Skip to content
Permalink
Branch: master
Commits on Oct 19, 2019
  1. Use shared instead of unique ptr to avoid conversion (#8677)

    rgs1 authored and mattklein123 committed Oct 19, 2019
    addStreamDecoderFilter() takes a shared ptr.
    
    Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
  2. ci: sanitize vptr and function (#8631)

    lizan committed Oct 19, 2019
    Risk Level: Low
    Testing: CI
    Docs Changes:
    Release Notes:
    
    Signed-off-by: Lizan Zhou <lizan@tetrate.io>
  3. Revert "spelling: improve camel case handling, disallow run-together …

    mattklein123 committed Oct 19, 2019
    …words (#8670)" (#8676)
    
    This reverts commit 596cd48.
    
    Signed-off-by: Matt Klein <mklein@lyft.com>
  4. spelling: improve camel case handling, disallow run-together words (#…

    zuercher authored and mattklein123 committed Oct 19, 2019
    …8670)
    
    Modifies the pedantic spell checker to better handle camel-case words.
    Each part the word is now treated as a separate error in both the check
    and fix modes.
    
    Disables run-together mode for aspell, which allowed typos such as
    "mananger" (man + anger). Fixes the resulting spelling errors.
    
    Miscellaneous other fixes:
    * Provides an option to replace a word without adding the word to the
      dictionary (in case aspell's suggestions do not contain the correct
      replacement).
    * Fixes a bug in the script when no suggestions are returned by aspell.
    * Checks the dictionary and added words for invalid characters that cause
      aspell errors at dictionary load time.
    * Sets the mark flag when in CI runs so that misspelled words are indicated.
    * Culls words from the dictionary that are no longer in the codebase, or are
      otherwise not needed.
    
    Risk Level: low (comments only)
    Testing: n/a
    Doc Changes: n/a
    Release Notes: n/a
    Fixes: #8481
    
    Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
  5. add new section in stats.md and reference it in stats_integration_tes…

    jmarantz authored and mattklein123 committed Oct 19, 2019
    …t in the memory tests. (#8674)
    
    Signed-off-by: Joshua Marantz <jmarantz@google.com>
  6. docs: fixed wrong reference in the (#8665)

    plallin authored and mattklein123 committed Oct 19, 2019
    Signed-off-by: Pauline <pauline.lallinec@gmail.com>
  7. filter: delete messageValidationVisitor from serverfactorycontext (#8673

    lambdai authored and mattklein123 committed Oct 19, 2019
    )
    
    Signed-off-by: Yuchen Dai <silentdai@gmail.com>
  8. fuzz: compressor_fuzz_test. (#8661)

    htuch authored and mattklein123 committed Oct 19, 2019
    Fuzzer for zlib compression. While the zlib project has its own fuzzer, this
    fuzzer validates that the Envoy wiring around zlib makes sense and the specific
    ways we configure it are safe. The fuzzer below validates a round trip
    compress-decompress pair; the decompressor itself is not fuzzed beyond whatever
    the compressor emits, as it exists only as a test utility today.
    
    This PR also introduces the ability for envoy_cc_fuzz_test targets to
    depend on FuzzedDataProvider. This is a high performance alternative to
    libproto-mutator for structured data when the abstraction level matches,
    e.g. low level binary formats. See
    https://github.com/google/fuzzing/blob/master/docs/split-inputs.md#fuzzed-data-provider
    for further details.
    
    Risk level: Low (test only)
    Testing: bazel run //test/common/compressor:compressor_fuzz_test_with_libfuzzer --config=asan-fuzzer
    
    Signed-off-by: Harvey Tuch <htuch@google.com>
  9. build: run tools/proto_format.sh on master to fix build (#8671)

    zuercher authored and mattklein123 committed Oct 19, 2019
    Risk Level: low
    Testing: n/a
    Docs Changes: n/a
    Release Notes: n/a
    
    Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Commits on Oct 18, 2019
  1. server: Introduce ServerFactoryContext (#8485)

    lambdai authored and htuch committed Oct 18, 2019
    Introduce ServerFactoryContext which is an implementation of CommonFactoryContext. Comparing to ListenerFactoryContext, ServerFactoryContext has a wider lifetime.
    This is the prerequisite to share rds configuration among listeners.
    
    Also experimenting move messageValidateVisitor out of CommonFactoryContext. The benefit is that now Server::Instance perfectly implements CommonFactoryContext.
    
    ServerFactoryContext doesn't implement the function. The test shows it is never invoked.
    Will put messageValidateVisitor into FactoryContext: this piece of work will be done in follow up PR
    
    This PR is extracted from #8454
    
    Fixes #8303
    
    Signed-off-by: Yuchen Dai <silentdai@gmail.com>
  2. fuzz: json_fuzz_test for RapidJSON and Protobuf parsing. (#8658)

    htuch committed Oct 18, 2019
    =We have multiple third party JSON parsers in Envoy, both RapidJSON and Protobuf.
    Fuzz both RapidJSON and Protobuf JSON loading from a test corpus derived from
    json_loader_test.cc. Ideally we would be doing differential fuzzing and be
    able to compare outputs, e.g. success/failure, recursive traversal of the
    structured objects for equivalence checking. However, even on basic files
    with non-printable ASCII, there are some difference, so we'll need to think a
    bit more about the modulo operator we want to use. For now, at least we get
    crash fuzzing.
    
    While both libraries already have some fuzzing, this allows us to
    trust-but-verify and provides a platform to allow us to do differential
    fuzzing in the future.
    
    This fuzzer seems quite healthy, it's clipping along at ~2k exec/s.
    
    Risk level: Low
    Testing: bazel run //test/common/json:json_fuzz_test_with_libfuzzer --config asan-fuzzer
    
    Signed-off-by: Harvey Tuch <htuch@google.com>
  3. Feature support connection info in route matching (#8453)

    jimini-lumox authored and htuch committed Oct 18, 2019
    Add the ability to route match based on client credentials.
    
    This is an output of the changes requested for PR #8248 (#8248 (comment))
    To more cleanly support #8248 , it would be better to be able to route based on downstream connection details, instead of hoisting more information into headers.
    
    As an API example, route matching based on presented and/or expired client certificate is supported.
    The end goal for #8248 is to route based on 'validated'.
    
    By default the routing rules are unchanged.
    
    Risk Level: Medium
    Testing: Currently Manual tests
    Docs Changes: API proto changes
    Release Notes: N/A
    
    Signed-off-by: Michael Hargreaves <mik.hargreaves@gmail.com>
  4. protoxform: normal next free field annotation (#8433)

    yittg authored and htuch committed Oct 18, 2019
    Generate or format next free field annotation via protoxform.
    
    Risk Level: low
    Testing: N/A
    Docs Changes: N/A
    Release Notes: N/A
    
    Fixes #8429
    
    Signed-off-by: Yi Tang <ssnailtang@gmail.com>
  5. protoxform: erase deprecated type on hidden fields. (#8604)

    htuch committed Oct 18, 2019
    This was the root cause behind the bug in
    https://github.com/envoyproxy/envoy/pull/8508/files#r334215521.
    
    Risk level: Low
    Testing: Manual inspection of diffs. Proper tests tracked in #8428.
    
    Signed-off-by: Harvey Tuch <htuch@google.com>
  6. fuzz: a bunch of improvements to [new_]buffer_fuzz_test. (#8654)

    htuch committed Oct 18, 2019
    Motivated by the timeout in
    clusterfuzz-testcase-minimized-buffer_fuzz_test-5760708737761280 (>
    25s), it was clear that there are some major inefficiencies in how we
    fuzz the buffer implementations. This PR addresses them, namely:
    
    * The StringBuffer implementation that was used for differential
      fuzzing (for correctness) was too simplistic, and had O(n^2)
      characteristics, e.g. each action that drained a single byte forced
      the buffer to be memcopied. Replaced with a fast flat array that takes
      advantage of the bounded nature of input in the fuzz test to achieve
      optimal operations, while remaining simple enough to grok.
    
    * Various accessor operations, e.g. search, were previously tested next
      to mutating operations. This is kind of expensive, as we might double
      work, or turn an O(1) operation into O(n). Instead, these are now
      modeled as explicit actions.
    
    * Used Linux perf events profiling to tune buffer and action bounds to
      improve performance. Went from > 50% of time spent in memcpy/memset to
      ~10% of time spent in the entire test code. The rest of the time is
      spent in libproto-mutator. This is in part because we use text vs.
      binary, and also because of a lack of -max_len on the fuzzer CLI.
      @asraa plans on following up on this in the future, as this is a
      general cross fuzzer concern in Envoy, we rely heavily on
      libproto-mutator.
    
    The clusterfuzz-testcase-minimized-buffer_fuzz_test-5760708737761280
    case now passes in milliseconds. With -max_len set to 512, we now
    converge  new_buffer_fuzz_test after a while at 540/s, vs. previously at
    30 exec/s (with Clang 9).
    
    Also, some other technical debt pay down and bonus items:
    
    * Fixed max allocation accounting in various places in bufferFuzz() and
      executeActions().
    
    * Tell git and GitHub to treat corpus entries similar to binary; don't
      include them in language sats for the repo.
    
    Risk level: Low (testing only)
    Testing: Built and ran test locally for ~10 minutes, no crashes.
    
    Signed-off-by: Harvey Tuch <htuch@google.com>
  7. ASSERT that transport socket callbacks are set at most once. (#8648)

    antoniovicente authored and mattklein123 committed Oct 18, 2019
    Signed-off-by: Antonio Vicente <avd@google.com>
  8. redis: redirection manager for cluster topology rediscovery (#7610)

    msukalski authored and mattklein123 committed Oct 18, 2019
    Signed-off-by: Mitch Sukalski <mitch.sukalski@workday.com>
  9. fuzz: fix adding headers in fuzz tests (#8653)

    asraa authored and htuch committed Oct 18, 2019
    Fixes a logic error in adding headers from a RouteTestCase input to a HeaderMap in route_fuzz_test. Headers were ignored unless they were in the ignore_headers list.
    
    This is at least one reason this fuzzer never produced a regex matching crash. With this fixed, a testcase was added that confirms the regex matching crash from CVE-2019-15225 (#8519).
    
    Testing: A corpus with a wildcard Regex matcher and a very long URI that produces a crash in the fuzzer. To remove this known crash in the fuzzer, Routes configured with a regex match are explicitly removed.
    
    Signed-off-by: Asra Ali <asraa@google.com>
  10. fix flake in http_subset_integration_test (#8655)

    zuercher authored and lizan committed Oct 18, 2019
    The RANDOM and LEAST_REQUEST load balancer policies randomly choose hosts
    and 10 iterations isn't enough to guarantee they'll choose both hosts in
    the subset.
    
    Risk Level: low, test only
    Testing: fixes tests
    Docs Changes: n/a
    Release Notes: n/a
    Fixes: #8643
    
    Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
  11. stats: add unit support to histogram (#8484)

    troshko111 authored and mattklein123 committed Oct 18, 2019
    Signed-off-by: Taras Roshko <troshko@netflix.com>
  12. sds: add ability to reload TLS session ticket keys (#8635)

    euroelessar authored and lizan committed Oct 18, 2019
    Description: Finish migration of TLS session ticket keys to provider-based API.
    Risk Level: Medium
    Testing: added new tests
    Docs Changes: updated
    Release Notes: updated
    Fixes #7397
    
    Signed-off-by: Ruslan Nigmatullin <elessar@dropbox.com>
Commits on Oct 17, 2019
  1. hcm: add new enum value Http3 (#8537)

    danzh2010 authored and mattklein123 committed Oct 17, 2019
    Signed-off-by: Dan Zhang <danzh@google.com>
  2. ownerscheck with labels (#8605)

    itayd authored and htuch committed Oct 17, 2019
    Configure ownerscheck to work with labels.
    
    Signed-off-by: Itay Donanhirsh <itay@bazoo.org>
  3. http: adding a default idle timeout of 1 hour (#8629)

    alyssawilk authored and mattklein123 committed Oct 17, 2019
    Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
  4. tracing: Support tracing in http/async_client (#8608)

    nareddyt authored and mattklein123 committed Oct 17, 2019
    Signed-off-by: Teju Nareddy <nareddyt@google.com>
  5. listener: split class ListenerImpl from listener_manager_impl.cc (#8596)

    lambdai authored and mattklein123 committed Oct 17, 2019
    Signed-off-by: Yuchen Dai <silentdai@gmail.com>
  6. dynamic forward proxy: implement per filter config (#8619)

    rgs1 authored and mattklein123 committed Oct 17, 2019
    Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
  7. docs: Adaptive concurrency documentation and stats (#8582)

    tonya11en authored and mattklein123 committed Oct 17, 2019
    Signed-off-by: Tony Allen <tony@allen.gg>
  8. ci: mirror .pb.go to envoyproxy/go-control-plane. (#8573)

    htuch authored and lizan committed Oct 17, 2019
    * ci: mirror .pb.go to envoyproxy/go-control-plane.
    
    This reverts "ci: temporarily disable go_mirror while figuring out SSH keys (#8311)",
    commit 98c35ef. I've added a new key pair and set this up in both
    Circle and GitHub, so pushes should now work.
    
    Signed-off-by: Harvey Tuch <htuch@google.com>
  9. build: make compilation database generation faster (#8628)

    lizan authored and htuch committed Oct 17, 2019
    Signed-off-by: Lizan Zhou <lizan@tetrate.io>
  10. stats: Remember recent lookups and display them in an admin endpoint (#…

    jmarantz committed Oct 17, 2019
    …8116)
    
    * stats: Remember recent lookups and display them in an admin endpoint 
    
    Signed-off-by: Joshua Marantz <jmarantz@google.com>
Commits on Oct 16, 2019
  1. ratelimit: Add rate limit upstream headers (#8565)

    nandu-vinodan authored and htuch committed Oct 16, 2019
    *Ability to add custom upstream headers from ratelimit service/filter.
    
    *For LimitStatus::OK, custom upstream headers are added if RLS service sends upstream headers.
    
    Risk Level: Low
    
    Testing:
    Unit and integration tests added.
    Verified with modified github.com/lyft/ratelimit service.
    Passes "bazel test //test/..." in Linux
    Docs Changes: protobuf documentation updated
    
    Release Notes: ratelimit: support for adding custom headers to upstream server
    from ratelimit service
    
    ** Issues: #6141
    
    Signed-off-by: Nandu Vinodan <nandu.vinodan@freshworks.com>
  2. ci: enable release from Azp (#8580)

    lizan committed Oct 16, 2019
    Risk Level: Med
    Testing: manual azp run
    Docs Changes: N/A
    Release Notes: N/A
    
    Signed-off-by: Lizan Zhou <lizan@tetrate.io>
  3. build: use clang-9 (#8613)

    lizan committed Oct 16, 2019
    Risk Level: Med
    Testing: CI
    Docs Changes: N/A
    Release Notes: N/A
    
    Signed-off-by: Lizan Zhou <lizan@tetrate.io>
  4. fuzz: improve the performance of H/2 stateless header fuzzers (#8477)

    asraa authored and htuch committed Oct 16, 2019
    This test demonstrates the concept to avoid recreating the mocks fuzz tests to improve performance. On each Replay, a new Test(Client/Server)ConnectionImpl is created using static mock objects. This connection instantiates a new nghttp2 session for each testcase. Writing something to the codecs uses the freshly created connections. In response_header_fuzz_test a new stream Http::StreamEncoder also needs to be created to reply to.
    
    Performance (previously 45 exec/sec):
    ~1000 exec/sec for request_header_fuzz_test
    ~500 exec/sec for response_header_fuzz_test
    Risk level: Low
    
    Signed-off-by: Asra Ali <asraa@google.com>
Older
You can’t perform that action at this time.