Commit Graph

42 Commits

Author SHA1 Message Date
罗泽轩
966d68829a
feat: validate certificate & key (#3085)
Fix #296
Fix #2816

Signed-off-by: spacewander <spacewanderlzx@gmail.com>
2020-12-23 21:30:09 +08:00
罗泽轩
370beda74d
feat: improve the error msg when client doesn't send SNI (#3053) 2020-12-16 08:56:30 +08:00
John Bampton
511f52a856
refactor: remove trailing whitespace (#3040) 2020-12-15 08:56:20 +08:00
罗泽轩
cc9c1bb090
ci: check misspell (#3011)
Fix #3009
2020-12-10 23:05:36 +08:00
罗泽轩
93e2f1647a
feat: route accroding to the graphql attributes (#2964)
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
2020-12-10 15:51:00 +08:00
roketyyang
c41aa8534a
feat: update lua-resty-radixtree to 2.5 (#2971)
Co-authored-by: roketyyang <roketyyang@tencent.com>
2020-12-05 21:32:58 +08:00
Peter Zhu
95226d950f
fix: check decrypt key to prevent lua thread aborted (#2815)
Fix #2791
2020-11-24 16:43:29 +08:00
Shuyang Wu
36162e3607
fix: move conf/cert to t/certs and disable ssl by default (#2112) 2020-11-20 11:10:01 +08:00
Yousa
53e2d5387f
fix: remove upstream 'Server' header info. fix #2714 (#2731)
fix #2714
2020-11-18 13:15:31 +08:00
罗泽轩
960077f245
fix(echo): modify response body correctly (#2561)
Fix #2427, #2554
2020-10-29 16:48:53 +08:00
haifeng9414
3bb670b521
bugfix: set route priority for router radixtree_host_uri. (#2447)
Fix: #2423.
2020-10-17 19:20:51 +08:00
L
720d135fd2
fix: Update error message when Route doesn't exist (#2304)
Fixes #2302

Co-authored-by: YuanSheng Wang <membphis@gmail.com>
2020-10-06 11:48:52 +08:00
Alex Zhang
36d3b82ec4
bugfix: supported the encryption/decryption for multi priv keys (#2179)
Co-authored-by: Wen Ming <moonbingbing@gmail.com>
2020-09-22 20:37:14 +08:00
Alex Zhang
dd6ee5e99f
improve: use optimistic locking to avoid concurrency problem in admin PATCH APIs. (#2216)
There is a potential concurrency problem in all admin PATCH APIs when
two patch requests come in simultaneously, in such case, the patched
result of the first applied request will be overridden, also the
probability is tidy, but from the perspective of software's robust,
that's not what we wanna to see.

In this commit, we use the optimistic locking to avoid this problem, for
the example aforementioned, the second PATCH request will failure, and
it's up to the user to retry this PATCH request again.

The optimistic locking mechanism in ETCD v3 APIs is showed by it's
transcation mechanism.

Signed-off-by: tokers <zchao1995@gmail.com>
2020-09-18 17:20:55 +08:00
Alex Zhang
1556cd0d7e
improve: cache parsed certs and pkeys to LRU cache (#2163) 2020-09-10 15:35:55 +08:00
Alex Zhang
2886b2169b
feature: support multiple certificates(RSA and ECC) for single domain (#2089) 2020-08-24 09:23:06 +08:00
YuanSheng Wang
cf882bda1e
feature: divide config.yaml into two files config-custom.yaml & confi… (#2023)
* feature: divide config.yaml into two files config-custom.yaml & config-default.yaml .

fix #1923
2020-08-18 20:18:55 +08:00
Swayam Raina
6e0da454d1
feature: add apisix-version info to headers in APISIX core (#1961)
related #1877
2020-08-15 07:24:33 +08:00
YuanSheng Wang
c67e998dad
bugfix: fail to handshake if there is no certificate matched by host. (#1980)
* bugfix: fail to handshake if there is no certificate matched by host.
* fix:  grpc proxy test case
2020-08-04 23:20:34 +08:00
YuanSheng Wang
f9a8a26dd4
feature: add a new option, decide if we remove the "/" at the end of … (#1766)
* feature: add a new option, decide if we remove the "/" at the end of the URI before route matching.

fix #1765
2020-07-29 19:25:30 +08:00
YuanSheng Wang
cff822b7ae
* CI: Github action run non-OSX test case, Travis-CI runs the OSX test case(allow failure). (#1860)
* test: reformat by `reindex`.
* CI: dry-run the OSX CI in Github Action.
2020-07-17 15:27:08 +08:00
mtx2d
24d7007e94
change: removed useless plugin heartbeat (#1845)
Fix #1176
2020-07-16 17:31:39 +08:00
nic-chen
e598e6fa6a
bugfix: wrong counter was used, resulting in only one certificate working fine. (#1818)
Fix #1817
2020-07-10 18:39:08 +08:00
nic-chen
56aeb4a6a9
feature: ssl enhance (#1678)
support enable or disable ssl by patch method
support encrypted storage of the SSL private key in etcd
support multi snis

Fix #1668
2020-06-13 16:10:27 +08:00
YuanSheng Wang
c452846b81
bugfix: wildcard certificates cannot match multi-level subdomains in … (#810) 2020-06-08 10:52:25 +08:00
YuanSheng Wang
256cc19980
bugfix: throw error meg when call admin API to enable mqtt plugin but stream_proxy is disabled. (#1407) 2020-04-08 16:24:55 +08:00
Wen Ming
be2eec3c6d
feature: supported key-based authentication to the dashboard. (#1169) 2020-03-05 14:48:27 +08:00
YuanSheng Wang
9e98773fae
change: responsed a better tip when failed to match any route. (#1013) 2020-01-03 10:11:37 +08:00
YuanSheng Wang
c74e6c2d3a feature: supported priority for route. (#998) 2019-12-29 17:11:38 +08:00
YuanSheng Wang
051baded1f
test: avoided listening on unnecessary unix sockets. (#995) 2019-12-24 09:50:22 +08:00
YuanSheng Wang
77ad66206e
bugfix(radixtree_host_uri): match priority, host > uri. (#817)
* bugfix(radixtree_host_uri): match priority, host > uri.

Fix #761.
2019-11-15 17:24:51 +08:00
罗泽轩
b67f99b265 chore: fixed typo detected by misspell (#801) 2019-11-05 10:58:04 +08:00
YuanSheng Wang
4ee11806de
travis: supported to run APISIX with Tengine. (#683) 2019-11-02 09:05:38 +08:00
YuanSheng Wang
ad376f83f8
change: updated resty-radixtree to v1.5. (#768)
* feature: supported userdefine lua function in router `radixtree_uri`.
* feature: supported userdefine lua function in router `radixtree_host_uri`.
2019-11-01 09:49:09 +08:00
WenMing
12a2b01b71
license: add ASF header. (#743) 2019-10-31 09:27:28 +08:00
YuanSheng Wang
d8b0c2d04c change: removed router r3. (#725) 2019-10-23 12:59:22 +08:00
YuanSheng Wang
9074a8a3b8
feature: support for host + uri as an index (radixtree) (#671) 2019-10-12 14:24:34 +08:00
YuanSheng Wang
0e10fa6c68
feature: enabled HTTP2 and supported to set ssl_protocols. (#663)
* feature: enabled HTTP2 and supported to set `ssl_protocols`.
* bugfix: used default certificate if failed to load certificate by SNI.

Fix #595.
2019-10-10 22:28:58 +08:00
Yuansheng
4bb40df857 change(test): name style. 2019-09-10 10:07:29 +08:00
YuanSheng Wang
275cfa8c73
change(router): use radixtree_sni as default SSL router. (#419)
* change(router): use `radixtree_sni` as default SSL router.

* change(route): use `radixtree_uri` as default HTTP(S) router.

* luarocks: removed `lua-resty-libr3` component by default.
2019-08-20 22:07:59 +08:00
YuanSheng Wang
56ca3645eb
feature(router): implemented new SNI router radixtree_sni, and change (#418)
* feature(router): implemented new SNI router `radixtree_sni`, and change
  default router to `radixtree_uri` and `radixtree_sni`.

* optimize: avoided one lrucache call.
2019-08-20 13:03:25 +08:00
YuanSheng Wang
1ef5828090
feature: supported to use router lua-resty-radixtree. (#391)
* feature: supported new router `lua-resty-radixtree`.

* change(nginx.conf): sync from CLI.
2019-08-12 09:04:41 +08:00