This repository was archived by the owner on Dec 16, 2020. It is now read-only.
Closed
Conversation
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Description: This cleans up the ssl code for easier integration with non-BoringSSL libraries. Risk Level: Low Testing: Updated tests Docs Changes: N/A Release Notes: N/A Signed-off-by: Venil Noronha <veniln@vmware.com>
Signed-off-by: Derek Argueta <dereka@pinterest.com>
I suspect this is also one of the cost factor of RBE egress, because ASAN fuzzer binaries are big. Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Yan Xue <yxyan@google.com>
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
* Add a note about envoy-build-tools Signed-off-by: Venil Noronha <veniln@vmware.com>
Description: use http_parser in http inspector Risk Level: Med Testing: Unit test Docs Changes: N/A Release Notes: N/A Signed-off-by: crazyxy <yxyan@google.com>
Deprecate google.protobuf.Struct config members in the following types: envoy.api.v2.auth.PrivateKeyProvider envoy.api.v2.listener.UdpListenerConfig envoy.config.filter.accesslog.v2.ExtensionFilter Risk Level: Low Testing: Unit Test Docs Changes: N/A Release Notes: N/A Fixes: #8403 Signed-off-by: Yan Avlasov <yavlasov@google.com>
* Automatically infer Envoy API header files from source in envoy_build_fixer.py. * Also remove unusued loads in envoy_build_fixer.py via Buildozer, we can enable other cleanups potentially in the future. Signed-off-by: Harvey Tuch <htuch@google.com>
Abseil has a StrJoin, which does the same as StringUtils::join and fmt::join. Replace all uses of these with absl::StrJoin. Signed-off-by: James Peach <jpeach@apache.org>
…ine one (#8864) Signed-off-by: Yaroslav Skopets <y.skopets@gmail.com>
Signed-off-by: Michael Hargreaves <mik.hargreaves@gmail.com>
This patch makes consistent the type for ssize_t as used on Windows. We will favor describing it as a ptrdiff_t, which is standard C. Patches to tclap and nghttp2 are needed for this exercise. Linux is a 64ILP architecture, so there's no difference between int and [s]size_t and pointer widths. Windows is a 64P architecture, where only long long maps to the width of the size_t and C99 standard ptrdiff_t types. This leads to a number of places where the Envoy API has presented an explicit int or int32_t which is smaller than the ptrdiff_t on Windows. In some places we must cast to or from the API defined width. Several other misassumptions on the width of int are also addressed. Windows does not support alternately-named VA_ARGS which is not a standard C++ language feature in our baseline c++ 17 expectation. Other minor adjustments reflect other quirks of the MSVC compilier (some more correct and some simply buggy behavior). Windows MSVC needs various guards on unrecognized #pragmas, and will not support any preprocessor operations within the arguments to a macro; this is not stdc or stdc++. This patch largely ignores changes which are required for windows, and do not impact the linux/os-x compilation path. This patch is also missing the IoHandle abstraction of 'fd' arguments, storage and return codes, win32 error handling and win32 specific #include's handling. Risk Level: Moderate Testing: Passed locally on Windows (with additional patches) and Linux Signed-off-by: William A Rowe Jr <wrowe@pivotal.io> Signed-off-by: Yechiel Kalmenson <ykalmenson@pivotal.io>
Fuzz the Grpc::decode() implementation, validating that decode(encode(x)) == x for all x, regardless of how the encoded buffer is partitioned. Models frame boundary conditions and also trailing random crud, which effectively models line noise input to the decoder as well. Risk level: Low Testing: Passes the empty corpus test case, no crashes observed after several minutes running locally. Signed-off-by: Harvey Tuch <htuch@google.com>
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
* ci: use bash for Windows and build more targets Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Description: Add response flags into expression context Risk Level: low Testing: unit test Docs Changes: Release Notes: Signed-off-by: Pengyuan Bian <bianpengyuan@google.com>
Part of #4272. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Implement encodeHeader|Data|Trailer. Implement watermark buffer for QUIC stream and session to limit data buffered in stream send buffer. Implement readDisable() for QUIC stream to block pushing data when upper stream receive buffer is full. Risk Level: low, not in use Testing: added tests in stream test. Part of #2557 Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Derek Argueta <dereka@pinterest.com>
…og_integration_test (#8885) Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Description: Tracking load status for LDS using the ConfigDump protos Risk Level: Medium: major changes to an existing (alpha) system Testing: new unit tests Docs Changes: API notes inline Release Notes: n/a #8039 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Description: Adds serialization method to filter state and use from logger if specified. Risk Level: Low Testing: CI Docs Changes: Added Release Notes: Added Fixes #8790 Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Kuat Yessenov <kuat@google.com>
… application logs (#8672) Currently, application logs are not sanitized of c-style escape sequences. If any filter logs a message that contains newline characters, the logs will be printed to a new line. This breaks log formats set by the --log-format option, breaking integration with log viewers. This change adds a command line option --log-format-escaped to escape c-style escape characters in application logs before they are outputted. Enabling this flag ensures newline characters in logs are ignored, meaning that each call to ENVOY_LOG will result in at most 1 line outputted. This flag works for both Stderr and File loggers. Risk Level: Low Testing: Unit tests Fuzz test Manual verification (see comments in PR) Performance Impact: As long as production environments are running with the default log level, this will only slightly impact startup time (only when --log-format-escaped is set). The critical section for each request/response will not be impacted. Docs Changes: Added docs to command line options about new flag and possible use cases, like Stackdriver Logging integration on GKE. Release Notes: Added release notes about new flag Fixes #8637 Signed-off-by: Teju Nareddy <nareddyt@google.com>
…dations (#8882) Updates protoc-gen-validate to a18376249eb51cdd517f67fe8703897322812e6d and adds tests to the RBAC common filter code to prove that nested validations work as expected. Risk Level: low Testing: unit test Doc Changes: n/a Release Notes: n/a Fixes: #8715, #5324 Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
* wasm: fix wee8 running under UBSan with vptr checks. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
build.sh uses constructs from Bash 4 which are not available to macOS users because /bin/bash is Bash 3. Use a portable shebang to start whichever bash appears first in PATH. Signed-off-by: Steve Larkin <steve.larkin@volvocars.com>
This was bad accounting of moved buffer size. Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18452. Risk level: Low Testing: Corpus entry added. Signed-off-by: Harvey Tuch <htuch@google.com>
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Signed-off-by: Luis Otero <lotero@google.com>
Signed-off-by: Anatoly Scheglov <ascheglov@yandex-team.ru>
Signed-off-by: Fred Douglas <fredlas@google.com>
…8668) Description: Enhance the ext_authz filter to allow multiple `Set-Cookie` headers to be added by a `Denied` `Check` response. Previously, when the `Check` response contained multiple headers of the same name, only the last one would be applied in the http response. Please see full description of problem in #8649. Risk Level: Low Testing: Unit test Docs Changes: N/A Release Notes: N/A Fixes #8649 Signed-off-by: Ryan Richard <rrichard@pivotal.io>
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
lizan
requested review from
PiotrSikora,
alyssawilk,
dio,
htuch,
jmarantz,
jplevyak,
mattklein123,
snowp and
zuercher
as code owners
Contributor
|
We're switching to stable releases, so this is going to remain at 1.12.x for a while... |
Member
Author
|
@PiotrSikora that's for the sha that istio-proxy pointing to right? it shouldn't block master? |
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Member
Author
|
will wait on #292 |
Contributor
|
At this stage we do not want to be backporting and instead focus on upstreaming. |
Contributor
|
/wait |
Member
|
How long is the upstreaming going to take? If its a few days, then okay. If it is anything more than that, then that doesn't work. Because the fix that lizan is trying to merge is a bug fix for Istio (about ALS metadata logging) as it is currently logging incorrect stuff. |
Member
Author
|
@PiotrSikora @jplevyak I don't think we agreed locking down master to Envoy stable release, we agreed on locking down Istio release to Envoy stable release, to reduce maintenance cost. |
Member
Author
|
If we think #297 is ok to cherry-pick the change for bug fix, I'm fine with that too. @rshriram @PiotrSikora |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.