Merge branch 'master' into quic-latest

* master:
  Don't rely on SSLNetVC when HttpSM gathers info about SSL (#7961)
  conf_remap: demote 'Invalid configuration' to warning (#7991)
  Cleans up the code bit, including milliseconds consistency (#7989)
  Pass through expect header and handle 100-continue response (#7962)
  Treat TRACE with body as bad request (#7905)
  Thread safe Mersenne Twister 64 using c++11 (#7859)
  ESI plugin documentation updates. (#7970)
  Add log name configuration and stderr/stdout support. (#7937)
  Cleanup: Constify MIMEHdr (#7949)
  Fixed compile error with Linux AIO unit test (#7958)
  Note YAML parser library bug, and work-around, in documentation. (#7963)
  Ensure that the content-length value is only digits (#7964)
  String the url fragment for outgoing requests (#7966)
  Fix for HTTP/2 frames (#7965)
  Improve parsing error messages for strategies.yaml. (#7948)
  fix the scheme of h2 0rtt tests (#7957)
  Fix double test flakiness due to EOS/TXN_CLOSE race (#7956)
  Use proxy.config.log.hostname for rotated log filenames (#7943)
  Fixed memory leak in the QUIC stream manager (#7951)
  Fixup TS_USE_LINUX_NATIVE_AIO AIO_MODE_NATIVE (#7832)
  Update GitHub stale action to auto close old PRs (#7952)
  Revert "Do not invalidate cached resources upon error responses to unsafe methods (#7864)" (#7954)
  regex_revalidate: add stats for miss/stale counts (#7950)
  Do not invalidate cached resources upon error responses to unsafe methods (#7864)
  Add an HTTP/2 304 "Not Modified" AuTest. (#7882)
  regex_revalidate: optionally retain rule epoch state across restarts (#7939)
  Fixed memory leak in QUIC ack frame unit test (#7947)
  cache_promote: Don't promote on uncacheable requests (#7942)
  Fix dynamic-stack-buffer-overflow of cachekey plugin (#7945)
  Compilation error fixes for QUIC unit tests (#7944)
  Adds bytes counting as a trigger to the cache_promote LRU (#7765)
  Add a JSON schema for strategies.yaml (#7932)
  Remove second call to TRANSACT_RETURN while handling cache write lock (#7873)
  Close connection after every bad request for HTTP/1.1 (#7885)
  Pin Sphinx to 3.x to unblock `make html` (#7940)
  Add support for Remap rule hit stats (#7936)
  Remove scrap log object dead code (#7935)
  Add STL forward iterators to DLL container. (#7934)
  Add log SQUID code testing to redirect.test.py Au test. (#7870)
  Fix race condition on server session state (#7921)
  regex_reval: bug where rule type is always reported as the first (#7928)
  Remove duplicate entry in overridable txn vars. (#7930)
  Satisfy ci/jenkins/bin/clang-format.sh (#7929)
  Add a basic Au test using strategies.yaml, with consistent hashing. (#7911)
  Add a chunked negative revalidating test. (#7907)
  Ensure that URL components are valid when alternate eviction is logged (#7924)
  fix grammar (#7927)
  AuTest: Enable h2spec generic test cases (#7926)
  Adjust vc read errors (#7923)
  Remove bucket search from IntrusiveHashMap::erase (#7848)
  Ensure TS_VCONN_CLOSE_HOOK hook is called during TS_EVENT_VCONN_CLOSE. (#7913)
  Update docs languages file to add 9.1.x for en and ja (#7917)
  * Adds a new peering ring mode to next hop selection strategies. (#7897)
  Add Au test for strategies.yaml, with consistent hashing, with fallover. (#7914)
  Make HttpSM server reference a Transaction instead of a Session (#7849)
  Set accept_options of Http1Transaction in Http1ClientSession::new_connection() (#7894)
  Reset Http1Transaction before adding vc to keep_alive_queue (#7892)
  Add dead server policy control and metric. Improve messages. (#7757)
  Ensure the HTTP protion of the protocol string is upper case (#7904)
  Fixed spelling mistakes in the docs (#7896)
  add MISS capability to the regex_revalidate plugin (#7899)
  docs: fix capitalization of Linux (#7898)
  Redirect - Make TS to honour the number_of_redirections configuration value (#7867)
  Clean up producer more regularly (#7386)
  Fix crash in open_close_h2 (#7586)
  Cleanup Http2ClientSession SessionHandler (#7876)
  Enforce HTTP parsing restrictions on HTTP versions supported (#7875)
  Do not delete the continuation twice (#7862)
  Cleanup: refer Http2ClientSession::mutex (#7853)
  Autest - Proxy Verifier Extension, add context template $-base string substitution in the replay file. (#7866)
  Fixed some spelling mistakes in comments (#7869)
  Fixed ASAN issues with MMH test (#7868)
  Cleanup: Move member functions defined inside of class definitions of Http2ConnectionState & Http2ConnectionSettings (#7854)
  Add URI Signing cdnistd Claim Implementation (#7822)
  Adds a new --enable-all-asserts configure option (#7858)
  Unifdef test code for MMH and moved it into its own test file (#7841)
  Clean up lua plugin doc for overridable configurations (#7844)
  Save and propagate epoll network error (#7809)
  Add method to write an IpAddr value to a sockaddr. (#7821)
  Add proxy.config.http.max_proxy_cycles (#7657)
  Update NextHop strategies so that unavailable server retry codes (#7837)
  generator: allow for POST requests (#7635)
  Fixed double declaration types for log buffer tracking (#7847)
  Extra braces for clang 5 / ubuntu 16.04 on array initialization (#7842)

 Conflicts:
	iocore/net/quic/QUICStreamFactory.cc

Author: maskit

.github/workflows/stale.yml

@@ -1,5 +1,8 @@
 name: Mark stale issues and pull requests
 
+# Documentation
+# https://github.com/marketplace/actions/close-stale-issues
+
 on:
   push:
     paths:
@@ -9,9 +12,7 @@ on:
 
 jobs:
   stale:
-
     runs-on: ubuntu-latest
-
     steps:
     - uses: actions/stale@v3
       with:
@@ -20,8 +21,10 @@ jobs:
         stale-pr-message: 'This pull request has been automatically marked as stale because it has not had recent activity. Marking it stale to flag it for further consideration by the community.'
         stale-issue-label: 'Stale'
         stale-pr-label: 'Stale'
+        exempt-issue-labels: 'In Progress'
+        exempt-pr-labels: 'In Progress'
         days-before-pr-stale: 90
         days-before-issue-stale: 365
-        days-before-pr-close: -1
+        days-before-pr-close: 7
         days-before-issue-close: -1
-        debug-only: true
+        debug-only: false

configs/strategies.schema.json

@@ -0,0 +1,256 @@
+{
+    "$schema": "http://json-schema.org/draft-06/schema#",
+    "$id": "https://github.com/apache/trafficserver/tree/master/configs/strategies.schema.json",
+    "$ref": "#/definitions/Strategies",
+    "definitions": {
+        "Strategies": {
+            "type": "object",
+            "additionalProperties": false,
+            "properties": {
+                "hosts": {
+                    "type": "array",
+                    "description": "An array of hosts assinged to a group",
+                    "items": {
+                        "$ref": "#/definitions/Host"
+                    }
+                },
+                "groups": {
+                    "type": "array",
+                    "description": "A group otherwise known as a ring, is a collection of hosts",
+                    "items": {
+                        "type": "array",
+                        "items": {
+                            "$ref": "#/definitions/Group"
+                        }
+                    }
+                },
+                "strategies": {
+                    "type": "array",
+                    "description": "A next hop selection strategy definition",
+                    "items": {
+                        "$ref": "#/definitions/Strategy"
+                    }
+                }
+            },
+            "required": [
+                "groups",
+                "hosts",
+                "strategies"
+            ],
+            "title": "Trafficserver Strategies"
+        },
+        "Group": {
+            "type": "object",
+            "additionalProperties": false,
+            "description": "A host member within a group or ring",
+            "properties": {
+                "host": {
+                    "type": "string",
+                    "description": "The hosts fully qualified hostname or IP address"
+                },
+                "protocol": {
+                    "type": "array",
+                    "description": "The set of protocols supported on this host",
+                    "items": {
+                        "$ref": "#/definitions/Protocol"
+                    }
+                },
+                "weight": {
+                    "type": "number",
+                    "description": "The optional weighting to apply for this host within a ring"
+                }
+            },
+            "required": [
+                "host",
+                "protocol"
+            ],
+            "title": "Group"
+        },
+        "Protocol": {
+            "type": "object",
+            "additionalProperties": false,
+            "properties": {
+                "scheme": {
+                    "$ref": "#/definitions/Scheme"
+                },
+                "port": {
+                    "type": "integer",
+                    "description": "the protocol port number",
+                    "minimum": 80,
+                    "maximum": 65534
+                },
+                "health_check_url": {
+                    "type": "string",
+                    "description": "the optional url that may be used for a health checking system",
+                    "format": "uri",
+                    "qt-uri-protocols": [
+                        "http",
+                        "https",
+                        "tcp"
+                    ]
+                }
+            },
+            "required": [
+                "port",
+                "scheme"
+            ],
+            "title": "Protocol"
+        },
+        "Host": {
+            "type": "object",
+            "additionalProperties": false,
+            "properties": {
+                "host": {
+                    "type": "string",
+                    "description": "The fully qualified host name or IP address of the host"
+                },
+                "protocol": {
+                    "type": "array",
+                    "items": {
+                        "$ref": "#/definitions/Protocol"
+                    }
+                }
+            },
+            "required": [
+                "host",
+                "protocol"
+            ],
+            "title": "Host"
+        },
+        "Strategy": {
+            "type": "object",
+            "additionalProperties": false,
+            "properties": {
+                "strategy": {
+                    "type": "string",
+                    "description": "the name assigned to this strategy"
+                },
+                "policy": {
+                    "type": "string",
+                    "description": "the host selection algorithm for the strategy",
+                    "enum": [
+                      "rr_ip",
+                      "rr_strict",
+                      "first_live",
+                      "latched",
+                      "consistent_hash"
+                    ]
+                },
+                "hash_key": {
+                  "type": "string",
+                  "description": "when using consistent_hash, this specifies the chosen key used for the hash",
+                  "enum": [
+                    "hostname",
+                    "path",
+                    "path+query",
+                    "path+fragment",
+                    "cache_key",
+                    "url"
+                  ]
+                },
+                "go_direct": {
+                    "type": "boolean",
+                    "description": "wether, true/false, users of the strategy may bypass parents and go directly to the origin"
+                },
+                "parent_is_proxy": {
+                    "type": "boolean",
+                    "description": "all the hosts assigned to the strategy are all caching proxy servers"
+                },
+                "cache_peer_result": {
+                    "type": "boolean",
+                    "description": "cache or do not cache proxy peer responses when using a peering ring mode and consistent hashing"
+                },
+                "groups": {
+                    "type": "array",
+                    "description": "the groups of hosts assigned to the strategy",
+                    "items": {
+                        "type": "array",
+                        "items": {
+                            "$ref": "#/definitions/Group"
+                        }
+                    }
+                },
+                "scheme": {
+                    "$ref": "#/definitions/Scheme"
+                },
+                "failover": {
+                    "$ref": "#/definitions/Failover"
+                }
+            },
+            "required": [
+                "groups",
+                "policy",
+                "scheme",
+                "strategy"
+            ],
+            "title": "Strategy"
+        },
+        "Failover": {
+            "type": "object",
+            "description": "failover configuration for the strategy",
+            "additionalProperties": false,
+            "properties": {
+                "max_simple_retries": {
+                    "type": "integer",
+                    "description": "the maximum number of retries for a transaction when using simple retry",
+                    "minimum": 0,
+                    "maximum": 5
+                },
+                "max_unavailable_retries": {
+                    "type": "integer",
+                    "description": "the maximum number of retries for a transaction when using unavailable server retry",
+                    "minimum": 0,
+                    "maximum": 5
+                },
+                "ring_mode": {
+                    "type": "string",
+                    "description": "the ring host selection mode",
+                    "enum": [
+                      "exhaust_ring",
+                      "alternate_ring",
+                      "peering_ring"
+                    ]
+                },
+                "response_codes": {
+                    "type": "array",
+                    "description": "list of simple retry http response codes",
+                    "items": {
+                        "type": "integer",
+                        "minimum": 400,
+                        "maximum": 599
+                    }
+                },
+                "markdown_codes": {
+                    "type": "array",
+                    "description": "list of unavailable server  retry http response codes",
+                    "items": {
+                        "type": "integer",
+                        "minimum": 400,
+                        "maximum": 599
+                    }
+                },
+                "health_check": {
+                    "type": "array",
+                    "description": "the health checking mode used for the strategy",
+                    "items": {
+                        "type": "string",
+                        "enum": [
+                          "active",
+                          "passive"
+                        ]
+                    }
+                }
+            },
+            "title": "Failover"
+        },
+        "Scheme": {
+            "type": "string",
+            "description": "the supported protocols used within the strategy",
+            "enum": [
+                "http",
+                "https"
+            ],
+            "title": "Scheme"
+        }
+    }
+}

configs/strategies.yaml.default

@@ -95,15 +95,24 @@
 #     hash_key: hostname # optional key to use for Hashing. Enum of 'url' or 'uri' or 'hostname' or 'path' or 'path+query' or 'cache_key' or 'path+fragment'
 #     go_direct: true # transactions may routed directly to the origin true/false default is true.
 #     parent_is_proxy: false  # next hop hosts  are origin servers when set to 'false', defaults to true and indicates next hop hosts are ats cache's.
+#     cache_peer_result: true # only used when the 'ring_mode' is set to 'peering_ring' and the policy is 'consistent_hash'.  The default value is
+#                        true which means to always allow caching responses.  When set to 'false' reponses received from peer hosts will not be
+#                        cached, only responses received from upstream parents or origins will be cached.
 #     groups: # groups of hosts, these groups are used as rings in consistent hash and arrays of host groups for round_robin.
 #       - *g1
 #       - *g2
 #     scheme: http
 #     failover:
 #       max_simple_retries: 2 # default is 1, indicates the maximum number of simple retries for the listed response codes.
-#       ring_mode: exhaust_ring # enumerated as exhaust_ring or alternate_ring
+#       ring_mode: exhaust_ring # enumerated as exhaust_ring, alternate_ring, or peering_ring
 #           #1) in 'exhaust_ring' mode all the servers in a ring are exhausted before failing over to secondary ring
 #           #2) in 'alternate_ring' mode causes the failover to another server in secondary ring.
+#           #3) 'peering_ring' is implemented for only a policy of 'consistent_hash' and requires that the strategy
+#               has two host groups defined.  The first group is the 'peer' group of caches that also includes this host
+#               itself.  The second group is the 'upstream' group of caches.  All parent host lookups are looked up from
+#               the peer group using consistent hashing.  If the resolved parent is "this" host, a new parent from the
+#               upstream list using consistent hashing will be chosen instead.  If any of the peer caches are
+#               unreachable or timeout, a new parent is chosen from the upstream list for retries.
 #       response_codes: # defines the responses codes for failover in exhaust_ring mode
 #         - 404
 #         - 502

configure.ac

@@ -151,7 +151,6 @@ AC_SUBST([build_number])
 #
 # Debug
 #
-
 AC_MSG_CHECKING([whether to enable debugging])
 AC_ARG_ENABLE([debug],
   [AS_HELP_STRING([--enable-debug],[turn on debugging])],
@@ -168,6 +167,15 @@ AC_ARG_ENABLE([mime-sanity-check],
 )
 AC_MSG_RESULT([$enable_mime_sanity_check])
 
+AC_MSG_CHECKING([whether to enable all asserts, a cheaper debug])
+AC_ARG_ENABLE([all-asserts],
+  [AS_HELP_STRING([--enable-all-asserts],[turn on all code asserts, both debug and release])],
+  [],
+  [enable_all_asserts=no]
+)
+AC_MSG_RESULT([$enable_all_asserts])
+
+
 # Enable code coverage instrumentation only if requested by the user.
 AC_MSG_CHECKING([whether to code coverage])
 AC_ARG_ENABLE([coverage],
@@ -957,14 +965,18 @@ if test "x${enable_debug}" = "xyes"; then
   TS_ADDTO(AM_CFLAGS, [${cc_oflag_dbg}])
   TS_ADDTO(AM_CXXFLAGS, [${cxx_oflag_dbg}])
   TS_ADDTO(AM_CPPFLAGS, [-DDEBUG -D_DEBUG])
-  if test "x${enable_mime_sanity_check}" = "xyes"; then
-    TS_ADDTO(AM_CPPFLAGS, [-DENABLE_MIME_SANITY_CHECK])
-  fi
 else
   TS_ADDTO(AM_CFLAGS, [${cc_oflag_opt}])
   TS_ADDTO(AM_CXXFLAGS, [${cxx_oflag_opt}])
 fi
 
+if test "x${enable_mime_sanity_check}" = "xyes"; then
+  TS_ADDTO(AM_CPPFLAGS, [-DENABLE_MIME_SANITY_CHECK])
+fi
+if test "x${enable_all_asserts}" = "xyes"; then
+  TS_ADDTO(AM_CPPFLAGS, [-DENABLE_ALL_ASSERTS])
+fi
+
 # Flags for ASAN
 if test "x${enable_asan}" = "xyes"; then
   if test "x${enable_tsan}" = "xyes" -o "x${enable_tsan}" = "xstatic"; then

doc/Pipfile

@@ -22,7 +22,16 @@ verify_ssl = true
 [dev-packages]
 
 [packages]
-sphinx = "*"
+
+# The latest 4.x sphinx release, currently 4.0.2, fails `make html`.  For
+# details, see: https://github.com/apache/trafficserver/issues/7938
+#
+# The 3.x releases build fine, however. So we currently pin to that.
+#
+# Once that issue, either with sphinx or our docs, is resolved, then we should
+# unpin sphinx by setting the following to "*".
+sphinx = "==3.*"
+
 sphinx-rtd-theme = "*"
 sphinxcontrib-plantuml = "*"
 # i18n

doc/admin-guide/files/index.en.rst

@@ -86,3 +86,9 @@ Configuration Files
 
 :doc:`volume.config.en`
     Defines cache space usage by individual protocols.
+
+.. note::
+
+   Currently the YAML parsing library has a bug where line number counting
+   (for error messages) ignores comment lines that start with **#**.  A
+   work-around is to put a space before the **#**.