[trafficserver] branch master updated: Enable logging of the Elliptic Curve used to communicate with the client

[masaori]

This is an automated email from the ASF dual-hosted git repository.

masaori pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new effbc51  Enable logging of the Elliptic Curve used to communicate with 
the client
effbc51 is described below

commit effbc513139988c8a0971fd48adc586f883ba754
Author: Valentin Gutierrez 
AuthorDate: Tue Jul 16 11:50:55 2019 +0700

Enable logging of the Elliptic Curve used to communicate with the client
---
 doc/admin-guide/logging/formatting.en.rst |  3 +++
 iocore/net/P_SSLNetVConnection.h  | 16 
 proxy/http/HttpSM.cc  |  2 ++
 proxy/http/HttpSM.h   |  1 +
 proxy/logging/Log.cc  |  5 +
 proxy/logging/LogAccess.cc| 13 +
 proxy/logging/LogAccess.h |  1 +
 7 files changed, 41 insertions(+)

diff --git a/doc/admin-guide/logging/formatting.en.rst 
b/doc/admin-guide/logging/formatting.en.rst
index e909f42..dc416d3 100644
--- a/doc/admin-guide/logging/formatting.en.rst
+++ b/doc/admin-guide/logging/formatting.en.rst
@@ -577,6 +577,7 @@ SSL / Encryption
 .. _cqssr:
 .. _cqssv:
 .. _cqssc:
+.. _cqssu:
 .. _pqssl:
 
 Fields which expose the use, or lack thereof, of specific SSL and encryption
@@ -592,6 +593,8 @@ cqssr Client Request SSL session ticket reused status; 
indicates if the current
  handshake.
 cqssv Client Request SSL version used to communicate with the client.
 cqssc Client Request SSL Cipher used by |TS| to communicate with the client.
+cqssu Client Request SSL Elliptic Curve used by |TS| to communicate with the
+ client when using an ECDHE cipher.
 pqssl Proxy Request  Indicates whether the connection from |TS| to the origin
  was over SSL or not.
 = == ==
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index bea84aa..952cccb 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -37,6 +37,7 @@
 
 #include 
 #include 
+#include 
 
 #include "P_EventSystem.h"
 #include "P_UnixNetVConnection.h"
@@ -309,6 +310,21 @@ public:
 return ssl ? SSL_get_cipher_name(ssl) : nullptr;
   }
 
+  const char *
+  getSSLCurve() const
+  {
+if (!ssl) {
+  return nullptr;
+}
+
+int curve_nid = SSL_get_shared_curve(ssl, 0);
+
+if (curve_nid == NID_undef) {
+  return nullptr;
+}
+return OBJ_nid2sn(curve_nid);
+  }
+
   bool
   has_tunnel_destination() const
   {
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 3b9ce8b..8c6afa1 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -481,6 +481,8 @@ HttpSM::attach_client_session(ProxyTransaction *client_vc, 
IOBufferReader *buffe
 client_sec_protocol  = protocol ? protocol : "-";
 const char *cipher   = ssl_vc->getSSLCipherSuite();
 client_cipher_suite  = cipher ? cipher : "-";
+const char *curve= ssl_vc->getSSLCurve();
+client_curve = curve ? curve : "-";
 if (!client_tcp_reused) {
   // Copy along the TLS handshake timings
   milestones[TS_MILESTONE_TLS_HANDSHAKE_START] = 
ssl_vc->sslHandshakeBeginTime;
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index 95ca9d8..829958b 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -546,6 +546,7 @@ public:
   const char *client_protocol = "-";
   const char *client_sec_protocol = "-";
   const char *client_cipher_suite = "-";
+  const char *client_curve= "-";
   int server_transact_count   = 0;
 
   TransactionMilestones milestones;
diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc
index 16e34e9..d38c099 100644
--- a/proxy/logging/Log.cc
+++ b/proxy/logging/Log.cc
@@ -505,6 +505,11 @@ Log::init_fields()
   global_field_list.add(field, false);
   field_symbol_hash.emplace("cqssc", field);
 
+  field = new LogField("client_curve", "cqssu", LogField::STRING, 
::marshal_client_security_curve,
+   (LogField::UnmarshalFunc)::unmarshal_str);
+  global_field_list.add(field, false);
+  field_symbol_hash.emplace("cqssu", field);
+
   Ptr finish_status_map = make_ptr(new LogFieldAliasTable);
   finish_status_map->init(N_LOG_FINISH_CODE_TYPES, LOG_FINISH_FIN, "FIN", 
LOG_FINISH_INTR, "INTR", LOG_FINISH_TIMEOUT, "TIMEOUT");
 
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index d673068..91f6c7f 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -1856,6 +1856,19 @@ LogAccess::marshal_client_security_cipher_suite(char 
*buf)
   return round_len;
 }
 
+int
+LogAccess::marshal_client_security_curve(char *buf)
+{
+  const char *curve = m_http_sm->client_curve;
+  int round_len = LogAccess::strlen(curve);
+
+  if (buf) {
+

[trafficserver] branch master updated: Fix typos in log.gold file for tsapi Au test case in merged PR 5706.

[rrm]

This is an automated email from the ASF dual-hosted git repository.

rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new eb02167  Fix typos in log.gold file for tsapi Au test case in merged 
PR 5706.
eb02167 is described below

commit eb021674dc76ae2fe83adba698d02bca299960dc
Author: Walter Karas 
AuthorDate: Tue Jul 16 18:51:23 2019 -0500

Fix typos in log.gold file for tsapi Au test case in merged PR 5706.
---
 tests/gold_tests/pluginTest/tsapi/log.gold | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/gold_tests/pluginTest/tsapi/log.gold 
b/tests/gold_tests/pluginTest/tsapi/log.gold
index da86247..5274ed1 100644
--- a/tests/gold_tests/pluginTest/tsapi/log.gold
+++ b/tests/gold_tests/pluginTest/tsapi/log.gold
@@ -1,14 +1,14 @@
 Global: event=TS_EVENT_HTTP_TXN_START
 Global: event=TS_EVENT_HTTP_READ_REQUEST_HDR
 TSHttpTxnEffectiveUrlStringGet():  http://mYhOsT.teSt:SERVER_PORT/
-TSHttpHdrEffectiveUrlBuffGet():  http://myhost.test:SERVER_PORT/
+TSHttpHdrEffectiveUrlBufGet():  http://myhost.test:SERVER_PORT/
 Transaction: event=TS_EVENT_HTTP_READ_REQUEST_HDR
 TSHttpTxnEffectiveUrlStringGet():  http://mYhOsT.teSt:SERVER_PORT/
-TSHttpHdrEffectiveUrlBuffGet():  http://myhost.test:SERVER_PORT/
+TSHttpHdrEffectiveUrlBufGet():  http://myhost.test:SERVER_PORT/
 Global: event=TS_EVENT_HTTP_TXN_START
 Global: event=TS_EVENT_HTTP_READ_REQUEST_HDR
 TSHttpTxnEffectiveUrlStringGet():  https://myhost.test:SERVER_PORT/
-TSHttpHdrEffectiveUrlBuffGet():  https://myhost.test:SERVER_PORT/
+TSHttpHdrEffectiveUrlBufGet():  https://myhost.test:SERVER_PORT/
 Transaction: event=TS_EVENT_HTTP_READ_REQUEST_HDR
 TSHttpTxnEffectiveUrlStringGet():  https://myhost.test:SERVER_PORT/
-TSHttpHdrEffectiveUrlBuffGet():  https://myhost.test:SERVER_PORT/
+TSHttpHdrEffectiveUrlBufGet():  https://myhost.test:SERVER_PORT/

[trafficserver] branch master updated: Options to roll empty logs and log trimming

[gancho]

This is an automated email from the ASF dual-hosted git repository.

gancho pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new b81422a  Options to roll empty logs and log trimming
b81422a is described below

commit b81422ac723daca585fbe24247832b33309b21a9
Author: Gancho Tenev 
AuthorDate: Fri Jul 5 17:09:15 2019 -0700

Options to roll empty logs and log trimming

Added 2 options:
- proxy.config.log.rolling_allow_empty - ability to roll empty logs
(i.e. rolling logs without traffic)
- proxy.config.log.rolling_max_count - trimming logs to a certain
number of rolled files on each rolling
More info in records.config.en.rst and rotation.en.rst.
---
 doc/admin-guide/files/records.config.en.rst | 25 
 doc/admin-guide/logging/rotation.en.rst | 24 
 mgmt/RecordsConfig.cc   |  4 ++
 proxy/logging/LogConfig.cc  | 14 -
 proxy/logging/LogConfig.h   |  2 +
 proxy/logging/LogFile.cc| 89 -
 proxy/logging/LogFile.h |  3 +-
 proxy/logging/LogObject.cc  | 25 ++--
 proxy/logging/LogObject.h   | 16 +++---
 proxy/logging/YamlLogConfig.cc  | 19 --
 src/traffic_server/InkAPI.cc|  3 +-
 11 files changed, 202 insertions(+), 22 deletions(-)

diff --git a/doc/admin-guide/files/records.config.en.rst 
b/doc/admin-guide/files/records.config.en.rst
index 11107d1..fd965b0 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -273,6 +273,31 @@ System Variables
order of auto-deletion (if enabled). A default value of 0 means 
auto-deletion will try to keep
output logs as much as possible. See :doc:`../logging/rotation.en` for 
guidance.
 
+.. ts:cv:: CONFIG proxy.config.output.logfile.rolling_max_count INT 0
+   :reloadable:
+
+   Specifies the maximum count of rolled output logs to keep. This value will 
be used by the
+   auto-deletion (if enabled) to trim the number of rolled log files every 
time the log is rolled.
+   A default value of 0 means auto-deletion will not try to limit the number 
of output logs.
+   See :doc:`../logging/rotation.en` for an use-case for this option.
+
+.. ts:cv:: CONFIG proxy.config.output.logfile.rolling_allow_empty INT 0
+   :reloadable:
+
+   While rolling default behavior is to rename, close and re-open the log file 
*only* when/if there is
+   something to log to the log file. This option opens a new log file right 
after rolling even if there
+   is nothing to log (i.e. nothing to be logged due to lack of requests to the 
server)
+   which may lead to 0-sized log files while rollong. See 
:doc:`../logging/rotation.en` for an use-case
+   for this option.
+
+   = ==
+   Value Description
+   = ==
+   ``0`` No empty log files created and rolloed if there was nothing to log
+   ``1`` Allow empty log files to be created and  rolled even if there was 
nothing to log
+   = ==
+
+
 Thread Variables
 
 
diff --git a/doc/admin-guide/logging/rotation.en.rst 
b/doc/admin-guide/logging/rotation.en.rst
index eaed409..64ed337 100644
--- a/doc/admin-guide/logging/rotation.en.rst
+++ b/doc/admin-guide/logging/rotation.en.rst
@@ -245,3 +245,27 @@ To set log management options, follow the steps below:
 #. Run the command :option:`traffic_ctl config reload` to apply the 
configuration
changes.
 
+
+Retaining Logs For No More Than a Specified Period
+--
+
+If for security reasons logs need to be purged to make sure no log entry 
remains on the box
+for more then a specified period of time, we could achieve this by setting the 
rolling interval,
+the maximum number of rolled log files, and forcing |TS| to roll even when 
there is no traffic.
+
+Let us say we wanted the oldest log entry to be kept on the box to be no older 
than 2-hour old.
+
+Set :ts:cv:`proxy.config.output.logfile.rolling_interval_sec` (yaml: 
`rolling_interval_sec`) to 3600 (1h)
+which will lead to rolling every 1h.
+
+Set :ts:cv:`proxy.config.output.logfile.rolling_max_count` (yaml: 
`rolling_max_count`) to 1
+which will lead to keeping only one rolled log file at any moment (rolled will 
be trimmed on every roll).
+
+Set :ts:cv:`proxy.config.output.logfile.rolling_allow_empty` (yaml: 
`rolling_allow_empty`) to 1 (default: 0)
+which will allow logs to be open and rolled even if there was nothing to be 
logged during the previous period
+(i.e. no requests to |TS|).
+
+The above will ensure logs are rolled every 1h hour, only 1 rolled log file to 

[trafficserver] branch 0-rtt updated (206384e -> 8345dc1)

[duke8253]

This is an automated email from the ASF dual-hosted git repository.

duke8253 pushed a change to branch 0-rtt
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.


from 206384e  Reverse internal order of HPACK Dynamic Table Entries
 add c843446  Remove unused LibBulkIO
 add d47faa5  Remove unused header file ink_inout.h
 add 50803ba  TSIOBufferReaderCopy: copy data from a reader to a fixed 
buffer.
 add eb87569  Separate out common header compression logic to hdrs directory
 add 8510a1c  Log H2 errors with the codes
 add cfe3fb4  Fix indents in HttpTunnel.cc made by unifdef LAZY_BUF_ALLOC
 add 2b31945  ja3: append to the last dub if X-JA3-Sig/X-JA3-RAW exist in 
the client request headers
 add 7d3446f  Make TSVConnInacitivityTimeoutCancel work as expected.
 add 8461afa  Coalesce empty objects in HdrHeap
 add 3dafb1b  Fix typo in lua plugin documentation
 add 4f9114b  Fix client transaction stats
 add 4adfad3  Cleanup example directory
 add ee1467f  Update autest for example plugins location
 add 26c039d  HTTP/2 - tweak for better field name handling.
 add 8a8dfd2  Tries to use linux specific tcpinfo fields
 add 426fd28  fix race condition in test
 add 6a4b6ca  Add a required library to "Getting Started" docs
 add 70ebf86  Change default proxy name to be "traffic-server", not the 
build machine. Closes issue 3135
 add fd5c84a  Convert regression tests for XPACK into Catch based unit tests
 add dd3d500  Update docs to document wipe_field_action that we use in 
production
 add 37bf053  Fix formatting
 add 1611d03  In test_hooks Au test case, add work-around for flakeyness of 
VCONN start/close events.
 add 37ae0d3  Remove header_rewrite conditions deprecated in previous 
versions
 add 3a6983f  Fixes autodetect of brotli
 add 9b567e4  Add optional normalization of scheme and host to lower case 
letters in effective URLs.
 add 8345dc1  Sets macOS luajit linker flags only when luajit detected

No new revisions were added by this update.

Summary of changes:
 .gitignore |   3 +-
 build/brotli.m4|   9 +-
 build/luajit.m4|   6 +-
 configure.ac   |   9 +-
 doc/admin-guide/files/logging.yaml.en.rst  |  12 +-
 doc/admin-guide/plugins/header_rewrite.en.rst  |  50 +
 doc/admin-guide/plugins/ja3_fingerprint.en.rst |   3 +-
 doc/admin-guide/plugins/lua.en.rst |   2 +-
 doc/admin-guide/plugins/tcpinfo.en.rst |  13 ++
 .../api/functions/TSIOBufferReader.en.rst  |  91 +
 .../api/functions/TSSslClientCertUpdate.en.rst |   4 +-
 .../api/functions/TSUrlStringGet.en.rst|  28 ++-
 doc/getting-started/index.en.rst   |   1 +
 example/cert_update/cert_update.cc |  86 -
 example/client_context_dump/client_context_dump.cc | 190 --
 include/ts/InkAPIPrivateIOCore.h   |   1 -
 include/ts/ts.h|  14 +-
 include/tscore/ParseRules.h|   4 +-
 include/tscore/ink_inout.h |  82 
 iocore/eventsystem/IOBuffer.cc |   4 +-
 iocore/eventsystem/I_IOBuffer.h|   2 +-
 iocore/net/Makefile.am |   2 -
 iocore/net/P_InkBulkIO.h   | 166 
 iocore/net/P_LibBulkIO.h   | 172 -
 iocore/net/P_Net.h |   1 -
 iocore/net/P_UnixNetVConnection.h  |   4 +-
 iocore/net/UnixUDPNet.cc   |   2 -
 mgmt/RecordsConfig.cc  |   2 +-
 .../ja3_fingerprint/ja3_fingerprint.cc |  43 +++--
 plugins/header_rewrite/conditions.cc   | 108 ---
 plugins/header_rewrite/conditions.h|  56 --
 plugins/header_rewrite/factory.cc  |   6 -
 plugins/header_rewrite/header_rewrite_test.cc  |  12 +-
 plugins/tcpinfo/tcpinfo.cc |  28 ++-
 proxy/ProxyTransaction.cc  |   3 +
 proxy/hdrs/HTTP.cc |  20 +-
 proxy/hdrs/HTTP.h  |  19 +-
 proxy/hdrs/HdrHeap.cc  |  20 +-
 proxy/{http2 => hdrs}/HuffmanCodec.cc  |   0
 proxy/{http2 => hdrs}/HuffmanCodec.h   |   0
 proxy/hdrs/MIME.cc |  35 +++-
 proxy/hdrs/MIME.h  |   2 +
 proxy/hdrs/Makefile.am |  35 +++-
 proxy/hdrs/URL.cc  |  16 +-
 proxy/hdrs/URL.h   |  24 +--
 proxy/hdrs/XPACK.cc| 202 

[trafficserver] branch master updated: Sets macOS luajit linker flags only when luajit detected

[rrm]

This is an automated email from the ASF dual-hosted git repository.

rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 8345dc1  Sets macOS luajit linker flags only when luajit detected
8345dc1 is described below

commit 8345dc1c9e5fa0e88905318635f759a13672a3d3
Author: Randall Meyer 
AuthorDate: Mon Jul 15 09:21:28 2019 -0700

Sets macOS luajit linker flags only when luajit detected
---
 build/luajit.m4 | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/build/luajit.m4 b/build/luajit.m4
index 6ca0251..bb48619 100644
--- a/build/luajit.m4
+++ b/build/luajit.m4
@@ -168,9 +168,11 @@ fi
 TS_ARG_ENABLE_VAR([has],[luajit])
 AM_CONDITIONAL([HAS_LUAJIT], [test 0 -ne $has_luajit])
 
-# On Darwin, LuaJIT requires magic link options for a program loading or 
running with LuaJIT,
-# otherwise it will crash in luaL_openlibs() at startup.  See 
http://luajit.org/install.html for more details
+dnl On Darwin, LuaJIT requires magic link options for a program loading or 
running with LuaJIT,
+dnl otherwise it will crash in luaL_openlibs() at startup.  See 
http://luajit.org/install.html for more details
+if test 0 "$has_luajit" -ne 0; then
 AC_SUBST([LUAJIT_DARWIN_LDFLAGS], ["-Wl,-pagezero_size,1 
-Wl,-image_base,1"])
+fi
 AM_CONDITIONAL([IS_DARWIN], [test x$(uname) = xDarwin])
 
 ])

[trafficserver] branch master updated: Add optional normalization of scheme and host to lower case letters in effective URLs.

[bcall]

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 9b567e4  Add optional normalization of scheme and host to lower case 
letters in effective URLs.
9b567e4 is described below

commit 9b567e4ee0b4cd5e32158b414e0b5383b998407e
Author: Walter Karas 
AuthorDate: Mon Apr 1 13:08:29 2019 -0500

Add optional normalization of scheme and host to lower case letters in 
effective URLs.

- Adds new TS API function TSHttpHdrEffectiveUrlBuffGet() (which also puts 
the URL in a user-allocated buffer).
- Adds 'normalized' parameter (defaults to false) to 
HTTPHdr::url_string_get().
- Adds 'normalized' parameter (defaults to false) to url_print(), 
url_string_get(), url_string_get_ref().
- Adds 'normalized' parameter (defaults to false) to URL::string_get(), 
URL::string_get_ref(), URL::print().

This will make it possible to check URLs output by these functions for 
equivalence by doing a simple string compare.
---
 .../api/functions/TSUrlStringGet.en.rst| 28 +-
 include/ts/ts.h| 13 ++-
 proxy/hdrs/HTTP.cc | 20 --
 proxy/hdrs/HTTP.h  | 19 +++---
 proxy/hdrs/MIME.cc | 35 ++---
 proxy/hdrs/MIME.h  |  2 +
 proxy/hdrs/URL.cc  | 16 
 proxy/hdrs/URL.h   | 24 ++--
 src/traffic_server/InkAPI.cc   | 37 ++
 tests/gold_tests/pluginTest/tsapi/log.gold |  8 +++-
 tests/gold_tests/pluginTest/tsapi/tsapi.test.py|  6 +--
 tests/tools/plugins/test_tsapi.cc  | 44 ++
 12 files changed, 210 insertions(+), 42 deletions(-)

diff --git a/doc/developer-guide/api/functions/TSUrlStringGet.en.rst 
b/doc/developer-guide/api/functions/TSUrlStringGet.en.rst
index 46d7e23..506a5e8 100644
--- a/doc/developer-guide/api/functions/TSUrlStringGet.en.rst
+++ b/doc/developer-guide/api/functions/TSUrlStringGet.en.rst
@@ -31,6 +31,7 @@ Synopsis
 
 .. function:: char * TSUrlStringGet(TSMBuffer bufp, TSMLoc offset, int * 
length)
 .. function:: char * TSHttpTxnEffectiveUrlStringGet(TSHttpTxn txn, int * 
length)
+.. function:: TSReturnCode TSHttpHdrEffectiveUrlBufGet(TSMBuffer hdr_buf, 
TSMLoc hdr_loc, char * buf, int64_t size, int64_t* length)
 .. function:: int TSUrlLengthGet(TSMBuffer bufp, TSMLoc offset)
 .. function:: void TSUrlPrint(TSMBuffer bufp, TSMLoc offset, TSIOBuffer iobufp)
 
@@ -50,7 +51,7 @@ call to :func:`TSmalloc` and must be freed by a call to 
:func:`TSfree`. If lengt
 then no attempt is made to de-reference it. The returned string is not 
guaranteed to have a null
 terminator - :arg:`length` must be used to correctly display the string.
 
-:func:`TSHttpTxnEffectiveUrlStringGet` is similar to :func:`TSUrlStringGet`. 
The two differences are
+:func:`TSHttpTxnEffectiveUrlStringGet` is similar to :func:`TSUrlStringGet`. 
The two differences are:
 
 *  The source is transaction :arg:`txn` and the URL is retrieved from the 
client request in that
transaction.
@@ -61,6 +62,31 @@ terminator - :arg:`length` must be used to correctly display 
the string.
 This function is useful to guarantee a URL that is as complete as possible 
given the specific
 request.
 
+:func:`TSHttpHdrEffectiveUrlBufGet` returns the effective URL for any HTTP 
request (not just the client request).
+If the request has a Host header field (and the URL does not contain a host 
specifier), the host specifier the header
+provides is inserted into the URL.  The host and
+scheme in the returned URL will be normalized to lower case letters (to make 
URL comparisons simple and fast).
+This prints the effective URL for the header specified by :arg:`hdr_buf` and
+:arg:`hdr_loc` to the buffer starting at :arg:`buf`. If the effective URL is 
longer than :arg:`size`, nothing is
+written to :arg:`buf`.  Note that this is not considered an error case, the 
function will still return `TS_SUCCESS`.
+It is the responsibility of the caller to check this result to determine if 
output was generated.
+The full length of the URL is always returned in :arg:`*length` when the 
function returns `TS_SUCCESS`.
+
+The typical usage would be
+::
+
+  TSMBuffer hdr_buf;
+  TSMLoc hdr_loc;
+  TSHttpTxnServerReqGet(txn, _buf, _loc);
+  int64_t length;
+  char store[2048];
+  char *buf = store;
+  TSHttpHdrEffectiveUrlBufGet(hdr_buf, hdr_loc, buf, sizeof(store), );
+  if (length > sizeof(store)) {
+buf = static_cast(malloc(length));
+TSHttpHdrEffectiveUrlBufGet(hdr_buf, hdr_loc, buf, length, );
+  }
+
 :func:`TSUrlLengthGet` calculates the length of the URL located at 
:arg:`offset` within 

[trafficserver] branch master updated: Remove header_rewrite conditions deprecated in previous versions

[rrm]

This is an automated email from the ASF dual-hosted git repository.

rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 37ae0d3  Remove header_rewrite conditions deprecated in previous 
versions
37ae0d3 is described below

commit 37ae0d34b2ad6a44e42c3fe88925f0f98682ba0c
Author: Randall Meyer 
AuthorDate: Mon Jul 15 17:09:59 2019 -0700

Remove header_rewrite conditions deprecated in previous versions
---
 doc/admin-guide/plugins/header_rewrite.en.rst |  50 +---
 plugins/header_rewrite/conditions.cc  | 108 --
 plugins/header_rewrite/conditions.h   |  56 -
 plugins/header_rewrite/factory.cc |   6 --
 plugins/header_rewrite/header_rewrite_test.cc |  12 +--
 5 files changed, 7 insertions(+), 225 deletions(-)

diff --git a/doc/admin-guide/plugins/header_rewrite.en.rst 
b/doc/admin-guide/plugins/header_rewrite.en.rst
index 05267b5..e5951e7 100644
--- a/doc/admin-guide/plugins/header_rewrite.en.rst
+++ b/doc/admin-guide/plugins/header_rewrite.en.rst
@@ -323,7 +323,7 @@ This condition provides access to information about the 
inbound (client, user ag
 The data that can be checked is ::
 
%{INBOUND:LOCAL-ADDR}  The local (ATS) address for the connection. 
Equivalent to %{IP:INBOUND}.
-   %{INBOUND:LOCAL-PORT}  The local (ATS) port for the connection. 
Equivalent to %{INCOMING-PORT}.
+   %{INBOUND:LOCAL-PORT}  The local (ATS) port for the connection.
%{INBOUND:REMOTE-ADDR} The client address for the connection. 
Equivalent to %{IP:CLIENT}.
%{INBOUND:REMOTE-PORT} The client port for the connection.
%{INBOUND:TLS} The TLS protocol if the connection is over TLS, 
otherwise the empty string.
@@ -351,17 +351,6 @@ which is true when the connection is not TLS. The 
arguments ``H2``, ``IPV4``, an
 same way.
 
 
-INCOMING-PORT
-~
-::
-
-cond %{INCOMING-PORT} 
-
-TCP port, as a decimal integer, on which the incoming client connection was
-made.
-
-This condition is *deprecated* as of ATS v8.0.x, please use 
``%{INBOUND:LOCAL-PORT}`` instead.
-
 IP
 ~~
 ::
@@ -387,8 +376,6 @@ actually as a value to an operator, e.g. ::
  set-header X-Server-IP %{IP:SERVER}
  set-header X-Outbound-IP %{IP:OUTBOUND}
 
-Finally, this new condition replaces the old %{CLIENT-IP} condition, which is
-now properly deprecated. It will be removed as of ATS v8.0.0.
 
 INTERNAL-TRANSACTION
 
@@ -430,37 +417,6 @@ values, such as year, month etc.
 %{NOW:WEEKDAY}   Current weekday (0-6, 0 == Sunday)
 %{NOW:YEARDAY}   Current day of the year (0-365, 0 == Jan 1st)
 
-PATH
-
-::
-
-cond %{PATH} 
-
-The path component of the transaction. This does NOT include the leading ``/`` 
that
-immediately follows the hostname and terminates prior to the ``?`` signifying
-the beginning of query parameters (or the end of the URL, whichever occurs
-first).
-
-Refer to `Requests vs. Responses`_ for more information on determining the
-context in which the transaction's URL is evaluated.
-
-This condition is *deprecated* as of ATS v7.1.x, please use e.g. %{URL:PATH}
-or %{CLIENT-URL:PATH} instead.
-
-
-QUERY
-~
-::
-
-cond %{QUERY} 
-
-The query parameters, if any, of the transaction.  Refer to `Requests vs.
-Responses`_ for more information on determining the context in which the
-transaction's URL is evaluated.
-
-This condition is *deprecated* as of ATS v7.1.x, please use e.g. %{URL:QUERY}
-or %{CLIENT-URL:QUERY} instead.
-
 
 RANDOM
 ~~
@@ -998,10 +954,6 @@ evaluated and will adjust using request or response 
entities automatically:
 
 - `METHOD`_
 
-- `PATH`_
-
-- `QUERY`_
-
 - `URL`_
 
 Affected Operators
diff --git a/plugins/header_rewrite/conditions.cc 
b/plugins/header_rewrite/conditions.cc
index 92cac5d..380d270 100644
--- a/plugins/header_rewrite/conditions.cc
+++ b/plugins/header_rewrite/conditions.cc
@@ -248,83 +248,6 @@ ConditionHeader::eval(const Resources )
   return static_cast(_matcher)->test(s);
 }
 
-// ConditionPath
-void
-ConditionPath::initialize(Parser )
-{
-  Condition::initialize(p);
-  MatcherType *match = new MatcherType(_cond_op);
-
-  match->set(p.get_arg());
-  _matcher = match;
-}
-
-void
-ConditionPath::append_value(std::string , const Resources )
-{
-  TSMBuffer bufp;
-  TSMLoc url_loc;
-
-  if (TSHttpTxnPristineUrlGet(res.txnp, , _loc) == TS_SUCCESS) {
-int path_length;
-const char *path = TSUrlPathGet(bufp, url_loc, _length);
-
-if (path && path_length) {
-  s.append(path, path_length);
-}
-
-TSHandleMLocRelease(bufp, TS_NULL_MLOC, url_loc);
-  }
-}
-
-bool
-ConditionPath::eval(const Resources )
-{
-  std::string s;
-
-  append_value(s, res);
-  TSDebug(PLUGIN_NAME, "Evaluating PATH()");
-
-  return static_cast(_matcher)->test(s);
-}
-
-// ConditionQuery
-void

[trafficserver] branch master updated: Fixes autodetect of brotli

[rrm]

This is an automated email from the ASF dual-hosted git repository.

rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 3a6983f  Fixes autodetect of brotli
3a6983f is described below

commit 3a6983fce6f8bb03698c7bcd31a4203e1fe2cc08
Author: Randall Meyer 
AuthorDate: Mon Jul 15 14:05:47 2019 -0700

Fixes autodetect of brotli

PKG_CHECK_EXISTS expects the lowercase name of the library to be
searched for.

Closes issue #5576
---
 build/brotli.m4 | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/build/brotli.m4 b/build/brotli.m4
index b9c0261..2d35a7b 100644
--- a/build/brotli.m4
+++ b/build/brotli.m4
@@ -80,11 +80,14 @@ AC_CHECK_HEADER([brotli/encode.h], [], [has_brotli=0])
 AC_CHECK_LIB([brotlienc], BrotliEncoderCreateInstance, [:], [has_brotli=0])
 
 if test "x$has_brotli" == "x0"; then
-PKG_CHECK_EXISTS([LIBBROTLIENC],
+PKG_CHECK_EXISTS([libbrotlienc],
 [
   PKG_CHECK_MODULES([LIBBROTLIENC], [libbrotlienc >= 0.6.0], [
-AC_SUBST([BROTLIENC_LIB], [$LIBBROTLIENC_LIBS])
-AC_SUBST([BROTLIENC_CFLAGS], [$LIBBROTLIENC_CFLAGS])
+AC_CHECK_HEADERS(brotli/encode.h, [brotli_have_headers=1])
+if test "$brotli_have_headers" != "0"; then
+AC_SUBST([BROTLIENC_LIB], [$LIBBROTLIENC_LIBS])
+AC_SUBST([BROTLIENC_CFLAGS], [$LIBBROTLIENC_CFLAGS])
+fi
   ], [])
 ], [])
 else

[trafficserver] branch master updated: In test_hooks Au test case, add work-around for flakeyness of VCONN start/close events.

[shinrich]

This is an automated email from the ASF dual-hosted git repository.

shinrich pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 1611d03  In test_hooks Au test case, add work-around for flakeyness of 
VCONN start/close events.
1611d03 is described below

commit 1611d03d04e51d4966c6d960130b587781c91098
Author: Walter Karas 
AuthorDate: Mon Jul 15 16:58:39 2019 -0500

In test_hooks Au test case, add work-around for flakeyness of VCONN 
start/close events.
---
 tests/gold_tests/pluginTest/test_hooks/clean.sh  | 20 
 .../pluginTest/test_hooks/test_hooks.test.py |  7 +++
 2 files changed, 27 insertions(+)

diff --git a/tests/gold_tests/pluginTest/test_hooks/clean.sh 
b/tests/gold_tests/pluginTest/test_hooks/clean.sh
new file mode 100644
index 000..4159eff
--- /dev/null
+++ b/tests/gold_tests/pluginTest/test_hooks/clean.sh
@@ -0,0 +1,20 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+while [[ "$(head -n 1 log.txt)" = "Global: event=TS_EVENT_VCONN_START" ]]
+do
+sed "1,4d" < log.txt > tlog.txt ; rm log.txt ; mv tlog.txt log.txt
+done
diff --git a/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py 
b/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py
index 5871802..a35c87f 100644
--- a/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py
+++ b/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py
@@ -78,6 +78,13 @@ tr.Processes.Default.Command = (
 )
 tr.Processes.Default.ReturnCode = 0
 
+# The probing of the ATS port to detect when ATS is ready may be seen by ATS 
as a VCONN start/close, so filter out these
+# events from the log file.
+#
+tr = Test.AddTestRun()
+tr.Processes.Default.Command = "cd " + Test.RunDirectory + " ; . " + 
Test.TestDirectory + "/clean.sh"
+tr.Processes.Default.ReturnCode = 0
+
 tr = Test.AddTestRun()
 tr.Processes.Default.Command = "echo check log"
 tr.Processes.Default.ReturnCode = 0