Merge pull request #168 from tedjpoole/merge-upstream-changes-1.28

Merge upstream envoy[release/v1.28] changes
envoyproxy · Jun 10, 2024 · 94f9d9b · 94f9d9b
2 parents 08c2341 + 442ab29
commit 94f9d9b
Show file tree

Hide file tree

Showing 71 changed files with 1,192 additions and 414 deletions.
diff --git a/VERSION.txt b/VERSION.txt
@@ -1 +1 @@
-1.28.3
+1.28.5-dev
diff --git a/bazel/external/quiche_sequencer_fix.patch b/bazel/external/quiche_sequencer_fix.patch
@@ -0,0 +1,16 @@
+# Fix https://github.com/envoyproxy/envoy-setec/issues/1496#issue-2251291349
+
+diff --git a/quiche/quic/core/quic_stream_sequencer_buffer.cc b/quiche/quic/core/quic_stream_sequencer_buffer.cc
+index d364d61bc..0966af4b0 100644
+--- a/quiche/quic/core/quic_stream_sequencer_buffer.cc
++++ b/quiche/quic/core/quic_stream_sequencer_buffer.cc
+@@ -388,7 +388,8 @@ bool QuicStreamSequencerBuffer::PeekRegion(QuicStreamOffset offset,
+
+   // Determine if entire block has been received.
+   size_t end_block_idx = GetBlockIndex(FirstMissingByte());
+-  if (block_idx == end_block_idx) {
++  if (block_idx == end_block_idx &&
++      block_offset < GetInBlockOffset(FirstMissingByte())) {
+     // Only read part of block before FirstMissingByte().
+     iov->iov_len = GetInBlockOffset(FirstMissingByte()) - block_offset;
+   } else {
diff --git a/bazel/external/quiche_stream_fix.patch b/bazel/external/quiche_stream_fix.patch
@@ -0,0 +1,49 @@
+# Fix https://github.com/envoyproxy/envoy-setec/issues/1496#issuecomment-2064844217
+
+diff --git a/quiche/quic/core/http/quic_spdy_stream.cc b/quiche/quic/core/http/quic_spdy_stream.cc
+index 4a5c2ede2..d69895055 100644
+--- a/quiche/quic/core/http/quic_spdy_stream.cc
++++ b/quiche/quic/core/http/quic_spdy_stream.cc
+@@ -1865,6 +1865,18 @@ bool QuicSpdyStream::AreHeaderFieldValuesValid(
+   return true;
+ }
+
++void QuicSpdyStream::StopReading() {
++  QuicStream::StopReading();
++  if (GetQuicReloadableFlag(
++          quic_stop_reading_also_stops_header_decompression) &&
++      VersionUsesHttp3(transport_version()) && !fin_received() &&
++      spdy_session_->qpack_decoder()) {
++    // Clean up Qpack decoding states.
++    spdy_session_->qpack_decoder()->OnStreamReset(id());
++    qpack_decoded_headers_accumulator_.reset();
++  }
++}
++
+ void QuicSpdyStream::OnInvalidHeaders() { Reset(QUIC_BAD_APPLICATION_PAYLOAD); }
+
+ void QuicSpdyStream::CloseReadSide() {
+diff --git a/quiche/quic/core/http/quic_spdy_stream.h b/quiche/quic/core/http/quic_spdy_stream.h
+index 10c34b10f..5c0cb0128 100644
+--- a/quiche/quic/core/http/quic_spdy_stream.h
++++ b/quiche/quic/core/http/quic_spdy_stream.h
+@@ -117,6 +117,7 @@ class QUICHE_EXPORT QuicSpdyStream
+
+   // QuicStream implementation
+   void OnClose() override;
++  void StopReading() override;
+
+   // Override to maybe close the write side after writing.
+   void OnCanWrite() override;
+diff --git a/quiche/quic/core/quic_flags_list.h b/quiche/quic/core/quic_flags_list.h
+index a38a699ec..58b052015 100644
+--- a/quiche/quic/core/quic_flags_list.h
++++ b/quiche/quic/core/quic_flags_list.h
+@@ -105,5 +105,7 @@ QUIC_FLAG(quic_reloadable_flag_quic_bbr2_probe_two_rounds, true)
+ QUIC_FLAG(quic_reloadable_flag_quic_bbr2_simplify_inflight_hi, true)
+ // When true, the BBR4 copt sets the extra_acked window to 20 RTTs and BBR5 sets it to 40 RTTs.
+ QUIC_FLAG(quic_reloadable_flag_quic_bbr2_extra_acked_window, true)
++// If true, QUIC stream will not continue decompressing buffer headers after StopReading() called.
++QUIC_FLAG(quic_reloadable_flag_quic_stop_reading_also_stops_header_decompression, true)
+ // When true, we will send HTTP/3 setting 0x33 to indicate that we support RFC 9297.
+ QUIC_FLAG(quic_reloadable_flag_quic_enable_h3_datagrams, true)
diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl
@@ -1012,6 +1012,11 @@ def _com_github_google_quiche():
     external_http_archive(
         name = "com_github_google_quiche",
         patch_cmds = ["find quiche/ -type f -name \"*.bazel\" -delete"],
+        patches = [
+            "@envoy//bazel/external:quiche_sequencer_fix.patch",
+            "@envoy//bazel/external:quiche_stream_fix.patch",
+        ],
+        patch_args = ["-p1"],
         build_file = "@envoy//bazel/external:quiche.BUILD",
     )
     native.bind(

diff --git a/changelogs/1.27.6.yaml b/changelogs/1.27.6.yaml
@@ -0,0 +1,33 @@
+date: June 4, 2024
+
+bug_fixes:
+- area: router
+  change: |
+    Fix a timing issue when upstream requests are empty when decoding data and send local reply when that happends. This is
+    controlled by ``envoy_reloadable_features_send_local_reply_when_no_buffer_and_upstream_request``.
+- area: quic
+  change: |
+    Applied 2 QUICHE patches for crash bugs in ``QuicSpdyStream`` ``OnDataAvailable()`` and ``OnInitialHeaderComplete()``.
+- area: quic
+  change: |
+    Fixed crash bug when QUIC downstream stream was read closed and then timed out.
+- area: decompression
+  change: |
+    Fixed a bug where Envoy will go into an endless loop when using the brotli decompressor. If the input stream has
+    redundant data, the decompressor will loop forever.
+- area: websocket
+  change: |
+    Only 101 is considered a successful response for websocket handshake for HTTP/1.1, and Envoy as a proxy will proxy the response
+    header from upstream to downstream and then close the request if other status is received. This behavior can be
+    reverted by ``envoy_reloadable_features_check_switch_protocol_websocket_handshake``.
+- area: async http client
+  change: |
+    Added one option to disable the response body buffering for mirror request. Also introduced a 32MB cap for the response
+    buffer, which can be changed by the runtime flag ``http.async_response_buffer_limit`` based on the product needs.
+
+removed_config_or_runtime:
+# *Normally occurs at the end of the* :ref:`deprecation period <deprecated>`
+
+new_features:
+
+deprecated:
diff --git a/changelogs/1.28.3.yaml b/changelogs/1.28.3.yaml
@@ -0,0 +1,7 @@
+date: April 18, 2024
+
+bug_fixes:
+- area: tls
+  change: |
+    Fix a RELEASE_ASSERT when using :ref:`auto_sni <envoy_v3_api_field_config.core.v3.UpstreamHttpProtocolOptions.auto_sni>`
+    if the downstream request ``:authority`` was longer than 255 characters.
diff --git a/changelogs/1.28.4.yaml b/changelogs/1.28.4.yaml
@@ -0,0 +1,26 @@
+date: June 5, 2024
+
+bug_fixes:
+- area: router
+  change: |
+    Fix a timing issue when upstream requests are empty when decoding data and send local reply when that happends. This is
+    controlled by ``envoy_reloadable_features_send_local_reply_when_no_buffer_and_upstream_request``.
+- area: quic
+  change: |
+    Applied 2 QUICHE patches for crash bugs in ``QuicSpdyStream`` ``OnDataAvailable()`` and ``OnInitialHeaderComplete()``.
+- area: quic
+  change: |
+    Fixed crash bug when QUIC downstream stream was read closed and then timed out.
+- area: decompression
+  change: |
+    Fixed a bug where Envoy will go into an endless loop when using the brotli decompressor. If the input stream has
+    redundant data, the decompressor will loop forever.
+- area: websocket
+  change: |
+    Only 101 is considered a successful response for websocket handshake for HTTP/1.1, and Envoy as a proxy will proxy the response
+    header from upstream to downstream and then close the request if other status is received. This behavior can be
+    reverted by ``envoy_reloadable_features_check_switch_protocol_websocket_handshake``.
+- area: async http client
+  change: |
+    Added one option to disable the response body buffering for mirror request. Also introduced a 32MB cap for the response
+    buffer, which can be changed by the runtime flag ``http.async_response_buffer_limit`` based on the product needs.
diff --git a/changelogs/current.yaml b/changelogs/current.yaml
@@ -1,7 +1,17 @@
-date: April 18, 2024
+date: Pending
+
+behavior_changes:
+# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required*
+
+minor_behavior_changes:
+# *Changes that may cause incompatibilities for some users, but should not for most*
 
 bug_fixes:
-- area: tls
-  change: |
-    Fix a RELEASE_ASSERT when using :ref:`auto_sni <envoy_v3_api_field_config.core.v3.UpstreamHttpProtocolOptions.auto_sni>`
-    if the downstream request ``:authority`` was longer than 255 characters.
+# *Changes expected to improve the state of the world and are unlikely to have negative effects*
+
+removed_config_or_runtime:
+# *Normally occurs at the end of the* :ref:`deprecation period <deprecated>`
+
+new_features:
+
+deprecated:
diff --git a/ci/Dockerfile-envoy b/ci/Dockerfile-envoy
@@ -1,5 +1,5 @@
 ARG BUILD_OS=ubuntu
-ARG BUILD_TAG=20.04@sha256:71b82b8e734f5cd0b3533a16f40ca1271f28d87343972bb4cd6bd6c38f1bd38e
+ARG BUILD_TAG=20.04@sha256:0b897358ff6624825fb50d20ffb605ab0eaea77ced0adb8c6a4b756513dec6fc
 ARG ENVOY_VRP_BASE_IMAGE=envoy-base
 
 
@@ -58,7 +58,7 @@ COPY --chown=0:0 --chmod=755 \
 
 
 # STAGE: envoy-distroless
-FROM gcr.io/distroless/base-nossl-debian12:nonroot@sha256:0cf184cfdb9ac2878822b15b8917fae5d42fba26da654cd75ab3ed34add0737f AS envoy-distroless
+FROM gcr.io/distroless/base-nossl-debian12:nonroot@sha256:8a09e5752fb3ab9c9534fcc627eb1f451cd9bcfe66a6b149df62dcb84fb841a6 AS envoy-distroless
 EXPOSE 10000
 ENTRYPOINT ["/usr/local/bin/envoy"]
 CMD ["-c", "/etc/envoy/envoy.yaml"]

diff --git a/contrib/golang/filters/http/test/test_data/access_log/go.mod b/contrib/golang/filters/http/test/test_data/access_log/go.mod
@@ -4,6 +4,6 @@ go 1.20
 
 require github.com/envoyproxy/envoy v1.24.0
 
-require google.golang.org/protobuf v1.30.0 // indirect
+require google.golang.org/protobuf v1.33.0
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/basic/go.mod b/contrib/golang/filters/http/test/test_data/basic/go.mod
@@ -4,6 +4,6 @@ go 1.20
 
 require github.com/envoyproxy/envoy v1.24.0
 
-require google.golang.org/protobuf v1.30.0 // indirect
+require google.golang.org/protobuf v1.33.0 // indirect
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/buffer/go.mod b/contrib/golang/filters/http/test/test_data/buffer/go.mod
@@ -3,8 +3,8 @@ module example.com/buffer
 go 1.20
 
 require (
-    github.com/envoyproxy/envoy v1.24.0
-    google.golang.org/protobuf v1.31.0
+	github.com/envoyproxy/envoy v1.24.0
+	google.golang.org/protobuf v1.34.1
 )
 
 replace github.com/envoyproxy/envoy => ../../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/dummy/go.mod b/contrib/golang/filters/http/test/test_data/dummy/go.mod
@@ -4,6 +4,6 @@ go 1.20
 
 require github.com/envoyproxy/envoy v1.24.0
 
-require google.golang.org/protobuf v1.30.0 // indirect
+require google.golang.org/protobuf v1.33.0 // indirect
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/echo/go.mod b/contrib/golang/filters/http/test/test_data/echo/go.mod
@@ -10,10 +10,9 @@ require (
 require github.com/google/go-cmp v0.5.9 // indirect
 
 require (
-	github.com/envoyproxy/protoc-gen-validate v0.9.1 // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
-	google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
-	google.golang.org/protobuf v1.31.0
+	github.com/envoyproxy/protoc-gen-validate v1.0.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	google.golang.org/protobuf v1.33.0
 )
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/metric/go.mod b/contrib/golang/filters/http/test/test_data/metric/go.mod
@@ -4,6 +4,6 @@ go 1.20
 
 require github.com/envoyproxy/envoy v1.24.0
 
-require google.golang.org/protobuf v1.30.0 // indirect
+require google.golang.org/protobuf v1.33.0
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/passthrough/go.mod b/contrib/golang/filters/http/test/test_data/passthrough/go.mod
@@ -4,6 +4,6 @@ go 1.20
 
 require github.com/envoyproxy/envoy v1.24.0
 
-require google.golang.org/protobuf v1.30.0 // indirect
+require google.golang.org/protobuf v1.33.0 // indirect
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/property/go.mod b/contrib/golang/filters/http/test/test_data/property/go.mod
@@ -3,8 +3,8 @@ module example.com/property
 go 1.20
 
 require (
-    github.com/envoyproxy/envoy v1.24.0
-    google.golang.org/protobuf v1.31.0
+	github.com/envoyproxy/envoy v1.24.0
+	google.golang.org/protobuf v1.34.0
 )
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/http/test/test_data/routeconfig/go.mod b/contrib/golang/filters/http/test/test_data/routeconfig/go.mod
@@ -10,10 +10,9 @@ require (
 require github.com/google/go-cmp v0.5.9 // indirect
 
 require (
-	github.com/envoyproxy/protoc-gen-validate v0.9.1 // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
-	google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
-	google.golang.org/protobuf v1.31.0
+	github.com/envoyproxy/protoc-gen-validate v1.0.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	google.golang.org/protobuf v1.33.0
 )
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/contrib/golang/filters/network/test/test_data/go.mod b/contrib/golang/filters/network/test/test_data/go.mod
@@ -4,6 +4,6 @@ go 1.18
 
 require github.com/envoyproxy/envoy v1.24.0
 
-require google.golang.org/protobuf v1.30.0 // indirect
+require google.golang.org/protobuf v1.33.0 // indirect
 
 replace github.com/envoyproxy/envoy => ../../../../../../
diff --git a/contrib/golang/router/cluster_specifier/test/test_data/simple/go.mod b/contrib/golang/router/cluster_specifier/test/test_data/simple/go.mod
@@ -12,8 +12,7 @@ require github.com/google/go-cmp v0.5.9 // indirect
 require (
 	github.com/envoyproxy/protoc-gen-validate v0.10.1 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
-	google.golang.org/protobuf v1.31.0
+	google.golang.org/protobuf v1.33.0
 )
 
 replace github.com/envoyproxy/envoy => ../../../../../../../
diff --git a/docs/inventories/v1.27/objects.inv b/docs/inventories/v1.27/objects.inv
diff --git a/docs/inventories/v1.28/objects.inv b/docs/inventories/v1.28/objects.inv
diff --git a/docs/versions.yaml b/docs/versions.yaml
@@ -20,5 +20,5 @@
 "1.24": 1.24.12
 "1.25": 1.25.11
 "1.26": 1.26.8
-"1.27": 1.27.5
-"1.28": 1.28.2
+"1.27": 1.27.6
+"1.28": 1.28.3
diff --git a/envoy/http/async_client.h b/envoy/http/async_client.h
@@ -45,7 +45,9 @@ class AsyncClient {
    */
   enum class FailureReason {
     // The stream has been reset.
-    Reset
+    Reset,
+    // The stream exceeds the response buffer limit.
+    ExceedResponseBufferLimit
   };
 
   /**
@@ -291,6 +293,11 @@ class AsyncClient {
       return *this;
     }
 
+    StreamOptions& setDiscardResponseBody(bool discard) {
+      discard_response_body = discard;
+      return *this;
+    }
+
     // For gmock test
     bool operator==(const StreamOptions& src) const {
       return timeout == src.timeout && buffer_body_for_retry == src.buffer_body_for_retry &&
@@ -328,6 +335,7 @@ class AsyncClient {
     OptRef<Router::FilterConfig> filter_config_;
 
     bool is_shadow{false};
+    bool discard_response_body{false};
   };
 
   /**
@@ -391,6 +399,10 @@ class AsyncClient {
       buffer_limit_ = limit;
       return *this;
     }
+    RequestOptions& setDiscardResponseBody(bool discard) {
+      discard_response_body = discard;
+      return *this;
+    }
 
     // For gmock test
     bool operator==(const RequestOptions& src) const {

diff --git a/envoy/http/filter.h b/envoy/http/filter.h
@@ -236,6 +236,11 @@ class UpstreamStreamFilterCallbacks {
   virtual bool pausedForConnect() const PURE;
   virtual void setPausedForConnect(bool value) PURE;
 
+  // Setters and getters to determine if sending body payload is paused on
+  // confirmation of a WebSocket upgrade. These should only be used by the upstream codec filter.
+  virtual bool pausedForWebsocketUpgrade() const PURE;
+  virtual void setPausedForWebsocketUpgrade(bool value) PURE;
+
   // Return the upstreamStreamOptions for this stream.
   virtual const Http::ConnectionPool::Instance::StreamOptions& upstreamStreamOptions() const PURE;
 

diff --git a/envoy/stream_info/stream_info.h b/envoy/stream_info/stream_info.h
@@ -144,6 +144,8 @@ struct ResponseCodeDetailValues {
   const std::string PathNormalizationFailed = "path_normalization_failed";
   // The request was rejected because it attempted an unsupported upgrade.
   const std::string UpgradeFailed = "upgrade_failed";
+  // The websocket handshake is unsuccessful and only SwitchingProtocols is considering successful.
+  const std::string WebsocketHandshakeUnsuccessful = "websocket_handshake_unsuccessful";
 
   // The request was rejected by the HCM because there was no route configuration found.
   const std::string RouteConfigurationNotFound = "route_configuration_not_found";

diff --git a/examples/golang-http/simple/go.mod b/examples/golang-http/simple/go.mod
@@ -7,13 +7,12 @@ go 1.20
 require (
 	github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195
 	github.com/envoyproxy/envoy v1.24.0
-	google.golang.org/protobuf v1.31.0
+	google.golang.org/protobuf v1.34.1
 )
 
 require (
 	github.com/envoyproxy/protoc-gen-validate v0.9.1 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
 	google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
 )