trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject git commit: TS-2057: Remove deprecated proxy port configuration values from records.config.
Date Wed, 24 Jul 2013 20:26:12 GMT
Updated Branches:
  refs/heads/master aa4acf200 -> 1c6fd093d


TS-2057: Remove deprecated proxy port configuration values from records.config.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/1c6fd093
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/1c6fd093
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/1c6fd093

Branch: refs/heads/master
Commit: 1c6fd093db5538b578ed646d384f9dd21ec7dfdd
Parents: aa4acf2
Author: Alan M. Carroll <amc@network-geographics.com>
Authored: Wed Jul 24 15:25:46 2013 -0500
Committer: Alan M. Carroll <amc@network-geographics.com>
Committed: Wed Jul 24 15:25:46 2013 -0500

----------------------------------------------------------------------
 CHANGES                                |   2 +-
 lib/records/I_RecHttp.h                |   7 +-
 lib/records/RecHttp.cc                 | 104 +++++-----------------------
 proxy/config/records.config.default.in |  32 ++++-----
 4 files changed, 34 insertions(+), 111 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/1c6fd093/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index fac88db..c38d1be 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,6 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache Traffic Server 3.3.5
-
+  *) [TS-2057] Removed deprecated proxy port configuration values from records.config.
 
   *) [TS-1280] Add url match token about cache control rule.
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/1c6fd093/lib/records/I_RecHttp.h
----------------------------------------------------------------------
diff --git a/lib/records/I_RecHttp.h b/lib/records/I_RecHttp.h
index 2be3dbb..4bd3de0 100644
--- a/lib/records/I_RecHttp.h
+++ b/lib/records/I_RecHttp.h
@@ -243,11 +243,6 @@ public:
   );
 
   static char const* const PORTS_CONFIG_NAME; ///< New unified port descriptor.
-  static char const* const PORT_CONFIG_NAME; ///< Old port only entry.
-  static char const* const ATTR_CONFIG_NAME; ///< Old attribute only entry.
-  static char const* const OTHER_PORTS_CONFIG_NAME; ///< Old "other" ports.
-  static char const* const SSL_ENABLED_CONFIG_NAME; ///< SSL enable flag.
-  static char const* const SSL_PORT_CONFIG_NAME; ///< Old style SSL port.
 
   /// Default value if no other values can be found.
   static char const* const DEFAULT_VALUE;
@@ -265,7 +260,7 @@ public:
   static char const* const OPT_SSL; ///< SSL (experimental)
   static char const* const OPT_BLIND_TUNNEL; ///< Blind tunnel.
   static char const* const OPT_COMPRESSED; ///< Compressed.
-  static char const* const OPT_HOST_RES; ///< Set DNS family preference.
+  static char const* const OPT_HOST_RES_PREFIX; ///< Set DNS family preference.
 
   static Vec<self>& m_global; ///< Global ("default") data.
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/1c6fd093/lib/records/RecHttp.cc
----------------------------------------------------------------------
diff --git a/lib/records/RecHttp.cc b/lib/records/RecHttp.cc
index a9e32b4..13a20a6 100644
--- a/lib/records/RecHttp.cc
+++ b/lib/records/RecHttp.cc
@@ -59,16 +59,17 @@ void RecHttpLoadIp(char const* value_name, IpAddr& ip4, IpAddr&
ip6)
 
 char const* const HttpProxyPort::DEFAULT_VALUE = "8080";
 
-char const* const HttpProxyPort::PORT_CONFIG_NAME = "proxy.config.http.server_port";
-char const* const HttpProxyPort::ATTR_CONFIG_NAME = "proxy.config.http.server_port_attr";
-char const* const HttpProxyPort::OTHER_PORTS_CONFIG_NAME = "proxy.config.http.server_other_ports";
 char const* const HttpProxyPort::PORTS_CONFIG_NAME = "proxy.config.http.server_ports";
-char const* const HttpProxyPort::SSL_ENABLED_CONFIG_NAME = "proxy.config.ssl.enabled";
-char const* const HttpProxyPort::SSL_PORT_CONFIG_NAME = "proxy.config.ssl.server_port";
+
+// "_PREFIX" means the option contains additional data.
+// Each has a corresponding _LEN value that is the length of the option text.
+// Options without _PREFIX are just flags with no additional data.
 
 char const* const HttpProxyPort::OPT_FD_PREFIX = "fd";
 char const* const HttpProxyPort::OPT_OUTBOUND_IP_PREFIX = "ip-out";
 char const* const HttpProxyPort::OPT_INBOUND_IP_PREFIX = "ip-in";
+char const* const HttpProxyPort::OPT_HOST_RES_PREFIX = "ip-resolve";
+
 char const* const HttpProxyPort::OPT_IPV6 = "ipv6";
 char const* const HttpProxyPort::OPT_IPV4 = "ipv4";
 char const* const HttpProxyPort::OPT_TRANSPARENT_INBOUND = "tr-in";
@@ -78,14 +79,14 @@ char const* const HttpProxyPort::OPT_TRANSPARENT_PASSTHROUGH = "tr-pass";
 char const* const HttpProxyPort::OPT_SSL = "ssl";
 char const* const HttpProxyPort::OPT_BLIND_TUNNEL = "blind";
 char const* const HttpProxyPort::OPT_COMPRESSED = "compressed";
-char const* const HttpProxyPort::OPT_HOST_RES = "ip-resolve";
 
 // File local constants.
 namespace {
+  // Length values for _PREFIX options.
   size_t const OPT_FD_PREFIX_LEN = strlen(HttpProxyPort::OPT_FD_PREFIX);
   size_t const OPT_OUTBOUND_IP_PREFIX_LEN = strlen(HttpProxyPort::OPT_OUTBOUND_IP_PREFIX);
   size_t const OPT_INBOUND_IP_PREFIX_LEN = strlen(HttpProxyPort::OPT_INBOUND_IP_PREFIX);
-  size_t const OPT_HOST_RES_PREFIX_LEN = strlen(HttpProxyPort::OPT_HOST_RES);
+  size_t const OPT_HOST_RES_PREFIX_LEN = strlen(HttpProxyPort::OPT_HOST_RES_PREFIX);
 }
 
 namespace {
@@ -135,7 +136,6 @@ HttpProxyPort* HttpProxyPort::findHttp(Group const& ports, uint16_t
family) {
 bool
 HttpProxyPort::loadConfig(Vec<self>& entries) {
   char* text;
-  char* attr;
   bool found_p;
 
   // Do current style port configuration first.
@@ -143,75 +143,14 @@ HttpProxyPort::loadConfig(Vec<self>& entries) {
   if (found_p) self::loadValue(entries, text);
   ats_free(text);
 
-  // Check old style single port.
-  // Yeah, it's ugly, but it should be purged on the next major release.
-  int sp = REC_ConfigReadInteger(PORT_CONFIG_NAME);
-  attr = REC_ConfigReadString(ATTR_CONFIG_NAME);
-  if (-1 == sp) {
-    // Default value, ignore.
-  } else if (0 < sp && sp < 65536) {
-    if (attr) {
-      char* buff = static_cast<char*>(alloca(6 + 1 + strlen(attr) + 1));
-      sprintf(buff, "%d:%s", sp, attr);
-      self::loadValue(entries, buff);
-    } else {
-      HttpProxyPort pd;
-      pd.m_port = sp;
-      entries.push_back(pd);
-    }
-  } else {
-    Warning("Invalid port value %d is not in the range 1..65535 for '%s'.", sp, PORT_CONFIG_NAME);
-  }
-  ats_free(attr);
-
-  // Do the "other" ports.
-  text = REC_ConfigReadString(OTHER_PORTS_CONFIG_NAME);
-  self::loadValue(entries, text);
-  ats_free(text);
-
-  // Check for old style SSL configuration. We only put this in iff
-  // SSL is explicitly enabled and has the server port set.
-  RecInt ssl_enabled;
-  RecInt ssl_port;
-  if (REC_ERR_OKAY == RecGetRecordInt(SSL_ENABLED_CONFIG_NAME, &ssl_enabled) &&
ssl_enabled) {
-    if (REC_ERR_OKAY == RecGetRecordInt(SSL_PORT_CONFIG_NAME, &ssl_port)) {
-      if (0 < ssl_port && ssl_port < 65536) {
-        HttpProxyPort port;
-        port.m_port = ssl_port;
-        port.m_type = TRANSPORT_SSL;
-        entries.push_back(port);
-      } else if (-1 != ssl_port) {
-	// -1 is used as the sentinel value in the config record for
-	// "not set by user".
-        Warning("SSL enabled but port value %" PRId64" is not in the range 1..65535.\n",
-                ssl_port);
-      }
-    }
-  }
-
   return 0 < entries.length();
 }
 
 bool
 HttpProxyPort::loadDefaultIfEmpty(Group& ports) {
-  RecInt ssl_enabled;
-
   if (0 == ports.length())
     self::loadValue(ports, DEFAULT_VALUE);
 
-  // Check to see if we need to force an SSL port.
-  if (REC_ERR_OKAY == RecGetRecordInt(SSL_ENABLED_CONFIG_NAME, &ssl_enabled) &&
ssl_enabled) {
-    // SSL is explicitly enabled, so force an SSL port if there isn't one.
-    if (!self::hasSSL(ports)) {
-      HttpProxyPort port;
-      RecInt ssl_port = -1;
-      RecGetRecordInt(SSL_PORT_CONFIG_NAME, &ssl_port);
-      if (ssl_port < 1 || 65535 < ssl_port) ssl_port = 443;
-      port.m_port = ssl_port;
-      port.m_type = TRANSPORT_SSL;
-      ports.push_back(port);
-    }
-  }
   return 0 < ports.length();
 }
 
@@ -312,41 +251,32 @@ HttpProxyPort::processOptions(char const* opts) {
         Warning("Invalid IP address value '%s' in port descriptor '%s'",
           item, opts
         );
-    } else if (0 == strcasecmp("X", item)) {
-      // defaults
-    } else if (0 == strcasecmp("C", item) || 0 == strcasecmp(OPT_COMPRESSED, item)) {
+    } else if (0 == strcasecmp(OPT_COMPRESSED, item)) {
       m_type = TRANSPORT_COMPRESSED;
-    } else if (0 == strcasecmp("T", item) || 0 == strcasecmp(OPT_BLIND_TUNNEL, item)) {
+    } else if (0 == strcasecmp(OPT_BLIND_TUNNEL, item)) {
       m_type = TRANSPORT_BLIND_TUNNEL;
-    } else if (0 == strcasecmp("X6", item) || 0 == strcasecmp(OPT_IPV6, item)) {
-      m_family = AF_INET6;
-      af_set_p = true;
-    } else if (0 == strcasecmp("=6", item)) {
+    } else if (0 == strcasecmp(OPT_IPV6, item)) {
       m_family = AF_INET6;
       af_set_p = true;
-      m_inbound_transparent_p = m_outbound_transparent_p = true;
     } else if (0 == strcasecmp(OPT_IPV4, item)) {
       m_family = AF_INET;
       af_set_p = true;
-    } else if (0 == strcasecmp("S", item) || 0 == strcasecmp(OPT_SSL, item)) {
+    } else if (0 == strcasecmp(OPT_SSL, item)) {
       m_type = TRANSPORT_SSL;
       m_inbound_transparent_p = m_outbound_transparent_p = false;
-    } else if (0 == strcasecmp(OPT_TRANSPARENT_INBOUND, item) ||
-      0 == strcasecmp("<", item)) {
+    } else if (0 == strcasecmp(OPT_TRANSPARENT_INBOUND, item)) {
 # if TS_USE_TPROXY
       m_inbound_transparent_p = true;
 # else
       Warning("Transparency requested [%s] in port descriptor '%s' but TPROXY was not configured.",
item, opts);
 # endif
-    } else if (0 == strcasecmp(OPT_TRANSPARENT_OUTBOUND, item) ||
-      0 == strcasecmp(">", item)) {
+    } else if (0 == strcasecmp(OPT_TRANSPARENT_OUTBOUND, item)) {
 # if TS_USE_TPROXY
       m_outbound_transparent_p = true;
 # else
       Warning("Transparency requested [%s] in port descriptor '%s' but TPROXY was not configured.",
item, opts);
 # endif
-    } else if (0 == strcasecmp(OPT_TRANSPARENT_FULL, item)||
-               0 == strcasecmp("=", item)) {
+    } else if (0 == strcasecmp(OPT_TRANSPARENT_FULL, item)) {
 # if TS_USE_TPROXY
       m_inbound_transparent_p = true;
       m_outbound_transparent_p = true;
@@ -359,7 +289,7 @@ HttpProxyPort::processOptions(char const* opts) {
 # else
       Warning("Transparent pass-through requested [%s] in port descriptor '%s' but TPROXY
was not configured.", item, opts);
 # endif
-    } else if (0 == strncasecmp(OPT_HOST_RES, item, OPT_HOST_RES_PREFIX_LEN)) {
+    } else if (0 == strncasecmp(OPT_HOST_RES_PREFIX, item, OPT_HOST_RES_PREFIX_LEN)) {
       item += OPT_HOST_RES_PREFIX_LEN; // skip prefix
       if ('-' == *item || '=' == *item) // permit optional '-' or '='
         ++item;
@@ -489,7 +419,7 @@ HttpProxyPort::print(char* out, size_t n) {
    */
   if (!m_outbound_transparent_p &&
       0 != memcmp(m_host_res_preference, host_res_default_preference_order, sizeof(m_host_res_preference)))
{
-    zret += snprintf(out+zret, n-zret, ":%s=", OPT_HOST_RES);
+    zret += snprintf(out+zret, n-zret, ":%s=", OPT_HOST_RES_PREFIX);
     zret += ts_host_res_order_to_string(m_host_res_preference, out+zret, n-zret);
   }
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/1c6fd093/proxy/config/records.config.default.in
----------------------------------------------------------------------
diff --git a/proxy/config/records.config.default.in b/proxy/config/records.config.default.in
index 34672a9..ffe4ce6 100644
--- a/proxy/config/records.config.default.in
+++ b/proxy/config/records.config.default.in
@@ -81,28 +81,35 @@ CONFIG proxy.config.alarm.abs_path STRING NULL
    ##########
    # The server ports are listed here. These are separated by spaces or commas.
    # Each port is a colon separated list of values, which must include a
-   # port number. Other options are
+   # port number. The order is irrelevant. Other options are
    # ipv4 - Use IPv4 (default)
    # ipv6 - Use IPv6
    # tr-in - Transparent inbound.
    # tr-out - Transparent outbound.
    # tr-full - Fully transparent (inbound and outbound).
-   # tr-pass - Transprently Pass-through non-HTTP traffic (in conjuction with tr-in).
+   # tr-pass - Transparently Pass-through non-HTTP traffic (in conjuction with tr-in).
    # ssl - SSL terminated port.
-   # blind - Blind tunnel port.
+   # blind - Blind tunnel port (CONNECT only)
    # ip-in=[addr] - Bind inbound IP address (listen for client).
    # ip-out=[addr] - Bind outbound IP address (connect to origin server).
+   # ip-resolve=[style] - Set the IP resolution style.
    #
-   # note - address types must agree with each other and the ipv4/ipv6
+   # Note - address types must agree with each other and the ipv4/ipv6
    # option if specified. IPv6 addresses must be enclosed in brackets.
-   # ip-out can be repeated as long as each address is a different family.
-   # The '=' is optional.
+   # ip-out can be repeated as long as each address is a different
+   # family. If ip-in is specified as an IPv6 address, the port is
+   # forced to IPv6. Transparent ports cannot be bound to an IP
+   # address on the transparent side.
+   #
+   # The '=' is optional for any option with a value.
    #
    # Example 1: Port 8080 IPv6 inbound transparent, and port 80 IPv4
    # "8080:ipv6:tr-in 80"
    #
-   # Example 2: Listen on standard http and https ports for IPv4 and IPv6:
-   # "80:ipv4 80:ipv6 443:ipv4:ssl 443:ipv6:ssl"
+   # Example 2: Listen on standard http and https ports for IPv4 and IPv6,
+   # fully transparent on the http ports. Also provide an non-transparent
+   # port at address 192.168.1.56 on port 8080.
+   # "80:ipv4:tr-full tr-full:80:ipv6 443:ipv4:ssl 443:ssl:ipv6 ip-in=192.168.1.56:8080"
    #
 CONFIG proxy.config.http.server_ports STRING 8080
    # Ports on the origin server to which a blind tunnel may connect.
@@ -486,12 +493,6 @@ CONFIG proxy.config.url_remap.pristine_host_hdr INT 1
 # SSL Termination
 #
 ##############################################################################
-   # proxy.config.ssl.enabled should be:
-   #   0 - none
-   #   1 - SSL enabled
-   # Deprecated. SSL is enabled automatically if an SSL port is configured
-   # in config.proxy.http.server_ports.
-#CONFIG proxy.config.ssl.enabled INT 0
    # The number of SSL threads is a multiplier of number of CPUs and
    # proxy.config.exec_thread.autoconfig.scale by default. You can
    # override that here (set it to a non-zero value).
@@ -510,9 +511,6 @@ CONFIG proxy.config.ssl.server.cipher_suite STRING RC4-SHA:AES128-SHA:DES-CBC3-S
 CONFIG proxy.config.ssl.server.honor_cipher_order INT 0
    # Control if SSL should perform content compression or not
 CONFIG proxy.config.ssl.compression INT 0
-   # Deprecated.
-   # SSL ports should now be configured via proxy.config.http.server_ports
-#CONFIG proxy.config.ssl.server_port INT 443
    # Client certification level should be:
    # 0 no client certificates
    # 1 client certificates optional


Mime
View raw message