Age | Commit message (Collapse) | Author |
|
Documentation: https://docs.kernel.org/networking/timestamping.html
This modifies Stream type to be able to setup rx timestamp on its
socket, and use `recvmsg` to read the returned timestamp. The rx
timestamp of the last recvmsg is stored as `rx_ts`
In the context of tcp stream, if the returned byte range spans multiple
timestamps, the last one is returned.
|
|
Per ~~~-5535: it is not safe to call SSL_select_next_proto()
with invalid alpn_in.
Although our code is safe because it is only used via set_alpn_select_callback
which performs the check, an additional guard is added just in case these functions
are used in other context.
|
|
|
|
|
|
Updating existing Semgrep.yml file - Semgrep is a tool that will be used to scan Cloudflare's public repos for Supply chain, code and secrets. This work is part of Application & Product Security team's initiative to onboard Semgrep onto all of Cloudflare's public repos.
In case of any questions, please reach out to "Hrushikesh Deshpande" on cf internal chat.
|
|
server requests
|
|
---
fix cargo fmt check
Includes-commit: 19eeddcfbf0f4a7e4dc96cf4782143e96f54b371
Includes-commit: 41987023f175942be8f47ede18ada85b20993cca
Replicated-from: https://github.com/cloudflare/pingora/pull/380
|
|
Otherwise it requires extra attention for deprecated clippy rules
|
|
|
|
Fix #363
---
updated
Includes-commit: 204ddb02743445e6204858b4df3ea3f28fa1911c
Includes-commit: 34c67f0acae52ce94a3a6d5696e0847e63b42be7
Replicated-from: https://github.com/cloudflare/pingora/pull/368
Signed-off-by: spacewander <[email protected]>
|
|
Includes-commit: 9b1d7c544d45f88db55cc9ac118a8f60e8ef84b9
Replicated-from: https://github.com/cloudflare/pingora/pull/371
|
|
When supporting streaming partial writes, the cache miss request may not
always find the corresponding body reader for the storage asset that its
upstream write is trying to fill.
This change adds a lookup_streaming_write storage API and allows the
miss handler to provide a streaming write tag for use with the API, so
that it may find the matching hit handler to serve downstream.
|
|
|
|
This changes the memory ordering for the lock status load to `SeqCst` from
`Relaxed` to eliminate a potential source of panics.
Panics had the frames:
```
pingora_proxy::proxy_cache::<T>::handle_lock_status (proxy_cache.rs:748)
pingora_proxy::proxy_cache::<T>::proxy_cache::{{closure}} (proxy_cache.rs:211)
pingora_proxy::HttpProxy<T>::process_request::{{closure}} (lib.rs:509)
pingora_proxy::HttpProxy<T>::process_new_http::{{closure}} (lib.rs:727)
```
which showed we were checking on the status of the lock, after waiting on it,
and still seeing its status as waiting. The status is returned by value, so this
is not a time-of-check to time-of-use problem, this is an inconsistency in how
the lock status is managed. The change in memory order is mostly for the sake of
this programmer's attempts to understand what is happening.
This also completes a couple of TODOs to limit the wait period as well as tag
the span with the lock status.
|
|
This has the effect of reducing a warning log since we are not
leaving the lock dangling for the next reader.
|
|
Includes-commit: 9a934bc8baa4e8b05639f6aa71ca9695832986f0
Replicated-from: https://github.com/cloudflare/pingora/pull/360
|
|
Co-authored-by: Derek Argueta <[email protected]>
|
|
Includes-commit: 0560e0ff05481465e926766ba1d6791c12a96944
Replicated-from: https://github.com/cloudflare/pingora/pull/356
|
|
If we have a cache miss, any meta in this object is invalid. Unset
it so that we don't use it later.
|
|
|
|
I was attempting to test upgrades on MacOS, and was a bit confused at the ECONNREFUSED error.
Having this log would help others avoiding troubleshooting this until it is supported.
Includes-commit: 6f80ce2f7a5dd97e174916d8efc4864366eca790
Replicated-from: https://github.com/cloudflare/pingora/pull/327
|
|
Co-authored-by: Fredrik Enestad <[email protected]>
|
|
integration
|
|
Allow this as an adjustable setting to preserve etag when
(de)compressing. The default is to weaken etags whenever a compression
module applies.
|
|
|
|
---
Added some more exports used by the server example
Includes-commit: d7be54bbb5c0c3465eef09d0545988b34b725f4f
Includes-commit: e36e6e719450bc445c383d501aacc02bff6695e5
Replicated-from: https://github.com/cloudflare/pingora/pull/277
|
|
|
|
---
Merge branch 'main' into compression-headers
---
Updated “compression enabled” check for recent changes
---
Fixed clippy warning
---
Reverted changes related to Accept-Ranges header
---
Handle multiple Vary headers
---
Merged main branch
Includes-commit: 4ea0c3ff10fad0a27f798dcdf3f797294af89d80
Includes-commit: 78f09b29d7a6f04b2647879855e91a3cf3744fb1
Includes-commit: 973d5969e4210b1a86e69e75d74caabb44109a8a
Includes-commit: 9f82578858e5ba167badc81cf347fb70bbf7f41a
Includes-commit: d6e94c93f1cdd9ca3ab8e3829d65af6f265ce627
Includes-commit: e88fdb8a3721bb38c476b0d825d271b013069df7
Includes-commit: f647f04bf1db2b63788a837a5ab5a6f3030d209e
Replicated-from: https://github.com/cloudflare/pingora/pull/286
|
|
|
|
cargo-audit now has an MSRV of 1.74 > ours. We only need to run audit on
at least one toolchain, anyhow.
|
|
Don't unconditionally unwrap Sentry, guard it with a default value.
|
|
This changes the Sentry field from the DSN string to the entire ClientOptions
struct. This will let us pass more information to the client SDK, including the
git-parsed version information.
|
|
|
|
---
also add port number
---
also print query with path for h2 just as h1
Includes-commit: 2df4e29e180f5e79bee04aa4b4d83536e9f7f3a4
Includes-commit: 53e1810a27de581f6d5a9606198d9ac443f4a63c
Includes-commit: 8102a0900bf30bf740e58c3a541bb86d296eb660
Replicated-from: https://github.com/cloudflare/pingora/pull/345
|
|
|
|
---
test: add test for upstream health observe
---
renamed the function and added doc to make it intelligible
---
fix clippy error
---
Merge branch 'main' into main
---
test: fix test for backend do update
Co-authored-by: Tree Xie <[email protected]>
Includes-commit: 1421c267563f0161624e7dcc00a8f8d7be86d8b8
Includes-commit: 695d5490142945e11effe6ab87f4785ee0c7e4ab
Includes-commit: 6a09b52c5e8b710c9fa4e0ac75420edd73556897
Includes-commit: 72d6ee09ae7488a372180cbf2b57f19d76eb8697
Includes-commit: e6c2af0e77283f73c785e73a702d739f4d5a8da0
Includes-commit: fb62869583667a220fab019bec8d7a80ef3caba2
Replicated-from: https://github.com/cloudflare/pingora/pull/325
|
|
|
|
This cache phase indicates when we are serving a stale cache hit, but
there is another request currently updating the asset.
|
|
---
use weight as param
---
fix format and doc comment
---
add ext as Extensions::new
---
Merge branch 'main' into ~~~
Includes-commit: 0d4a658cf83e4c1c6ab90ab79bbc147035357bc6
Includes-commit: 1ee9b327b499328850d2b88d774dfc4241b19015
Includes-commit: 5b05294e244b191c2505928474344f6004469768
Includes-commit: cf8faea7d08513acd11ba3c53dbfe0528c6b7621
Includes-commit: f0cefff7eb3ba2bdc73fc3e7655bb9a8bbdd22cb
Replicated-from: https://github.com/cloudflare/pingora/pull/333
|
|
|
|
---
Update docs/user_guide/ratelimiter.md
---
docs: add upstream_request_filter to fix forbidden error of RateLimiter
---
Update ratelimiter.md
update rate_limiter_map initialize code
Co-authored-by: Dany Gagnon <[email protected]>
Co-authored-by: Xia Lei <[email protected]>
Includes-commit: 461d384966601a5fae60384cb0fef3fac9442218
Includes-commit: 80231711f9d85ee63a363c28a965acc86281b8df
Includes-commit: 99ed87f309b7d550b6a97af1c528a5849c020342
Includes-commit: bffc9f4f23c51feff64a1f6d3e9bfe8680e154d1
Replicated-from: https://github.com/cloudflare/pingora/pull/120
|
|
|
|
There could be a race condition where a Stale request waiting on cache
lock retries the cache lock and lookup, but enters cache_miss after
finding the asset is no longer present.
|
|
---
Specified quick_cache version because older version was being loaded on build
Includes-commit: 3f5419e92d64769534e3ab6f497ee938f07616fa
Includes-commit: de83f0a6122aa9be637faf4e7ed0c3f73d20a78c
Replicated-from: https://github.com/cloudflare/pingora/pull/248
|
|
Before this change, the retry only happens on reused connections. The
shutting down could also happen on new connections as well. So this
change will retry in both cases.
|
|
|
|
|
|
|
|
|
|
Also remove the doc_async_trait cfg since it is no longer viable.
|