diff --git a/.bazelrc b/.bazelrc index 10c6b7439f..9bfd858fe7 100644 --- a/.bazelrc +++ b/.bazelrc @@ -25,6 +25,7 @@ build --copt=-DABSL_MIN_LOG_LEVEL=4 build --define envoy_mobile_listener=enabled build --experimental_repository_downloader_retries=2 build --enable_platform_specific_config +build --incompatible_merge_fixed_and_default_shell_env # Pass CC, CXX and LLVM_CONFIG variables from the environment. # We assume they have stable values, so this won't cause action cache misses. diff --git a/OWNERS.md b/OWNERS.md index c001eb66a1..3ba38ffed2 100644 --- a/OWNERS.md +++ b/OWNERS.md @@ -76,7 +76,6 @@ without further review. * All senior maintainers * Tony Allen ([tonya11en](https://github.com/tonya11en)) (tony@allen.gg) -* Otto van der Schaaf ([oschaaf](https://github.com/oschaaf)) (oschaaf@redhat.com) * Tim Walsh ([twghu](https://github.com/twghu)) (twalsh@redhat.com) * Pradeep Rao ([pradeepcrao](https://github.com/pradeepcrao)) (pcrao@google.com) * Kateryna Nezdolii ([nezdolik](https://github.com/nezdolik)) (kateryna.nezdolii@gmail.com) diff --git a/api/bazel/repository_locations.bzl b/api/bazel/repository_locations.bzl index 6c353c8591..dc3c4389c3 100644 --- a/api/bazel/repository_locations.bzl +++ b/api/bazel/repository_locations.bzl @@ -79,9 +79,9 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "Google APIs", project_desc = "Public interface definitions of Google APIs", project_url = "https://github.com/googleapis/googleapis", - version = "114a745b2841a044e98cdbb19358ed29fcf4a5f1", - sha256 = "9b4e0d0a04a217c06b426aefd03b82581a9510ca766d2d1c70e52bb2ad4a0703", - release_date = "2023-01-10", + version = "fd52b5754b2b268bc3a22a10f29844f206abb327", + sha256 = "97fc354dddfd3ea03e7bf2ad74129291ed6fad7ff39d3bd8daec738a3672eb8a", + release_date = "2024-09-16", strip_prefix = "googleapis-{version}", urls = ["https://github.com/googleapis/googleapis/archive/{version}.tar.gz"], use_category = ["api"], diff --git a/api/envoy/config/listener/v3/quic_config.proto b/api/envoy/config/listener/v3/quic_config.proto index 6ba5bbc56b..6c0a5bd201 100644 --- a/api/envoy/config/listener/v3/quic_config.proto +++ b/api/envoy/config/listener/v3/quic_config.proto @@ -25,7 +25,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: QUIC listener config] // Configuration specific to the UDP QUIC listener. -// [#next-free-field: 13] +// [#next-free-field: 14] message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.QuicProtocolOptions"; @@ -94,4 +94,9 @@ message QuicProtocolOptions { // If not specified, no cmsg will be saved to QuicReceivedPacket. repeated core.v3.SocketCmsgHeaders save_cmsg_config = 12 [(validate.rules).repeated = {max_items: 1}]; + + // If true, the listener will reject connection-establishing packets at the + // QUIC layer by replying with an empty version negotiation packet to the + // client. + bool reject_new_connections = 13; } diff --git a/bazel/external/cargo/remote/BUILD.protobuf-2.24.1.bazel b/bazel/external/cargo/remote/BUILD.protobuf-2.24.1.bazel index 9917db62f5..b818daadb7 100644 --- a/bazel/external/cargo/remote/BUILD.protobuf-2.24.1.bazel +++ b/bazel/external/cargo/remote/BUILD.protobuf-2.24.1.bazel @@ -33,7 +33,7 @@ licenses([ # buildifier: disable=out-of-order-load # buildifier: disable=load-on-top load( - "@rules_rust//cargo:cargo_build_script.bzl", + "@rules_rust//cargo:defs.bzl", "cargo_build_script", ) diff --git a/bazel/repository_locations.bzl b/bazel/repository_locations.bzl index d382a58b13..94f70cfb36 100644 --- a/bazel/repository_locations.bzl +++ b/bazel/repository_locations.bzl @@ -33,11 +33,11 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "Bazel features", project_desc = "Support Bazel feature detection from starlark", project_url = "https://github.com/bazel-contrib/bazel_features", - version = "1.15.0", - sha256 = "ba1282c1aa1d1fffdcf994ab32131d7c7551a9bc960fbf05f42d55a1b930cbfb", + version = "1.17.0", + sha256 = "bdc12fcbe6076180d835c9dd5b3685d509966191760a0eb10b276025fcb76158", urls = ["https://github.com/bazel-contrib/bazel_features/releases/download/v{version}/bazel_features-v{version}.tar.gz"], strip_prefix = "bazel_features-{version}", - release_date = "2024-08-09", + release_date = "2024-09-13", use_category = ["build"], license = "Apache-2.0", license_url = "https://github.com/bazel-contrib/bazel_features/blob/v{version}/LICENSE", @@ -1424,12 +1424,12 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "WebAssembly for Proxies (Rust SDK)", project_desc = "WebAssembly for Proxies (Rust SDK)", project_url = "https://github.com/proxy-wasm/proxy-wasm-rust-sdk", - version = "0.2.1", - sha256 = "23f3f2d8c4c8069a2e72693b350d7442b7722d334f73169eea78804ff70cde20", + version = "0.2.2", + sha256 = "3d9e8f39f0356016c8ae6c74c0224eae1b44168be0ddf79e387d918a8f2cb4c6", strip_prefix = "proxy-wasm-rust-sdk-{version}", urls = ["https://github.com/proxy-wasm/proxy-wasm-rust-sdk/archive/v{version}.tar.gz"], use_category = ["test_only"], - release_date = "2022-11-22", + release_date = "2024-07-21", cpe = "N/A", license = "Apache-2.0", license_url = "https://github.com/proxy-wasm/proxy-wasm-rust-sdk/blob/v{version}/LICENSE", @@ -1452,9 +1452,9 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "Bazel rust rules", project_desc = "Bazel rust rules (used by Wasm)", project_url = "https://github.com/bazelbuild/rules_rust", - version = "0.35.0", + version = "0.48.0", strip_prefix = "rules_rust-{version}", - sha256 = "3120c7aa3a146dfe6be8d5f23f4cf10af7d0f74a5aed8b94a818f88643bd24c3", + sha256 = "a4b8ede7723088dff1e909632c4282e51ddbe0e44c38eea013ee0f12d348b1c7", urls = ["https://github.com/bazelbuild/rules_rust/archive/{version}.tar.gz"], use_category = [ "controlplane", @@ -1463,7 +1463,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( ], implied_untracked_deps = ["rules_cc"], extensions = ["envoy.wasm.runtime.wasmtime"], - release_date = "2023-12-27", + release_date = "2024-07-19", cpe = "N/A", license = "Apache-2.0", license_url = "https://github.com/bazelbuild/rules_rust/blob/{version}/LICENSE.txt", diff --git a/changelogs/current.yaml b/changelogs/current.yaml index a8f9ca6d88..e60a462af2 100644 --- a/changelogs/current.yaml +++ b/changelogs/current.yaml @@ -248,6 +248,11 @@ new_features: QUIC server and client support certificate compression, which can in some cases reduce the number of round trips required to setup a connection. This change temporarily disabled by setting the runtime flag ``envoy.reloadable_features.quic_support_certificate_compression`` to ``false``. +- area: quic + change: | + Added QUIC protocol option :ref:`reject_new_connections + ` to reject connection-establishing + packets at the QUIC layer. - area: tls change: | Added an extension point :ref:`custom_tls_certificate_selector diff --git a/contrib/golang/filters/http/source/golang_filter.cc b/contrib/golang/filters/http/source/golang_filter.cc index 226a6656ec..cc4bd5c294 100644 --- a/contrib/golang/filters/http/source/golang_filter.cc +++ b/contrib/golang/filters/http/source/golang_filter.cc @@ -1377,16 +1377,13 @@ void Filter::deferredDeleteRequest(HttpRequestInternal* req) { uint64_t Filter::getMergedConfigId() { Http::StreamFilterCallbacks* callbacks = decoding_state_.getFilterCallbacks(); + auto id = config_->getConfigId(); + // get all of the per route config auto route_config_list = Http::Utility::getAllPerFilterConfig(callbacks); - ENVOY_LOG(debug, "golang filter route config list length: {}.", route_config_list.size()); - - auto id = config_->getConfigId(); - for (auto it : route_config_list) { - ASSERT(it != nullptr, "route config should not be null"); - auto route_config = *it; - id = route_config.getPluginConfigId(id, config_->pluginName()); + for (const FilterConfigPerRoute& typed_config : route_config_list) { + id = typed_config.getPluginConfigId(id, config_->pluginName()); } return id; diff --git a/source/common/api/posix/os_sys_calls_impl.cc b/source/common/api/posix/os_sys_calls_impl.cc index 3fab0afc1b..ad078c7f4d 100644 --- a/source/common/api/posix/os_sys_calls_impl.cc +++ b/source/common/api/posix/os_sys_calls_impl.cc @@ -109,9 +109,6 @@ bool OsSysCallsImpl::supportsUdpGro() const { #else static const bool is_supported = [] { int fd = ::socket(AF_INET, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); - if (fd < 0) { - return false; - } int val = 1; bool result = (0 == ::setsockopt(fd, IPPROTO_UDP, UDP_GRO, &val, sizeof(val))); ::close(fd); @@ -127,9 +124,6 @@ bool OsSysCallsImpl::supportsUdpGso() const { #else static const bool is_supported = [] { int fd = ::socket(AF_INET, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); - if (fd < 0) { - return false; - } int optval; socklen_t optlen = sizeof(optval); bool result = (0 <= ::getsockopt(fd, IPPROTO_UDP, UDP_SEGMENT, &optval, &optlen)); @@ -160,9 +154,6 @@ bool OsSysCallsImpl::supportsIpTransparent(Network::Address::IpVersion ip_versio static constexpr auto transparent_supported = [](int family) { auto opt_tp = family == AF_INET ? ENVOY_SOCKET_IP_TRANSPARENT : ENVOY_SOCKET_IPV6_TRANSPARENT; int fd = ::socket(family, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); - if (fd < 0) { - return false; - } int val = 1; bool result = (0 == ::setsockopt(fd, opt_tp.level(), opt_tp.option(), &val, sizeof(val))); ::close(fd); @@ -348,9 +339,9 @@ SysCallBoolResult OsSysCallsImpl::socketTcpInfo([[maybe_unused]] os_fd_t sockfd, tcp_info->tcpi_snd_cwnd = unix_tcp_info.tcpi_snd_cwnd * mss; } return {!SOCKET_FAILURE(result), !SOCKET_FAILURE(result) ? 0 : errno}; -#endif - +#else return {false, EOPNOTSUPP}; +#endif } bool OsSysCallsImpl::supportsGetifaddrs() const { return true; } diff --git a/source/common/formatter/substitution_format_string.h b/source/common/formatter/substitution_format_string.h index fc1d6f5e6e..c66c77eaff 100644 --- a/source/common/formatter/substitution_format_string.h +++ b/source/common/formatter/substitution_format_string.h @@ -29,7 +29,7 @@ class SubstitutionFormatStringUtils { * Parse list of formatter configurations to commands. */ template - static std::vector> + static absl::StatusOr>> parseFormatters(const FormattersConfig& formatters, Server::Configuration::GenericFactoryContext& context) { std::vector> commands; @@ -37,13 +37,13 @@ class SubstitutionFormatStringUtils { auto* factory = Envoy::Config::Utility::getFactory>(formatter); if (!factory) { - throwEnvoyExceptionOrPanic(absl::StrCat("Formatter not found: ", formatter.name())); + return absl::InvalidArgumentError(absl::StrCat("Formatter not found: ", formatter.name())); } auto typed_config = Envoy::Config::Utility::translateAnyToFactoryConfig( formatter.typed_config(), context.messageValidationVisitor(), *factory); auto parser = factory->createCommandParserFromProto(*typed_config, context); if (!parser) { - throwEnvoyExceptionOrPanic( + return absl::InvalidArgumentError( absl::StrCat("Failed to create command parser: ", formatter.name())); } commands.push_back(std::move(parser)); @@ -56,26 +56,28 @@ class SubstitutionFormatStringUtils { * Generate a formatter object from config SubstitutionFormatString. */ template - static FormatterBasePtr + static absl::StatusOr> fromProtoConfig(const envoy::config::core::v3::SubstitutionFormatString& config, Server::Configuration::GenericFactoryContext& context) { // Instantiate formatter extensions. auto commands = parseFormatters(config.formatters(), context); + RETURN_IF_NOT_OK_REF(commands.status()); switch (config.format_case()) { case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kTextFormat: return std::make_unique>( - config.text_format(), config.omit_empty_values(), commands); + config.text_format(), config.omit_empty_values(), *commands); case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kJsonFormat: return createJsonFormatter( config.json_format(), true, config.omit_empty_values(), config.has_json_format_options() ? config.json_format_options().sort_properties() : false, - commands); - case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kTextFormatSource: + *commands); + case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kTextFormatSource: { + auto data_source_or_error = Config::DataSource::read(config.text_format_source(), true, + context.serverFactoryContext().api()); + RETURN_IF_NOT_OK(data_source_or_error.status()); return std::make_unique>( - THROW_OR_RETURN_VALUE(Config::DataSource::read(config.text_format_source(), true, - context.serverFactoryContext().api()), - std::string), - config.omit_empty_values(), commands); + *data_source_or_error, config.omit_empty_values(), *commands); + } case envoy::config::core::v3::SubstitutionFormatString::FormatCase::FORMAT_NOT_SET: PANIC_DUE_TO_PROTO_UNSET; } diff --git a/source/common/http/utility.h b/source/common/http/utility.h index d1b2d0d093..eaee0c34fa 100644 --- a/source/common/http/utility.h +++ b/source/common/http/utility.h @@ -2,6 +2,7 @@ #include #include +#include #include #include #include @@ -572,11 +573,11 @@ const ConfigType* resolveMostSpecificPerFilterConfig(const Http::StreamFilterCal * and their lifetime is the same as the matched route. */ template -absl::InlinedVector +absl::InlinedVector, 4> getAllPerFilterConfig(const Http::StreamFilterCallbacks* callbacks) { ASSERT(callbacks != nullptr); - absl::InlinedVector all_configs; + absl::InlinedVector, 4> all_configs; for (const auto* config : callbacks->perFilterConfigs()) { const ConfigType* typed_config = dynamic_cast(config); @@ -584,7 +585,7 @@ getAllPerFilterConfig(const Http::StreamFilterCallbacks* callbacks) { ENVOY_LOG_MISC(debug, "Failed to retrieve the correct type of route specific filter config"); continue; } - all_configs.push_back(typed_config); + all_configs.push_back(*typed_config); } return all_configs; diff --git a/source/common/local_reply/local_reply.cc b/source/common/local_reply/local_reply.cc index 8de608a225..10bd821388 100644 --- a/source/common/local_reply/local_reply.cc +++ b/source/common/local_reply/local_reply.cc @@ -22,7 +22,9 @@ class BodyFormatter { BodyFormatter(const envoy::config::core::v3::SubstitutionFormatString& config, Server::Configuration::GenericFactoryContext& context) - : formatter_(Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config, context)), + : formatter_(THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config, context), + Formatter::FormatterBasePtr)), content_type_( !config.content_type().empty() ? config.content_type() : config.format_case() == diff --git a/source/common/quic/active_quic_listener.cc b/source/common/quic/active_quic_listener.cc index 002b8f5866..691c4a9c29 100644 --- a/source/common/quic/active_quic_listener.cc +++ b/source/common/quic/active_quic_listener.cc @@ -37,14 +37,17 @@ ActiveQuicListener::ActiveQuicListener( EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, EnvoyQuicProofSourceFactoryInterface& proof_source_factory, QuicConnectionIdGeneratorPtr&& cid_generator, QuicConnectionIdWorkerSelector worker_selector, - EnvoyQuicConnectionDebugVisitorFactoryInterfaceOptRef debug_visitor_factory) + EnvoyQuicConnectionDebugVisitorFactoryInterfaceOptRef debug_visitor_factory, + bool reject_new_connections) : Server::ActiveUdpListenerBase( worker_index, concurrency, parent, *listen_socket, std::make_unique( dispatcher, listen_socket, *this, dispatcher.timeSource(), listener_config.udpListenerConfig()->config().downstream_socket_config()), &listener_config), - dispatcher_(dispatcher), version_manager_(quic::CurrentSupportedHttp3Versions()), + dispatcher_(dispatcher), + version_manager_(reject_new_connections ? quic::ParsedQuicVersionVector() + : quic::CurrentSupportedHttp3Versions()), kernel_worker_routing_(kernel_worker_routing), packets_to_read_to_connection_count_ratio_(packets_to_read_to_connection_count_ratio), crypto_server_stream_factory_(crypto_server_stream_factory), @@ -264,7 +267,7 @@ ActiveQuicListenerFactory::ActiveQuicListenerFactory( PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, packets_to_read_to_connection_count_ratio, DEFAULT_PACKETS_TO_READ_PER_CONNECTION)), receive_ecn_(Runtime::runtimeFeatureEnabled("envoy.reloadable_features.quic_receive_ecn")), - context_(context) { + context_(context), reject_new_connections_(config.reject_new_connections()) { const int64_t idle_network_timeout_ms = config.has_idle_timeout() ? DurationUtil::durationToMilliseconds(config.idle_timeout()) : 300000; @@ -434,7 +437,7 @@ ActiveQuicListenerFactory::createActiveQuicListener( listener_config, quic_config, kernel_worker_routing, enabled, quic_stat_names, packets_to_read_to_connection_count_ratio, receive_ecn_, crypto_server_stream_factory, proof_source_factory, std::move(cid_generator), worker_selector_, - connection_debug_visitor_factory_); + connection_debug_visitor_factory_, reject_new_connections_); } } // namespace Quic diff --git a/source/common/quic/active_quic_listener.h b/source/common/quic/active_quic_listener.h index e0f62c0298..0ec62ac7df 100644 --- a/source/common/quic/active_quic_listener.h +++ b/source/common/quic/active_quic_listener.h @@ -41,7 +41,8 @@ class ActiveQuicListener : public Envoy::Server::ActiveUdpListenerBase, EnvoyQuicProofSourceFactoryInterface& proof_source_factory, QuicConnectionIdGeneratorPtr&& cid_generator, QuicConnectionIdWorkerSelector worker_selector, - EnvoyQuicConnectionDebugVisitorFactoryInterfaceOptRef debug_visitor_factory); + EnvoyQuicConnectionDebugVisitorFactoryInterfaceOptRef debug_visitor_factory, + bool reject_new_connections = false); ~ActiveQuicListener() override; @@ -159,6 +160,7 @@ class ActiveQuicListenerFactory : public Network::ActiveUdpListenerFactory, QuicConnectionIdWorkerSelector worker_selector_; bool kernel_worker_routing_{}; Server::Configuration::ServerFactoryContext& context_; + bool reject_new_connections_{}; static bool disable_kernel_bpf_packet_routing_for_test_; }; diff --git a/source/common/tcp_proxy/tcp_proxy.cc b/source/common/tcp_proxy/tcp_proxy.cc index 6de501b25d..c4e2e58722 100644 --- a/source/common/tcp_proxy/tcp_proxy.cc +++ b/source/common/tcp_proxy/tcp_proxy.cc @@ -707,8 +707,10 @@ TunnelingConfigHelperImpl::TunnelingConfigHelperImpl( envoy::config::core::v3::SubstitutionFormatString substitution_format_config; substitution_format_config.mutable_text_format_source()->set_inline_string( config_message.tunneling_config().hostname()); - hostname_fmt_ = Formatter::SubstitutionFormatStringUtils::fromProtoConfig( - substitution_format_config, context); + hostname_fmt_ = + THROW_OR_RETURN_VALUE(Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + substitution_format_config, context), + Formatter::FormatterBasePtr); } std::string TunnelingConfigHelperImpl::host(const StreamInfo::StreamInfo& stream_info) const { diff --git a/source/extensions/access_loggers/common/stream_access_log_common_impl.h b/source/extensions/access_loggers/common/stream_access_log_common_impl.h index 1713b91825..5b07233124 100644 --- a/source/extensions/access_loggers/common/stream_access_log_common_impl.h +++ b/source/extensions/access_loggers/common/stream_access_log_common_impl.h @@ -18,8 +18,9 @@ createStreamAccessLogInstance(const Protobuf::Message& config, AccessLog::Filter MessageUtil::downcastAndValidate(config, context.messageValidationVisitor()); Formatter::FormatterPtr formatter; if (fal_config.access_log_format_case() == T::AccessLogFormatCase::kLogFormat) { - formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), context); + formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), context), + Formatter::FormatterBasePtr); } else if (fal_config.access_log_format_case() == T::AccessLogFormatCase::ACCESS_LOG_FORMAT_NOT_SET) { formatter = Formatter::HttpSubstitutionFormatUtils::defaultSubstitutionFormatter(); diff --git a/source/extensions/access_loggers/file/config.cc b/source/extensions/access_loggers/file/config.cc index a21c693436..2761aa5064 100644 --- a/source/extensions/access_loggers/file/config.cc +++ b/source/extensions/access_loggers/file/config.cc @@ -35,7 +35,9 @@ FileAccessLogFactory::createAccessLogInstance(const Protobuf::Message& config, } else { envoy::config::core::v3::SubstitutionFormatString sff_config; sff_config.mutable_text_format_source()->set_inline_string(fal_config.format()); - formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context); + formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context), + Formatter::FormatterBasePtr); } break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kJsonFormat: @@ -46,12 +48,15 @@ FileAccessLogFactory::createAccessLogInstance(const Protobuf::Message& config, kTypedJsonFormat: { envoy::config::core::v3::SubstitutionFormatString sff_config; *sff_config.mutable_json_format() = fal_config.typed_json_format(); - formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context); + formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context), + Formatter::FormatterBasePtr); break; } case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kLogFormat: - formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), context); + formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), context), + Formatter::FormatterBasePtr); break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: ACCESS_LOG_FORMAT_NOT_SET: diff --git a/source/extensions/access_loggers/fluentd/config.cc b/source/extensions/access_loggers/fluentd/config.cc index 877bd69de2..a6614137e6 100644 --- a/source/extensions/access_loggers/fluentd/config.cc +++ b/source/extensions/access_loggers/fluentd/config.cc @@ -60,8 +60,10 @@ FluentdAccessLogFactory::createAccessLogInstance(const Protobuf::Message& config // payload. // TODO(ohadvano): Improve the formatting operation by creating a dedicated formatter that // will directly serialize the record to msgpack payload. - auto commands = - Formatter::SubstitutionFormatStringUtils::parseFormatters(proto_config.formatters(), context); + auto commands = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::parseFormatters(proto_config.formatters(), context), + std::vector>); + Formatter::FormatterPtr json_formatter = Formatter::SubstitutionFormatStringUtils::createJsonFormatter(proto_config.record(), true, false, false, commands); diff --git a/source/extensions/access_loggers/open_telemetry/config.cc b/source/extensions/access_loggers/open_telemetry/config.cc index 237c5c9fa8..5b9e817f52 100644 --- a/source/extensions/access_loggers/open_telemetry/config.cc +++ b/source/extensions/access_loggers/open_telemetry/config.cc @@ -41,8 +41,9 @@ AccessLogFactory::createAccessLogInstance(const Protobuf::Message& config, const envoy::extensions::access_loggers::open_telemetry::v3::OpenTelemetryAccessLogConfig&>( config, context.messageValidationVisitor()); - auto commands = - Formatter::SubstitutionFormatStringUtils::parseFormatters(proto_config.formatters(), context); + auto commands = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::parseFormatters(proto_config.formatters(), context), + std::vector>); return std::make_shared( std::move(filter), proto_config, context.serverFactoryContext().threadLocal(), diff --git a/source/extensions/filters/common/set_filter_state/filter_config.cc b/source/extensions/filters/common/set_filter_state/filter_config.cc index 5188b097af..a14e672e89 100644 --- a/source/extensions/filters/common/set_filter_state/filter_config.cc +++ b/source/extensions/filters/common/set_filter_state/filter_config.cc @@ -50,8 +50,10 @@ Config::parse(const Protobuf::RepeatedPtrField& proto_val break; } value.skip_if_empty_ = proto_value.skip_if_empty(); - value.value_ = Formatter::SubstitutionFormatStringUtils::fromProtoConfig( - proto_value.format_string(), context); + value.value_ = + THROW_OR_RETURN_VALUE(Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + proto_value.format_string(), context), + Formatter::FormatterBasePtr); values.push_back(std::move(value)); } return values; diff --git a/source/extensions/filters/http/cors/cors_filter.cc b/source/extensions/filters/http/cors/cors_filter.cc index 98ecb2a17c..49fba6d4a5 100644 --- a/source/extensions/filters/http/cors/cors_filter.cc +++ b/source/extensions/filters/http/cors/cors_filter.cc @@ -66,10 +66,17 @@ void CorsFilter::initializeCorsPolicies() { // If no cors policy is configured in the per filter config, then the cors policy fields in the // route configuration will be ignored. if (policies_.empty()) { - policies_ = { - decoder_callbacks_->route()->routeEntry()->corsPolicy(), - decoder_callbacks_->route()->virtualHost().corsPolicy(), - }; + const auto route = decoder_callbacks_->route(); + ASSERT(route != nullptr); + ASSERT(route->routeEntry() != nullptr); + + if (auto* typed_cfg = route->routeEntry()->corsPolicy(); typed_cfg != nullptr) { + policies_.push_back(*typed_cfg); + } + + if (auto* typed_cfg = route->virtualHost().corsPolicy(); typed_cfg != nullptr) { + policies_.push_back(*typed_cfg); + } } } @@ -204,11 +211,7 @@ void CorsFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& c } bool CorsFilter::isOriginAllowed(const Http::HeaderString& origin) { - const auto allow_origins = allowOrigins(); - if (allow_origins == nullptr) { - return false; - } - for (const auto& allow_origin : *allow_origins) { + for (const auto& allow_origin : allowOrigins()) { if (allow_origin->match("*") || allow_origin->match(origin.getStringView())) { return true; } @@ -216,92 +219,88 @@ bool CorsFilter::isOriginAllowed(const Http::HeaderString& origin) { return false; } -const std::vector* CorsFilter::allowOrigins() { - for (const auto policy : policies_) { - if (policy && !policy->allowOrigins().empty()) { - return &policy->allowOrigins(); +absl::Span CorsFilter::allowOrigins() { + for (const Router::CorsPolicy& policy : policies_) { + if (!policy.allowOrigins().empty()) { + return policy.allowOrigins(); } } - return nullptr; + return {}; } bool CorsFilter::forwardNotMatchingPreflights() { - for (const auto policy : policies_) { - if (policy && policy->forwardNotMatchingPreflights()) { - return policy->forwardNotMatchingPreflights().value(); + for (const Router::CorsPolicy& policy : policies_) { + if (policy.forwardNotMatchingPreflights()) { + return policy.forwardNotMatchingPreflights().value(); } } return true; } -const std::string& CorsFilter::allowMethods() { - for (const auto policy : policies_) { - if (policy && !policy->allowMethods().empty()) { - return policy->allowMethods(); +absl::string_view CorsFilter::allowMethods() { + for (const Router::CorsPolicy& policy : policies_) { + if (!policy.allowMethods().empty()) { + return policy.allowMethods(); } } return EMPTY_STRING; } -const std::string& CorsFilter::allowHeaders() { - for (const auto policy : policies_) { - if (policy && !policy->allowHeaders().empty()) { - return policy->allowHeaders(); +absl::string_view CorsFilter::allowHeaders() { + for (const Router::CorsPolicy& policy : policies_) { + if (!policy.allowHeaders().empty()) { + return policy.allowHeaders(); } } return EMPTY_STRING; } -const std::string& CorsFilter::exposeHeaders() { - for (const auto policy : policies_) { - if (policy && !policy->exposeHeaders().empty()) { - return policy->exposeHeaders(); +absl::string_view CorsFilter::exposeHeaders() { + for (const Router::CorsPolicy& policy : policies_) { + if (!policy.exposeHeaders().empty()) { + return policy.exposeHeaders(); } } return EMPTY_STRING; } -const std::string& CorsFilter::maxAge() { - for (const auto policy : policies_) { - if (policy && !policy->maxAge().empty()) { - return policy->maxAge(); +absl::string_view CorsFilter::maxAge() { + for (const Router::CorsPolicy& policy : policies_) { + if (!policy.maxAge().empty()) { + return policy.maxAge(); } } return EMPTY_STRING; } bool CorsFilter::allowCredentials() { - for (const auto policy : policies_) { - if (policy && policy->allowCredentials()) { - return policy->allowCredentials().value(); + for (const Router::CorsPolicy& policy : policies_) { + if (policy.allowCredentials()) { + return policy.allowCredentials().value(); } } return false; } bool CorsFilter::allowPrivateNetworkAccess() { - for (const auto policy : policies_) { - if (policy && policy->allowPrivateNetworkAccess()) { - return policy->allowPrivateNetworkAccess().value(); + for (const Router::CorsPolicy& policy : policies_) { + if (policy.allowPrivateNetworkAccess()) { + return policy.allowPrivateNetworkAccess().value(); } } return false; } bool CorsFilter::shadowEnabled() { - for (const auto policy : policies_) { - if (policy) { - return policy->shadowEnabled(); - } + for (const Router::CorsPolicy& policy : policies_) { + return policy.shadowEnabled(); } return false; } bool CorsFilter::enabled() { - for (const auto policy : policies_) { - if (policy) { - return policy->enabled(); - } + for (const Router::CorsPolicy& policy : policies_) { + return policy.enabled(); } return false; } diff --git a/source/extensions/filters/http/cors/cors_filter.h b/source/extensions/filters/http/cors/cors_filter.h index 0c8cf535a9..a89a488b3f 100644 --- a/source/extensions/filters/http/cors/cors_filter.h +++ b/source/extensions/filters/http/cors/cors_filter.h @@ -88,11 +88,11 @@ class CorsFilter : public Http::StreamFilter { private: friend class CorsFilterTest; - const std::vector* allowOrigins(); - const std::string& allowMethods(); - const std::string& allowHeaders(); - const std::string& exposeHeaders(); - const std::string& maxAge(); + absl::Span allowOrigins(); + absl::string_view allowMethods(); + absl::string_view allowHeaders(); + absl::string_view exposeHeaders(); + absl::string_view maxAge(); bool allowCredentials(); bool allowPrivateNetworkAccess(); bool shadowEnabled(); @@ -102,7 +102,7 @@ class CorsFilter : public Http::StreamFilter { Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; - absl::InlinedVector policies_; + absl::InlinedVector, 4> policies_; bool is_cors_request_{}; std::string latched_origin_; diff --git a/source/extensions/filters/http/custom_response/custom_response_filter.cc b/source/extensions/filters/http/custom_response/custom_response_filter.cc index d133c8b753..52e5aefe3e 100644 --- a/source/extensions/filters/http/custom_response/custom_response_filter.cc +++ b/source/extensions/filters/http/custom_response/custom_response_filter.cc @@ -48,13 +48,12 @@ Http::FilterHeadersStatus CustomResponseFilter::encodeHeaders(Http::ResponseHead // policy. Note that since the traversal is least to most specific, we can't // return early when a match is found. PolicySharedPtr policy; - for (const auto* typed_config : + for (const FilterConfig& typed_config : Http::Utility::getAllPerFilterConfig(encoder_callbacks_)) { - ASSERT(typed_config != nullptr); // Check if a match is found first to avoid overwriting policy with an // empty shared_ptr. - auto maybe_policy = typed_config->getPolicy(headers, encoder_callbacks_->streamInfo()); + auto maybe_policy = typed_config.getPolicy(headers, encoder_callbacks_->streamInfo()); if (maybe_policy) { policy = maybe_policy; } diff --git a/source/extensions/filters/http/ext_authz/ext_authz.cc b/source/extensions/filters/http/ext_authz/ext_authz.cc index b1713614ca..962aede2c2 100644 --- a/source/extensions/filters/http/ext_authz/ext_authz.cc +++ b/source/extensions/filters/http/ext_authz/ext_authz.cc @@ -192,13 +192,12 @@ void Filter::initiateCall(const Http::RequestHeaderMap& headers) { } absl::optional maybe_merged_per_route_config; - for (const auto* cfg : + for (const FilterConfigPerRoute& cfg : Http::Utility::getAllPerFilterConfig(decoder_callbacks_)) { - ASSERT(cfg != nullptr); if (maybe_merged_per_route_config.has_value()) { - maybe_merged_per_route_config.value().merge(*cfg); + maybe_merged_per_route_config.value().merge(cfg); } else { - maybe_merged_per_route_config = *cfg; + maybe_merged_per_route_config = cfg; } } diff --git a/source/extensions/filters/http/ext_proc/ext_proc.cc b/source/extensions/filters/http/ext_proc/ext_proc.cc index 8af46dc4da..3013ea1d82 100644 --- a/source/extensions/filters/http/ext_proc/ext_proc.cc +++ b/source/extensions/filters/http/ext_proc/ext_proc.cc @@ -1279,13 +1279,12 @@ void Filter::mergePerRouteConfig() { route_config_merged_ = true; absl::optional merged_config; - for (const auto* typed_cfg : + for (const FilterConfigPerRoute& typed_cfg : Http::Utility::getAllPerFilterConfig(decoder_callbacks_)) { - ASSERT(typed_cfg != nullptr); if (!merged_config.has_value()) { - merged_config.emplace(*typed_cfg); + merged_config.emplace(typed_cfg); } else { - merged_config.emplace(FilterConfigPerRoute(merged_config.value(), *typed_cfg)); + merged_config.emplace(FilterConfigPerRoute(merged_config.value(), typed_cfg)); } } diff --git a/source/extensions/filters/http/header_mutation/header_mutation.cc b/source/extensions/filters/http/header_mutation/header_mutation.cc index e61635a580..259f180d17 100644 --- a/source/extensions/filters/http/header_mutation/header_mutation.cc +++ b/source/extensions/filters/http/header_mutation/header_mutation.cc @@ -46,12 +46,11 @@ Http::FilterHeadersStatus HeaderMutation::decodeHeaders(Http::RequestHeaderMap& // `getAllPerFilterConfig` above returns). // Thus, here we reverse iterate the vector when `most_specific_wins` is false. for (auto it = route_configs_.rbegin(); it != route_configs_.rend(); ++it) { - (*it)->mutations().mutateRequestHeaders(headers, ctx, decoder_callbacks_->streamInfo()); + (*it).get().mutations().mutateRequestHeaders(headers, ctx, decoder_callbacks_->streamInfo()); } } else { - for (const auto* route_config : route_configs_) { - route_config->mutations().mutateRequestHeaders(headers, ctx, - decoder_callbacks_->streamInfo()); + for (const PerRouteHeaderMutation& route_config : route_configs_) { + route_config.mutations().mutateRequestHeaders(headers, ctx, decoder_callbacks_->streamInfo()); } } @@ -70,12 +69,12 @@ Http::FilterHeadersStatus HeaderMutation::encodeHeaders(Http::ResponseHeaderMap& if (!config_->mostSpecificHeaderMutationsWins()) { for (auto it = route_configs_.rbegin(); it != route_configs_.rend(); ++it) { - (*it)->mutations().mutateResponseHeaders(headers, ctx, encoder_callbacks_->streamInfo()); + (*it).get().mutations().mutateResponseHeaders(headers, ctx, encoder_callbacks_->streamInfo()); } } else { - for (const auto* route_config : route_configs_) { - route_config->mutations().mutateResponseHeaders(headers, ctx, - encoder_callbacks_->streamInfo()); + for (const PerRouteHeaderMutation& route_config : route_configs_) { + route_config.mutations().mutateResponseHeaders(headers, ctx, + encoder_callbacks_->streamInfo()); } } diff --git a/source/extensions/filters/http/header_mutation/header_mutation.h b/source/extensions/filters/http/header_mutation/header_mutation.h index 5286d83404..254c9ca076 100644 --- a/source/extensions/filters/http/header_mutation/header_mutation.h +++ b/source/extensions/filters/http/header_mutation/header_mutation.h @@ -82,7 +82,7 @@ class HeaderMutation : public Http::PassThroughFilter, public Logger::Loggable route_configs_{}; + absl::InlinedVector, 4> route_configs_{}; }; } // namespace HeaderMutation diff --git a/source/extensions/filters/http/rate_limit_quota/client.h b/source/extensions/filters/http/rate_limit_quota/client.h index a8d31c39b0..198b919d5b 100644 --- a/source/extensions/filters/http/rate_limit_quota/client.h +++ b/source/extensions/filters/http/rate_limit_quota/client.h @@ -37,7 +37,7 @@ class RateLimitClient { public: virtual ~RateLimitClient() = default; - virtual absl::Status startStream(const StreamInfo::StreamInfo& stream_info) PURE; + virtual absl::Status startStream(const StreamInfo::StreamInfo* stream_info) PURE; virtual void closeStream() PURE; virtual void sendUsageReport(absl::optional bucket_id) PURE; diff --git a/source/extensions/filters/http/rate_limit_quota/client_impl.cc b/source/extensions/filters/http/rate_limit_quota/client_impl.cc index 7d886a49e7..876060592e 100644 --- a/source/extensions/filters/http/rate_limit_quota/client_impl.cc +++ b/source/extensions/filters/http/rate_limit_quota/client_impl.cc @@ -64,14 +64,17 @@ RateLimitQuotaUsageReports RateLimitClientImpl::buildReport(absl::optional bucket_id) { - if (stream_ != nullptr) { - // Build the report and then send the report to RLQS server. - // `end_stream` should always be set to false as we don't want to close the stream locally. - stream_->sendMessage(buildReport(bucket_id), /*end_stream=*/false); - } else { - // Don't send any reports if stream has already been closed. - ENVOY_LOG(debug, "The stream has already been closed; no reports will be sent."); + if (stream_ == nullptr) { + ENVOY_LOG(debug, "The RLQS stream has been closed and must be restarted to send reports."); + if (absl::Status err = startStream(nullptr); !err.ok()) { + ENVOY_LOG(error, "Failed to start the stream to send reports."); + return; + } } + + // Build the report and then send the report to RLQS server. + // `end_stream` should always be set to false as we don't want to close the stream locally. + stream_->sendMessage(buildReport(bucket_id), /*end_stream=*/false); } void RateLimitClientImpl::onReceiveMessage(RateLimitQuotaResponsePtr&& response) { @@ -165,20 +168,27 @@ void RateLimitClientImpl::onRemoteClose(Grpc::Status::GrpcStatus status, stream_ = nullptr; } -absl::Status RateLimitClientImpl::startStream(const StreamInfo::StreamInfo& stream_info) { +absl::Status RateLimitClientImpl::startStream(const StreamInfo::StreamInfo* stream_info) { // Starts stream if it has not been opened yet. if (stream_ == nullptr) { ENVOY_LOG(debug, "Trying to start the new gRPC stream"); + auto stream_options = Http::AsyncClient::RequestOptions(); + if (stream_info) { + stream_options.setParentContext(Http::AsyncClient::ParentContext{stream_info}); + } stream_ = aync_client_.start( *Protobuf::DescriptorPool::generated_pool()->FindMethodByName( "envoy.service.rate_limit_quota.v3.RateLimitQuotaService.StreamRateLimitQuotas"), - *this, - Http::AsyncClient::RequestOptions().setParentContext( - Http::AsyncClient::ParentContext{&stream_info})); + *this, stream_options); + } + + // If still null after attempting a start. + if (stream_ == nullptr) { + return absl::InternalError("Failed to start the stream"); } - // Returns error status if start failed (i.e., stream_ is nullptr). - return stream_ == nullptr ? absl::InternalError("Failed to start the stream") : absl::OkStatus(); + ENVOY_LOG(debug, "gRPC stream has been started"); + return absl::OkStatus(); } } // namespace RateLimitQuota diff --git a/source/extensions/filters/http/rate_limit_quota/client_impl.h b/source/extensions/filters/http/rate_limit_quota/client_impl.h index b471755d24..c4584c26b8 100644 --- a/source/extensions/filters/http/rate_limit_quota/client_impl.h +++ b/source/extensions/filters/http/rate_limit_quota/client_impl.h @@ -45,7 +45,7 @@ class RateLimitClientImpl : public RateLimitClient, void onRemoteClose(Grpc::Status::GrpcStatus status, const std::string& message) override; // RateLimitClient methods. - absl::Status startStream(const StreamInfo::StreamInfo& stream_info) override; + absl::Status startStream(const StreamInfo::StreamInfo* stream_info) override; void closeStream() override; // Send the usage report to RLQS server void sendUsageReport(absl::optional bucket_id) override; diff --git a/source/extensions/filters/http/rate_limit_quota/filter.cc b/source/extensions/filters/http/rate_limit_quota/filter.cc index 65535753c3..e5671033cc 100644 --- a/source/extensions/filters/http/rate_limit_quota/filter.cc +++ b/source/extensions/filters/http/rate_limit_quota/filter.cc @@ -185,7 +185,7 @@ RateLimitQuotaFilter::sendImmediateReport(const size_t bucket_id, // Start the streaming on the first request. // It will be a no-op if the stream is already active. - auto status = client_.rate_limit_client->startStream(callbacks_->streamInfo()); + auto status = client_.rate_limit_client->startStream(&callbacks_->streamInfo()); if (!status.ok()) { ENVOY_LOG(error, "Failed to start the gRPC stream: ", status.message()); // TODO(tyxia) Check `NoAssignmentBehavior` behavior instead of fail-open here. diff --git a/source/extensions/filters/network/generic_proxy/file_access_log.h b/source/extensions/filters/network/generic_proxy/file_access_log.h index 779b4c08fc..30eabb239e 100644 --- a/source/extensions/filters/network/generic_proxy/file_access_log.h +++ b/source/extensions/filters/network/generic_proxy/file_access_log.h @@ -59,8 +59,9 @@ class FileAccessLogFactoryBase : public AccessLog::AccessLogInstanceFactoryBase< } else { envoy::config::core::v3::SubstitutionFormatString sff_config; sff_config.mutable_text_format_source()->set_inline_string(typed_config.format()); - formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context); + formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context), + Formatter::FormatterBasePtr); } break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: @@ -72,14 +73,17 @@ class FileAccessLogFactoryBase : public AccessLog::AccessLogInstanceFactoryBase< kTypedJsonFormat: { envoy::config::core::v3::SubstitutionFormatString sff_config; *sff_config.mutable_json_format() = typed_config.typed_json_format(); - formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context); + formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context), + Formatter::FormatterBasePtr); break; } case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: kLogFormat: - formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig( - typed_config.log_format(), context); + formatter = + THROW_OR_RETURN_VALUE(Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + typed_config.log_format(), context), + Formatter::FormatterBasePtr); break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: ACCESS_LOG_FORMAT_NOT_SET: diff --git a/source/extensions/filters/udp/udp_proxy/config.cc b/source/extensions/filters/udp/udp_proxy/config.cc index 436368faf0..200e7099c7 100644 --- a/source/extensions/filters/udp/udp_proxy/config.cc +++ b/source/extensions/filters/udp/udp_proxy/config.cc @@ -61,8 +61,10 @@ TunnelingConfigImpl::TunnelingConfigImpl(const TunnelingConfig& config, envoy::config::core::v3::SubstitutionFormatString proxy_substitution_format_config; proxy_substitution_format_config.mutable_text_format_source()->set_inline_string( config.proxy_host()); - proxy_host_formatter_ = Formatter::SubstitutionFormatStringUtils::fromProtoConfig( - proxy_substitution_format_config, context); + proxy_host_formatter_ = + THROW_OR_RETURN_VALUE(Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + proxy_substitution_format_config, context), + Formatter::FormatterBasePtr); if (config.has_proxy_port()) { uint32_t port = config.proxy_port().value(); @@ -76,8 +78,10 @@ TunnelingConfigImpl::TunnelingConfigImpl(const TunnelingConfig& config, envoy::config::core::v3::SubstitutionFormatString target_substitution_format_config; target_substitution_format_config.mutable_text_format_source()->set_inline_string( config.target_host()); - target_host_formatter_ = Formatter::SubstitutionFormatStringUtils::fromProtoConfig( - target_substitution_format_config, context); + target_host_formatter_ = + THROW_OR_RETURN_VALUE(Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + target_substitution_format_config, context), + Formatter::FormatterBasePtr); } UdpProxyFilterConfigImpl::UdpProxyFilterConfigImpl( diff --git a/source/extensions/http/custom_response/local_response_policy/local_response_policy.cc b/source/extensions/http/custom_response/local_response_policy/local_response_policy.cc index 4880fb2098..4777165781 100644 --- a/source/extensions/http/custom_response/local_response_policy/local_response_policy.cc +++ b/source/extensions/http/custom_response/local_response_policy/local_response_policy.cc @@ -39,8 +39,10 @@ LocalResponsePolicy::LocalResponsePolicy( // by this PR and will be fixed in the future. Server::GenericFactoryContextImpl generic_context(context, context.messageValidationVisitor()); if (config.has_body_format()) { - formatter_ = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config.body_format(), - generic_context); + formatter_ = + THROW_OR_RETURN_VALUE(Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + config.body_format(), generic_context), + Formatter::FormatterBasePtr); } } diff --git a/source/extensions/matching/actions/format_string/config.cc b/source/extensions/matching/actions/format_string/config.cc index ff8cb31418..3de72f9ec1 100644 --- a/source/extensions/matching/actions/format_string/config.cc +++ b/source/extensions/matching/actions/format_string/config.cc @@ -32,8 +32,9 @@ ActionFactory::createActionFactoryCb(const Protobuf::Message& proto_config, proto_config, validator); Server::GenericFactoryContextImpl generic_context(context, validator); - Formatter::FormatterConstSharedPtr formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config, generic_context); + Formatter::FormatterConstSharedPtr formatter = THROW_OR_RETURN_VALUE( + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config, generic_context), + Formatter::FormatterBasePtr); return [formatter]() { return std::make_unique(formatter); }; } diff --git a/test/common/api/os_sys_calls_test.cc b/test/common/api/os_sys_calls_test.cc index 126e109409..96e4d35e95 100644 --- a/test/common/api/os_sys_calls_test.cc +++ b/test/common/api/os_sys_calls_test.cc @@ -68,4 +68,19 @@ TEST(OsSyscallsTest, OpenPwritePreadFstatCloseStatUnlink) { TestEnvironment::removePath(path); } +TEST(OsSyscallsTest, SupportsIpTransparent) { + bool supported = Api::OsSysCallsSingleton::get().supportsIpTransparent( + TestEnvironment::getIpVersionsForTest()[0]); + EXPECT_FALSE(supported); +} + +TEST(OsSyscallsTest, SupportsMptcp) { + bool supported = Api::OsSysCallsSingleton::get().supportsMptcp(); + EXPECT_TRUE(supported); +} + +TEST(OsSyscallsTest, IoCtlInvalidFd) { + EXPECT_NE(0, Api::OsSysCallsSingleton::get().ioctl(0, 0, nullptr, 0, nullptr, 0, nullptr).errno_); +} + } // namespace Envoy diff --git a/test/common/formatter/substitution_format_string_test.cc b/test/common/formatter/substitution_format_string_test.cc index 6d74620d2a..e2d01dd133 100644 --- a/test/common/formatter/substitution_format_string_test.cc +++ b/test/common/formatter/substitution_format_string_test.cc @@ -47,7 +47,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigText) { )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + auto formatter = *SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("plain text, path=/bar/foo, code=200", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -63,7 +63,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJson) { )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + auto formatter = *SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const auto out_json = formatter->formatWithContext(formatter_context_, stream_info_); const std::string expected = R"EOF({ @@ -86,10 +86,11 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestInvalidConfigs) { }; for (const auto& yaml : invalid_configs) { TestUtility::loadFromYaml(yaml, config_); - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), - EnvoyException, - "Only string values, nested structs, list values and number values " - "are supported in structured access log format."); + EXPECT_THROW_WITH_MESSAGE( + SubstitutionFormatStringUtils::fromProtoConfig(config_, context_).IgnoreError(), + EnvoyException, + "Only string values, nested structs, list values and number values " + "are supported in structured access log format."); } } @@ -107,7 +108,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigFormatterExtension) )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + auto formatter = *SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("plain text TestFormatter", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -127,9 +128,8 @@ TEST_F(SubstitutionFormatStringUtilsTest, )EOF"; TestUtility::loadFromYaml(yaml, config_); - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), - EnvoyException, - "Failed to create command parser: envoy.formatter.FailFormatter"); + EXPECT_EQ(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_).status().message(), + "Failed to create command parser: envoy.formatter.FailFormatter"); } TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigFormatterExtensionUnknown) { @@ -143,9 +143,8 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigFormatterExtensionU )EOF"; TestUtility::loadFromYaml(yaml, config_); - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), - EnvoyException, - "Formatter not found: envoy.formatter.TestFormatterUnknown"); + EXPECT_EQ(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_).status().message(), + "Formatter not found: envoy.formatter.TestFormatterUnknown"); } TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJsonWithExtension) { @@ -166,7 +165,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJsonWithExtension) )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + auto formatter = *SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const auto out_json = formatter->formatWithContext(formatter_context_, stream_info_); const std::string expected = R"EOF({ @@ -201,7 +200,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJsonWithMultipleExt )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + auto formatter = *SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const auto out_json = formatter->formatWithContext(formatter_context_, stream_info_); const std::string expected = R"EOF({ @@ -225,9 +224,8 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestParseFormattersWithUnknownExtensio TestUtility::loadFromYaml(yaml, proto); *entry1 = proto; - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::parseFormatters(config, context_), - EnvoyException, - "Formatter not found: envoy.formatter.TestFormatterUnknown"); + EXPECT_EQ(SubstitutionFormatStringUtils::parseFormatters(config, context_).status().message(), + "Formatter not found: envoy.formatter.TestFormatterUnknown"); } TEST_F(SubstitutionFormatStringUtilsTest, TestParseFormattersWithInvalidFormatter) { @@ -246,9 +244,8 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestParseFormattersWithInvalidFormatte TestUtility::loadFromYaml(yaml, proto); *entry1 = proto; - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::parseFormatters(config, context_), - EnvoyException, - "Failed to create command parser: envoy.formatter.FailFormatter"); + EXPECT_EQ(SubstitutionFormatStringUtils::parseFormatters(config, context_).status().message(), + "Failed to create command parser: envoy.formatter.FailFormatter"); } TEST_F(SubstitutionFormatStringUtilsTest, TestParseFormattersWithSingleExtension) { @@ -267,7 +264,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestParseFormattersWithSingleExtension TestUtility::loadFromYaml(yaml, proto); *entry1 = proto; - auto commands = SubstitutionFormatStringUtils::parseFormatters(config, context_); + auto commands = *SubstitutionFormatStringUtils::parseFormatters(config, context_); ASSERT_EQ(1, commands.size()); absl::optional max_length = {}; @@ -306,7 +303,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestParseFormattersWithMultipleExtensi TestUtility::loadFromYaml(additional_command_yaml, additional_command_proto); *entry2 = additional_command_proto; - auto commands = SubstitutionFormatStringUtils::parseFormatters(config, context_); + auto commands = *SubstitutionFormatStringUtils::parseFormatters(config, context_); ASSERT_EQ(2, commands.size()); absl::optional max_length = {}; diff --git a/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc b/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc index 532d2b288e..db253e6680 100644 --- a/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc +++ b/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc @@ -84,7 +84,7 @@ class AccessLogTest : public testing::Test { return logger_; }); auto commands = - Formatter::SubstitutionFormatStringUtils::parseFormatters(config_.formatters(), context_); + *Formatter::SubstitutionFormatStringUtils::parseFormatters(config_.formatters(), context_); return std::make_unique(FilterPtr{filter_}, config_, tls_, logger_cache_, commands); } diff --git a/test/extensions/access_loggers/open_telemetry/substitution_formatter_test.cc b/test/extensions/access_loggers/open_telemetry/substitution_formatter_test.cc index 54fe710a47..ab51c3eb2e 100644 --- a/test/extensions/access_loggers/open_telemetry/substitution_formatter_test.cc +++ b/test/extensions/access_loggers/open_telemetry/substitution_formatter_test.cc @@ -915,7 +915,7 @@ TEST(SubstitutionFormatterTest, CELFormatterTest) { "@type": type.googleapis.com/envoy.extensions.formatter.cel.v3.Cel )EOF", otel_config); - auto commands = Formatter::SubstitutionFormatStringUtils::parseFormatters( + auto commands = *Formatter::SubstitutionFormatStringUtils::parseFormatters( otel_config.formatters(), context); OpenTelemetryFormatter formatter(otel_config.resource_attributes(), commands); diff --git a/test/extensions/bootstrap/wasm/test_data/BUILD b/test/extensions/bootstrap/wasm/test_data/BUILD index e0003964ed..53f36ba5ab 100644 --- a/test/extensions/bootstrap/wasm/test_data/BUILD +++ b/test/extensions/bootstrap/wasm/test_data/BUILD @@ -15,7 +15,7 @@ wasm_rust_binary( wasi = True, deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) diff --git a/test/extensions/filters/http/cors/cors_filter_test.cc b/test/extensions/filters/http/cors/cors_filter_test.cc index c699fe543e..17c1c5818d 100644 --- a/test/extensions/filters/http/cors/cors_filter_test.cc +++ b/test/extensions/filters/http/cors/cors_filter_test.cc @@ -87,8 +87,8 @@ TEST_F(CorsFilterTest, InitializeCorsPoliciesTest) { EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(request_headers, true)); EXPECT_EQ(false, isCorsRequest()); EXPECT_EQ(2, filter_.policiesForTest().size()); - EXPECT_EQ(cors_policy_.get(), filter_.policiesForTest().at(0)); - EXPECT_EQ(cors_policy_.get(), filter_.policiesForTest().at(1)); + EXPECT_EQ(cors_policy_.get(), &filter_.policiesForTest().at(0).get()); + EXPECT_EQ(cors_policy_.get(), &filter_.policiesForTest().at(1).get()); } // Only 'typed_per_filter_config' of virtual host has cors policy. @@ -104,7 +104,7 @@ TEST_F(CorsFilterTest, InitializeCorsPoliciesTest) { EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(request_headers, true)); EXPECT_EQ(false, isCorsRequest()); EXPECT_EQ(1, filter_.policiesForTest().size()); - EXPECT_EQ(cors_policy_.get(), filter_.policiesForTest().at(0)); + EXPECT_EQ(cors_policy_.get(), &filter_.policiesForTest().at(0).get()); } // No cors policy in the 'typed_per_filter_config'. @@ -121,9 +121,7 @@ TEST_F(CorsFilterTest, InitializeCorsPoliciesTest) { EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(request_headers, true)); EXPECT_EQ(false, isCorsRequest()); - EXPECT_EQ(2, filter_.policiesForTest().size()); - EXPECT_EQ(nullptr, filter_.policiesForTest().at(0)); - EXPECT_EQ(nullptr, filter_.policiesForTest().at(1)); + EXPECT_EQ(0, filter_.policiesForTest().size()); } { filter_ = CorsFilter(config_); @@ -139,9 +137,8 @@ TEST_F(CorsFilterTest, InitializeCorsPoliciesTest) { EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(request_headers, true)); EXPECT_EQ(false, isCorsRequest()); - EXPECT_EQ(2, filter_.policiesForTest().size()); - EXPECT_EQ(cors_policy_.get(), filter_.policiesForTest().at(0)); - EXPECT_EQ(nullptr, filter_.policiesForTest().at(1)); + EXPECT_EQ(1, filter_.policiesForTest().size()); + EXPECT_EQ(cors_policy_.get(), &filter_.policiesForTest().at(0).get()); } { filter_ = CorsFilter(config_); @@ -157,9 +154,8 @@ TEST_F(CorsFilterTest, InitializeCorsPoliciesTest) { EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(request_headers, false)); EXPECT_EQ(false, isCorsRequest()); - EXPECT_EQ(2, filter_.policiesForTest().size()); - EXPECT_EQ(nullptr, filter_.policiesForTest().at(0)); - EXPECT_EQ(cors_policy_.get(), filter_.policiesForTest().at(1)); + EXPECT_EQ(1, filter_.policiesForTest().size()); + EXPECT_EQ(cors_policy_.get(), &filter_.policiesForTest().at(0).get()); } } diff --git a/test/extensions/filters/http/rate_limit_quota/client_test.cc b/test/extensions/filters/http/rate_limit_quota/client_test.cc index 1fee6b6f46..336b47b7ff 100644 --- a/test/extensions/filters/http/rate_limit_quota/client_test.cc +++ b/test/extensions/filters/http/rate_limit_quota/client_test.cc @@ -18,7 +18,7 @@ class RateLimitClientTest : public testing::Test { }; TEST_F(RateLimitClientTest, OpenAndCloseStream) { - EXPECT_OK(test_client.client_->startStream(test_client.stream_info_)); + EXPECT_OK(test_client.client_->startStream(&test_client.stream_info_)); EXPECT_CALL(test_client.stream_, closeStream()); EXPECT_CALL(test_client.stream_, resetStream()); test_client.client_->closeStream(); @@ -27,7 +27,7 @@ TEST_F(RateLimitClientTest, OpenAndCloseStream) { TEST_F(RateLimitClientTest, SendUsageReport) { ::envoy::service::rate_limit_quota::v3::BucketId bucket_id; TestUtility::loadFromYaml(SingleBukcetId, bucket_id); - EXPECT_OK(test_client.client_->startStream(test_client.stream_info_)); + EXPECT_OK(test_client.client_->startStream(&test_client.stream_info_)); bool end_stream = false; // Send quota usage report and ensure that we get it. EXPECT_CALL(test_client.stream_, sendMessageRaw_(_, end_stream)); @@ -39,7 +39,7 @@ TEST_F(RateLimitClientTest, SendUsageReport) { } TEST_F(RateLimitClientTest, SendRequestAndReceiveResponse) { - EXPECT_OK(test_client.client_->startStream(test_client.stream_info_)); + EXPECT_OK(test_client.client_->startStream(&test_client.stream_info_)); ASSERT_NE(test_client.stream_callbacks_, nullptr); auto empty_request_headers = Http::RequestHeaderMapImpl::create(); @@ -66,6 +66,33 @@ TEST_F(RateLimitClientTest, SendRequestAndReceiveResponse) { test_client.client_->onRemoteClose(0, ""); } +TEST_F(RateLimitClientTest, RestartStreamWhileInUse) { + ::envoy::service::rate_limit_quota::v3::BucketId bucket_id; + TestUtility::loadFromYaml(SingleBukcetId, bucket_id); + EXPECT_OK(test_client.client_->startStream(&test_client.stream_info_)); + + bool end_stream = false; + // Send quota usage report and ensure that we get it. + EXPECT_CALL(test_client.stream_, sendMessageRaw_(_, end_stream)); + const size_t bucket_id_hash = MessageUtil::hash(bucket_id); + test_client.client_->sendUsageReport(bucket_id_hash); + EXPECT_CALL(test_client.stream_, closeStream()); + EXPECT_CALL(test_client.stream_, resetStream()); + test_client.client_->closeStream(); + + // Expect the stream to reopen while trying to send the next usage report. + EXPECT_CALL(test_client.stream_, sendMessageRaw_(_, end_stream)); + test_client.client_->sendUsageReport(bucket_id_hash); + EXPECT_CALL(test_client.stream_, closeStream()); + EXPECT_CALL(test_client.stream_, resetStream()); + test_client.client_->closeStream(); + + // Expect the client to handle a restart failure. + EXPECT_CALL(*test_client.async_client_, startRaw(_, _, _, _)).WillOnce(testing::Return(nullptr)); + WAIT_FOR_LOG_CONTAINS("error", "Failed to start the stream to send reports.", + { test_client.client_->sendUsageReport(bucket_id_hash); }); +} + } // namespace } // namespace RateLimitQuota } // namespace HttpFilters diff --git a/test/extensions/filters/http/rate_limit_quota/client_test_utils.h b/test/extensions/filters/http/rate_limit_quota/client_test_utils.h index 2f19f9b48b..e6624af9b4 100644 --- a/test/extensions/filters/http/rate_limit_quota/client_test_utils.h +++ b/test/extensions/filters/http/rate_limit_quota/client_test_utils.h @@ -70,12 +70,12 @@ class RateLimitTestClient { } Grpc::RawAsyncClientSharedPtr mockCreateAsyncClient(Unused, Unused, Unused) { - auto async_client = std::make_shared(); - EXPECT_CALL(*async_client, startRaw("envoy.service.rate_limit_quota.v3.RateLimitQuotaService", - "StreamRateLimitQuotas", _, _)) - .WillOnce(Invoke(this, &RateLimitTestClient::mockStartRaw)); + async_client_ = std::make_shared(); + EXPECT_CALL(*async_client_, startRaw("envoy.service.rate_limit_quota.v3.RateLimitQuotaService", + "StreamRateLimitQuotas", _, _)) + .WillRepeatedly(Invoke(this, &RateLimitTestClient::mockStartRaw)); - return async_client; + return async_client_; } Grpc::RawAsyncStream* mockStartRaw(Unused, Unused, Grpc::RawAsyncStreamCallbacks& callbacks, @@ -97,7 +97,7 @@ class RateLimitTestClient { Grpc::RawAsyncStreamCallbacks* stream_callbacks_; Grpc::Status::GrpcStatus grpc_status_ = Grpc::Status::WellKnownGrpcStatus::Ok; RateLimitClientPtr client_; - // std::unique_ptr client_; + std::shared_ptr async_client_ = nullptr; MockRateLimitQuotaCallbacks callbacks_; bool external_inited_ = false; bool start_failed_ = false; diff --git a/test/extensions/filters/http/rate_limit_quota/integration_test.cc b/test/extensions/filters/http/rate_limit_quota/integration_test.cc index dc37a9720b..37d4a97df6 100644 --- a/test/extensions/filters/http/rate_limit_quota/integration_test.cc +++ b/test/extensions/filters/http/rate_limit_quota/integration_test.cc @@ -787,42 +787,51 @@ TEST_P(RateLimitQuotaIntegrationTest, BasicFlowPeriodicalReportWithStreamClosed) EXPECT_TRUE(response_->complete()); EXPECT_EQ(response_->headers().getStatusValue(), "200"); + // ValidMatcherConfig. + int report_interval_sec = 60; // Trigger the report periodically. for (int i = 0; i < 6; ++i) { if (i == 2) { // Close the stream. - rlqs_stream_->finishGrpcStream(Grpc::Status::Ok); + WAIT_FOR_LOG_CONTAINS("debug", "gRPC stream closed remotely with status", + { rlqs_stream_->finishGrpcStream(Grpc::Status::Canceled); }); + ASSERT_TRUE(rlqs_stream_->waitForReset()); } // Advance the time by report_interval. simTime().advanceTimeWait(std::chrono::milliseconds(report_interval_sec * 1000)); - // Only perform rlqs server check and response before stream is remotely closed. - if (i < 2) { - // Checks that the rate limit server has received the periodical reports. - ASSERT_TRUE(rlqs_stream_->waitForGrpcMessage(*dispatcher_, reports)); + if (i == 2) { + // Stream should be restarted when next required for usage reporting. + ASSERT_TRUE(rlqs_connection_->waitForNewStream(*dispatcher_, rlqs_stream_)); + rlqs_stream_->startGrpcStream(); + } - // Verify the usage report content. - ASSERT_THAT(reports.bucket_quota_usages_size(), 1); - const auto& usage = reports.bucket_quota_usages(0); - // Report only represents the usage since last report. - // In the periodical report case here, the number of request allowed and denied is 0 since no - // new requests comes in. - EXPECT_EQ(usage.num_requests_allowed(), 0); - EXPECT_EQ(usage.num_requests_denied(), 0); - // time_elapsed equals to periodical reporting interval. - EXPECT_EQ(Protobuf::util::TimeUtil::DurationToSeconds(usage.time_elapsed()), - report_interval_sec); + // Only perform rlqs server check and response before stream is remotely + // closed. Checks that the rate limit server has received the periodical + // reports. + ASSERT_TRUE(rlqs_stream_->waitForGrpcMessage(*dispatcher_, reports)); + + // Verify the usage report content. + ASSERT_THAT(reports.bucket_quota_usages_size(), 1); + const auto& usage = reports.bucket_quota_usages(0); + // Report only represents the usage since last report. + // In the periodical report case here, the number of request allowed and + // denied is 0 since no new requests comes in. + EXPECT_EQ(usage.num_requests_allowed(), 0); + EXPECT_EQ(usage.num_requests_denied(), 0); + // time_elapsed equals to periodical reporting interval. + EXPECT_EQ(Protobuf::util::TimeUtil::DurationToSeconds(usage.time_elapsed()), + report_interval_sec); - // Build the rlqs server response. - envoy::service::rate_limit_quota::v3::RateLimitQuotaResponse rlqs_response2; - auto* bucket_action2 = rlqs_response2.add_bucket_action(); + // Build the rlqs server response. + envoy::service::rate_limit_quota::v3::RateLimitQuotaResponse rlqs_response2; + auto* bucket_action2 = rlqs_response2.add_bucket_action(); - for (const auto& [key, value] : custom_headers_cpy) { - (*bucket_action2->mutable_bucket_id()->mutable_bucket()).insert({key, value}); - } - rlqs_stream_->sendGrpcMessage(rlqs_response2); + for (const auto& [key, value] : custom_headers_cpy) { + (*bucket_action2->mutable_bucket_id()->mutable_bucket()).insert({key, value}); } + rlqs_stream_->sendGrpcMessage(rlqs_response2); } } diff --git a/test/extensions/filters/http/rate_limit_quota/mocks.h b/test/extensions/filters/http/rate_limit_quota/mocks.h index 01d374ec6c..aedd75e3e9 100644 --- a/test/extensions/filters/http/rate_limit_quota/mocks.h +++ b/test/extensions/filters/http/rate_limit_quota/mocks.h @@ -28,7 +28,7 @@ class MockRateLimitClient : public RateLimitClient { MockRateLimitClient() = default; ~MockRateLimitClient() override = default; - MOCK_METHOD(absl::Status, startStream, (const StreamInfo::StreamInfo&)); + MOCK_METHOD(absl::Status, startStream, (const StreamInfo::StreamInfo*)); MOCK_METHOD(void, closeStream, ()); MOCK_METHOD(void, sendUsageReport, (absl::optional)); diff --git a/test/extensions/filters/http/wasm/test_data/BUILD b/test/extensions/filters/http/wasm/test_data/BUILD index 3cebdbc4fc..dc89c15852 100644 --- a/test/extensions/filters/http/wasm/test_data/BUILD +++ b/test/extensions/filters/http/wasm/test_data/BUILD @@ -15,7 +15,7 @@ wasm_rust_binary( srcs = ["async_call_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -24,7 +24,7 @@ wasm_rust_binary( srcs = ["body_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -33,7 +33,7 @@ wasm_rust_binary( srcs = ["close_stream_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -43,7 +43,7 @@ wasm_rust_binary( deps = [ "//bazel/external/cargo:protobuf", "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -53,7 +53,7 @@ wasm_rust_binary( deps = [ "//bazel/external/cargo:protobuf", "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -63,7 +63,7 @@ wasm_rust_binary( wasi = True, deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -72,7 +72,7 @@ wasm_rust_binary( srcs = ["metadata_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -81,7 +81,7 @@ wasm_rust_binary( srcs = ["panic_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -90,7 +90,7 @@ wasm_rust_binary( srcs = ["resume_call_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -99,7 +99,7 @@ wasm_rust_binary( srcs = ["shared_data_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -108,7 +108,7 @@ wasm_rust_binary( srcs = ["shared_queue_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) diff --git a/test/extensions/filters/network/generic_proxy/proxy_test.cc b/test/extensions/filters/network/generic_proxy/proxy_test.cc index 6f6121a64d..31900ba301 100644 --- a/test/extensions/filters/network/generic_proxy/proxy_test.cc +++ b/test/extensions/filters/network/generic_proxy/proxy_test.cc @@ -108,7 +108,7 @@ class FilterConfigTest : public testing::Test { envoy::config::core::v3::SubstitutionFormatString sff_config; sff_config.mutable_text_format_source()->set_inline_string(format); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig( + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig( sff_config, factory_context_); return std::make_shared( diff --git a/test/extensions/filters/network/wasm/test_data/BUILD b/test/extensions/filters/network/wasm/test_data/BUILD index 7095acc432..5767f8ba51 100644 --- a/test/extensions/filters/network/wasm/test_data/BUILD +++ b/test/extensions/filters/network/wasm/test_data/BUILD @@ -14,7 +14,7 @@ wasm_rust_binary( srcs = ["close_stream_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -23,7 +23,7 @@ wasm_rust_binary( srcs = ["logging_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -32,7 +32,7 @@ wasm_rust_binary( srcs = ["panic_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) @@ -41,7 +41,7 @@ wasm_rust_binary( srcs = ["resume_call_rust.rs"], deps = [ "@proxy_wasm_rust_sdk//:proxy_wasm", - "@proxy_wasm_rust_sdk//bazel/cargo:log", + "@proxy_wasm_rust_sdk//bazel/cargo/remote:log", ], ) diff --git a/test/extensions/formatter/cel/cel_test.cc b/test/extensions/formatter/cel/cel_test.cc index 77f9d1b69d..ff4e4425cd 100644 --- a/test/extensions/formatter/cel/cel_test.cc +++ b/test/extensions/formatter/cel/cel_test.cc @@ -77,7 +77,7 @@ TEST_F(CELFormatterTest, TestRequestHeader) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("GET", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -93,7 +93,7 @@ TEST_F(CELFormatterTest, TestMissingRequestHeader) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("-", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -109,7 +109,7 @@ TEST_F(CELFormatterTest, TestWithoutMaxLength) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("/original/path?secret=parameter", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -126,7 +126,7 @@ TEST_F(CELFormatterTest, TestMaxLength) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("/original", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -142,7 +142,7 @@ TEST_F(CELFormatterTest, TestContains) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("true", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -158,7 +158,7 @@ TEST_F(CELFormatterTest, TestComplexCelExpression) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("true /original false", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -174,7 +174,7 @@ TEST_F(CELFormatterTest, TestInvalidExpression) { TestUtility::loadFromYaml(yaml, config_); EXPECT_THROW_WITH_REGEX( - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), EnvoyException, "Not able to parse filter expression: .*"); } #endif diff --git a/test/extensions/formatter/metadata/metadata_test.cc b/test/extensions/formatter/metadata/metadata_test.cc index acb03df661..f6d434036f 100644 --- a/test/extensions/formatter/metadata/metadata_test.cc +++ b/test/extensions/formatter/metadata/metadata_test.cc @@ -37,7 +37,9 @@ class MetadataFormatterTest : public ::testing::Test { )EOF", tag, type); TestUtility::loadFromYaml(yaml, config_); - return Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + return THROW_OR_RETURN_VALUE( + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), + Envoy::Formatter::FormatterBasePtr); } Http::TestRequestHeaderMapImpl request_headers_; diff --git a/test/extensions/formatter/req_without_query/req_without_query_test.cc b/test/extensions/formatter/req_without_query/req_without_query_test.cc index bda43e2626..e019ef4e91 100644 --- a/test/extensions/formatter/req_without_query/req_without_query_test.cc +++ b/test/extensions/formatter/req_without_query/req_without_query_test.cc @@ -44,7 +44,7 @@ TEST_F(ReqWithoutQueryTest, TestStripQueryString) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("/request/path", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -61,7 +61,7 @@ TEST_F(ReqWithoutQueryTest, TestSelectMainHeader) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("/original/path", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -78,7 +78,7 @@ TEST_F(ReqWithoutQueryTest, TestSelectAlternativeHeader) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("/request/path", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -95,7 +95,7 @@ TEST_F(ReqWithoutQueryTest, TestTruncateHeader) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("/requ", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -112,7 +112,7 @@ TEST_F(ReqWithoutQueryTest, TestNonExistingHeader) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("-", formatter->formatWithContext(formatter_context_, stream_info_)); } @@ -139,7 +139,7 @@ TEST_F(ReqWithoutQueryTest, TestFormatJson) { TestUtility::loadFromYaml(yaml, config_); auto formatter = - Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + *Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const std::string actual = formatter->formatWithContext(formatter_context_, stream_info_); EXPECT_TRUE(TestUtility::jsonStringEqual(actual, expected)); } @@ -156,7 +156,8 @@ TEST_F(ReqWithoutQueryTest, TestParserNotRecognizingCommand) { )EOF"; TestUtility::loadFromYaml(yaml, config_); - EXPECT_THROW(Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), + EXPECT_THROW(Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_) + .IgnoreError(), EnvoyException); } diff --git a/test/integration/quic_http_integration_test.cc b/test/integration/quic_http_integration_test.cc index b2dc7b4fa1..65251998c9 100644 --- a/test/integration/quic_http_integration_test.cc +++ b/test/integration/quic_http_integration_test.cc @@ -2380,6 +2380,22 @@ TEST_P(QuicHttpIntegrationTest, SendDisableActiveMigration) { ASSERT_TRUE(response->complete()); } +TEST_P(QuicHttpIntegrationTest, RejectTraffic) { + config_helper_.addConfigModifier([=](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { + bootstrap.mutable_static_resources() + ->mutable_listeners(0) + ->mutable_udp_listener_config() + ->mutable_quic_options() + ->set_reject_new_connections(true); + }); + + initialize(); + codec_client_ = makeRawHttpConnection(makeClientConnection(lookupPort("http")), absl::nullopt); + EXPECT_TRUE(codec_client_->disconnected()); + EXPECT_EQ(quic::QUIC_INVALID_VERSION, + static_cast(codec_client_->connection())->error()); +} + // Validate that the transport parameter is not sent when `send_disable_active_migration` is // unset. TEST_P(QuicHttpIntegrationTest, UnsetSendDisableActiveMigration) { diff --git a/test/per_file_coverage.sh b/test/per_file_coverage.sh index eae1d69683..c5bc35cf78 100755 --- a/test/per_file_coverage.sh +++ b/test/per_file_coverage.sh @@ -4,8 +4,6 @@ # for existing directories with low coverage. declare -a KNOWN_LOW_COVERAGE=( "source/common:96.2" -"source/common/api:84.5" # flaky due to posix: be careful adjusting -"source/common/api/posix:83.8" # flaky (accept failover non-deterministic): be careful adjusting "source/common/common/posix:96.2" # flaky due to posix: be careful adjusting "source/common/config:96.1" "source/common/crypto:95.5" diff --git a/tools/code_format/config.yaml b/tools/code_format/config.yaml index 286208a3ba..bbc5d3f81d 100644 --- a/tools/code_format/config.yaml +++ b/tools/code_format/config.yaml @@ -110,7 +110,6 @@ paths: - source/common/formatter/stream_info_formatter.h - source/common/formatter/stream_info_formatter.cc - source/common/formatter/substitution_formatter.h - - source/common/formatter/substitution_format_string.h - source/common/stats/tag_extractor_impl.cc - source/common/protobuf/yaml_utility.cc - source/common/protobuf/utility.cc