- 21 Nov, 2022 4 commits
-
-
Nils Goroll authored
This commit was guided by the cocci patch below, but lines to change were manually selected. Motivated by #3864 --- 8< --- @@ expression path; @@ - *path == '/' + VUS_is(path) @@ expression path; @@ - *path != '/' + ! VUS_is(path)
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 20 Nov, 2022 1 commit
-
-
Nils Goroll authored
we only forwarded the result from a single read(), which might have missed information on the actual error.
-
- 16 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
space for larger XIDs. Add a version field.
-
- 15 Nov, 2022 1 commit
-
-
Poul-Henning Kamp authored
-
- 14 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Nils Goroll authored
We had three call sites, one with and two without size checking. Other improvements: - zero (struct sockaddr_un).sun_path - set errno if the path argument does not fit Motivated by: #3863
-
- 08 Nov, 2022 5 commits
-
-
Nils Goroll authored
to anchor patches
-
Nils Goroll authored
As far as I can see, this is only used in the vim->n_ stats, which are, apparently, not used anywhere.
-
Asad Sajjad Ahmed authored
Check for correct handling of missing pseudo-headers, and invalid characters. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>
-
Asad Sajjad Ahmed authored
We should apply the same restrictions on the list of allowed characters inside H/2 pseudo-headers as we do for H/1. This error is translated into the headers we send to a backend over H/1. Failure to do so could permit various exploits against a backend not handling malformed H/1 requests. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>
-
Martin Blix Grydeland authored
This expands the perfect hash lookup table to be able to match any entry in the list of well-known headers from tbl/http_headers.h. Previously only the headers that had a non-zero filter flag section was kept in the fast match table. Fixes: VSV00010
-
- 07 Nov, 2022 6 commits
-
-
Nils Goroll authored
We do not need to periodically check the conditions in obj_extend_condwait() if we ensure that HSH_Cancel() triggers a wakeup. Readers on private objects need to ensure they call HSH_Cancel() if they abort the read, so this is consistent with our requirements. While we could add a seperate function to the object API for the sole purpose of signaling a cancel, HSH_Cancel() already calls ObjWaitState() to syncronize with the backend thread, so adding the signal there was deemed the simpler solution. As agreed during bugwash, Martin wants to add back the timeout as an optinal parameter (default: no timeout).
-
Alf-André Walla authored
To override the global parameter on a per-fetch basis. Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Alf-André Walla authored
It pauses the fetch progress when clients are lagging behind for uncacheable streaming deliveries. Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Alf-André Walla authored
Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Alf-André Walla authored
This clarifies which length this field is about. Better diff with the --word-diff --word-diff-regex='\w+' options. Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Poul-Henning Kamp authored
-
- 31 Oct, 2022 3 commits
-
-
Poul-Henning Kamp authored
(May not work due to termcap/terminfo differences)
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 26 Oct, 2022 3 commits
-
-
Nils Goroll authored
-
Nils Goroll authored
Due to string folding, I expect this change to be fully backwards compatible - even with std.integert(req.xid) as proven by the vtcs which I am about to change.
-
Poul-Henning Kamp authored
-
- 25 Oct, 2022 5 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 12 Oct, 2022 5 commits
-
-
Nils Goroll authored
found by flexelint
-
Nils Goroll authored
-
Nils Goroll authored
because we run VRY_Validate() anyway before keeping a vary spec, and rightly so. Ref #3858
-
Nils Goroll authored
In dea05fa4, an assertion was added that, if a vary prediction exists as marked by vary_l, that marker matches the actual length. This change uncovered an inconsistency where, for waitinglist returns, the predictive vary was cleared unconditionally (req->vary_b[2] = '\0' in VRY_Prep()), but vary_l was not. Consequently, before dea05fa4, VRY_Finish() would copy more of the (possibly empty) vary spec than necessary. This commit fixes the inconsistency and adds specific testing for the case. Fixes #3858
-
Nils Goroll authored
vary, req ttl/grace limits, storage Motivated by #3858
-
- 10 Oct, 2022 3 commits
-
-
Nils Goroll authored
Refs 8df30240 Fixes #3856
-
Nils Goroll authored
-
Poul-Henning Kamp authored
-