You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by su...@apache.org on 2014/11/19 17:25:15 UTC
[1/8] trafficserver git commit: Revert "fix build error for various
platforms"
Repository: trafficserver
Updated Branches:
refs/heads/master 027530105 -> 5f7f7cd2d
Revert "fix build error for various platforms"
This reverts commit 8822ae9d5d03118ee217c8908f5032a691e25b2a.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/d07da25b
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/d07da25b
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/d07da25b
Branch: refs/heads/master
Commit: d07da25bf9adcb8cdd8947a93c2bcad249601856
Parents: 0275301
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:45 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:45 2014 +0000
----------------------------------------------------------------------
.../sni_proto_nego/sni_proto_nego.cc | 22 +++++++-------------
1 file changed, 7 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/d07da25b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
index d8f50b6..bd5e5f2 100644
--- a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
+++ b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
@@ -31,8 +31,6 @@
using namespace std;
const char* PLUGIN_NAME = "sni_proto_nego";
-
-#if TS_USE_TLS_SNI
const int MAX_BUFFER_SIZE = 1024;
const int MAX_FILE_PATH_SIZE = 1024;
const unsigned int MAX_PROTO_LIST_LEN = 100;
@@ -52,7 +50,7 @@ bool read_config(char* config_file) {
char file_path[MAX_FILE_PATH_SIZE];
TSFile file;
if (config_file == NULL) {
- TSError("%s: invalid config file", PLUGIN_NAME);
+ TSError("invalid config file");
return false;
}
TSDebug(PLUGIN_NAME, "trying to open config file in this path: %s", file_path);
@@ -61,7 +59,7 @@ bool read_config(char* config_file) {
snprintf(file_path, sizeof(file_path), "%s/%s", TSInstallDirGet(), config_file);
file = TSfopen(file_path, "r");
if (file == NULL) {
- TSError("%s:Failed to open config file %s", PLUGIN_NAME, config_file);
+ TSError("Failed to open config file %s", config_file);
return false;
}
}
@@ -71,7 +69,7 @@ bool read_config(char* config_file) {
char *eol = 0;
// make sure line was not bigger than buffer
if ((eol = strchr(buffer, '\n')) == NULL && (eol = strstr(buffer, "\r\n")) == NULL) {
- TSError("%s: sni_proto_nego line too long, did not get a good line in cfg, skipping, line: %s", PLUGIN_NAME, buffer);
+ TSError("sni_proto_nego line too long, did not get a good line in cfg, skipping, line: %s", buffer);
memset(buffer, 0, sizeof(buffer));
continue;
}
@@ -158,8 +156,10 @@ init_sni_callback(void *sslNetVC)
if (it!=_sniProtoMap.end()) {
SNIProtoConfig sniProtoConfig = it->second;
if (!sniProtoConfig.enableNpn) {
+#if TS_USE_TLS_NPN
TSDebug(PLUGIN_NAME, "disabling NPN for serverName %s", serverName);
SSL_CTX_set_next_protos_advertised_cb(ctx, NULL, NULL);
+#endif
} else {
TSDebug(PLUGIN_NAME, "setting NPN advertised list for %s", serverName);
//TSSslAdvertiseProtocolSet(ssl_vc, (const unsigned char **)sniProtoConfig.npn_proto_list, sniProtoConfig.npn_proto_list_count);
@@ -171,8 +171,7 @@ init_sni_callback(void *sslNetVC)
}
int
-SSLSniInitCallbackHandler(TSCont /* cont */, TSEvent /* id */, void* sslNetVC)
-{
+SSLSniInitCallbackHandler(TSCont /* cont */, TSEvent /* id */, void* sslNetVC) {
init_sni_callback(sslNetVC);
return TS_EVENT_NONE;
}
@@ -187,7 +186,7 @@ TSPluginInit(int argc, const char *argv[])
info.vendor_name = (char *)("ats");
if (TSPluginRegister(TS_SDK_VERSION_3_0, &info) != TS_SUCCESS) {
- TSError("%s: Plugin registration failed.", PLUGIN_NAME);
+ TSError("Plugin registration failed.");
}
char* config_file = (char*)"conf/sni_proto_nego/sni_proto_nego.config";
@@ -204,10 +203,3 @@ TSPluginInit(int argc, const char *argv[])
TSCont cont = TSContCreate(SSLSniInitCallbackHandler, NULL);
TSHttpHookAdd(TS_SSL_SNI_HOOK, cont);
}
-#else // #if TS_USE_TLS_SNI
-void
-TSPluginInit(int, const char *[])
-{
- TSError("%s: requires TLS SNI which is not available.", PLUGIN_NAME);
-}
-#endif // #if TS_USE_TLS_SNI
[7/8] trafficserver git commit: Revert "[TS-3153]: Ability to disable
or modify npn advertisement based on SNI"
Posted by su...@apache.org.
Revert "[TS-3153]: Ability to disable or modify npn advertisement based on SNI"
This reverts commit 24262d8f6a14b6bb7bf7288f6309a68f6dc8589b.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/a0bad98e
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/a0bad98e
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/a0bad98e
Branch: refs/heads/master
Commit: a0bad98ec17c441ce8a44e181005df03630b469d
Parents: d839f21
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:54 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:54 2014 +0000
----------------------------------------------------------------------
configure.ac | 1 -
iocore/net/P_SSLNetVConnection.h | 6 -
iocore/net/SSLNetVConnection.cc | 82 +-------
iocore/net/SSLUtils.cc | 5 -
plugins/experimental/Makefile.am | 1 -
plugins/experimental/sni_proto_nego/Makefile.am | 21 --
.../sni_proto_nego/sni_proto_nego.cc | 194 -------------------
proxy/InkAPI.cc | 10 -
proxy/api/ts/ts.h | 1 -
9 files changed, 1 insertion(+), 320 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/configure.ac
----------------------------------------------------------------------
diff --git a/configure.ac b/configure.ac
index 91e9874..3e4465b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1945,7 +1945,6 @@ AS_IF([test "x$enable_experimental_plugins" = xyes], [
plugins/experimental/regex_revalidate/Makefile
plugins/experimental/remap_stats/Makefile
plugins/experimental/s3_auth/Makefile
- plugins/experimental/sni_proto_nego/Makefile
plugins/experimental/sslheaders/Makefile
plugins/experimental/ssl_cert_loader/Makefile
plugins/experimental/stale_while_revalidate/Makefile
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/iocore/net/P_SSLNetVConnection.h
----------------------------------------------------------------------
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index 1dc7071..c481c8b 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -122,9 +122,6 @@ public:
static int advertise_next_protocol(SSL * ssl, const unsigned char ** out, unsigned * outlen, void *);
static int select_next_protocol(SSL * ssl, const unsigned char ** out, unsigned char * outlen, const unsigned char * in, unsigned inlen, void *);
- bool modify_npn_advertisement(const unsigned char ** list, unsigned cnt);
- bool setAdvertiseProtocols(const unsigned char ** list, unsigned cnt);
-
Continuation * endpoint() const {
return npnEndpoint;
}
@@ -201,9 +198,6 @@ private:
const SSLNextProtocolSet * npnSet;
Continuation * npnEndpoint;
- unsigned char * npnAdvertised;
- size_t npnszAdvertised;
- int npnAdvertisedBufIndex;
};
typedef int (SSLNetVConnection::*SSLNetVConnHandler) (int, void *);
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/iocore/net/SSLNetVConnection.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index 60fcbf9..4a9ec29 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -27,8 +27,6 @@
#include "P_SSLUtils.h"
#include "InkAPIInternal.h" // Added to include the ssl_hook definitions
-extern unsigned char * append_protocol(const char * proto, unsigned char * buf);
-
// Defined in SSLInternal.c, should probably make a separate include
// file for this at some point
void SSL_set_rbio(SSLNetVConnection *sslvc, BIO *rbio);
@@ -778,10 +776,7 @@ SSLNetVConnection::SSLNetVConnection():
sslPreAcceptHookState(SSL_HOOKS_INIT),
sslSNIHookState(SNI_HOOKS_INIT),
npnSet(NULL),
- npnEndpoint(NULL),
- npnAdvertised(NULL),
- npnszAdvertised(0),
- npnAdvertisedBufIndex(-1)
+ npnEndpoint(NULL)
{
}
@@ -820,9 +815,6 @@ SSLNetVConnection::free(EThread * t) {
hookOpRequested = TS_SSL_HOOK_OP_DEFAULT;
npnSet = NULL;
npnEndpoint= NULL;
- npnAdvertised = NULL;
- npnszAdvertised = 0;
- npnAdvertisedBufIndex = -1;
if (from_accept_thread) {
sslNetVCAllocator.free(this);
@@ -1168,14 +1160,6 @@ SSLNetVConnection::advertise_next_protocol(SSL *ssl, const unsigned char **out,
ink_release_assert(netvc != NULL);
- // check if there's a SNI based customized advertisement
- if (netvc->npnAdvertised && netvc->npnszAdvertised) {
- *out = netvc->npnAdvertised;
- *outlen = netvc->npnszAdvertised;
- return SSL_TLSEXT_ERR_OK;
- }
-
- // use default endPoint advertisement
if (netvc->npnSet && netvc->npnSet->advertiseProtocols(out, outlen)) {
// Successful return tells OpenSSL to advertise.
return SSL_TLSEXT_ERR_OK;
@@ -1184,70 +1168,6 @@ SSLNetVConnection::advertise_next_protocol(SSL *ssl, const unsigned char **out,
return SSL_TLSEXT_ERR_NOACK;
}
-bool
-SSLNetVConnection::modify_npn_advertisement(const unsigned char ** list, unsigned cnt)
-{
- unsigned char* advertised = npnAdvertised;
-
- for (unsigned int i=0; i<cnt; i++) {
- const char* proto = (const char*) list[i];
- Debug("ssl", "advertising protocol %s", proto);
- advertised = append_protocol(proto, advertised);
- }
-
- return true;
-}
-
-bool
-SSLNetVConnection::setAdvertiseProtocols(const unsigned char ** list, unsigned cnt)
-{
- size_t total_len = 0;
-
- if (cnt == 0) {
- // set default list based on server_ports config
- if (npnAdvertised) {
- ink_assert (npnAdvertisedBufIndex >= 0);
- ioBufAllocator[npnAdvertisedBufIndex].free_void(npnAdvertised);
- npnAdvertised = NULL;
- npnszAdvertised = 0;
- npnAdvertisedBufIndex = -1;
- }
- return true;
- }
-
- // validate the modified npn list
- for (unsigned int i=0; i<cnt; i++) {
- const char* proto = (const char*) list[i];
- size_t len = strlen(proto);
-
- // Both ALPN and NPN only allow 255 bytes of protocol name.
- if (len > 255) {
- return false;
- }
-
- if (!npnSet->findEndpoint((const unsigned char *)proto, len)) {
- return false;
- }
- total_len += (len + 1);
- }
-
- if (npnAdvertised) {
- ink_assert (npnAdvertisedBufIndex >= 0);
- ioBufAllocator[npnAdvertisedBufIndex].free_void(npnAdvertised);
- }
-
- npnszAdvertised = total_len;
- npnAdvertisedBufIndex = buffer_size_to_index(npnszAdvertised);
- npnAdvertised = (unsigned char *)ioBufAllocator[npnAdvertisedBufIndex].alloc_void();
- if (npnAdvertised == NULL) {
- npnszAdvertised = 0;
- npnAdvertisedBufIndex = -1;
- return false;
- }
-
- return modify_npn_advertisement(list, cnt);
-}
-
// ALPN TLS extension callback. Given the client's set of offered
// protocols, we have to select a protocol to use for this session.
int
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/iocore/net/SSLUtils.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 1755c0c..3033fcc 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -307,11 +307,6 @@ ssl_servername_callback(SSL * ssl, int * ad, void * /*arg*/)
goto done;
}
- // set the default
-#if TS_USE_TLS_NPN
- SSL_CTX_set_next_protos_advertised_cb(ctx, SSLNetVConnection::advertise_next_protocol, NULL);
-#endif /* TS_USE_TLS_NPN */
-
// Call the plugin SNI code
reenabled = netvc->callHooks(TS_SSL_SNI_HOOK);
// If it did not re-enable, return the code to
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/plugins/experimental/Makefile.am
----------------------------------------------------------------------
diff --git a/plugins/experimental/Makefile.am b/plugins/experimental/Makefile.am
index 091557d..51b06f0 100644
--- a/plugins/experimental/Makefile.am
+++ b/plugins/experimental/Makefile.am
@@ -33,7 +33,6 @@ SUBDIRS = \
regex_revalidate \
remap_stats \
s3_auth \
- sni_proto_nego \
ssl_cert_loader \
sslheaders \
stale_while_revalidate \
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/plugins/experimental/sni_proto_nego/Makefile.am
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/Makefile.am b/plugins/experimental/sni_proto_nego/Makefile.am
deleted file mode 100644
index 958634c..0000000
--- a/plugins/experimental/sni_proto_nego/Makefile.am
+++ /dev/null
@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-include $(top_srcdir)/build/plugins.mk
-
-pkglib_LTLIBRARIES = sni_proto_nego.la
-sni_proto_nego_la_SOURCES = sni_proto_nego.cc
-sni_proto_nego_la_LDFLAGS = $(TS_PLUGIN_LDFLAGS)
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
deleted file mode 100644
index cd1f4db..0000000
--- a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
+++ /dev/null
@@ -1,194 +0,0 @@
-#include <stdio.h>
-#include <ts/ts.h>
-#include <ts/apidefs.h>
-#include <openssl/ssl.h>
-#include <string>
-#include <map>
-#include <string.h>
-
-using namespace std;
-
-const char* PLUGIN_NAME = "sni_proto_nego";
-const int MAX_BUFFER_SIZE = 1024;
-const int MAX_FILE_PATH_SIZE = 1024;
-const unsigned int MAX_PROTO_LIST_LEN = 100;
-const unsigned int MAX_PROTO_NAME_LEN = 255;
-
-typedef struct {
- bool enableNpn;
- unsigned int npn_proto_list_count;
- unsigned char npn_proto_list [MAX_PROTO_LIST_LEN] [MAX_PROTO_NAME_LEN];
-} SNIProtoConfig;
-
-typedef map<string, SNIProtoConfig> stringMap;
-static stringMap _sniProtoMap;
-
-static
-bool read_config(char* config_file) {
- char file_path[MAX_FILE_PATH_SIZE];
- TSFile file;
- if (config_file == NULL) {
- TSError("invalid config file");
- return false;
- }
- TSDebug(PLUGIN_NAME, "trying to open config file in this path: %s", file_path);
- file = TSfopen(config_file, "r");
- if (file == NULL) {
- snprintf(file_path, sizeof(file_path), "%s/%s", TSInstallDirGet(), config_file);
- file = TSfopen(file_path, "r");
- if (file == NULL) {
- TSError("Failed to open config file %s", config_file);
- return false;
- }
- }
- char buffer[MAX_BUFFER_SIZE];
- memset(buffer, 0, sizeof(buffer));
- while (TSfgets(file, buffer, sizeof(buffer) - 1) != NULL) {
- char *eol = 0;
- // make sure line was not bigger than buffer
- if ((eol = strchr(buffer, '\n')) == NULL && (eol = strstr(buffer, "\r\n")) == NULL) {
- TSError("sni_proto_nego line too long, did not get a good line in cfg, skipping, line: %s", buffer);
- memset(buffer, 0, sizeof(buffer));
- continue;
- }
- // make sure line has something useful on it
- if (eol - buffer < 2 || buffer[0] == '#') {
- memset(buffer, 0, sizeof(buffer));
- continue;
- }
- char* cfg = strtok(buffer, "\n\r\n");
-
- if (cfg != NULL) {
- TSDebug(PLUGIN_NAME, "setting SniProto based on string: %s", cfg);
-
- char* domain = strtok(buffer, " ");
- SNIProtoConfig sniProtoConfig = {1, 1};
-
- if (domain) {
- if ((*domain == '*') && (domain+1) && (*(domain+1)=='.')) {
- domain += 2;
- if (domain == NULL) {
- continue;
- }
- }
- char* sni_proto_config = strtok (NULL, " ");
- if (sni_proto_config) {
- sniProtoConfig.enableNpn = atoi(sni_proto_config);
- TSDebug(PLUGIN_NAME, "npn_proto_config %d", sniProtoConfig.enableNpn);
- sni_proto_config = strtok (NULL, " ");
- // now get the npn proto advertisment list
- sni_proto_config = strtok (NULL, " ");
- sniProtoConfig.npn_proto_list_count = 0;
- while (sni_proto_config != NULL) {
- char* proto = strtok(NULL, "|");
- if ((proto == NULL) ||
- (sniProtoConfig.npn_proto_list_count >= MAX_PROTO_LIST_LEN) ||
- (strlen(proto) >= MAX_PROTO_NAME_LEN)) {
- break;
- }
- _TSstrlcpy((char*)sniProtoConfig.npn_proto_list[sniProtoConfig.npn_proto_list_count++], proto, (strlen(proto) + 1));
- }
- }
- _sniProtoMap.insert(make_pair(domain, sniProtoConfig));
- }
-
- memset(buffer, 0, sizeof(buffer));
- }
- }
-
- TSfclose(file);
-
- TSDebug(PLUGIN_NAME, "Done parsing config");
-
- return true;
-}
-
-
-static void
-init_sni_callback(void *sslNetVC)
-{
- TSVConn ssl_vc = reinterpret_cast<TSVConn>(sslNetVC);
- TSSslConnection sslobj = TSVConnSSLConnectionGet(ssl_vc);
- SSL *ssl = reinterpret_cast<SSL *>(sslobj);
- const char *serverName = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
- SSL_CTX * ctx = SSL_get_SSL_CTX(ssl);
-
- if (serverName == NULL) {
- TSDebug(PLUGIN_NAME, "invalid ssl netVC %p, servername %s for ssl obj %p", sslNetVC, serverName, ssl);
- return;
- }
-
- TSDebug(PLUGIN_NAME, "ssl netVC %p, servername %s for ssl obj %p", sslNetVC, serverName, ssl);
-
- stringMap::iterator it;
- it=_sniProtoMap.find(serverName);
-
- // check for wild-card domains
- if(it==_sniProtoMap.end()) {
- char* domain = strstr((char*)serverName, ".");
- if (domain && (domain+1)) {
- it=_sniProtoMap.find(domain+1);
- }
- }
-
- if (it!=_sniProtoMap.end()) {
- SNIProtoConfig sniProtoConfig = it->second;
- if (!sniProtoConfig.enableNpn) {
- TSDebug(PLUGIN_NAME, "disabling NPN for serverName %s", serverName);
- SSL_CTX_set_next_protos_advertised_cb(ctx, NULL, NULL);
- } else {
- TSDebug(PLUGIN_NAME, "setting NPN advertised list for %s", serverName);
- TSSslAdvertiseProtocolSet(ssl_vc, (const unsigned char **)sniProtoConfig.npn_proto_list, sniProtoConfig.npn_proto_list_count);
- }
- } else {
- TSDebug(PLUGIN_NAME, "setting NPN advertised list for %s", serverName);
- TSSslAdvertiseProtocolSet(ssl_vc, NULL, 0);
- }
-}
-
-int
-SSLSniInitCallbackHandler(TSCont cont, TSEvent id, void* sslNetVC) {
- (void) cont;
- TSDebug(PLUGIN_NAME, "SSLSniInitCallbackHandler with id %d", id);
- switch (id) {
- case TS_SSL_SNI_HOOK:
- {
- init_sni_callback(sslNetVC);
- }
- break;
-
- default:
- TSDebug(PLUGIN_NAME, "Unexpected event %d", id);
- break;
- }
-
- return TS_EVENT_NONE;
-}
-
-void
-TSPluginInit(int argc, const char *argv[])
-{
- (void) argc;
- TSPluginRegistrationInfo info;
-
- info.plugin_name = (char *)("sni_proto_nego");
- info.vendor_name = (char *)("ats");
-
- if (TSPluginRegister(TS_SDK_VERSION_3_0, &info) != TS_SUCCESS) {
- TSError("Plugin registration failed.");
- }
-
- char* config_file = (char*)"conf/sni_proto_nego/sni_proto_nego.config";
-
- if (argc >= 2) {
- config_file = (char*)argv[1];
- }
-
- if (!read_config(config_file)) {
- TSDebug(PLUGIN_NAME, "nothing to do..");
- return;
- }
-
- TSCont cont = TSContCreate(SSLSniInitCallbackHandler, NULL);
- TSHttpHookAdd(TS_SSL_SNI_HOOK, cont);
-}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/proxy/InkAPI.cc
----------------------------------------------------------------------
diff --git a/proxy/InkAPI.cc b/proxy/InkAPI.cc
index d61e997..62f0870 100644
--- a/proxy/InkAPI.cc
+++ b/proxy/InkAPI.cc
@@ -8757,16 +8757,6 @@ tsapi int TSVConnIsSsl(TSVConn sslp)
return ssl_vc != NULL;
}
-tsapi TSReturnCode
-TSSslAdvertiseProtocolSet(TSVConn sslp, const unsigned char ** list, unsigned int count)
-{
- NetVConnection *vc = reinterpret_cast<NetVConnection*>(sslp);
- SSLNetVConnection *ssl_vc = dynamic_cast<SSLNetVConnection*>(vc);
- sdk_assert(sdk_sanity_check_null_ptr((void*)ssl_vc) == TS_SUCCESS);
- ssl_vc->setAdvertiseProtocols(list, count);
- return TS_SUCCESS;
-}
-
void
TSVConnReenable(TSVConn vconn)
{
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a0bad98e/proxy/api/ts/ts.h
----------------------------------------------------------------------
diff --git a/proxy/api/ts/ts.h b/proxy/api/ts/ts.h
index 8950b5c..b5b0abe 100644
--- a/proxy/api/ts/ts.h
+++ b/proxy/api/ts/ts.h
@@ -1238,7 +1238,6 @@ extern "C"
tsapi TSSslContext TSSslContextFindByAddr(struct sockaddr const*);
// Returns 1 if the sslp argument refers to a SSL connection
tsapi int TSVConnIsSsl(TSVConn sslp);
- tsapi TSReturnCode TSSslAdvertiseProtocolSet(TSVConn sslp, const unsigned char ** list, unsigned int count);
/* --------------------------------------------------------------------------
HTTP transactions */
[8/8] trafficserver git commit: [TS-3153]: Reverting changes for
TS-3153 as a better solution is being discussed
Posted by su...@apache.org.
[TS-3153]: Reverting changes for TS-3153 as a better solution is being discussed
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/5f7f7cd2
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/5f7f7cd2
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/5f7f7cd2
Branch: refs/heads/master
Commit: 5f7f7cd2df02585ef9be3d0d5dd2e2475ccf7d2d
Parents: a0bad98
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:24:18 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:24:18 2014 +0000
----------------------------------------------------------------------
CHANGES | 2 --
1 file changed, 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/5f7f7cd2/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 8537d90..4ad9303 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,8 +8,6 @@ Changes with Apache Traffic Server 5.2.0
*) [TS-2009] Fail HTTP header parsing for null characters.
- *) [TS-3153] Ability to disable/modify NPN advertisement list based on SNI.
-
*) [TS-3196] Prevent crash due to de-allocated read VIO continuation.
*) [TS-3199] Do not wait for body for HEAD method.
[6/8] trafficserver git commit: Revert "Add license info for new file"
Posted by su...@apache.org.
Revert "Add license info for new file"
This reverts commit 34ca6f2dce481a1a2bb5401778368508d8062773.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/d839f21e
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/d839f21e
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/d839f21e
Branch: refs/heads/master
Commit: d839f21efca8fbd5da31eb3e108cd23220188838
Parents: dafe0a3
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:53 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:53 2014 +0000
----------------------------------------------------------------------
.../sni_proto_nego/sni_proto_nego.cc | 23 --------------------
1 file changed, 23 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/d839f21e/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
index 9a8ba0e..cd1f4db 100644
--- a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
+++ b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
@@ -1,26 +1,3 @@
-/** @file
-
- Plugin to perform background fetches of certain content that would
- otherwise not be cached. For example, Range: requests / responses.
-
- @section license License
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
#include <stdio.h>
#include <ts/ts.h>
#include <ts/apidefs.h>
[2/8] trafficserver git commit: Revert "fix build failure"
Posted by su...@apache.org.
Revert "fix build failure"
This reverts commit cd3a246c4bd66d3050aeb606bd15005ef27dc627.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/b80c6ca2
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/b80c6ca2
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/b80c6ca2
Branch: refs/heads/master
Commit: b80c6ca2810fb77b262a2fb638661aead7c27669
Parents: d07da25
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:48 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:48 2014 +0000
----------------------------------------------------------------------
plugins/experimental/sni_proto_nego/sni_proto_nego.cc | 2 --
1 file changed, 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/b80c6ca2/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
index bd5e5f2..59b6db1 100644
--- a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
+++ b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
@@ -156,10 +156,8 @@ init_sni_callback(void *sslNetVC)
if (it!=_sniProtoMap.end()) {
SNIProtoConfig sniProtoConfig = it->second;
if (!sniProtoConfig.enableNpn) {
-#if TS_USE_TLS_NPN
TSDebug(PLUGIN_NAME, "disabling NPN for serverName %s", serverName);
SSL_CTX_set_next_protos_advertised_cb(ctx, NULL, NULL);
-#endif
} else {
TSDebug(PLUGIN_NAME, "setting NPN advertised list for %s", serverName);
//TSSslAdvertiseProtocolSet(ssl_vc, (const unsigned char **)sniProtoConfig.npn_proto_list, sniProtoConfig.npn_proto_list_count);
[3/8] trafficserver git commit: Revert "Reverting the new API changes
to get the API reviewed"
Posted by su...@apache.org.
Revert "Reverting the new API changes to get the API reviewed"
This reverts commit afa4fab2ec801f1e3e23e533446430268d80883a.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/8b16a765
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/8b16a765
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/8b16a765
Branch: refs/heads/master
Commit: 8b16a765519b560e73c12d76775601859750cd21
Parents: b80c6ca
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:49 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:49 2014 +0000
----------------------------------------------------------------------
plugins/experimental/sni_proto_nego/sni_proto_nego.cc | 4 ++--
proxy/InkAPI.cc | 10 ++++++++++
proxy/api/ts/ts.h | 1 +
3 files changed, 13 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/8b16a765/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
index 59b6db1..8b4afc1 100644
--- a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
+++ b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
@@ -160,11 +160,11 @@ init_sni_callback(void *sslNetVC)
SSL_CTX_set_next_protos_advertised_cb(ctx, NULL, NULL);
} else {
TSDebug(PLUGIN_NAME, "setting NPN advertised list for %s", serverName);
- //TSSslAdvertiseProtocolSet(ssl_vc, (const unsigned char **)sniProtoConfig.npn_proto_list, sniProtoConfig.npn_proto_list_count);
+ TSSslAdvertiseProtocolSet(ssl_vc, (const unsigned char **)sniProtoConfig.npn_proto_list, sniProtoConfig.npn_proto_list_count);
}
} else {
TSDebug(PLUGIN_NAME, "setting NPN advertised list for %s", serverName);
- //TSSslAdvertiseProtocolSet(ssl_vc, NULL, 0);
+ TSSslAdvertiseProtocolSet(ssl_vc, NULL, 0);
}
}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/8b16a765/proxy/InkAPI.cc
----------------------------------------------------------------------
diff --git a/proxy/InkAPI.cc b/proxy/InkAPI.cc
index 62f0870..d61e997 100644
--- a/proxy/InkAPI.cc
+++ b/proxy/InkAPI.cc
@@ -8757,6 +8757,16 @@ tsapi int TSVConnIsSsl(TSVConn sslp)
return ssl_vc != NULL;
}
+tsapi TSReturnCode
+TSSslAdvertiseProtocolSet(TSVConn sslp, const unsigned char ** list, unsigned int count)
+{
+ NetVConnection *vc = reinterpret_cast<NetVConnection*>(sslp);
+ SSLNetVConnection *ssl_vc = dynamic_cast<SSLNetVConnection*>(vc);
+ sdk_assert(sdk_sanity_check_null_ptr((void*)ssl_vc) == TS_SUCCESS);
+ ssl_vc->setAdvertiseProtocols(list, count);
+ return TS_SUCCESS;
+}
+
void
TSVConnReenable(TSVConn vconn)
{
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/8b16a765/proxy/api/ts/ts.h
----------------------------------------------------------------------
diff --git a/proxy/api/ts/ts.h b/proxy/api/ts/ts.h
index b5b0abe..8950b5c 100644
--- a/proxy/api/ts/ts.h
+++ b/proxy/api/ts/ts.h
@@ -1238,6 +1238,7 @@ extern "C"
tsapi TSSslContext TSSslContextFindByAddr(struct sockaddr const*);
// Returns 1 if the sslp argument refers to a SSL connection
tsapi int TSVConnIsSsl(TSVConn sslp);
+ tsapi TSReturnCode TSSslAdvertiseProtocolSet(TSVConn sslp, const unsigned char ** list, unsigned int count);
/* --------------------------------------------------------------------------
HTTP transactions */
[4/8] trafficserver git commit: Revert "fix build error"
Posted by su...@apache.org.
Revert "fix build error"
This reverts commit 98a218d10347de28cb66390b5c33759ca5d74e12.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/9c43d502
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/9c43d502
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/9c43d502
Branch: refs/heads/master
Commit: 9c43d5027df3a87507ff68f9470e71c22fc7e4bc
Parents: 8b16a76
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:50 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:50 2014 +0000
----------------------------------------------------------------------
.../experimental/sni_proto_nego/sni_proto_nego.cc | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9c43d502/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
----------------------------------------------------------------------
diff --git a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
index 8b4afc1..9a8ba0e 100644
--- a/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
+++ b/plugins/experimental/sni_proto_nego/sni_proto_nego.cc
@@ -23,6 +23,7 @@
*/
#include <stdio.h>
#include <ts/ts.h>
+#include <ts/apidefs.h>
#include <openssl/ssl.h>
#include <string>
#include <map>
@@ -169,8 +170,21 @@ init_sni_callback(void *sslNetVC)
}
int
-SSLSniInitCallbackHandler(TSCont /* cont */, TSEvent /* id */, void* sslNetVC) {
- init_sni_callback(sslNetVC);
+SSLSniInitCallbackHandler(TSCont cont, TSEvent id, void* sslNetVC) {
+ (void) cont;
+ TSDebug(PLUGIN_NAME, "SSLSniInitCallbackHandler with id %d", id);
+ switch (id) {
+ case TS_SSL_SNI_HOOK:
+ {
+ init_sni_callback(sslNetVC);
+ }
+ break;
+
+ default:
+ TSDebug(PLUGIN_NAME, "Unexpected event %d", id);
+ break;
+ }
+
return TS_EVENT_NONE;
}
[5/8] trafficserver git commit: Revert "[TS-3153]: Add documentation
for new API TSSslAdvertiseProtocolSet"
Posted by su...@apache.org.
Revert "[TS-3153]: Add documentation for new API TSSslAdvertiseProtocolSet"
This reverts commit f19eba3ca70159af1ced63cc987b4a2508c570ba.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/dafe0a39
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/dafe0a39
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/dafe0a39
Branch: refs/heads/master
Commit: dafe0a3977a4f3eafae649c687474ac4bfc21110
Parents: 9c43d50
Author: Sudheer Vinukonda <su...@yahoo-inc.com>
Authored: Wed Nov 19 16:23:51 2014 +0000
Committer: Sudheer Vinukonda <su...@yahoo-inc.com>
Committed: Wed Nov 19 16:23:51 2014 +0000
----------------------------------------------------------------------
.../api/TSSslAdvertiseProtocolSet.en.rst | 32 --------------------
1 file changed, 32 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/dafe0a39/doc/reference/api/TSSslAdvertiseProtocolSet.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/api/TSSslAdvertiseProtocolSet.en.rst b/doc/reference/api/TSSslAdvertiseProtocolSet.en.rst
deleted file mode 100644
index 7684242..0000000
--- a/doc/reference/api/TSSslAdvertiseProtocolSet.en.rst
+++ /dev/null
@@ -1,32 +0,0 @@
-.. Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed
- with this work for additional information regarding copyright
- ownership. The ASF licenses this file to you under the Apache
- License, Version 2.0 (the "License"); you may not use this file
- except in compliance with the License. You may obtain a copy of
- the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied. See the License for the specific language governing
- permissions and limitations under the License.
-
-
-TSSslAdvertiseProtocolSet
-============
-
-Synopsis
---------
-
-`#include <ts/ts.h>`
-
-.. c:function:: TSReturnCode TSSslAdvertiseProtocolSet(TSVConn sslp, const unsigned char ** list, unsigned int count);
-
-Description
------------
-
- Modifies the NPN advertisement list for a given SSL connection with :arg:`list`. If :arg:`count` is 0, sets the NPN advertisement list to the default registered protocol list for the end point. Note that, the plugin that uses this API owns the :arg:`list` and is responsible for making sure it points to a valid memory.
-