trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sudhe...@apache.org
Subject [1/2] trafficserver git commit: [TS-3364]: Add command line config validation support to traffic_server
Date Mon, 09 Feb 2015 23:14:32 GMT
Repository: trafficserver
Updated Branches:
  refs/heads/master e5eedf128 -> fddd7c743


[TS-3364]: Add command line config validation support to traffic_server


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/245d6152
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/245d6152
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/245d6152

Branch: refs/heads/master
Commit: 245d615210352768ee6efe4e56641223c074dfaf
Parents: e5eedf1
Author: Sudheer Vinukonda <sudheerv@yahoo-inc.com>
Authored: Mon Feb 9 23:13:21 2015 +0000
Committer: Sudheer Vinukonda <sudheerv@yahoo-inc.com>
Committed: Mon Feb 9 23:13:50 2015 +0000

----------------------------------------------------------------------
 iocore/net/P_SSLConfig.h      |  4 +--
 iocore/net/SSLConfig.cc       | 10 ++++--
 iocore/net/SSLNetProcessor.cc |  2 +-
 proxy/Main.cc                 | 68 ++++++++++++++++++++++++++++++++++++--
 proxy/Plugin.cc               | 26 ++++++++++-----
 proxy/Plugin.h                |  2 +-
 proxy/ReverseProxy.cc         |  6 ++--
 proxy/ReverseProxy.h          |  2 +-
 8 files changed, 99 insertions(+), 21 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/iocore/net/P_SSLConfig.h
----------------------------------------------------------------------
diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h
index 5388346..cda2dcb 100644
--- a/iocore/net/P_SSLConfig.h
+++ b/iocore/net/P_SSLConfig.h
@@ -125,8 +125,8 @@ private:
 
 struct SSLCertificateConfig
 {
-  static void startup();
-  static void reconfigure();
+  static bool startup();
+  static bool reconfigure();
   static SSLCertLookup * acquire();
   static void release(SSLCertLookup * params);
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/iocore/net/SSLConfig.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 6d6e1ec..98214d2 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -332,7 +332,7 @@ SSLConfig::release(SSLConfigParams * params)
   configProcessor.release(configid, params);
 }
 
-void
+bool
 SSLCertificateConfig::startup()
 {
   sslCertUpdate = new ConfigUpdateHandler<SSLCertificateConfig>();
@@ -342,12 +342,13 @@ SSLCertificateConfig::startup()
   sslCertUpdate->attach("proxy.config.ssl.server.private_key.path");
   sslCertUpdate->attach("proxy.config.ssl.server.cert_chain.filename");
 
-  reconfigure();
+  return reconfigure();
 }
 
-void
+bool
 SSLCertificateConfig::reconfigure()
 {
+  bool retStatus = true;
   SSLConfig::scoped_config params;
   SSLCertLookup * lookup = new SSLCertLookup();
 
@@ -362,8 +363,11 @@ SSLCertificateConfig::reconfigure()
   if (SSLParseCertificateConfiguration(params, lookup)) {
     configid = configProcessor.set(configid, lookup);
   } else {
+    retStatus = false;
     delete lookup;
   }
+
+  return retStatus;
 }
 
 SSLCertLookup *

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/iocore/net/SSLNetProcessor.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLNetProcessor.cc b/iocore/net/SSLNetProcessor.cc
index 06b2cfc..9547617 100644
--- a/iocore/net/SSLNetProcessor.cc
+++ b/iocore/net/SSLNetProcessor.cc
@@ -68,7 +68,7 @@ SSLNetProcessor::start(int number_of_ssl_threads, size_t stacksize)
   SSLInitializeLibrary();
   SSLConfig::startup();
 
-  SSLCertificateConfig::startup();
+  (void) SSLCertificateConfig::startup();
 
   // Acquire a SSLConfigParams instance *after* we start SSL up.
   SSLConfig::scoped_config params;

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/Main.cc
----------------------------------------------------------------------
diff --git a/proxy/Main.cc b/proxy/Main.cc
index e03925f..7e9a433 100644
--- a/proxy/Main.cc
+++ b/proxy/Main.cc
@@ -696,6 +696,58 @@ cmd_clear(char *cmd)
   return CMD_OK;
 }
 
+static int
+cmd_verify(char * /* cmd ATS_UNUSED */)
+{
+  int exitStatus = 0;
+
+  fprintf(stderr, "NOTE: VERIFY\n\n");
+  if (!reloadUrlRewrite()) {
+    exitStatus |= (1 << 0);
+    fprintf(stderr, "ERROR: Failed to load remap.config, exitStatus %d\n\n", exitStatus);
+  } else {
+    fprintf(stderr, "INFO:Successfully loaded remap.config\n\n");
+  }
+
+  if (RecReadConfigFile(false) != REC_ERR_OKAY) {
+    exitStatus |= (1 << 1);
+    fprintf(stderr, "ERROR: Failed to load records.config, exitStatus %d\n\n", exitStatus);
+  } else {
+    fprintf(stderr, "INFO: Successfully loaded records.config\n\n");
+  }
+
+  if (!plugin_init(true)) {
+    exitStatus |= (1 << 2);
+    fprintf(stderr, "ERROR: Failed to load plugin.config, exitStatus %d\n\n", exitStatus);
+  } else {
+    fprintf(stderr, "INFO: Successfully loaded plugin.config\n\n");
+  }
+
+  SSLInitializeLibrary();
+  SSLConfig::startup();
+  if (!SSLCertificateConfig::startup()) {
+    exitStatus |= (1 << 3);
+    fprintf(stderr, "ERROR: Failed to load ssl multicert.config, exitStatus %d\n\n", exitStatus);
+  } else {
+    fprintf(stderr, "INFO: Successfully loaded ssl multicert.config\n\n");
+  }
+
+  SSLConfig::scoped_config params;
+  if (!SSLInitClientContext(params) ) {
+    exitStatus |= (1 << 4);
+    fprintf(stderr, "Can't initialize the SSL client, HTTPS in remap rules will not function
%d\n\n", exitStatus);
+  } else {
+    fprintf(stderr, "INFO: Successfully initialized SSL client context\n\n");
+  }
+
+  //TODO: Add more config validation..
+
+  _exit(exitStatus);
+
+  return 0;
+}
+
+
 static int cmd_help(char *cmd);
 
 static const struct CMD
@@ -748,6 +800,12 @@ commands[] = {
       "\n"
       "FORMAT: clear_hostdb\n"
       "\n" "Clear the entire hostdb cache.  All host name resolution\n" "information is lost.\n",
cmd_clear}, {
+  "verify_config",
+      "Verify the config",
+      "\n"
+      "\n"
+      "FORMAT: verify_config\n"
+      "\n" "Load the config and verify traffic_server comes up correctly. \n", cmd_verify},
{
 "help",
       "Obtain a short description of a command (e.g. 'help clear')",
       "HELP\n"
@@ -1391,8 +1449,12 @@ main(int /* argc ATS_UNUSED */, char **argv)
   // Local process manager
   initialize_process_manager();
 
-  // Ensure only one copy of traffic server is running
-  check_lockfile();
+  if ((*command_string) && (cmd_index(command_string) == cmd_index((char*)"verify_config")))
{
+    fprintf (stderr, "\n\n skip lock check for %s \n\n", command_string);
+  } else {
+    // Ensure only one copy of traffic server is running
+    check_lockfile();
+  }
 
   // Set the core limit for the process
   init_core_size();
@@ -1632,7 +1694,7 @@ main(int /* argc ATS_UNUSED */, char **argv)
     Log::init(remote_management_flag ? 0 : Log::NO_REMOTE_MANAGEMENT);
 
     // Init plugins as soon as logging is ready.
-    plugin_init();        // plugin.config
+    (void) plugin_init();        // plugin.config
 
     SSLConfigParams::init_ssl_ctx_cb = init_ssl_ctx_callback;
     sslNetProcessor.start(getNumSSLThreads(), stacksize);

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/Plugin.cc
----------------------------------------------------------------------
diff --git a/proxy/Plugin.cc b/proxy/Plugin.cc
index 44f3bd9..60a9527 100644
--- a/proxy/Plugin.cc
+++ b/proxy/Plugin.cc
@@ -69,15 +69,15 @@ PluginRegInfo::~PluginRegInfo()
   ats_free(this->support_email);
 }
 
-static void
-plugin_load(int argc, char *argv[])
+static bool
+plugin_load(int argc, char *argv[], bool validateOnly)
 {
   char path[PATH_NAME_MAX + 1];
   void *handle;
   init_func_t init;
 
   if (argc < 1) {
-    return;
+    return true;
   }
   ink_filepath_make(path, sizeof(path), plugin_dir, argv[0]);
 
@@ -103,6 +103,9 @@ plugin_load(int argc, char *argv[])
 
     handle = dlopen(path, RTLD_NOW);
     if (!handle) {
+      if (validateOnly) {
+        return false;
+      }
       Fatal("unable to load '%s': %s", path, dlerror());
     }
 
@@ -114,8 +117,11 @@ plugin_load(int argc, char *argv[])
 
     init = (init_func_t) dlsym(handle, "TSPluginInit");
     if (!init) {
+      if (validateOnly) {
+        return false;
+      }
       Fatal("unable to find TSPluginInit function in '%s': %s", path, dlerror());
-      return; // this line won't get called since Fatal brings down ATS
+      return false; // this line won't get called since Fatal brings down ATS
     }
 
     init(argc, argv);
@@ -128,6 +134,8 @@ plugin_load(int argc, char *argv[])
   }
 
   plugin_reg_current = NULL;
+
+  return true;
 }
 
 static char *
@@ -200,8 +208,8 @@ not_found:
   return NULL;
 }
 
-void
-plugin_init(void)
+bool
+plugin_init(bool validateOnly)
 {
   ats_scoped_str path;
   char line[1024], *p;
@@ -210,6 +218,7 @@ plugin_init(void)
   int argc;
   int fd;
   int i;
+  bool retVal = true;
   static bool INIT_ONCE = true;
 
   if (INIT_ONCE) {
@@ -223,7 +232,7 @@ plugin_init(void)
   fd = open(path, O_RDONLY);
   if (fd < 0) {
     Warning("unable to open plugin config file '%s': %d, %s", (const char *)path, errno,
strerror(errno));
-    return;
+    return false;
   }
 
   while (ink_file_fd_readline(fd, sizeof(line) - 1, line) > 0) {
@@ -275,12 +284,13 @@ plugin_init(void)
       }
     }
 
-    plugin_load(argc, argv);
+    retVal = plugin_load(argc, argv, validateOnly);
 
     for (i = 0; i < argc; i++)
       ats_free(vars[i]);
   }
 
   close(fd);
+  return retVal;
 }
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/Plugin.h
----------------------------------------------------------------------
diff --git a/proxy/Plugin.h b/proxy/Plugin.h
index 91d9904..ad924e6 100644
--- a/proxy/Plugin.h
+++ b/proxy/Plugin.h
@@ -45,7 +45,7 @@ struct PluginRegInfo
 extern DLL<PluginRegInfo> plugin_reg_list;
 extern PluginRegInfo *plugin_reg_current;
 
-void plugin_init(void);
+bool plugin_init(bool validateOnly=false);
 
 /** Abstract interface class for plugin based continuations.
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/ReverseProxy.cc
----------------------------------------------------------------------
diff --git a/proxy/ReverseProxy.cc b/proxy/ReverseProxy.cc
index a2ae22d..3b56905 100644
--- a/proxy/ReverseProxy.cc
+++ b/proxy/ReverseProxy.cc
@@ -135,7 +135,7 @@ struct UR_UpdateContinuation: public Continuation
 {
   int file_update_handler(int /* etype ATS_UNUSED */, void * /* data ATS_UNUSED */)
   {
-    reloadUrlRewrite();
+    (void) reloadUrlRewrite();
     delete this;
     return EVENT_DONE;
   }
@@ -152,7 +152,7 @@ struct UR_UpdateContinuation: public Continuation
   blocking.
 
 */
-void
+bool
 reloadUrlRewrite()
 {
   UrlRewrite *newTable;
@@ -163,11 +163,13 @@ reloadUrlRewrite()
     new_Deleter(rewrite_table, URL_REWRITE_TIMEOUT);
     Debug("url_rewrite", "remap.config done reloading!");
     ink_atomic_swap(&rewrite_table, newTable);
+    return true;
   } else {
     static const char* msg = "failed to reload remap.config, not replacing!";
     delete newTable;
     Debug("url_rewrite", "%s", msg);
     Warning("%s", msg);
+    return false;
   }
 }
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/245d6152/proxy/ReverseProxy.h
----------------------------------------------------------------------
diff --git a/proxy/ReverseProxy.h b/proxy/ReverseProxy.h
index 5019ba8..a98098b 100644
--- a/proxy/ReverseProxy.h
+++ b/proxy/ReverseProxy.h
@@ -65,7 +65,7 @@ mapping_type request_url_remap_redirect(HTTPHdr *request_header, URL *redirect_u
 bool response_url_remap(HTTPHdr *response_header);
 
 // Reload Functions
-void reloadUrlRewrite();
+bool reloadUrlRewrite();
 
 int url_rewrite_CB(const char *name, RecDataT data_type, RecData data, void *cookie);
 


Mime
View raw message