You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2021/03/17 18:21:31 UTC

[trafficserver] branch 9.1.x updated: Reactivate accept_no_activity_timeout (#7408)

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch 9.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/9.1.x by this push:
     new ee3f400  Reactivate accept_no_activity_timeout (#7408)
ee3f400 is described below

commit ee3f400859b197cc6c167de0039b53ee0ffb406f
Author: Susan Hinrichs <sh...@yahoo-inc.com>
AuthorDate: Mon Mar 8 20:33:21 2021 -0600

    Reactivate accept_no_activity_timeout (#7408)
    
    (cherry picked from commit d31e518ba7e0d3ddd2836592939c0b411e637a44)
---
 proxy/ProtocolProbeSessionAccept.cc             |  7 ++-
 proxy/http/HttpSM.cc                            |  2 +-
 tests/gold_tests/timeout/accept_timeout.test.py | 70 +++++++++++++++++++++++++
 tests/gold_tests/timeout/create_request.sh      | 20 +++++++
 tests/gold_tests/timeout/time_client.sh         | 34 ++++++++++++
 5 files changed, 131 insertions(+), 2 deletions(-)

diff --git a/proxy/ProtocolProbeSessionAccept.cc b/proxy/ProtocolProbeSessionAccept.cc
index cdbffcf..36bba68 100644
--- a/proxy/ProtocolProbeSessionAccept.cc
+++ b/proxy/ProtocolProbeSessionAccept.cc
@@ -27,6 +27,7 @@
 #include "http2/HTTP2.h"
 #include "ProxyProtocol.h"
 #include "I_NetVConnection.h"
+#include "http/HttpConfig.h"
 
 static bool
 proto_is_http2(IOBufferReader *reader)
@@ -176,7 +177,11 @@ ProtocolProbeSessionAccept::mainEvent(int event, void *data)
     NetVConnection *netvc          = static_cast<NetVConnection *>(data);
     ProtocolProbeTrampoline *probe = new ProtocolProbeTrampoline(this, netvc->mutex, nullptr, nullptr);
 
-    // XXX we need to apply accept inactivity timeout here ...
+    // The connection has completed, set the accept inactivity timeout here to watch over the difference between the
+    // connection set up and the first transaction..
+    HttpConfigParams *param = HttpConfig::acquire();
+    netvc->set_inactivity_timeout(HRTIME_SECONDS(param->accept_no_activity_timeout));
+    HttpConfig::release(param);
 
     if (!probe->reader->is_read_avail_more_than(0)) {
       Debug("http", "probe needs data, read..");
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index f6a276f..427a728 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -630,7 +630,7 @@ HttpSM::attach_client_session(ProxyTransaction *client_vc, IOBufferReader *buffe
   /////////////////////////
   // set up timeouts     //
   /////////////////////////
-  client_vc->set_inactivity_timeout(HRTIME_SECONDS(t_state.http_config_param->accept_no_activity_timeout));
+  client_vc->set_inactivity_timeout(HRTIME_SECONDS(t_state.txn_conf->transaction_no_activity_timeout_in));
   client_vc->set_active_timeout(HRTIME_SECONDS(t_state.txn_conf->transaction_active_timeout_in));
 
   ++reentrancy_count;
diff --git a/tests/gold_tests/timeout/accept_timeout.test.py b/tests/gold_tests/timeout/accept_timeout.test.py
new file mode 100644
index 0000000..1d51327
--- /dev/null
+++ b/tests/gold_tests/timeout/accept_timeout.test.py
@@ -0,0 +1,70 @@
+'''
+'''
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+Test.Summary = 'Testing ATS inactivity timeout'
+
+Test.SkipUnless(
+    Condition.HasCurlFeature('http2'),
+    Condition.HasProgram("telnet", "Need telnet to shutdown when server shuts down tcp"),
+    Condition.HasProgram("nc", "Need nc to send data to server")
+)
+
+ts = Test.MakeATSProcess("ts", select_ports=True, enable_tls=True)
+
+ts.addSSLfile("../tls/ssl/server.pem")
+ts.addSSLfile("../tls/ssl/server.key")
+
+ts.Disk.records_config.update({
+    'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
+    'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
+    'proxy.config.http.transaction_no_activity_timeout_in': 6,
+    'proxy.config.http.accept_no_activity_timeout': 2,
+    'proxy.config.net.default_inactivity_timeout': 10,
+    'proxy.config.net.defer_accept': 0  # Must turn off defer accept to test the raw TCP case
+})
+
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+# case 1 TLS with no data
+tr = Test.AddTestRun("tr")
+tr.Setup.Copy("time_client.sh")
+tr.Processes.Default.StartBefore(ts)
+tr.Processes.Default.Command = 'sh ./time_client.sh \'openssl s_client -ign_eof -connect 127.0.0.1:{0}\''.format(
+    ts.Variables.ssl_port)
+tr.Processes.Default.Streams.stdout = Testers.ContainsExpression("Accept timeout", "Request should fail from the accept timeout")
+
+# case 2 TLS with incomplete request header
+tr2 = Test.AddTestRun("tr")
+tr2.Processes.Default.Command = 'echo "GET /.html HTTP/1.1" | sh ./time_client.sh \'openssl s_client -ign_eof -connect 127.0.0.1:{0}\''.format(
+    ts.Variables.ssl_port)
+tr2.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+    "Transaction inactivity timeout", "Request should fail with transaction inactivity timeout")
+
+# case 3 TCP with no data
+tr3 = Test.AddTestRun("tr")
+tr3.Processes.Default.Command = 'sh ./time_client.sh \'telnet 127.0.0.1 {0}\''.format(ts.Variables.port)
+tr3.Processes.Default.Streams.stdout = Testers.ContainsExpression("Accept timeout", "Request should fail from the accept timeout")
+
+# case 4 TCP with incomplete request header
+tr4 = Test.AddTestRun("tr")
+tr4.Setup.Copy("create_request.sh")
+tr4.Processes.Default.Command = 'sh  ./time_client.sh \'nc -c ./create_request.sh 127.0.0.1 {0}\''.format(ts.Variables.port)
+tr4.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+    "Transaction inactivity timeout", "Request should fail with transaction inactivity timeout")
diff --git a/tests/gold_tests/timeout/create_request.sh b/tests/gold_tests/timeout/create_request.sh
new file mode 100755
index 0000000..7adddfa
--- /dev/null
+++ b/tests/gold_tests/timeout/create_request.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+printf GET / HTTP/1.1
+sleep 11
diff --git a/tests/gold_tests/timeout/time_client.sh b/tests/gold_tests/timeout/time_client.sh
new file mode 100644
index 0000000..e838b41
--- /dev/null
+++ b/tests/gold_tests/timeout/time_client.sh
@@ -0,0 +1,34 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+start=`date +%s`
+$1
+end=`date +%s`
+
+runtime=$((end-start))
+echo $runtime
+if [ $runtime -lt 6 ]
+then
+  echo "Accept timeout $runtime"
+  exit 0
+elif [ $runtime -lt 10 ]
+then
+  echo "Transaction inactivity timeout $runtime"
+  exit 0
+else
+  echo "Default inactivity timeout $runtime"
+  exit 1
+fi