Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit #6189

bryancall · 2019-11-18T08:09:15Z

Created issue #6192 to look at this in the future if it is working again.

bryancall · 2019-11-18T09:02:02Z

[approve ci autest]

zwoop

Bizarre. Can you file an Issue to remind us to figure out where / what is broken here with PCRE ??

zwoop · 2019-11-18T09:05:25Z

Potentially a 9.0.x candidate

zwoop · 2019-11-18T13:10:20Z

Cherry-picked to v9.0.x branch.

(cherry picked from commit 093317c)

masaori335 · 2019-11-19T00:00:15Z

It looks like this fixed #5243.

(cherry picked from commit 093317c)

@strategy

* master: Docker builds do not need build numbers in workspace (#6221) Add autest for cache_range_request, add xdebug x-parentselection-key Move logging before session could be freed Do not reenable txnp with TS_EVENT_HTTP_ERROR if received TS_EVENT_HTTP_TXN_CLOSE event (PR #6215) Fixed next hop tests for out of tree builds This fixes next hop unit tests that segfault due to missing (#6216) Add autopep8 & pyflakes in dev-packages for AuTest Set END_STREAM flag when write_vio ntodo is 0 Add 100-continue expectation support on H2 connection Run dos2unix on all files in tree Lua plugin fix: Account for null in output from TSUrlPercentDecode. Cleanup: Remove useless UDPConnection function Check Range header for stale content Fixes spelling in strategies.yaml docs Adds WS check, and some cleanup (#6213) Cleanup trailing whitespaces, and YAML formatting (#6210) ssl_session_reuse optimization to check if diags is on Fix the strategies.yaml documentation. Add a remap @strategy tag and nexthop selection strategies to remap. Add test to catch regressions in sni and override configs (#6170) Upgrade Catch.hpp to v2.11 (#6185) Fix ssl_session_reuse to compile on macOS and FreeBSD Remove header conversion functions for HTTP/0.9 remap_stats: Fix BufferWriter usage error. Limit this check to Linux, where ldd always works (#6191) Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (#6189) Replaces Python -> Python3 in a few utilities (#6187) Fix compile warnings in Catch checks for TextView (#6186) Dockerfile for Debian package managers (#6183) RBTree - fix potential nullptr dereference Doc: Remove local path to MathJax. Removes the ssn_close hook, it can never work (#6175) tslua: Exposes set/get version for server request objects Remove unimplement UDP function Remove HttpTransact::build_upgrade_response Fixes cppcheck issues for cookie_remap plugin Fixed gcc7 issue with yaml-cpp 0.6.3 Updates yaml-cpp to 0.6.3 Remove unused functions of IOBuffer Re-order READ_REQUEST_ HDR_HOOK and PRE_REMAP_HOOK tslua: Exposes set/get method for server request objects Cleans up some of the filenames mess (#6144) Fixed build issues with hwloc 2.x API changes Remove Cache v23 support detect bogus jemalloc version Move websocket upgrade later in state machine Change API to return a TSReturnCode code. Promote server_push_preload plugin. Move TSHttpTxnServerPush to the stable API interface. Only decrement log_stat_log_files_open_stat when the file is closed. Normalize loopback usage in session_match autest tests: Adds autest for WebSocket mappings Fix building Catch on macOS Reverse debug specific check. thread ready check tests: Cleans up local variable is assigned to but never used warnings tests: Cleans up imported but unused imports Rename test to lua_watermark.test.py Add apache header to watermark lua test Add lua watermark test to check for existence of lua watermark upstream API call Internal link needs _ Reduce doc build errors Disable the most expensive "make check" tests by default slice plugin add support for using effective url with remap host. Make MIOBufferWriter unit tests work when compiled without -DDEBUG. Remove including sys/sysctl.h for Linux A couple simple tweaks. Update docs for SSL Handshake stats Remove using namespace std Avoid IOBufferReader::read_avail() call from MIOBuffer::high_water() Remove remnants of http/1.1 pipeline logic. Cleaned up the changelog command for making our release notes Updated to clang-format v9.0.0 Remove never implemented HttpTransact::service_transaction_in_proxy_only_mode Add Metrics to track SSL Handshake attempts Removes the records.config.shadow alternative config file Fixing include synopsis rendering for API docs. Adding an autest for traffic_dump. Issue #4294: Handle return value of SSL_write() properly. Fix null pointer dereference reported by clang-analyzer Add an appropriate warning where behavior has changed Fixes misc. spelling and whitespace For remap_stats, removes configure time dependency on search.h Removes proxy.config.cache.storage_filename set host name in TLS extension for SNI Host check in service side with sni policy verify_with_name_source. Minor fixes. Fixes misc. spelling and whitespace Docs: cachekey: fixed non-ascii table characters Docs: clarify remap plugin inst init params cleanup the eventloop Script used for comparing commits on internal branch and seeing if they are on the remote master or release branch. It uses a combination of cherry-mark and searching the commit message for cherry-pick -x hashes. doc + unittest TSRemap(Init|NewInstance) failures Updating the autest version pin to 1.7.4. Fixing log cleanup candidate selection and adding a test for it. Replace container of HPACK dynamic table from std::vector to std::deque Allow txn handler to be set from ssn on same hook Add basic SystemTap markers support Issue #6072: Make If-Range date compare to be exact match. Cleanup: Ignore checkprograms of remap Issue 4635: Address pipe reuse after configuration reload issues Fix the malformed threads table Disable tests using exceptions in MIOBufferWriter UT. Updated API header and ssl_session_reuse for new TSSslSessionInsert changes Premature DSO unload with "suicidal" continuations support for listening on all the net threads uses epollexclusive flag and soreuseport Fixing session sharing with IP matching. Promote 'Enable_Config_Var' from HttpConnectionCount to HttpConfig. This is so other configuration can use it. Cleanup: Remove use of obsolete class TSConstBuffer from MIME.cc Add example to retrieve request body using Lua Dechunk chunked contents on HttpTunnel if client protocol is HTTP/2 or HTTP/3 Add MIMEHdr Garbage Collection to HPACK Dynamic Table Fix some long lines and reduntant plugin_config SO additions. Updates references to OSX to macOS Fixes help message for traffic_top's sleep switch

* asf/8.0.x: Replaces Python -> Python3 in a few utilities (apache#6187) Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (apache#6189) Fix building Catch on macOS

commit a1952d8a53feb66b0722d0dca252e098c9320f0a Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jul 14 11:14:45 2020 +0900 Comment out an unused const value commit f7893992358606565c156e6f9964fa02f5425e87 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jul 14 11:06:57 2020 +0900 Don't process write_vio on initialization if there is no data commit d7d00c2b838c46b761ac9dcd72fa5ae391a8ab19 Merge: 00d78836a 89b6b91d4 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jul 14 10:19:18 2020 +0900 Merge branch 'master' into quic-latest * master: Test and fix connection timeout and retries (#6897) Improve client_vc tracking (#6889) Open UDP ports on traffic_manager if ports are configured for QUIC (#6808) Issue 6847 Fixing documentation for secondary_mode (#6851) Add maxmind acl plugin (#6980) fix leak in early data (#6957) Traffic Dump: dump server-side protocol stack (#6972) Preserve cert name through ssl vc migration (#6977) Adds null check (#6994) hostdb: don't use next_sync_time - now() as TTL (it can be negative) (#6979) commit 00d78836a62346511dd1ffecde4a2d067bf9b196 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jul 13 16:21:45 2020 +0900 Update tests commit 32fb67f89e8314479b1457e83a278bd46edd0e94 Merge: fbc8d4a67 da888769f Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Jul 10 11:27:30 2020 +0900 Merge branch 'master' into quic-latest * master: Fix a build issue with BoringSSL (#6988) Update autest to version 1.8.0. (#6981) Updates path to reflect new location in tree (#6993) Fix memory leak in header_rewrite (#6986) Fix typo in Http2ConnectionState (#6991) Fixes use after free when boringssl is used (#6985) Fix out of source tree builds for QUIC (#6984) remap doc correction (#6974) Use print mode with length in validate_sni debug (#6976) Assert non-zero HdrHeap object size (#6954) AuTest: Properly handle experimental plugins. (#6971) Add new test and fix for float configuration failure in conf_remap (#6967) Cleanup: Break down HpackIndexingTable::lookup() into static table lookup & dynamic table lookup (#6509) Perf: Use LocalBuffer in HTTP/2 (#6536) RateLimiting and Connection Config changes (#6968) Update docs for some DNS config settings (#6969) Log whether client certs were exchanged in TLS handshake (#6699) Fix support for openssl async engine (#6910) Make the log_pipe test more efficient. (#6966) Cleanup: Simplify Http2Stream::update_write_request() (#6962) Assert on valid boundaries for UserArgTable access (#6953) Fix format string for int64_t (#6963) Fixes icap build on macOS (#6958) Metrics for origin close (#6873) Cleanup: Remove unnecessary member from Http2Stream (#6951) Prevent buffer overflow during log filter actions (#6950) Make HostDBInfo class safer to use. (#6858) Remove two unused includes in HdrHeap.h. (#6905) Set the default thread count factor to 1x the number of logical cores (#6949) Build test C/C++ files with Automake. (#6945) remove useless code (#6952) Add CI verbose and debug options for autest (#6947) Remove dup code in QUICMultiCertConfigLoader (#6942) Retry read when fastopen_bread() get non fatal error (#6841) Cleanup: Remove unused arguments (#6943) AuTest: New log and When condition for ATS initialized (#6931) Add IPCAP Plugin (#6484) Load combined file with bogus key path (#6933) plugins: Move to blocklists and allowlists (#6940) Move to blocklists and allowlists (#6941) Prevent use-after-free of TransactionPlugin (#6937) Update buffer-writer.en.rst (wrong header link) (#6934) Fixed bug in the calculation of the header block fragment length (#6923) Disable max_connections_active_in default now that featur works (#6903) Make compress Au test less flakey. (#6915) Enable only squash and merge for GitHub example: Move to blocklists and allowlists Fix dual_cert_select test to run with older openssl binary (#6896) Prevent stale netvc access on SSL Callbacks (#6925) commit fbc8d4a670026d1fbc38c00107d6f06c283d9852 Author: scw00 <616955249@qq.com> Date: Fri Jun 26 19:56:58 2020 +0800 Document qlog_dir configuration (#6935) commit 5d3cecf6b5fc0820f6b3cb608caa2a9d31345a4b Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Jun 26 10:22:52 2020 +0900 Update tests commit 8d09233a75eb5d34097c17ccf7ed69be1bea6440 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jun 22 11:36:09 2020 +0900 clang-format commit 4f54576cbc56e630b6104e1a52d4c3b9a52aa76e Merge: 5c50ff382 763aa8e14 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jun 22 11:34:21 2020 +0900 Merge branch 'master' into quic-latest * master: Make QPACK.h self-contained build: Require OCSP headers for OCSP-enablement Fix old MIMEHdr handling of HPACK Customize Max IOBuffer Size (#6869) Ensure read_avail is set for the first non-empty block (#6916) Removes SSLNetVConnection::sslContextSet Disable lua_stats autest until we can reliably wait for stats set sni_name with remapped origin name if sni_policy is not the default value (#6898) Make h2spec test more resiliant by extending timeout (#6891) Make Http2ClientSession inactive on EOS event Fix assert when client aborts during backfill (#6809) Traffic Dump: Add server response HTTP version (#6856) AuTest: Pipfile update to use microserver 1.0.5 (#6893) Fix compiler issue with ICC 19.1 change overridable var type for proxy.config.http.server_session_sharing.match from int to string (#6822) Fix the relative path for template_sets_dir to be install directory (#6203) microserver error handling: SSLError check and debug. (#6884) Track thread changes during origin connect and cache open write (#6872) Fix for Ubuntu 16 and Clang 5 AuTest: port selection improvements. (#6888) Revert "Avoid stale client_vc (#6732)" (#6879) Return null when do_io_write called on closed stream (#6826) Handle immediate as inactivity timeout (#6689) Avoid stale client_vc (#6732) Protect against nullptr access during SSL Callback (#6866) avoid dynamic_cast to get Pi-tag for non_internal requests (#6868) Adding HTTP status 451 in apidefs as well (See PR#6789) (#6797) Fix session pool to add and fetch to beginning of hash chain rather than end (#6805) Conflicts: iocore/net/quic/QUICPacketPayloadProtector.cc commit 5c50ff382560a22fab2e6ac65d5dcaa2d528247a Author: scw00 <scw00@apache.org> Date: Tue Jun 16 09:17:15 2020 +0800 make compiler happy commit 344ede3200f4de10f6319fc58a49c18abda09d6f Author: scw00 <scw00@apache.org> Date: Fri Jun 12 10:53:31 2020 +0800 Chang qlog_file configuration to qlog_dir commit 511ac7ecc1b95b445e432f7c1e0b0c3094217aa3 Author: scw00 <scw00@apache.org> Date: Sun Jun 7 18:43:37 2020 +0800 make qlog configurable commit 1a5669a48defbb39a3059021e397c05e9a5dc05f Author: scw00 <scw00@apache.org> Date: Fri Jun 5 15:58:23 2020 +0800 add metrics update commit a126b84f4318c52cdb8e6b81d239ed505ade6bce Author: scw00 <scw00@apache.org> Date: Thu Jun 4 17:48:32 2020 +0800 remove useless INCLUDE_YAML commit 82b51076ad0f28b1df8a6b367297643cfbc72504 Author: scw00 <scw00@apache.org> Date: Thu Jun 4 17:40:32 2020 +0800 make qlog configurable commit da958f1c91f7a1ed7af472eedad4b3da55981f5e Author: scw00 <scw00@apache.org> Date: Mon May 25 13:54:49 2020 +0800 QUIC: add qlog support commit a2e788b8b5337a7225a456df56de853fece7e17c Merge: db1a85c5a 02a60b200 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jun 9 11:44:47 2020 +0900 Merge branch 'master' into quic-latest * master: Fix a crash on TLS resumption Make format specifier for time_t portable Fix pointer overflow in XPACK Add include so BROTLI constants are available to plugin (#6862) We should remove whitespace from fieldname in http response due to RFC7230:3.2.4(#6793) Fix missing virtual destructor in TLSSessionResumptionSupport. (#6812) Generalize KA check logic LGTM: fix hiding a global variable with the same name LGTM: add header guard Removes refcounting from compress and s3_auth plugins Schedule Transform on the same thread as the continuation (#6843) traffic_dump: debug_tag and lock improvements Issue 6838 Fixing the comparison in waited_enough (drain functionality) (#6839) Drastically improve generator.so performance for /nocache (#6834) Slice plugin: recover out of sync slices, better handling of non 206s commit db1a85c5a029260761e65f86917c2c583bd33583 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jun 4 14:08:07 2020 +0900 Add support for BoringSSL API version 10 (QUIC) commit 3a41eb4286b8955db80a3bcb8ef72a504dbbf558 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jun 3 10:18:53 2020 +0900 Ignore QUIC Short packets during handshake commit 81d52e4c80dc3caf913527a5d817c6cec8f49fa9 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jun 3 09:46:52 2020 +0900 Increment ndone with th amount of data actually read ndone was not updated correctly and it caused a problem on setting FIN flag on a QUIC stream. commit a788cc38ca803a0f3c5901b14db5f6a7ce6361e4 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jun 2 11:33:40 2020 +0900 Cleanup dependency for QUIC module commit 88d4597c257c00859c29f77616c96d2090a699f1 Merge: 9c358d48e 78028cf5b Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jun 1 16:22:08 2020 +0900 Merge branch 'master' into quic-latest * master: Change AM_LDFLAGS to be an addition, not an overwrite, in the plugin makefile. This allows the various libpaths, and specifically the rpath, to be transferred over to plugins when used for tests. Currently separate test applications will build properly against things like a custom openssl installation, however when they run they do not know the correct location unless you have set the LD path on the system to include that directory. Passing this information around allows the ATS library rpath to also be used for the test applications so they can determine at runtime where to look for libraries (#6835) Adding a basic ip_allow test. Add CSV output as an optional format for stats_over_http (#6818) HostDB - change HostResPreferenceOrder type to std::array. cache_range_request: Overhaul and clean up the core autest. lua plugin: fix for incorrectly injecting global plugin stats Clear handling tracked events of Http2Stream Add le32toh and htole32 for macOS (#6807) Make chunked encoding test more resilient (#6827) regex_remap: Adjust regex recursion limit down due to crashes in testing. (#6819) Fix test certs in client_context_dump (#6824) Doc updates for tunnel_route and ip_allow interaction. ip_resolve - Make config variable overridable Fixes remaining memory leaks with nexthop strategy unit tests found by ASAN. This should close issue 6765 Make post_slow_server Au test work in Docker container. Add an optional ramcache setting to volume.config to be able to disable it (#6746) Fixes to hostDB to avoid event and memory leaks (#6686) Add TXN_CLOSE hook to CPPAPI TransactionPlugin (#6800) clang-analyzer: uninitialized va_list (#6798) commit 9c358d48e1791bc86e61e99114775a973b82055c Author: Masakazu Kitajo <maskit@apache.org> Date: Mon May 25 14:19:28 2020 +0900 Update tests TP format was changed but binaries in test cases were not updated commit 3444f4108dfb9bb7c41bc9536b26272eb7312736 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue May 5 16:25:07 2020 +0900 Add TLSSessionResumptionSupport to QUICNetVC commit 221c5b5f37738c65ba9d1787a047eec6ba200d2a Merge: 7f9338f62 16fb8092e Author: Masakazu Kitajo <maskit@apache.org> Date: Wed May 20 08:36:52 2020 +0900 Merge branch 'master' into quic-latest * master: Generalize callbacks for TLS session resumption fixes issue 6765, memleak in unit test mocked Machine class in nexthop_test_stubs.cc Fix HPACK Dynamic Table Cleanup clang-analyzer: code clone in get_proxy_protocol_addr (#6791) clang-analyzer: eliminate identical conditions (#6790) Adding HTTP Status code 451 for Unavailable For Legal Reasons (RFC 7725) (#6789) HPACK: send back an error to the client when the index is invalid Use Proxy-Connection iff parent_is_proxy=true 1. Set a non-zero default value for TLS Client Handshake Timeout (#6781) Update existingh formatting with new clang-format package Updates clang-format to LLVM v10.0.0 Fixed `AddressSanitizer: odr-violation` Weird characters in debug message Add back reading config for handshake timeout (#6773) Lua plugin: add ts.server_response.get_maxage() Ensure inactivity timeout is not set when passed in timeout value is 0 (#6772) clang-analyzer: Fix dead nested assignment issues Do not fail multicert load if line does not create entry (#6760) Accept Handling VIO events SSL (#6764) Accept handling VIO events (#6763) Promote netvc to ProxySession (#6759) Add metrics to track default inactivity timed out connections (#6755) Script to find mutexes/futexes that are contending Enforce Active Connection limits (#6754) Add HttpTransact::get_max_age and TSHttpTxnGetMaxAge Make chunked_encoding test more reliable by killing nc process (#6762) Disable remap-stats test until we can reliably wait for metrics (#6761) Fix set manipulation in dual cert resolution (#6758) Correct `schedule_every_local` to schedule locally ASAN: Fixed one definition rule violation gcc10: fixed clearing an object of non-trivial type for wccp traffic_dump: refactor to make transactions atomically written Cleans up doubled words in documentation Doc: Add example for ipv4/6 on dns nameserver Doc: Remove build warning Fix typos in comments Remove unused index for SSL application specific data SSL: Introduce proxy.config.ssl.server.session_ticket.number Lua Plugin - Extend the crypto API with SHA-256 and HMAC functions. GCC 10: Update traffic_via to use string_view to avoid compile errors. GCC 10 fixes - simple fixes. Update expired test certificates for cert_update Lua plugin: add ts.server_response.is_cacheable() HttpSM cleaning up non-sense pointer indirection (#6721) python: Remove unused imports python: Fix dangerous default argument python: Remove unused variables python: Remove unnecessary comprehension Conflicts: iocore/net/UnixUDPNet.cc commit 7f9338f62e41543243fd3aff6770b25b8996ed6f Author: Masakazu Kitajo <maskit@apache.org> Date: Tue May 5 17:49:03 2020 +0900 Enable QUIC 0-RTT with Tatsuhiro's OpenSSL commit 42a0c656067ed117e7c729be30c7f91a744922c8 Merge: 05b7ab887 59ff1d846 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon May 4 17:33:54 2020 +0900 Merge branch 'master' into quic-latest * master: Fix ink_endian.h to include an appropriate header file Fix a bug that current_active_client_connections doesn't decrease Extendible asan simple (#6650) Rework stats over http so that it supports both a config file and the original path parameter (#6542) Commenting EventIO methods (#6712) Document ip_allow in sni.yaml (#6723) traffic_dump: add tls information to dump. (#6727) gcc10: fixed warning about returning local variable in int64_to_str() Au test: HTTP/2 client sends POST, server delays 2 minutes, sends 200 KB. Fixup .gitignores to match repo reality put events into local queue when scheduling on the same thread as the scheduler Fix typo in DiagsConfig Updated docs for guaranteed_{min,max}_lifetime Remove tls_versions from host sni policy check remove TSContSchedule, then rename TSContScheduleOnPool to TSContSchedule slice plugin: add --include-regex, --exclude-regex parameters (#6701) Add Access log fields for ProxyProtocol Context Adding logging fields for collapsed forwarding metrics (#6708) Added more of the main sub-trees Fix lost fragments when update object Removes ATS version from gold files traffic_dump: add nullptr check for sni string (#6700) Fix crash when folloing redirect Fix deprecated-copy warning in cache tool Fixed memory leak in header unit test Increase the default max_record_entries to match the original compiled in value (#6697) commit 05b7ab8874379e527712580210b41253601e54e9 Merge: d2232313c 7320d5c53 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Apr 22 16:11:34 2020 +0900 Merge branch 'master' into quic-latest * master: Normalizes function names to match hook names in intercept plugins Added Apache notifications file Test PUSHing an object into the cache and the GETting it with a few variations on the client connection protocol. Fix link issue of test_libhttp2 on FreeBSD 12 with --enable-debug Traffic Dump: Adding an SNI filtering option. (#6645) code and documentation for lua states configuration and stats printing (#6571) Fixes minor memory leak in configure_net Update TSStatFindName to check that sync callback is set on the stat Fixes memory leak during log configuration Removes commented out code from example chdir into src before running git commands Added / renamed config.h -> configs.h, to avoid our .gitignore Added new flag to documentation Cleanup for consistency Add PolicyManager, basic functionality Refactor the cache_promote policies Format to match perferred if/else formatting for sh scripts Adds the 8.1 stuff that's already running and building Skip running autests for ci builds that don't have relevant changed files Skip running autests for ci builds that don't have relevant changed files Added a basic CODEOWNERS remove unnecessary Last-Modified header from tests Bug fixes to h2 buffering Added bonded interface support to system stats plugin (#6668) Fix memory leak of HPACK Fixes memory leak loading certs Check sni against SSL object (#6656) Fix origin scheme selection with partial-blind addition (#6655) traffic_top bug fixes for client connections Run httpbin as an origin server of AuTest Removing whitespace and closing file elsewhere complete change change suggested during discussion close the file after use Augment autest to exercise combined cert and key file Optimize HTTPHdr conversion of HTTP/1.1 to HTTP/2 Convert HTTP/2 regression tests to use Catch Introduce LocalBuffer Add hashname to the configuration definition (#6647) Adds important config notes for TLS v1/1.1 (#6646) Add docs for memory leak detection configs Add more options to session_sharing.match (#6566) Fixes crash loading combined(cert+key) certs traffic_dump: don't dump cookies from the wire (#6586) Adding a log pipe buffer size test. Adds partial_blind_route sni action Make next_cs_id a private member variable. Use default rwlock attributes on initialize Fix migrate use after free (#6578) Add a new log tag %<vbn> AppVersionInfo.BldNumStr s3_auth_v4: multiple same name fields signing fix Fix ASAN detected crash in test_LogUtils. This is cause by double linking BufferWriterFormat.cc, so don't do that. Fixes a bug where the nexthop markNextHop method to mark a host down is not called when because the wrapper function was not used. SNI: Add support to match/replace captured group from fqdn into tunnel_route. (#6613) Add ready checks for the microserver and ATS test instances. (#6625) Updated ink_rwlock to be a real reader writer lock Patch to catch and invalidate an HTTP asset with negative bytes after cache_seek. Fix missing virtual destructor for PluginUserArgsMixin. Don't be overly aggressive on stream failures and closing commit d2232313ce0d6baa2fb746b82596916256c72a69 Merge: 69713f57f ba98187ef Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Apr 7 12:45:14 2020 +0900 Merge branch 'master' into quic-latest * master: Remove configure option --max-api-stats which does not do anything. Should have been removed as part of commit ea1fb0c87261b1fbf375fa6ade26deda1d01995b Add extension ip.test.ext to Au Test, with Test method to allocate extra TCP ports. Optimize HTTPHdr conversion of HTTP/2 to HTTP/1.1 Return TSFetchSM from TSFetchUrl so TSFetchFlagSet can set fetch flags READ_RESPONSE_HDR_HOOK is invoked only when the response is from the Origin Server Fix typo in system stats, change loadavg 10min to be 15min (#6608) Making client session id unique across HTTP/1 and 2 sessions Add support for a simple_server_retry_responses list (#6605) AuTest for server_push_preload plugin fix sed matching Improving the messaging around the use of TSSslSessionGetBuffer Fix PUSH_PROMISE frame payload length Cleanup: fix a inline function style Doc updates to TSContSchedule* API Skip compressible content type check with null strings. Include start line of HTTP messages in xdebug probe output. Convert mgmt/utils unit tests to use Catch. [Doc][DevGuide][TSStatSync] Fixing documentation for SUM and COUNT types Support body factory template suppression for internal requests Fix tunnel crash When using TSContSchedule() and TSContScheduleAPI() set the calling thread as the thread affinity when not already set Ensure TSContSchedule API family are called from an EThread. Make request/response body as an option for AuTest microserver Moved printing the incoming headers for debug before remapping SSL: Always renew TLS Session Tickets iff TLSv1.3 is being used Convert proxy/logging unit tests to use Catch. Convert single regression test in iocore/eventsystem/SocketManager.cc to Catch. Enable logging autests on macOS, clarify why Linux is required In Au tests, poll for excretion of log file rather than waiting fixed delay. (#6506) Fixed build issue with Ubuntu 16 debug Removed some unused declarations in HttpTransact Convert Mime and URL unit tests in proxy/hdrs to Catch. Convert unit tests for sslheaders plugin to Catch. free(map) -> delete map Removes copypasta curl text from tests and removes checks for curl Fixes some tls autests on macOS Add FetchSM support to dechunking in non-streaming mode. Add new TS API TSFetchFlagSet() Doc: Add mention for sleep time variance Allow lo interface in list of system stats (#6531) Remove unused unit test source files in src/tscore. better handling of TSVIO calls and TSVConnAbort (#6239) Convert tscore regression tests to Catch unit tests. Disables "virtual host not used with AWS auth v4" error in s3_auth Created remap_stats au test. This tests 2 remaps, one for a 2xx response and one for a 4xx response and then checks the stats output (#6505) Adds support for configure option --enable-yaml-headers (#6519) Require 1.1.1 as minimum openssl lib version for tls_check_dual_cert_selection Au test. Removes noisy log statement from xdebug Make traffic_ctl limp along for now with large records.snap (#6517) Fixes a bug where getHostStatus() will create a host status record when none is found. A Host status record should only be created when a host is marked up or down when traffic_ctl is used to mark a host up or down. Moves hosting.config finished loading message outside of parsing loop Refactor and generalize the User Arg concept, add global (#6468) Check the exit value of the regression test Fix SDK_API_TSSslServerContextCreate Exponential backoff - Make values used configurable - Add config support for ceiling time and retry cap. - Add small variance when sleeping. Cleanup: check activity of Http2Stream by ActivityCop Rework server side SSL_CTX creation to better handle dual_cert mismatches (#6483) XDebug: Always append to the X- header, rather than prepend Doc: connection.match default value update Charge Proxy Header Regression tests into Catch unit tests. traffic_dump: Make client-request gathered in a global hook (#6500) Remove method that does nothing. (#6501) Doc: traffic_manager - Add documentation for exp backoff and configuration Make all_headers test more resilient to timimng remove pthread_cancel, use atomic flags to ensure cross thread safety, and some other cleanups Add null check to fix error tunnel crash LGTM: Fix comparing int8_t with wider type Fix a compile warning Bikeshedding some code structures for reloadable plugins config (#6488) Issue 3546: Add "overridable" to the configuration variable description. Remove some outdated files. Be explicit about RTLD_LOCAL, defaults varies on platforms (#6485) [CPPAPI] Provide access to TSRemapRequestInfo in RemapPlugins. Conflicts: iocore/net/quic/QUICTLS_boringssl.cc commit 69713f57fc0398a489de9ffddcfa0c51564a3b67 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Mar 2 12:36:27 2020 +0900 Update QUIC TP format commit c6221cf2377cb6fef11e94a63e22d6449d4e37ee Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 26 17:14:14 2020 +0900 Update QUIC draft version numbers to 27 commit 4f69d0018064a16bfcd9bec246da227eb52c2dee Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Mar 5 17:51:42 2020 +0900 Fix a bug around IPv6 commit 63e8470330050cee29f57647299bb316a72d25c3 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Mar 5 15:15:46 2020 +0900 Following changes for UDPBind interface change commit 93a1e7c453cfba0454a1fe33d73c2e32c7cafd07 Merge: febec04ee ddaf9e5f4 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Mar 5 11:35:37 2020 +0900 Merge branch 'master' into quic-latest * master: traffic_dump: Fixing content:size collection. Delay cleanup when cache write continues after early client response Reduce minimum config files neeed for golden_tests. Removes some things deprecated from older versions (#6471) Fixed logging docs typos Use same filename variable to keep consistency Fix clang-format on SSLUtils.cc Add more flexible error handling when open a config file. Remove --read_core option Remove noisy mutex warning AUTest MakeATSProcess default ports records.config Using dynamic ports in AUtest Issue #6400 - Adds config option to enable/disable dynamic reload feature for plugins => proxy.config.plugin.dynamic_reload_mode - 1 (default) enables the dynamic reload feature, 0 disables it => Adds to and refactors unit-tests for the dynamic plugin reload feature cache_range_requests plugin: detect and handle TSCacheUrlSet failures which poison the cache (#6464) Fix clang-format Make traffic_manager be flexible when opening config files. make sure time is consistent between calculations Remove update to unused variable commit febec04eee0f28cec84a94fe5ea68e1eb9d127e4 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Mar 5 09:13:03 2020 +0900 Update doc commit 62a0465ef36549432f14d2e9f69c016d563ec08f Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Mar 3 22:36:16 2020 +0900 Use file descriptor passed by TM for QUIC commit fb0400a72976a0c162732bad69437923d75c22e1 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Mar 3 22:14:59 2020 +0900 Open UDP ports on traffic_manager if ports are configured for QUIC commit 0b776127316ecfc0b1f500fb201f1c8892109b84 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Mar 5 08:52:16 2020 +0900 fix compile error commit 26007a5162e8c68ba80b7ab71b8d4fe830b41f39 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Mar 4 22:07:02 2020 +0900 Fix compile warnings commit 0462bb7e918db3b8a64e5034a9a9fb67d2696b1e Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Mar 4 15:12:08 2020 +0900 Add a setting for disable_active_migration Transport Parameter commit e622acc6edcbd32b1a190f0b00b244ee9777ad42 Merge: 7ea257aa0 b63879cbb Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Mar 3 09:48:34 2020 +0900 Merge branch 'master' into quic-latest * master: Try to avoid mixing curl headers and body for disjoing-wait-for-cache test Move TestClientAction to SNIConfig class Add mechanism to enforce SNI policy x-remap ignoring age in gold file Adjust consume logic in data frame read Skipping log_retention.test.py because it is flaky in CI Fix code to avoid HostDBContinuation use after free Fix crash when H2 client does not set End-of-data bit Signal VC_EVENT_READ_COMPLETE when ATS received END_STREAM flag if transaction status nonzero, bypass the slice plugin (#6417) Turn on debug for the bash script test_logstats_summary Fix port selection for ssl ipv6 SSLNetVConnection, fixed/removed assert when running debug build traffic_dump post_process.py commit 7ea257aa06a5ed5cfa9d075d558ca1b8813abc15 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Mar 2 18:04:02 2020 +0900 Enable QUIC 0-RTT with BoringSSL commit 0da1abcff2b9ec2b37d79b4b0743dd6b4c6ef232 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 27 17:02:40 2020 +0900 Fix an error with the old OpenSSL commit 68be51aa442d2b5c07de6c4df9c769c62b9f741d Merge: b3aa9226b e2a3e2951 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 26 17:02:26 2020 +0900 Merge branch 'master' into quic-latest * master: SSL: Introduce proxy.config.ssl.server.prioritize_chacha Traffic Dump: fix client request target parsing Remove documentation for removed TSIOBufferReader API functions. Revert "Disable the chunked_encoding test" Avoid a weird name collision between HRW and tscore (#6446) Move log line length configuration to records.config docs. Cleaned up smuggle-client Cleaned up ssl-port Another option to fix potential HTTP/2 vio stall Disable the chunked_encoding test Reset captive_action.cancelled during open read retry to prevent assert Fixed encoding test to work with OpenSSL 1.0.2 Export headers for internal YAML-CPP library. This allows plugins to use the library in the same way and version as the TS core. Replace python with python3 in AuTest Set default encoding UTF-8 for AuTest on Linux Cleanup RamCacheCLFUS Doc: Add link from proxy.config.proxy_binary_opts to traffic_server options. Document the traffic_server -m, -M options, sort the options a bit better. Syntax Error fixed in URI sig Plugin (#6420) URI Sig Null Check for Clang Warning (#6419) commit b3aa9226bcbcd37375e297af252abb4d8f256081 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 26 17:01:40 2020 +0900 Update unit tests commit e4ac336bf4067be6bf8c39c65b253754a93df805 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 26 16:47:36 2020 +0900 traffic_quic: Add an option to specify a server name for SNI commit eeff49abddb0ff5dca8aafd8d5b5f1cfc86536df Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Feb 25 14:37:04 2020 +0900 Fix memory leaks arond QUIC packet encryption commit 8bfdc08856719f4bc5ab7501b43b0227d48f63cc Author: scw00 <scw00@apache.org> Date: Mon Feb 24 15:58:49 2020 +0800 Using std::string for QUICConnectionId::hex commit bfbea17a5e6060d90c2f4807d126ade76431062a Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 20 23:13:50 2020 +0900 Add -r option for stateless reset excersice to traffic_quic commit cc223b0e42cf8530cea23370414a5984a6131669 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 20 23:12:32 2020 +0900 Add QUICConnection::reset_connection() commit 0f09b5967f9bd9b67f653c5785e98038c92bb3c3 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 19 15:05:25 2020 +0900 Handle stateless reset commit 7fea981ee4f305631fc0761028b725c097a02e79 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 13 10:13:26 2020 +0900 Update comments commit 1598518319f71f48dbe6b2460c772c9029d93f92 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 13 08:59:29 2020 +0900 Update files for OpenSSL with BoringSSL APIs to compile those commit 6ae995bccd5348ad535447352b23ea05f82587f4 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 12 23:45:09 2020 +0900 Update configure script and Makefile to use files for OpenSSL with BoringSSL APIs commit 7d04123057499b3ddc0098a15ecd0e318666ccff Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 12 23:29:08 2020 +0900 Copy files for BoringSSL as files for OpenSSL with BoringSSL APIs commit 5c181b4a95b7177a29b44df6f7696e3a685e99e4 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 12 23:27:33 2020 +0900 Use _legacy as suffix for files for hacked OpenSSL commit 4c1236efa11e0c133d712cb6999700b042d2548f Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 13 10:13:41 2020 +0900 Restore one more tests disabled for BoringSSL commit 292619ed11c13922943374dfe3412b639f5dc96f Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Feb 17 10:42:03 2020 +0900 Remove a possible null pointer dereference commit 48cca203f44508a3706cb58fbdde65bfacc4c686 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 13 12:19:16 2020 +0900 Update a test for handshake error commit 00d3f7fb1a586abd4872be6535a9f71c14d9821e Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 12 21:45:28 2020 +0900 Add missing AL header commit 40f8a594dd7bbda2fabfda2f3442c39eec266c85 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 12 21:43:46 2020 +0900 Add a length check to TP parser commit b75169ab6bdcee21f8c8af47ab42d42b1b8d0ba8 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 12 21:43:03 2020 +0900 Reenable tests for handshake that didn't pass with BoringSSL commit 01e6daf2c840c797b9723319c49d49d887bd6aaa Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 22 11:37:32 2020 +0900 Send and receive Transport Parameters with BoringSSL API commit da6062a45e9d9d1ded78001979a2596903f51a0b Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 22 09:53:24 2020 +0900 Update tests commit d86fa83b427ffdc6fafb0b4a2724f30da88b4f65 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 22 00:14:52 2020 +0900 Update tests commit 4cd59ce984fd3e6e49edcde4a8abc57dce37be56 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 21 23:16:23 2020 +0900 Fix compile error with OpenSSL commit 70f86f553c9eee2318f2269910db84a836ba719b Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 21 22:57:09 2020 +0900 Handshake with BoringSSL commit c694fd25c3d8cdb719412988bbdd1b00097f8ce7 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 21 20:23:21 2020 +0900 Update OpenSSL impl commit 4d4c07f5b6ec278be314b25fdb12ed81f179c717 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 21 16:38:45 2020 +0900 Read ClientHello with BoringSSL commit 22b7d9f309b3da33de81123e00d05bac0024190c Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jan 20 11:54:20 2020 +0900 fixup commit 7611b5894cf29e25a1052b570e7a42b1d19afb6b Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 8 17:05:07 2020 +0900 Use some of BoringSSL APIs commit 715566abd0985380914b21d1003a8b3c65f772e7 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jan 6 11:19:40 2020 +0900 Make QUIC code work with BoringSSL commit 886bb0910f1feac2d66618d21ede49cbba1c8821 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Feb 14 10:51:21 2020 +0900 Warn if quic is specified to a port configuration on a binary that doesn't support it. commit 4034130ab0d4dca21fff4509e2d8ab9b78b78833 Merge: db258fb55 4bdde5d48 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Feb 13 11:29:16 2020 +0900 Merge branch 'master' into quic-latest * master: Change gold files to be less restrictive since some of the headers include can be in a different order (#6410) Avoid cross-thread mutex conflicts Auto port select slow_post test Remove unnecesary HttpSM handler call with VC_EVENT_ERROR Fix for lua plugin coredump problem during reload Update inactive_timeout_at in Http2Stream::signal_read_event() Fix localstatedir and runtimedir for Debian layout Including stdexcept Change to use throw std::runtime_error instead of removal Removing throw since there is no context and could cause a crash Ensure that extra data beyond the chunked body is not tunneled Free TSMgmtString after using it. Fixed how we handle uknown schemes Change header validation Change default connection match config value from ip to both Remove dependencies on include/tscore Skip unnecessary HostDB update on a fall back to serving stale record Remove trailing white space from json formatter Document the order of the X-Cache header Format config_describe output logs. Pretty format using BufferWritter Add compressible content-types example and 1Kb min Fix rare SSN/TXN Start/Close Hook misorderings (#6364) Add header rewrite test to make sure we are not injecting end of rule char (#6340) Change bitfields to be unsigned explicitly (#6373) commit db258fb551044c6811d0ba56d9f9bf9f7fe9df1e Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 5 00:13:27 2020 +0900 Fix a bug that receiving multiple Retry packets makes PN calculation wrong commit f8741de2364916c31c260951a05d1f73300d674a Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Feb 4 22:10:50 2020 +0900 Fix debug log commit e93a9a58e28def940a19d53516dbc6bec8577fe0 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Feb 4 20:55:23 2020 +0900 Fix a buffer size for address validation token commit 99a19e8c5cbef73c0a1ac689b4d78d8283158a46 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Feb 3 23:29:50 2020 +0900 Fix zero-length CID commit 550adb320db62739d6dd4676da08fbf1fd03ceb5 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Feb 3 22:34:21 2020 +0900 Fix preferred_address commit e1e06e12fd5603407dbe113f66c9c5dd5c27bd07 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Feb 3 21:47:56 2020 +0900 Fix QUIC Version Negotiation commit 212ae79222e756bb149e718bd7976d963b84fc52 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Feb 3 20:45:04 2020 +0900 Check buffer len while parsing QUIC Packet commit cf7f741f645b1ce933ae4c9b3e2c11068085bf3d Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Jan 31 14:13:21 2020 +0900 Fix a stack overflow at read_essential_info() commit 5c6063e97440908748fc999a048441e86c7efd02 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 30 16:20:02 2020 +0900 Add QUICRetryIntegrityTag commit d233b3f415da3f16f86778f230a3bbbfed478be4 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 30 16:08:26 2020 +0900 Fix a bug in Stateless Reset Packet generation commit 5cf73159b56513f13858e09c4b72d486ffc64b97 Merge: 8e1dd61f3 614bbe0a4 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 30 15:40:18 2020 +0900 Merge branch 'master' into quic-latest * master: Change alloca usage to malloc/free Fixing shadowed variables, both global and local: (#6371) Cleanup: Remove unused accessors of HttpVCTableEntry Removing always true/false comparisons (#6363) Change localtime/gmtime usages to use the threadsafe versions with local storage (#6362) Cleanup: Remove empty function Add header guard (#6358) Update git-versions Fix heap-use-after-free on Http2Stream::destroy() Add virtual destructors for Http2TxFrame, Http2FrequencyCounter Perf: Optimize sending HTTP/2 frame Fixes an issue where a debug build of ATS will fail the assertion in HttpTransact::handle_parent_died() when proxy.config.http.no_dns_just_forward_to_parent is enabled and there is no parent.config or strategy rule for the request. Also this provides a log warning for both debug and release builds of this condition. Fixes an issue where NextHopSelectionStrategy did not implement an available nexthop or parent check when proxy.config.http.no_dns_just_forward_to_parent is enabled. Fixes Issue #6321 caused when proxy.config.http.no_dns_just_forward_to_parent is enabled. When this configuration variable is enabled, a parent selection strategies findParent() function is called twice on each transaction resulting in unexpected results such as every other parent is only used in a strict round robin strategy. Fix problems with "Probe" option for X-Debug MIME header field. (#6197) Make compress plugin normalization of Accept-Encoding header compatible with normalization in core TS. Adding max line length configuration documentation. Fixed build issues on macOS after 0-RTT merge Fixes typo in TLS Bridge illustration Fix strict round robin cur_index increment remove dequeue_timed since it is not being used anymore fix doc build error Simple and miscellaneous fixes/additions for lua plugin fix freebsd build error Remove unused variable Improvements on ESI plugin Add new log field to output server name sent by client in TLS handshake. Fixes clang-format issues TLSv1.3 0-RTT support (#5450) Add simple autest and subsequent fixes Clear all pointers in API Hooks clear function. Fix closed flag from #6287 Doc bugs Add tests to exercise H2 and chunked encoding commit 8e1dd61f323596f5d7204ab918884c0b0f32e35e Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 30 15:35:39 2020 +0900 Count CIDs used on Initial and PreferredAddress as active CIDs commit bc33fc37c122dfd89140421b8c446328e9e71b1d Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 29 23:16:29 2020 +0900 Update RETRY packet commit bf08848e654e75c66d7e47bb6aea89f2f9e04c37 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 28 16:14:53 2020 +0900 Send INVALID_TOKEN error commit 593be74801b18a98b0a137e4bcf95c8e759fa288 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jan 27 12:04:16 2020 +0900 Use CONNECTION_ID_LIMIT_ERROR commit b7c4f1c8c3668486c1bc975ff08cf6d983b70317 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jan 27 11:59:06 2020 +0900 Add CONNECTION_ID_LIMIT_ERROR and INVALID_TOKEN commit df36ca7bfb6c14c001ab50e42f1ad77aa18c4b7c Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jan 27 11:45:00 2020 +0900 Update idle_timeout to max_idle_timeout and follow the new behavior commit 0ee4a7adca60d2f9f4bc5f271e1582e7910883da Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 23 21:46:10 2020 +0900 Update tests commit 3e191ce71057ecd161e2c434eff6a6f2b8609ff5 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 23 21:24:41 2020 +0900 Support HANDSHAKE_DONE frame commit 137451f24cd7d02a91a79a0e1b9e74e77ca0d578 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Jan 23 21:35:16 2020 +0900 Update QUIC draft version numbers to 25 commit 7b82a93d93ab143edf85bf1765aff1b882c9a10b Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 8 17:21:40 2020 +0900 Fix an wrong assert and add a test for it commit 983cd002288f82c6eb36d11d7cec24b961d2355a Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 7 16:06:28 2020 +0900 Rename QUICConnection::close to QUICConnection::close_quic_connection There was a name conflict. commit 7e6c192633658bc8a84da34a2ed54e6171686108 Merge: b15cf0991 f63027569 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 7 15:24:37 2020 +0900 Merge branch 'master' into quic-latest * master: Introduce NetEvent to split UnixNetVConnection and NetHandler Reduce process duration of test_Http2FrequencyCounter Make sure shutdown_cont_event isn't holding any garbage references. Add in_destroy to Http2ConnectionState to prevent double delete (similar to Http2ClientSession) Fixes a corner case where the NextHop consistent hash ring may not be searched in it's entirety for an available host due to a premature wrapped ring indication. Adjust debug tag for ssl_sni_whitelist plugin to match plugin Add invalid config warning when cache open write fail and read retry are inconsistent Add links to RWW sections Fix rst errors for collapsed forwarding plugin Set wrap after checking all the parents Perf: replace dynamic_cast with static_cast in this_thread() Fixes a few Sphinx build warnings (#6290) Moving / adding the Roadmap to the release notes (#6257) These features are in 9.0.x release notes (#6286) Removes the remaining references to TSQA LGTM: Fix unused imports Assure no SM survives plugin factory deactivation. Remove remnants of obsolete remap thread. Update the admin-guide hierachical caching and remap.config documentation to include the NextHop strategies feature. For combo_handler plugin, add an optional whitelist of allowed values for Content-Type. Copy the Client SNI Server Name out of the openssl SSL object and ensure it is null-terminated. For per-transaction config override, crossing the const-correctness event horizon. Remove -j from lgtm build (#6274) LGTM: Add header guards LGTM: Fix wrong type of arguments to formatting function Change HTTP/2 error rate log to warning LGTM: fixes a shadowed variable in ParentSelection::PreprocessParents(). LGTM: fix a comparison that is always false. Fixes various crashers loading/reloading parent.config TCL: cleanup in HostLookup.cc, make sure keys are stable. (#6263) Fix TS_USE_DIAGS usage for --disable-diags option Initial revision of .lgtm.yml config file (#6258) auto delete rolled log file fixes remap_stats: restore handling of remap/hostname to remove memory leak Avoid unnecesarry copy on POST request over HTTP/2 Add some stats collections to cache_promote. Some tweaks to reloading-plugins.en.rst (#6251) Fix sni.yaml fqdn to match complete name string Adding verify plugin TS maintenance commands Removing traffic_cop reference in Admin Guide introduction. commit b15cf0991e0bfbf3e8d7a8445169da8d440f294c Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Dec 12 14:44:35 2019 +0900 Use individual classes for receiving packet commit e0d4e22324e52fb43ca47412a074b143fd1445a2 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Nov 22 15:03:18 2019 +0900 Update tests and add accessor functions commit a79707fadd990d403cfb352c40555f813d4b28bf Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Nov 15 15:15:39 2019 +0900 Use a buffer on stack for sending packet instances commit 6718a5a78026de2ef7feada907b9013ff0355cf1 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Nov 8 22:47:05 2019 +0900 Use individual classes for sending packets commit f2e27565a2c4f01453151c99f5e1fb4d00ec20d6 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Dec 26 11:11:43 2019 +0900 Add debug log about retry token commit 64b76fcd245b58ab827bfb7d14ca8f602de6169b Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Dec 20 10:18:55 2019 +0900 Fix a bug that QUICFlowController generates frames regardless of max_frame_size commit c18cd3a4ace2cf7603f86efce24316950966fa94 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Dec 9 17:34:22 2019 +0900 Fix a bug commit 8e7597f04c34216f6d4b896ee3718cd8e526591d Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Dec 9 11:13:47 2019 +0900 Don't use the allocator for receiving QUICPacket commit 1ea2ba6757126977e9442b658c895299b33340ba Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Dec 9 10:54:21 2019 +0900 Fix compile warnings commit 4bcb41acee6ae3fc26c85c21036abce5b349a5f4 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Dec 6 17:33:21 2019 +0900 Completely ignore the second and following RETRY packets commit 152a42efbf5c516ecc59894952961b6dba4abdcb Merge: ba48f6b66 080889f68 Author: Masakazu Kitajo <maskit@apache.org> Date: Thu Dec 5 16:55:53 2019 +0900 Merge branch 'master' into quic-latest * master: Fixes sphinx build warning with the strategies.yaml document in the admin-guide. Adds strategies.yaml to install target cache_range_request plugin: add support for opt X-CRR-IMS reval header Adjust the refcounts to avoid Mutex leak Following catch test naming standards. Review comments. Fixing rolled log cleanup parsing for <blah>.log.<blah> files. Fixed build issue with clang5 and Extendible Remove never implemented regex descriptions Fix out of bound array access in ssl_session_reuse plugin (#6235) Don't sleep if ProtectedQueue.localQueue is not empty. (#6234) fix stringstream crash during shutdown Correct handle the value return from mgmt socket read and write (#6220) commit ba48f6b66397b31e8c6836037f6667e82c2cc636 Author: scw00 <scw00@apache.org> Date: Mon Nov 25 19:12:08 2019 +0800 Fix build error in QUICTypes.cc commit 91d7b743c65c5f3ba8270c52cd4c1f5186c9faa0 Merge: ecab2b84c aba5c2c6f Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Nov 22 15:10:31 2019 +0900 Merge branch 'master' into quic-latest * master: Docker builds do not need build numbers in workspace (#6221) Add autest for cache_range_request, add xdebug x-parentselection-key Move logging before session could be freed Do not reenable txnp with TS_EVENT_HTTP_ERROR if received TS_EVENT_HTTP_TXN_CLOSE event (PR #6215) Fixed next hop tests for out of tree builds This fixes next hop unit tests that segfault due to missing (#6216) Add autopep8 & pyflakes in dev-packages for AuTest Set END_STREAM flag when write_vio ntodo is 0 Add 100-continue expectation support on H2 connection Run dos2unix on all files in tree Lua plugin fix: Account for null in output from TSUrlPercentDecode. Cleanup: Remove useless UDPConnection function Check Range header for stale content Fixes spelling in strategies.yaml docs Adds WS check, and some cleanup (#6213) Cleanup trailing whitespaces, and YAML formatting (#6210) ssl_session_reuse optimization to check if diags is on Fix the strategies.yaml documentation. Add a remap @strategy tag and nexthop selection strategies to remap. Add test to catch regressions in sni and override configs (#6170) Upgrade Catch.hpp to v2.11 (#6185) Fix ssl_session_reuse to compile on macOS and FreeBSD Remove header conversion functions for HTTP/0.9 remap_stats: Fix BufferWriter usage error. Limit this check to Linux, where ldd always works (#6191) Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (#6189) Replaces Python -> Python3 in a few utilities (#6187) Fix compile warnings in Catch checks for TextView (#6186) Dockerfile for Debian package managers (#6183) RBTree - fix potential nullptr dereference Doc: Remove local path to MathJax. Removes the ssn_close hook, it can never work (#6175) tslua: Exposes set/get version for server request objects Remove unimplement UDP function Remove HttpTransact::build_upgrade_response Fixes cppcheck issues for cookie_remap plugin Fixed gcc7 issue with yaml-cpp 0.6.3 Updates yaml-cpp to 0.6.3 Remove unused functions of IOBuffer Re-order READ_REQUEST_ HDR_HOOK and PRE_REMAP_HOOK tslua: Exposes set/get method for server request objects Cleans up some of the filenames mess (#6144) Fixed build issues with hwloc 2.x API changes Remove Cache v23 support detect bogus jemalloc version Move websocket upgrade later in state machine Change API to return a TSReturnCode code. Promote server_push_preload plugin. Move TSHttpTxnServerPush to the stable API interface. Only decrement log_stat_log_files_open_stat when the file is closed. Normalize loopback usage in session_match autest tests: Adds autest for WebSocket mappings Fix building Catch on macOS Reverse debug specific check. thread ready check tests: Cleans up local variable is assigned to but never used warnings tests: Cleans up imported but unused imports Rename test to lua_watermark.test.py Add apache header to watermark lua test Add lua watermark test to check for existence of lua watermark upstream API call Internal link needs _ Reduce doc build errors Disable the most expensive "make check" tests by default slice plugin add support for using effective url with remap host. Make MIOBufferWriter unit tests work when compiled without -DDEBUG. Remove including sys/sysctl.h for Linux A couple simple tweaks. Update docs for SSL Handshake stats Remove using namespace std Avoid IOBufferReader::read_avail() call from MIOBuffer::high_water() Remove remnants of http/1.1 pipeline logic. Cleaned up the changelog command for making our release notes Updated to clang-format v9.0.0 Remove never implemented HttpTransact::service_transaction_in_proxy_only_mode Add Metrics to track SSL Handshake attempts Removes the records.config.shadow alternative config file Fixing include synopsis rendering for API docs. Adding an autest for traffic_dump. Issue #4294: Handle return value of SSL_write() properly. Fix null pointer dereference reported by clang-analyzer Add an appropriate warning where behavior has changed Fixes misc. spelling and whitespace For remap_stats, removes configure time dependency on search.h Removes proxy.config.cache.storage_filename set host name in TLS extension for SNI Host check in service side with sni policy verify_with_name_source. Minor fixes. Fixes misc. spelling and whitespace Docs: cachekey: fixed non-ascii table characters Docs: clarify remap plugin inst init params cleanup the eventloop Script used for comparing commits on internal branch and seeing if they are on the remote master or release branch. It uses a combination of cherry-mark and searching the commit message for cherry-pick -x hashes. doc + unittest TSRemap(Init|NewInstance) failures Updating the autest version pin to 1.7.4. Fixing log cleanup candidate selection and adding a test for it. Replace container of HPACK dynamic table from std::vector to std::deque Allow txn handler to be set from ssn on same hook Add basic SystemTap markers support Issue #6072: Make If-Range date compare to be exact match. Cleanup: Ignore checkprograms of remap Issue 4635: Address pipe reuse after configuration reload issues Fix the malformed threads table Disable tests using exceptions in MIOBufferWriter UT. Updated API header and ssl_session_reuse for new TSSslSessionInsert changes Premature DSO unload with "suicidal" continuations support for listening on all the net threads uses epollexclusive flag and soreuseport Fixing session sharing with IP matching. Promote 'Enable_Config_Var' from HttpConnectionCount to HttpConfig. This is so other configuration can use it. Cleanup: Remove use of obsolete class TSConstBuffer from MIME.cc Add example to retrieve request body using Lua Dechunk chunked contents on HttpTunnel if client protocol is HTTP/2 or HTTP/3 Add MIMEHdr Garbage Collection to HPACK Dynamic Table Fix some long lines and reduntant plugin_config SO additions. Updates references to OSX to macOS Fixes help message for traffic_top's sleep switch commit ecab2b84c79b456658a04e3163048b642a63b147 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Nov 22 10:22:43 2019 +0900 Fix typos commit 4cd5ec022e6924b32e9e4708b90770557fcf20d9 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Nov 20 14:39:38 2019 +0900 Fix a crash on reading malformed packet commit 0fd40f358d6865b76bae95a94e9403015baf61e8 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Nov 19 15:54:17 2019 +0900 Ignore dup NCID frames commit ded20f5fa04bc6bd2a608a2d1cd2ec26beaa3e30 Author: Masakazu Kitajo <maskit@apache.org> Date: Sun Nov 17 10:45:01 2019 +0900 Fix an issue that early data on the 2nd initial packet is not processed commit 26910cf2284dcbf5a8731296881053b505ae6971 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Nov 15 10:34:32 2019 +0900 Fix tests commit c53e4094c84378870d9642b7ca20563a2d9306ef Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Nov 12 14:24:08 2019 +0900 QUIC Connection Close frame is not ack-eliciting commit 500b22ac2c0daa1457224c6995fb10b55c5d28f2 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Nov 12 13:59:48 2019 +0900 Add settings for QUIC quantum readiness test proxy.config.quic.client.quantum_readiness_test_enabled proxy.config.quic.server.quantum_readiness_test_enabled commit 4766128cacf0dd27c17badb71a3b12c7195b0cb0 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Nov 12 13:58:54 2019 +0900 Handle multiple INITIAL packets from a client commit 77a5dd1028850598719be37c184da0265d8c608f Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Nov 11 16:18:57 2019 +0900 Allow sending PING at any encryption level This reverts #5859 commit ce0efc2db4d1ff4b49bf318d5a2d5fb13607580f Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Nov 11 16:16:29 2019 +0900 Update QUIC draft version numbers to 24 commit af2f854085d00f32f4aa55a8ec669a9989d84e09 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Nov 12 15:06:35 2019 +0900 Don't migrate connection until a client sends non-probing frame commit e892988c32506d7e609a94b99594b3e17cd670aa Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Oct 28 17:23:44 2019 +0900 traffic_quic: Support close exercise option on H3 session commit 9e4b0586a51cca83f531752acbf7b024f30bd7e8 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Oct 28 12:15:23 2019 +0900 Fix a bug in stream count limit This fixes #5995. commit 673575fd1542261be1d3f992f3687338746585bb Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Oct 28 10:09:18 2019 +0900 Fix a bug in sending QUIC ConnectionClose frame This closes #6057. commit 8d59375108f52b14a90c29f1d41b43fde78bbaa5 Author: scw00 <scw00@apache.org> Date: Wed Oct 23 17:14:02 2019 +0800 QUIC: Every two ack-elicting packet one ack frame commit 95717cdcfcd4fe0cf6be7caeeb18922ee97ee52f Merge: cbbc6a5de 9c05e64df Author: scw00 <scw00@apache.org> Date: Thu Oct 24 16:00:19 2019 +0800 Merge branch 'master' into quic-latest * master: Add a config for internal HPACK header table size limit Add tests for MIMEHdr::get_host_port_values Clarify relation of nameservers and resolv.conf Ignore MgmtMessageHdr if ProcessManager is not running Remove obsolete pipeline_max variable Add Example URI Signer Python Script Adding connection close headers to regex_remap test. Rewrote remap_stats plugin to use C++ Doc: Fixed the logging mode of pipe to be ascii_pipe Enhance Connection Collapse in ATS core Doc: improve documentation for event loop statistics. Doc: Fix :units: options for statistics. Doc: clean up build errors. Restore the MIOBufferWriter unit tests. Log H2 priority information "Plugin (un)used" post reload notification do not schedule stuff during shutdown Remove obsolete 4-2-0-fixup Cleanup: unifdef TRACK_BUFFER_USER cachekey: allow multiple values for `--key-type` Revert "Optimize: If failed on migrateToCurrentThread, put the server session back to global server session pool" url_sig: fix memory leak with urlParse and pristine flag make proxy.config.http.request_buffer_enabled configurable and bug fix Update TSVConnSslConnectionGet name to match others in the TSVConnSsl* family Minor cleanup of proxy/logging/Log.h . Add QUIC draft-23 support Fix TSHttpTxnReenable to schedule back to original SM thread Fix dynamic update for conntrack (HttpConnectionCount) configuration variables. These are the current settings we're running on docs do not reload configs periodically Mark host as partial when subdmains are more than default table depth Fix our doc build system to handle non-source dir configure locations. Destroy MIMEFieldBlockImpl that doesn't have fields in use clang-analyzer: Add a null check ProxySession cleanup: moving inline functions to .h Cleanup: do not re-define _proxy_ssn variable in local Cache SSL EC explicitly add some documentation to the action class to avoid confusion a general autoconf cleanup Updating the default cipher-suite lists for the 9.x release. Removed hardcoded logging.yaml filename in logs Conflicts: iocore/net/QUICNetVConnection.cc iocore/net/quic/Mock.h iocore/net/quic/QUICContext.cc iocore/net/quic/QUICContext.h iocore/net/quic/QUICPathManager.cc iocore/net/quic/QUICPathManager.h iocore/net/quic/QUICStreamManager.cc iocore/net/quic/QUICStreamManager.h iocore/net/quic/test/test_QUICFrameDispatcher.cc commit cbbc6a5de0e4282097227fef510d911c282ea8d5 Author: scw00 <scw00@apache.org> Date: Tue Oct 22 10:30:29 2019 +0800 QUIC: add Context to QUICStreamManager commit 4ef3d3a3084dec2bdfdbc35c292f9f2d5cc2bf0d Author: scw00 <scw00@apache.org> Date: Wed Oct 9 10:37:12 2019 +0800 QUIC: sink path manager to stream manager

* asf/9.0.x: (33 commits) Cleanup trailing whitespaces, and YAML formatting (apache#6212) Fixes misc. spelling and whitespace set host name in TLS extension for SNI Host check in service side with sni policy verify_with_name_source. Updated ChangeLog More changes Reduce doc build errors Add basic SystemTap markers support Add test to catch regressions in sni and override configs (apache#6170) Upgrade Catch.hpp to v2.11 (apache#6185) remap_stats: Fix BufferWriter usage error. Fix ssl_session_reuse to compile on macOS and FreeBSD Add base64 encoding/decoding to encryption/decryption, and general code cleanup. Removes the ssn_close hook, it can never work (apache#6175) Remove unimplement UDP function Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (apache#6189) Limit this check to Linux, where ldd always works (apache#6191) Replaces Python -> Python3 in a few utilities (apache#6187) slice plugin add support for using effective url with remap host. Remove HttpTransact::build_upgrade_response tslua: Exposes set/get version for server request objects ...

…it (apache#6189)" This reverts commit 093317c.

…it (#6189)" (#8341) This reverts commit 093317c.

* Removes down_server.abort_threshold completely (#8077) * url_sig: add url_type = pristine config file option (#8100) * Remove unused multicast functions (#8158) * Defer canceling UA inactivity timeout for chunked bodies too (#8084) * Update INSTALL for URLs and version number (#8173) * Fix clearing all stats function (#8172) Co-authored-by: Damian Meden <damian.meden@verizonmedia.com> * ensure hostname_offset is initialized to '0' to indicate null hostname (#8162) * Remove used url_copy_onto_as_server_url (#8169) * Fix typo in documentation (#8177) * Remove unused HdrCsvIter methods (#8167) * Remove unused configuration related methods from Store and Span. (#8160) * Add plugin parent_select reloading (#8075) * Added missing milestones and updated slow log report script (#8168) Moved the cache open read end milestone to the end of the method * Make the rest of InkAPI allocators Proxy Allocated (#8106) * Make the rest of InkAPI allocators Proxy Allocated * As per Walt the all-knowing oracle, remove from test * Various maxmind_acl fixes (#8181) * Various maxmind_acl fixes - Add a check for non-nullptr client addr - Add null termination for iso_codes. They are stored unterminated in the database so to properly lookup in the map we need to terminate ourselves * Review fixes * Abstract adding Connection: close header to avoid triggering H2 draining logic (#8178) * Merge quic-latest into master (#8010) Squashed commit of the following: commit d232a12ec5ae461235f4a4d6f7c7644d05651aed Merge: 837bd0e41 2edeae477 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jun 29 15:41:34 2021 +0900 Merge branch 'master' into quic-latest * master: reuse multiple times (#7992) Test bad request behavior (#7884) Fix BoringSSL build (#8001) Update TSHttpTxnAborted API to distinguish client/server aborts (#7901) Enforce case for well known methods (#7886) Add null checks for http_load (#7995) commit 837bd0e413c27b4f2132864c9a0a377a45fabaf5 Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jun 28 15:11:03 2021 +0900 Fix unit tests for QUICStreamState commit c5bb9e0dd41cba2198c5632f85f89f9b343eee34 Merge: 0a63fa977 202b2505c Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Jun 28 10:02:54 2021 +0900 Merge branch 'master' into quic-latest * master: Implement TLSBasicSupport for QUICNetVC (#7959) Reload server session inactivity timeout before placing a session into the pool (#7618) Use OpeSSL EVP API if SHA1 API is unavailable (cache_promote) (#7447) Cleanup: Get rid of HTTP2_SESSION_EVENT_RECV (#7879) Timing and permissions update for regex_revalidate test (#7998) limit m_current_range to max value in RangeTransform (#4843) Allow to TLS handshake to error out on TSVConnReenable (#7994) Cleanup: Get rid of HTTP2_SESSION_EVENT_INIT (#7878) Add hook for loading certificate and key data from plugin (#6609) Doc: Now's Minute invocation error (#7990) Fix typo in configure.ac (#7993) commit 0a63fa977f97919143f45508f1f6c5b656324d80 Merge: 312cf393c bd93f2a40 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Jun 25 14:34:55 2021 +0900 Merge branch 'master' into quic-latest * master: Don't rely on SSLNetVC when HttpSM gathers info about SSL (#7961) conf_remap: demote 'Invalid configuration' to warning (#7991) Cleans up the code bit, including milliseconds consistency (#7989) Pass through expect header and handle 100-continue response (#7962) Treat TRACE with body as bad request (#7905) Thread safe Mersenne Twister 64 using c++11 (#7859) ESI plugin documentation updates. (#7970) Add log name configuration and stderr/stdout support. (#7937) Cleanup: Constify MIMEHdr (#7949) Fixed compile error with Linux AIO unit test (#7958) Note YAML parser library bug, and work-around, in documentation. (#7963) Ensure that the content-length value is only digits (#7964) String the url fragment for outgoing requests (#7966) Fix for HTTP/2 frames (#7965) Improve parsing error messages for strategies.yaml. (#7948) fix the scheme of h2 0rtt tests (#7957) Fix double test flakiness due to EOS/TXN_CLOSE race (#7956) Use proxy.config.log.hostname for rotated log filenames (#7943) Fixed memory leak in the QUIC stream manager (#7951) Fixup TS_USE_LINUX_NATIVE_AIO AIO_MODE_NATIVE (#7832) Update GitHub stale action to auto close old PRs (#7952) Revert "Do not invalidate cached resources upon error responses to unsafe methods (#7864)" (#7954) regex_revalidate: add stats for miss/stale counts (#7950) Do not invalidate cached resources upon error responses to unsafe methods (#7864) Add an HTTP/2 304 "Not Modified" AuTest. (#7882) regex_revalidate: optionally retain rule epoch state across restarts (#7939) Fixed memory leak in QUIC ack frame unit test (#7947) cache_promote: Don't promote on uncacheable requests (#7942) Fix dynamic-stack-buffer-overflow of cachekey plugin (#7945) Compilation error fixes for QUIC unit tests (#7944) Adds bytes counting as a trigger to the cache_promote LRU (#7765) Add a JSON schema for strategies.yaml (#7932) Remove second call to TRANSACT_RETURN while handling cache write lock (#7873) Close connection after every bad request for HTTP/1.1 (#7885) Pin Sphinx to 3.x to unblock `make html` (#7940) Add support for Remap rule hit stats (#7936) Remove scrap log object dead code (#7935) Add STL forward iterators to DLL container. (#7934) Add log SQUID code testing to redirect.test.py Au test. (#7870) Fix race condition on server session state (#7921) regex_reval: bug where rule type is always reported as the first (#7928) Remove duplicate entry in overridable txn vars. (#7930) Satisfy ci/jenkins/bin/clang-format.sh (#7929) Add a basic Au test using strategies.yaml, with consistent hashing. (#7911) Add a chunked negative revalidating test. (#7907) Ensure that URL components are valid when alternate eviction is logged (#7924) fix grammar (#7927) AuTest: Enable h2spec generic test cases (#7926) Adjust vc read errors (#7923) Remove bucket search from IntrusiveHashMap::erase (#7848) Ensure TS_VCONN_CLOSE_HOOK hook is called during TS_EVENT_VCONN_CLOSE. (#7913) Update docs languages file to add 9.1.x for en and ja (#7917) * Adds a new peering ring mode to next hop selection strategies. (#7897) Add Au test for strategies.yaml, with consistent hashing, with fallover. (#7914) Make HttpSM server reference a Transaction instead of a Session (#7849) Set accept_options of Http1Transaction in Http1ClientSession::new_connection() (#7894) Reset Http1Transaction before adding vc to keep_alive_queue (#7892) Add dead server policy control and metric. Improve messages. (#7757) Ensure the HTTP protion of the protocol string is upper case (#7904) Fixed spelling mistakes in the docs (#7896) add MISS capability to the regex_revalidate plugin (#7899) docs: fix capitalization of Linux (#7898) Redirect - Make TS to honour the number_of_redirections configuration value (#7867) Clean up producer more regularly (#7386) Fix crash in open_close_h2 (#7586) Cleanup Http2ClientSession SessionHandler (#7876) Enforce HTTP parsing restrictions on HTTP versions supported (#7875) Do not delete the continuation twice (#7862) Cleanup: refer Http2ClientSession::mutex (#7853) Autest - Proxy Verifier Extension, add context template $-base string substitution in the replay file. (#7866) Fixed some spelling mistakes in comments (#7869) Fixed ASAN issues with MMH test (#7868) Cleanup: Move member functions defined inside of class definitions of Http2ConnectionState & Http2ConnectionSettings (#7854) Add URI Signing cdnistd Claim Implementation (#7822) Adds a new --enable-all-asserts configure option (#7858) Unifdef test code for MMH and moved it into its own test file (#7841) Clean up lua plugin doc for overridable configurations (#7844) Save and propagate epoll network error (#7809) Add method to write an IpAddr value to a sockaddr. (#7821) Add proxy.config.http.max_proxy_cycles (#7657) Update NextHop strategies so that unavailable server retry codes (#7837) generator: allow for POST requests (#7635) Fixed double declaration types for log buffer tracking (#7847) Extra braces for clang 5 / ubuntu 16.04 on array initialization (#7842) Conflicts: iocore/net/quic/QUICStreamFactory.cc commit 312cf393c170bbf1ee6c945907868137197afdfa Merge: f90e8dde9 5cdc1459f Author: Masakazu Kitajo <maskit@apache.org> Date: Mon May 17 10:07:42 2021 +0900 Merge branch 'master' into quic-latest * master: Get rid of code for OpenSSL that has old QUIC API (#7599) Fixed warning in gcc 11 about array not being initalized (#7840) Don't call next next dup on destroyed mime field mloc. (#7833) build_h3_tools: use OpenSSL_1_1_1k+quic (#7836) Address assert on captive_action (#7807) Fix so EOS are delivered to sessions in the pool (#7828) Fix a format specifier for size_t (#7830) Fix stall on sending response for request with trailer header (#7831) Simplification dir_init_done (#7817) Remove unused member from HttpSM (#7835) AuTest: use exteneded help output to determin curl feature support (#7834) Apply fmt compile time argument checking to log functions (#7829) Adds new X-Cache-Info header to the xdebug plugin (#7784) Cleanup: Remove unused members of Http2Stream (#7813) Cleanup: unused functions of Http2ClientSession (#7812) Cancel cross_thread_event on clear_io_events (#7815) Cleanup: Remove a meaningless Http2Stream::do_io_close() call (#7814) Eliminate next dup call using stale mime field mloc is s3_auth plugin. (#7825) NetEvent cleanup - replace #define with constexpr (#7804) fix origin session related crashes (#7808) Update HTTP version info in HostDB on new outbound connection (#7816) Remove a redundant argument (#7811) SSL Cert lookup using PP dest ip when ProxyProtocol is enabled (#7802) Fix MLoc assert caused by s3auth (#7790) Fix cpu utilization problem in session cache (#7719) Fix to cookie_remap.cc tp avoid Intel compiler warning. (#7792) TSHttpTxnCacheDiskPathGet - tighten up the code a bit. (#7806) Doc: tcpinfo plugin table formatting (#7805) fix DNS spike issue for TCP_RETRY mode (#7307) Adds new TS API TSHttpTxnCacheDiskPathGet (#7783) tests: Fixes spelling (#7789) Traffic Dump: Add an HTTP/3 AuTest (#7758) use sendmsg and recvmsg (#7793) HTTP: clean up the http_hdr_describe format error (#7797) Fixes an issue where next hop unit tests crash when run on macOS. (#7787) Apply log throttling to HTTP/2 session error rate messages (#7772) Cleans up uninitialized warning in LogMessage.cc (#7788) Short circuit remap reload when a valid remap file is not specified (#7782) DNS: Clean up argument passing to DNS queries. (#7778) Remove extra verify-callback (#7540) Augment test cases for tls_verify_override test (#7736) Make when_to_revalidate setting available on HTTPS (#7753) Add traffic_server command line option for debugging in Au test. (#7762) Test: Update tls_partial_blind_tunnel to have a nameserver. (#7773) Test: update tls_forward_nonhttp to have a nameserver. (#7774) Test: add nameserver to log-filter test. (#7776) BWF: Add support for std::error_code. (#7777) Test: add nameserver to log-field test. (#7779) Test: add nameserver to regex_remap test. (#7775) Elevate privileges for traffic_manager during SSL cert reload (#7770) Clean up HTTP version processing (#7766) Remove proxy.config.http.down_server.abort_threshold (#7748) Remove undocumented keepalive_internal_vc setting (#7693) doc: header_rewrite random function not inclusive (#7760) Experimental Cache fill plugin (#7470) Remove references to removed options (#7756) Propagate TLS errors (#7714) AuTest extension: check for unrecognized configurations (#7752) Fixes errors in the strategies.yaml documentation. (#7745) Updates to Nexthop strategies to limit the number of simultaneous (#7744) Fixes Issue #7739 - Next hop strategy with bad 'to' URL causes TS crash. (#7749) header_rewrite: Various fixes for MaxMind support (#7746) Remove unused variable is_revalidation_necessary (#7747) Fix simple remapping in regex_remap plugin. (#7718) Adding DNS TTL AuTests. (#7742) Add a chunked disabled test. (#7743) Fix monitor threads in lib records to exit on system shutdown. (#7731) Add overload for memcpy to take a destination buffer and source string_view / TextView (#7732) Test: Add nameserver to TLS tunnel forward test. (#7733) AIO_NOT_IN_PROGRESS should not be 0 (#7734) if transaction status non-success, bypass intercept plugin (#7724) ink_utf8_to_latin1 is not defined, removing declaration (#7737) Fix build on FreeBSD 13 (#7730) Update VSCode CPP Standard (#7723) Updating to use Proxy Verifier 2.2.0 (#7729) header_rewrite: Allow for relative path to geo database files (#7727) Override proxy.config.ssl.client.sni_policy from sni.yaml (#7703) compress.test.py: Reference config file from Test.RunDirectory (#7725) Ran clang-tidy over the code (#7708) Deny unknown transfer encoding values (#7694) Fix doc for http2.no_activity_timeout_in (#7721) Add DynamicStats (#7704) header_rewrite: allow for use of maxminddb as source of geo truth (#7695) Include in parentselectdefs.h in install target (#7713) uri_signing: fix warning which affects ubuntu:20.04 builds (#7717) Increase the maximum slice block size from 32MB to 128MB (#7709) commit f90e8dde99564ff4270f2ae63e8592b0948b6130 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Jan 12 12:21:51 2021 +0900 Add QUICStreamStateListener commit f66646cb1907f7079eaf41aa81da9705934eff18 Merge: be9837c03 9f9594fd3 Author: Masakazu Kitajo <maskit@apache.org> Date: Sat Apr 17 13:57:50 2021 +0900 Merge branch 'master' into quic-latest * master: Fix ALPN support on QUIC connections (#7593) fix mem leak in session cache (#7707) Parent Select Plugin (#7467) Add new TS API function TSUrlRawPortGet. (#7568) Add NixOS support (#7697) Remove support for --enable-remote-cov-commit (#7700) Remove configure-time loopback interface detection (#7702) Add sqpv log field for server protocol (#7680) Call do_io_close instead of HTTP2_SESSION_EVENT_FINI handler (#7594) Fix a bug in tspush that pushes corrupted content to cache (#7696) Automatically marks PRs and issues stale (#7675) New rate_limit plugin for simple resource limitations (#7623) Remove undefined method HttpSM::perform_nca_cache_action (#7692) Remove undefined method HttpSM::setup_client_header_nca (#7691) Scalar; Move "tag" struct to be inside the "ts" namespace to avoid collisions. (#7690) Rollback LAZY_BUF_ALLOC remove in HttpTunnel (#7583) Add class to normalize handling of pending action (#7667) Make HTTP/2 Curl AuTest gold files case insensitive (#7683) Add STL compliant field iteration to MIMEHdr. - rebase. (#7476) Fix use of -mcx16 flag - only use if it compiles cleanly. (#7684) Refine connection failure logging and messages and eliminate suprious connection errors (#7580) Add close header normalize openclose test (#7679) Fix has_consumer_besides_client to deal with no clients (#7685) create a new cache status RWW_HIT (#7670) Updating to AuTest 1.10.0 (#7682) sslheaders AuTest: Skip if plugin does not exist (#7678) Add AuTest for Background Fill (#7613) Do NOT kill tunnel if it has any consumer besides HT_HTTP_CLIENT (#7641) AuTest: address various permissions issues (#7668) Adding TCP Info header support to header rewrite (#7516) Refine Inline.cc carveout for arm64 darwin builds (#7662) Comment why log eviction isn't implemented via a log field. (#7648) Fixing Throttler.h for older clang and gcc compilers (#7651) Update -with-profile and add some profiling documentation (#7601) Use correct default value for verify.server.policy (#7636) Update server_response_body_bytes when background fill worked (#7621) Remove erroneous manager.log mesg with remap include file reload (#7646) Change ROUNDUP from function-like macro to function template. (#7614) Document http.default_buffer_water_mark (#7612) Add proxy.config.cache.log.alternate.eviction (#7629) Fix HttpSessionManager::acquireSession from previous rebase error (#7631) Fix tls_client_versions and tls_hooks18 tests (#7645) Updating documentation for negative_revalidating_lifetime (#7633) Remove reference to client.verify.server from tests and other bits (#7639) Add pooled_server_connections metric (#7627) Expose URL element methods through HTTPHdr (#7628) Add default implementation for allow_half_open (#7630) Add thread yeield to avoid busy waiting in LogObject::_checkout_write(). (#7576) Add proxy.process.http.background_fill_total_count (#7625) statichit: misc. fixes (#7634) Remove unused variables (#7626) Adding negative revalidating AuTests. (#7620) Add failed state to hostdb to better track failing origins (#7291) Use standard isdigit library function (#7619) Typo in output when forcing kqueue for configure (#7617) Implement log throttling (#7279) Increase Proxy Verifier caching delay. (#7616) Set pcre_malloc/free function pointers in core main() only. (#7608) commit be9837c03219f2cb9efbd4981d13dbc78294ce51 Merge: 99ff68fa3 d4fc16f64 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Mar 17 09:38:59 2021 +0900 Merge branch 'master' into quic-latest * master: Fix the connection limit crash while using parents (#7604) Remove inline for detail::cache::CacheData::idAddr (#7592) Remove UnixNetVConnection::startEvent - not actually called. (#7596) Use return values to fix ubuntu release build error (#7591) Fix double destuct on Http2Stream termination (#7600) Add pointer/reference upcast function that is checked in debug builds. (#7582) Call constructors and destructors for H1/2 Session/Transaction via ClassAllocator (#7584) Add gold test for remap config .include directive. (#7589) Change the default value for verify.server.policy (#7587) Build the test library for tls_engine consistently (#7588) Generalize ALPN logic (#7555) Fix the final consumer write size from unchunked to chunked tunnel (#7577) Reactivate accept_no_activity_timeout (#7408) Tidy up session/transaction destruction process (#7571) Remove ProxyTransaction::set_proxy_ssn (#7567) Introduce TLSBasicSupport interface (#7556) Cleanup: Rename IOBufferReader of Http2ClientSession (#7569) Add a check for compress response, if from server and 304, then check cache for headers instead of the 304 response (#7564) Updates the STATUS file with all recent releases (#7566) Make Allocator.h less silly (no creepy "proto" object). (#6241) Cleanup: Remove unused member of Http2ClientSession (#7570) enable origin server session cache by default (#7537) Add tscontdestroy when transaction is closed and pacing rate is reset (#7572) Remove reference to CoreUtils (#7557) Remove unused enums from YamlSNIConfig struct. (#7565) Removes deprecated sni.yaml option: disable_h2 (#7547) This PR updates parent selection to limit the number of simultaneous (#7485) Fix KA header not checking strategy (#7483) Get rid of kruft LogObject copy constructor. (#7553) For TSHttpHdrEffectiveUrlBufGet(), include scheme for request to server URL. (#7545) Adding lower_ support to stats and bonding_slave data points for port status (#7560) Change cookie_remap plugin to allow use of pre-remap URL (and components). (#7519) check verify policy and properties (#7559) Fix parent.config to 504 not 502 on timeout (#7558) use SSL_CTX address as part of the lookup key (#7552) Add ALPN support on TLS Partial Blind Tunnel (#7511) Add server_name option to proxy.config.ssl.client.sni_policy (#7533) Fix a crash on origin session reuse (#7543) Removes the test plugins from the .spec file / RPM (#7551) Convert the inactive_client_timeout test to use Proxy Verifier (#7535) Fix ja3_fingerprint configure syntax (#7550) Fix asserts in multiplexer plugin. (#7532) parse expiration time and reload config at time out (#7281) Fix origin_session_reuse test (#7542) Fix tls_session_reuse test (#7541) Split SSL_CTX initialization logic into small functions (#7434) Remove dependency for SSL stuff from P_Net.h (#7531) Unify all the connect timeouts into one (#7335) Fix lua_states_stats Au test. (#7232) origin session reuse (#7479) Updating to use Proxy Verifier 2.1.0 (#7534) update the session reuse tests (#7529) commit 99ff68fa395a6e3f8ab2e27e98049ceb00a0a7c8 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 17 11:14:40 2021 +0900 Fix link error commit c4ad0c071d53fb888d8b2ffac34b848524f4fe68 Merge: c40d95a91 cd33010ff Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Feb 17 09:56:25 2021 +0900 Merge branch 'master' into quic-latest * master: Select lua context per thread (#7465) Fix out of bounds access error in jtest (#7526) Disable compiling Inline.cc on macOS (#7389) Makes sure the types are correct, avoiding compiler warnings (#7523) Move has_request_body to ProxyTransaction (#7499) Make the H3 build script work properly on Debian platforms (#7522) slice/handleFirstServerHeader: return sooner on requested range errors (#7486) Add new log field for negotiated ALPN Protocol ID with the client (#7491) Add Outbound PROXY Protocol (v1/v2) Support (#7446) Updates the Dockerfile for debian (#7518) Disable client inactivity timeout while server is processing POST request (#7309) Upgrade Catch.hpp to v2.13.4 (#7464) Move reopen_moved_log_files to log flushing thread (#7450) replace psutil.pid() with psutil.process_iter() for safer execution (#7515) Fix spacing in clang-analyzer.sh script (#7480) Fix out of bounds access error in ats_base64_decode (#7490) Updated to build lastest versions of Fedora and CentOS docker images (#7505) Fix QUIC unit tests build issue on GNU ld (#7496) Fix QUIC unit test failures (#7497) Fixed build issues with Fedora 34 (#7506) Fixing DNS local_ipv* config option (#7507) traffic_dump: AuTests to use Proxy Verifier. (#7502) Disable ja3 plugin when building with boringssl (#7500) Avoid -Warray-bounds on PROXY Protocol Builder (#7488) AuTest: Upgrade to Proxy Verifier 2.0.2 (#7493) fix certs (#7494) Add zlib1g-dev to Debian dependencies in README (#7495) Unit Test - Increase openssl's key size. Place test certs into a common test folder. (#7451) Add basic type aliases for std::chrono types to ink_time.h for future use. (#7482) traffic_ctl - Fix lookup key for run-root option (#7484) update thread config tests (#7370) Perf: Replace casecmp with memcmp in HPACK static table lookup (#6521) Add PROXY Protocol Builder (#7445) Adjust so transfer-encoding header can be treated hop-by-hop (#7473) Convert auxkey form 2 uint32_t to 1 uint64_t. (#7350) Remove the queuing option from proxy.config.http.per_server.connection (#7302) Remove unused function ink_microseconds. (#7481) use std::unordered_map to store sessions (#7405) drop use of BIO_f_base64 and EVP_PKEY_new_mac_key (#7106) Do not write to the cache if the plugin decides not to write to the cache (#7461) API to retrieve NoStore set by plugins (#7439) Update AuTest version update directions for pipenv (#7469) Add command line utility to help convert remap plugin usage to ATS9. (#7426) Cleanup: Get rid of MIMEFieldWrapper from HPACK encoding (#6520) Proxy Verifier: Making use of delay directives for caching tests. (#7468) Cleanup: Add SNIRoutingType (#7453) Updating to Proxy Verifier v2.0.0 (#7454) Adjust to actually try a server address more than once (#7288) Change atoi to atol, causing obvious issues on what needs to be int64's (#7466) Cleans up duplicated TSOutboundConnectionMatchType definition (#7090) Fixing compress expectation for new microserver (#7463) Update to the new MicroServer 1.0.6 release (#7460) CacheRead: clear dir entry if doc is found to be truncated (#7064) Do not provide a stale negative cache (#7422) Generalize SNI support (#6870) Add synchronization between UDPNetProcessor::UDPBind in main Thread and initialize_thread_for_udp_net in ET_UDP Thread (#7407) Fix heap use after free in DNSProcessor::getby() (#3871) Fix comment in include/tscore/Filenames.h. (#7457) Fix Makefile target for creating changelogs (#7455) Change squid log code for self looping (#7443) Enhancements for compress plugin (#7416) Add incoming PROXY Protocol v2 support (#7340) Cleanup: Remove unused members of NextHopProperty (#7436) Small fix to regex_remap PR # 7347. (#7437) PoolableSession (#6828) option to disable compression for range request's response (#7287) Make TSUrlSchemeGet() return scheme implied by URL type when there is no explicit scheme. (#7262) commit c40d95a912166224e517b07d6dc3ffd273907fc9 Merge: 573035c60 ecd70df36 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Jan 20 09:39:34 2021 +0900 Merge branch 'master' into quic-latest * master: Fix a link error on traffi_quic command (#7433) Fix stall on outbound TLS handshake (#7432) Fix the Proxy Verifier AuTest extension to handle cert paths correctly (#7415) Update documentation for TSSslSessionInsert (#7420) Improve zlib detection logic (#7430) Fix parent connect fail segfault (#7429) commit 573035c606fa088349420de35f0cdabe38649f5e Merge: 5704095ba 95b8d575a Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Jan 15 23:24:29 2021 +0900 Merge branch 'master' into quic-latest * master: Doc: Fix typo in negative_revalidating_lifetime (#7427) Change comment handling for long lines in url_sig plugin (#7421) Add unit tests for PROXY Protocol v1 parser (#7332) LGTM: Remove superfluous const qualifier in return type (#7412) Fix issue with unavailable server retry codes (#7410) Remove the warning statement (#7414) default to throttling and subsequently simplify the transfer code (#7257) Improvement to lua plugin (#7413) Make places to bind/unbind SSL object with/from NetVC (#7399) traffic_ctl - plugin msg now require only the tag as mandatory field data field is now optional. (#7364) API - Add new api function TSHttpTxnServerSsnTransactionCount() to retrieve the number of transactions between TS proxy and the origin server from a single session. (#7387) Fix clang compiler complaint about an unused parameter in SNIAction. (#7409) Add compression support to stats_over_http (#7393) Doc: Fix INPUT tag of Doxyfile (#7404) Remove unneeded variables in UnixNetVConnection (#7403) Correctly pass back errno to HttpSM (#7402) Reverting to old negative_caching conditional behavior (#7401) Remove unused MAYBE_ABORT state (#7400) traffic_manager should not retry on disk failure (#7397) Eliminate dangling pointer into stack space. (#7392) This PR aims to address some of the lock contention found and (#7377) Remove a special treatment for SSLNetVC in migrateToCurrentThread() (#7384) Replace ::exit() with _exit() to avoid secondary cleanup cores (#7395) [Doc] Fix build warnings (#7391) Clear call_sm on tunnel reset (#7352) Unused code: HostDBContinuation::removeEvent (#7383) Traffic Dump: Fix stream-id printing after first transaction. (#7311) Add comments to ink_queue.h. (#7376) Cleanup incoming PROXY Protocol v1 (#7331) In CI, only run autopep8 on branches that enforce autopep8 (#7270) Fix FreeBSD 12 link issue in test_libhttp2. (#7367) Adjust flags to ensure tunnel producer is cleaned up (#7336) Cleanup: Remove SSL Wire Trace releated code in UnixNetVConnection (#7368) Use EVP MAC API if available (#7363) Use EVP API instead of MD5_Init/Update/Final (secure_link plugin) (#7355) Use ERR_get_error_all if available (#7354) Use OpeSSL EVP API instead of SHA256_Init/Update/Final (#7342) Cleanup: Get rid of NetVConnection::outstanding() (#7366) Cleanup: Remove unused functions (#7365) Add a post case to the conn_timeout test (#7334) Fix sni ip_allow and host_sni_policy (#7349) AuTest for Split DNS (#7325) Make reloading client certificate configuration more reliable (#7313) Add negative caching tests and fixes. (#7361) ESI: Ensure gzip header is always initialized (#7360) Allow for regex_remap of pristine URL. (#7347) Set thread mutex to the DNSHandler mutex of SplitDNS (#7321) Fix lookup split dns rule with fast path (#7320) Add note to background fetch about include/exclude (#7343) AuTest for incoming PROXY Protocol v1 (#7326) Fix vc close migration race condition (#7337) TLS Session Reuse: Downgrade add_session messages to debug (#7345) TLS Session Reuse: Downgrade noisy log to debug (#7344) Remove the last remnants of the enable_url_expandomatic (#7276) Remove unnecessary cast from ReverseProxy. (#7329) Updates the Dockerfile with more packages (#7323) fixup in HttpSM to only set [TS_MILESTONE_SERVER_CLOSE if TS_MILESTONE_SERVER_CONNECT has been set (#7259) Add option for hybrid global and thread session pools (#6978) Get appropriate locks on SSN_START hook delays (#7295) s3_auth: demote noisy errors around configuration that doesn't affect plugin usability (#7306) Follow the comments in I_Thread.h, add an independent ink_thread_key for EThread. (#6288) Reduce the number of write operation on H2 (#7282) commit 5704095ba63316e672d9fae67d2757fff084e03c Merge: 882a79d87 0c88b24a0 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Oct 28 21:06:11 2020 +0900 Merge branch 'master' into quic-latest * master: Adds a shell script to help build the H3 toolchains (#7299) Remove unfinished h2c support (#7286) Allow disabling SO_MARK and IP_TOS usage (#7292) Enable all h2spec test (#7289) Fix bad HTTP/2 post client causing stuck HttpSM (#7237) Sticky server does not work with H2 client (#7261) 7096: Synchronize Server Session Management and Network I/O (#7278) HostDB: remove unused field in HostDBApplicationInfo, and update remaining types in http_data to fix broken padding. (#7264) Add support for a new (TSMgmtDataTypeGet) mgmt API function to retrieve the record data type (#7221) Fix example in default sni.yaml configuration. (#7277) Fix proxy.process.http.current_client_transactions (#7258) Add AuTest for HTTP/2 Graceful Shutdown (#7271) Fix truncated reponse on HTTP/2 graceful shutdown (#7267) url_sig add 'ignore_expiry = true' option for log replay testing (#7231) Respecting default rolling_enabled in plugins. (#7275) gracefully handle TSReleaseAsserts in statichit and generator plugins (#7269) Removes commented out code from esi plugin (#7273) Allow initial // in request targets. (#7266) Document external log rotation support via SIGUSR2 (#7265) Let Dedicated EThreads use `EThread::schedule` (#7228) HostDB: Fix cache data version checking to use full version, not major version. (#7263) Bugfix: set a default inactivity timeout only if a read or write I/O operation was set (#7226) Treat objects with negative max-age CC directives as stale. (#7260) Remove some usless defines, which just obsfucates code (#7252) Remove useless if for port set assertion. (#7250) Fix test_error_page_selection memory leaks and logic errors (#7248) [multiplexer] option to skip post/put requests (#7233) Incorporates the latest CI build changes (#7251) Add support for server protocol stack API (#7239) Fix for plugins ASAN suppression file (#7249) RolledLogDeleter: do not sort on each candidate consideration. (#7243) Make double Au test more reliable. (#7216) Ensure that ca override does not get lost (#7219) Stop crash on disk failure (#7218) Do not cache Transfer-Encoding header (#7234) clean up body factory tests (#7236) Revert "Create an explicit runroot.yaml for AuTests (#7177)" (#7235) New option to dead server to not retry during dead period (#7142) Increment ssl_error_syscall only if not EOF (#7225) Fix renamed setting in default config (#7224) Log config reload: use new config for initialization (#7215) Introduce proxy-verifier to AuTests (#7211) Follow redirection responses when refreshing stale cache objects. (#7213) Create an explicit runroot.yaml for AuTests (#7177) Support external log rotation tools via SIGUSR2 (#6806) Add support for TS API for Note, Status, Warning, Alert (#7208) If the weight is 0, the SRV record should be selected from the highest priority group (#7206) Cleanup: remove unnecessary memset() within dns_process() (#7209) Docs cleanup (#7210) Strip whitespaces after field-name and before the colon in headers from the origin (#7202) Adds new plugin: statichit (#7173) Add duplicate header field processing when creating outgoing response (#7207) commit 882a79d87126a27482b2d1dc5a172ef042acad6b Merge: 2a9887f4c bb5c39086 Author: Masakazu Kitajo <maskit@apache.org> Date: Fri Sep 18 10:01:14 2020 +0900 Merge branch 'master' into quic-latest * master: Rename ambiguous log variable (#7199) KWF useless member function HttpSM::kill_this_async_hook(). (#7198) Fix the active_timeout test to work without quic enabled (#7197) Remove obsolete cdn_ HttpTransact vars (#7182) Remove unused HttpUpdate mechanism (#7194) Updates the list of supported / linked Docs versions (#7152) Make custom xdebug HTTP header name available to other plugins. (#7193) Update sni outbound policy to allow directly setting the outbound SNI. (#7188) commit 2a9887f4c4c5a9259cdd64bf24c76b1618d78d29 Author: Masakazu Kitajo <maskit@apache.org> Date: Wed Sep 16 17:54:01 2020 +0900 Avoid unnecessary QUIC CID randomization commit 42e8898aafbdb8f17fefb1da99d7ae7cdc019a19 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Sep 15 12:41:28 2020 +0900 Simplify interface between H3 and QUIC, and remove memcopy between them commit 112fc71a324397a590c1cad6a4b2cfed27a551c2 Merge: ac31adaa8 b09096481 Author: Masakazu Kitajo <maskit@apache.org> Date: Tue Sep 15 09:21:25 2020 +0900 Merge branch 'master' into quic-latest * master: Add an autest testcase for HTTP3 (#7063) Fix TSHttpTxnServerPacket* API's to correctly update existing server connections (#7175) Do not lose original inactivity timeout on disable (#7134) Emits log when OCSP fails to connect to server (#7183) autopep8: avoid running on non-tracked files. (#7186) TextView: Add additional constructor tests. (#7189) Remove duplicate code (#7180) TextView: add constructor size values to enable strlen even for null pointers. (#7185) Add virtual destructor to QUICRTTProvider. (#7184) AuTest: Reuse venv if it exists already (#7178) TS_API for Note,Status,Warning,Alert,Fatal (#7181) Traffic Dump: Record HTTP/2 priority. (#7149) leaks in logs (#7172) Additions to enable loading qat_engine (#7150) Removes references to non-existent function handle_conditional_headers (#7162) Fix #7164 Chaning Warning to Debug and creating a stat for inserting duplicates to pending dns (#7166) Fix #7167, make autopep8 failure (#7168) MicroDNS Extension: handle different 'default' types (#7159) Traffic Dump documentation for post_process.py (#7161) Fix memory leaks in multiplexer plugin (#7160) rc: fixes systemd unit file stopping (#7157) Fix lua plugin mem leak problem (#7158) Don't make an error on duplicated RETIRE_CONNECTION frames (#7131) URL::parse fixes for empty paths (#7119) Replace ACTION_RESULT_NONE with nullptr (#7135) Add metric tracking async job pauses (#7153) PluginFactory - Remove unused code that was left from last PluginFactory change(TSPluginDSOReloadEnable) (#7155) Fix stale pointer due to SSL config reload (#7148) slice: check if vio is still valid before calling TSVIODone* on shutdown (#7147) Deprecate cqhv field (#7143) Don't return QUIC frame if the size exceeds maximum frame size (#7121) Check VIO availability before acquiring a lock for it (#7145) Fix #7116, skip the insertion of the same continuation to pending dns (#7117) Allow override of CA certs for cert from client based on SNI server name sent by client. (#7130) Fix typo in cache docs (#7144) remove useless shortopt (#7138) Protect TSActionCancel from null INKContInternal actions (#7128) Check VIO availability before checking whether the VIO has data (#7120) Accept NAT rebinding on a QUIC connection (#7123) Fixes garbled logs when using %<vbn> log tag (#7140) Removes duplicated listing of files in same Makefile target (#7137) Updated gdb mutex script to get process file for Fedora 32 (#7133) SSLConfig mem leak fix (#7125) Replaces "smart" quotes with ASCII equivalents (#7126) Comment out a wrong assertion in QUIC Loss Detection logic (#7129) Add member initialization to the Errata class. (#7132) Cancel active/inactive timeout on closing Http2Stream (#7111) Add modsecurity lua script to example (#7105) Expose remap config file callback (#7073) Make tls_hooks tests more likely to pass (#7122) commit ac31adaa82f9271f902de2f45c071e328f620271 Merge: 4d579f49a e904dbcef Author: Masakazu Kitajo <maskit@apache.org> Date: Mon Aug 17 09:14:14 2020 +0900 Merge branch 'master' into quic-latest * master: Backing out my update of our jenkin's autest file. (#7118) Don't send image/webp responses from cache to broswers that don't support it (#7104) Updating our autest suite to require Python3.6 (#7113) Squashed commit of the following: (#7110) Supporting out of source builds for AuTests. (#7109) Fixes uninitialized variables found by Xcode (#7100) Add cross references between server session sharing match and upstream connection tracking match. (#7038) * Cancel active timeout when releasing session (#8083) * Add TSMgmtConfigFileAdd api doc (#8190) * Fixes an issue in ParentSelection and NextHop strategies where a down parent may not retried (#8159) Alternative to https://github.com/apache/trafficserver/pull/8098 Fixes and issue in ParentSelection and Nexthop strategies introduced with #7744 where a down parent may not be retried due to retriers limiting. Avoids race conditions in incrementing, decrementing and clearing retriers count. * Fixing TS_HTTP_REQUEST_BUFFER_READ_COMPLETE_HOOK enum value. (#8066) The value for TS_HTTP_REQUEST_BUFFER_READ_COMPLETE_HOOK was out of sync with the corresponding event, TS_EVENT_HTTP_REQUEST_BUFFER_READ_COMPLETE. This caused the handler for TS_HTTP_REQUEST_BUFFER_READ_COMPLETE_HOOK to never be invoked with the TS_EVENT_HTTP_REQUEST_BUFFER_READ_COMPLETE event. This patch fixes this problem and adds comments explaining the otherwise implicit but very important requirement that these values correspond as they do. The naming of the event and hook were off too. A hook with name TS_HTTP_X_HOOK should have an event of name TS_EVENT_HTTP_X, but these got out of sync somehow for request buffer read complete. This adjusts the event name appropriately. * Ran clang-tidy over the master branch (#8187) * Revert "Remove UnixNetVConnection::startEvent - not actually called. (#7596) * Revert "Remove UnixNetVConnection::startEvent - not actually called. (#7596)" This reverts commit a56638f8ba92c48e2cc8b677438c36e13f393e2b. * Fix a use-after-free reported by clang-analyzer Co-authored-by: Tomoaki Tanaka <tomoatan@yahoo-corp.jp> * Clean up Machine implementation for issue #4159. (#8095) * Remove global g_rec_config_contents_llq (#8194) AFAICT, this is manipulated on records.config load, but is never actually used beyond that. * Update documentation of the url log fields (#8015) * Fix error connection logging crash (#8191) * Minor updates to HTTP version validation (#8189) Renamed the functions to be more explicit about only supporting HTTP/1.x Changed the version check to be only a logic statement * Allow variable buffer sizes and watermarks with transaction intercept plugins (#8088) * Allow variable buffer sizes and watermarks with transaction intercept plugins. * Added and updated docs for new and modified APIs. * Modified TSHttpConnectPlugin() to take a TSHttpConnectPluginOptions struct as an argument. * Added TSConnectType enum to convey information about underlying data stored inside an instance of TSHttpConnectOptions. * Fixed a typo of a type name in the docs. * * Added a getter API function for the type TSHttpConnectOptions * Added an enum for default water mark values * Refactored dependencies * Added and updated docs * Reformatted apidefs.h.in. * Changed evaluation of buffer indexes from a hardcoded value to an enum-based value. * Reverted inadvertently committed change to TSSslSession doc. * Document TSHttpTxnPostBufferReaderGet (#8068) This adds documentation for the TSHttpTxnPostBufferReaderGet transaction function and for the corresponding TS_HTTP_REQUEST_BUFFER_READ_COMPLETE_HOOK. * Fix mutex use after free (#8209) * Fix mutex use after free * One more try * Try again * Avoid the strdup, albeit safe, annoys CA (#8211) * uri_signing: embed config into the unit test (#8210) * lua: add ts.is_debug_tag_set function (#8188) * Modified slice to leverage APIs to specify buffer size and watermark. (#8089) * Modified slice to leverage APIs to specify buffer size and watermark. * * Refactored dependencies based on changes made in PR #8088 * Reverted changes to Makefile.inc. * Remove some const casting (#8207) * uri_signing: fix for copying too many bytes and compiler warnings (#8217) * Fix heap-use-after-free of ts-lua plugin (#8215) * Add the origin IP to the error message for invalid server response in OSDNSLookup (#8031) * Include cstring.h to make debian builds happier (#8224) * Disambiguate overloads of Machine::is_self. (#8225) * Fix client ip debug logging for the entire transaction (#8214) This fixes debug client ip logging so that the remote address and debug tag are set on the thread and netvc earlier so that the debug logs for the entire transaction. * Add normalize_ae option 3 (#8226) * Add normalize_ae option 3 This normalizes when both `br` and `gzip` are present to `br,gzip`. In the other cases the AE gets stripped down a single value, eliminating options for origin responses. In this case the origin still has the option to send back br or gzip while normalizing the cached AE header to still keep alternates to a minimum and still have compression. If both are not present then it acts like the existing option `2` if br is present, then option `1` if `br` is not present but `gzip` is * check-unused-dependencies: add librt for clang/asan case (#8220) * Docs: Fix doc links for cookie_remap doc file. (#8218) Co-authored-by: Damian Meden <damian.meden@verizonmedia.com> * Doc: Fix TSUrlPercentEncode documentation(#8228) Co-authored-by: Damian Meden <damian.meden@verizonmedia.com> * Upgrade Catch.hpp to v2.13.7 (#8231) * Updating our AuTests to use Proxy Verifier v2.2.2 (#8230) Updating autest to use Proxy Verifier v2.2.2 which improves the handling of manually crafted chunk encoded bodies. * Updates yaml-cpp to 0.7.0 (#8232) * transaction data sink: only stream body bytes (#8204) This changes the transaction data sink logic to only stream the HTTP response body bytes to the plugin's consumers rather than all the bytes of the response. Body bytes are what the docs imply and what any user of the sink interface will expect. * mptcp: Missing socket-option in case of SO_REUSEPORT code-path (#8241) When SO_REUSEPORT is being configured, the socket-options take a different code-path. MPTCP was missing in that section. * UglyLogStubs: properly fill out the Machine stub struct (#8240) * rc: Emit Stopping message when stop called (#8244) This fixes issue #8242 * Fix crash in lua host lookup (#8236) * Fix crash in lua host lookup * fix typo in comment * Docs: Fix typo in CONTRIBUTING.md (#8250) * Add links to docs for debugging (#8251) * Cleanup: Get rid of deprecated functions of NetVConnection (#8252) * Update lua.en.rst (#8255) * Traffic Dump: dump response bodies and filter by client IP (#8247) This adds the -b option to traffic dump to dump server response body data. It also adds the -4 and -6 options so that the client can filter what is dumped based upon a client IP address. * Upgrade to latest fastlz version (#8245) Move to lib/fastlz to remind people it exists Removed reference to lib/wcpp and lib/tsconfig from NOTICE. These were dropped in ATS 9.x * Doc: Clarify connection direction of configs in sni.yaml (#7676) * Fix log filters for IP conditions. (#8249) Our log filter mechanism for IP addresses did not compare the filter's specified IP address with the log field's IP address correctly. This fixes that matching mechanism. Fixes #6405 * Add some header tests (#8221) * uri_signing: address memory leak with the internal jwt struct (#8229) * Allow for graceful handling of ip_allow.yaml format errors (#8257) Also, when a bad config is attempted to be reloaded, we won't overwrite a good working config. * Doc: Notes of setting Environment Variables for traffic_server (#8258) * Fail requests with incomplete line ends (#8096) * Bubble up ssl_multicert.config load failures (#8256) * Remove unnecessary IPAddr cast. (#8259) Removing a cast to IpAddr for a variable which is already an IpAddr in the LogFilterIP code. * fix Http2Stream leaks (#8260) * Add missing #include directive (#8270) Signed-off-by: Randy DuCharme <radio.ad5gb@gmail.com> * Align strategies.yaml loading logging with other config files (#8262) * Add ACCEPT_FILTER Support on FreeBSD (#8263) * Add warning message about why enhance your calm is being sent (#8271) * Use better done file locations for some AuTests (#8274) Some of the AuTests used a done file for AuTest process Ready conditions. These files got left around in the test directory. This change puts these done files in the sandbox instead. Fixes #5546 * AuTests: Avoid capture_output subprocess command (#8278) The subprocess capture_output is a Python 3.9 parameter. This changes the AuTests that used it to instead use the older stdout/stderr parameters because that's compatible with Python 3.9. * Align TS API Au test with Yahoo interal version. (#8267) * Report to user correct configurable to tweak on error (#8280) * Updated STATUS file (#8223) * Add cache condition in header_rewrite plugin for lookup results (#8085) Co-authored-by: Serris Lew <lserris@apple.com> * Add support for header_table for lua plugin (#8261) * Add support for header_table for lua plugin * Update gold test * fix test * fix test * Fix some minor issues with loading the self identifying data in the Machine class. (#8275) * In preparation for H2 outbound, split out common Session (#8281) * autest: double the initial port pool for get_port (#8292) We're running into issues with port selection with our tests. This seems to be an issue with recycled ports. This temporarily expands the number of ports in the port pool to avert this problem while we investigate this issue further. * Use flynt to convert contrib,doc and plugins to f-strings (#8289) * stats_over_http: don't show config file error when not specified (#8279) * log port # when port is recycled (#8284) * Fix the skipping logic for autest and docs (#8227) * Fixes an issue with next hop self detection, issue #8254 (#8276) * Fixes a typo in the Rate Limit plugin (#8293) * Use OpenSSL EVP API if SHA1 API is not available (prefetch) (#7448) * use thread_local to speed things up (#8028) * Cleanup generated LDFLAGS for jemalloc (#8285) Use the already expanded jemalloc_ldflags instead of overwriting what was previously specified earlier in the file. Also, drop use --add-needed,--no-as-needed * Fix H2 logic when setting EOS flag on DATA frame (#8201) * Fix leaks in ConfigManager::configName (#8269) This fixes an ASan reported leak of ConfigManager::configName. It used to be strdup'd but not freed in the destructor. This simply changes it to a std::string. ASan also reported a leak in AddConfigFilesHere which is fixed with an ats_free as well. * Do not log all errors with HTTP status 500/internal error as DNS failures. (#8290) * Update nghttp gold file based on previous h2 fix (#8298) * AuTest: Use OrderedSetQueue for port selection. (#8296) Our port queue wound up having duplicates in it. We never want duplicates in our port queue as this results in multiple processes trying to use the same port leading to EADDRINUSE errors. Since unique port entries is a requirement, this changes the port queue to be an ordered set queue which, by design, will only contain unique port values. * Revert "autest: double the initial port pool for get_port (#8292)" (#8300) This reverts commit d15a0422eedf526de90ee5f76243e5fb8d8bd185. This port pool expansion should no longer be needed now that the port queue was made a unique set (see #8299). This commit therefore reverts what was intended to be temporary. * Revert "Fail requests with incomplete line ends (#8096)" (#8305) This reverts commit 2c8bb98b2cb364b1a820236dc83271af082e7434. * Truly treat multiple certs with the same SAN as a warning (#8303) * Fix corner cases in rate limiting plugin (#8312) Fixes an issue that led to release() being called too frequently Fixes a crash that occurs when the SNI string is nullptr and length is non-zero * For peering ring, make upstream group of hosts optional. (#7925) Add Au tests for strategies.yaml, with consistent hashing, with peering. Caching is disabled when the next hop is a peer (in the first host group). * Remove incompatible changes for 9.2.0 (#8316) * Revert "Removes down_server.abort_threshold completely (#8077)" This reverts commit c214c9f40096afbe580c0ee90647933ad8b21bcd. * Revert "Fixing TS_HTTP_REQUEST_BUFFER_READ_COMPLETE_HOOK enum value. (#8066)" This reverts commit 1fb81dfbf41110f3e0b088b29c4d778e0e04da84. * Revert "Update TSHttpTxnAborted API to distinguish client/server aborts (#7901)" This reverts commit e44ca802404ed99899d43163fc65e1811ba791af. * Revert "Remove undocumented keepalive_internal_vc setting (#7693)" This reverts commit 5129f14183a5169e118c450bf884673987a5ef06. * Revert "Change the default value for verify.server.policy (#7587)" This reverts commit ba23fe23b2d00c7aafebdba75b2787958f2ced64. * Revert "Removes deprecated sni.yaml option: disable_h2 (#7547)" This reverts commit 0c4857db3e296f3e74065ca6fb79f8638c10baf2. * Revert "Remove references to removed options (#7756)" This reverts commit 09ea857afecbb53b86f0020da0375c0414586f6b. * Revert "Unify all the connect timeouts into one (#7335)" This reverts commit ea44614ae833090ab3364856a6fc457ee14bd665. * Revert "Remove the queuing option from proxy.config.http.per_server.connection (#7302)" This reverts commit 87800c424416e544ae04099a2fcadb1a1e86e554. * Revert "remove TSContSchedule, then rename TSContScheduleOnPool to TSContSchedule" This reverts commit cefe4826c919847385aa9d8459b9d5cfc20377f9. * doc: Fixes curl syntax for PUSH example (#8315) * statichit: allow exact path matching to be optional (#8307) * Fix a compile error in rate_limit plugin (#8310) * Fix a compile error in SSLCertLookup (#8309) * Fix crash during raw connect failures (#8306) In the case of raw open, the server_txn will generally be a nullptr. We tried to use server_txn when calling set_connect_fail, which resulted in a crash. This change simply removes the call. Note that a generic call to set_connect_fail was already called previous to calling this function. * Fix yamlcpp include folder by using the YAMLCPP_INCLUDE variable (#8319) so if we configure our own version of yamlcpp then the right include files will be picked up. This will avoid mixin up the internal and the configured yamlcpp library * Cleanup url_*_get/set functions (#8237) * Access URLImpl's detail via accessor functions * Make some of url_*_get/set functions to methods of URLImpl * Fix a link error * Update unit tests * Add virtual destructor to Http2CommonSession because it now has virtual methods. (#8320) * Removed unused dirname from LoadRefCountCacheFromPath (#8322) AOCC flagged the parameter `dirname` from LoadRefCountCacheFromPath as unused. This patch removes it. * Add mTLS scenario documentation (#8314) * Add mTLS scenario documentation * Remove trailing whitespace * Cleanup: Move member function definitions of HttpSM & HttpTunnel (#8324) * Make separate read and write vc_handlers (#8301) * Make separate read and write vc_handlers * Remove server handlers cross routing * Cannot null out the vio, must check the write_buffer otherwise, function is not dispatched * docs: Update host_sni_policy for some behaviors (#8332) This expands the documentation for a few behaviors of the `host_sni_policy` feature that can be unexpected for users. Namely: * `host_sni_policy` is keyed off of the Host header field instead of the SNI value in the handshake. * The records.config global `host_sni_policy` only applies when there is a relevant security policy set for the host in the sni.yaml file but no specific `host_sni_policy` is set there. * Prefetch plugin: add --fetch-query option (#8264) * Prefetch plugin: add --fetch-query option * Fix Error: Trailing whitespaces are not allowed! in docs * Ooops forgot to rm .orig file Co-authored-by: Jan van Doorn <jvd@apple.com> * Updated the CODEOWNERS for me (#8336) * Updated the CODEOWNERS for me * Update age in header_rewrite_cond_cache autest (#8339) Co-authored-by: Serris Lew <lserris@apple.com> * Make fqdn of sni.yaml match case insensitively. (#8327) SNI and fqdn of sni.yaml should be matched case insensitvely. This changes the matching mechanism for these to be case insensitive. * Doc: multiplixer plugin documentation updates (#8325) A user was confused about the nature of `pparam=proxy.config.multiplexer.skip_post_put` for the multiplexer plugin. This updates the documentation to more clearly describe its behavior. * Revert "Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (#6189)" (#8341) This reverts commit 093317c808b01304abf0a6b4aaf9c34791e3e08e. * Fix missing outbound_conntrack config assigment(from master config to global parameter configs) (#8328) * Add debug message when there is a header parse error for http/2 (#8234) * SNI: updating SNI/hostname mismatch logging (#8326) This updates SNI/hostname mismatch logging to add visibility to its functionality: * Adds an error.log entry if a mismatch is found. * Adds debug logging (there was none). * Add current active SNI Routing Tunnel stats (#8323) - A new stats: `proxy.process.tunnel.current_active_connections` - A new config: `proxy.config.tunnel.activity_check_period` * Add <limits> include to BufferWriterForward.h (#8345) Adding the include of <limits> in BufferWriterForward.h because it uses numeric_limits. Certain compilers require this. Fixes: #8342 * remove unused RecConfigFileEntry from RecConfigParse (#8348) * Rename outbound_conntrack to global_outbound_conntrack to reduce confusion. (#8343) Co-authored-by: Damian Meden <damian.meden@oath.com> * Updated version * Added ChangeLog * Added support for verifying cacheability before attempting to force an object into cache (#8364) (cherry picked from commit 44d1be681245f73e82eee59699ad0660dea91290) * Locking around SSLSecret::secret_map access (#8358) This fixes an infrequent crash that would happen in getOrLoadSecret. Looking at the core, the iterators for SSLSecret::secret_map in SSLSecret::getOrLoadSecret were corrupted. This patch serializes access to the structure so that multiple threads don't stomp on each other. (cherry picked from commit 470c48982c5f192a4e6935ef55d0769e20ad8783) * Stabilize regex_revalidate Au test. (#559) (#8360) Delay sufficiently between writes of config file so the differences in the write times will be greater than the granualirity of the timestamp used by the plugin. (cherry picked from commit 9031965889ab430bd182dd5485ecda451ecb6a8a) (cherry picked from commit 1a353b23106fed9de98c8d4b0e0bbdc751337606) * [doc] Add a note for TSLifecycleHookAdd. Warn users that a contp could eventually be executed in a ET_NET when it was originally scheduled in the ET_TASK. (#8344) (cherry picked from commit 46bd1211f210623a45a21ded51763d2c35a40760) * change MemArena::make test to remove memory leak (#8352) (cherry picked from commit 2a6156fed0e82fd7992567633750f040951a72ab) * remove trailing spaces from inside CHANGELOG-9.2.0 * Autest Fix server line to ignore version (#8374) * Fixes issue #8329 crash in NextHopConsistentHash where when the only (#8365) host in a strategy is unavailable due to DNS lookup failures. - refactored NextHopConsistentHash::findNextHop() to fix the crash and simplify it. - fixed the unit tests in test_NextHopConsistentHash.cc so that test failure checks using strcmp() do not crash with a nullptr hostname result. (cherry picked from commit 6ccae6c52bde6f0af0ab385cac99ffbd35ce4f22) * Adding TLS session key logging capability (#8337) Adding the ability to log TLS session keys to a log file for packet capture decryption purposes. This adds the following reloadable configuration: proxy.config.ssl.keylog_file Since this can work for QUIC as well, this also deprecates: proxy.config.quic.client.keylog_file (cherry picked from commit b26795d307024570eda96c30aaf96a8af4e85bde) * Adds support for TCP_NOTSENT_LOWAT sockopt (#8354) (cherry picked from commit b53e74581b9fc7517280451c3d5e9799f2e7d9fa) * Added support for promoting internal (plugin-initiated) requests. (#8363) (cherry picked from commit 3d9d5e7618ce0ad75c72fabc8eca9a7de97db03e) * Pre-warming TLS Tunnel (#7661) (cherry picked from commit d1e2dd8aac6a1c2cd340418b9534923413d1650c) * Traffic Dump: update json-schema for new tuple requirements (#8370) More recent versions of json-schema have tuple array element specifications described with "prefixItems" rather than with "items". This updates our Traffic Dump schema to match this requirement. I verified that our tests that use this work with both the older jsonschema 3.2.0 pip package and the current 4.0.1 package. Fixes: 8369 (cherry picked from commit cba5e85cb4cfd8f49b1ff1ac358f7cfba8ee3715) * Updated ChangeLog * Fix regex_remap plugin redirection. (#8359) (cherry picked from commit c2d35047faf21b917e1cf9e6418280fcbb507eca) * AuTest: Execute Test Python Scripts with sys.executable (#8412) A handful of our AuTests execute their own Python scripts. Generally these just ran with whatever `python3` picked up. This changes those to use {sys.executable} which will run those scripts with the same Python being used for autest itself rather than some other system Python which may not have the required dependencies installed in it. This way any requirements for the scripts can be placed in the tests/Pipfile and it should be available for those scripts. (cherry picked from commit 6c3e9d22a072aa8ab55cc21b4b041a2d635577b5) * Add stats for concurrent stream limits exceeded (#8409) Introduce two new stats tracking when the limits on maximum concurrent streams are exceeded for both inbound and outbount streams, respectively proxy.process.http2.max_concurrent_streams_exceeded_in and proxy.process.http2.max_concurrent_streams_exceeded_out. See https://datatracker.ietf.org/doc/html/rfc7540#section-5.1.2 (cherry picked from commit 92fd44fb5540fd0928493bc08f8ad28a1dc15789) * Fix map_with_recv_port URL remapping type. (#8406) (cherry picked from commit 85e73b753ec730c55f34d556185a82ee904d5d96) * Update CacheWrite.cc (#8405) code optimize for cache_evac debug log (cherry picked from commit a54abe771df8e7d0546d0107b8a24690b9941222) * Update the feature lists available for autest (#8392) This closes #7075. (cherry picked from commit d2e57c4182086717f25be94201d8a3bc97c7eccd) * body factory does not respect runroot (#8388) (cherry picked from commit d19ef809cce96a684e1854b249231c909e0bad02) * Fix a potential H2 stall issue (#8381) (cherry picked from commit 870b857bbbc1d993d6c66672a09b561c13f087d5) * Add Au test for pqsi and pqsp log fields. (#8372) (cherry picked from commit a7c0f794813b17329b421da38f869884287cece0) * Updated ChangeLog * Add set-body ability to header rewrite (#8411) (cherry picked from commit d91620daf2247ec0a701ffee65a1bd24ec5eedef) * Remove operatorbody class, its not needed at this time (#8424) (cherry picked from commit bb431907fa35b786185b52a512af03b0776365c3) * Updated ChangeLog * Make sure the include files are built first (#8427) (cherry picked from commit 3679ebed4bac5d322dda722290f2c76d1a487359) * Updated ChangeLog * For verify_global_plugin test, check for platform independent error message (#8442) This allows the test to work on something other than Linux (cherry picked from commit 0746ec2c307eb8de201b7112992c529da45303b8) * Exports all symbols for missing_mangled_definition.so test plugin (#8444) This fixes the tests verify_global_plugin and verify_remap_plugin when using lld and LTO (cherry picked from commit 20adcb42ccc51075d61833110e577667259e8b5a) * UnixNetVConnection: add check for nh in fail block (#8479) (cherry picked from commit 6663d7b3de53c8e7ee85eae39db0fa4164638ed8) * Fix SSLAddressLookup Test (#8436) (cherry picked from commit c92cef82a835390776069463316959773d23fd39) * Fix traffic_top build when using -Werror=format-security (#8437) (cherry picked from commit 66c86c6b082903a92b9db33c60e3ed947e77d540) * Fix traffic_manager build when mime-sanity-check is enabled (#8438) (ch…

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit

c207ae6

bryancall added this to the 10.0.0 milestone Nov 18, 2019

bryancall self-assigned this Nov 18, 2019

zwoop approved these changes Nov 18, 2019

View reviewed changes

bryancall mentioned this pull request Nov 18, 2019

Issue with macOS Catalina and pcre 8.43 enabling pcre-jit #6192

Closed

bryancall merged commit 093317c into apache:master Nov 18, 2019

zwoop pushed a commit that referenced this pull request Nov 18, 2019

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (#6189)

eaa23ac

(cherry picked from commit 093317c)

zwoop modified the milestones: 10.0.0, 9.0.0 Nov 18, 2019

zwoop added the Build work related to build configuration or environment label Nov 18, 2019

bryancall added a commit that referenced this pull request Nov 19, 2019

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (#6189)

0ba786d

(cherry picked from commit 093317c)

a-canary pushed a commit that referenced this pull request Nov 19, 2019

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit (#6189)

a8cab92

bryancall modified the milestones: 9.0.0, 8.0.6 Mar 19, 2020

bryancall added a commit to bryancall/trafficserver that referenced this pull request Sep 21, 2021

Revert "Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-j…

3393dd0

…it (apache#6189)" This reverts commit 093317c.

bryancall added a commit that referenced this pull request Sep 21, 2021

Revert "Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-j…

3b3942c

…it (#6189)" (#8341) This reverts commit 093317c.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit #6189

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit #6189

Uh oh!

bryancall commented Nov 18, 2019 •

edited

Loading

Uh oh!

bryancall commented Nov 18, 2019

Uh oh!

zwoop left a comment

Uh oh!

zwoop commented Nov 18, 2019

Uh oh!

zwoop commented Nov 18, 2019

Uh oh!

masaori335 commented Nov 19, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit #6189

Fixed issue with macOS Catalina and pcre 8.43 enabling pcre-jit #6189

Uh oh!

Conversation

bryancall commented Nov 18, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

bryancall commented Nov 18, 2019

Uh oh!

zwoop left a comment

Choose a reason for hiding this comment

Uh oh!

zwoop commented Nov 18, 2019

Uh oh!

zwoop commented Nov 18, 2019

Uh oh!

masaori335 commented Nov 19, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

bryancall commented Nov 18, 2019 •

edited

Loading