- 26 Nov, 2022 1 commit
-
-
Poul-Henning Kamp authored
-
- 25 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 22 Nov, 2022 2 commits
-
-
Dridi Boukelmoune authored
As a convenience, the error message includes the actual total length of data being g[un]zipped, in addition to the total_in amount of data processed so far.
-
Dridi Boukelmoune authored
To be consistent with how the file cursor behaves, the close_fd field is duplicated in the mmap cursor. If a VUT replaces stdin's file descriptor with a regular file's fd using dup2(2), we don't want to close it just because we managed to mmap(2) it. For some reason we don't use the closefd() macro in the VSL cursor code, potentially to avoid its underlying assertion in libvarnishapi. On the other hand we do use it in other places: $ git grep -l closefd -- lib/libvarnishapi/ lib/libvarnishapi/daemon.c lib/libvarnishapi/vsm.c So maybe in a subsequent change `(void)close(fd)` statements could turn into `closefd(&fd)` in vsl_cursor.c to harden those code paths as well.
-
- 21 Nov, 2022 11 commits
-
-
Nils Goroll authored
-
Nils Goroll authored
-
Nils Goroll authored
-
Nils Goroll authored
As pointed out by Dridi, we should rather not make an attempt to support un-printable socket names, of which the empty name is the most prominent case. For all other non-printable cases (e.g. d\0r\0i\0d\0i), we have no support to pass them in the first place, because we treat uds paths as NUL-terminated strings.
-
Nils Goroll authored
-
Nils Goroll authored
We use the commonplace @<name> syntax to specify abstract socket names. Implements #3863
-
Nils Goroll authored
Motivated by #3864
-
Nils Goroll authored
This commit was guided by the cocci patch below, but lines to change were manually selected. Motivated by #3864 --- 8< --- @@ expression path; @@ - *path == '/' + VUS_is(path) @@ expression path; @@ - *path != '/' + ! VUS_is(path)
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 20 Nov, 2022 1 commit
-
-
Nils Goroll authored
we only forwarded the result from a single read(), which might have missed information on the actual error.
-
- 16 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
space for larger XIDs. Add a version field.
-
- 15 Nov, 2022 1 commit
-
-
Poul-Henning Kamp authored
-
- 14 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Nils Goroll authored
We had three call sites, one with and two without size checking. Other improvements: - zero (struct sockaddr_un).sun_path - set errno if the path argument does not fit Motivated by: #3863
-
- 08 Nov, 2022 5 commits
-
-
Nils Goroll authored
to anchor patches
-
Nils Goroll authored
As far as I can see, this is only used in the vim->n_ stats, which are, apparently, not used anywhere.
-
Asad Sajjad Ahmed authored
Check for correct handling of missing pseudo-headers, and invalid characters. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>
-
Asad Sajjad Ahmed authored
We should apply the same restrictions on the list of allowed characters inside H/2 pseudo-headers as we do for H/1. This error is translated into the headers we send to a backend over H/1. Failure to do so could permit various exploits against a backend not handling malformed H/1 requests. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>
-
Martin Blix Grydeland authored
This expands the perfect hash lookup table to be able to match any entry in the list of well-known headers from tbl/http_headers.h. Previously only the headers that had a non-zero filter flag section was kept in the fast match table. Fixes: VSV00010
-
- 07 Nov, 2022 6 commits
-
-
Nils Goroll authored
We do not need to periodically check the conditions in obj_extend_condwait() if we ensure that HSH_Cancel() triggers a wakeup. Readers on private objects need to ensure they call HSH_Cancel() if they abort the read, so this is consistent with our requirements. While we could add a seperate function to the object API for the sole purpose of signaling a cancel, HSH_Cancel() already calls ObjWaitState() to syncronize with the backend thread, so adding the signal there was deemed the simpler solution. As agreed during bugwash, Martin wants to add back the timeout as an optinal parameter (default: no timeout).
-
Alf-André Walla authored
To override the global parameter on a per-fetch basis. Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Alf-André Walla authored
It pauses the fetch progress when clients are lagging behind for uncacheable streaming deliveries. Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Alf-André Walla authored
Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Alf-André Walla authored
This clarifies which length this field is about. Better diff with the --word-diff --word-diff-regex='\w+' options. Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
-
Poul-Henning Kamp authored
-
- 31 Oct, 2022 3 commits
-
-
Poul-Henning Kamp authored
(May not work due to termcap/terminfo differences)
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 26 Oct, 2022 3 commits
-
-
Nils Goroll authored
-
Nils Goroll authored
Due to string folding, I expect this change to be fully backwards compatible - even with std.integert(req.xid) as proven by the vtcs which I am about to change.
-
Poul-Henning Kamp authored
-
- 25 Oct, 2022 1 commit
-
-
Poul-Henning Kamp authored
-