You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@trafficserver.apache.org by GitBox <gi...@apache.org> on 2020/09/23 19:51:07 UTC

[GitHub] [trafficserver] ezelkow1 opened a new pull request #7212: Fix ip-allow reloads for 8x

ezelkow1 opened a new pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212


   From what I can tell the issue that causes ipallow reloading to have
   problems is related to stale acl_records. As found by @elsloo , you
   can produce the issue when testing with KA sessions since they will keep
   stale acl_records around, so after a reload is done and the timeout to
   free them has expired you end up with an invalid reference to an
   ipallow/acl object.
   
   It looks like what was happening is that the httpsession's acl_record is
   set only once while creating a new session, so that is what becomes
   stale.  I added a get function for the session's acl record which then
   fetches the parent acl record which then uses the ipallow scoped config
   to get a new acl based on the current client IP. In testing this seems
   to have alleviated the issue that I can see


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 closed pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 closed pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 edited a comment on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 edited a comment on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-698582088


   Removing the `acl_record` all together would look something like this:
   https://github.com/ezelkow1/trafficserver/commit/645c47bf09ddbb3e400506a6bc77167526ceb9f2
   
   If preferred I can close this PR and reopen with that one @SolidWallOfCode 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 edited a comment on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 edited a comment on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-698582088


   Removing the `acl_record` all together would look something like this:
   https://github.com/ezelkow1/trafficserver/commit/645c47bf09ddbb3e400506a6bc77167526ceb9f2
   
   If preferred I can close this PR and reopen with that one @SolidWallOfCode 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 commented on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 commented on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-698582088


   Removing the `acl_record` all together would look something like this:
   https://github.com/ezelkow1/trafficserver/commit/645c47bf09ddbb3e400506a6bc77167526ceb9f2
   
   If preferred I can close this PR and reopen with that one


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 commented on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 commented on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-697952574


   > Why have the `acl_record` member at all?
   
   I was just trying to do as minimal changes as possible, I suppose we could just tear out the proxyclient's acl all together and just have it done directly. Im hoping to get some feedback first as to whether or not this is the right path or if Im doing something funky, but could look at just a replacement for the acl record everywhere afterwards


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 commented on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 commented on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-699048603


   Closing to be replaced by https://github.com/apache/trafficserver/pull/7217


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode commented on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode commented on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-697945625


   Why have the `acl_record` member at all?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] ezelkow1 commented on pull request #7212: Fix ip-allow reloads for 8x

Posted by GitBox <gi...@apache.org>.

ezelkow1 commented on pull request #7212:
URL: https://github.com/apache/trafficserver/pull/7212#issuecomment-698582088


   Removing the `acl_record` all together would look something like this:
   https://github.com/ezelkow1/trafficserver/commit/645c47bf09ddbb3e400506a6bc77167526ceb9f2
   
   If preferred I can close this PR and reopen with that one


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org