You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2018/04/04 17:18:26 UTC
[trafficserver] branch 7.1.x updated (c066529 -> 89f7dba)
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a change to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.
from c066529 allow for specifying of brotli via --enable-brotli= or pkg-config
new 33ae4b2 Fixes various issues with brotli compression
new 395e0d1 Document proxy.config.ssl.client.cipher_suite
new 89f7dba potential traffic_cop crash due to leftover data in socket
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
doc/admin-guide/files/records.config.en.rst | 4 +
mgmt/api/CoreAPIRemote.cc | 14 ++-
plugins/gzip/gzip.cc | 141 ++++++++++++++--------------
3 files changed, 84 insertions(+), 75 deletions(-)
--
To stop receiving notification emails like this one, please contact
zwoop@apache.org.
[trafficserver] 01/03: Fixes various issues with brotli compression
Posted by zw...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 33ae4b20069b0ef564fc26e2c92abb8e2ae3c186
Author: Randall Meyer <ra...@yahoo.com>
AuthorDate: Fri Mar 16 16:50:47 2018 -0700
Fixes various issues with brotli compression
brotli API needs operations to be repeated until done.
flush needs to occur after block is processed.
put all brotli code paths under HAVE_BROTLI_ENCODE_H.
merge redundant code paths into a single function.
Addresses issue #2965 and #2947
(cherry picked from commit 35a512cba6a13de9309f2869cf36d134fed3bb35)
---
plugins/gzip/gzip.cc | 141 +++++++++++++++++++++++++--------------------------
1 file changed, 68 insertions(+), 73 deletions(-)
diff --git a/plugins/gzip/gzip.cc b/plugins/gzip/gzip.cc
index 1e34ab1..cc071a2 100644
--- a/plugins/gzip/gzip.cc
+++ b/plugins/gzip/gzip.cc
@@ -335,18 +335,19 @@ gzip_transform_one(Data *data, const char *upstream_buffer, int64_t upstream_len
}
}
-static void
-brotli_transform_one(Data *data, const char *upstream_buffer, int64_t upstream_length)
-{
#if HAVE_BROTLI_ENCODE_H
+static bool
+brotli_compress_operation(Data *data, const char *upstream_buffer, int64_t upstream_length, BrotliEncoderOperation op)
+{
TSIOBufferBlock downstream_blkp;
char *downstream_buffer;
int64_t downstream_length;
- int err;
+ data->bstrm.next_in = (uint8_t *)upstream_buffer;
data->bstrm.avail_in = upstream_length;
- while (data->bstrm.avail_in > 0) {
+ bool ok = true;
+ while (ok) {
downstream_blkp = TSIOBufferStart(data->downstream_buffer);
downstream_buffer = TSIOBufferBlockWriteStart(downstream_blkp, &downstream_length);
@@ -354,37 +355,49 @@ brotli_transform_one(Data *data, const char *upstream_buffer, int64_t upstream_l
data->bstrm.avail_out = downstream_length;
data->bstrm.total_out = 0;
- data->bstrm.next_in = (uint8_t *)upstream_buffer;
- if (!data->hc->flush()) {
- err = BrotliEncoderCompressStream(data->bstrm.br, BROTLI_OPERATION_PROCESS, &data->bstrm.avail_in,
- (const uint8_t **)&data->bstrm.next_in, &data->bstrm.avail_out, &data->bstrm.next_out,
- &data->bstrm.total_out);
- } else {
- err = BrotliEncoderCompressStream(data->bstrm.br, BROTLI_OPERATION_FLUSH, &data->bstrm.avail_in,
- (const uint8_t **)&data->bstrm.next_in, &data->bstrm.avail_out, &data->bstrm.next_out,
- &data->bstrm.total_out);
- }
+ ok =
+ !!BrotliEncoderCompressStream(data->bstrm.br, op, &data->bstrm.avail_in, &const_cast<const uint8_t *&>(data->bstrm.next_in),
+ &data->bstrm.avail_out, &data->bstrm.next_out, &data->bstrm.total_out);
- if (err != BROTLI_TRUE) {
- warning("BrotliEncoderCompressStream() call failed: %d", err);
+ if (!ok) {
+ error("BrotliEncoderCompressStream(%d) call failed", op);
+ return ok;
}
- if (downstream_length > (int64_t)data->bstrm.avail_out) {
- TSIOBufferProduce(data->downstream_buffer, downstream_length - data->bstrm.avail_out);
- data->downstream_length += (downstream_length - data->bstrm.avail_out);
+ TSIOBufferProduce(data->downstream_buffer, downstream_length - data->bstrm.avail_out);
+ data->downstream_length += (downstream_length - data->bstrm.avail_out);
+ if (data->bstrm.avail_in || BrotliEncoderHasMoreOutput(data->bstrm.br)) {
+ continue;
}
- if (data->bstrm.avail_out > 0) {
- if (data->bstrm.avail_in != 0) {
- error("brotli-transform: ERROR: brotli avail_in is (%lu): should be 0", data->bstrm.avail_in);
- }
- }
+ break;
}
+
+ return ok;
+}
+
+static void
+brotli_transform_one(Data *data, const char *upstream_buffer, int64_t upstream_length)
+{
+ bool ok = brotli_compress_operation(data, upstream_buffer, upstream_length, BROTLI_OPERATION_PROCESS);
+ if (!ok) {
+ error("BrotliEncoderCompressStream(PROCESS) call failed");
+ return;
+ }
+
data->bstrm.total_in += upstream_length;
-#else
- error("brotli-transform: ERROR: compile with brotli support");
-#endif
+
+ if (!data->hc->flush()) {
+ return;
+ }
+
+ ok = brotli_compress_operation(data, nullptr, 0, BROTLI_OPERATION_FLUSH);
+ if (!ok) {
+ error("BrotliEncoderCompressStream(FLUSH) call failed");
+ return;
+ }
}
+#endif
static void
compress_transform_one(Data *data, TSIOBufferReader upstream_reader, int amount)
@@ -409,10 +422,13 @@ compress_transform_one(Data *data, TSIOBufferReader upstream_reader, int amount)
upstream_length = amount;
}
+#if HAVE_BROTLI_ENCODE_H
if (data->compression_type & COMPRESSION_TYPE_BROTLI && (data->compression_algorithms & ALGORITHM_BROTLI)) {
brotli_transform_one(data, upstream_buffer, upstream_length);
- } else if ((data->compression_type & (COMPRESSION_TYPE_GZIP | COMPRESSION_TYPE_DEFLATE)) &&
- (data->compression_algorithms & (ALGORITHM_GZIP | ALGORITHM_DEFLATE))) {
+ } else
+#endif
+ if ((data->compression_type & (COMPRESSION_TYPE_GZIP | COMPRESSION_TYPE_DEFLATE)) &&
+ (data->compression_algorithms & (ALGORITHM_GZIP | ALGORITHM_DEFLATE))) {
gzip_transform_one(data, upstream_buffer, upstream_length);
} else {
warning("No compression supported. Shoudn't come here.");
@@ -466,67 +482,46 @@ gzip_transform_finish(Data *data)
}
}
+#if HAVE_BROTLI_ENCODE_H
static void
brotli_transform_finish(Data *data)
{
-#if HAVE_BROTLI_ENCODE_H
- if (data->state == transform_state_output) {
- TSIOBufferBlock downstream_blkp;
- char *downstream_buffer;
- int64_t downstream_length;
- int err;
-
- data->state = transform_state_finished;
-
- for (;;) {
- downstream_blkp = TSIOBufferStart(data->downstream_buffer);
-
- downstream_buffer = TSIOBufferBlockWriteStart(downstream_blkp, &downstream_length);
- data->bstrm.next_out = (unsigned char *)downstream_buffer;
- data->bstrm.avail_out = downstream_length;
-
- err = BrotliEncoderCompressStream(data->bstrm.br, BROTLI_OPERATION_FINISH, &data->bstrm.avail_in,
- (const uint8_t **)&data->bstrm.next_in, &data->bstrm.avail_out, &data->bstrm.next_out,
- &data->bstrm.total_out);
-
- if (downstream_length > (int64_t)data->bstrm.avail_out) {
- TSIOBufferProduce(data->downstream_buffer, downstream_length - data->bstrm.avail_out);
- data->downstream_length += (downstream_length - data->bstrm.avail_out);
- }
- if (!BrotliEncoderIsFinished(data->bstrm.br)) {
- continue;
- }
+ if (data->state != transform_state_output) {
+ return;
+ }
- if (err != BROTLI_TRUE) { /* some more data to encode */
- warning("brotli_transform: BrotliEncoderCompressStream should return BROTLI_TRUE");
- }
+ data->state = transform_state_finished;
- break;
- }
+ bool ok = brotli_compress_operation(data, nullptr, 0, BROTLI_OPERATION_FINISH);
+ if (!ok) {
+ error("BrotliEncoderCompressStream(PROCESS) call failed");
+ return;
+ }
- if (data->downstream_length != (int64_t)(data->bstrm.total_out)) {
- error("brotli-transform: ERROR: output lengths don't match (%d, %ld)", data->downstream_length, data->bstrm.total_out);
- }
- debug("brotli-transform: Finished brotli");
- gzip_log_ratio(data->bstrm.total_in, data->downstream_length);
+ if (data->downstream_length != (int64_t)(data->bstrm.total_out)) {
+ error("brotli-transform: output lengths don't match (%d, %ld)", data->downstream_length, data->bstrm.total_out);
}
-#else
- error("brotli-transform: compile with brotli support");
-#endif
+
+ debug("brotli-transform: Finished brotli");
+ gzip_log_ratio(data->bstrm.total_in, data->downstream_length);
}
+#endif
static void
compress_transform_finish(Data *data)
{
+#if HAVE_BROTLI_ENCODE_H
if (data->compression_type & COMPRESSION_TYPE_BROTLI && data->compression_algorithms & ALGORITHM_BROTLI) {
brotli_transform_finish(data);
debug("brotli-transform: Brotli compression finish.");
- } else if ((data->compression_type & (COMPRESSION_TYPE_GZIP | COMPRESSION_TYPE_DEFLATE)) &&
- (data->compression_algorithms & (ALGORITHM_GZIP | ALGORITHM_DEFLATE))) {
+ } else
+#endif
+ if ((data->compression_type & (COMPRESSION_TYPE_GZIP | COMPRESSION_TYPE_DEFLATE)) &&
+ (data->compression_algorithms & (ALGORITHM_GZIP | ALGORITHM_DEFLATE))) {
gzip_transform_finish(data);
debug("gzip-transform: Gzip compression finish.");
} else {
- warning("No Compression matched, shouldn't come here.");
+ error("No Compression matched, shouldn't come here.");
}
}
--
To stop receiving notification emails like this one, please contact
zwoop@apache.org.
[trafficserver] 03/03: potential traffic_cop crash due to leftover
data in socket
Posted by zw...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 89f7dba72f540d228c5d59acfb853ca379ef19eb
Author: Fei Deng <du...@gmail.com>
AuthorDate: Wed Mar 28 09:57:42 2018 -0500
potential traffic_cop crash due to leftover data in socket
(cherry picked from commit efd4006e5ea7a0e6c2da10a2231bea57c6b58a91)
---
mgmt/api/CoreAPIRemote.cc | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/mgmt/api/CoreAPIRemote.cc b/mgmt/api/CoreAPIRemote.cc
index caf57ad..e158a04 100644
--- a/mgmt/api/CoreAPIRemote.cc
+++ b/mgmt/api/CoreAPIRemote.cc
@@ -619,8 +619,18 @@ MgmtRecordGet(const char *rec_name, TSRecordEle *rec_ele)
}
// create and send request
- ret = MGMTAPI_SEND_MESSAGE(main_socket_fd, OpType::RECORD_GET, &optype, &record);
- return (ret == TS_ERR_OKAY) ? mgmt_record_get_reply(OpType::RECORD_GET, rec_ele) : ret;
+ if ((ret = MGMTAPI_SEND_MESSAGE(main_socket_fd, OpType::RECORD_GET, &optype, &record)) != TS_ERR_OKAY) {
+ return ret;
+ }
+
+ // drop the response if the record name doesn't match
+ // we need to do this because there might be left over data on the socket
+ // when restarting traffic_server, even though it can't be recreated in a
+ // test environment, it has been observed in production the names doesn't
+ // match and caused traffic_cop to crash due to type mismatch.
+ while ((ret = mgmt_record_get_reply(OpType::RECORD_GET, rec_ele)) == TS_ERR_OKAY && strcmp(rec_name, rec_ele->rec_name) != 0) {
+ }
+ return ret;
}
TSMgmtError
--
To stop receiving notification emails like this one, please contact
zwoop@apache.org.
[trafficserver] 02/03: Document proxy.config.ssl.client.cipher_suite
Posted by zw...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 395e0d101d4e2cfc610336880e16a9f602acc7e1
Author: Persia Aziz <pe...@yahoo-inc.com>
AuthorDate: Fri Mar 30 11:51:18 2018 -0500
Document proxy.config.ssl.client.cipher_suite
(cherry picked from commit 28588db410a0c40900952bc5fa85248175feb29c)
---
doc/admin-guide/files/records.config.en.rst | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst
index ffe2065..40655d1 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3005,6 +3005,10 @@ SSL Termination
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128- [...]
+.. ts:cv:: CONFIG proxy.config.ssl.client.cipher_suite STRING <See notes under proxy.config.ssl.server.cipher_suite.>
+
+ Configures the cipher_suite which |TS| will use for SSL connections to origin or next hop.
+
.. ts:cv:: CONFIG proxy.config.ssl.TLSv1 INT 1
Enables (``1``) or disables (``0``) TLSv1.
--
To stop receiving notification emails like this one, please contact
zwoop@apache.org.