You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2021/02/22 17:04:04 UTC
[trafficserver] branch 9.0.x updated (ba199e6 -> f31ad31)
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a change to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.
from ba199e6 Add zlib1g-dev to Debian dependencies in README (#7495)
new d5da3a0 Fix heap use after free in DNSProcessor::getby() (#3871)
new f31ad31 Disable client inactivity timeout while server is processing POST request (#7309)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
iocore/dns/DNS.cc | 2 +-
proxy/http/HttpSM.cc | 27 ++----
.../case4.sh => timeout/case-inactive1.sh} | 4 +-
.../case4.sh => timeout/case-inactive2.sh} | 4 +-
.../case4.sh => timeout/case-inactive3.sh} | 4 +-
.../case1.sh => timeout/case-inactive4.sh} | 4 +-
.../case4.sh => timeout/case-inactive5.sh} | 4 +-
.../case1.sh => timeout/case-inactive6.sh} | 4 +-
.../delay-inactive-server.sh} | 2 +-
.../timeout/inactive_client_post_timeout.test.py | 108 +++++++++++++++++++++
10 files changed, 131 insertions(+), 32 deletions(-)
copy tests/gold_tests/{chunked_encoding/case4.sh => timeout/case-inactive1.sh} (90%)
copy tests/gold_tests/{chunked_encoding/case4.sh => timeout/case-inactive2.sh} (88%)
copy tests/gold_tests/{chunked_encoding/case4.sh => timeout/case-inactive3.sh} (89%)
copy tests/gold_tests/{chunked_encoding/case1.sh => timeout/case-inactive4.sh} (87%)
copy tests/gold_tests/{chunked_encoding/case4.sh => timeout/case-inactive5.sh} (88%)
copy tests/gold_tests/{chunked_encoding/case1.sh => timeout/case-inactive6.sh} (87%)
copy tests/gold_tests/{chunked_encoding/delay-server.sh => timeout/delay-inactive-server.sh} (99%)
create mode 100644 tests/gold_tests/timeout/inactive_client_post_timeout.test.py
[trafficserver] 02/02: Disable client inactivity timeout while
server is processing POST request (#7309)
Posted by zw...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit f31ad310fdd32b3a0390006c3973f3e91348d750
Author: Susan Hinrichs <sh...@yahoo-inc.com>
AuthorDate: Thu Feb 11 16:34:36 2021 -0600
Disable client inactivity timeout while server is processing POST request (#7309)
(cherry picked from commit f3eaf814753ef7dfa72e7b18f310a1a94052eb15)
---
proxy/http/HttpSM.cc | 27 ++----
tests/gold_tests/timeout/case-inactive1.sh | 19 ++++
tests/gold_tests/timeout/case-inactive2.sh | 19 ++++
tests/gold_tests/timeout/case-inactive3.sh | 19 ++++
tests/gold_tests/timeout/case-inactive4.sh | 19 ++++
tests/gold_tests/timeout/case-inactive5.sh | 19 ++++
tests/gold_tests/timeout/case-inactive6.sh | 19 ++++
tests/gold_tests/timeout/delay-inactive-server.sh | 20 ++++
.../timeout/inactive_client_post_timeout.test.py | 108 +++++++++++++++++++++
9 files changed, 251 insertions(+), 18 deletions(-)
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 18ef278..aaf698d 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -1979,28 +1979,13 @@ HttpSM::state_read_server_response_header(int event, void *data)
// Now that we know that we have all of the origin server
// response headers, we can reset the client inactivity
- // timeout. This is unlikely to cause a recurrence of
- // old bug because there will be no more retries now that
- // the connection has been established. It is possible
- // however. We do not need to reset the inactivity timeout
- // if the request contains a body (noted by the
- // request_content_length field) because it was never
- // canceled.
- //
-
+ // timeout.
// we now reset the client inactivity timeout only
// when we are ready to send the response headers. In the
// case of transform plugin, this is after the transform
// outputs the 1st byte, which can take a long time if the
// plugin buffers the whole response.
- // Also, if the request contains a body, we cancel the timeout
- // when we read the 1st byte of the origin server response.
- /*
- if (ua_txn && !t_state.hdr_info.request_content_length) {
- ua_txn->get_netvc()->set_inactivity_timeout(HRTIME_SECONDS(
- HttpConfig::m_master.accept_no_activity_timeout));
- }
- */
+ ua_txn->set_inactivity_timeout(HRTIME_SECONDS(t_state.txn_conf->transaction_no_activity_timeout_in));
t_state.current.state = HttpTransact::CONNECTION_ALIVE;
t_state.transact_return_point = HttpTransact::HandleResponse;
@@ -3556,7 +3541,13 @@ HttpSM::tunnel_handler_post_ua(int event, HttpTunnelProducer *p)
}
}
- // Initiate another read to catch aborts and timeouts.
+ // Now that we have communicated the post body, turn off the inactivity timeout
+ // until the server starts sending data back
+ if (ua_txn && t_state.hdr_info.request_content_length) {
+ ua_txn->cancel_inactivity_timeout();
+ }
+
+ // Initiate another read to catch aborts
ua_entry->vc_handler = &HttpSM::state_watch_for_client_abort;
ua_entry->read_vio = p->vc->do_io_read(this, INT64_MAX, ua_buffer_reader->mbuf);
break;
diff --git a/tests/gold_tests/timeout/case-inactive1.sh b/tests/gold_tests/timeout/case-inactive1.sh
new file mode 100644
index 0000000..ecee593
--- /dev/null
+++ b/tests/gold_tests/timeout/case-inactive1.sh
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+nc -4 -l ${2} -c "sh ./delay-inactive-server.sh" &
+sleep 1
+curl -i http://127.0.0.1:${1}/${3}
diff --git a/tests/gold_tests/timeout/case-inactive2.sh b/tests/gold_tests/timeout/case-inactive2.sh
new file mode 100644
index 0000000..d172741
--- /dev/null
+++ b/tests/gold_tests/timeout/case-inactive2.sh
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+nc -4 -l ${2} -c "sh ./delay-inactive-server.sh" &
+sleep 1
+curl -k -i --http1.1 https://127.0.0.1:${1}/${3}
diff --git a/tests/gold_tests/timeout/case-inactive3.sh b/tests/gold_tests/timeout/case-inactive3.sh
new file mode 100644
index 0000000..9e6ad9d
--- /dev/null
+++ b/tests/gold_tests/timeout/case-inactive3.sh
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+nc -4 -l ${2} -c "sh ./delay-inactive-server.sh" &
+sleep 1
+curl -k -i --http2 https://127.0.0.1:${1}/${3}
diff --git a/tests/gold_tests/timeout/case-inactive4.sh b/tests/gold_tests/timeout/case-inactive4.sh
new file mode 100644
index 0000000..d434d9a
--- /dev/null
+++ b/tests/gold_tests/timeout/case-inactive4.sh
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+nc -4 -l ${2} -c "sh ./delay-inactive-server.sh" &
+sleep 1
+curl -d "post body" -k -i --http2 https://127.0.0.1:${1}/${3}
diff --git a/tests/gold_tests/timeout/case-inactive5.sh b/tests/gold_tests/timeout/case-inactive5.sh
new file mode 100644
index 0000000..7913436
--- /dev/null
+++ b/tests/gold_tests/timeout/case-inactive5.sh
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+nc -4 -l ${2} -c "sh ./delay-inactive-server.sh" &
+sleep 1
+curl -d "post body" -i http://127.0.0.1:${1}/${3}
diff --git a/tests/gold_tests/timeout/case-inactive6.sh b/tests/gold_tests/timeout/case-inactive6.sh
new file mode 100644
index 0000000..9fba54f
--- /dev/null
+++ b/tests/gold_tests/timeout/case-inactive6.sh
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+nc -4 -l ${2} -c "sh ./delay-inactive-server.sh" &
+sleep 1
+curl -d "post body" -k -i --http1.1 https://127.0.0.1:${1}/${3}
diff --git a/tests/gold_tests/timeout/delay-inactive-server.sh b/tests/gold_tests/timeout/delay-inactive-server.sh
new file mode 100644
index 0000000..c76df43
--- /dev/null
+++ b/tests/gold_tests/timeout/delay-inactive-server.sh
@@ -0,0 +1,20 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+sleep 4
+printf "HTTP/1.1 200\r\nTransfer-encoding: chunked\r\n\r\n"
+printf "F\r\n123456789012345\r\n"
+printf "0\r\n\r\n"
diff --git a/tests/gold_tests/timeout/inactive_client_post_timeout.test.py b/tests/gold_tests/timeout/inactive_client_post_timeout.test.py
new file mode 100644
index 0000000..9bf7c8f
--- /dev/null
+++ b/tests/gold_tests/timeout/inactive_client_post_timeout.test.py
@@ -0,0 +1,108 @@
+'''
+'''
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+Test.Summary = 'Testing ATS client inactivity timeout'
+
+Test.SkipUnless(
+ Condition.HasCurlFeature('http2')
+)
+
+ts = Test.MakeATSProcess("ts", select_ports=True, enable_tls=True)
+
+Test.ContinueOnFail = True
+
+Test.GetTcpPort("upstream_port1")
+Test.GetTcpPort("upstream_port2")
+Test.GetTcpPort("upstream_port3")
+Test.GetTcpPort("upstream_port4")
+Test.GetTcpPort("upstream_port5")
+Test.GetTcpPort("upstream_port6")
+
+ts.addSSLfile("../tls/ssl/server.pem")
+ts.addSSLfile("../tls/ssl/server.key")
+
+ts.Disk.records_config.update({
+ 'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags': 'http',
+ 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.url_remap.remap_required': 1,
+ 'proxy.config.http.transaction_no_activity_timeout_in': 2,
+})
+
+ts.Disk.remap_config.AddLines([
+ 'map /case1 http://127.0.0.1:{0}'.format(Test.Variables.upstream_port1),
+ 'map /case2 http://127.0.0.1:{0}'.format(Test.Variables.upstream_port2),
+ 'map /case3 http://127.0.0.1:{0}'.format(Test.Variables.upstream_port3),
+ 'map /case4 http://127.0.0.1:{0}'.format(Test.Variables.upstream_port4),
+ 'map /case5 http://127.0.0.1:{0}'.format(Test.Variables.upstream_port5),
+ 'map /case6 http://127.0.0.1:{0}'.format(Test.Variables.upstream_port6),
+])
+
+ts.Disk.ssl_multicert_config.AddLine(
+ 'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+# Using netcat with explicit delays instead of the delay option with microserver because it appears
+# that microserver will not delay responses to POST requests
+# The delay-inactive-server.sh will deplay for 4 seconds before returning a response. This is more
+# than the 2 second proxy.config.http.transaction_no_activity_timeout_in
+# These tests exercise that the client inactivity timeout is disabled after the request and post body
+# are sent. So a slow to respond server will not trigger the client inactivity timeout.
+
+tr4 = Test.AddTestRun("tr")
+tr4.Processes.Default.StartBefore(ts, ready=When.PortOpen(ts.Variables.ssl_port))
+tr4.Setup.Copy('delay-inactive-server.sh')
+tr4.Setup.Copy('case-inactive4.sh')
+tr4.Processes.Default.ReturnCode = 0
+tr4.Processes.Default.Command = 'sh -x ./case-inactive4.sh {0} {1} case4'.format(
+ ts.Variables.ssl_port, Test.Variables.upstream_port4)
+tr4.Processes.Default.Streams.All = Testers.ContainsExpression("HTTP/2 200", "Should get successful response")
+
+tr = Test.AddTestRun("tr")
+tr.Setup.Copy('case-inactive1.sh')
+tr.Processes.Default.Command = 'sh -x ./case-inactive1.sh {0} {1} case1'.format(ts.Variables.port, Test.Variables.upstream_port1)
+tr.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+ "HTTP/1.1 200", "Client inactivity should not trigger during server stall")
+
+tr2 = Test.AddTestRun("tr")
+tr2.Setup.Copy('case-inactive2.sh')
+tr2.Processes.Default.Command = 'sh -x ./case-inactive2.sh {0} {1} case2'.format(
+ ts.Variables.ssl_port, Test.Variables.upstream_port2)
+tr2.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+ "HTTP/1.1 200", "Client inactivity should not trigger during server stall")
+
+tr3 = Test.AddTestRun("tr")
+tr3.Setup.Copy('case-inactive3.sh')
+tr3.Processes.Default.Command = 'sh -x ./case-inactive3.sh {0} {1} case3'.format(
+ ts.Variables.ssl_port, Test.Variables.upstream_port3)
+tr3.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+ "HTTP/2 200", "Client inactivity should not trigger during server stall")
+
+tr5 = Test.AddTestRun("tr")
+tr5.Setup.Copy('case-inactive5.sh')
+tr5.Processes.Default.Command = 'sh -x ./case-inactive5.sh {0} {1} case5'.format(ts.Variables.port, Test.Variables.upstream_port5)
+tr5.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+ "HTTP/1.1 200", "Client inactivity timeout should not apply during server stall")
+
+tr6 = Test.AddTestRun("tr")
+tr6.Setup.Copy('case-inactive6.sh')
+tr6.Processes.Default.Command = 'sh -x ./case-inactive6.sh {0} {1} case6'.format(
+ ts.Variables.ssl_port, Test.Variables.upstream_port6)
+tr6.Processes.Default.Streams.stdout = Testers.ContainsExpression(
+ "HTTP/1.1 200", "Client inactivity timeout should not apply during server stall")
[trafficserver] 01/02: Fix heap use after free in
DNSProcessor::getby() (#3871)
Posted by zw...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit d5da3a001db337088669bb14aa640b4d93dc7dc0
Author: Oknet <xu...@skyguard.com.cn>
AuthorDate: Fri Jan 29 07:05:38 2021 +0800
Fix heap use after free in DNSProcessor::getby() (#3871)
(cherry picked from commit e9ea6b086d673eabeb122dad4e79f439d3786497)
---
iocore/dns/DNS.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iocore/dns/DNS.cc b/iocore/dns/DNS.cc
index 986d16b..5d4f91a 100644
--- a/iocore/dns/DNS.cc
+++ b/iocore/dns/DNS.cc
@@ -1231,7 +1231,7 @@ DNSEntry::mainEvent(int event, Event *e)
} else {
Debug("dns", "adding first to collapsing queue");
dnsH->entries.enqueue(this);
- write_dns(dnsH);
+ dnsProcessor.thread->schedule_imm(dnsH);
}
return EVENT_DONE;
}