INCOMING-PORT -~ -:: - -cond %{INCOMING-PORT} - -TCP port, as a decimal integer, on which the incoming client connection was -made. - -This condition is *deprecated* as of ATS v8.0.x, please use ``%{INBOUND:LOCAL-PORT}`` instead. - IP ~~ :: @@ -387,8 +376,6 @@ actually as a value to an operator, e.g. :: set-header X-Server-IP %{IP:SERVER} set-header X-Outbound-IP %{IP:OUTBOUND} -Finally, this new condition replaces the old %{CLIENT-IP} condition, which is -now properly deprecated. It will be removed as of ATS v8.0.0. INTERNAL-TRANSACTION @@ -430,37 +417,6 @@ values, such as year, month etc. %{NOW:WEEKDAY} Current weekday (0-6, 0 == Sunday) %{NOW:YEARDAY} Current day of the year (0-365, 0 == Jan 1st) -PATH - -:: - -cond %{PATH} - -The path component of the transaction. This does NOT include the leading ``/`` that -immediately follows the hostname and terminates prior to the ``?`` signifying -the beginning of query parameters (or the end of the URL, whichever occurs -first). - -Refer to `Requests vs. Responses`_ for more information on determining the -context in which the transaction's URL is evaluated. - -This condition is *deprecated* as of ATS v7.1.x, please use e.g. %{URL:PATH} -or %{CLIENT-URL:PATH} instead. - - -QUERY -~ -:: - -cond %{QUERY} - -The query parameters, if any, of the transaction. Refer to `Requests vs. -Responses`_ for more information on determining the context in which the -transaction's URL is evaluated. - -This condition is *deprecated* as of ATS v7.1.x, please use e.g. %{URL:QUERY} -or %{CLIENT-URL:QUERY} instead. - RANDOM ~~ @@ -998,10 +954,6 @@ evaluated and will adjust using request or response entities automatically: - `METHOD`_ -- `PATH`_ - -- `QUERY`_ - - `URL`_ Affected Operators diff --git a/plugins/header_rewrite/conditions.cc b/plugins/header_rewrite/conditions.cc index 92cac5d..380d270 100644 --- a/plugins/header_rewrite/conditions.cc +++ b/plugins/header_rewrite/conditions.cc @@ -248,83 +248,6 @@ ConditionHeader::eval(const Resources ) return static_cast(_matcher)->test(s); } -// ConditionPath -void -ConditionPath::initialize(Parser ) -{ - Condition::initialize(p); - MatcherType *match = new MatcherType(_cond_op); - - match->set(p.get_arg()); - _matcher = match; -} - -void -ConditionPath::append_value(std::string , const Resources ) -{ - TSMBuffer bufp; - TSMLoc url_loc; - - if (TSHttpTxnPristineUrlGet(res.txnp, , _loc) == TS_SUCCESS) { -int path_length; -const char *path = TSUrlPathGet(bufp, url_loc, _length); - -if (path && path_length) { - s.append(path, path_length); -} - -TSHandleMLocRelease(bufp, TS_NULL_MLOC, url_loc); - } -} - -bool -ConditionPath::eval(const Resources ) -{ - std::string s; - - append_value(s, res); - TSDebug(PLUGIN_NAME, "Evaluating PATH()"); - - return static_cast(_matcher)->test(s); -} - -// ConditionQuery -void
[trafficserver] branch master updated: Fixes autodetect of brotli
This is an automated email from the ASF dual-hosted git repository. rrm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 3a6983f Fixes autodetect of brotli 3a6983f is described below commit 3a6983fce6f8bb03698c7bcd31a4203e1fe2cc08 Author: Randall Meyer AuthorDate: Mon Jul 15 14:05:47 2019 -0700 Fixes autodetect of brotli PKG_CHECK_EXISTS expects the lowercase name of the library to be searched for. Closes issue #5576 --- build/brotli.m4 | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/build/brotli.m4 b/build/brotli.m4 index b9c0261..2d35a7b 100644 --- a/build/brotli.m4 +++ b/build/brotli.m4 @@ -80,11 +80,14 @@ AC_CHECK_HEADER([brotli/encode.h], [], [has_brotli=0]) AC_CHECK_LIB([brotlienc], BrotliEncoderCreateInstance, [:], [has_brotli=0]) if test "x$has_brotli" == "x0"; then -PKG_CHECK_EXISTS([LIBBROTLIENC], +PKG_CHECK_EXISTS([libbrotlienc], [ PKG_CHECK_MODULES([LIBBROTLIENC], [libbrotlienc >= 0.6.0], [ -AC_SUBST([BROTLIENC_LIB], [$LIBBROTLIENC_LIBS]) -AC_SUBST([BROTLIENC_CFLAGS], [$LIBBROTLIENC_CFLAGS]) +AC_CHECK_HEADERS(brotli/encode.h, [brotli_have_headers=1]) +if test "$brotli_have_headers" != "0"; then +AC_SUBST([BROTLIENC_LIB], [$LIBBROTLIENC_LIBS]) +AC_SUBST([BROTLIENC_CFLAGS], [$LIBBROTLIENC_CFLAGS]) +fi ], []) ], []) else
[trafficserver] branch master updated: In test_hooks Au test case, add work-around for flakeyness of VCONN start/close events.
This is an automated email from the ASF dual-hosted git repository. shinrich pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git The following commit(s) were added to refs/heads/master by this push: new 1611d03 In test_hooks Au test case, add work-around for flakeyness of VCONN start/close events. 1611d03 is described below commit 1611d03d04e51d4966c6d960130b587781c91098 Author: Walter Karas AuthorDate: Mon Jul 15 16:58:39 2019 -0500 In test_hooks Au test case, add work-around for flakeyness of VCONN start/close events. --- tests/gold_tests/pluginTest/test_hooks/clean.sh | 20 .../pluginTest/test_hooks/test_hooks.test.py | 7 +++ 2 files changed, 27 insertions(+) diff --git a/tests/gold_tests/pluginTest/test_hooks/clean.sh b/tests/gold_tests/pluginTest/test_hooks/clean.sh new file mode 100644 index 000..4159eff --- /dev/null +++ b/tests/gold_tests/pluginTest/test_hooks/clean.sh @@ -0,0 +1,20 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +while [[ "$(head -n 1 log.txt)" = "Global: event=TS_EVENT_VCONN_START" ]] +do +sed "1,4d" < log.txt > tlog.txt ; rm log.txt ; mv tlog.txt log.txt +done diff --git a/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py b/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py index 5871802..a35c87f 100644 --- a/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py +++ b/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py @@ -78,6 +78,13 @@ tr.Processes.Default.Command = ( ) tr.Processes.Default.ReturnCode = 0 +# The probing of the ATS port to detect when ATS is ready may be seen by ATS as a VCONN start/close, so filter out these +# events from the log file. +# +tr = Test.AddTestRun() +tr.Processes.Default.Command = "cd " + Test.RunDirectory + " ; . " + Test.TestDirectory + "/clean.sh" +tr.Processes.Default.ReturnCode = 0 + tr = Test.AddTestRun() tr.Processes.Default.Command = "echo check log" tr.Processes.Default.ReturnCode = 0