You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by GitBox <gi...@apache.org> on 2019/01/15 23:51:25 UTC
[trafficserver] Diff for: [GitHub] zwoop merged pull request #4576: Add
Session and SSL hooks to test_hooks Au test.
diff --git a/doc/developer-guide/api/functions/TSHttpHookAdd.en.rst b/doc/developer-guide/api/functions/TSHttpHookAdd.en.rst
index 283e7e28ba..d21bb4b7ce 100644
--- a/doc/developer-guide/api/functions/TSHttpHookAdd.en.rst
+++ b/doc/developer-guide/api/functions/TSHttpHookAdd.en.rst
@@ -113,6 +113,11 @@ transaction hooks::
TSHttpTxnHookAdd(txnp, TS_HTTP_READ_REQUEST_HDR_HOOK, contp);
TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
return 0;
+ case TS_EVENT_HTTP_READ_REQUEST_HDR:
+ txnp = (TSHttpTxn) edata;
+ // ...
+ TSHttpTxnReenable(txnp, TS_EVENT_HTTP_CONTINUE);
+ return 0;
default:
break;
}
@@ -128,6 +133,9 @@ transaction hooks::
TSHttpHookAdd(TS_HTTP_SSN_START_HOOK, contp);
}
+For more example code using hooks, see the test_hooks plugin in tests/tools/plugins (used by the test_hooks.test.py
+Gold test).
+
See Also
========
diff --git a/tests/gold_tests/pluginTest/test_hooks/log.gold b/tests/gold_tests/pluginTest/test_hooks/log.gold
index 5d5be50a42..b798539374 100644
--- a/tests/gold_tests/pluginTest/test_hooks/log.gold
+++ b/tests/gold_tests/pluginTest/test_hooks/log.gold
@@ -9,3 +9,22 @@ Session: event=TS_EVENT_HTTP_TXN_CLOSE
Transaction: event=TS_EVENT_HTTP_TXN_CLOSE
Global: event=TS_EVENT_HTTP_SSN_CLOSE
Session: event=TS_EVENT_HTTP_SSN_CLOSE
+Global: event=TS_EVENT_VCONN_START
+Global: ssl flag=1
+Global: event=TS_EVENT_SSL_SERVERNAME
+Global: ssl flag=1
+Global: event=TS_EVENT_SSL_CERT
+Global: ssl flag=1
+Global: event=TS_EVENT_HTTP_SSN_START
+Global: event=TS_EVENT_HTTP_TXN_START
+Session: event=TS_EVENT_HTTP_TXN_START
+Global: event=TS_EVENT_HTTP_READ_REQUEST_HDR
+Session: event=TS_EVENT_HTTP_READ_REQUEST_HDR
+Transaction: event=TS_EVENT_HTTP_READ_REQUEST_HDR
+Global: event=TS_EVENT_HTTP_TXN_CLOSE
+Session: event=TS_EVENT_HTTP_TXN_CLOSE
+Transaction: event=TS_EVENT_HTTP_TXN_CLOSE
+Global: event=TS_EVENT_HTTP_SSN_CLOSE
+Session: event=TS_EVENT_HTTP_SSN_CLOSE
+Global: event=TS_EVENT_VCONN_CLOSE
+Global: ssl flag=1
diff --git a/tests/gold_tests/pluginTest/test_hooks/one.in b/tests/gold_tests/pluginTest/test_hooks/one.in
deleted file mode 100644
index 48306bed26..0000000000
--- a/tests/gold_tests/pluginTest/test_hooks/one.in
+++ /dev/null
@@ -1,4 +0,0 @@
-GET /argh HTTP/1.1
-Host: one
-X-Debug: X-Remap
-
diff --git a/tests/gold_tests/pluginTest/test_hooks/spurious.in b/tests/gold_tests/pluginTest/test_hooks/spurious.in
new file mode 100644
index 0000000000..a88748bbbd
--- /dev/null
+++ b/tests/gold_tests/pluginTest/test_hooks/spurious.in
@@ -0,0 +1,4 @@
+Global: event=TS_EVENT_VCONN_START
+Global: ssl flag=1
+Global: event=TS_EVENT_VCONN_CLOSE
+Global: ssl flag=1
diff --git a/tests/gold_tests/pluginTest/test_hooks/ssl/server.key b/tests/gold_tests/pluginTest/test_hooks/ssl/server.key
new file mode 100644
index 0000000000..4c7a661a6b
--- /dev/null
+++ b/tests/gold_tests/pluginTest/test_hooks/ssl/server.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDWMHOiUF+ORmZjAxI8MWE9dblb7gQSJ36WCXlPFiFx6ynF+S1E
+kXAYpIip5X0pzDUaIbLukxJUAAnOtMEO0PCgxJQUrEtRWh8wiJdbdQJF0Zs/9R+u
+SUgb61f+mdTQvhqefBGx+xrpfAcgtcWiZuSA9Q3fvpDj5WOWSPWXBUuxywIDAQAB
+AoGBAJPxRX2gjFAGWmQbU/YVmXfNH6navh8X/nx9sLeqrpE0AFeJI/ZPiqDKzMal
+B43eSfNxwVi+ZxN0L1ICUbL9KKZvHs/QBxWLA1fGVAXrz7sRplEVvakPpTfHoEnv
+sKaMWVKaK/S5WGbDhElb6zb/Lwo19DsIAPjGYqFvzFJBmobJAkEA9iSeTGkR9X26
+GywZoYrIMlRh34htOIRx1UUq88rFzdrCF21kQ4lhBIkX5OZMMy652i2gyak4OZTe
+YewIv8jw9QJBAN7EQNHG8jPwXfVp91/fqxVQEfumuP2i6uiWWYQgZCmla2+0xcLZ
+pMQ6sQEe10hhTrVnzHgAUVp50Ntn2jwBX78CQF09veGAI9d1Cxzj9cmmAvRd1r2Q
+tp8kPOLnUsALXib+6WtqewLCdcf8DtsdClyRJMIraq85tRzK8fryKNZNzkkCQEgA
+yS7FDj5JgCU15hZgFk1iPx3HCt44jZM2HaL+UUHAzRQjKxTLAl3G1rWVAWLMyQML
+lORoveLvotl4HOruSsMCQQCAx9dV9JUSFoyc1CWILp/FgUH/se4cjQCThGO0DoQQ
+vGTYmntY7j9WRJ9esQrjdD6Clw8zM/45GIBNwnXzqo7Z
+-----END RSA PRIVATE KEY-----
diff --git a/tests/gold_tests/pluginTest/test_hooks/ssl/server.pem b/tests/gold_tests/pluginTest/test_hooks/ssl/server.pem
new file mode 100644
index 0000000000..58b9b9715b
--- /dev/null
+++ b/tests/gold_tests/pluginTest/test_hooks/ssl/server.pem
@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDWMHOiUF+ORmZjAxI8MWE9dblb7gQSJ36WCXlPFiFx6ynF+S1E
+kXAYpIip5X0pzDUaIbLukxJUAAnOtMEO0PCgxJQUrEtRWh8wiJdbdQJF0Zs/9R+u
+SUgb61f+mdTQvhqefBGx+xrpfAcgtcWiZuSA9Q3fvpDj5WOWSPWXBUuxywIDAQAB
+AoGBAJPxRX2gjFAGWmQbU/YVmXfNH6navh8X/nx9sLeqrpE0AFeJI/ZPiqDKzMal
+B43eSfNxwVi+ZxN0L1ICUbL9KKZvHs/QBxWLA1fGVAXrz7sRplEVvakPpTfHoEnv
+sKaMWVKaK/S5WGbDhElb6zb/Lwo19DsIAPjGYqFvzFJBmobJAkEA9iSeTGkR9X26
+GywZoYrIMlRh34htOIRx1UUq88rFzdrCF21kQ4lhBIkX5OZMMy652i2gyak4OZTe
+YewIv8jw9QJBAN7EQNHG8jPwXfVp91/fqxVQEfumuP2i6uiWWYQgZCmla2+0xcLZ
+pMQ6sQEe10hhTrVnzHgAUVp50Ntn2jwBX78CQF09veGAI9d1Cxzj9cmmAvRd1r2Q
+tp8kPOLnUsALXib+6WtqewLCdcf8DtsdClyRJMIraq85tRzK8fryKNZNzkkCQEgA
+yS7FDj5JgCU15hZgFk1iPx3HCt44jZM2HaL+UUHAzRQjKxTLAl3G1rWVAWLMyQML
+lORoveLvotl4HOruSsMCQQCAx9dV9JUSFoyc1CWILp/FgUH/se4cjQCThGO0DoQQ
+vGTYmntY7j9WRJ9esQrjdD6Clw8zM/45GIBNwnXzqo7Z
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICszCCAhwCCQD4jSkztmlO1TANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgTAklMMRIwEAYDVQQHEwlDaGFtcGFpZ24xDjAMBgNVBAoTBVlh
+aG9vMQ0wCwYDVQQLEwRFZGdlMSgwJgYDVQQDEx9qdWljZXByb2R1Y2UuY29ycC5u
+ZTEueWFob28uY29tMSQwIgYJKoZIhvcNAQkBFhVwZXJzaWEuYXppekB5YWhvby5j
+b20wHhcNMTcwODI4MDM0NDQ1WhcNMjcwODI2MDM0NDQ1WjCBnTELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgTAklMMRIwEAYDVQQHEwlDaGFtcGFpZ24xDjAMBgNVBAoTBVlh
+aG9vMQ0wCwYDVQQLEwRFZGdlMSgwJgYDVQQDEx9qdWljZXByb2R1Y2UuY29ycC5u
+ZTEueWFob28uY29tMSQwIgYJKoZIhvcNAQkBFhVwZXJzaWEuYXppekB5YWhvby5j
+b20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYwc6JQX45GZmMDEjwxYT11
+uVvuBBInfpYJeU8WIXHrKcX5LUSRcBikiKnlfSnMNRohsu6TElQACc60wQ7Q8KDE
+lBSsS1FaHzCIl1t1AkXRmz/1H65JSBvrV/6Z1NC+Gp58EbH7Gul8ByC1xaJm5ID1
+Dd++kOPlY5ZI9ZcFS7HLAgMBAAEwDQYJKoZIhvcNAQELBQADgYEATX7975NdhIbJ
+glda+sXI9a86GgOpiuKO+vKubRJQZA+UlPf2vHEONjC2+7Y1aZvZYaKYL74vxGky
+zkgp6ANSPl45lqD632x0e1Z7vzW5TkqK1JB2/xH2WgDcQZmP0FuQHzVNs4GjghDr
+HCp1+sQDhfPB4aLmLFeyN0TkhdH1N3M=
+-----END CERTIFICATE-----
diff --git a/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py b/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py
index 6f79daef44..ae413defe3 100644
--- a/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py
+++ b/tests/gold_tests/pluginTest/test_hooks/test_hooks.test.py
@@ -18,6 +18,12 @@
Test TS API Hooks.
'''
+Test.SkipUnless(
+ Condition.HasATSFeature('TS_USE_TLS_ALPN'),
+ Condition.HasCurlFeature('http2'),
+)
+Test.ContinueOnFail = True
+
# test_hooks.so will output test logging to this file.
Test.Env["OUTPUT_FILE"] = Test.RunDirectory + "/log.txt"
@@ -28,41 +34,58 @@
response_header = {"headers": "HTTP/1.1 200 OK\r\nConnection: close\r\n\r\n", "timestamp": "1469733493.993", "body": "" }
server.addResponse("sessionlog.json", request_header, response_header)
-ts = Test.MakeATSProcess("ts")
+ts = Test.MakeATSProcess("ts", select_ports=False)
+
+ts.addSSLfile("ssl/server.pem")
+ts.addSSLfile("ssl/server.key")
+
+ts.Variables.ssl_port = 4443
ts.Disk.records_config.update({
+ 'proxy.config.http.cache.http': 0, # Make sure each request is forwarded to the origin server.
+ 'proxy.config.proxy_name': 'Poxy_Proxy', # This will be the server name.
+ 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.http.server_ports': (
+ 'ipv4:{0} ipv4:{1}:proto=http2;http:ssl'.format(ts.Variables.port, ts.Variables.ssl_port)),
'proxy.config.url_remap.remap_required': 0,
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'test_hooks'
- # 'proxy.config.diags.debug.tags': 'http|test_hooks'
+ 'proxy.config.diags.debug.enabled': 0,
+ 'proxy.config.diags.debug.tags': 'http|test_hooks',
})
-ts.Disk.remap_config.AddLine(
- "map http://one http://127.0.0.1:{0}".format(server.Variables.Port)
+ts.Disk.ssl_multicert_config.AddLine(
+ 'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
)
Test.PreparePlugin(Test.Variables.AtsTestToolsDir + '/plugins/test_hooks.cc', ts)
+ts.Disk.remap_config.AddLine(
+ "map http://one http://127.0.0.1:{0}".format(server.Variables.Port)
+)
+ts.Disk.remap_config.AddLine(
+ "map https://one http://127.0.0.1:{0}".format(server.Variables.Port)
+)
+
tr = Test.AddTestRun()
-tr.Processes.Default.StartBefore(Test.Processes.ts)
-tr.Processes.Default.StartBefore(Test.Processes.server)
-tr.Processes.Default.Command = "cp {}/tcp_client.py {}/tcp_client.py".format(
- Test.Variables.AtsTestToolsDir, Test.RunDirectory)
+# Wait for the micro server
+tr.Processes.Default.StartBefore(server, ready=When.PortOpen(server.Variables.Port))
+# Delay on readiness of our ssl ports
+tr.Processes.Default.StartBefore(Test.Processes.ts, ready=When.PortOpen(ts.Variables.port))
+#
+tr.Processes.Default.Command = (
+ 'curl --verbose --ipv4 --header "Host: one" http://localhost:{0}/argh'.format(ts.Variables.port)
+)
tr.Processes.Default.ReturnCode = 0
-def sendMsg(msgFile):
-
- tr = Test.AddTestRun()
- tr.Processes.Default.Command = (
- "python {}/tcp_client.py 127.0.0.1 {} {}/{}.in".format(
- Test.RunDirectory, ts.Variables.port, Test.TestDirectory, msgFile)
- )
- tr.Processes.Default.ReturnCode = 0
-
-sendMsg('one')
+tr = Test.AddTestRun()
+# A small delay so the test_hooks test plugin can assume there is only one HTTP transaction in progress at a time.
+tr.Processes.Default.Command = (
+ 'curl --verbose --ipv4 --http2 --insecure --header "Host: one" https://localhost:{0}/argh'.format(ts.Variables.ssl_port)
+)
+tr.Processes.Default.ReturnCode = 0
tr = Test.AddTestRun()
-tr.Processes.Default.Command = "echo test log.gold"
+tr.Processes.Default.Command = "echo check log"
tr.Processes.Default.ReturnCode = 0
f = tr.Disk.File("log.txt")
f.Content = "log.gold"
diff --git a/tests/tools/plugins/test_hooks.cc b/tests/tools/plugins/test_hooks.cc
index a369148d56..f5c3897bb2 100644
--- a/tests/tools/plugins/test_hooks.cc
+++ b/tests/tools/plugins/test_hooks.cc
@@ -44,6 +44,8 @@ char PIName[] = PINAME;
//
std::fstream logFile;
+TSVConn activeVConn;
+
TSHttpSsn activeSsn;
TSHttpTxn activeTxn;
@@ -167,6 +169,41 @@ globalContFunc(TSCont, TSEvent event, void *eventData)
TSDebug(PIName, "Global: event=%s(%d) eventData=%p", TSHttpEventNameLookup(event), event, eventData);
switch (event) {
+ case TS_EVENT_VCONN_START: {
+ ALWAYS_ASSERT(!activeVConn)
+
+ auto vConn = static_cast<TSVConn>(eventData);
+
+ activeVConn = vConn;
+
+ logFile << "Global: ssl flag=" << TSVConnIsSsl(vConn) << std::endl;
+
+ TSVConnReenable(vConn);
+ } break;
+
+ case TS_EVENT_SSL_CERT:
+ case TS_EVENT_SSL_SERVERNAME: {
+ auto vConn = static_cast<TSVConn>(eventData);
+
+ ALWAYS_ASSERT(vConn == activeVConn)
+
+ logFile << "Global: ssl flag=" << TSVConnIsSsl(vConn) << std::endl;
+
+ TSVConnReenable(vConn);
+ } break;
+
+ case TS_EVENT_VCONN_CLOSE: {
+ auto vConn = static_cast<TSVConn>(eventData);
+
+ ALWAYS_ASSERT(vConn == activeVConn)
+
+ logFile << "Global: ssl flag=" << TSVConnIsSsl(vConn) << std::endl;
+
+ TSVConnReenable(vConn);
+
+ activeVConn = nullptr;
+ } break;
+
case TS_EVENT_HTTP_SSN_START: {
ALWAYS_ASSERT(!activeSsn)
@@ -288,6 +325,22 @@ TSPluginInit(int argc, const char *argv[])
TSHttpHookAdd(TS_HTTP_SSN_CLOSE_HOOK, gCont);
TSHttpHookAdd(TS_HTTP_TXN_START_HOOK, gCont);
TSHttpHookAdd(TS_HTTP_TXN_CLOSE_HOOK, gCont);
+ TSHttpHookAdd(TS_SSL_CERT_HOOK, gCont);
+ TSHttpHookAdd(TS_SSL_SERVERNAME_HOOK, gCont);
+
+ // NOTE: as of January 2019 these two hooks are only triggered for TLS connections. It seems that, at trafficserver
+ // startup, spurious data on the TLS TCP port may cause trafficserver to attempt (and fail) to create a TLS
+ // connection. If this happens, it will result in TS_VCONN_START_HOOK being triggered, and then TS_VCONN_CLOSE_HOOK
+ // will be triggered when the connection closes due to failure.
+ //
+ TSHttpHookAdd(TS_VCONN_START_HOOK, gCont);
+ TSHttpHookAdd(TS_VCONN_CLOSE_HOOK, gCont);
+
+ // TSHttpHookAdd(TS_SSL_SESSION_HOOK, gCont); -- Event is TS_EVENT_SSL_SESSION_NEW -- Event data is TSHttpSsn
+ // TSHttpHookAdd(TS_SSL_SERVER_VERIFY_HOOK, gCont);
+ // TSHttpHookAdd(TS_SSL_VERIFY_CLIENT_HOOK, gCont);
+ // TSHttpHookAdd(TS_VCONN_OUTBOUND_START_HOOK, gCont);
+ // TSHttpHookAdd(TS_VCONN_OUTBOUND_CLOSE_HOOK, gCont);
sCont = TSContCreate(sessionContFunc, mtx);
With regards,
Apache Git Services