#define MAX_SESS_STKCTR 3
#endif
-// max # of extra stick-table data types that can be registred at runtime
+// max # of extra stick-table data types that can be registered at runtime
#ifndef STKTABLE_EXTRA_DATA_TYPES
#define STKTABLE_EXTRA_DATA_TYPES 0
#endif
#define RUNQUEUE_DEPTH 200
#endif
-// cookie delimitor in "prefix" mode. This character is inserted between the
+// cookie delimiter in "prefix" mode. This character is inserted between the
// persistence cookie and the original value. The '~' is allowed by RFC6265,
// and should not be too common in server names.
#ifndef COOKIE_DELIM
#define COOKIE_DELIM '~'
#endif
-// this delimitor is used between a server's name and a last visit date in
+// this delimiter is used between a server's name and a last visit date in
// cookies exchanged with the client.
#ifndef COOKIE_DELIM_DATE
#define COOKIE_DELIM_DATE '|'
* returns the number of bytes parsed on success, so the caller can set msg_state
* to HTTP_MSG_CHUNK_SIZE. If not enough data are available, the function does not
* change anything and returns zero. Otherwise it returns a negative value
- * indicating the error positionn relative to <stop>. Note: this function is
+ * indicating the error position relative to <stop>. Note: this function is
* designed to parse wrapped CRLF at the end of the buffer.
*/
static inline int h1_skip_chunk_crlf(const struct buffer *buf, int start, int stop)
* possible to maximize the delay before a collision of DTEs and data. In order
* to always insert from the right, we need to keep a reference to the latest
* inserted element and look before it. The last inserted cell's address defines
- * the lowest konwn address still in use, unless the area wraps in which case
+ * the lowest known address still in use, unless the area wraps in which case
* the available space lies between the end of the tail and the beginning of the
* head.
*
#include <common/ist.h>
/*
- * some macros mainly used when parsing header fileds.
+ * some macros mainly used when parsing header fields.
* from RFC7230:
* CTL = <any US-ASCII control character (octets 0 - 31) and DEL (127)>
* SEP = one of the 17 defined separators or SP or HT
* metadata (htx_blk) and the associated payload. Blocks' metadata are stored
* starting from the end of the array while their payload are stored at the
* beginning. Blocks' metadata are often simply called blocks. it is a misuse of
- * language that's simplify explainations.
+ * language that's simplify explanations.
*
*
* +-----+---------------+------------------------------+--------------+
* during parsing, from this start-line to the
* corresponding EOH. -1 if unknown */
- unsigned int len[3]; /* length of differnt parts of the start-line */
+ unsigned int len[3]; /* length of different parts of the start-line */
char l[0];
};
void htx_move_blk_before(struct htx *htx, struct htx_blk **blk, struct htx_blk **ref);
int htx_append_msg(struct htx *dst, const struct htx *src);
-/* Functions and macros to get parts of the start-line or legnth of these
+/* Functions and macros to get parts of the start-line or length of these
* parts. Request and response start-lines are both composed of 3 parts.
*/
#define HTX_SL_LEN(sl) ((sl)->len[0] + (sl)->len[1] + (sl)->len[2])
/* Returns the value of the block <blk>, depending on its type. If there is no
- * value (for end-of blocks), an empty one is retruned.
+ * value (for end-of blocks), an empty one is returned.
*/
static inline struct ist htx_get_blk_value(const struct htx *htx, const struct htx_blk *blk)
{
/* Removes <n> bytes from the beginning of DATA block <blk>. The block's start
* address and its length are adjusted, and the htx's total data count is
- * updated. This is used to mark that part of some data were transfered
+ * updated. This is used to mark that part of some data were transferred
* from a DATA block without removing this DATA block. No sanity check is
- * performed, the caller is reponsible for doing this exclusively on DATA
+ * performed, the caller is responsible for doing this exclusively on DATA
* blocks, and never removing more than the block's size.
*/
static inline void htx_cut_data_blk(struct htx *htx, struct htx_blk *blk, uint32_t n)
}
/*
- * looks for the first occurence of <chr> in string <ist> and returns a shorter
+ * looks for the first occurrence of <chr> in string <ist> and returns a shorter
* ist if char is found.
*/
static inline struct ist iststop(const struct ist ist, char chr)
* "cs" is the case sensitive flag. If cs is true, case sensitive is enabled.
* "cap" is capture flag. If cap if true the regex can capture into
* parenthesis strings.
- * "err" is the standar error message pointer.
+ * "err" is the standard error message pointer.
*
- * The function return 1 is succes case, else return 0 and err is filled.
+ * The function return 1 is success case, else return 0 and err is filled.
*/
struct my_regex *regex_comp(const char *str, int cs, int cap, char **err);
int exp_replace(char *dst, unsigned int dst_size, char *src, const char *str, const regmatch_t *matches);
/*
* converts <str> to two struct in_addr* which must be pre-allocated.
* The format is "addr[/mask]", where "addr" cannot be empty, and mask
- * is optionnal and either in the dotted or CIDR notation.
+ * is optional and either in the dotted or CIDR notation.
* Note: "addr" can also be a hostname. Returns 1 if OK, 0 if error.
*/
int str2net(const char *str, int resolve, struct in_addr *addr, struct in_addr *mask);
/*
* converts <str> to two struct in6_addr* which must be pre-allocated.
* The format is "addr[/mask]", where "addr" cannot be empty, and mask
- * is an optionnal number of bits (128 being the default).
+ * is an optional number of bits (128 being the default).
* Returns 1 if OK, 0 if error.
*/
int str62net(const char *str, struct in6_addr *addr, unsigned char *mask);
/* This function converts the time_t value <now> into a broken out struct tm
* which must be allocated by the caller. It is highly recommended to use this
- * function intead of localtime() because that one requires a time_t* which
+ * function instead of localtime() because that one requires a time_t* which
* is not always compatible with tv_sec depending on OS/hardware combinations.
*/
static inline void get_localtime(const time_t now, struct tm *tm)
/* This function converts the time_t value <now> into a broken out struct tm
* which must be allocated by the caller. It is highly recommended to use this
- * function intead of gmtime() because that one requires a time_t* which
+ * function instead of gmtime() because that one requires a time_t* which
* is not always compatible with tv_sec depending on OS/hardware combinations.
*/
static inline void get_gmtime(const time_t now, struct tm *tm)
* serves as a temporary origin. It's worth remembering that it's the first
* year of each period that is leap and not the last one, so for instance year
* 1 sees 366 days since year 0 was leap. For this reason we have to apply
- * modular arithmetics which is why we offset the year by 399 before
+ * modular arithmetic which is why we offset the year by 399 before
* subtracting the excess at the end. No overflow here before ~11.7 million
* years.
*/
/*
* Parse binary string written in hexadecimal (source) and store the decoded
- * result into binstr and set binstrlen to the lengh of binstr. Memory for
+ * result into binstr and set binstrlen to the length of binstr. Memory for
* binstr is allocated by the function. In case of error, returns 0 with an
* error message in err.
*/
char *localdate2str_log(char *dst, time_t t, struct tm *tm, size_t size);
/* These 3 functions parses date string and fills the
- * corresponding broken-down time in <tm>. In succes case,
+ * corresponding broken-down time in <tm>. In success case,
* it returns 1, otherwise, it returns 0.
*/
int parse_http_date(const char *date, int len, struct tm *tm);
/* removes environment variable <name> from the environment as found in
* environ. This is only provided as an alternative for systems without
* unsetenv() (old Solaris and AIX versions). THIS IS NOT THREAD SAFE.
- * The principle is to scan environ for each occurence of variable name
+ * The principle is to scan environ for each occurrence of variable name
* <name> and to replace the matching pointers with the last pointer of
* the array (since variables are not ordered).
* It always returns 0 (success).
if (local == XREF_BUSY)
continue;
- /* We are locked, the peer cant disapear, try to acquire
+ /* We are locked, the peer can't disappear, try to acquire
* the pper's lock. Note that remote can't be NULL.
*/
remote = _HA_ATOMIC_XCHG(&local->peer, XREF_BUSY);
case CO_ER_SSL_TIMEOUT: return "Timeout during SSL handshake";
case CO_ER_SSL_TOO_MANY: return "Too many SSL connections";
case CO_ER_SSL_NO_MEM: return "Out of memory when initializing an SSL connection";
- case CO_ER_SSL_RENEG: return "Rejected a client-initiated SSL renegociation attempt";
+ case CO_ER_SSL_RENEG: return "Rejected a client-initiated SSL renegotiation attempt";
case CO_ER_SSL_CA_FAIL: return "SSL client CA chain cannot be verified";
case CO_ER_SSL_CRT_FAIL: return "SSL client certificate not trusted";
case CO_ER_SSL_MISMATCH: return "Server presented an SSL certificate different from the configured one";
void fd_rm_from_fd_list(volatile struct fdlist *list, int fd, int off);
void updt_fd_polling(const int fd);
-/* Called from the poller to acknoledge we read an entry from the global
+/* Called from the poller to acknowledge we read an entry from the global
* update list, to remove our bit from the update_mask, and remove it from
* the list if we were the last one.
*/
/*
* Write a IP address to the log string
- * +X option write in hexadecimal notation, most signifant byte on the left
+ * +X option write in hexadecimal notation, most significant byte on the left
*/
char *lf_ip(char *dst, const struct sockaddr *sockaddr, size_t size, const struct logformat_node *node);
/*
* Write a port to the log
- * +X option write in hexadecimal notation, most signifant byte on the left
+ * +X option write in hexadecimal notation, most significant byte on the left
*/
char *lf_port(char *dst, const struct sockaddr *sockaddr, size_t size, const struct logformat_node *node);
}
/* This function executes a pattern match on a sample. It applies pattern <expr>
- * to sample <smp>. The function returns NULL if the sample dont match. It returns
+ * to sample <smp>. The function returns NULL if the sample don't match. It returns
* non-null if the sample match. If <fill> is true and the sample match, the
* function returns the matched pattern. In many cases, this pattern can be a
* static buffer.
update_freq_ctr(&fe->fe_req_per_sec, 1));
}
-/* Returns non-zero if the proxy is configured to retry a request if we got that status, 0 overwise */
+/* Returns non-zero if the proxy is configured to retry a request if we got that status, 0 otherwise */
static inline int l7_status_match(struct proxy *p, int status)
{
/* Just return 0 if no retry was configured for any status */
void srv_dump_kws(char **out);
/* Recomputes the server's eweight based on its state, uweight, the current time,
- * and the proxy's algorihtm. To be used after updating sv->uweight. The warmup
+ * and the proxy's algorithm. To be used after updating sv->uweight. The warmup
* state is automatically disabled if the time is elapsed.
*/
void server_recalc_eweight(struct server *sv, int must_update);
/* tries to send <nmsg> message parts (up to 8, ignored above) from message
- * array <msg> to sink <sink>. Formating according to the sink's preference is
+ * array <msg> to sink <sink>. Formatting according to the sink's preference is
* done here. Lost messages are accounted for in the sink's counter. If there
* were lost messages, an attempt is first made to indicate it.
*/
}
/* Allocate and initialize a new tasklet, local to the thread by default. The
- * caller may assing its tid if it wants to own the tasklet.
+ * caller may assign its tid if it wants to own the tasklet.
*/
static inline struct tasklet *tasklet_new(void)
{
return;
task_unlink_wq(t);
- /* We don't have to explicitely remove from the run queue.
+ /* We don't have to explicitly remove from the run queue.
* If we are in the runqueue, the test below will set t->process
* to NULL, and the task will be free'd when it'll be its turn
* to run.
* execution context. It contains a pointer to the associated task.
* "link" is a list head attached to an other task that must be wake
* the lua task if an event occurs. This is useful with external
- * events like TCP I/O or sleep functions. This funcion allocate
+ * events like TCP I/O or sleep functions. This function allocate
* memory for the signal.
*/
static inline struct notification *notification_new(struct list *purge, struct list *event, struct task *wakeup)
}
/* In some cases, the disconnected notifications must be cleared.
- * This function just release memory blocs. The purge list is not
+ * This function just release memory blocks. The purge list is not
* locked because it is owned by only one process. Before browsing
* this list, the caller must ensure to be the only one browser.
* The "com" is not locked because when com->task is NULL, the
/* Checks the next timer for the current thread by looking into its own timer
* list and the global one. It may return TICK_ETERNITY if no timer is present.
- * Note that the next timer might very well be slighly in the past.
+ * Note that the next timer might very well be slightly in the past.
*/
int next_timer_expiry();
* - init_per_thread : Initializes the filter for a proxy for a specific
* thread. Returns a negative value if an error
* occurs.
- * - deinit_per_thread : Cleans up what the init_per_thread funcion has
+ * - deinit_per_thread : Cleans up what the init_per_thread function has
* done.
*
*
* Returns a negative value if an error occurs, 0 if
* it needs to wait for some reason, any other value
* otherwise.
- * - http_reset : Called when the HTTP message is reseted. It happens
+ * - http_reset : Called when the HTTP message is reset. It happens
* either when a 100-continue response is received.
* that can be detected if s->txn->status is 10X, or
* if we're attempting a L7 retry.
*
* 2D-Array fields are used to store info per channel. The first index stands
* for the request channel, and the second one for the response channel.
- * Especially, <next> and <fwd> are offets representing amount of data that the
+ * Especially, <next> and <fwd> are offsets representing amount of data that the
* filter are, respectively, parsed and forwarded on a channel. Filters can
* access these values using FLT_NXT and FLT_FWD macros.
*/
* - FAIL : no mattern may ever match
*
* We assign values 0, 1 and 3 to FAIL, MISS and PASS respectively, so that we
- * can make use of standard arithmetics for the truth tables below :
+ * can make use of standard arithmetic for the truth tables below :
*
* x | !x x&y | F(0) | M(1) | P(3) x|y | F(0) | M(1) | P(3)
* ------+----- -----+------+------+----- -----+------+------+-----
/* possible flags for patterns matching or parsing */
enum {
PAT_MF_IGNORE_CASE = 1 << 0, /* ignore case */
- PAT_MF_NO_DNS = 1 << 1, /* dont perform any DNS requests */
+ PAT_MF_NO_DNS = 1 << 1, /* don't perform any DNS requests */
};
/* possible flags for patterns storage */
struct pattern_head *pat_head; /* Point to the pattern_head that contain manipulation functions.
* Note that this link point on compatible head but not on the real
* head. You can use only the function, and you must not use the
- * "head". Dont write "(struct pattern_expr *)any->pat_head->expr".
+ * "head". Don't write "(struct pattern_expr *)any->pat_head->expr".
*/
struct list patterns; /* list of acl_patterns */
struct eb_root pattern_tree; /* may be used for lookup in large datasets */
-/* max length of a protcol name, including trailing zero */
+/* max length of a protocol name, including trailing zero */
#define PROTO_NAME_LEN 16
/* This structure contains all information needed to easily handle a protocol.
# disabling the servers. Same thing, when we check that the servers are down
# before enabling the servers.
-# Cyclic barrier to synchonize the CLI with the syslog servers
+# Cyclic barrier to synchronize the CLI with the syslog servers
barrier b1 cond 5 -cyclic
# These servers are there only for the health-check test.
x-err-type: errors-1\r
\r
<html><body><h1>500 Internal Server Error</h1>
-An internal server error occured.
+An internal server error occurred.
</body></html>
x-err-type: default\r
\r
<html><body><h1>500 Internal Server Error</h1>
-An internal server error occured.
+An internal server error occurred.
</body></html>
-varnishtest "Test the custom erorrs for HTTP deny rules"
+varnishtest "Test the custom errors for HTTP deny rules"
#REQUIRE_VERSION=2.2
# This config tests the custom errors for HTTP deny rules.
end
end
end
- core.Info("#### Body recieved OK")
+ core.Info("#### Body received OK")
applet:send("250 OK\r\n")
if RecieveAndCheck(applet, "QUIT") == false then
# BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
#
# Some initializations must be done at the beginning of parse_spoe_flt to avoid
-# segmentaion fault when first errors are catched, when the "filter spoe" line is
+# segmentation fault when first errors are caught, when the "filter spoe" line is
# parsed.
#REGTEST_TYPE=bug
return 0;
}
-/* SSL_CTX_load_verify_locations substitute, internaly call X509_STORE_load_locations */
+/* SSL_CTX_load_verify_locations substitute, internally call X509_STORE_load_locations */
static int ssl_set_verify_locations_file(SSL_CTX *ctx, char *path)
{
X509_STORE *store_ctx = SSL_CTX_get_cert_store(ctx);
return NULL;
}
-/* Update the key into ref: if keysize doesnt
+/* Update the key into ref: if keysize doesn't
* match existing ones, this function returns -1
* else it returns 0 on success.
*/
if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
if (!(ctx->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
/* Long certificate chains optimz
- If write and read bios are differents, we
+ If write and read bios are different, we
consider that the buffering was activated,
so we rise the output buffer size from 4k
to 16k */
return;
/* First byte of the handshake message id the type of
- * message. The konwn types are:
+ * message. The known types are:
* - hello_request(0)
* - client_hello(1)
* - server_hello(2)
#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
/* This callback is used so that the server advertises the list of
- * negociable protocols for NPN.
+ * negotiable protocols for NPN.
*/
static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
unsigned int *len, void *arg)
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
/* This callback is used so that the server advertises the list of
- * negociable protocols for ALPN.
+ * negotiable protocols for ALPN.
*/
static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
unsigned char *outlen,
goto abort;
}
- /* extract/check clientHello informations */
+ /* extract/check clientHello information */
#ifdef OPENSSL_IS_BORINGSSL
if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
#else
/* Loads Diffie-Hellman parameter from a ckchs to an SSL_CTX.
- * If there is no DH paramater availaible in the ckchs, the global
+ * If there is no DH parameter available in the ckchs, the global
* DH parameter is loaded into the SSL_CTX and if there is no
* DH parameter available in ckchs nor in global, the default
* DH parameters are applied on the SSL_CTX.
const unsigned char *sid_data;
/* Session id is already stored in to key and session id is known
- * so we dont store it to keep size.
+ * so we don't store it to keep size.
* note: SSL_SESSION_set1_id is using
* a memcpy so we need to use a different pointer
* than sid_data or sid_ctx_data to avoid valgrind
#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
/* ASYNC engine API doesn't support moving read/write
* buffers. So we disable ASYNC mode right after
- * the handshake to avoid buffer oveflows.
+ * the handshake to avoid buffer overflow.
*/
if (global_ssl.async)
SSL_clear_mode(ctx->ssl, SSL_MODE_ASYNC);
return 1;
}
-/* used for ppv2 pkey alog (can be used for logging) */
+/* used for ppv2 pkey algo (can be used for logging) */
int ssl_sock_get_pkey_algo(struct connection *conn, struct buffer *out)
{
struct ssl_sock_ctx *ctx;
/* we need to initialize the SSL_CTX generated */
/* this iterate on the newly generated SNIs in the new instance to prepare their SSL_CTX */
list_for_each_entry_safe(sc0, sc0s, &new_inst->sni_ctx, by_ckch_inst) {
- if (!sc0->order) { /* we initiliazed only the first SSL_CTX because it's the same in the other sni_ctx's */
+ if (!sc0->order) { /* we initialized only the first SSL_CTX because it's the same in the other sni_ctx's */
errcode |= ssl_sock_prepare_ctx(ckchi->bind_conf, ckchi->ssl_conf, sc0->ctx, &err);
if (errcode & ERR_CODE)
goto error;
return cli_err(appctx, "Can't allocate memory\n");
if (!*args[3] || !payload)
- return cli_err(appctx, "'set ssl cert expects a filename and a certificat as a payload\n");
+ return cli_err(appctx, "'set ssl cert expects a filename and a certificate as a payload\n");
/* The operations on the CKCH architecture are locked so we can
* manipulate ckch_store and ckch_inst */
return 1;
}
-/* Arguements: AES size in bits, nonce, key, tag. The last three arguments are base64 encoded */
+/* Arguments: AES size in bits, nonce, key, tag. The last three arguments are base64 encoded */
static int sample_conv_aes_gcm_dec(const struct arg *arg_p, struct sample *smp, void *private)
{
struct sample nonce, key, aead_tag;
#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
{ "ciphersuites", ssl_bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
#endif
- { "crl-file", ssl_bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
+ { "crl-file", ssl_bind_parse_crl_file, 1 }, /* set certificate revocation list file use on client cert verify */
{ "curves", ssl_bind_parse_curves, 1 }, /* set SSL curve suite */
{ "ecdhe", ssl_bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
{ "no-ca-names", ssl_bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
{ "ciphersuites", bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
#endif
- { "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
+ { "crl-file", bind_parse_crl_file, 1 }, /* set certificate revocation list file use on client cert verify */
{ "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
- { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
+ { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth == 0 */
{ "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
{ "curves", bind_parse_curves, 1 }, /* set SSL curve suite */
{ "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
projects / thirdparty / haproxy.git / commitdiff
