You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bc...@apache.org on 2014/08/19 05:30:41 UTC
git commit: TS-2423: Add option for server sessions that use auth
headers that can be placed into the shared pool
Repository: trafficserver
Updated Branches:
refs/heads/master 4e2647c9e -> 802065570
TS-2423: Add option for server sessions that use auth headers that can
be placed into the shared pool
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/80206557
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/80206557
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/80206557
Branch: refs/heads/master
Commit: 8020655706f012ffe0daa7990ca7a75abeb5cb21
Parents: 4e2647c
Author: Bryan Call <bc...@apache.org>
Authored: Mon Aug 18 20:29:53 2014 -0700
Committer: Bryan Call <bc...@apache.org>
Committed: Mon Aug 18 20:29:53 2014 -0700
----------------------------------------------------------------------
CHANGES | 6 +++++-
mgmt/RecordsConfig.cc | 2 ++
proxy/http/HttpConfig.h | 3 ++-
proxy/http/HttpSM.cc | 5 +++--
4 files changed, 12 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/80206557/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index be539ef..9f73841 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,9 +1,13 @@
-*- coding: utf-8 -*-
Changes with Apache Traffic Server 5.1.0
+ *) [TS-2423] Add option for server sessions that use auth headers that can
+ be placed into the shared pool
+
*) [TS-2635] remove unused include <net/ppp_defs.h>
- *) [TS-3001] GlobalSign responds 403 when OCSP request posted without Host header
+ *) [TS-3001] GlobalSign responds 403 when OCSP request posted without Host
+ header
*) [TS-2722] authproxy: Eliminate the DNS lookup state, just use the client
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/80206557/mgmt/RecordsConfig.cc
----------------------------------------------------------------------
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
index d69724e..7aa6f80 100644
--- a/mgmt/RecordsConfig.cc
+++ b/mgmt/RecordsConfig.cc
@@ -460,6 +460,8 @@ RecordElement RecordsConfig[] = {
,
{RECT_CONFIG, "proxy.config.http.referer_default_redirect", RECD_STRING, "http://www.example.com/", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL}
,
+ {RECT_CONFIG, "proxy.config.http.auth_server_session_private", RECD_INT, "1", RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
+ ,
// ##############################
// # parent proxy configuration #
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/80206557/proxy/http/HttpConfig.h
----------------------------------------------------------------------
diff --git a/proxy/http/HttpConfig.h b/proxy/http/HttpConfig.h
index ae670f7..c465043 100644
--- a/proxy/http/HttpConfig.h
+++ b/proxy/http/HttpConfig.h
@@ -395,7 +395,7 @@ struct OverridableHttpConfigParams {
keep_alive_enabled_in(1), keep_alive_enabled_out(1), keep_alive_post_out(1),
server_session_sharing_match(TS_SERVER_SESSION_SHARING_MATCH_BOTH),
server_session_sharing_pool(TS_SERVER_SESSION_SHARING_POOL_THREAD),
- fwd_proxy_auth_to_parent(0), insert_age_in_response(1),
+ auth_server_session_private(1), fwd_proxy_auth_to_parent(0), insert_age_in_response(1),
anonymize_remove_from(0), anonymize_remove_referer(0), anonymize_remove_user_agent(0),
anonymize_remove_cookie(0), anonymize_remove_client_ip(0), anonymize_insert_client_ip(1),
proxy_response_server_enabled(1), proxy_response_hsts_max_age(-1), proxy_response_hsts_include_subdomains(0),
@@ -452,6 +452,7 @@ struct OverridableHttpConfigParams {
MgmtByte server_session_sharing_match;
MgmtByte server_session_sharing_pool;
// MgmtByte share_server_sessions;
+ MgmtByte auth_server_session_private;
MgmtByte fwd_proxy_auth_to_parent;
MgmtByte insert_age_in_response;
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/80206557/proxy/http/HttpSM.cc
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 7de3692..6b5ace8 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -5629,9 +5629,10 @@ HttpSM::setup_server_send_request()
hdr_length += server_entry->write_buffer->write(t_state.internal_msg_buffer, msg_len);
server_request_body_bytes = msg_len;
}
+
// If we are sending authorizations headers, mark the connection private
- if (t_state.hdr_info.server_request.presence(MIME_PRESENCE_AUTHORIZATION | MIME_PRESENCE_PROXY_AUTHORIZATION
- | MIME_PRESENCE_WWW_AUTHENTICATE)) {
+ if (t_state.txn_conf->auth_server_session_private == 1 &&
+ t_state.hdr_info.server_request.presence(MIME_PRESENCE_AUTHORIZATION | MIME_PRESENCE_PROXY_AUTHORIZATION | MIME_PRESENCE_WWW_AUTHENTICATE)) {
server_session->private_session = true;
DebugSM("http_ss", "Setting server session to private for authorization header");
}