Amos Jeffries [Thu, 5 Jun 2014 14:57:58 +0000 (07:57 -0700)]
SourceLayout: rename comm_err_t to Comm::Flag
Integration testing of rev.13443 revealed that there were two copies of
comm_err_t.h in the source code.
* Remove the unnecessary duplicate file.
* Shuffle the enum into Comm:: scope as 'Flag'.
* Reduce the enum value labels to drop the redundant prefix.
* Rename COMM_EOF to Comm::ENDFILE to avoid colliston with #define EOF
in system headers.
Amos Jeffries [Thu, 5 Jun 2014 08:28:20 +0000 (01:28 -0700)]
Update the Comm:: API for read(2)
... using an algorithm suggested by Alex Rousskov.
The code for Comm:: read operations is shuffled into comm/libcomm.la and
the files comm/Read.{h,cc} in symmetry with the current Comm::Write API.
The new API consists of:
* Comm::Read() which accepts the Comm::Connection pointer for the
socket to read on and an AsyncCall callback to be run when read is
ready. The Job is responsible for separately initiating read(2) or
alternative action when that callback is run.
* Comm::ReadNow() which accepts an SBuf buffer and a CommIoCbParams
initialized to contain the Comm::Connection pointer for the socket to
read on. TheCommIoCbParams will be filled out with result flag, xerrno,
and size.
This synchronously performs read(2) operations to append bytes to the
provided buffer. It returns a comm_err_t flag for use in determining how
to handle the results and signalling one of OK, INPROGRESS, ERROR, EOF
as having happened.
comm_read() API is retained for backward compatibility during the
transitional period. However it is now deprecated and scheduled for
removal ASAP. The SBuf overloaded variant is now removed.
* Comm::ReadCancel() - a renaming of the comm_read_cancel() AsyncCall
API. Other cancel API(s) are now deprecated and will be removed ASAP.
Code using comm_read_cancel() with AsyncCall may immediately switch to
this new API with no logic changes necessary even if they are not using
other new Comm API calls.
* Comm::MonitorsRead() - a renaming of comm_monitors_read() AsyncCall
API. comm_monitors_read() is now removed.
Other changes:
- the unused comm_has_pending_read_callback() API is erased.
- the IoCallback::buf2 mechanism previously used for SBuf read I/O is
erased.
- ConnStateData is converted to this new API for filling its SBuf I/O
buffer and for monitoring pinned connection closures.
- fde::readPending() converted to new Comm::MonitorsRead() API.
- Comm half-closed monitoring feature is also converted to this new API.
NP: one bug in ConnStateData handling of intercepted HTTPS traffic is
noted but not fixed in this patch.
Amos Jeffries [Wed, 4 Jun 2014 15:30:16 +0000 (08:30 -0700)]
Cross-compile: Add BUILDCXX and BUILDCXXFLAGS configure options
We have provided HOSTCXX for some time. However in the official cross
compilation terminology HOST is the output architecture. Renames to
BUILD to align with the official terminology of which machine the tools
it builds are run on.
Also, add a flags variable and document these as important variables in
./configure --help output
Amos Jeffries [Mon, 2 Jun 2014 11:49:56 +0000 (04:49 -0700)]
Cleanup: rewrite Http::One::Parser::getHeaderField() using Tokenizer
Fixes performance regression in SBuf usage.
Also, fixes one nasty bug where it would return the value of a line
containign the named header despite obs-fold and quoting. This was
particualarly bad as this method is used primarily to retrieve Host:
header before full aprsing of the mime block takes place.
The bug causes "foo.invalid" to be detected as hostname in:
GET / HTTP/1.1
Foo: bar="\r Host: fake.invalid\n "
Host: example.com
Alex Rousskov [Mon, 2 Jun 2014 05:26:17 +0000 (22:26 -0700)]
Do not leak ex_data for SSL state that survived reconfigure.
SSL_get_ex_new_index() allocates a new index on every call, even if its
parameters remain unchanged. It should be called once per process
lifetime.
Besides leaking, this 12 year-old(!) bug could probably make some SSL
code misbehave during reconfigure because reconfigure would change the
supposedly constant ex_data indexes.
Alex Rousskov [Mon, 2 Jun 2014 05:16:35 +0000 (22:16 -0700)]
Do not register the same Cache Manager action more than once
... to avoid wrong mgr:menu output and the impression of a reconfigure
memory leak.
The old code was comparing action object pointers, which could not work,
and was adding the same action on every reconfigure call for modules that
register with Cache Manager during [re]configuration.
We already have a working method for finding registered actions. Use it.
Amos Jeffries [Sun, 1 Jun 2014 11:53:02 +0000 (04:53 -0700)]
Update HTTP-version parsing with RFC 7230 octet magics
RFC 7230 replaces RFC 2616 and defines HTTP-version for HTTP/1 protocol
as having exact case-sensitive octets "HTTP/1." and a variable minor
version consisting of exactly one DIGIT.
This allows us to use magic-octet matching to detect the HTTP-version
field and remove slow matching logics for unknown version and HTTP major
version number (DIGIT '1').
Amos Jeffries [Sat, 31 May 2014 17:00:05 +0000 (10:00 -0700)]
Cleanup: de-duplicate auth_param program parameter code
Moves the "program" parse and dump code into Auth::Config.
Also, changes API to Auth::Config::dump() to not dump any config settings
for schemes which are not configured with a "program". Including scheme
specific settings.
Also, fixes missing Digest "utf8" parameter in config dump.
Move realm parse and config dump logics to Auth::Config base object.
This de-duplicates Basic, Digest (and future schemes ie Bearer) config
processing code. Also makes realm available to NTLM and Negotiate
schemes, although at present it remains unused by those schemes.
Also, convert the realm parameter string to an SBuf. Removing the need
for some memory maintenance code.
Amos Jeffries [Thu, 22 May 2014 06:04:05 +0000 (23:04 -0700)]
Cleanup: drop Auth::User::proxy_auth_list header cache
This list/cache was originally used to short-circuit auth helper lookups
based on previousy seen [Proxy-]Authorization header strings.
However, that permitted replay attacks in most auth schemes and has been
replaced by scheme-specific mechanisms:
* Basic and Digest credentials are cached in the global user name cache
wih additional nonce/password comparisons to verify located entries.
* NTLM and Negotiate credentials are cached in the ConnStateData with
exact-match comparison done to verify tokens.
After r13324 patch the SBuf argument of the ConnStateData::handleReadData member
is used only to check if ConnStateData::In::buf is correctly filled with read
data. ConnStateData::handleReadData considers that the data already written
in ConnStateData::in.buf and checks if the passed Sbuf argument is the
ConnStateData::in.buf:
The httpsSslBumpAccessCheckDone function needs to write the CONNECT request
generated internally to force tunnel mode, in ConnStateData::In::buf and then
call ConnStateData::handleReadData method.
Amos Jeffries [Tue, 20 May 2014 11:00:04 +0000 (04:00 -0700)]
Cleanup: drop parsedCount_ tracking
Now that parse() is receiving a buffer directly we no longer have to
track how many bytes have been consumed by the parse. It can be
calculated by comparing the current and original SBuf.
Amos Jeffries [Sun, 18 May 2014 10:36:05 +0000 (03:36 -0700)]
Fix infinite parse loop on partial request reads
parseHttpRequest() returns NULL on incomplete parse. This case was not
exiting the loop to parse multiple requests. As a result traffic would
only receive a response if the request headers were received entirely
within one read(2) event. Pipelined requests received over multiple hung.
Amos Jeffries [Thu, 15 May 2014 10:44:05 +0000 (03:44 -0700)]
Fix outstanding build issues and parser audit results
* Give SBuf I/O buffer directly to Http1::RequestParser
* Redesign parser state engine to represent the current state
being parsed instead of previous completed. This allows much
more incremental resume of a parse and reliable consume() of
the input buffer as sections complete instead of complex byte
accounting outide the parser.
* Maintain an internal counter of bytes parsed and consumed by
the parser instead of a buffer offset. This allows much more
reliable positioning of the state/section boundaries.
* Remove erroneous fprintf debug left in previous commit.
* Redesign HttpRequestMethod constructor to drop end parameter.
* Redesign all parser unit tests. Marking RFC non-compliance
for future fixing.
author: Alex Rousskov <rousskov@measurement-factory.com>
Avoid on-exit crashes when adaptation is enabled.
After trunk r13269 (Vector refactor) destroyed vector objects still have
positive item counts. This exposes use-after-delete bugs. In this particular
case, global adaptation rule/group/service arrays are destructed by global
destruction sequence first and then again by Adaptation::*::TheConfig objects
destructors.
This change avoiding static destruction order dependencies by storing those
global adaptation arrays on heap.
Alex Rousskov [Thu, 8 May 2014 22:43:01 +0000 (16:43 -0600)]
Temporary fix for segmentation faults in FwdState::serverClosed.
r13388 (cache_peer standby=N) moved noteUses() call from Comm to FwdState, to
avoid exposing Comm to pconn pools. Unfortunately, the closing handler does
not get a valid FD value when the closing callback shares the Connection
object with the code that called conn->close(). It gets -1. The FD of the
FwdState connection itself is already -1 at that point, for similar reasons.
The code thinks it got a matching FD and calls noteUses() with an invalid FD.
This temporary workaround prevents noteUses() calls when FD is unknown.
Without those calls, pconn usage statistics will be wrong. A different
long-term solution is needed.
Amos Jeffries [Wed, 7 May 2014 10:05:58 +0000 (03:05 -0700)]
Cleanup: Refactor external_acl_type format codes representation
Removes enum_external_acl_format::format_type from external_acl.cc
by replacing it with enum Format::ByteCode_t.
Several missing logformat codes related to URL display have been added
to the logformat token set for general use.
Several of the external ACL format codes have been added to
Format::ByteCode_t without equivalent logformat TokenTableEntry's at
this stage as both desirable token naming and access to the data to
produce them generically is unclear.
The external_acl_type parser is updated to accept logformat tokens
wherever an equivalent exists and map directly to the ByteCode_t values.
The mgr:config report dumper is also updated to output the logformat
tokens. But as yet the official deprecation has not been done in
squid.conf.
projects / thirdparty / squid.git / log
