Sometimes service dicovery can carry arbitrary information, such as
SNI and request path to instrument how to connect to backend servers.
Backend now support to carry this type of information.
This allows user defined L4 connect() to be used so that they can
customize the connect behavior such as changing socket options and
simulating errors in tests.
This PR updates the function signatures in the `ext.rs` file to use `*mut` instead of `*const` for the `ssl` and `cert` parameters in the `SSL_use_certificate` and `SSL_use_PrivateKey` functions. This indicates that the functions can modify the SSL and certificate objects as intended.
Ref:
- https://www.openssl.org/docs/man1.1.1/man3/SSL_use_certificate.htmlhttps://boringssl.googlesource.com/boringssl/+/refs/tags/~~~/ssl/ssl_cert.cc#292
Refactor the `cvt` function to use `c_long` instead of `c_int` for the return type for better compatibility with the types used in the OpenSSL library.
Also, add a test case for the `ssl_set_groups_list` function to ensure it handles valid and invalid input correctly.
---
chore(openssl):fix increase X509 reference count
Includes-commit: 7841271b4a
Includes-commit: e132431889
Replicated-from: https://github.com/cloudflare/pingora/pull/308
Although it is implied that fail_to_connect() errors are already caused
by upstream connections, it is more clear for the user's code inside this callback
by marking the error source in this case.
I started fidgeting with another one of the tests breaking because of the
estimator not being deterministic, and then decided to do this another way.
This adds `seeded` and `seeded_compact` constructors to the estimator which are
used in tests to override the LFU. These are hidden behind `cfg(test)`. The
`random_status` field of the UFO object is also overridden with the same seeds
as used for the seeded LFU.
These make the tests pass consistently without requiring further monkeying.
Now UDS can be parsed from string with prefix "unix:". The raw path
support will be deprecated.
From https://github.com/cloudflare/pingora/pull/141
Co-authored-by: blackanger <blackanger.z@gmail.com>
When a user calls `release_http_session` on an http Connector, it is
usually implied that they intend to reuse the underlying connection if
possible. Previously for H1 this involved reaching into the H1 client
Session and calling `respect_keepalive`. The new behavior always
respects keepalive as part of releasing the http session, as it was very
easy to overlook this step and unintentionally disable connection reuse
for H1 sessions.
Fixes https://github.com/cloudflare/pingora/issues/228
This adds a function to set the compression level per supported algorithm. The
behavior of `adjust_level` is changed to set the level for all of the algorithms
such that it still behaves the same.
Previously the test would fail because the item evicted may be the entry (4,4,1)
failing admission. I adjusted the weights so that all weights for items besides
the one we want moved to the main cache are equal and the cache can only hold
three. The test then checks that 1 is moved to the main, the evicted key is
gone, and the other two are present.
