Pick up many more master branch commits to 10.2.x#13224
Draft
cmcfarlen wants to merge 72 commits into
Draft
Conversation
Test 7 ('Get the log to rotate.') was calling MakeCurlCommandMulti on
test.tr (the test run from the TestLogRetention constructor) instead of
the newly created tr. This left the new test run with no process
defined, causing the test to fail with 'List came back empty.'
(cherry picked from commit 2ffe0ee)
Skip TLSv1/TLSv1.1 subtests when curl cannot negotiate those protocols. Adds a curl-based capability probe alongside the existing OpenSSL check. (cherry picked from commit 8def184)
* Add AuTest and Doc for DELETE method * Fix include path (cherry picked from commit 7cfb59b)
* First cut at a CoPilot review agent * Update .github/copilot-instructions.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update .github/instructions/HRW.instructions.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update .github/instructions/HRW.instructions.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update .github/copilot-instructions.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * More review changes Note that as far as I can figure, CoPilot does not support loading another file via e.g. @.claude/CLAUDE.md etc., so there will be a little bit of duplication here I think. * Update .github/copilot-instructions.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * More review changes --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> (cherry picked from commit 7182d46)
…pache#12894) (cherry picked from commit 0ad27f1)
The log-filenames AuTest can be flaky in CI when logs are directed to stdout or stderr. The startup message used by the assertion can be interleaved with other log output, so an exact match is brittle. Use an earlier and more stable startup marker from diagnostic logging: "logging.yaml finished loading". This still validates that diags content is emitted while avoiding the split-line failure mode. (cherry picked from commit dda4931)
Mark TS_MILESTONE_UA_BEGIN_WRITE in the SERVER_READ and SERVE_FROM_CACHE paths of handle_api_return(). Previously this milestone was only set in the API_SEND_RESPONSE_HDR hook path, which requires a plugin to hook TS_HTTP_SEND_RESPONSE_HDR_HOOK. Without plugins the milestone stayed at zero, causing msdms log fields that reference UA_BEGIN_WRITE (c_ttfb, o_proc, o_body, hit_proc, hit_xfer) to report -1. (cherry picked from commit 069d5a3)
* Guard engine.h include with HAVE_ENGINE_LOAD_DYNAMIC -- OpenSSL 3.5 removed the header entirely; only include it when cmake detected the ENGINE API is available. * Fix check_symbol_exists header path from "include/openssl/engine.h" to "openssl/engine.h" for consistency with all other OpenSSL checks. (cherry picked from commit d1ea858)
…pache#12900) * Add unmarshal_milestone_diff() which outputs "-" instead of "-1" when a milestone difference equals the -1 sentinel (milestone unset). Log parsers can now distinguish "0 ms" (valid timing) from "not applicable" without magic integer checks. * Wire MSDMS container to the new unmarshal function in LogField.cc instead of the generic unmarshal_int_to_str. * Only map the -1 sentinel to dash, not all negatives -- preserves debug info from reversed milestone pairs (end < start). (cherry picked from commit 3d73f1c)
(cherry picked from commit 37a801a)
…2934) validate_dependencies() incorrectly triggers on options that have default values but were not explicitly passed by the user. The root cause is that append_option_data() populates default values into the Arguments map before validate_dependencies() runs. When validate_dependencies() calls ret.get(key) for an option with a default, the lookup finds the entry and sets _is_called = true, making the option appear "used" even though the user never specified it on the command line. Fix by extracting the default-value loop into apply_option_defaults() and calling it after validate_dependencies() in parse(). (cherry picked from commit ba17b02)
The stats and cache inspector pages were removed in ATS 10 via PR apache#10710 but this was not documented in the upgrading guide. Users upgrading from 9.x would not know these features are gone. (cherry picked from commit 3d7310c)
…#12946) * Correct `compress` plugin `cache` option docs to match implementation: `cache true` stores transformed compressed responses, while `cache false` stores only untransformed responses. * Clarify that `Vary: Accept-Encoding` controls alternate cache keys by request header value, but stored body representation still depends on the `cache` option. * Update `sample.compress.config` comments so operator guidance matches runtime cache behavior. Fixes: apache#8989 (cherry picked from commit 4dd4c8c)
…pache#12917) * RecConfigOverrideFromEnvironment: return resolved value and override source Change the return type to std::pair<std::string, RecConfigOverrideSource> so callers know whether a record was overridden and by whom (ENV or RUNROOT). When runroot is active, return the actual Layout path (e.g. Layout::bindir) instead of the old nullptr which caused undefined behaviour when converted to std::string. Replace the RecConfigOverrideFromRunroot() strcmp chain with a constexpr lookup table mapping record names to Layout members. All three callers now log the override source at debug level. Preserve nullptr for built-in defaults that are intentionally unset. Adds records_runroot_precedence autest. (cherry picked from commit a39c1ae)
…ases (apache#12948) * Fix MMDB field paths: use nested "country","iso_code" instead of nonexistent flat "country_code", matching old GeoIP backend behavior * Auto-detect MMDB schema at load time to support both vendor (flat) and standard (nested) database layouts transparently * Fix null-after-delete dangling pointer in initLibrary * Add MMDB path validation unit test and test database generation Fixes: apache#11812 (cherry picked from commit 8548ca9)
…ID 1533658) (apache#12974) (cherry picked from commit 42c3079)
(cherry picked from commit 3b3650e)
Value-initialize FeatureView and time_point members that Coverity flagged as uninitialized: - Ex_HTTP.cc: value-init FeatureView in 3 extract functions (CID 1534699, 1534717, 1534727, 1534732, 1534738) - text_block.cc: value-init _last_modified member (CID 1644248) - Context.cc: value-init FeatureView in extract_view (cherry picked from commit e3fbff0)
apache#12977) Initialize fields flagged by Coverity: - CID 1497355: OperatorSetHttpCntl::_cntl_qual - CID 1644243: OperatorSetPluginCntl::_name - CID 1587255: TLSClientHelloSummary::protocol Also initialize OperatorSetPluginCntl::_value, add missing `TSError` logging for unknown plugin control names, and clarify these defaults are safety initializers overwritten during parsing/call setup. (cherry picked from commit 82a4e62)
Initialize members flagged by Coverity: - CID 1497424: `HttpTransact::_ResponseAction` (value-init `TSResponseAction`) - CID 1497385, CID 1497345: `ProxySession::accept_options` -> `nullptr` - CID 1021718: `FetchSM::callback_events` (value-init `TSFetchEvent`) - CID 1508857: `HTTPStatsConfig::cont` -> `nullptr` (cherry picked from commit 94ed147)
…che#12975) Fix Coverity high-severity "Uninitialized scalar variable" defects: - CID 1497238: `DiagsConfig::reconfigure_diags` (initialize loop index and booleans) - CID 1644237: `HttpConfig::load_server_session_sharing_match` (initialize value before session-sharing mask computation) - CID 1497363: `BaseMetaInfo` single-arg ctor (initialize `_creation_time` and `_log_object_signature` before `_read_from_file`) Also initialize `BaseMetaInfo::_filename` to `nullptr` for safety and constructor consistency. (cherry picked from commit df007ab)
Add CAP_CHOWN support to ATS privilege elevation path Retain `CAP_CHOWN` in the permitted capability set after privilege drop so plugins can set ownership on cert-related backup files (e.g. root:root 600 workflows). As with `CAP_DAC_OVERRIDE`, this remains permitted-only and must be explicitly raised to effective before use. Add `CHOWN_PRIVILEGE` (`0x10u`) to `ElevateAccess::privilege_level` and wire it through `acquirePrivilege()` so plugins can request ownership elevation via the standard ATS privilege API. Also fix the `acquirePrivilege()` bounds assertion to compare against array element count (not byte size). (cherry picked from commit eeb4600)
Add default member initializers using brace initialization: - AIO_Device: path, fd, id, buf, time_start, time_end, seq_reads, seq_writes, rand_reads, mode (CID 1523656) - StartDNS: is_callback (CID 1587260) - PluginDebugObject: input_ih, fail (CID 1497312) (cherry picked from commit 0e3357b)
Document that host_file.path is reevaluated on the periodic host file check interval (default 86400s), not on an immediate reload. Add a tip about temporarily lowering the interval for faster validation during testing. (cherry picked from commit 13cd1f1)
Add a setting to adjust the maximum PP header size The original hard coded size is too small if PP version2 is used and the header contains many TLV fields. This adds a new setting proxy.config.proxy_protocol.max_header_size to read a larger but limited amount of data to parse PP header. This also adds a quick check to detect whether PP header exists. The check avoids copying a large amount of data if PP is definitely unused. (cherry picked from commit 2021eda)
…he#13004) * Initialize previously uninitialized fields in HttpVCTableEntry, HostStatRec, ChunkedHandler, and TLSSNISupport::ClientHello so core HTTP/TLS paths start from deterministic state. * Initialize local variables in cache_fill and txn_box to eliminate undefined behavior flagged by Coverity. * Remove HttpVCTable memset and rely on proper member initialization to avoid non-portable initialization of pointer-to-member-function types. CIDs: 1021690, 1508845, 1533658, 1534712, 1544456, 1645800. (cherry picked from commit 9ca028f)
Add end-to-end autest for msdms milestone timing log fields. * New test sends a cacheable request twice (miss then hit) and validates all Phase 1 msdms fields in the log output. * Reusable verify_milestone_fields.py checks: all 16 fields present, values are integers with no epoch-length garbage, miss-path chain sums to c_ttfb within 2ms tolerance, and hit-path fields (hit_proc, hit_xfer) are non-negative. * Allow up to -10ms jitter on the dns field to handle millisecond-granularity overlap between SERVER_FIRST_CONNECT and CACHE_OPEN_READ_END. (cherry picked from commit b7db7b8)
Parallel autest runs can fail with worker exceptions that are not tied to a specific failed test. In CI that currently leaves only the summary counts, which makes the failure hard to diagnose. Print worker diagnostics whenever a worker reports exceptions or exits non-zero without attributing the problem to failed tests. Also accept plural summary keys while parsing autest output. Co-authored-by: bneradt <bneradt@yahooinc.com> (cherry picked from commit d81de6c)
* Handle SIGPIPE in ssl-delay-server to prevent helper death when a client disconnects during TLS handshake delay. * Retry accept() on EINTR under heavy parallel load instead of treating the interruption as a fatal error. * Fix accept() error check to use < 0 instead of <= 0 since fd 0 is a valid descriptor when stdin is closed. * Add cmdline matching fallback in check_threads.py for ASAN where the process CWD differs from expected ts_path. (cherry picked from commit ff31470)
The AIOCallback io_complete handler used a member variable, from_api, to determine whether to delete itself. The problem is that in the situation where in the course of processing the function `this` was already deleted, the use of the from_api variable was, by definition, a use after free. If built under ASan, this resulted in a use-after-free assertion. Concretely, we were seeing this in docs during cache stripe initialization after an unclean shutdown. If the on-disk cache directory was dirty, startup recovery scanned the data area, cleared directory entries for the uncertain range, and wrote the repaired directory back out. The temporary AIO callbacks for that recovery wrote live in StripeInitInfo. When the recovery write completion was delivered, StripeSM::handle_recover_write_dir() deleted StripeInitInfo, which destroyed the AIOCallback object whose AIOCallback::io_complete() frame was still returning. At that point, the use of from_api was a use after free. This snapshots the API-owned callback flag before dispatching the completion and uses that local value for the post-callback cleanup. This also adds a focused regression test for completion handlers that release the callback owner before AIOCallback::io_complete() returns. Introduced in apache#13027 (cherry picked from commit 8d4b7e7)
* Honor RECA_NO_ACCESS in record lookup RPC encoder (apache#75) The JSONRPC record-lookup handler serialized RecRecord values unconditionally, leaking current and default values for config records registered with RECA_NO_ACCESS to any caller able to reach the JSONRPC socket. Suppress the value fields in the YAML encoder for CONFIG records whose access_type is RECA_NO_ACCESS, while still emitting the type label and metadata so callers can see the record exists. Gate the check on REC_TYPE_IS_CONFIG since access_type lives in a union shared with stat_meta and must not be read for STAT records. Add a Catch2 unit test covering the default-access, no-access, and STAT union-safety cases. (cherry picked from commit e0d7e0a)
* mgmt/rpc: refuse RECA_READ_ONLY/RECA_NO_ACCESS writes set_config_records did not consult the registrant's access tier, so admin_config_set_records (and "traffic_ctl config set") accepted writes to records the registrant marked as protected. Read the record's access_type alongside the existing metadata, and refuse the write with an specific error code (RECORD_READ_ONLY / RECORD_NO_ACCESS) (cherry picked from commit 4b2ee86)
Coverity reports the AIO callback lifetime regression test as a leak and bad free because the test heap-allocates an owner object whose member callback is destroyed indirectly during completion. The runtime behavior is intentional, but the ownership pattern makes the regression test look invalid to static analysis. This updates the fixture so the owner has normal stack lifetime and owns the callback through a unique_ptr. The completion handler still destroys the callback before AIOCallback::io_complete() returns, preserving the lifetime coverage while making the allocation and free visible to analysis. (cherry picked from commit f0970ef)
(cherry picked from commit 0c052b1)
Regex remap targets could repeat valid substitution markers enough times to exceed the fixed substitution arrays, even when every marker referred to an allowed capture group. This rejects targets with more substitution markers than the parser can store and covers the boundary with remap parser unit tests. (cherry picked from commit 82605c6)
(cherry picked from commit 4d4086a)
The hdrtoken heap allocated in hdrtoken_init() leaves padding bytes between each token's null terminator and the next prefix slot uninitialized, since ink_strlcpy only writes strlen+1 bytes but heap_ptr advances by sstr_len (rounded up to sizeof(HdrTokenHeapPrefix)). Switch to ats_calloc so the padding bytes are zeroed. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> (cherry picked from commit e57901c)
* Add cache key hash logging field and public API Add 'ckh' log field that emits the base64-encoded cache key digest, and TSHttpTxnCacheKeyDigestGet() for plugin access to the raw hash bytes. Includes admin and API documentation. Co-Author: Craig Taylor * Address Copilot and bneradt review comments Set *length on all return paths in TSHttpTxnCacheKeyDigestGet(), and use base64.b64decode(validate=True) for stricter validation in the test verifier. Also switch the @param tags on TSHttpTxnCacheKeyDigestGet() to use [in]/[out]/[in,out] per AGENTS.md. (cherry picked from commit 0dc18dd)
PR apache#12921 (PP2_SUBTYPE_SSL_GROUP) was authored against pre-apache#13123 master where m_http_sm was accessible directly on LogAccess. On 10.2.x we already picked the LogData refactor (apache#13124, the 10.2.x-targeted twin of master's apache#13123), which moves transaction state behind m_data->get_pp_* getters. Rewrite the new marshal function to match the existing marshal_proxy_protocol_tls_cipher / _version pattern. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* Stabilize thread_config autest startup ordering -- gate check_threads on ATS port readiness to avoid validation races. * Stabilize post/slow_post autests -- add explicit origin readiness checks in post-early-return; accept microserver exception variant for Fedora 43. * Revert thread_config PortOpen change per review -- keep ATS startup gating on existing readiness behavior, move upstream readiness to server Ready fields. * Replace nc-based server with mock_origin.py -- server1.sh only accepts one TCP connection (consumed by readiness probe). mock_origin.py absorbs probes, sends configured response, and drains request data to prevent TCP RST / 502. * Remove unused server1.sh replaced by mock_origin.py (cherry picked from commit a1ac1db)
…13000) Use explicit brace initialization for pointer, scalar, and zlib state members so construction starts from a defined state. Initialize local Feature values in txn_box to NIL_FEATURE. Remove unused tls_server_connection member from SSLConfigParams. CIDs: 1295339, 1521595, 1521596, 1533662, 1534699, 1534717, 1534727, 1534732, 1534738, 1587251, 1644248. (cherry picked from commit 070e3d4)
* add mstsms log field, slow log as a csv field * removed call from marshal_len since special expansion not needed * removal of more uncessary log reroutes * remove final mstsms container reference --------- Co-authored-by: Brian Olsen <bolsen149@comcast.com> (cherry picked from commit ddc7c23)
This switches the migrated gold tests from condwait file polling to AddAwaitFileContainsTestRun so they wait for stable log content rather than raw file creation. This also: - Makes the await helper safe for regex needles - Cleans up stale condwait path leftovers from earlier migrations. (cherry picked from commit 064014b)
Move the replay-friendly headers gold tests to ATSReplayTest wrappers and describe their ATS, origin, and client setup in replay YAML. This keeps the cache, range, redirect, HSTS, and alternate handling coverage while making the tests easier to read and maintain, and removes the old gold files left orphaned by the conversion. (cherry picked from commit 49cb7c8)
This switches the bundled RAT tool to the official 0.17 release and updates the rat target to use the new exclude-file CLI. This rewrites the exclusion list for RAT 0.17 path matching so the existing ignored inputs still stay out of the report. It also excludes huge_resp_hdrs.conf because RAT 0.17 misclassifies that fixture as an unknown file type despite its ASF header. Co-authored-by: bneradt <bneradt@yahooinc.com> (cherry picked from commit edb548b)
ESI streaming gunzip can receive valid gzip chunks that consume input without producing output, such as an initial header-only chunk. Those chunks currently emit a `buf below zero` error even though the stream continues successfully, which creates noisy Traffic Server logs. This treats zero-output progress as normal streaming inflate behavior and reserves error logging for actual zlib failures. It also extends the ESI gzip unit test support to capture error logs and covers the header-only chunk case. (cherry picked from commit 8af35fd)
The alternate-HttpSM access log entries have more opportunities for use than just pre-HttpSM state machine uses. There may be uses for it, for instance, to log TLS handshake issues, for instance. Thus the old pre-transaction terminology was too narrow. This renames the exceptional carrier to NonHttpSmLogData, documents that normal transaction logs should still use HttpSM-backed data, and updates the protocol logging path and tests to use the new terminology. (cherry picked from commit afcf8d0)
…pache#13195) * cripts: shrink Context from 3408 to 1920 bytes, expand data[] to 16 Pimpl Url::Path and Url::Query state behind unique_ptr so the heavy vector/unordered_map/cripts::string members only allocate when a script actually decomposes the path or query. Lazy-allocate Pristine, Parent, and Remap From/To URLs in _UrlBlock — they're rarely all touched, and the embedded 384-byte Url objects dominated the per-txn cost. Pimpl Error::Reason for the same reason. Drop the unused INET6_ADDRSTRLEN buffer in detail::ConnBase. Make cripts::Url's destructor virtual now that we delete via unique_ptr. Bump CONTEXT_DATA_SLOTS from 4 to 16 so scripts have room to stash more per-txn state — the 384-byte cost sits inside the budget freed by the URL/Connection cuts. * Address Copilot's review comments Bounds-check Path::Erase to avoid dereferencing a null _owner when ix is out of range — operator[] returns a default-constructed String in that case, and the subsequent p.operator=("") would then crash inside String::operator=. (cherry picked from commit 464c613)
Some OpenSSL builds expose certificate-compression preference APIs while disabling the built-in compression algorithms. In that shape, ATS reported cert compression support based on API availability even though configured algorithms could not actually run. This reports certificate-compression support from the algorithms ATS can use in the selected OpenSSL API path, and skips the callback-only AuTest unless callbacks are available. This also makes the supported algorithm table contain only usable entries, so configuration fails cleanly when an unavailable algorithm is requested. (cherry picked from commit 48af5b6)
This adds proxy.config.ssl.client.CA.cert.filename, the client CA certificate path, to the overridable config. Co-authored-by: bneradt <bneradt@yahooinc.com> (cherry picked from commit c660866)
PR apache#13088 (TLS Certificate Compression) was authored against post-apache#12755 master where ssl_multicert.yaml replaced ssl_multicert.config. 10.2.x intentionally omits that Incompatible migration, so ts.Disk has no ssl_multicert_yaml attribute. Translate the two YAML blocks back to the single-line legacy ssl_multicert.config syntax used by every other tls gold test on 10.2.x. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR is a large backport bundle intended to “pick up many more master branch commits to 10.2.x”, primarily to validate compatibility via CI. It includes a wide mix of core runtime changes (networking, TLS, logging, cache/HostDB, records), plugin fixes, build/test tooling updates, and many gold test refactors to ATS replay/await-style helpers.
Changes:
- Add/extend core features and fixes across TLS (cert compression, CA path overrides), PROXY protocol (configurable max header size + new TLV fields), logging (new fields, non-HttpSM logging path), and HostDB/cache behavior.
- Refactor and expand tests (many conversions to
ATSReplayTestandAddAwaitFileContainsTestRun, plus new replay YAML coverage). - Update build/tooling and CMake integration (OpenSSL/quiche/ngtcp2 versions, new test/benchmark targets, RAT config changes, sanitizer suppressions).
Reviewed changes
Copilot reviewed 267 out of 271 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| tools/build_openssl_h3_tools.sh | Update QUIC/OpenSSL/quiche/ngtcp2/nghttp* and curl build versions; minor script robustness. |
| tools/benchmark/CMakeLists.txt | Add HostDB benchmark target in tools/benchmark. |
| tools/benchmark/benchmark_HostDB.cc | Initialize is_callback with a safe default. |
| tests/gold_tests/tls/tls_verify_ca_override.test.py | Refactor remap params; test both CA path and filename overrides. |
| tests/gold_tests/tls/tls_sni_host_policy.test.py | Replace condwait with await-file-contains helper for error.log validation. |
| tests/gold_tests/tls/tls_client_versions.test.py | Gate TLSv1 curl runs on runtime curl TLS capability. |
| tests/gold_tests/tls/tls_client_versions_minmax.test.py | Gate TLSv1/TLSv1.1 curl runs on runtime curl TLS capability. |
| tests/gold_tests/tls/replay/tls_cert_compression.replay.yaml | Convert legacy shell replay to structured ATS replay YAML. |
| tests/gold_tests/timeout/ssl-delay-server.cc | Ignore SIGPIPE; improve accept() errno handling and EINTR retry. |
| tests/gold_tests/thread_config/check_threads.py | Improve ATS process matching for ASAN environments (cwd vs cmdline). |
| tests/gold_tests/slow_post/server_abort.test.py | Loosen stderr expectation to accept alternate exception output. |
| tests/gold_tests/proxy_protocol/proxy_protocol.test.py | Replace condwait with await-file-contains for access log readiness. |
| tests/gold_tests/post/post-early-return.test.py | Replace custom bash servers with mock_origin.py; add readiness checks. |
| tests/gold_tests/pluginTest/slice/slice_prefetch.test.py | Replace condwait with await-file-contains for cache log completion. |
| tests/gold_tests/pluginTest/slice/slice_long_etag.test.py | New gold test covering long ETag handling via replay YAML. |
| tests/gold_tests/pluginTest/slice/slice_ident.test.py | Remove unused condwait path; rely on await helper. |
| tests/gold_tests/pluginTest/slice/slice_crr_ident.test.py | Remove unused condwait path; rely on await helper. |
| tests/gold_tests/pluginTest/prefetch/prefetch_cmcd.test.py | Remove unused condwait path; rely on await helper. |
| tests/gold_tests/pluginTest/money_trace/money_trace.test.py | Replace condwait with await-file-contains for final remap log line. |
| tests/gold_tests/pluginTest/money_trace/money_trace_global.test.py | Replace condwait with await-file-contains for final global log line. |
| tests/gold_tests/logging/sigusr2_rotate_diags.sh | New helper script to validate diags.log rotation via SIGUSR2. |
| tests/gold_tests/logging/pqsi-pqsp.test.py | Await sentinel log output instead of file existence. |
| tests/gold_tests/logging/new_log_flds.test.py | Await final log output instead of file existence. |
| tests/gold_tests/logging/log-filter.test.py | Await expected filtered log lines instead of file existence. |
| tests/gold_tests/logging/log-filenames.test.py | Await sentinel entries; update diags expectation string. |
| tests/gold_tests/logging/log-field.test.py | Await expected field-test log lines instead of file existence. |
| tests/gold_tests/logging/log-field-json.test.py | Await expected JSON log lines instead of file existence. |
| tests/gold_tests/logging/log_retention.test.py | Fix incorrect MakeCurlCommandMulti invocation target variable. |
| tests/gold_tests/logging/custom-log.test.py | Await expected custom log lines instead of file existence. |
| tests/gold_tests/ip_allow/replay/ip_allow_subjects_valid.replay.yaml | New replay coverage for max ACL subjects “valid” configuration. |
| tests/gold_tests/ip_allow/replay/ip_allow_subjects_overflow.replay.yaml | New replay coverage for ACL subjects overflow logging behavior. |
| tests/gold_tests/ip_allow/ip_allow_subjects.test.py | New wrapper test running both ACL subjects replay scenarios. |
| tests/gold_tests/headers/rewrite_rules/header_rewrite_rules_308.conf | New rewrite rule fixture for redirect status 308. |
| tests/gold_tests/headers/rewrite_rules/header_rewrite_rules_307.conf | New rewrite rule fixture for redirect status 307. |
| tests/gold_tests/headers/rewrite_rules/header_rewrite_rules_302.conf | New rewrite rule fixture for redirect status 302. |
| tests/gold_tests/headers/rewrite_rules/header_rewrite_rules_301.conf | New rewrite rule fixture for redirect status 301. |
| tests/gold_tests/headers/rewrite_rules/header_rewrite_rules_0.conf | New rewrite rule fixture for redirect “0” status behavior. |
| tests/gold_tests/headers/replays/normalized_ae_varied_transactions.replay.yaml | Add autest config and remaps for Accept-Encoding normalization coverage. |
| tests/gold_tests/headers/replays/invalid_range_request.replay.yaml | Add autest config; assert 416 proxy response expectations. |
| tests/gold_tests/headers/replays/cache-test.replay.yaml | Add autest config for cached duplicate header revalidation coverage. |
| tests/gold_tests/headers/maps.reg | New remap regex fixture returning 304. |
| tests/gold_tests/headers/invalid_range_header.test.py | Simplify to ATS replay-driven test; adjust summary text. |
| tests/gold_tests/headers/hsts.test.py | Convert to ATS replay-driven test; fix summary wording. |
| tests/gold_tests/headers/gold/range-416.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/range-206.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/range-206-revalidated.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/range-200.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/http2_304.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/http1_304.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/accept_webp.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/accept_webp_jpeg.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/gold/accept_webp_cache.gold | Remove obsolete gold output file. |
| tests/gold_tests/headers/cachedDuplicateHeaders.test.py | Simplify to ATS replay-driven test; update summary. |
| tests/gold_tests/h2/httpbin.test.py | Await POST access log entry instead of file existence. |
| tests/gold_tests/dns/dns_host_down.test.py | Await mark-down error.log entry using await helper. |
| tests/gold_tests/connect/connect.test.py | Await CONNECT access log entry using await helper. |
| tests/gold_tests/connect_down_policy/connect_down_policy.test.py | Await mark-down logging using await helper. |
| tests/gold_tests/chunked_encoding/chunked_encoding.test.py | Add replay test for large chunked origin response. |
| tests/gold_tests/cache/cache-request-method.test.py | Add replay test for DELETE invalidation behavior. |
| tests/gold_tests/cache/cache-heuristic-status.test.py | New replay-driven heuristic status caching test (RFC 9110). |
| tests/gold_tests/autest-site/when.test.ext | Reduce verbosity of await helper command output. |
| tests/gold_tests/autest-site/conditions.test.ext | Add HasCurlTLSVersionSupport condition and register it. |
| tests/gold_tests/autest-site/ats_replay.test.ext | Extend replay ATS config support for TLS, sni.yaml, and process_config usage. |
| src/tscore/unit_tests/test_ArgParser.cc | Add ArgParser unit tests for case-sensitive short options and defaults/deps behavior. |
| src/tscore/ink_cap.cc | Add CAP_CHOWN handling and broaden capability list accordingly. |
| src/tscore/HashFNV.cc | Modernize constructors; use class static init constants for clear(). |
| src/tscore/ArgParser.cc | Apply option defaults after dependency validation; add helper function. |
| src/traffic_layout/info.cc | Surface cert compression build features in traffic_layout output. |
| src/records/RecYAMLDecoder.cc | Track and log override source for env/runroot overrides. |
| src/records/RecordsConfigUtils.cc | Preserve nullptr defaults and log override source with more fidelity. |
| src/records/RecordsConfig.cc | Add cert compression algorithm records; add proxy protocol max header size record. |
| src/proxy/shared/DiagsConfig.cc | Initialize locals defensively to avoid uninitialized use. |
| src/proxy/ProxyTransaction.cc | Rename and re-target non-HttpSM logging helper/data type. |
| src/proxy/ProtocolProbeSessionAccept.cc | Use configurable PROXY protocol max header size when detecting headers. |
| src/proxy/ParentConsistentHash.cc | Remove unused zeroing and simplify primary hash initialization. |
| src/proxy/logging/unit-tests/test_LogAccess.cc | Update unit tests for NonHttpSmLogData rename and semantics. |
| src/proxy/logging/LogField.cc | Use milestone-diff unmarshal function for milestone diff fields. |
| src/proxy/logging/Log.cc | Add new log fields: cache key hash, milestones CSV, proxy-protocol TLS group. |
| src/proxy/IPAllow.cc | Fix subject parsing substring length; stop parsing after MAX_SUBJECTS overflow. |
| src/proxy/http3/Http3HeaderVIOAdaptor.cc | Use non-HttpSM logging on malformed HTTP/3 header decode. |
| src/proxy/http3/Http3Frame.cc | Zero-initialize frame type buffer. |
| src/proxy/http2/Http2ConnectionState.cc | Use non-HttpSM logging on malformed HTTP/2 header decode. |
| src/proxy/http/remap/unit-tests/test_RemapRules.cc | Add unit test coverage for regex substitution marker limits. |
| src/proxy/http/remap/unit-tests/test_NextHopRoundRobin.cc | Add unit test for failCount saturation behavior. |
| src/proxy/http/remap/unit-tests/plugin_testing_common.h | Fix typos and initialize members safely. |
| src/proxy/http/remap/RemapConfig.cc | Enforce maximum regex substitution markers and fail parse when exceeded. |
| src/proxy/http/remap/NextHopHealthStatus.cc | Prevent failCount overflow; fix formatting for uint32 values. |
| src/proxy/http/PreWarmManager.cc | Pass SSL client CA cert path override into NetVC options. |
| src/proxy/http/HttpVCTable.cc | Simplify constructor; rely on member default initialization. |
| src/proxy/http/HttpTransact.cc | Expand heuristic cacheable status codes (e.g., 204, 308). |
| src/proxy/http/HttpSM.cc | Add milestone marks; rename hostdb “alive/up” probes; propagate CA cert path; misc state cleanup. |
| src/proxy/http/HttpProxyServerMain.cc | Free acceptors and plugin accept objects during shutdown. |
| src/proxy/http/HttpConfig.cc | Add pp_hdr_max_size config plumbing and init safety. |
| src/proxy/hdrs/HdrToken.cc | Use zeroed allocation for token string heap. |
| src/mgmt/rpc/handlers/hostdb/HostDB.cc | Use new HostDB info accessors for last failure / fail count. |
| src/mgmt/rpc/handlers/common/RecordsUtils.h | Add record RPC errors for read-only/no-access records. |
| src/mgmt/rpc/handlers/common/RecordsUtils.cc | Provide error messages for new record RPC error codes. |
| src/mgmt/rpc/handlers/common/convert.h | Withhold values for RECA_NO_ACCESS records while still emitting type labels. |
| src/mgmt/rpc/CMakeLists.txt | Add YAML record unit test target to management RPC tests. |
| src/iocore/net/UnixNetProcessor.cc | Ensure acceptors are deleted and vector cleared on stop_accept(). |
| src/iocore/net/unit_tests/test_ProxyProtocol.cc | Update v2 header lengths; add TLV SSL group coverage. |
| src/iocore/net/TLSCertCompression.h | New TLS cert compression API and uncompressed length limit constant. |
| src/iocore/net/TLSCertCompression_zstd.h | New zstd cert compression/decompression declarations. |
| src/iocore/net/TLSCertCompression_zlib.h | New zlib cert compression/decompression declarations. |
| src/iocore/net/TLSCertCompression_zlib.cc | Implement zlib cert compression/decompression with stats. |
| src/iocore/net/TLSCertCompression_brotli.h | New brotli cert compression/decompression declarations. |
| src/iocore/net/TLSCertCompression_brotli.cc | Implement brotli cert compression/decompression with stats. |
| src/iocore/net/SSLUtils.cc | Enable server cert compression during SSL_CTX initialization; guard engine include. |
| src/iocore/net/SSLStats.h | Add counters for cert compression/decompression outcomes. |
| src/iocore/net/SSLStats.cc | Register new cert compression/decompression counters. |
| src/iocore/net/SSLSessionCache.cc | Free origin session cache nodes and map entries in destructor. |
| src/iocore/net/SSLNetVConnection.cc | Resolve CA cert path overrides for outbound client contexts. |
| src/iocore/net/SSLConfig.cc | Add cert compression records; fix origin session cache init; BIO cleanup flag handling. |
| src/iocore/net/SSLClientUtils.cc | Enable client cert compression preferences based on config. |
| src/iocore/net/ProxyProtocol.cc | Add detect helper; add SSL group TLV accessor; adjust logging and parse behavior. |
| src/iocore/net/P_SSLNetVConnection.h | Remove unused protocol mask fields. |
| src/iocore/net/P_SSLConfig.h | Initialize SSL config ints; add cert compression algorithm strings; remove unused bool. |
| src/iocore/net/NetVConnection.cc | Update has_proxy_protocol signature and add preface detection. |
| src/iocore/net/CMakeLists.txt | Add TLS cert compression sources and link brotli/zstd as needed. |
| src/iocore/hostdb/unit_tests/CMakeLists.txt | New HostDB unit test subdirectory and targets. |
| src/iocore/hostdb/HostDB.cc | Update HostDB selection logic to use “down/up” semantics. |
| src/iocore/hostdb/CMakeLists.txt | Move HostDB tests/benchmarks into unit_tests subdirectory. |
| src/iocore/cache/CacheVC.h | Reserve the bitfield slot for unused open-read timeout for layout stability. |
| src/iocore/cache/CacheDir.cc | Parallelize shutdown cache-dir sync per disk; remove open_read_timeout flag handling. |
| src/iocore/aio/test_AIO.cc | Initialize AIO_Device members; simplify ctor and handler setup. |
| src/iocore/aio/CMakeLists.txt | Add test_AIOCallback unit test target. |
| src/iocore/aio/AIO.cc | Fix potential UAF by caching delete decision; remove unused index; adjust from_ts_api lifetime behavior. |
| src/cripts/Error.cc | Ensure _reason is allocated before use after converting to unique_ptr. |
| src/cripts/Context.cc | Reset URL objects by releasing unique_ptr-backed lazy URL state. |
| plugins/slice/slice.cc | Use RAII for effective URL string; avoid manual TSfree. |
| plugins/slice/server.cc | Prevent ETag/Last-Modified buffer overflow; null-terminate copied values. |
| plugins/origin_server_auth/origin_server_auth.cc | Add ConfigCache destructor to free cached configs. |
| plugins/header_rewrite/resources.h | Initialize geo handle pointer in Resources. |
| plugins/header_rewrite/operators.h | Initialize members to safe defaults; document overwritten semantics. |
| plugins/header_rewrite/operators.cc | Emit error for unknown plugin control names. |
| plugins/header_rewrite/conditions.h | Thread geo_handle through geo condition methods. |
| plugins/header_rewrite/conditions.cc | Pass geo handle in GEO() evaluation/appending path. |
| plugins/header_rewrite/conditions_geo.h | Change initLibrary to return a handle; update geo lookup APIs accordingly. |
| plugins/header_rewrite/CMakeLists.txt | Improve maxmind test setup: compile defs, optional Python-generated MMDB fixtures. |
| plugins/experimental/txn_box/plugin/src/text_block.cc | Initialize time_point; ensure NIL feature sentinel used consistently. |
| plugins/experimental/txn_box/plugin/src/Ex_Base.cc | Ensure NIL feature sentinel used consistently. |
| plugins/experimental/txn_box/plugin/src/Context.cc | Default-initialize FeatureView variable. |
| plugins/experimental/stale_response/stale_response.h | Free dynamically allocated log filename; include <cstdlib>. |
| plugins/experimental/ja4_fingerprint/ja4.h | Initialize protocol field; clarify overwritten-by-caller semantics. |
| plugins/experimental/http_stats/http_stats.cc | Initialize TSCont and guard TSContDestroy in destructor. |
| plugins/experimental/cache_fill/configs.cc | Fix Content-Length “>” operator handling; initialize op. |
| plugins/esi/test/print_funcs.cc | Add fake error log capture for tests. |
| plugins/esi/test/gzip_test.cc | Add regression test ensuring streaming gunzip doesn’t log errors for empty-output chunks. |
| plugins/esi/lib/EsiGzip.h | Default ctor; initialize members and z_stream. |
| plugins/esi/lib/EsiGzip.cc | Remove redundant ctor impl after default-init conversion. |
| plugins/esi/lib/EsiGunzip.h | Default ctor; initialize members and z_stream. |
| plugins/esi/lib/EsiGunzip.cc | Avoid logging on no-output chunks; tighten streaming inflate loop behavior. |
| plugins/compress/sample.compress.config | Clarify cache option semantics with Vary: Accept-Encoding. |
| include/tscpp/api/InterceptPlugin.h | Initialize private state pointer. |
| include/tscpp/api/AsyncTimer.h | Initialize private state pointer. |
| include/tscore/ink_config.h.cmake.in | Add OpenSSL cert compression capability feature toggles. |
| include/tscore/ink_cap.h | Add CHOWN_PRIVILEGE; clarify owner privilege semantics. |
| include/tscore/ink_aiocb.h | Remove unused aio_state padding fields. |
| include/tscore/HashFNV.h | Add static init constants; default-init hash state. |
| include/tscore/BaseLogFile.h | Default-init BaseMetaInfo members; simplify ctor initialization. |
| include/tscore/ArgParser.h | Declare apply_option_defaults helper. |
| include/ts/ts.h | Add TS API to obtain cache key digest bytes for a txn. |
| include/ts/apidefs.h.in | Add overridable config key for SSL client CA cert path. |
| include/records/RecCore.h | Change env/runroot override API to return value + source enum. |
| include/proxy/ProxyTransaction.h | Rename non-HttpSM access logging helper and update docs. |
| include/proxy/ProxySession.h | Initialize accept_options pointer to nullptr. |
| include/proxy/ParentConsistentHash.h | Remove unused foundParents array member. |
| include/proxy/NonHttpSmLogData.h | Rename and expand documentation for non-HttpSM access-log data holder. |
| include/proxy/Milestones.h | Treat missing start milestone as missing diff (avoid misleading 0-based diff). |
| include/proxy/logging/TransactionLogData.h | Support non-HttpSM data path; add cache key hash getter for logging. |
| include/proxy/logging/LogBuffer.h | Simplify LogBufferIterator ctor; remove unused network-order flag. |
| include/proxy/logging/LogAccess.h | Add new marshal/unmarshal hooks and fields (cache key hash, milestones CSV, TLS group). |
| include/proxy/logging/Log.h | Update API example text for generalized TransactionLogData sources. |
| include/proxy/http/OverridableConfigDefs.h | Add SSL client CA cert path as overridable config. |
| include/proxy/http/HttpVCTable.h | Default-initialize HttpVCTableEntry members. |
| include/proxy/http/HttpTunnel.h | Default-init max_chunk_size to DEFAULT_MAX_CHUNK_SIZE. |
| include/proxy/http/HttpTransact.h | Default-init ResponseAction members. |
| include/proxy/http/HttpSM.h | Remove unused members; simplify/modernize state variables. |
| include/proxy/http/HttpConfig.h | Add ssl_client_ca_cert_path and pp_hdr_max_size config storage. |
| include/proxy/http/HttpCacheSM.h | Expose cache key accessor for logging fields. |
| include/proxy/http/Http1ServerTransaction.h | Remove unused outbound_transparent member. |
| include/proxy/http/Http1ClientTransaction.h | Remove unused outbound_transparent member. |
| include/proxy/http/ConnectingEntry.h | Remove unused NetVCOptions member. |
| include/proxy/HostStatus.h | Default-initialize HostStatRec members. |
| include/proxy/hdrs/HdrHeap.h | Default-initialize available heap size. |
| include/proxy/FetchSM.h | Default-initialize callback event enum field. |
| include/iocore/net/TLSSNISupport.h | Default-initialize extension length member. |
| include/iocore/net/TLSEventSupport.h | Default-initialize SSL* pointer. |
| include/iocore/net/SSLMultiCertConfigLoader.h | Declare cert compression enable hook. |
| include/iocore/net/quic/QUICTypes.h | Default-initialize several QUIC structs/pointers for safety. |
| include/iocore/net/quic/QUICTransferProgressProvider.h | Default-initialize adapter pointer. |
| include/iocore/net/ProxyProtocol.h | Add TLV subtype for SSL group; declare detect helper and accessor. |
| include/iocore/net/NetVConnection.h | Update has_proxy_protocol signature to include max header size. |
| include/iocore/eventsystem/Event.h | Remove obsolete ONLY_USED_FOR_FIB_AND_BIN_HEAP node pointer plumbing. |
| include/iocore/aio/AIO.h | Remove aio_state; add from_ts_api flag for safe self-deletion. |
| include/cripts/Error.hpp | Convert Reason storage to unique_ptr; include <memory>. |
| include/cripts/Context.hpp | Increase slot count; make URL blocks lazily allocated via unique_ptr. |
| include/cripts/Connections.hpp | Remove unused string buffer member. |
| include/cripts/Configs.hpp | Add SSL client CA cert path config binding. |
| example/plugins/c-api/client_context_dump/client_context_dump.cc | Free results buffer from context dump query. |
| doc/release-notes/upgrading.en.rst | Note removal of built-in stats/cache inspector pages. |
| doc/developer-guide/core-architecture/hostdb.en.rst | Update terminology (“zombie” -> “suspect”) and behavior description. |
| doc/developer-guide/api/types/TSOverridableConfigKey.en.rst | Document new overridable key for SSL client CA cert path. |
| doc/developer-guide/api/functions/TSHttpTxnCacheKeyDigestGet.en.rst | New API documentation for cache key digest retrieval. |
| doc/developer-guide/api/functions/TSHttpOverridableConfig.en.rst | Add SSL client CA cert path to overridable config mapping table. |
| doc/admin-guide/storage/index.en.rst | Document conditional DELETE invalidation semantics per RFC 9111. |
| doc/admin-guide/plugins/compress.en.rst | Clarify compress plugin caching behavior and Vary/alternate semantics. |
| doc/admin-guide/monitoring/statistics/core/ssl.en.rst | Document new SSL cert compression/decompression stats. |
| CMakeLists.txt | Add OpenSSL cert compression feature checks; update engine header path; update RAT invocation. |
| cmake/Findbrotli.cmake | Also locate brotlidec; add brotli::brotlidec imported target. |
| ci/rat-regex.txt | Remove legacy RAT exclude regex list file. |
| ci/rat-include.txt | Add RAT include list (CMakeLists.txt). |
| ci/rat-exclude.txt | Add RAT exclude list (glob patterns + one regex). |
| ci/asan_leak_suppression/unit_tests.txt | Replace OpenSSL leak suppressions with specific unit-test suppression. |
| ci/asan_leak_suppression/regression.txt | Remove some suppressions (e.g. make_log_host, Cache_vol, Hdrs). |
| AGENTS.md | Add repository-specific doxygen documentation conventions guidance. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+64
to
+66
| int bufsize = max_header_size; | ||
| char buf[bufsize]; | ||
| tv.assign(buf, reader->memcpy(buf, bufsize, 0)); |
Comment on lines
240
to
242
| if (msg.size() < total_len) { | ||
| Dbg(dbg_ctl_proxyprotocol_v2, "The amount of available data is smaller than the expected size"); | ||
| Error("The size of PP header received (%zu) is smaller than the expected size (%zu)", msg.size(), total_len); | ||
| return 0; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds compatible commits from the master branch that have been committed since the 10.2.x branch. If this looks good, we can add theses commits to the 10.2.x branch. The plan would be then, to add any backward compatible PRs to the 10.2.x project until we are ready to stablize the 10.2.x branch again.
Draft PR just for CI testing, do not merge!