You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2015/04/23 21:43:15 UTC
[1/3] trafficserver git commit: Fix coverity error.
Repository: trafficserver
Updated Branches:
refs/heads/master a777a14a0 -> 98c87ee51
Fix coverity error.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/a5a23800
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/a5a23800
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/a5a23800
Branch: refs/heads/master
Commit: a5a238006ab2eb10ddc306612d74c1254c6a621a
Parents: ef36a50
Author: shinrich <sh...@yahoo-inc.com>
Authored: Tue Apr 21 21:58:35 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Tue Apr 21 21:58:35 2015 -0500
----------------------------------------------------------------------
iocore/net/SSLConfig.cc | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/a5a23800/iocore/net/SSLConfig.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 669e1c1..0fc56d7 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -72,6 +72,7 @@ SSLConfigParams::SSLConfigParams()
ssl_session_cache_skip_on_contention = 0;
ssl_session_cache_timeout = 0;
ssl_session_cache_auto_clear = 1;
+ configExitOnLoadError = 0;
}
SSLConfigParams::~SSLConfigParams()
[2/3] trafficserver git commit: Merge branch 'master' of
https://git-wip-us.apache.org/repos/asf/trafficserver
Posted by sh...@apache.org.
Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/trafficserver
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/cd4209bd
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/cd4209bd
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/cd4209bd
Branch: refs/heads/master
Commit: cd4209bdfb50ddb883b17a6f498f55b5812f33f3
Parents: a5a2380 a777a14
Author: shinrich <sh...@yahoo-inc.com>
Authored: Thu Apr 23 14:24:27 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Thu Apr 23 14:24:27 2015 -0500
----------------------------------------------------------------------
CHANGES | 4 ++++
lib/ts/ink_atomic.h | 2 +-
lib/ts/ink_memory.h | 3 ---
lib/ts/signals.cc | 2 +-
mgmt/utils/MgmtSocket.cc | 2 +-
proxy/InkAPI.cc | 2 +-
proxy/Main.cc | 4 ++--
proxy/api/ts/ts.h | 2 +-
proxy/http/HttpSM.cc | 2 ++
proxy/http/remap/RemapConfig.cc | 3 ++-
proxy/logging/LogUtils.cc | 4 ++++
11 files changed, 19 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
[3/3] trafficserver git commit: TS-3554: Memory load reloading
ssl_multicert.config
Posted by sh...@apache.org.
TS-3554: Memory load reloading ssl_multicert.config
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/98c87ee5
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/98c87ee5
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/98c87ee5
Branch: refs/heads/master
Commit: 98c87ee51b2ad91787b7a9fa2827cab1c03b3d22
Parents: cd4209b
Author: shinrich <sh...@yahoo-inc.com>
Authored: Thu Apr 23 14:42:39 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Thu Apr 23 14:42:39 2015 -0500
----------------------------------------------------------------------
CHANGES | 2 ++
iocore/net/SSLConfig.cc | 10 +++++++---
iocore/net/SSLUtils.cc | 6 +++---
mgmt/ProxyConfig.cc | 3 +++
4 files changed, 15 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/98c87ee5/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 1596245..16f365d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
-*- coding: utf-8 -*-
Changes with Apache Traffic Server 6.0.0
+ *) [TS-3554] Memory leak on ssl_multicert.config reload.
+
*) [TS-3551] Fix LogUtils.cc compile on Illumos.
*) [TS-3548] Fix psiginfo usage on Illumos.
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/98c87ee5/iocore/net/SSLConfig.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 0fc56d7..74908d3 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -334,7 +334,7 @@ SSLCertificateConfig::startup()
// Exit if there are problems on the certificate loading and the
// proxy.config.ssl.server.multicert.exit_on_load_fail is true
- SSLConfigParams *params = SSLConfig::acquire();
+ SSLConfig::scoped_config params;
if (!reconfigure() && params->configExitOnLoadError) {
Error("Problems loading ssl certificate file, %s. Exiting.", params->configFilePath);
_exit(1);
@@ -358,11 +358,15 @@ SSLCertificateConfig::reconfigure()
}
SSLParseCertificateConfiguration(params, lookup);
- configid = configProcessor.set(configid, lookup);
+ // If there are errors in the certificate configs and we had wanted to exit on error
+ // we won't want to reset the config
+ if (lookup->is_valid || !params->configExitOnLoadError) {
+ configid = configProcessor.set(configid, lookup);
+ }
+
if (!lookup->is_valid) {
retStatus = false;
}
-
return retStatus;
}
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/98c87ee5/iocore/net/SSLUtils.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 75a44a7..3648630 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -267,7 +267,7 @@ set_context_cert(SSL *ssl)
{
SSL_CTX *ctx = NULL;
SSLCertContext *cc = NULL;
- SSLCertLookup *lookup = SSLCertificateConfig::acquire();
+ SSLCertificateConfig::scoped_config lookup;
const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
SSLNetVConnection *netvc = (SSLNetVConnection *)SSL_get_app_data(ssl);
bool found = true;
@@ -326,7 +326,6 @@ set_context_cert(SSL *ssl)
goto done;
}
done:
- SSLCertificateConfig::release(lookup);
return retval;
}
@@ -1886,7 +1885,7 @@ static int
ssl_callback_session_ticket(SSL *ssl, unsigned char *keyname, unsigned char *iv, EVP_CIPHER_CTX *cipher_ctx, HMAC_CTX *hctx,
int enc)
{
- SSLCertLookup *lookup = SSLCertificateConfig::acquire();
+ SSLCertificateConfig::scoped_config lookup;
SSLNetVConnection *netvc = (SSLNetVConnection *)SSL_get_app_data(ssl);
// Get the IP address to look up the keyblock
@@ -1901,6 +1900,7 @@ ssl_callback_session_ticket(SSL *ssl, unsigned char *keyname, unsigned char *iv,
if (cc == NULL || cc->keyblock == NULL) {
// No, key specified. Must fail out at this point.
// Alternatively we could generate a random key
+
return -1;
}
ssl_ticket_key_block *keyblock = cc->keyblock;
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/98c87ee5/mgmt/ProxyConfig.cc
----------------------------------------------------------------------
diff --git a/mgmt/ProxyConfig.cc b/mgmt/ProxyConfig.cc
index bd06063..6ee1687 100644
--- a/mgmt/ProxyConfig.cc
+++ b/mgmt/ProxyConfig.cc
@@ -154,6 +154,8 @@ ConfigProcessor::set(unsigned int id, ConfigInfo *info, unsigned timeout_secs)
old_info = infos[idx];
} while (!ink_atomic_cas(&infos[idx], old_info, info));
+ Debug("config", "Set for slot %d 0x%" PRId64 " was 0x%" PRId64 " with ref count %d", id, (int64_t)info, (int64_t)old_info, (old_info) ? old_info->refcount():0);
+
if (old_info) {
// The ConfigInfoReleaser now takes our refcount, but
// someother thread might also have one ...
@@ -204,6 +206,7 @@ ConfigProcessor::release(unsigned int id, ConfigInfo *info)
if (info->refcount_dec() == 0) {
// When we release, we should already have replaced this object in the index.
+ Debug("config", "Release config %d 0x%" PRId64, id, (int64_t)info);
ink_release_assert(info != this->infos[idx]);
delete info;
}