You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by su...@apache.org on 2015/02/10 00:14:32 UTC
[1/2] trafficserver git commit: [TS-3364]: Add command line config
validation support to traffic_server
Repository: trafficserver
Updated Branches:
refs/heads/master e5eedf128 -> fddd7c743
[TS-3364]: Add command line config validation support to traffic_server
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/245d6152
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/245d6152
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/245d6152
Branch: refs/heads/master
Commit: 245d615210352768ee6efe4e56641223c074dfaf
Parents: e5eedf1
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Mon Feb 9 23:13:21 2015 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Mon Feb 9 23:13:50 2015 +0000
----------------------------------------------------------------------
iocore/net/P_SSLConfig.h | 4 +--
iocore/net/SSLConfig.cc | 10 ++++--
iocore/net/SSLNetProcessor.cc | 2 +-
proxy/Main.cc | 68 ++++++++++++++++++++++++++++++++++++--
proxy/Plugin.cc | 26 ++++++++++-----
proxy/Plugin.h | 2 +-
proxy/ReverseProxy.cc | 6 ++--
proxy/ReverseProxy.h | 2 +-
8 files changed, 99 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/iocore/net/P_SSLConfig.h
----------------------------------------------------------------------
diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h
index 5388346..cda2dcb 100644
--- a/iocore/net/P_SSLConfig.h
+++ b/iocore/net/P_SSLConfig.h
@@ -125,8 +125,8 @@ private:
struct SSLCertificateConfig
{
- static void startup();
- static void reconfigure();
+ static bool startup();
+ static bool reconfigure();
static SSLCertLookup * acquire();
static void release(SSLCertLookup * params);
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/iocore/net/SSLConfig.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 6d6e1ec..98214d2 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -332,7 +332,7 @@ SSLConfig::release(SSLConfigParams * params)
configProcessor.release(configid, params);
}
-void
+bool
SSLCertificateConfig::startup()
{
sslCertUpdate = new ConfigUpdateHandler<SSLCertificateConfig>();
@@ -342,12 +342,13 @@ SSLCertificateConfig::startup()
sslCertUpdate->attach("proxy.config.ssl.server.private_key.path");
sslCertUpdate->attach("proxy.config.ssl.server.cert_chain.filename");
- reconfigure();
+ return reconfigure();
}
-void
+bool
SSLCertificateConfig::reconfigure()
{
+ bool retStatus = true;
SSLConfig::scoped_config params;
SSLCertLookup * lookup = new SSLCertLookup();
@@ -362,8 +363,11 @@ SSLCertificateConfig::reconfigure()
if (SSLParseCertificateConfiguration(params, lookup)) {
configid = configProcessor.set(configid, lookup);
} else {
+ retStatus = false;
delete lookup;
}
+
+ return retStatus;
}
SSLCertLookup *
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/iocore/net/SSLNetProcessor.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLNetProcessor.cc b/iocore/net/SSLNetProcessor.cc
index 06b2cfc..9547617 100644
--- a/iocore/net/SSLNetProcessor.cc
+++ b/iocore/net/SSLNetProcessor.cc
@@ -68,7 +68,7 @@ SSLNetProcessor::start(int number_of_ssl_threads, size_t stacksize)
SSLInitializeLibrary();
SSLConfig::startup();
- SSLCertificateConfig::startup();
+ (void) SSLCertificateConfig::startup();
// Acquire a SSLConfigParams instance *after* we start SSL up.
SSLConfig::scoped_config params;
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/Main.cc
----------------------------------------------------------------------
diff --git a/proxy/Main.cc b/proxy/Main.cc
index e03925f..7e9a433 100644
--- a/proxy/Main.cc
+++ b/proxy/Main.cc
@@ -696,6 +696,58 @@ cmd_clear(char *cmd)
return CMD_OK;
}
+static int
+cmd_verify(char * /* cmd ATS_UNUSED */)
+{
+ int exitStatus = 0;
+
+ fprintf(stderr, "NOTE: VERIFY\n\n");
+ if (!reloadUrlRewrite()) {
+ exitStatus |= (1 << 0);
+ fprintf(stderr, "ERROR: Failed to load remap.config, exitStatus %d\n\n", exitStatus);
+ } else {
+ fprintf(stderr, "INFO:Successfully loaded remap.config\n\n");
+ }
+
+ if (RecReadConfigFile(false) != REC_ERR_OKAY) {
+ exitStatus |= (1 << 1);
+ fprintf(stderr, "ERROR: Failed to load records.config, exitStatus %d\n\n", exitStatus);
+ } else {
+ fprintf(stderr, "INFO: Successfully loaded records.config\n\n");
+ }
+
+ if (!plugin_init(true)) {
+ exitStatus |= (1 << 2);
+ fprintf(stderr, "ERROR: Failed to load plugin.config, exitStatus %d\n\n", exitStatus);
+ } else {
+ fprintf(stderr, "INFO: Successfully loaded plugin.config\n\n");
+ }
+
+ SSLInitializeLibrary();
+ SSLConfig::startup();
+ if (!SSLCertificateConfig::startup()) {
+ exitStatus |= (1 << 3);
+ fprintf(stderr, "ERROR: Failed to load ssl multicert.config, exitStatus %d\n\n", exitStatus);
+ } else {
+ fprintf(stderr, "INFO: Successfully loaded ssl multicert.config\n\n");
+ }
+
+ SSLConfig::scoped_config params;
+ if (!SSLInitClientContext(params) ) {
+ exitStatus |= (1 << 4);
+ fprintf(stderr, "Can't initialize the SSL client, HTTPS in remap rules will not function %d\n\n", exitStatus);
+ } else {
+ fprintf(stderr, "INFO: Successfully initialized SSL client context\n\n");
+ }
+
+ //TODO: Add more config validation..
+
+ _exit(exitStatus);
+
+ return 0;
+}
+
+
static int cmd_help(char *cmd);
static const struct CMD
@@ -748,6 +800,12 @@ commands[] = {
"\n"
"FORMAT: clear_hostdb\n"
"\n" "Clear the entire hostdb cache. All host name resolution\n" "information is lost.\n", cmd_clear}, {
+ "verify_config",
+ "Verify the config",
+ "\n"
+ "\n"
+ "FORMAT: verify_config\n"
+ "\n" "Load the config and verify traffic_server comes up correctly. \n", cmd_verify}, {
"help",
"Obtain a short description of a command (e.g. 'help clear')",
"HELP\n"
@@ -1391,8 +1449,12 @@ main(int /* argc ATS_UNUSED */, char **argv)
// Local process manager
initialize_process_manager();
- // Ensure only one copy of traffic server is running
- check_lockfile();
+ if ((*command_string) && (cmd_index(command_string) == cmd_index((char*)"verify_config"))) {
+ fprintf (stderr, "\n\n skip lock check for %s \n\n", command_string);
+ } else {
+ // Ensure only one copy of traffic server is running
+ check_lockfile();
+ }
// Set the core limit for the process
init_core_size();
@@ -1632,7 +1694,7 @@ main(int /* argc ATS_UNUSED */, char **argv)
Log::init(remote_management_flag ? 0 : Log::NO_REMOTE_MANAGEMENT);
// Init plugins as soon as logging is ready.
- plugin_init(); // plugin.config
+ (void) plugin_init(); // plugin.config
SSLConfigParams::init_ssl_ctx_cb = init_ssl_ctx_callback;
sslNetProcessor.start(getNumSSLThreads(), stacksize);
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/Plugin.cc
----------------------------------------------------------------------
diff --git a/proxy/Plugin.cc b/proxy/Plugin.cc
index 44f3bd9..60a9527 100644
--- a/proxy/Plugin.cc
+++ b/proxy/Plugin.cc
@@ -69,15 +69,15 @@ PluginRegInfo::~PluginRegInfo()
ats_free(this->support_email);
}
-static void
-plugin_load(int argc, char *argv[])
+static bool
+plugin_load(int argc, char *argv[], bool validateOnly)
{
char path[PATH_NAME_MAX + 1];
void *handle;
init_func_t init;
if (argc < 1) {
- return;
+ return true;
}
ink_filepath_make(path, sizeof(path), plugin_dir, argv[0]);
@@ -103,6 +103,9 @@ plugin_load(int argc, char *argv[])
handle = dlopen(path, RTLD_NOW);
if (!handle) {
+ if (validateOnly) {
+ return false;
+ }
Fatal("unable to load '%s': %s", path, dlerror());
}
@@ -114,8 +117,11 @@ plugin_load(int argc, char *argv[])
init = (init_func_t) dlsym(handle, "TSPluginInit");
if (!init) {
+ if (validateOnly) {
+ return false;
+ }
Fatal("unable to find TSPluginInit function in '%s': %s", path, dlerror());
- return; // this line won't get called since Fatal brings down ATS
+ return false; // this line won't get called since Fatal brings down ATS
}
init(argc, argv);
@@ -128,6 +134,8 @@ plugin_load(int argc, char *argv[])
}
plugin_reg_current = NULL;
+
+ return true;
}
static char *
@@ -200,8 +208,8 @@ not_found:
return NULL;
}
-void
-plugin_init(void)
+bool
+plugin_init(bool validateOnly)
{
ats_scoped_str path;
char line[1024], *p;
@@ -210,6 +218,7 @@ plugin_init(void)
int argc;
int fd;
int i;
+ bool retVal = true;
static bool INIT_ONCE = true;
if (INIT_ONCE) {
@@ -223,7 +232,7 @@ plugin_init(void)
fd = open(path, O_RDONLY);
if (fd < 0) {
Warning("unable to open plugin config file '%s': %d, %s", (const char *)path, errno, strerror(errno));
- return;
+ return false;
}
while (ink_file_fd_readline(fd, sizeof(line) - 1, line) > 0) {
@@ -275,12 +284,13 @@ plugin_init(void)
}
}
- plugin_load(argc, argv);
+ retVal = plugin_load(argc, argv, validateOnly);
for (i = 0; i < argc; i++)
ats_free(vars[i]);
}
close(fd);
+ return retVal;
}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/Plugin.h
----------------------------------------------------------------------
diff --git a/proxy/Plugin.h b/proxy/Plugin.h
index 91d9904..ad924e6 100644
--- a/proxy/Plugin.h
+++ b/proxy/Plugin.h
@@ -45,7 +45,7 @@ struct PluginRegInfo
extern DLL<PluginRegInfo> plugin_reg_list;
extern PluginRegInfo *plugin_reg_current;
-void plugin_init(void);
+bool plugin_init(bool validateOnly=false);
/** Abstract interface class for plugin based continuations.
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/ReverseProxy.cc
----------------------------------------------------------------------
diff --git a/proxy/ReverseProxy.cc b/proxy/ReverseProxy.cc
index a2ae22d..3b56905 100644
--- a/proxy/ReverseProxy.cc
+++ b/proxy/ReverseProxy.cc
@@ -135,7 +135,7 @@ struct UR_UpdateContinuation: public Continuation
{
int file_update_handler(int /* etype ATS_UNUSED */, void * /* data ATS_UNUSED */)
{
- reloadUrlRewrite();
+ (void) reloadUrlRewrite();
delete this;
return EVENT_DONE;
}
@@ -152,7 +152,7 @@ struct UR_UpdateContinuation: public Continuation
blocking.
*/
-void
+bool
reloadUrlRewrite()
{
UrlRewrite *newTable;
@@ -163,11 +163,13 @@ reloadUrlRewrite()
new_Deleter(rewrite_table, URL_REWRITE_TIMEOUT);
Debug("url_rewrite", "remap.config done reloading!");
ink_atomic_swap(&rewrite_table, newTable);
+ return true;
} else {
static const char* msg = "failed to reload remap.config, not replacing!";
delete newTable;
Debug("url_rewrite", "%s", msg);
Warning("%s", msg);
+ return false;
}
}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/ReverseProxy.h
----------------------------------------------------------------------
diff --git a/proxy/ReverseProxy.h b/proxy/ReverseProxy.h
index 5019ba8..a98098b 100644
--- a/proxy/ReverseProxy.h
+++ b/proxy/ReverseProxy.h
@@ -65,7 +65,7 @@ mapping_type request_url_remap_redirect(HTTPHdr *request_header, URL *redirect_u
bool response_url_remap(HTTPHdr *response_header);
// Reload Functions
-void reloadUrlRewrite();
+bool reloadUrlRewrite();
int url_rewrite_CB(const char *name, RecDataT data_type, RecData data, void *cookie);
[2/2] trafficserver git commit: update CHANGES
Posted by su...@apache.org.
update CHANGES
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/fddd7c74
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/fddd7c74
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/fddd7c74
Branch: refs/heads/master
Commit: fddd7c743a32003cfa4bca6a6db04b3e596d5c71
Parents: 245d615
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Mon Feb 9 23:14:21 2015 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Mon Feb 9 23:14:21 2015 +0000
----------------------------------------------------------------------
CHANGES | 2 ++
1 file changed, 2 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/fddd7c74/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 74f1906..a23d522 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
-*- coding: utf-8 -*-
Changes with Apache Traffic Server 5.3.0
+ *) [TS-3364] Add command line config validation support to traffic_server
+
*) [TS-3377] Fix bad file descriptor handling that caused disks in
storage.config to be marked bad.