Skip to content

Commit

Permalink
refactor: adjust prometheus
Browse files Browse the repository at this point in the history
  • Loading branch information
@vicanso
vicanso committed Oct 29, 2024
1 parent d2b2306 commit 2c86d21
Show file tree
Hide file tree
Showing 7 changed files with 198 additions and 131 deletions.
38 changes: 21 additions & 17 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ opentelemetry_sdk = { version = "0.24.1", features = [
"rt-tokio",
], default-features = false, optional = true }
path-absolutize = "3.1.1"
pingora = { git = "https://github.com/cloudflare/pingora", rev = "3f60857993925c87aecfbaf0799358baabf7d436", default-features = false, features = [
pingora = { git = "https://github.com/cloudflare/pingora", rev = "1c6eed066b57e5bf387b7ebcad9e447515dece80", default-features = false, features = [
# pingora = { version = "0.3.0", default-features = false, features = [
"lb",
"openssl",
Expand All @@ -97,6 +97,7 @@ rust-embed = { version = "8.5.0", features = [
"compression",
], default-features = false }
rustc_version_runtime = "0.3.0"
rustls-pemfile = "2.2.0"
scopeguard = "1.2.0"
sentry = { version = "0.26", default-features = false, optional = true }
serde = "1.0.213"
Expand Down
4 changes: 2 additions & 2 deletions src/cache/file.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ pub struct FileCache {
reading: AtomicU32,
reading_max: u32,
#[cfg(feature = "full")]
read_time: Histogram,
read_time: Box<Histogram>,
writing: AtomicU32,
writing_max: u32,
#[cfg(feature = "full")]
write_time: Histogram,
write_time: Box<Histogram>,
cache: TinyUfo<String, CacheObject>,
}

Expand Down
37 changes: 26 additions & 11 deletions src/config/common.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,10 @@ use bytesize::ByteSize;
use http::{HeaderName, HeaderValue};
use once_cell::sync::Lazy;
use once_cell::sync::OnceCell;
use pingora::tls::pkey::PKey;
use pingora::tls::x509::X509;
use regex::Regex;
use serde::{Deserialize, Serialize, Serializer};
use std::hash::{DefaultHasher, Hash, Hasher};
use std::io::Cursor;
use std::net::ToSocketAddrs;
use std::sync::Arc;
use std::time::Duration;
Expand Down Expand Up @@ -160,6 +159,27 @@ pub struct CertificateConf {
pub remark: Option<String>,
}

fn validate_cert(value: &str) -> Result<()> {
let buf = convert_pem(value)?;
let mut key = Cursor::new(&buf);
let mut err = None;
let success = rustls_pemfile::certs(&mut key).all(|item| {
if let Err(e) = &item {
err = Some(Error::Invalid {
message: e.to_string(),
});
return false;
}
true
});
if !success && err.is_some() {
return Err(err.unwrap_or(Error::Invalid {
message: "Invalid certitificate".to_string(),
}));
}
Ok(())
}

impl CertificateConf {
/// Get hash key of certificate config
pub fn hash_key(&self) -> String {
Expand All @@ -172,25 +192,20 @@ impl CertificateConf {
// convert private key
if let Some(value) = &self.tls_key {
let buf = convert_pem(value)?;
let _ = PKey::private_key_from_pem(&buf).map_err(|e| {
let mut key = Cursor::new(buf);
let _ = rustls_pemfile::private_key(&mut key).map_err(|e| {
Error::Invalid {
message: e.to_string(),
}
})?;
}
// convert certificate
if let Some(value) = &self.tls_cert {
let buf = convert_pem(value)?;
let _ = X509::from_pem(&buf).map_err(|e| Error::Invalid {
message: e.to_string(),
})?;
validate_cert(value)?;
}
// convert certificate chain
if let Some(value) = &self.tls_chain {
let buf = convert_pem(value)?;
let _ = X509::from_pem(&buf).map_err(|e| Error::Invalid {
message: e.to_string(),
})?;
validate_cert(value)?;
}
Ok(())
}
Expand Down
7 changes: 6 additions & 1 deletion src/proxy/server.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -776,7 +776,12 @@ impl ProxyHttp for Server {
}
}

Ok(resp_cacheable(cc.as_ref(), resp, false, &META_DEFAULTS))
Ok(resp_cacheable(
cc.as_ref(),
resp.clone(),
false,
&META_DEFAULTS,
))
}

async fn response_filter(
Expand Down
Loading

0 comments on commit 2c86d21

Please sign in to comment.