Merge from envoyproxy/envoy-wasm:master #90
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
) Description: Take a similar approach of bazelbuild/bazel@ab9c1f5, which use `-l:libstdc++.a` to statically link libstdc++. This makes us closer to remove our own `cc_wrapper` and `cc_configure` in the future. Also it will allow us do static link with libc++. Risk Level: Med Testing: local, CI Docs Changes: N/A Release Notes: N/A Signed-off-by: Lizan Zhou <lizan@tetrate.io>
This commit fixes a crash in which an upstream request would not be properly reset after the router was done with it and the callbacks destroyed which would cause a segfault when data was received on the upstream request. This happened in particular when "bad" headers are received for an upstream request but there are still requests in flight. When hedging is disabled (i.e. default behavior) this is not an issue because the filter will be destroyed synchronously which will reset the stream, however with hedging it needs to be done more proactively. Signed-off-by: Michael Puncel <mpuncel@squareup.com>
…tarted yet (envoyproxy#7511) Signed-off-by: Jianfei Hu <jianfeih@google.com>
…nvoyproxy#7416) Signed-off-by: Dan Zhang <danzh@google.com>
envoyproxy#5656) Signed-off-by: Yang Song <yasong@google.com>
…yproxy#7545) Resolves feedback from envoyproxy#7303 Signed-off-by: LaVigne, Scott <lavignes@amazon.com>
In Arch and Clear linux /usr/bin/python points to python3 causing build failures due to type mismatch in os.write(): string is used where bytestring is expected. Explicitly convert string to bytestring. Risk Level: low Testing: unit tests Release Notes: N/A Documentation: N/A Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
…oyproxy#7279) As noted in envoyproxy#7528 the newly added sanity checking of possibly sensitive file paths prevents legitimate usage of passing bootstrap via a non-CLOEXEC file descriptor from a generator helper that execs Envoy. This PR relaxes the validation such that any path resolving to a canonical path with the prefix /dev/fd/ is considered valid. Risk Level: Low Testing: Unit test case is added that was failing before the change and passes afterwards. In addition I've manually verified that the old behaviour of allowing /dev/fd/ paths works with my dev binary. Fixes envoyproxy#7258 Signed-off-by: Paul Banks <banks@banksco.de>
All http filters have build rules to generate cc protobufs, but not go protobufs. Added build rules (to a few filters) to generate go protobuf files. Emulates the rules in the health_check http filter.
Risk Level: Low
Testing: These rules were copied to google3 and tested internally. Unfortunately, I am having a bit of trouble with bazel build directly on these targets ("Package is considered deleted due to --deleted_packages"). Please let me know if there is a better way to test this change.
Signed-off-by: Teju Nareddy <nareddyt@google.com>
In order to better support clients such as gRPC-LB that want to access only a single listener/cluster, provide the scope in the xDS specification to specify explicit resource hints. Signed-off-by: Harvey Tuch <htuch@google.com>
Signed-off-by: Yuchen Dai <silentdai@gmail.com>
Description: Regression in envoyproxy#6866. k8-dbg/bin is excluded to ignore generated files but virtual_includes are there too. Risk Level: Low Testing: CI 🙏 Docs Changes: Release Notes: Fixes envoyproxy#7474 Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Description: Heap::forceLink is no longer needed as admin endpoint is added. Improves coverage a bit. Risk Level: Low Testing: CI Docs Changes: N/A Release Notes: N/A Signed-off-by: Lizan Zhou <lizan@tetrate.io>
1) Implement auto SAN/SNI setting on a per-host basis. 2) Cleanup some v1 config translation. Part of envoyproxy#1606 Signed-off-by: Matt Klein <mklein@lyft.com>
Description: Fix regression of envoyproxy#7551 Risk Level: Testing: Docs Changes: Release Notes: Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
envoyproxy#7104) Signed-off-by: Mitch Sukalski <mitch.sukalski@workday.com>
* ci: Enable bazel limited download flags Signed-off-by: Keith Smiley <keithbsmiley@gmail.com>
Fixes envoyproxy#7570 Risk Level: Low Testing: 1000 runs of the flaking test Docs Changes: N/A Release Notes: N/A Signed-off-by: Matt Klein <mklein@lyft.com>
Risk Level: Low Testing: CI Docs Changes: n/a Release Notes: n/a Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Matt Hoey <matt.hoey@okta.com>
…upport (envoyproxy#7118) Description: Redefine DecoderFilter interface and add EncoderFilter support Redefining DecoderFilter is mainly for 2 reasons: The original interface is not clear and complicated for the user, for example, the user needs to understand the meaning of transportBegin, transportEnd, messageBegin, messageEnd, transferHeaderTo, transferBodyTo, and we want to minimize this cost, so we decided to provide only one after internal discussion: onMessageDecoded interface. We used to have an internal implementation version and submitted a version to the community, but this obviously wastes a lot of development resources, so we decided to merge the two versions, mainly based on the open source version. As mentioned above, we merged the internal and open source versions. EncoderFilter is currently needed internally, such as the retry mechanism. we will consider adding more features to Dubbo later, similar to HTTP, so EncoderFilter is also necessary. we want to bring more features to users around Dubbo. Risk Level: low Testing: unit test Docs Changes: N/A Release Notes: N/A Signed-off-by: leilei.gll <leilei.gll@alibaba-inc.com>
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
…proxy#7306) Description: This PR addresses the behavior described in envoyproxy#7061 by modifying the HTTP/1.1 codec, such that it verifies the value of each HTTP header when onHeaderValue is called. The codec raises an exception, which results in a 400 response being returned if an invalid header value (per RFC 7230, section 3.2) is found. The actual validation is done via the nghttp2_check_header_value function, which is wrapped in Envoy::Http::HeaderUtility::headerIsValid. (NOTE: this has been discussed as something that nghttp2 could do itself, but the issue seems to have languished. Also note that Go handles this: Go uses the httpguts.ValidHeaderFieldValue function (which is analogous to nghttp2_check_header_value) to ensure that all the HTTP header values conform to the relevant RFC specs before an http.Transport instance will round-trip the request. Risk Level: Low/medium This stricter validation semantics are controlled with the envoy.reloadable_features.validate_header_values runtime-guarded feature. Originally, the PR used a new boolean on the HTTP connection manager proto to toggle the behavior, but during the course of PR review, it was decided that this would be more appropriate for a runtime guard. Testing: new unit tests, manual tests Release Notes: Updated Fixes envoyproxy#7061 Signed-off-by: Dylan Carney <dcarney@gmail.com>
Description: Remove an unused dependency from tap. This makes a build warning go away. Risk Level: low Testing: build Docs Changes: N/A Release Notes: N/A Signed-off-by: Ismo Puustinen <ismo.puustinen@intel.com>
Fix merge race of envoyproxy#7118 and envoyproxy#7447 Risk Level: Low Testing: n/a Docs Changes: n/a Release Notes: n/a Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Asra Ali <asraa@google.com>
…oxy#7549) Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Emil Mikulic <g-easy@users.noreply.github.com>
* Modularize the WASM VM code in preparation for upstreaming. Signed-off-by: John Plevyak <jplevyak@gmail.com>
* Make the stats prefix configurable for WebAssembly services. Signed-off-by: John Plevyak <jplevyak@gmail.com>
This change adds histograms for each opcode, e.g.: * getdata * setdata * ... Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
* Switch to new Stats API. Signed-off-by: John Plevyak <jplevyak@gmail.com>
This warms when building: > envoy/api/v2/cluster/filter.proto:12:1: warning: Import google/protobuf/struct.proto but not used. Signed-off-by: Michael Rebello <me@michaelrebello.com>
Limit the number of outbound (these, waiting to be written into the socket) HTTP/2 frames. When the limit is exceeded the connection is terminated. This mitigates flood exploits where a client continually sends frames that are not subject to flow control without reading server responses. Fixes CVE-2019-9512, CVE-2019-9514 and CVE-2019-9515. Signed-off-by: Yan Avlasov <yavlasov@google.com>
This change adds protections against flooding using PRIORITY and/or WINDOW_UPDATE frames, as well as frames with an empty payload and no end stream flag. Fixes CVE-2019-9511, CVE-2019-9513 and CVE-2019-9518. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Fixes CVE-2019-9516. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
…lushWriteAndDelay (#28) Signed-off-by: Yan Avlasov <yavlasov@google.com>
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Signed-off-by: Matt Klein <mklein@lyft.com>
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
|
All (the pull request submitter and all commit authors) CLAs are signed, but one or more commits were authored or co-authored by someone other than the pull request submitter. We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that by leaving a comment that contains only Note to project maintainer: There may be cases where the author cannot leave a comment, or the comment is not properly detected as consent. In those cases, you can manually confirm consent of the commit author(s), and set the ℹ️ Googlers: Go here for more info. |
|
A Googler has manually verified that the CLAs look good. (Googler, please make sure the reason for overriding the CLA status is clearly documented in these comments.) ℹ️ Googlers: Go here for more info. |
PiotrSikora
approved these changes
Aug 13, 2019
PiotrSikora
approved these changes
Aug 13, 2019
@PiotrSikora No it doesn't mess with git history. Look for example for commit hashes f2129cb and 3f90336. They exist in both this branch and envoyproxy/envoy-wasm:master. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.