add host_override to parent.config and other sni name fixes #12868
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates parent/SNI handling so ATS can override the outbound Host/SNI name when using a parent (e.g., another CDN), and adds a gold test + TLS fixtures to validate parent failover behavior.
Changes:
- Add
host_overridesupport toparent.configparsing and expose it onParentResult. - Update Host header override behavior in parent selection / next-hop strategy paths, and harden SNI server_name handling.
- Add a TLS parent-failover gold test plus associated cert/key fixtures and helper scripts.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/gold_tests/tls/valgrind.sh | Helper script to run Traffic Server under valgrind for TLS gold tests. |
| tests/gold_tests/tls/tls_sni_parent_failover.test.py | New gold test for SNI/Host behavior during parent failover with host override. |
| tests/gold_tests/tls/ssl/server-foo.pem | TLS cert fixture for foo.com origin. |
| tests/gold_tests/tls/ssl/server-foo.key | TLS private key fixture for foo.com origin. |
| tests/gold_tests/tls/ssl/server-bar.pem | TLS cert fixture for bar.com origin. |
| tests/gold_tests/tls/ssl/server-bar.key | TLS private key fixture for bar.com origin. |
| tests/gold_tests/tls/ssl/gen_foobar_certs.sh | Script for regenerating the foo/bar TLS fixtures used by the new test. |
| src/proxy/http/remap/NextHopSelectionStrategy.cc | Adjust Host header override to target the correct request header depending on state. |
| src/proxy/http/HttpTransact.cc | Apply Host override when parent.config selects a parent with host_override=true. |
| src/proxy/http/HttpSM.cc | Null/empty handling fix for outbound SNI when policy is server_name. |
| src/proxy/ParentSelection.cc | Parse host_override from parent.config. |
| include/proxy/http/remap/NextHopSelectionStrategy.h | Remove redundant include (via HttpTransact) after new host_override handling. |
| include/proxy/ParentSelection.h | Add host_override flag to ParentRecord and accessor on ParentResult. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
bryancall
added
Parent Proxy
strategy
Parent Selection
Bug
and removed
Parent Proxy
labels
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes to sni name handling when using another CDN as parent.
This adds "host_override" to parent.config and has some fixes for the strategies handling of same option.