From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] 0fc0475c6 VCL: introduce sub vcl_backend_refresh Message-ID: <20250901084605.0E4281126D8@lists.varnish-cache.org> commit 0fc0475c6a2a75eb18dfc5fafddbc4c8446b03e1 Author: Walid Boudebouda Date: Mon Oct 2 14:56:47 2023 +0200 VCL: introduce sub vcl_backend_refresh This commit introduces a new sub vcl_backend_refresh method intended to allow allow a more flexible approach on object revalidation. diff --git a/bin/varnishd/builtin.vcl b/bin/varnishd/builtin.vcl index 271a0217e..a6f8c79c9 100644 --- a/bin/varnishd/builtin.vcl +++ b/bin/varnishd/builtin.vcl @@ -209,6 +209,10 @@ sub vcl_backend_response { return (deliver); } +sub vcl_backend_refresh { + return (merge); +} + sub vcl_builtin_backend_response { call vcl_beresp_range; if (bereq.uncacheable) { diff --git a/doc/sphinx/reference/vcl_step.rst b/doc/sphinx/reference/vcl_step.rst index 81bb7b4e0..794f4fb76 100644 --- a/doc/sphinx/reference/vcl_step.rst +++ b/doc/sphinx/reference/vcl_step.rst @@ -331,6 +331,51 @@ hashing the request method and/or request body. HEAD request can be satisfied from cached GET responses. +.. _vcl_backend_refresh: + +vcl_backend_refresh +~~~~~~~~~~~~~~~~~~~ + +This subroutine is called after a legitimate 304 response is received from +the backend so that you can chose how to handle the object revalidation. + +The default is to apply the RFC logic which is to merge the new headers with +the stale ones. + +The returned value only affects response headers, the body that is delivered +is always the one from the stale object. + + | + | ``merge`` + | Merge the headers we got from the backend response with + | the ones we had in the cached object. + | + | ``obj_stale`` + | Return the stale object's headers without performing the RFC merge logic. + | + | ``beresp`` + | Return the beresp headers as they were at the end of this subroutine + | without executing the RFC merge logic. Any content-length and + | content-encoding headers present in the 304 beresp will be removed and + | replaced by the stale object ones if available. Etag and Last-Modified + | headers are also copied from the stale object to allow futur revalidations. + | + | ``fail`` + | see :ref:`fail` section above + | + | ``abandon`` + | see :ref:`abandon` section above + | + | ``retry`` + | Retry the backend transaction. Increases the `retries` counter. + | If the number of retries is higher than *max_retries*, + | control will be passed to :ref:`vcl_backend_error`. + | + | ``error(status code, reason)`` + | Transition to :ref:`vcl_backend_error` with ``beresp.status`` and + | ``beresp.reason`` being preset to the arguments of ``error()`` if + | arguments are provided. + .. _vcl_backend_response: vcl_backend_response diff --git a/doc/sphinx/reference/vcl_var.rst b/doc/sphinx/reference/vcl_var.rst index 6b724ebb8..633a2eeb6 100644 --- a/doc/sphinx/reference/vcl_var.rst +++ b/doc/sphinx/reference/vcl_var.rst @@ -984,7 +984,7 @@ beresp Type: HTTP - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The entire backend response HTTP data structure, useful as argument to VMOD functions. @@ -995,7 +995,7 @@ beresp.age Type: DURATION - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: Age header, or zero. @@ -1008,7 +1008,7 @@ beresp.backend Type: BACKEND - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh This is the backend we fetched from. If bereq.backend was set to a director, this will be the backend selected @@ -1031,7 +1031,7 @@ beresp.backend.name Type: STRING - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Name of the backend this response was fetched from. Same as beresp.backend. @@ -1054,9 +1054,9 @@ beresp.do_esi Type: BOOL - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: ``false``. @@ -1075,9 +1075,9 @@ beresp.do_gunzip Type: BOOL - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: ``false``. @@ -1096,9 +1096,9 @@ beresp.do_gzip Type: BOOL - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: ``false``. @@ -1116,9 +1116,9 @@ beresp.do_stream Type: BOOL - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: ``true``. @@ -1201,9 +1201,9 @@ beresp.grace Type: DURATION - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: Cache-Control ``stale-while-revalidate`` directive, or ``default_grace`` parameter. @@ -1217,11 +1217,11 @@ beresp.http.* Type: HEADER - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Unsettable from: vcl_backend_response, vcl_backend_error + Unsettable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The HTTP headers returned from the server. @@ -1232,7 +1232,7 @@ beresp.http.content-length Type: HEADER - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The content-length header field is protected, see protected_headers_. @@ -1241,7 +1241,7 @@ beresp.http.transfer-encoding Type: HEADER - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The transfer-encoding header field is protected, see protected_headers_. @@ -1252,9 +1252,9 @@ beresp.keep Type: DURATION - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: ``default_keep`` parameter. @@ -1271,9 +1271,9 @@ beresp.proto ``VCL <= 4.0`` Type: STRING - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The HTTP protocol version the backend replied with. @@ -1284,7 +1284,7 @@ beresp.proto ``VCL >= 4.1`` Type: STRING - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The HTTP protocol version the backend replied with. @@ -1295,9 +1295,9 @@ beresp.reason Type: STRING - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The HTTP status message returned by the server. @@ -1308,9 +1308,9 @@ beresp.status Type: INT - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The HTTP status code returned by the server. @@ -1323,9 +1323,9 @@ beresp.storage Type: STEVEDORE - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh The storage backend to use to save this object. If @@ -1337,9 +1337,9 @@ beresp.storage_hint ``VCL <= 4.0`` Type: STRING - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Deprecated since varnish 5.1 and discontinued since VCL @@ -1355,7 +1355,7 @@ beresp.time Type: TIME - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh When the backend headers were fully received just before ``vcl_backend_response {}`` was entered, or when @@ -1385,9 +1385,9 @@ beresp.ttl Type: DURATION - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Default: Cache-Control ``s-maxage`` or ``max-age`` directives, or a value computed from the Expires header's deadline, or the @@ -1402,9 +1402,9 @@ beresp.uncacheable Type: BOOL - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh - Writable from: vcl_backend_response, vcl_backend_error + Writable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh Inherited from bereq.uncacheable, see there. @@ -1422,7 +1422,7 @@ beresp.was_304 Type: BOOL - Readable from: vcl_backend_response, vcl_backend_error + Readable from: vcl_backend_response, vcl_backend_error, vcl_backend_refresh When ``true`` this indicates that we got a 304 response From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] 221d8066c vrt_var: Generalize obj.* variables bindings Message-ID: <20250901084605.224081126DC@lists.varnish-cache.org> commit 221d8066c43689737afac10ab8de8ed758dfee86 Author: Walid Boudebouda Date: Sat Oct 14 21:24:07 2023 +0200 vrt_var: Generalize obj.* variables bindings diff --git a/bin/varnishd/cache/cache_vrt_var.c b/bin/varnishd/cache/cache_vrt_var.c index 3415ff83c..7b76b8f35 100644 --- a/bin/varnishd/cache/cache_vrt_var.c +++ b/bin/varnishd/cache/cache_vrt_var.c @@ -147,42 +147,6 @@ VRT_HDR_LR(beresp, reason, HTTP_HDR_REASON) VRT_STATUS_L(beresp) VRT_STATUS_R(beresp) -/*-------------------------------------------------------------------- - * Pulling things out of the packed object->http - */ - -VCL_INT -VRT_r_obj_status(VRT_CTX) -{ - CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC); - - return (HTTP_GetStatusPack(ctx->req->wrk, ctx->req->objcore)); -} - -VCL_STRING -VRT_r_obj_proto(VRT_CTX) -{ - CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC); - - return (HTTP_GetHdrPack(ctx->req->wrk, ctx->req->objcore, - H__Proto)); -} - -VCL_STRING -VRT_r_obj_reason(VRT_CTX) -{ - CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC); - - return (HTTP_GetHdrPack(ctx->req->wrk, ctx->req->objcore, - H__Reason)); -} - /*-------------------------------------------------------------------- * beresp bool-fields */ @@ -530,28 +494,73 @@ VRT_l_beresp_storage_hint(VRT_CTX, const char *str, VCL_STRANDS s) /*--------------------------------------------------------------------*/ -VCL_STEVEDORE -VRT_r_obj_storage(VRT_CTX) -{ - CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC); - AN(ctx->req->objcore->stobj); - CHECK_OBJ_NOTNULL(ctx->req->objcore->stobj->stevedore, - STEVEDORE_MAGIC); - return (ctx->req->objcore->stobj->stevedore); +#define VRT_OC_VAR_R(obj, which, which_magic, field) \ +VCL_STEVEDORE \ +VRT_r_##obj##_storage(VRT_CTX) \ +{ \ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \ + CHECK_OBJ_NOTNULL(ctx->which, which_magic); \ + CHECK_OBJ_NOTNULL(ctx->which->field, OBJCORE_MAGIC); \ + AN(ctx->which->field->stobj); \ + CHECK_OBJ_NOTNULL(ctx->which->field->stobj->stevedore, \ + STEVEDORE_MAGIC); \ + return (ctx->which->field->stobj->stevedore); \ +} \ + \ +VCL_BOOL \ +VRT_r_##obj##_can_esi(VRT_CTX) \ +{ \ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \ + CHECK_OBJ_NOTNULL(ctx->which, which_magic); \ + CHECK_OBJ_NOTNULL(ctx->which->field, OBJCORE_MAGIC); \ + return (ObjHasAttr(ctx->which->wrk, ctx->which->field, \ + OA_ESIDATA)); \ +} \ + \ +VCL_BOOL \ +VRT_r_##obj##_uncacheable(VRT_CTX) \ +{ \ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \ + CHECK_OBJ_NOTNULL(ctx->which, which_magic); \ + CHECK_OBJ_NOTNULL(ctx->which->field, OBJCORE_MAGIC); \ + \ + return (ctx->which->field->flags & OC_F_HFM ? 1 : 0); \ +} \ + \ +VCL_INT \ +VRT_r_##obj##_status(VRT_CTX) \ +{ \ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \ + CHECK_OBJ_NOTNULL(ctx->which, which_magic); \ + CHECK_OBJ_NOTNULL(ctx->which->field, OBJCORE_MAGIC); \ + \ + return (HTTP_GetStatusPack(ctx->which->wrk, \ + ctx->which->field)); \ +} \ + \ +VCL_STRING \ +VRT_r_##obj##_proto(VRT_CTX) \ +{ \ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \ + CHECK_OBJ_NOTNULL(ctx->which, which_magic); \ + CHECK_OBJ_NOTNULL(ctx->which->field, OBJCORE_MAGIC); \ + \ + return (HTTP_GetHdrPack(ctx->which->wrk, \ + ctx->which->field, H__Proto)); \ +} \ + \ +VCL_STRING \ +VRT_r_##obj##_reason(VRT_CTX) \ +{ \ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \ + CHECK_OBJ_NOTNULL(ctx->which, which_magic); \ + CHECK_OBJ_NOTNULL(ctx->which->field, OBJCORE_MAGIC); \ + \ + return (HTTP_GetHdrPack(ctx->which->wrk, \ + ctx->which->field, H__Reason)); \ } -/*--------------------------------------------------------------------*/ - -VCL_BOOL -VRT_r_obj_can_esi(VRT_CTX) -{ - CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC); - return (ObjHasAttr(ctx->req->wrk, ctx->req->objcore, OA_ESIDATA)); -} +VRT_OC_VAR_R(obj, req, REQ_MAGIC, objcore); /*--------------------------------------------------------------------*/ @@ -1000,16 +1009,6 @@ VRT_r_obj_hits(VRT_CTX) return (ctx->req->is_hit ? ctx->req->objcore->hits : 0); } -VCL_BOOL -VRT_r_obj_uncacheable(VRT_CTX) -{ - - CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC); - CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC); - return (ctx->req->objcore->flags & OC_F_HFM ? 1 : 0); -} - /*--------------------------------------------------------------------*/ VCL_BOOL From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] 841e8ff0c VCL: Introduce new obj_stale variable Message-ID: <20250901084605.48F8B1126E1@lists.varnish-cache.org> commit 841e8ff0c3317f53e231ef24af6711dd20c3b4e8 Author: Walid Boudebouda Date: Sat Oct 14 20:07:44 2023 +0200 VCL: Introduce new obj_stale variable obj_stale variable gives access to the stale object we had in cache when doing a 304 revalidation. It is only readable from vcl_backend_refresh subroutine. diff --git a/bin/varnishd/cache/cache_vrt.c b/bin/varnishd/cache/cache_vrt.c index edec7d64f..2847e8b87 100644 --- a/bin/varnishd/cache/cache_vrt.c +++ b/bin/varnishd/cache/cache_vrt.c @@ -259,6 +259,7 @@ VRT_selecthttp(VRT_CTX, enum gethdr_e where) case HDR_RESP: hp = ctx->http_resp; break; + case HDR_OBJ_STALE: case HDR_OBJ: hp = NULL; break; @@ -283,6 +284,13 @@ VRT_GetHdr(VRT_CTX, VCL_HEADER hs) return (HTTP_GetHdrPack(ctx->req->wrk, ctx->req->objcore, hs->what)); } + + if (hs->where == HDR_OBJ_STALE) { + CHECK_OBJ_NOTNULL(ctx->bo, BUSYOBJ_MAGIC); + CHECK_OBJ_NOTNULL(ctx->bo->stale_oc, OBJCORE_MAGIC); + return (HTTP_GetHdrPack(ctx->bo->wrk, ctx->bo->stale_oc, + hs->what)); + } hp = VRT_selecthttp(ctx, hs->where); CHECK_OBJ_NOTNULL(hp, HTTP_MAGIC); if (!http_GetHdr(hp, hs->what, &p)) diff --git a/bin/varnishd/cache/cache_vrt_var.c b/bin/varnishd/cache/cache_vrt_var.c index 7b76b8f35..777f11ad2 100644 --- a/bin/varnishd/cache/cache_vrt_var.c +++ b/bin/varnishd/cache/cache_vrt_var.c @@ -561,6 +561,7 @@ VRT_r_##obj##_reason(VRT_CTX) \ } VRT_OC_VAR_R(obj, req, REQ_MAGIC, objcore); +VRT_OC_VAR_R(obj_stale, bo, BUSYOBJ_MAGIC, stale_oc); /*--------------------------------------------------------------------*/ @@ -800,9 +801,13 @@ VRT_r_##which##_##fld(VRT_CTX) \ /*lint -save -e835 */ // Zero right hand arg to '-' +VRT_DO_EXP_R(obj_stale, ctx->bo->stale_oc, ttl, + ttl_now(ctx) - ctx->bo->stale_oc->t_origin) VRT_DO_EXP_R(obj, ctx->req->objcore, ttl, ttl_now(ctx) - ctx->req->objcore->t_origin) +VRT_DO_EXP_R(obj_stale, ctx->bo->stale_oc, grace, 0) VRT_DO_EXP_R(obj, ctx->req->objcore, grace, 0) +VRT_DO_EXP_R(obj_stale, ctx->bo->stale_oc, keep, 0) VRT_DO_EXP_R(obj, ctx->req->objcore, keep, 0) VRT_DO_EXP_L(beresp, ctx->bo->fetch_objcore, ttl, ttl_now(ctx) - ctx->bo->fetch_objcore->t_origin) @@ -834,6 +839,7 @@ VRT_DO_TIME_R(resp, req, t_resp) VRT_DO_TIME_R(bereq, bo, t_first) VRT_DO_TIME_R(beresp, bo, t_resp) VRT_DO_TIME_R(obj, req->objcore, t_origin) +VRT_DO_TIME_R(obj_stale, bo->stale_oc, t_origin) /*-------------------------------------------------------------------- */ @@ -848,6 +854,7 @@ VRT_r_##which##_##age(VRT_CTX) \ return (ttl_now(ctx) - oc->t_origin); \ } +VRT_DO_AGE_R(obj_stale, ctx->bo->stale_oc) VRT_DO_AGE_R(obj, ctx->req->objcore) VRT_DO_AGE_R(beresp, ctx->bo->fetch_objcore) @@ -1011,6 +1018,28 @@ VRT_r_obj_hits(VRT_CTX) /*--------------------------------------------------------------------*/ +VCL_INT +VRT_r_obj_stale_hits(VRT_CTX) +{ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); + CHECK_OBJ_NOTNULL(ctx->bo, BUSYOBJ_MAGIC); + CHECK_OBJ_NOTNULL(ctx->bo->stale_oc, OBJCORE_MAGIC); + + return (ctx->bo->stale_oc->hits); +} + +VCL_BOOL +VRT_r_obj_stale_is_valid(VRT_CTX) +{ + CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); + CHECK_OBJ_NOTNULL(ctx->bo, BUSYOBJ_MAGIC); + CHECK_OBJ_NOTNULL(ctx->bo->stale_oc, OBJCORE_MAGIC); + + return (!(ctx->bo->stale_oc->flags & OC_F_DYING)); +} + +/*--------------------------------------------------------------------*/ + VCL_BOOL VRT_r_resp_is_streaming(VRT_CTX) { diff --git a/doc/sphinx/reference/vcl_var.rst b/doc/sphinx/reference/vcl_var.rst index 633a2eeb6..627caa15f 100644 --- a/doc/sphinx/reference/vcl_var.rst +++ b/doc/sphinx/reference/vcl_var.rst @@ -1429,6 +1429,176 @@ beresp.was_304 to our conditional fetch from the backend and turned that into ``beresp.status = 200`` +obj_stale +--------- + +This is the stale object we had in cache. It cannot be modified. + +.. _obj_stale.age: + +obj_stale.age + + Type: DURATION + + Readable from: vcl_backend_refresh + + The age of the stale object. + + +.. _obj_stale.can_esi: + +obj_stale.can_esi + + Type: BOOL + + Readable from: vcl_backend_refresh + + If the stale object can be ESI processed, that is if setting + ``resp.do_esi`` or adding ``esi`` to ``resp.filters`` in + ``vcl_deliver {}`` would cause the response body to be ESI + processed. + + +.. _obj_stale.grace: + +obj_stale.grace + + Type: DURATION + + Readable from: vcl_backend_refresh + + The stale object's grace period in seconds. + + +.. _obj_stale.hits: + +obj_stale.hits + + Type: INT + + Readable from: vcl_backend_refresh + + The count of cache-hits on this stale object. + + In `vcl_deliver` a value of 0 indicates a cache miss. + + +.. _obj_stale.http: + +obj_stale.http.* + + Type: HEADER + + Readable from: vcl_backend_refresh + + The HTTP headers stored in the stale object. + + See req.http_ for general notes. + + +.. _obj_stale.keep: + +obj_stale.keep + + Type: DURATION + + Readable from: vcl_backend_refresh + + The stale object's keep period in seconds. + + +.. _obj_stale.proto: + +obj_stale.proto + + Type: STRING + + Readable from: vcl_backend_refresh + + The HTTP protocol version stored in the stale object. + + +.. _obj_stale.reason: + +obj_stale.reason + + Type: STRING + + Readable from: vcl_backend_refresh + + + The HTTP reason phrase stored in the stale object. + + +.. _obj_stale.status: + +obj_stale.status + + Type: INT + + Readable from: vcl_backend_refresh + + + The HTTP status code stored in the stale object. + + More information in the `HTTP response status`_ section. + + +.. _obj_stale.storage: + +obj_stale.storage + + Type: STEVEDORE + + Readable from: vcl_backend_refresh + + The storage backend where this stale object is stored. + + +.. _obj_stale.time: + +obj_stale.time + + Type: TIME + + Readable from: vcl_backend_refresh + + The time the stale object was created from the perspective of the + server which generated it. This will roughly be equivalent to + ``now`` - ``obj.age``. + + +.. _obj_stale.ttl: + +obj_stale.ttl + + Type: DURATION + + Readable from: vcl_backend_refresh + + The stale object's time to live, in seconds. + + +.. _obj_stale.uncacheable: + +obj_stale.uncacheable + + Type: BOOL + + Readable from: vcl_backend_refresh + + Whether the stale object is uncacheable (pass, hit-for-pass or + hit-for-miss). + +.. _obj_stale.is_valid: + +obj_stale.is_valid + + Type: BOOL + + Readable from: vcl_backend_refresh + + Whether the stale object is still valid. obj --- diff --git a/include/vrt.h b/include/vrt.h index 730df304a..188ab693e 100644 --- a/include/vrt.h +++ b/include/vrt.h @@ -58,6 +58,19 @@ * binary/load-time compatible, increment MAJOR version * * XX.X (unreleased) + * VRT_r_obj_stale_age() added + * VRT_r_obj_stale_can_esi() added + * VRT_r_obj_stale_grace() added + * VRT_r_obj_stale_hits() added + * VRT_r_obj_stale_keep() added + * VRT_r_obj_stale_proto() added + * VRT_r_obj_stale_reason() added + * VRT_r_obj_stale_status() added + * VRT_r_obj_stale_storage() added + * VRT_r_obj_stale_time() added + * VRT_r_obj_stale_ttl() added + * VRT_r_obj_stale_uncacheable() added + * enum gethdr_e has new value HDR_OBJ_STALE * typedef hdr_t added * struct gethdr_s.what changed to hdr_t * VRT_VSC_Alloc() renamed to VRT_VSC_Allocv() @@ -727,7 +740,8 @@ enum gethdr_e { HDR_RESP, HDR_OBJ, HDR_BEREQ, - HDR_BERESP + HDR_BERESP, + HDR_OBJ_STALE }; typedef const struct { From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] 61ee440b5 VBF: Move 304 logic to builtin VCL Message-ID: <20250901084605.6F9941126E5@lists.varnish-cache.org> commit 61ee440b5f427e0c3aa60b6b285deeaada86c99b Author: Walid Boudebouda Date: Mon Aug 26 14:01:37 2024 +0200 VBF: Move 304 logic to builtin VCL diff --git a/bin/varnishd/builtin.vcl b/bin/varnishd/builtin.vcl index a6f8c79c9..bf7595ebc 100644 --- a/bin/varnishd/builtin.vcl +++ b/bin/varnishd/builtin.vcl @@ -204,15 +204,44 @@ sub vcl_builtin_backend_fetch { } } +sub vcl_backend_refresh { + call vcl_builtin_backend_refresh; + return (merge); +} + +sub vcl_builtin_backend_refresh { + call vcl_refresh_valid; + call vcl_refresh_conditions; + call vcl_refresh_status; +} + +# Check that the stale object was not invalidated under our feet +sub vcl_refresh_valid { + if (!obj_stale.is_valid) { + return (error(503, "Invalid object for refresh")); + } +} + +# Only allow revalidation if we asked for it +sub vcl_refresh_conditions { + if (!bereq.http.if-modified-since && + !bereq.http.if-none-match) { + return (error(503, "Unexpected 304")); + } +} + +# We currently only revalidate 200 responses +sub vcl_refresh_status { + if (obj_stale.status != 200) { + return (error(503, "Invalid object for refresh")); + } +} + sub vcl_backend_response { call vcl_builtin_backend_response; return (deliver); } -sub vcl_backend_refresh { - return (merge); -} - sub vcl_builtin_backend_response { call vcl_beresp_range; if (bereq.uncacheable) { diff --git a/bin/varnishd/cache/cache_fetch.c b/bin/varnishd/cache/cache_fetch.c index fe957f64b..0fc041111 100644 --- a/bin/varnishd/cache/cache_fetch.c +++ b/bin/varnishd/cache/cache_fetch.c @@ -351,37 +351,23 @@ vbf_stp_retry(struct worker *wrk, struct busyobj *bo) * 304 setup logic */ -static int +static void vbf_304_logic(struct busyobj *bo) { - if (bo->stale_oc != NULL && - ObjCheckFlag(bo->wrk, bo->stale_oc, OF_IMSCAND)) { - AZ(bo->stale_oc->flags & (OC_F_HFM|OC_F_PRIVATE)); - if (ObjCheckFlag(bo->wrk, bo->stale_oc, OF_CHGCE)) { - /* - * If a VFP changed C-E in the stored - * object, then don't overwrite C-E from - * the IMS fetch, and we must weaken any - * new ETag we get. - */ - RFC2616_Weaken_Etag(bo->beresp); - } - http_Unset(bo->beresp, H_Content_Encoding); - http_Unset(bo->beresp, H_Content_Length); - HTTP_Merge(bo->wrk, bo->stale_oc, bo->beresp); - assert(http_IsStatus(bo->beresp, 200)); - bo->was_304 = 1; - } else if (!bo->uncacheable) { + + AZ(bo->stale_oc->flags & (OC_F_HFM|OC_F_PRIVATE)); + if (ObjCheckFlag(bo->wrk, bo->stale_oc, OF_CHGCE)) { /* - * Backend sent unallowed 304 + * If a VFP changed C-E in the stored + * object, then don't overwrite C-E from + * the IMS fetch, and we must weaken any + * new ETag we get. */ - VSLb(bo->vsl, SLT_Error, - "304 response but not conditional fetch"); - bo->htc->doclose = SC_RX_BAD; - vbf_cleanup(bo); - return (-1); + RFC2616_Weaken_Etag(bo->beresp); } - return (1); + http_Unset(bo->beresp, H_Content_Encoding); + http_Unset(bo->beresp, H_Content_Length); + HTTP_Merge(bo->wrk, bo->stale_oc, bo->beresp); } /*-------------------------------------------------------------------- @@ -392,8 +378,9 @@ static const struct fetch_step * v_matchproto_(vbf_state_f) vbf_stp_startfetch(struct worker *wrk, struct busyobj *bo) { int i; + const char *q; vtim_real now; - unsigned handling; + unsigned handling, skip_vbr = 0; struct objcore *oc; CHECK_OBJ_NOTNULL(wrk, WORKER_MAGIC); @@ -489,14 +476,66 @@ vbf_stp_startfetch(struct worker *wrk, struct busyobj *bo) AZ(bo->do_esi); AZ(bo->was_304); - if (http_IsStatus(bo->beresp, 304) && vbf_304_logic(bo) < 0) - return (F_STP_ERROR); + if (http_IsStatus(bo->beresp, 304) && !bo->uncacheable) { + if (bo->stale_oc == NULL){ + VSLb(bo->vsl, SLT_Error, + "304 response but not conditional fetch"); + bo->htc->doclose = SC_RX_BAD; + vbf_cleanup(bo); + return (F_STP_ERROR); + } + bo->was_304 = 1; + VCL_backend_refresh_method(bo->vcl, wrk, NULL, bo, NULL); + switch (wrk->vpi->handling) { + case VCL_RET_MERGE: + vbf_304_logic(bo); + break; + case VCL_RET_BERESP: + http_SetStatus(bo->beresp, 200, NULL); + http_ForceHeader(bo->beresp, H_Content_Length, + HTTP_GetHdrPack(wrk, bo->stale_oc, + H_Content_Length)); + http_Unset(bo->beresp, H_Content_Encoding); + q = HTTP_GetHdrPack(wrk, bo->stale_oc, + H_Content_Encoding); + if (q != NULL) { + http_ForceHeader(bo->beresp, + H_Content_Encoding, q); + } + q = HTTP_GetHdrPack(wrk, bo->stale_oc, + H_Last_Modified); + if (q != NULL) { + http_ForceHeader(bo->beresp, + H_Last_Modified, q); + } + q = HTTP_GetHdrPack(wrk, bo->stale_oc, H_ETag); + if (q != NULL) + http_ForceHeader(bo->beresp, H_ETag, q); + break; + case VCL_RET_OBJ_STALE: + if (HTTP_Decode(bo->beresp, ObjGetAttr(bo->wrk, + bo->stale_oc, OA_HEADERS, NULL))) { + bo->htc->doclose = SC_RX_OVERFLOW; + vbf_cleanup(bo); + return (F_STP_ERROR); + } + break; + case VCL_RET_RETRY: + case VCL_RET_ERROR: + case VCL_RET_ABANDON: + case VCL_RET_FAIL: + skip_vbr = 1; + break; + default: + WRONG("Illegal return from vcl_backend_refresh{}"); + } + } if (bo->htc != NULL && bo->htc->doclose == SC_NULL && http_GetHdrField(bo->bereq, H_Connection, "close", NULL)) bo->htc->doclose = SC_REQ_CLOSE; - - VCL_backend_response_method(bo->vcl, wrk, NULL, bo, NULL); + if (!skip_vbr) + VCL_backend_response_method(bo->vcl, wrk, NULL, bo, NULL); if (bo->htc != NULL && bo->htc->doclose == SC_NULL && http_GetHdrField(bo->beresp, H_Connection, "close", NULL)) diff --git a/bin/varnishtest/tests/b00094.vtc b/bin/varnishtest/tests/b00094.vtc new file mode 100644 index 000000000..92a17bcff --- /dev/null +++ b/bin/varnishtest/tests/b00094.vtc @@ -0,0 +1,91 @@ +varnishtest "Test vcl_backend_refresh" + +server s1 { + rxreq + txresp -hdr "Etag: abcd" -hdr "from-be: true" -body "abcdefghij" + + rxreq + expect req.http.if-none-match == "abcd" + txresp -status 304 -hdr "be304-1: true" + + rxreq + expect req.http.if-none-match == "abcd" + txresp -status 304 -hdr "be304-2: true" + + rxreq + expect req.http.if-none-match == "abcd" + txresp -status 304 -hdr "be304-3: true" +} -start + +varnish v1 -vcl+backend { + + sub vcl_backend_response { + set beresp.ttl = 0.01s; + set beresp.grace = 0s; + set beresp.keep = 10m; + set beresp.http.was-304 = beresp.was_304; + } + + sub vcl_backend_refresh { + if (bereq.http.stale) { + return (obj_stale); + } else if (bereq.http.beresp) { + return (beresp); + } + } + +} -start + +# insert object in cache +client c1 { + txreq + rxresp + expect resp.status == 200 + expect resp.http.was-304 == false + expect resp.http.from-be == true + expect resp.bodylen == 10 + expect resp.body == "abcdefghij" +} -run + +# let the object die +delay 0.01 + +# should get the stale obj headers only +client c2 { + txreq -hdr "stale: 1" + rxresp + expect resp.status == 200 + expect resp.http.be304-1 == + expect resp.http.from-be == true + expect resp.bodylen == 10 + expect resp.body == "abcdefghij" +} -run + +# let the object die +delay 0.01 + +# get the beresp headers only +client c3 { + txreq -hdr "beresp: 1" + rxresp + expect resp.status == 200 + expect resp.http.from-bo == + expect resp.http.be304-2 == true + expect resp.bodylen == 10 + expect resp.body == "abcdefghij" +} -run + +# let the object die +delay 0.01 + +# default, get a merge of stale_oc and beresp headers +client c4 { + txreq + rxresp + expect resp.status == 200 + expect resp.http.from-bo == + expect resp.http.be304-2 == true + expect resp.http.be304-3 == true + expect resp.bodylen == 10 + expect resp.body == "abcdefghij" +} -run diff --git a/bin/varnishtest/tests/b00095.vtc b/bin/varnishtest/tests/b00095.vtc new file mode 100644 index 000000000..681da0fc3 --- /dev/null +++ b/bin/varnishtest/tests/b00095.vtc @@ -0,0 +1,78 @@ +varnishtest "Test obj_stale vcl variables" + +server s1 { + rxreq + txresp -hdr "Etag: abcd" -hdr "from-bo: true" -bodylen 10 + rxreq + expect req.http.if-none-match == "abcd" + txresp -status 304 +} -start + +varnish v1 -vcl+backend { + + sub vcl_backend_response { + set beresp.http.vbresp = "true"; + set beresp.ttl = 0.01s; + set beresp.grace = 0s; + set beresp.keep = 10m; + set beresp.http.was-304 = beresp.was_304; + } + + sub vcl_refresh_status { + if (obj_stale.status == 200) { + set beresp.http.vbref = "true"; + + set beresp.http.http = obj_stale.http.from-bo; + set beresp.http.age = obj_stale.age; + set beresp.http.can_esi = obj_stale.can_esi; + set beresp.http.grace = obj_stale.grace; + set beresp.http.hits = obj_stale.hits; + set beresp.http.keep = obj_stale.keep; + set beresp.http.proto = obj_stale.proto; + set beresp.http.reason = obj_stale.reason; + set beresp.http.status = obj_stale.status; + set beresp.http.storage = obj_stale.storage; + set beresp.http.time = obj_stale.time; + set beresp.http.ttl = obj_stale.ttl; + set beresp.http.uncacheable = obj_stale.uncacheable; + } + return (merge); + } +} -start + +client c1 { + txreq + rxresp + expect resp.status == 200 + + expect resp.http.was-304 == false + expect resp.http.vbref == + expect resp.http.vbresp == true + expect resp.http.from-bo == true +} -run + +delay 0.01 + +client c2 { + txreq + rxresp + expect resp.status == 200 + expect resp.http.was-304 == true + expect resp.http.vbresp == true + expect resp.http.vbref == true + expect resp.http.from-bo == true + + expect resp.http.http == true + expect resp.http.age == 0 + expect resp.http.can_esi == false + expect resp.http.grace == 0.000 + expect resp.http.hits == 0 + expect resp.http.keep == 600.000 + expect resp.http.proto == HTTP/1.1 + expect resp.http.reason == OK + expect resp.http.status == 200 + expect resp.http.storage == storage.s0 + expect resp.http.time != + expect resp.http.ttl != + expect resp.http.uncacheable == false +} -run From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] f68c8f6e4 VBF: add vcl_backend_refresh to cache_fetch.dot Message-ID: <20250901084605.8D4A11126E9@lists.varnish-cache.org> commit f68c8f6e4df69dfcde9621fac8d6688805883a42 Author: Walid Boudebouda Date: Tue Oct 10 19:03:17 2023 +0200 VBF: add vcl_backend_refresh to cache_fetch.dot diff --git a/doc/graphviz/cache_fetch.dot b/doc/graphviz/cache_fetch.dot index 96c0967a0..80e5fff19 100644 --- a/doc/graphviz/cache_fetch.dot +++ b/doc/graphviz/cache_fetch.dot @@ -43,9 +43,27 @@ digraph cache_fetch { ] v_b_f:error:s -> v_b_e v_b_f:fetch:s -> v_b_hdrs [style=bold] + RETRY_FETCH [shape=plaintext] + RETRY_FETCH -> v_b_hdrs [style=bold] v_b_hdrs [ label="send bereq,\nread beresp (headers)"] - v_b_hdrs -> v_b_r [style=bold] + v_b_hdrs -> v_b_r [label="\"no stale object\""] [style=bold] v_b_hdrs -> v_b_e + v_b_hdrs -> v_b_refresh [label="\"stale object\""] [style=bold] + + v_b_refresh [ + shape=record + label="{vbf_stp_startfetch:|{vcl_backend_refresh\{\}|{bereq.*|beresp.*}}|{error|fail|{retry|{max?|ok?}}|{retry(fetch)|{max?|ok?}}|abandon|merge|obj_stale|beresp}}" + ] + v_b_refresh:error:s -> v_b_e + v_b_refresh:retry -> v_b_r_retry [color=purple] + v_b_refresh:rf_retry -> v_b_r_retry_fetch [color=purple] + v_b_refresh:rf_max -> v_b_e + v_b_refresh:max -> v_b_e + + v_b_refresh:merge -> v_b_r + v_b_refresh:beresp -> v_b_r + v_b_refresh:stale -> v_b_r + v_b_r [ shape=record label="{vbf_stp_startfetch:|{vcl_backend_response\{\}|{bereq.*|beresp.*}}|{error|fail|{retry|{max?|ok?}}|abandon|{deliver or pass|{304?|other?}}}}" @@ -57,6 +75,7 @@ digraph cache_fetch { v_b_r:non_304:s -> vbf_stp_fetch v_b_r_retry [label="RETRY",shape=plaintext] + v_b_r_retry_fetch [label="RETRY_FETCH",shape=plaintext] vbf_stp_fetchbody [ shape=record diff --git a/doc/graphviz/cache_fetch.svg b/doc/graphviz/cache_fetch.svg index fa09e056e..0fad71a04 100644 --- a/doc/graphviz/cache_fetch.svg +++ b/doc/graphviz/cache_fetch.svg @@ -1,338 +1,446 @@ - - - + + cache_fetch - + cluster_backend - + RETRY -RETRY +RETRY v_b_f - -vbf_stp_startfetch: - -vcl_backend_fetch{} - -bereq.* - -error - -fail - -abandon - -fetch + +vbf_stp_startfetch: + +vcl_backend_fetch{} + +bereq.* + +error + +fail + +abandon + +fetch RETRY->v_b_f - - + + v_b_f_BGFETCH - -BGFETCH + +BGFETCH v_b_f_BGFETCH->v_b_f - - + + v_b_f_FETCH - -FETCH + +FETCH v_b_f_FETCH->v_b_f - - + + v_b_f_FETCH->v_b_f - - + + v_b_e - -vbf_stp_error: - -vcl_backend_error{} - -bereq.* - -beresp.* - -retry - -fail - -max? - -ok? - -abandon - -deliver + +vbf_stp_error: + +vcl_backend_error{} + +bereq.* + +beresp.* + +retry + +fail + +max? + +ok? + +abandon + +deliver v_b_f:s->v_b_e - - + + v_b_hdrs - -send bereq, -read beresp (headers) + +send bereq, +read beresp (headers) v_b_f:s->v_b_hdrs - - + + - + FETCH_DONE - -FETCH_DONE + +FETCH_DONE - + v_b_e:deliver->FETCH_DONE - - -"backend synth" + + +"backend synth" - + FETCH_FAIL - -FETCH_FAIL + +FETCH_FAIL - + v_b_e:s->FETCH_FAIL - - + + - + v_b_e_retry -RETRY +RETRY - + v_b_e:retry->v_b_e_retry - - + + - + v_b_hdrs->v_b_e - - + + - + v_b_r - -vbf_stp_startfetch: - -vcl_backend_response{} - -bereq.* - -beresp.* - -error - -fail - -retry - -max? - -ok? - -abandon - -deliver or pass - -304? - -other? + +vbf_stp_startfetch: + +vcl_backend_response{} + +bereq.* + +beresp.* + +error + +fail + +retry + +max? + +ok? + +abandon + +deliver or pass + +304? + +other? - + v_b_hdrs->v_b_r - - + + +"no stale object" + + + +v_b_refresh + +vbf_stp_startfetch: + +vcl_backend_refresh{} + +bereq.* + +beresp.* + +error + +fail + +retry + +max? + +ok? + +retry(fetch) + +max? + +ok? + +abandon + +merge + +obj_stale + +beresp + + + +v_b_hdrs->v_b_refresh + + +"stale object" + + + +RETRY_FETCH +RETRY_FETCH + + + +RETRY_FETCH->v_b_hdrs + + - + v_b_r:s->v_b_e - - + + - + v_b_r:max->v_b_e - - + + - + v_b_r_retry -RETRY +RETRY - + v_b_r:retry->v_b_r_retry - - + + - + vbf_stp_condfetch - -vbf_stp_condfetch: - -copy obj attr - -steal body - -fetch_fail? - -ok? + +vbf_stp_condfetch: + +copy obj attr + +steal body + +fetch_fail? + +ok? - + v_b_r:s->vbf_stp_condfetch - - + + - + vbf_stp_fetch - -vbf_stp_fetch: - -setup VFPs - -get object - -error? - -body? + +vbf_stp_fetch: + +setup VFPs + +get object + +error? + +body? - + v_b_r:s->vbf_stp_fetch - - + + + + + +v_b_refresh:s->v_b_e + + + + + +v_b_refresh:rf_max->v_b_e + + + + + +v_b_refresh:max->v_b_e + + + + + +v_b_refresh:merge->v_b_r + + + + + +v_b_refresh:beresp->v_b_r + + + + + +v_b_refresh:stale->v_b_r + + + + + +v_b_refresh:retry->v_b_r_retry + + + + + +v_b_r_retry_fetch +RETRY_FETCH + + + +v_b_refresh:rf_retry->v_b_r_retry_fetch + + - + vbf_stp_fetchend - -vbf_stp_fetchend: - -finalize object and director - -done + +vbf_stp_fetchend: + +finalize object and director + +done - + vbf_stp_condfetch:s->vbf_stp_fetchend - - + + - + vbf_stp_fetchbody - -vbf_stp_fetchbody: - -get storage - -read body, run VFPs - -fetch_fail? - -error? - -ok? + +vbf_stp_fetchbody: + +get storage + +read body, run VFPs + +fetch_fail? + +error? + +ok? - + vbf_stp_fetch:s->vbf_stp_fetchbody - - + + - + vbf_stp_fetch:s->vbf_stp_fetchend - - + + - + vbf_stp_fetchbody:s->vbf_stp_fetchend - - + + - + vbf_stp_fetchend:s->FETCH_DONE - - + + - + fail -fail +fail - + fail->FETCH_FAIL - - + + - + abandon -abandon +abandon - + abandon->FETCH_FAIL - - + + From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] 3514c2de0 vbr: Add more coverage for error cases Message-ID: <20250901084605.A7CD91126EE@lists.varnish-cache.org> commit 3514c2de0ca6ca7d620904f5717c4f07faf17b27 Author: Walid Boudebouda Date: Mon Jul 7 19:51:46 2025 +0200 vbr: Add more coverage for error cases diff --git a/bin/varnishtest/tests/b00094.vtc b/bin/varnishtest/tests/b00094.vtc index 92a17bcff..65c54c53d 100644 --- a/bin/varnishtest/tests/b00094.vtc +++ b/bin/varnishtest/tests/b00094.vtc @@ -1,5 +1,8 @@ varnishtest "Test vcl_backend_refresh" +barrier b1 sock 2 +barrier b2 sock 2 + server s1 { rxreq txresp -hdr "Etag: abcd" -hdr "from-be: true" -body "abcdefghij" @@ -15,6 +18,7 @@ server s1 { rxreq expect req.http.if-none-match == "abcd" txresp -status 304 -hdr "be304-3: true" + } -start varnish v1 -vcl+backend { @@ -89,3 +93,128 @@ client c4 { expect resp.bodylen == 10 expect resp.body == "abcdefghij" } -run + +################################################################### + +server s1 { + rxreq + expect req.http.if-none-match == "abcd" + txresp -status 304 -hdr "be304-4: true" +} -start + +varnish v1 -vcl+backend { + + import vtc; + + sub vcl_recv { + if (req.method == "PURGE") { + return (purge); + } + } + + sub vcl_backend_response { + set beresp.ttl = 0.01s; + set beresp.grace = 0s; + set beresp.keep = 10m; + set beresp.http.was-304 = beresp.was_304; + } + + sub vcl_backend_refresh { + vtc.barrier_sync("${b1_sock}"); + vtc.barrier_sync("${b2_sock}"); + set beresp.http.valid = obj_stale.is_valid; + } + +} + +# let the object die +delay 0.01 + +# Object gets purged while we are revalidating it +client c5 { + txreq + rxresp + expect resp.status == 503 + expect resp.reason == "Invalid object for refresh" +} -start + +barrier b1 sync + +client c6 { + txreq -method "PURGE" + rxresp + expect resp.status == 200 +} -run + +barrier b2 sync + +server s1 -wait +client c5 -wait + +################################################################### + +server s1 { + rxreq + txresp + rxreq + txresp -status 304 +} -start + +varnish v1 -vcl+backend { + sub vcl_backend_response { + set beresp.ttl = 0.01s; + set beresp.grace = 0s; + set beresp.keep = 10m; + set beresp.http.was-304 = beresp.was_304; + } + +} + +# Unprompted 304 +client c7 { + txreq -url /1 + rxresp + expect resp.status == 200 + + delay 0.01 + txreq -url /1 + rxresp + expect resp.status == 503 + expect resp.reason == "Unexpected 304" +} -run + +################################################################### + +server s1 { + rxreq + txresp -status 404 + rxreq + txresp -status 304 +} -start + +varnish v1 -vcl+backend { + + sub vcl_backend_response { + set beresp.ttl = 0.01s; + set beresp.grace = 0s; + set beresp.keep = 10m; + set beresp.http.was-304 = beresp.was_304; + } + + sub vcl_backend_fetch { + set bereq.http.if-none-match = "abcd"; + } + +} + +# Receiving 304 for non-200 objects +client c8 { + txreq -url /2 + rxresp + expect resp.status == 404 + delay 0.01 + txreq -url /2 + rxresp + expect resp.status == 503 + expect resp.reason == "Invalid object for refresh" +} -run From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] bea20dd48 vbr: Always remove the 304 response C-L header Message-ID: <20250901084605.C4C1D1126FF@lists.varnish-cache.org> commit bea20dd48cebe70dc6aa0efaf028f686741abe20 Author: Walid Boudebouda Date: Tue Aug 12 10:56:50 2025 +0200 vbr: Always remove the 304 response C-L header And copy the stale object's C-L only when available. When it is not, it's fine to leave the response without C-L since the delivery code will fall back to a chunked response. diff --git a/bin/varnishd/cache/cache_fetch.c b/bin/varnishd/cache/cache_fetch.c index 0fc041111..a7e7e2b56 100644 --- a/bin/varnishd/cache/cache_fetch.c +++ b/bin/varnishd/cache/cache_fetch.c @@ -492,10 +492,14 @@ vbf_stp_startfetch(struct worker *wrk, struct busyobj *bo) break; case VCL_RET_BERESP: http_SetStatus(bo->beresp, 200, NULL); - http_ForceHeader(bo->beresp, H_Content_Length, - HTTP_GetHdrPack(wrk, bo->stale_oc, - H_Content_Length)); + http_Unset(bo->beresp, H_Content_Length); http_Unset(bo->beresp, H_Content_Encoding); + q = HTTP_GetHdrPack(wrk, bo->stale_oc, + H_Content_Length); + if (q != NULL) { + http_ForceHeader(bo->beresp, + H_Content_Length, q); + } q = HTTP_GetHdrPack(wrk, bo->stale_oc, H_Content_Encoding); if (q != NULL) { diff --git a/bin/varnishtest/tests/b00096.vtc b/bin/varnishtest/tests/b00096.vtc new file mode 100644 index 000000000..dcef6aac0 --- /dev/null +++ b/bin/varnishtest/tests/b00096.vtc @@ -0,0 +1,64 @@ +varnishtest "Test vcl_backend_refresh on streaming object" + +barrier b1 sock 2 + +server s1 { + rxreq + txresp -hdr "Etag: abcd" -nolen -hdr "Transfer-encoding: chunked" + chunkedlen 10 + barrier b1 sync + chunkedlen 10 + chunkedlen 0 +} -start + +server s2 { + rxreq + expect req.http.if-none-match == "abcd" + txresp -status 304 +} -start + +varnish v1 -vcl+backend { + import vtc; + + sub vcl_recv { + if (req.http.stale) { + set req.backend_hint = s2; + } + } + + sub vcl_backend_response { + set beresp.ttl = 0.01s; + set beresp.grace = 0s; + set beresp.keep = 10m; + if (bereq.http.stale) { + vtc.barrier_sync("${b1_sock}"); + } + } + + sub vcl_backend_refresh { + return (beresp); + } + +} -start + +# insert object in cache +client c1 { + txreq + rxresp + expect resp.status == 200 + expect resp.bodylen == 20 +} -start + +# let the object die +delay 0.02 + +# object is still being fetched at this point +client c2 { + txreq -hdr "stale: 1" + rxresp + expect resp.status == 200 + expect resp.bodylen == 20 +} -start + +client c1 -wait +client c2 -wait From walid.boudebouda at gmail.com Mon Sep 1 08:46:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 08:46:05 +0000 (UTC) Subject: [master] a6eac1d77 cache_fetch: Add homework for later Message-ID: <20250901084605.DC2F2112716@lists.varnish-cache.org> commit a6eac1d779eccc464a3b06e0aebcbe819f3b7a19 Author: Walid Boudebouda Date: Tue Aug 12 11:37:38 2025 +0200 cache_fetch: Add homework for later diff --git a/bin/varnishd/cache/cache_fetch.c b/bin/varnishd/cache/cache_fetch.c index a7e7e2b56..55374cf09 100644 --- a/bin/varnishd/cache/cache_fetch.c +++ b/bin/varnishd/cache/cache_fetch.c @@ -885,6 +885,7 @@ vbf_stp_condfetch(struct worker *wrk, struct busyobj *bo) * (this would be an issue for ie OA_GZIPBITS). */ VSLb(bo->vsl, SLT_Notice, "vsl: Conditional fetch wait for streaming object"); + /* XXX: We should have a VCL controlled timeout here */ ObjWaitState(stale_oc, BOS_FINISHED); stale_state = stale_boc->state; HSH_DerefBoc(bo->wrk, stale_oc); From walid.boudebouda at gmail.com Mon Sep 1 09:04:04 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 09:04:04 +0000 (UTC) Subject: [master] 49c499b6d flexlint: Constify Message-ID: <20250901090404.E626B113B6A@lists.varnish-cache.org> commit 49c499b6d0660b961724fef2e3a1f05827eb7bdf Author: Walid Boudebouda Date: Mon Sep 1 10:58:11 2025 +0200 flexlint: Constify diff --git a/bin/varnishd/cache/cache_hash.c b/bin/varnishd/cache/cache_hash.c index 551e4ab46..1530d0e81 100644 --- a/bin/varnishd/cache/cache_hash.c +++ b/bin/varnishd/cache/cache_hash.c @@ -382,7 +382,7 @@ hsh_insert_busyobj(const struct worker *wrk, struct objhead *oh) */ static int -hsh_vry_match(struct req *req, struct objcore *oc, const uint8_t *vary) +hsh_vry_match(const struct req *req, struct objcore *oc, const uint8_t *vary) { if (req->hash_ignore_vary) From walid.boudebouda at gmail.com Mon Sep 1 09:04:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 09:04:05 +0000 (UTC) Subject: [master] 6ad72f004 flexlint: HSH_DerefObjCoreUnlock is only used in cache_hash.c Message-ID: <20250901090405.0C94C113B6D@lists.varnish-cache.org> commit 6ad72f004c6339dea07ab97d53db3315636b6bdf Author: Walid Boudebouda Date: Mon Sep 1 11:01:28 2025 +0200 flexlint: HSH_DerefObjCoreUnlock is only used in cache_hash.c diff --git a/bin/varnishd/cache/cache_hash.c b/bin/varnishd/cache/cache_hash.c index 1530d0e81..fde0c87d2 100644 --- a/bin/varnishd/cache/cache_hash.c +++ b/bin/varnishd/cache/cache_hash.c @@ -82,6 +82,7 @@ static void hsh_rush2(struct worker *, struct rush *); static int hsh_deref_objhead(struct worker *wrk, struct objhead **poh); static int hsh_deref_objhead_unlock(struct worker *wrk, struct objhead **poh, struct objcore *oc); +static int hsh_deref_objcore_unlock(struct worker *, struct objcore **); /*---------------------------------------------------------------------*/ @@ -1024,7 +1025,7 @@ HSH_Withdraw(struct worker *wrk, struct objcore **ocp) oc->flags &= ~OC_F_BUSY; oc->flags |= OC_F_WITHDRAWN; hsh_rush1(wrk, oc, &rush); /* grabs up to 1 oc ref */ - assert(HSH_DerefObjCoreUnlock(wrk, &oc) <= 1); + assert(hsh_deref_objcore_unlock(wrk, &oc) <= 1); hsh_rush2(wrk, &rush); } @@ -1227,11 +1228,11 @@ HSH_DerefObjCore(struct worker *wrk, struct objcore **ocp) CHECK_OBJ_NOTNULL(oh, OBJHEAD_MAGIC); Lck_Lock(&oh->mtx); - return (HSH_DerefObjCoreUnlock(wrk, &oc)); + return (hsh_deref_objcore_unlock(wrk, &oc)); } -int -HSH_DerefObjCoreUnlock(struct worker *wrk, struct objcore **ocp) +static int +hsh_deref_objcore_unlock(struct worker *wrk, struct objcore **ocp) { struct objcore *oc; struct objhead *oh; diff --git a/bin/varnishd/cache/cache_objhead.h b/bin/varnishd/cache/cache_objhead.h index 162aaeb7f..2c617e88b 100644 --- a/bin/varnishd/cache/cache_objhead.h +++ b/bin/varnishd/cache/cache_objhead.h @@ -78,7 +78,6 @@ struct boc *HSH_RefBoc(const struct objcore *); void HSH_DerefBoc(struct worker *wrk, struct objcore *); void HSH_DeleteObjHead(const struct worker *, struct objhead *); int HSH_DerefObjCore(struct worker *, struct objcore **); -int HSH_DerefObjCoreUnlock(struct worker *, struct objcore **); enum lookup_e HSH_Lookup(struct req *, struct objcore **, struct objcore **); void HSH_Ref(struct objcore *o); void HSH_AddString(struct req *, void *ctx, const char *str); From walid.boudebouda at gmail.com Mon Sep 1 09:16:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 09:16:05 +0000 (UTC) Subject: [master] 3da45eb1e flexlint: Constify Message-ID: <20250901091605.582201144B3@lists.varnish-cache.org> commit 3da45eb1e03166f7ffad250913d0fbad1cc58bd9 Author: Walid Boudebouda Date: Mon Sep 1 11:14:31 2025 +0200 flexlint: Constify diff --git a/bin/varnishd/cache/cache_hash.c b/bin/varnishd/cache/cache_hash.c index fde0c87d2..a72abd8cc 100644 --- a/bin/varnishd/cache/cache_hash.c +++ b/bin/varnishd/cache/cache_hash.c @@ -398,7 +398,7 @@ hsh_vry_match(const struct req *req, struct objcore *oc, const uint8_t *vary) } static unsigned -hsh_rush_match(struct req *req) +hsh_rush_match(const struct req *req) { struct objhead *oh; struct objcore *oc; From walid.boudebouda at gmail.com Mon Sep 1 10:15:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 10:15:05 +0000 (UTC) Subject: [master] 643c702cc cache_vrt_var: Remove useless semicolon Message-ID: <20250901101505.41F8E116CBE@lists.varnish-cache.org> commit 643c702ccd1ad7fa29c2d5e3c0e6cb4563345553 Author: Walid Boudebouda Date: Mon Sep 1 12:12:36 2025 +0200 cache_vrt_var: Remove useless semicolon Spotted by Flexlint diff --git a/bin/varnishd/cache/cache_vrt_var.c b/bin/varnishd/cache/cache_vrt_var.c index 777f11ad2..fc3861a33 100644 --- a/bin/varnishd/cache/cache_vrt_var.c +++ b/bin/varnishd/cache/cache_vrt_var.c @@ -560,8 +560,8 @@ VRT_r_##obj##_reason(VRT_CTX) \ ctx->which->field, H__Reason)); \ } -VRT_OC_VAR_R(obj, req, REQ_MAGIC, objcore); -VRT_OC_VAR_R(obj_stale, bo, BUSYOBJ_MAGIC, stale_oc); +VRT_OC_VAR_R(obj, req, REQ_MAGIC, objcore) +VRT_OC_VAR_R(obj_stale, bo, BUSYOBJ_MAGIC, stale_oc) /*--------------------------------------------------------------------*/ From walid.boudebouda at gmail.com Mon Sep 1 13:21:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 13:21:05 +0000 (UTC) Subject: [master] b1e9f69ad vcl_step: Document that return(fail) can take a string argument Message-ID: <20250901132106.07B4811D0F8@lists.varnish-cache.org> commit b1e9f69ad5dfd723cade06b33db0714a137a2d82 Author: Walid Boudebouda Date: Fri Aug 29 18:41:06 2025 +0200 vcl_step: Document that return(fail) can take a string argument diff --git a/doc/sphinx/reference/vcl-step.rst b/doc/sphinx/reference/vcl-step.rst index fd33764c0..683f48420 100644 --- a/doc/sphinx/reference/vcl-step.rst +++ b/doc/sphinx/reference/vcl-step.rst @@ -61,13 +61,17 @@ Common actions for the client and backend side .. _fail: -``fail`` -~~~~~~~~ +``fail(err)`` +~~~~~~~~~~~~~ Transition to :ref:`vcl_synth` on the client side as for ``return(synth(503, "VCL Failed"))``, but with any request state changes undone as if ``std.rollback()`` was called and forcing a - connection close. + connection close. The optional string argument `err` is logged to + VSL under a `VCL_Error` tag. + + Returning `fail` from `vcl_synth` sends a minimal response with a 500 + status. Intended for fatal errors, for which only minimal error handling is possible. diff --git a/doc/sphinx/reference/vcl_step.rst b/doc/sphinx/reference/vcl_step.rst index 794f4fb76..3b2f48a6f 100644 --- a/doc/sphinx/reference/vcl_step.rst +++ b/doc/sphinx/reference/vcl_step.rst @@ -24,7 +24,7 @@ The `vcl_recv` subroutine may terminate with calling ``return()`` on one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -75,7 +75,7 @@ The `vcl_pipe` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -98,7 +98,7 @@ The `vcl_pass` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -122,7 +122,7 @@ The `vcl_hash` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``lookup`` @@ -154,7 +154,7 @@ The `vcl_purge` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -179,7 +179,7 @@ The `vcl_miss` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -207,7 +207,7 @@ stale: It can have a zero or negative `ttl` with only `grace` or The `vcl_hit` subroutine may terminate with calling ``return()`` with one of the following keywords: - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -234,7 +234,7 @@ The `vcl_deliver` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``synth(status code, reason)`` @@ -262,7 +262,7 @@ The subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``restart`` @@ -287,7 +287,7 @@ The `vcl_backend_fetch` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``abandon`` @@ -388,7 +388,7 @@ The `vcl_backend_response` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``abandon`` @@ -438,7 +438,7 @@ The `vcl_backend_error` subroutine may terminate with calling ``return()`` with one of the following keywords: | - | ``fail`` + | ``fail(err)`` | see :ref:`fail` section above | | ``abandon`` @@ -473,7 +473,7 @@ with one of the following keywords: | ``ok`` | Normal return, VCL continues loading. | - | ``fail`` + | ``fail(err)`` | Abort loading of this VCL. .. _vcl_fini: From walid.boudebouda at gmail.com Mon Sep 1 13:21:06 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 13:21:06 +0000 (UTC) Subject: [master] 7c1806b98 req_fsm: Take vcl added "Connection:close" into account in synth Message-ID: <20250901132106.23BB911D0FB@lists.varnish-cache.org> commit 7c1806b98e98e59b936dcc0fecf845ab6d5aa114 Author: Walid Boudebouda Date: Fri Aug 29 18:50:21 2025 +0200 req_fsm: Take vcl added "Connection:close" into account in synth diff --git a/bin/varnishd/cache/cache_req_fsm.c b/bin/varnishd/cache/cache_req_fsm.c index 43cb18006..50d726845 100644 --- a/bin/varnishd/cache/cache_req_fsm.c +++ b/bin/varnishd/cache/cache_req_fsm.c @@ -376,7 +376,8 @@ cnt_synth(struct worker *wrk, struct req *req) VSB_len(synth_body)); if (req->doclose == SC_NULL && - http_HdrIs(req->resp, H_Connection, "close")) + (http_HdrIs(req->resp, H_Connection, "close") || + http_HdrIs(req->http, H_Connection, "close"))) req->doclose = SC_RESP_CLOSE; /* Discard any lingering request body before delivery */ From walid.boudebouda at gmail.com Mon Sep 1 13:21:06 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 13:21:06 +0000 (UTC) Subject: [master] d916b6c3e builtin: No longer pipe anything by default Message-ID: <20250901132106.5E4AA11D100@lists.varnish-cache.org> commit d916b6c3e8b1813c2407c9b6b6a7c27cb1344119 Author: Walid Boudebouda Date: Mon Aug 18 11:41:17 2025 +0200 builtin: No longer pipe anything by default It is safer to reject unknown methods than to pipe them to the backend by default. Users who need it must explicitly allow them in their own VCLs. diff --git a/bin/varnishd/builtin.vcl b/bin/varnishd/builtin.vcl index bf7595ebc..d99ebbf05 100644 --- a/bin/varnishd/builtin.vcl +++ b/bin/varnishd/builtin.vcl @@ -73,7 +73,8 @@ sub vcl_req_method { req.method != "DELETE" && req.method != "PATCH") { # Non-RFC2616 or CONNECT which is weird. - return (pipe); + set req.http.Connection = "close"; + return (synth(501)); } if (req.method != "GET" && req.method != "HEAD") { # We only deal with GET and HEAD by default. diff --git a/bin/varnishtest/tests/r01524.vtc b/bin/varnishtest/tests/r01524.vtc index a845da303..b32c714a9 100644 --- a/bin/varnishtest/tests/r01524.vtc +++ b/bin/varnishtest/tests/r01524.vtc @@ -7,6 +7,9 @@ server s1 { } -start varnish v1 -vcl+backend { + sub vcl_recv { + return (pipe); + } } -start client c1 { diff --git a/bin/varnishtest/tests/r01890.vtc b/bin/varnishtest/tests/r01890.vtc index 4ab690526..a544c82a6 100644 --- a/bin/varnishtest/tests/r01890.vtc +++ b/bin/varnishtest/tests/r01890.vtc @@ -6,6 +6,10 @@ server s1 { } -start varnish v1 -vcl+backend { + sub vcl_recv { + return (pipe); + } + sub vcl_pipe { return (synth(401)); } diff --git a/bin/varnishtest/tests/s00013.vtc b/bin/varnishtest/tests/s00013.vtc index 46c7844ba..d383f45e3 100644 --- a/bin/varnishtest/tests/s00013.vtc +++ b/bin/varnishtest/tests/s00013.vtc @@ -26,6 +26,10 @@ server s1 { varnish v1 -cliok "param.set pipe_timeout 0s" varnish v1 -cliok "param.set pipe_task_deadline 0s" varnish v1 -vcl+backend { + sub vcl_recv { + return (pipe); + } + sub vcl_pipe { set bereq.task_deadline = 1.1s; if (req.method != "TMO") { From walid.boudebouda at gmail.com Mon Sep 1 13:21:06 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 13:21:06 +0000 (UTC) Subject: [master] f0e49c1b9 builtin_vcl: Treat PRI as other unsupported methods Message-ID: <20250901132106.723C311D105@lists.varnish-cache.org> commit f0e49c1b965c0ad8883d82f13fd68b2863d5e767 Author: Walid Boudebouda Date: Fri Aug 29 18:54:29 2025 +0200 builtin_vcl: Treat PRI as other unsupported methods The RFC does not mandate a specific status code, so treat it as others. diff --git a/bin/varnishd/builtin.vcl b/bin/varnishd/builtin.vcl index d99ebbf05..c21b5374c 100644 --- a/bin/varnishd/builtin.vcl +++ b/bin/varnishd/builtin.vcl @@ -60,10 +60,6 @@ sub vcl_req_host { } sub vcl_req_method { - if (req.method == "PRI") { - # This will never happen in properly formed traffic. - return (synth(405)); - } if (req.method != "GET" && req.method != "HEAD" && req.method != "PUT" && From walid.boudebouda at gmail.com Mon Sep 1 13:21:06 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 13:21:06 +0000 (UTC) Subject: [master] 58e30e74e changes: Mention builtin pipe changes Message-ID: <20250901132106.9E1E911D10A@lists.varnish-cache.org> commit 58e30e74ed511726f5c55f6f00fc9fb38120b3b0 Author: Walid Boudebouda Date: Mon Aug 18 11:49:00 2025 +0200 changes: Mention builtin pipe changes diff --git a/doc/changes.rst b/doc/changes.rst index 9c0f23f47..d356b523b 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -41,6 +41,10 @@ Varnish Cache NEXT (8.0, 2025-09-15) .. PLEASE keep this roughly in commit order as shown by git-log / tig (new to old) +* ``builtin.vcl`` has been updated to return a synthetic 501 response and + close the connection when receiving requests with an unknown/unsupported + http method instead of piping them. + * The default value for ``ban_any_variant`` is now ``0``. This means that during a lookup, only the matching variants of an object will be evaluated against the ban list. From walid.boudebouda at gmail.com Mon Sep 1 14:23:04 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 1 Sep 2025 14:23:04 +0000 (UTC) Subject: [master] 43fbfd605 varnishncsa.rst: Expand on changes introduced in #4213 Message-ID: <20250901142304.EFC1E11F841@lists.varnish-cache.org> commit 43fbfd6051f0ea3760d04b893ebebcb5351ad263 Author: Walid Boudebouda Date: Mon Sep 1 16:15:53 2025 +0200 varnishncsa.rst: Expand on changes introduced in #4213 Closes: #3528 Refs: #4385 diff --git a/doc/sphinx/reference/varnishncsa.rst b/doc/sphinx/reference/varnishncsa.rst index 435072e8f..e9d1c57eb 100644 --- a/doc/sphinx/reference/varnishncsa.rst +++ b/doc/sphinx/reference/varnishncsa.rst @@ -105,9 +105,10 @@ Supported formatters are: total bytes sent to the backend. %{X}i - The contents of request header X. If the header appears multiple times - in a single transaction, the last occurrence is used in backend mode - and the first one in client mode. + The contents of request header X before any VCL processing for client side, + and before vcl_backend_response for backend side. If the header appears + multiple times in a single transaction, the last occurrence is used in + backend mode and the first one in client mode. %l Remote logname. Always '-'. @@ -116,9 +117,10 @@ Supported formatters are: Request method. Defaults to '-' if not known. %{X}o - The contents of response header X. If the header appears multiple - times in a single transaction, the last occurrence is used in client - mode and the first one in backend mode. + The contents of response header X, as it was delivered for client mode, and + before VCL processing for backend mode. If the header appears multiple times + in a single transaction, the last occurrence is used in client mode and the + first one in backend mode. %O In client mode, total bytes sent to client. In backend mode, total @@ -256,6 +258,10 @@ transaction. For example, if a header appears multiple times in a client request, the first occurrence is logged in client mode, while in backend mode the last occurrence is logged. +Prior to 7.7, formats %{X}i and %{X}o used to include header fields populated +from VCL. Consider %{VCL_Log:key}x instead to capture data from VCL +transactions. + EXAMPLE ======= From dridi.boukelmoune at gmail.com Wed Sep 3 13:28:08 2025 From: dridi.boukelmoune at gmail.com (Dridi Boukelmoune) Date: Wed, 3 Sep 2025 13:28:08 +0000 (UTC) Subject: [master] 151f054d5 vtcp, vus: Consistently establish blocking connections Message-ID: <20250903132808.35A70106F3F@lists.varnish-cache.org> commit 151f054d528fbeafb074fccb0a2dcf6b04cdac66 Author: Stephane Cance Date: Thu Aug 14 16:21:14 2025 +0200 vtcp,vus: Consistently establish blocking connections Establishing a connection is divided in two steps: initiating the connection in a non-blocking fashion and checking the connected state of the socket with VTCP_connected(). In asynchronous mode, the caller is responsible for the second step, calling VTCP_connected() that will restore the blocking state. A synchronous connection involving a timeout will take care of the second step internally, while an indefinite synchronous connection will simply avoid the non-blocking detour altogether. In the timeout case, the first step would yield a non-blocking socket in the event of an immediate success. The connection becomes unreliable until the next explicit change to either blocking or non-blocking state, opening the door to unexpected ill effects like loops making blocking operations turning into tight EAGAIN loops. Refs #4203 diff --git a/lib/libvarnish/vtcp.c b/lib/libvarnish/vtcp.c index d3aba491c..b15492117 100644 --- a/lib/libvarnish/vtcp.c +++ b/lib/libvarnish/vtcp.c @@ -298,6 +298,8 @@ VTCP_connect(const struct suckaddr *name, int msec) AZ(setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &val, sizeof val)); i = connect(s, sa, sl); + if (i == 0 && msec > 0) + VTCP_blocking(s); if (i == 0) return (s); if (errno != EINPROGRESS) { diff --git a/lib/libvarnish/vus.c b/lib/libvarnish/vus.c index 01187442f..f7711d864 100644 --- a/lib/libvarnish/vus.c +++ b/lib/libvarnish/vus.c @@ -160,6 +160,8 @@ VUS_connect(const char *path, int msec) VTCP_nonblocking(s); i = connect(s, (const void*)&uds, sl); + if (i == 0 && msec > 0) + VTCP_blocking(s); if (i == 0) return (s); if (errno != EINPROGRESS) { From nils.goroll at uplex.de Wed Sep 3 13:50:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Wed, 3 Sep 2025 13:50:05 +0000 (UTC) Subject: [master] 2c68ba0db cache_req_fsm: keep the cache object's Content-Length for HEAD always Message-ID: <20250903135005.58A01107C6B@lists.varnish-cache.org> commit 2c68ba0dbe9f9674a655a230a4677355ce91385c Author: Nils Goroll Date: Thu Jan 2 16:27:13 2025 +0100 cache_req_fsm: keep the cache object's Content-Length for HEAD always Previously, we would only keep the Content-Length header for HEAD requests on hit-for-miss objects, now we simply keep it always to enable "fallback" caching of HEAD requests. The added vtc implements the basics of the logic to enable the (reasonable) use case documented in https://github.com/varnishcache/varnish-cache/issues/2107#issuecomment-2536642262 but using Vary instead of cache key modification plus restart. Fixes #4245 diff --git a/bin/varnishd/cache/cache_req_fsm.c b/bin/varnishd/cache/cache_req_fsm.c index 50d726845..9dc0db092 100644 --- a/bin/varnishd/cache/cache_req_fsm.c +++ b/bin/varnishd/cache/cache_req_fsm.c @@ -484,15 +484,12 @@ cnt_transmit(struct worker *wrk, struct req *req) http_Unset(req->resp, H_Content_Length); } else if (clval >= 0 && clval == req->resp_len) { /* Reuse C-L header */ - } else if (head && req->objcore->flags & OC_F_HFM) { - /* - * Don't touch C-L header (debatable) - * - * The only way to do it correctly would be to GET - * to the backend, and discard the body once the - * filters have had a chance to chew on it, but that - * would negate the "pass for huge objects" use case. + } else if (head) { + /* rfc9110,l,3226,3227 + * "MAY send Content-Length ... [for] HEAD" + * do not touch to support cached HEAD #4245 */ + req->resp_len = 0; } else { http_Unset(req->resp, H_Content_Length); if (req->resp_len >= 0) diff --git a/bin/varnishtest/tests/r04245.vtc b/bin/varnishtest/tests/r04245.vtc new file mode 100644 index 000000000..f6c1b7142 --- /dev/null +++ b/bin/varnishtest/tests/r04245.vtc @@ -0,0 +1,82 @@ +varnishtest "cache a HEAD as a fallback for a GET - Content-Length preserved for cached HEAD" + +server s1 { + rxreq + expect req.method == "HEAD" + expect req.http.t == "headmiss" + txresp -nolen -hdr "Content-Length: 42" + + rxreq + expect req.method == "GET" + expect req.http.t == "getmiss" + txresp -bodylen 42 +} -start + +varnish v1 -vcl+backend { + sub vcl_recv { + if (req.method == "HEAD") { + set req.http.X-Fetch-Method = "HEAD"; + } else { + unset req.http.X-Fetch-Method; + } + } + + sub vcl_backend_fetch { + if (bereq.http.X-Fetch-Method) { + set bereq.method = bereq.http.X-Fetch-Method; + } + } + + sub vcl_backend_response { + # NOTE: this use of Vary is specific to this case, it is + # usually WRONG to only set Vary for a specific condition + if (bereq.http.X-Fetch-Method) { + if (beresp.http.Vary) { + set beresp.http.Vary += ", X-Fetch-Method"; + } else { + set beresp.http.Vary = "X-Fetch-Method"; + } + } + set beresp.http.t = bereq.http.t; + } + + sub vcl_deliver { + # Vary cleanup + if (resp.http.Vary == "X-Fetch-Method") { + unset resp.http.Vary; + } else if (resp.http.Vary ~ ", X-Fetch-Method$") { + set resp.http.Vary = + regsub(resp.http.Vary, ", X-Fetch-Method$", ""); + } + } +} -start + +client c1 { + # miss + txreq -method "HEAD" -hdr "t: headmiss" + rxresphdrs + expect resp.http.t == "headmiss" + expect resp.http.Content-Length == 42 + # hit + txreq -method "HEAD" -hdr "t: headhit" + rxresphdrs + expect resp.http.t == "headmiss" + expect resp.http.Content-Length == 42 + + # miss + txreq -hdr "t: getmiss" + rxresp + expect resp.http.t == "getmiss" + expect resp.http.Content-Length == 42 + # hits on full object + txreq -hdr "t: gethit" + rxresp + expect resp.http.t == "getmiss" + expect resp.http.Content-Length == 42 + txreq -method "HEAD" -hdr "t: getheadhit" + rxresphdrs + expect resp.http.t == "getmiss" + expect resp.http.Content-Length == 42 +} -run + +server s1 -wait From nils.goroll at uplex.de Wed Sep 3 14:02:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Wed, 3 Sep 2025 14:02:05 +0000 (UTC) Subject: [master] 158ca120b cache_range: Bring back VCL control over backend range Requests Message-ID: <20250903140205.628E1108408@lists.varnish-cache.org> commit 158ca120ba05361adba73f2f8239916957893e7a Author: Nils Goroll Date: Wed May 21 19:27:07 2025 +0200 cache_range: Bring back VCL control over backend range Requests The added VTC contains a test case for a (crude) partial caching pattern in VCL, which stopped working with 4ab110047130e3a89936104d74f4729b650676f9 because the Range header to check is taken from bereq0, rather than bereq, which VCL has under control and is also the request sent to the backend. Ref #3246 diff --git a/bin/varnishd/cache/cache_range.c b/bin/varnishd/cache/cache_range.c index 73e7cc1a4..48d28ee35 100644 --- a/bin/varnishd/cache/cache_range.c +++ b/bin/varnishd/cache/cache_range.c @@ -353,7 +353,7 @@ VRG_CheckBo(struct busyobj *bo) if (!cache_param->http_range_support) return (0); - err = http_GetRange(bo->bereq0, &rlo, &rhi, -1); + err = http_GetRange(bo->bereq, &rlo, &rhi, -1); clen = http_GetContentLength(bo->beresp); crlen = http_GetContentRange(bo->beresp, &crlo, &crhi); diff --git a/bin/varnishtest/tests/r04336.vtc b/bin/varnishtest/tests/r04336.vtc new file mode 100644 index 000000000..5e1fc3e0c --- /dev/null +++ b/bin/varnishtest/tests/r04336.vtc @@ -0,0 +1,57 @@ +varnishtest "Range headers" + +server s1 { + rxreq + expect req.http.Range == "bytes=0-" + txresp -status 206 -hdr "Content-Range: bytes 0-99/100" -bodylen 100 +} -start + +varnish v1 -vcl+backend { + sub vcl_recv { + if (req.http.Range ~ "^bytes=") { + set req.http.X-Range = req.http.Range; + } else { + unset req.http.X-Range; + } + unset req.http.Range; + } + + sub vcl_hash { + hash_data(req.http.X-Range); + } + + sub vcl_backend_fetch { + if (bereq.http.X-Range) { + set bereq.http.Range = bereq.http.X-Range; + } + } + + sub vcl_backend_response { + if (beresp.status != 206 && beresp.status != 416) { + unset beresp.http.Content-Range; + } + if (beresp.status == 206) { + if (! bereq.http.X-Range) { + return (abandon); + } + set beresp.http.X-Content-Range = beresp.http.Content-Range; + } + } + + sub vcl_deliver { + if (resp.status == 206) { + if (! resp.http.X-Content-Range) { + return (synth(500, "206 but no X-Content-Range")); + } + set resp.http.Content-Range = resp.http.X-Content-Range; + } + unset resp.http.X-Content-Range; + } +} -start + +client c1 { + txreq -hdr "Range: bytes=0-" + rxresp + expect resp.status == 206 + expect resp.bodylen == 100 +} -run From walid.boudebouda at gmail.com Thu Sep 4 12:21:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Thu, 4 Sep 2025 12:21:05 +0000 (UTC) Subject: [master] c064fd361 varnishncsa: Fix whitespace Message-ID: <20250904122105.7A43710FAA9@lists.varnish-cache.org> commit c064fd3611b100bba5fc82a49017fb7f5407a5ed Author: Walid Boudebouda Date: Thu Sep 4 14:14:59 2025 +0200 varnishncsa: Fix whitespace diff --git a/bin/varnishncsa/varnishncsa.c b/bin/varnishncsa/varnishncsa.c index ee4a1add2..62c08c556 100644 --- a/bin/varnishncsa/varnishncsa.c +++ b/bin/varnishncsa/varnishncsa.c @@ -176,30 +176,30 @@ frag_needed(const struct fragment *frag, enum format_policy fp) { unsigned is_first, want_first, want_frag; - is_first = CTX.gen != frag->gen; - - switch (fp) { - case FMTPOL_INTERNAL: - want_first = 1; - want_frag = 1; - break; - case FMTPOL_REQ: - want_first = *CTX.side == 'c'; - want_frag = !CTX.recv_compl; - break; - case FMTPOL_RESP: - want_first = *CTX.side == 'b'; - want_frag = (*CTX.side == 'c') || !CTX.recv_compl; - break; - default: - WRONG("Invalid format policy"); - } - - if (!want_frag) - return (0); - if (want_first && !is_first) - return (0); - return (1); + is_first = CTX.gen != frag->gen; + + switch (fp) { + case FMTPOL_INTERNAL: + want_first = 1; + want_frag = 1; + break; + case FMTPOL_REQ: + want_first = *CTX.side == 'c'; + want_frag = !CTX.recv_compl; + break; + case FMTPOL_RESP: + want_first = *CTX.side == 'b'; + want_frag = (*CTX.side == 'c') || !CTX.recv_compl; + break; + default: + WRONG("Invalid format policy"); + } + + if (!want_frag) + return (0); + if (want_first && !is_first) + return (0); + return (1); } static void From walid.boudebouda at gmail.com Thu Sep 4 12:21:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Thu, 4 Sep 2025 12:21:05 +0000 (UTC) Subject: [master] 933714d06 docs: Avoid double indirection Message-ID: <20250904122105.904EF10FAAC@lists.varnish-cache.org> commit 933714d062e1a8e7959d1cdd32289cd460619b7e Author: Walid Boudebouda Date: Thu Sep 4 11:44:42 2025 +0200 docs: Avoid double indirection vcl(7)_ban in turn points to std.ban() diff --git a/include/tbl/cli_cmds.h b/include/tbl/cli_cmds.h index 6f5eb5c90..3c398575b 100644 --- a/include/tbl/cli_cmds.h +++ b/include/tbl/cli_cmds.h @@ -45,7 +45,7 @@ CLI_CMD(BAN, "ban", "ban [&& ...]", "Mark obsolete all objects where all the conditions match.", - " See :ref:`vcl(7)_ban` for details", + " See :ref:`std.ban()` for details", 3, -1 ) From walid.boudebouda at gmail.com Thu Sep 4 12:21:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Thu, 4 Sep 2025 12:21:05 +0000 (UTC) Subject: [master] 092c3a251 Start skeleton release notes for the next version. Message-ID: <20250904122105.AF5F510FAB0@lists.varnish-cache.org> commit 092c3a251979a846b932fdffa0a27c631a4d9df4 Author: Geoff Simmons Date: Tue Sep 25 16:31:17 2018 +0200 Start skeleton release notes for the next version. Restructured so that: * 'Upgrading' is limited to work that has to be done to upgrade from a current deployment to the new version. * 'Changes' is a comprehensive, user-level description of changes and new features. Conflicts: doc/sphinx/whats-new/index.rst diff --git a/doc/sphinx/whats-new/changes-trunk.rst b/doc/sphinx/whats-new/changes-trunk.rst new file mode 100644 index 000000000..fbda9d6b9 --- /dev/null +++ b/doc/sphinx/whats-new/changes-trunk.rst @@ -0,0 +1,73 @@ +**Note: This is a working document for a future release, with running +updates for changes in the development branch. For changes in the +released versions of Varnish, see:** :ref:`whats-new-index` + +.. _whatsnew_changes_CURRENT: + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +Changes in Varnish **$NEXT_RELEASE** +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +For information about updating your current Varnish deployment to the +new version, see :ref:`whatsnew_upgrading_CURRENT`. + +A more detailed and technical account of changes in Varnish, with +links to issues that have been fixed and pull requests that have been +merged, may be found in the `change log`_. + +.. _change log: https://github.com/varnishcache/varnish-cache/blob/master/doc/changes.rst + +varnishd +======== + +Parameters +~~~~~~~~~~ + +**XXX changes in -p parameters** + +Other changes in varnishd +~~~~~~~~~~~~~~~~~~~~~~~~~ + +Changes to VCL +============== + +VCL variables +~~~~~~~~~~~~~ + +**XXX new, deprecated or removed variables, or changed semantics** + +Other changes to VCL +~~~~~~~~~~~~~~~~~~~~ + +VMODs +===== + +**XXX changes in the bundled VMODs** + +varnishlog +========== + +**XXX changes concerning varnishlog(1) and/or vsl(7)** + +varnishadm +========== + +**XXX changes concerning varnishadm(1) and/or varnish-cli(7)** + +varnishstat +=========== + +**XXX changes concerning varnishstat(1) and/or varnish-counters(7)** + +varnishtest +=========== + +**XXX changes concerning varnishtest(1) and/or vtc(7)** + +Changes for developers and VMOD authors +======================================= + +**XXX changes concerning VRT, the public APIs, source code organization, +builds etc.** + +*eof* diff --git a/doc/sphinx/whats-new/index.rst b/doc/sphinx/whats-new/index.rst index 724dce921..0d47bc1f8 100644 --- a/doc/sphinx/whats-new/index.rst +++ b/doc/sphinx/whats-new/index.rst @@ -13,6 +13,19 @@ This section describes the changes and improvements between different versions of Varnish, and what upgrading between the different versions entail. +Varnish **$NEXT_RELEASE** +------------------------- + +**Note: These are working documents for a future release, with running +updates for changes in the development branch. For changes in the +released versions of Varnish, see the chapters listed below.** + +.. toctree:: + :maxdepth: 2 + + changes-trunk + upgrading-trunk + Varnish 7.7 ----------- diff --git a/doc/sphinx/whats-new/upgrading-trunk.rst b/doc/sphinx/whats-new/upgrading-trunk.rst new file mode 100644 index 000000000..6143fde99 --- /dev/null +++ b/doc/sphinx/whats-new/upgrading-trunk.rst @@ -0,0 +1,33 @@ +**Note: This is a working document for a future release, with running +updates for changes in the development branch. For changes in the +released versions of Varnish, see:** :ref:`whats-new-index` + +.. _whatsnew_upgrading_CURRENT: + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +Upgrading to Varnish **$NEXT_RELEASE** +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +**XXX: how to upgrade from previous deployments to this +version. Limited to work that has to be done for an upgrade, new +features are listed in "Changes". Explicitly mention what does *not* +have to be changed, especially in VCL. May include, but is not limited +to:** + +* Elements of VCL that have been removed or are deprecated, or whose + semantics have changed. + +* -p parameters that have been removed or are deprecated, or whose + semantics have changed. + +* Changes in the CLI. + +* Changes in the output or interpretation of stats or the log, including + changes affecting varnishncsa/-hist/-top. + +* Changes that may be necessary in VTCs or in the use of varnishtest. + +* Changes in public APIs that may require changes in VMODs or VAPI/VUT + clients. + +*eof* From walid.boudebouda at gmail.com Thu Sep 4 16:00:09 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Thu, 4 Sep 2025 16:00:09 +0000 (UTC) Subject: [master] 67042e4b6 doc: First part of 8.0 release documentation Message-ID: <20250904160009.2F6A811737E@lists.varnish-cache.org> commit 67042e4b68099123c3b83bc06309581617943077 Author: Walid Boudebouda Date: Thu Sep 4 17:30:41 2025 +0200 doc: First part of 8.0 release documentation diff --git a/doc/changes.rst b/doc/changes.rst index d356b523b..2d4860f50 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -84,6 +84,10 @@ Varnish Cache NEXT (8.0, 2025-09-15) std.real(time=..., fallback=...) +* ``varnishstat`` will automatically switch to ``-1`` output if ``stdout`` + isn't a terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch + has been added to force the live mode. + * The bundled varnishtest sources have now been replaced with the seperate VTest2 repository. @@ -93,9 +97,75 @@ Varnish Cache NEXT (8.0, 2025-09-15) Developers should use ``make update`` to update the referenced vtest2 commit after changes to vtest2. -* ``varnishstat`` will automatically switch to ``-1`` output if ``stdout`` - isn't a terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch - has been added to force the live mode. +.. _4199: https://github.com/varnishcache/varnish-cache/issues/4199 + +* Handling of VCL temperature changes was improved. (4199_) + +* ``varnishtest`` and VUTs will now print backtraces after a crash. The + backtrace for VUTs is printed to syslog while ``varnishtest`` will print + it to ``stderr``. + +.. _4323: https://github.com/varnishcache/varnish-cache/issues/4323 + +* Fixed a bug where a read only parameter could still be set through its alias. + (4323_) + +* Deprecated aliases for parameters can no longer be set read only, it should + instead be done directly on the parameters they point to. + +.. _VSV00016: https://varnish-cache.org/security/VSV00016.html + +* We now check for CRLF after chunked body in HTTP/1. (VSV00016_) + +* Ban lurker statistics are updated more frequently. + +* A new parameter ``uncacheable_ttl`` defines the TTL of objects marked as + uncacheable (or hit-for-miss) by the built-in VCL. It is accessible in VCL + as the ``param.uncacheable_ttl`` variable. + +* Runtime parameters can now be accessed from VCL through: + ``param.``. See :ref:`vcl_variables` for the list of available + parameters. + +* vmod authors can now specify C names for function/method arguments. This is + useful to avoid name clashes with keywords reserved by the language. + +* ``VRT_VSC_Alloc()`` was renamed to ``VRT_VSC_Allocv()`` and a new version of + ``VRT_VSC_Alloc()`` that takes a ``va_list`` argument was reintroduced. This + makes it consistent with our naming conventions. + +* ``http_req_overflow_status`` can now also be set to 500. + +.. _4261: https://github.com/varnishcache/varnish-cache/pull/4261 + +* An optimization was added to make startups faster when loading a persistent + storage with a long list of bans. (4261_) + +* gzip buffers are now allocated from transient stevedore memory instead of a + regular heap allocation. + +.. _4308: https://github.com/varnishcache/varnish-cache/pull/4308 + +* ``hdr_t`` type is now a structured type. (4308_) + +* Regexp failures now have a more harmonized error message format. + +* VSC counters for connection pools have been added: + + * ``VCP.ref_hit`` counts the number of times an existing connection pool was + found while creating a backend. + * ``VCP.ref_miss`` counts the number of times an existing connection pool was + not found while creating a backend. + +.. _4313: https://github.com/varnishcache/varnish-cache/issues/4313 + +* A failure to allocate a synthetic beresp body now properly fails the + respective response. (4313_) + +* New ban expression variable `obj.last_hit` allows to remove objects from + cache which have not been accessed for a given amount of time. This is + particularly useful to get rid of request bans by removing all objects which + have not been touched since the request ban. ============================== Varnish-Cache 7.7 (2025-03-17) diff --git a/doc/sphinx/whats-new/changes-trunk.rst b/doc/sphinx/whats-new/changes-trunk.rst index fbda9d6b9..31d6e79b1 100644 --- a/doc/sphinx/whats-new/changes-trunk.rst +++ b/doc/sphinx/whats-new/changes-trunk.rst @@ -23,7 +23,17 @@ varnishd Parameters ~~~~~~~~~~ -**XXX changes in -p parameters** + +Read only parameter can no longer be set through an alias. + +Deprecated aliases for parameters can no longer be set read only, it should +instead be done directly on the parameters they point to. + +A new parameter ``uncacheable_ttl`` defines the TTL of objects marked as +uncacheable (or hit-for-miss) by the built-in VCL. It is accessible in VCL +as the ``param.uncacheable_ttl`` variable. + +`http_req_overflow_status` can now also be set to 500. Other changes in varnishd ~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -34,7 +44,9 @@ Changes to VCL VCL variables ~~~~~~~~~~~~~ -**XXX new, deprecated or removed variables, or changed semantics** +Runtime parameters can now be accessed from VCL through: +``param.``. See ``VCL-VARIABLES(7)`` for the list of available +parameters. Other changes to VCL ~~~~~~~~~~~~~~~~~~~~ @@ -42,7 +54,32 @@ Other changes to VCL VMODs ===== -**XXX changes in the bundled VMODs** +The VMOD functions ``std.real2integer()``, ``std.real2time()``, +``std.time2integer()`` and ``std.time2real()`` have been removed. They had +been marked deprecated since Varnish Cache release 6.2.0 (2019-03-15). + +The plug-in replacements for these functions are: + + ``std.real2integer()``:: + + std.integer(real=std.round(...), fallback=...) + + ``std.real2time()``:: + + std.time(real=std.round(...), fallback=...) + + ``std.time2integer()``:: + + std.integer(time=..., fallback=...) + + ``std.time2real()``:: + + std.real(time=..., fallback=...) + +VUTs +==== + +VUTs now print backtraces to syslog after a crash. varnishlog ========== @@ -52,22 +89,40 @@ varnishlog varnishadm ========== -**XXX changes concerning varnishadm(1) and/or varnish-cli(7)** +New ban expression variable `obj.last_hit` allows to remove objects from +cache which have not been accessed for a given amount of time. This is +particularly useful to get rid of request bans by removing all objects which +have not been touched since the request ban. varnishstat =========== -**XXX changes concerning varnishstat(1) and/or varnish-counters(7)** +New VSC counters for connection pools: + +- ``VCP.ref_hit`` counts the number of times an existing connection pool was + found while creating a backend. +- ``VCP.ref_miss`` counts the number of times an existing connection pool was + not found while creating a backend. varnishtest =========== -**XXX changes concerning varnishtest(1) and/or vtc(7)** +``varnishtest`` now prints a backtrace to stderr after a crash. Changes for developers and VMOD authors ======================================= -**XXX changes concerning VRT, the public APIs, source code organization, -builds etc.** +`hdr_t` type is now a structured type but keeps the same memory layout as +before. + +``VRT_VSC_Alloc()`` was renamed to ``VRT_VSC_Allocv()`` and a new version of +``VRT_VSC_Alloc()`` that takes a ``va_list`` argument was reintroduced. This +makes it consistent with our naming conventions. + +vmod authors can now specify C names for function/method arguments like follows: + + [BOOL bool:boolean] + +This is useful to avoid name clashes with keywords reserved by the language. *eof* diff --git a/doc/sphinx/whats-new/upgrading-trunk.rst b/doc/sphinx/whats-new/upgrading-trunk.rst index 6143fde99..b22876fbe 100644 --- a/doc/sphinx/whats-new/upgrading-trunk.rst +++ b/doc/sphinx/whats-new/upgrading-trunk.rst @@ -8,26 +8,37 @@ released versions of Varnish, see:** :ref:`whats-new-index` Upgrading to Varnish **$NEXT_RELEASE** %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -**XXX: how to upgrade from previous deployments to this -version. Limited to work that has to be done for an upgrade, new -features are listed in "Changes". Explicitly mention what does *not* -have to be changed, especially in VCL. May include, but is not limited -to:** +vmod_std changes: +================= -* Elements of VCL that have been removed or are deprecated, or whose - semantics have changed. +The VMOD functions ``std.real2integer()``, ``std.real2time()``, +``std.time2integer()`` and ``std.time2real()`` have been removed. They had +been marked deprecated since Varnish Cache release 6.2.0 (2019-03-15). -* -p parameters that have been removed or are deprecated, or whose - semantics have changed. +The plug-in replacements for these functions are: -* Changes in the CLI. + ``std.real2integer()``:: -* Changes in the output or interpretation of stats or the log, including - changes affecting varnishncsa/-hist/-top. + std.integer(real=std.round(...), fallback=...) -* Changes that may be necessary in VTCs or in the use of varnishtest. + ``std.real2time()``:: -* Changes in public APIs that may require changes in VMODs or VAPI/VUT - clients. + std.time(real=std.round(...), fallback=...) + + ``std.time2integer()``:: + + std.integer(time=..., fallback=...) + + ``std.time2real()``:: + + std.real(time=..., fallback=...) + + +Upgrade notes for VMOD developers +================================= + +``VRT_VSC_Alloc()`` was renamed to ``VRT_VSC_Allocv()`` and a new version of +``VRT_VSC_Alloc()`` that takes a ``va_list`` argument was reintroduced. This +makes it consistent with our naming conventions. *eof* From walid.boudebouda at gmail.com Thu Sep 4 16:00:09 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Thu, 4 Sep 2025 16:00:09 +0000 (UTC) Subject: [master] c309d7cf5 docs: Rename next release files to 8.0 Message-ID: <20250904160009.43F60117381@lists.varnish-cache.org> commit c309d7cf5a4a11ca10e86a0cbf52920d75337ea3 Author: Walid Boudebouda Date: Thu Sep 4 17:42:10 2025 +0200 docs: Rename next release files to 8.0 diff --git a/doc/sphinx/whats-new/changes-trunk.rst b/doc/sphinx/whats-new/changes-8.0.rst similarity index 100% rename from doc/sphinx/whats-new/changes-trunk.rst rename to doc/sphinx/whats-new/changes-8.0.rst diff --git a/doc/sphinx/whats-new/index.rst b/doc/sphinx/whats-new/index.rst index 0d47bc1f8..1cdf67402 100644 --- a/doc/sphinx/whats-new/index.rst +++ b/doc/sphinx/whats-new/index.rst @@ -13,18 +13,14 @@ This section describes the changes and improvements between different versions of Varnish, and what upgrading between the different versions entail. -Varnish **$NEXT_RELEASE** -------------------------- - -**Note: These are working documents for a future release, with running -updates for changes in the development branch. For changes in the -released versions of Varnish, see the chapters listed below.** +Varnish 8.0 +----------- .. toctree:: :maxdepth: 2 - changes-trunk - upgrading-trunk + changes-8.0 + upgrading-8.0 Varnish 7.7 ----------- diff --git a/doc/sphinx/whats-new/upgrading-trunk.rst b/doc/sphinx/whats-new/upgrading-8.0.rst similarity index 100% rename from doc/sphinx/whats-new/upgrading-trunk.rst rename to doc/sphinx/whats-new/upgrading-8.0.rst From walid.boudebouda at gmail.com Thu Sep 4 16:00:09 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Thu, 4 Sep 2025 16:00:09 +0000 (UTC) Subject: [master] 5eb3ed614 docs: Change NEXT_RELEASE placeholder to 8.0 Message-ID: <20250904160009.61D9A117385@lists.varnish-cache.org> commit 5eb3ed61435ee4de34e28e6633d09a76436961db Author: Walid Boudebouda Date: Thu Sep 4 17:57:37 2025 +0200 docs: Change NEXT_RELEASE placeholder to 8.0 diff --git a/doc/changes.rst b/doc/changes.rst index 2d4860f50..f3943da29 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -34,9 +34,9 @@ http://varnish-cache.org/docs/trunk/whats-new/index.html and via individual releases. These documents are updated as part of the release process. -==================================== -Varnish Cache NEXT (8.0, 2025-09-15) -==================================== +============================== +Varnish-Cache 8.0 (2025-09-15) +============================== .. PLEASE keep this roughly in commit order as shown by git-log / tig (new to old) diff --git a/doc/sphinx/whats-new/changes-8.0.rst b/doc/sphinx/whats-new/changes-8.0.rst index 31d6e79b1..73e20562b 100644 --- a/doc/sphinx/whats-new/changes-8.0.rst +++ b/doc/sphinx/whats-new/changes-8.0.rst @@ -1,15 +1,11 @@ -**Note: This is a working document for a future release, with running -updates for changes in the development branch. For changes in the -released versions of Varnish, see:** :ref:`whats-new-index` +.. _whatsnew_changes_8.0: -.. _whatsnew_changes_CURRENT: - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -Changes in Varnish **$NEXT_RELEASE** -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%% +Changes in Varnish-Cache 8.0 +%%%%%%%%%%%%%%%%%%%%%%%%%%%% For information about updating your current Varnish deployment to the -new version, see :ref:`whatsnew_upgrading_CURRENT`. +new version, see :ref:`whatsnew_upgrading_8.0`. A more detailed and technical account of changes in Varnish, with links to issues that have been fixed and pull requests that have been diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index b22876fbe..3b00bdd0a 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -1,12 +1,15 @@ -**Note: This is a working document for a future release, with running -updates for changes in the development branch. For changes in the -released versions of Varnish, see:** :ref:`whats-new-index` -.. _whatsnew_upgrading_CURRENT: +.. _whatsnew_upgrading_8.0: -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -Upgrading to Varnish **$NEXT_RELEASE** -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +Upgrading to Varnish-Cache 8.0 +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +This document only lists breaking changes that you should be aware of when +upgrading from Varnish-Cache 7.x to 8.0. For a complete list of changes, +please refer to the `change log`_ or :ref:`whatsnew_changes_8.0`. + +.. _change log: https://github.com/varnishcache/varnish-cache/blob/master/doc/changes.rst vmod_std changes: ================= From nils.goroll at uplex.de Sun Sep 14 13:14:06 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 13:14:06 +0000 (UTC) Subject: [master] 2214725fc spelling glitch Message-ID: <20250914131406.90B6711F12C@lists.varnish-cache.org> commit 2214725fc576516cbdce4d1dc1ba629ca51f5d25 Author: Nils Goroll Date: Sun Sep 14 14:47:19 2025 +0200 spelling glitch diff --git a/doc/sphinx/reference/vcl_step.rst b/doc/sphinx/reference/vcl_step.rst index 3b2f48a6f..580cd8c5d 100644 --- a/doc/sphinx/reference/vcl_step.rst +++ b/doc/sphinx/reference/vcl_step.rst @@ -358,7 +358,7 @@ is always the one from the stale object. | without executing the RFC merge logic. Any content-length and | content-encoding headers present in the 304 beresp will be removed and | replaced by the stale object ones if available. Etag and Last-Modified - | headers are also copied from the stale object to allow futur revalidations. + | headers are also copied from the stale object to allow future revalidations. | | ``fail`` | see :ref:`fail` section above From nils.goroll at uplex.de Sun Sep 14 13:14:06 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 13:14:06 +0000 (UTC) Subject: [master] 31c58c98c doc/changes.rst TLC Message-ID: <20250914131406.A6C7811F130@lists.varnish-cache.org> commit 31c58c98c1a6695adc4914bbe946dcadf9e38844 Author: Nils Goroll Date: Sun Sep 14 15:12:05 2025 +0200 doc/changes.rst TLC diff --git a/doc/changes.rst b/doc/changes.rst index f3943da29..82e52aef1 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -41,10 +41,58 @@ Varnish-Cache 8.0 (2025-09-15) .. PLEASE keep this roughly in commit order as shown by git-log / tig (new to old) +.. _4336: https://github.com/varnishcache/varnish-cache/pull/4336 + +* A regression has been fixed which prevented vcl controlled custom Range + requests with ``http_range_support`` enabled. (`4336`_) + +.. _4245: https://github.com/varnishcache/varnish-cache/pull/4245 + +* The ``Content-Length`` response header is now also sent in response to all + ``HEAD`` requests. (`4245`_) + * ``builtin.vcl`` has been updated to return a synthetic 501 response and close the connection when receiving requests with an unknown/unsupported http method instead of piping them. +* VCL control has been added over the logic to handle ``304 Not Modified`` + responses to backend requests. The subroutine ``vcl_backend_refresh`` is now + getting called with ``304`` response objects as ``beresp`` and the stale + object to potentially re-use as ``obj_stale``. From this subroutine, + ``return(merge)`` will invoke the header merging and re-use of the stale + object body which so far was the only option. But besides the usual options to + fail, abandon, retry or return an error, it now also offers the options to + return the stale object as-is (``return(obj_stale)``) or to return whatever + headers are received or created in ``beresp.http`` using ``return(beresp)``. + The latter option allows for almost full control over the response headers to use + with the stale object, with the exception of the ``Content-Length``, + ``Content-Encoding``, ``Etag`` and ``Last-Modified`` headers, which are copied + from the stale object for correctness. + + Various helper subroutines have been added to ``builtin.vcl`` with code to + check for various corner cases. Besides this, ``builtin.vcl`` should result in + unchanged default behavior for ``304`` responses. + +* Handling of request coalescing using the `waitinglist` mechanism has been + changed fundamentally in order to allow for all requests waiting in parallel + to handle a newly arriving cache entry object as successfully revalidated - in + other words, cases where a response with a ttl and grace value of 0 seconds + still serves multiple client requests. + + The new implementation addresses long standing issues like "waitinglist + serialization" and "spurious waitinglist rushes". + +* An explicit ``stop`` if the ``varnishd`` process now explicitly waits for all + VCL references to be returned, which is the same as waiting for all ongoing + transactions to complete. There is currently no timeout. If this new behavior + is unwanted, the worker process can still be terminated externally. + +.. _4380: https://github.com/varnishcache/varnish-cache/issues/4380 +.. _VSV17: https://varnish-cache.org/security/VSV00017.html + +* The `reverse rapid reset` vector, also known as `HTTP/2 Made You Reset Attack`, has + been addressed (`VSV17`_, `4380`_). + * The default value for ``ban_any_variant`` is now ``0``. This means that during a lookup, only the matching variants of an object will be evaluated against the ban list. From nils.goroll at uplex.de Sun Sep 14 13:14:06 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 13:14:06 +0000 (UTC) Subject: [master] b5fc6786c doc/changes.rst reordering Message-ID: <20250914131406.C352111F134@lists.varnish-cache.org> commit b5fc6786ca502e848bb558207f8c6875b7b87ef0 Author: Nils Goroll Date: Sun Sep 14 15:12:38 2025 +0200 doc/changes.rst reordering diff --git a/doc/changes.rst b/doc/changes.rst index 82e52aef1..194eb9610 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -93,6 +93,10 @@ Varnish-Cache 8.0 (2025-09-15) * The `reverse rapid reset` vector, also known as `HTTP/2 Made You Reset Attack`, has been addressed (`VSV17`_, `4380`_). +* ``varnishstat`` will automatically switch to ``-1`` output if ``stdout`` + isn't a terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch + has been added to force the live mode. + * The default value for ``ban_any_variant`` is now ``0``. This means that during a lookup, only the matching variants of an object will be evaluated against the ban list. @@ -132,10 +136,6 @@ Varnish-Cache 8.0 (2025-09-15) std.real(time=..., fallback=...) -* ``varnishstat`` will automatically switch to ``-1`` output if ``stdout`` - isn't a terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch - has been added to force the live mode. - * The bundled varnishtest sources have now been replaced with the seperate VTest2 repository. From nils.goroll at uplex.de Sun Sep 14 13:40:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 13:40:05 +0000 (UTC) Subject: [master] a43039337 doc/changes.rst TLC Message-ID: <20250914134005.11DD6120260@lists.varnish-cache.org> commit a43039337a8e05f1800dbf1114e6897ed0b06cc0 Author: Nils Goroll Date: Sun Sep 14 15:39:29 2025 +0200 doc/changes.rst TLC diff --git a/doc/changes.rst b/doc/changes.rst index 194eb9610..7cfd0d06f 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -97,6 +97,33 @@ Varnish-Cache 8.0 (2025-09-15) isn't a terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch has been added to force the live mode. +* The format of logs emitted under the ``ESI_xmlerror`` tag has been changed + slightly with a colon added after the ``ERR`` and ``WARN`` prefixes. This + allows use of prefix-matching with vsl clients, for example using + ``%{VSL:ESI_xmlerror:WARN}x``. + +* A bug has been fixed in the ``transit_buffer`` implementation which could lead + to lockups on request body fetches. + +* The new counters ``transit_stored`` and ``transit_buffered`` have been added. + The former is the number of bytes stored in cache for uncachable body data, + and the latter is the number of bytes of body data for which the + ``transit_buffer`` limitation has been used. + +* ``struct strands`` and ``struct vrt_blob`` gained a magic number. + +* A scalability limit with private (uncacheable) objects has been addressed. + +* The ``vcountof()`` utility macro has been added to ``vdef.h`` + +* Request body read failures now result in a ``400`` response status. + +.. _4369: https://github.com/varnishcache/varnish-cache/issues/4369 + +* A bug as been fixed in the Access Control List (ACL) implementation where + folding could lead to negated entries being folded with positive ones. + (`4369`_) + * The default value for ``ban_any_variant`` is now ``0``. This means that during a lookup, only the matching variants of an object will be evaluated against the ban list. @@ -109,11 +136,21 @@ Varnish-Cache 8.0 (2025-09-15) * The VMOD function ``cookie.format_rfc1123()`` is now removed. It had been renamed to ``cookie.format_date()``. +* The already deprecated functions ``VRT_{Add,Remove}_{VDP,VFP}`` have been + removed from VRT. + * The ACL option ``+fold`` is now default. This means that ACL entries will automatically be merged for adjacent networks and subnets will be removed in the presence of supernets. This affects logging. The old default behavior can be restored by adding the ``-fold`` option to ACLs. +* A new storage API named VAI (for Varnish Asynchronous Iteration) and a new API + for delivery filters named VDPIO have been added in order to support + asynchronous delivery of response bodies on the storage and protocol sides. + + The default delivery function has been reimplemented to use VAI, but for now + all code within Varnish-Cache continues to use synchronous I/O. + * The VMOD functions ``std.real2integer()``, ``std.real2time()``, ``std.time2integer()`` and ``std.time2real()`` have been removed. They had been marked deprecated since Varnish Cache release 6.2.0 (2019-03-15). From nils.goroll at uplex.de Sun Sep 14 13:52:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 13:52:05 +0000 (UTC) Subject: [master] acc7f8de3 doc/changes.rst TLC Message-ID: <20250914135205.35814120995@lists.varnish-cache.org> commit acc7f8de3a6efe2e779ed0c45f11eec472299825 Author: Nils Goroll Date: Sun Sep 14 15:51:36 2025 +0200 doc/changes.rst TLC diff --git a/doc/changes.rst b/doc/changes.rst index 7cfd0d06f..aca810c91 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -173,11 +173,11 @@ Varnish-Cache 8.0 (2025-09-15) std.real(time=..., fallback=...) -* The bundled varnishtest sources have now been replaced with the seperate +* The bundled varnishtest sources have now been replaced with the separate VTest2 repository. - When building from git, either clone with the ``-r`` option, or use ``git - submodule update --init`` on an existing repository. + When building from git, either clone with the ``--recursive`` option, or use + ``git submodule update --init`` on an existing repository. Developers should use ``make update`` to update the referenced vtest2 commit after changes to vtest2. From nils.goroll at uplex.de Sun Sep 14 16:27:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 16:27:05 +0000 (UTC) Subject: [master] e9dcd3e9f doc/changes.rst glitches/polish Message-ID: <20250914162705.79F9F61668@lists.varnish-cache.org> commit e9dcd3e9fb3ab1b2b77de946cd6e7f240c4cc0a3 Author: Nils Goroll Date: Sun Sep 14 15:55:49 2025 +0200 doc/changes.rst glitches/polish diff --git a/doc/changes.rst b/doc/changes.rst index aca810c91..dcc38538a 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -69,20 +69,20 @@ Varnish-Cache 8.0 (2025-09-15) ``Content-Encoding``, ``Etag`` and ``Last-Modified`` headers, which are copied from the stale object for correctness. - Various helper subroutines have been added to ``builtin.vcl`` with code to - check for various corner cases. Besides this, ``builtin.vcl`` should result in - unchanged default behavior for ``304`` responses. + Helper subroutines have been added to ``builtin.vcl`` with code to check for + various corner cases. Besides this, ``builtin.vcl`` should result in unchanged + default behavior for ``304`` responses. * Handling of request coalescing using the `waitinglist` mechanism has been changed fundamentally in order to allow for all requests waiting in parallel - to handle a newly arriving cache entry object as successfully revalidated - in + to handle a newly arriving non private object as successfully revalidated - in other words, cases where a response with a ttl and grace value of 0 seconds - still serves multiple client requests. + still serve multiple client requests. The new implementation addresses long standing issues like "waitinglist serialization" and "spurious waitinglist rushes". -* An explicit ``stop`` if the ``varnishd`` process now explicitly waits for all +* A ``stop`` command to the ``varnishd`` process now explicitly waits for all VCL references to be returned, which is the same as waiting for all ongoing transactions to complete. There is currently no timeout. If this new behavior is unwanted, the worker process can still be terminated externally. @@ -95,7 +95,7 @@ Varnish-Cache 8.0 (2025-09-15) * ``varnishstat`` will automatically switch to ``-1`` output if ``stdout`` isn't a terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch - has been added to force the live mode. + has been added to force curses (interactive terminal) mode. * The format of logs emitted under the ``ESI_xmlerror`` tag has been changed slightly with a colon added after the ``ERR`` and ``WARN`` prefixes. This From nils.goroll at uplex.de Sun Sep 14 18:00:06 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 18:00:06 +0000 (UTC) Subject: [master] 37d2e8ba3 doc/changes.rst glitches/polish Message-ID: <20250914180006.48CB864E90@lists.varnish-cache.org> commit 37d2e8ba352ec1bf64b7075b0dc88108760a16d7 Author: Nils Goroll Date: Sun Sep 14 19:58:07 2025 +0200 doc/changes.rst glitches/polish diff --git a/doc/changes.rst b/doc/changes.rst index dcc38538a..0ea71b4a4 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -120,9 +120,9 @@ Varnish-Cache 8.0 (2025-09-15) .. _4369: https://github.com/varnishcache/varnish-cache/issues/4369 -* A bug as been fixed in the Access Control List (ACL) implementation where - folding could lead to negated entries being folded with positive ones. - (`4369`_) +* A bug as been fixed in the Access Control List (ACL) implementation which + could get triggered with folding enabled (``+fold``) where negated entries + could erroneously get folded with positive ones. (`4369`_) * The default value for ``ban_any_variant`` is now ``0``. This means that during a lookup, only the matching variants of an object will be evaluated @@ -133,8 +133,8 @@ Varnish-Cache 8.0 (2025-09-15) of bans over time. In such cases, it is recommended to set ``ban_any_variant`` to a higher value. -* The VMOD function ``cookie.format_rfc1123()`` is now removed. It had been - renamed to ``cookie.format_date()``. +* The already deprecated VMOD function ``cookie.format_rfc1123()`` is now + removed. It had been renamed to ``cookie.format_date()``. * The already deprecated functions ``VRT_{Add,Remove}_{VDP,VFP}`` have been removed from VRT. From nils.goroll at uplex.de Sun Sep 14 18:01:04 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 18:01:04 +0000 (UTC) Subject: [master] 223c13d7b doc/changes.rst glitches/polish Message-ID: <20250914180104.E35691000A4@lists.varnish-cache.org> commit 223c13d7bfceff00325d18c42e06bfc46e1ec6ae Author: Nils Goroll Date: Sun Sep 14 20:00:11 2025 +0200 doc/changes.rst glitches/polish diff --git a/doc/changes.rst b/doc/changes.rst index 0ea71b4a4..2ffd3282e 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -208,7 +208,7 @@ Varnish-Cache 8.0 (2025-09-15) uncacheable (or hit-for-miss) by the built-in VCL. It is accessible in VCL as the ``param.uncacheable_ttl`` variable. -* Runtime parameters can now be accessed from VCL through: +* Some Runtime parameters can now be accessed from VCL as ``param.``. See :ref:`vcl_variables` for the list of available parameters. From nils.goroll at uplex.de Sun Sep 14 18:27:04 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Sun, 14 Sep 2025 18:27:04 +0000 (UTC) Subject: [master] ce1d6b2b9 Release docs polish Message-ID: <20250914182704.73C86100F69@lists.varnish-cache.org> commit ce1d6b2b91b804aabdff3688dd052e755d4afd72 Author: Nils Goroll Date: Sun Sep 14 20:10:34 2025 +0200 Release docs polish diff --git a/doc/sphinx/whats-new/changes-8.0.rst b/doc/sphinx/whats-new/changes-8.0.rst index 73e20562b..4103c6e26 100644 --- a/doc/sphinx/whats-new/changes-8.0.rst +++ b/doc/sphinx/whats-new/changes-8.0.rst @@ -19,34 +19,76 @@ varnishd Parameters ~~~~~~~~~~ - Read only parameter can no longer be set through an alias. Deprecated aliases for parameters can no longer be set read only, it should instead be done directly on the parameters they point to. A new parameter ``uncacheable_ttl`` defines the TTL of objects marked as -uncacheable (or hit-for-miss) by the built-in VCL. It is accessible in VCL -as the ``param.uncacheable_ttl`` variable. +uncacheable (or hit-for-miss) by the built-in VCL. It is accessible in VCL as +the ``param.uncacheable_ttl`` variable. + +The ``http_req_overflow_status`` parameter can now also be set to 500. -`http_req_overflow_status` can now also be set to 500. +The default value for ``ban_any_variant`` is now ``0``. This means that during a +lookup, only the matching variants of an object will be evaluated against the +ban list. + +As a side effect, variants that are rarely requested may never get a chance to +be tested against ``req`` based bans, which can lead to an accumulation of bans +over time. In such cases, it is recommended to set ``ban_any_variant`` to a +higher value. Other changes in varnishd ~~~~~~~~~~~~~~~~~~~~~~~~~ +The ``Content-Length`` response header is now also sent in response to all +``HEAD`` requests. + +``builtin.vcl`` has been updated to return a synthetic 501 response and close +the connection when receiving requests with an unknown/unsupported http method +instead of piping them. + +Handling of request coalescing using the `waitinglist` mechanism has been +changed fundamentally in order to allow for all requests waiting in parallel to +handle a newly arriving cache entry object as successfully revalidated - in +other words, cases where a response with a ttl and grace value of 0 seconds +still serves multiple client requests. + +A ``stop`` command to the ``varnishd`` process now explicitly waits for all VCL +references to be returned, which is the same as waiting for all ongoing +transactions to complete. There is currently no timeout. If this new behavior is +unwanted, the worker process can still be terminated externally. + +Request body read failures now result in a ``400`` response status. + Changes to VCL ============== VCL variables ~~~~~~~~~~~~~ -Runtime parameters can now be accessed from VCL through: -``param.``. See ``VCL-VARIABLES(7)`` for the list of available -parameters. +Some runtime parameters can now be accessed from VCL as ``param.``. +See ``VCL-VARIABLES(7)`` for the list of available parameters. Other changes to VCL ~~~~~~~~~~~~~~~~~~~~ +VCL control has been added over the logic to handle ``304 Not Modified`` +responses to backend requests. The subroutine ``vcl_backend_refresh`` is now +getting called with ``304`` response objects as ``beresp`` and the stale object +to potentially re-use as ``obj_stale``. From this subroutine, ``return(merge)`` +will invoke the header merging and re-use of the stale object body which so far +was the only option. But besides the usual options to fail, abandon, retry or +return an error, it now also offers the options to return the stale object as-is +(``return(obj_stale)``) or to return whatever headers are received or created in +``beresp.http`` using ``return(beresp)``. The latter option allows for almost +full control over the response headers to use with the stale object, with the +exception of the ``Content-Length``, ``Content-Encoding``, ``Etag`` and +``Last-Modified`` headers, which are copied from the stale object for +correctness. + + VMODs ===== @@ -72,6 +114,9 @@ The plug-in replacements for these functions are: std.real(time=..., fallback=...) +The already deprecated VMOD function ``cookie.format_rfc1123()`` is now removed. +It had been renamed to ``cookie.format_date()``. + VUTs ==== @@ -80,12 +125,15 @@ VUTs now print backtraces to syslog after a crash. varnishlog ========== -**XXX changes concerning varnishlog(1) and/or vsl(7)** +The format of logs emitted under the ``ESI_xmlerror`` tag has been changed +slightly with a colon added after the ``ERR`` and ``WARN`` prefixes. This allows +use of prefix-matching with vsl clients, for example using +``%{VSL:ESI_xmlerror:WARN}x``. varnishadm ========== -New ban expression variable `obj.last_hit` allows to remove objects from +The new ban expression variable `obj.last_hit` allows to remove objects from cache which have not been accessed for a given amount of time. This is particularly useful to get rid of request bans by removing all objects which have not been touched since the request ban. @@ -93,18 +141,30 @@ have not been touched since the request ban. varnishstat =========== -New VSC counters for connection pools: +New VSC counters for connection pools have been added: - ``VCP.ref_hit`` counts the number of times an existing connection pool was found while creating a backend. - ``VCP.ref_miss`` counts the number of times an existing connection pool was not found while creating a backend. +New counters ``transit_stored`` and ``transit_buffered`` have been added. The +former is the number of bytes stored in cache for uncachable body data, and the +latter is the number of bytes of body data for which the ``transit_buffer`` +limitation has been used. + +``varnishstat`` will automatically switch to ``-1`` output if ``stdout`` isn't a +terminal (allowing ``varnishstat | grep MAIN``). A new ``-c`` switch has been +added to force curses (interactive terminal) mode. + varnishtest =========== ``varnishtest`` now prints a backtrace to stderr after a crash. +The bundled varnishtest sources have now been replaced with the separate VTest2 +repository. + Changes for developers and VMOD authors ======================================= @@ -121,4 +181,8 @@ vmod authors can now specify C names for function/method arguments like follows: This is useful to avoid name clashes with keywords reserved by the language. +``struct strands`` and ``struct vrt_blob`` have become mini objects. + +The ``vcountof()`` utility macro has been added to ``vdef.h`` + *eof* diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index 3b00bdd0a..3dc4f01e4 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -11,8 +11,8 @@ please refer to the `change log`_ or :ref:`whatsnew_changes_8.0`. .. _change log: https://github.com/varnishcache/varnish-cache/blob/master/doc/changes.rst -vmod_std changes: -================= +vmod_std changes +================ The VMOD functions ``std.real2integer()``, ``std.real2time()``, ``std.time2integer()`` and ``std.time2real()`` have been removed. They had @@ -36,6 +36,11 @@ The plug-in replacements for these functions are: std.real(time=..., fallback=...) +vmod_cookie changes +=================== + +The already deprecated VMOD function ``cookie.format_rfc1123()`` is now removed. +It had been renamed to ``cookie.format_date()``. Upgrade notes for VMOD developers ================================= @@ -44,4 +49,15 @@ Upgrade notes for VMOD developers ``VRT_VSC_Alloc()`` that takes a ``va_list`` argument was reintroduced. This makes it consistent with our naming conventions. +``struct strands`` and ``struct vrt_blob`` have become mini objects. Both are +usually created through existing VRT functions, but where they are managed +specifically, they should now be initialized / allocated with: + +* ``INIT_OBJ(strands, STRANDS_MAGIC)`` / ``ALLOC_OBJ(strands, STRANDS_MAGIC)`` +* ``INIT_OBJ(blob, VMOD_BLOB_MAGIC)`` / ``ALLOC_OBJ(blo, VMOD_BLOB_MAGIC)`` + +The already deprecated functions ``VRT_{Add,Remove}_{VDP,VFP}`` have been +removed from VRT. They had already been replaced by ``VRT_AddFilter()`` and +``VRT_RemoveFilter()``. + *eof* From phk at FreeBSD.org Sun Sep 14 20:55:04 2025 From: phk at FreeBSD.org (Poul-Henning Kamp) Date: Sun, 14 Sep 2025 20:55:04 +0000 (UTC) Subject: [master] 5d44d5737 Fix old typo Message-ID: <20250914205504.F2828105DDB@lists.varnish-cache.org> commit 5d44d5737d4dff39e6c6cceedd21c6c8f474ce22 Author: Poul-Henning Kamp Date: Mon Sep 8 09:19:44 2025 +0000 Fix old typo diff --git a/doc/sphinx/phk/notes.rst b/doc/sphinx/phk/notes.rst index 1695dd8b7..0618adace 100644 --- a/doc/sphinx/phk/notes.rst +++ b/doc/sphinx/phk/notes.rst @@ -249,7 +249,7 @@ runs on its own CPU. That way they will not fight about the cachelines. If all this sounds foreign to you, let me just assure you that it works: we spend less than 18 system calls on serving a cache hit, -and even many of those are calls tog get timestamps for statistics. +and even many of those are calls to get timestamps for statistics. These techniques are also nothing new, we have used them in the kernel for more than a decade, now it's your turn to learn them :-) From walid.boudebouda at gmail.com Mon Sep 15 08:21:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 08:21:05 +0000 (UTC) Subject: [master] 144cedfd9 varnishncsa: Add %{X:[first|last]}i and %{X[:first|last]}o Message-ID: <20250915082105.B5B9211F43C@lists.varnish-cache.org> commit 144cedfd9b374cf9d5c59fe3e6db4cd0e54dbac3 Author: Walid Boudebouda Date: Wed Sep 3 19:20:27 2025 +0200 varnishncsa: Add %{X:[first|last]}i and %{X[:first|last]}o This allows to recover previous behaviour where headers set in VCL were captured by %{x}i and %{x}o. The new behaviour still remains the default when last and first are not specified. Unset is deliberately ignored in both cases, as it feels like the most appropriate thing to do. Closes #4385 diff --git a/bin/varnishncsa/varnishncsa.c b/bin/varnishncsa/varnishncsa.c index 62c08c556..488dee711 100644 --- a/bin/varnishncsa/varnishncsa.c +++ b/bin/varnishncsa/varnishncsa.c @@ -92,6 +92,14 @@ enum e_frag { F__MAX, }; +enum format_policy { + FMTPOL_INTERNAL = 1, + FMTPOL_REQ, + FMTPOL_RESP, + FMTPOL_FIRST, + FMTPOL_LAST +}; + struct fragment { uint64_t gen; const char *b, *e; @@ -121,6 +129,7 @@ struct watch { char *key; int keylen; struct fragment frag; + enum format_policy match; }; VTAILQ_HEAD(watch_head, watch); @@ -163,12 +172,6 @@ static struct ctx { int recv_compl; } CTX; -enum format_policy { - FMTPOL_INTERNAL, - FMTPOL_REQ, - FMTPOL_RESP, -}; - static void parse_format(const char *format); static unsigned @@ -179,6 +182,11 @@ frag_needed(const struct fragment *frag, enum format_policy fp) is_first = CTX.gen != frag->gen; switch (fp) { + case FMTPOL_LAST: + want_frag = 1; + want_first = 0; + break; + case FMTPOL_FIRST: case FMTPOL_INTERNAL: want_first = 1; want_frag = 1; @@ -593,11 +601,25 @@ addf_hdr(struct watch_head *head, const char *key) { struct watch *w; struct format *f; + char *match; AN(head); AN(key); ALLOC_OBJ(w, WATCH_MAGIC); AN(w); + + match = strchr(key, ':'); + if (match != NULL) { + match++; + if (!strncmp(match, "first", 5)) + w->match = FMTPOL_FIRST; + else if (!strncmp(match, "last", 4)) + w->match = FMTPOL_LAST; + else + VUT_Error(vut, 1, "Unknown match rule :%s", match); + match[-1] = '\0'; + } + w->keylen = asprintf(&w->key, "%s:", key); assert(w->keylen > 0); VTAILQ_INSERT_TAIL(head, w, list); @@ -935,9 +957,10 @@ frag_line(enum format_policy fp, const char *b, const char *e, struct fragment *f) { - if (!frag_needed(f, fp)) + if (!frag_needed(f, fp)) { /* We only grab the same matching record once */ return; + } if (e == NULL) e = b + strlen(b); @@ -966,7 +989,14 @@ process_hdr(enum format_policy fp, const struct watch_head *head, const char *b, CHECK_OBJ_NOTNULL(w, WATCH_MAGIC); if (!isprefix(w->key, w->keylen, b, e, &p)) continue; - if (unset) { + + if (w->match) { + assert(w->match == FMTPOL_FIRST || + w->match == FMTPOL_LAST); + fp = w->match; + } + + if (unset && !w->match) { frag_line(fp, CTX.missing_string, NULL, &w->frag); diff --git a/bin/varnishtest/tests/u00020.vtc b/bin/varnishtest/tests/u00020.vtc index 795ad4e2d..e91d8b556 100644 --- a/bin/varnishtest/tests/u00020.vtc +++ b/bin/varnishtest/tests/u00020.vtc @@ -43,6 +43,15 @@ shell { diff -u expected_sb.txt ncsa_sb.txt } +shell { + varnishncsa -n ${v1_name} -d -b -F '%{notsent:first}i %{notsent:last}i %{unset:first}i %{unset:last}i' > ncsa_sb.txt + + cat >expected_sb.txt <<-EOF + notsent notsent client toolate + EOF + diff -u expected_sb.txt ncsa_sb.txt +} + varnish v1 -stop # Test things we receive from the backend @@ -78,6 +87,15 @@ shell { diff -u expected_rb.txt ncsa_rb.txt } +shell { + varnishncsa -n ${v1_name} -d -b -F '%{beresp:first}o %{beresp:last}o %{unset:first}o %{unset:last}o' > ncsa_rb.txt + + cat >expected_rb.txt <<-EOF + origin vbr-updated origin origin + EOF + diff -u expected_rb.txt ncsa_rb.txt +} + varnish v1 -stop # Test things we send to the client @@ -118,6 +136,15 @@ shell { diff -u expected_sc.txt ncsa_sc.txt } +shell { + varnishncsa -n ${v1_name} -d -c -F '%{resp:first}o %{resp:last}o %{unset:first}o %{unset:last}o' > ncsa_sc.txt + + cat >expected_sc.txt <<-EOF + vbr-updated deliver-updated origin origin + EOF + diff -u expected_sc.txt ncsa_sc.txt +} + varnish v1 -stop # Test things we receive from the client @@ -144,6 +171,7 @@ varnish v1 -vcl+backend { set req.url = "/hash-url?q=hashQuerry"; set req.http.Authorization = "basic aGFzaDpwYXNz"; set req.http.notreceived = "hash"; + set req.http.unset = "hash"; } } -start @@ -166,3 +194,12 @@ shell { EOF diff -u expected_rc.txt ncsa_rc.txt } + +shell { + varnishncsa -n ${v1_name} -d -c -F '%{notreceived:first}i %{notreceived:last}i %{unset:first}i %{unset:last}i' > ncsa_rc.txt + + cat >expected_rc.txt <<-EOF + recv hash client hash + EOF + diff -u expected_rc.txt ncsa_rc.txt +} From walid.boudebouda at gmail.com Mon Sep 15 08:21:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 08:21:05 +0000 (UTC) Subject: [master] 255ec5bf5 varnishncsa.rst: Document the new [:first|last] arguments Message-ID: <20250915082105.CF6F111F43F@lists.varnish-cache.org> commit 255ec5bf5b9b9059f349c6f0c20ff7da7f1388e9 Author: Walid Boudebouda Date: Thu Sep 4 10:22:26 2025 +0200 varnishncsa.rst: Document the new [:first|last] arguments diff --git a/doc/sphinx/reference/varnishncsa.rst b/doc/sphinx/reference/varnishncsa.rst index e9d1c57eb..0b5c7eece 100644 --- a/doc/sphinx/reference/varnishncsa.rst +++ b/doc/sphinx/reference/varnishncsa.rst @@ -104,24 +104,33 @@ Supported formatters are: In client mode, total bytes received from client. In backend mode, total bytes sent to the backend. -%{X}i +%{X[:first|last]}i The contents of request header X before any VCL processing for client side, and before vcl_backend_response for backend side. If the header appears multiple times in a single transaction, the last occurrence is used in backend mode and the first one in client mode. + If an optional `:first` or `:last` is used, VCL processing will be taken into + account and the matching rule will be first match or last match respectively. + When using `:last`, unset headers will still be captured. + + %l Remote logname. Always '-'. %m Request method. Defaults to '-' if not known. -%{X}o +%{X[:first|last]}o The contents of response header X, as it was delivered for client mode, and before VCL processing for backend mode. If the header appears multiple times in a single transaction, the last occurrence is used in client mode and the first one in backend mode. + If an optional `:first` or `:last` is used, VCL processing will be taken into + account and the matching rule will be first match or last match respectively. + When using `:last`, unset headers will still be captured. + %O In client mode, total bytes sent to client. In backend mode, total bytes received from the backend. @@ -279,6 +288,11 @@ for all inputs:: varnishncsa -j -F '{"size": %b, "time": "%t", "ua": "%{User-Agent}i"}' +Log the first and last values of a request header that is modified multiple +times in VCL: + + varnishncsa -F "%{x-custom-header:first}i %{x-custom-header:last}i" + SEE ALSO ======== From nils.goroll at uplex.de Mon Sep 15 09:00:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Mon, 15 Sep 2025 09:00:05 +0000 (UTC) Subject: [master] d99d2ad1e fix backend.list x.y when labels are in use Message-ID: <20250915090005.F2F73120A4B@lists.varnish-cache.org> commit d99d2ad1ed99943e0a987194aa1612c02175e3c8 Author: Nils Goroll Date: Mon Sep 15 10:05:33 2025 +0200 fix backend.list x.y when labels are in use labels are struct vcl objects for which most members are empty/null, with the label member pointing to the labeled vcl. As such, label vcl objects also have no vdire struct. Hence, when iterating over VCLs to find backends, labels need to be skipped. diff --git a/bin/varnishd/cache/cache_vcl.c b/bin/varnishd/cache/cache_vcl.c index aa81c95f2..84980003b 100644 --- a/bin/varnishd/cache/cache_vcl.c +++ b/bin/varnishd/cache/cache_vcl.c @@ -530,6 +530,8 @@ vcl_iterdir(struct cli *cli, const char *pat, const struct vcl *vcl, int i, found = 0; struct vcldir *vdir; + AN(vcl->vdire); // no labels + Lck_AssertHeld(&vcl_mtx); VTAILQ_FOREACH(vdir, &vcl->vdire->directors, directors_list) { CHECK_OBJ(vdir, VCLDIR_MAGIC); @@ -575,6 +577,9 @@ VCL_IterDirector(struct cli *cli, const char *pat, } else { Lck_Lock(&vcl_mtx); VTAILQ_FOREACH(vcl, &vcl_head, list) { + // skip labels + if (! vcl->vdire) + continue; i = vcl_iterdir(cli, VSB_data(vsb), vcl, func, priv); if (i < 0) { found = i; diff --git a/bin/varnishtest/tests/c00077.vtc b/bin/varnishtest/tests/c00077.vtc index ececd1519..d360b78b1 100644 --- a/bin/varnishtest/tests/c00077.vtc +++ b/bin/varnishtest/tests/c00077.vtc @@ -15,6 +15,7 @@ varnish v1 -clierr 106 "vcl.label vcl.A vcl1" varnish v1 -cliok "vcl.label vclA vcl1" # labeling twice #2834 varnish v1 -cliok "vcl.label vclA vcl1" +varnish v1 -cliok "backend.list vcl1.*" varnish v1 -vcl+backend { sub vcl_recv { From walid.boudebouda at gmail.com Mon Sep 15 09:04:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 09:04:05 +0000 (UTC) Subject: [master] f6afb78ee changes: Mention #4388 Message-ID: <20250915090405.38E83120DDF@lists.varnish-cache.org> commit f6afb78ee1b95c1a19023cc36f1c556017d9192b Author: Walid Boudebouda Date: Mon Sep 15 11:01:14 2025 +0200 changes: Mention #4388 diff --git a/doc/changes.rst b/doc/changes.rst index 2ffd3282e..57ffed4d9 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -41,6 +41,12 @@ Varnish-Cache 8.0 (2025-09-15) .. PLEASE keep this roughly in commit order as shown by git-log / tig (new to old) + +.. _4388: https://github.com/varnishcache/varnish-cache/pull/4388 + +* ``varnishncsa`` can log VCL set headers again using the ``%{X[:first|last]}i`` + and ``%{X[:first|last]}o`` formats. (`4388`_) + .. _4336: https://github.com/varnishcache/varnish-cache/pull/4336 * A regression has been fixed which prevented vcl controlled custom Range diff --git a/doc/sphinx/whats-new/changes-8.0.rst b/doc/sphinx/whats-new/changes-8.0.rst index 4103c6e26..fa04c43f8 100644 --- a/doc/sphinx/whats-new/changes-8.0.rst +++ b/doc/sphinx/whats-new/changes-8.0.rst @@ -165,6 +165,16 @@ varnishtest The bundled varnishtest sources have now been replaced with the separate VTest2 repository. +varnishncsa +=========== + +``varnishncsa`` recovered the ability to log VCL set headers through the +``%{X[:first|last]}i`` and ``%{X[:first|last]}o`` formats. ``:first`` means +that the value of the header when it is first seen in a VSL transaction is +logged, while ``:last`` means that the final one is logged. +The default behavior is unchanged when neither ``:first`` nor ``:last`` is +specified. + Changes for developers and VMOD authors ======================================= From nils.goroll at uplex.de Mon Sep 15 09:09:05 2025 From: nils.goroll at uplex.de (Nils Goroll) Date: Mon, 15 Sep 2025 09:09:05 +0000 (UTC) Subject: [master] f7efd595c changes-8.0.rst: polish Message-ID: <20250915090905.4B41E4272@lists.varnish-cache.org> commit f7efd595c88f9b9c0c8f40342247a2b788f12976 Author: Nils Goroll Date: Mon Sep 15 11:08:07 2025 +0200 changes-8.0.rst: polish diff --git a/doc/sphinx/whats-new/changes-8.0.rst b/doc/sphinx/whats-new/changes-8.0.rst index fa04c43f8..c62714c9f 100644 --- a/doc/sphinx/whats-new/changes-8.0.rst +++ b/doc/sphinx/whats-new/changes-8.0.rst @@ -168,7 +168,7 @@ repository. varnishncsa =========== -``varnishncsa`` recovered the ability to log VCL set headers through the +``varnishncsa`` regained the ability to log headers set from VCL through the ``%{X[:first|last]}i`` and ``%{X[:first|last]}o`` formats. ``:first`` means that the value of the header when it is first seen in a VSL transaction is logged, while ``:last`` means that the final one is logged. From walid.boudebouda at gmail.com Mon Sep 15 09:49:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 09:49:05 +0000 (UTC) Subject: [master] ec26d972f upgrading-8.0.rst: Mention more breaking changes Message-ID: <20250915094905.400935C5E@lists.varnish-cache.org> commit ec26d972f2ddb241b12904aa325c73252bd5abab Author: Walid Boudebouda Date: Mon Sep 15 11:46:35 2025 +0200 upgrading-8.0.rst: Mention more breaking changes diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index 3dc4f01e4..c3295c8c0 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -11,6 +11,46 @@ please refer to the `change log`_ or :ref:`whatsnew_changes_8.0`. .. _change log: https://github.com/varnishcache/varnish-cache/blob/master/doc/changes.rst +varnishd +======== + +Unknown HTTP methods handling +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In previous versions of Varnish, requests with an unknown/unsupported HTTP +method were by default piped to the backend. Starting with Varnish 8.0, the +default behaviour for such requests is to return a synthetic 501 response and +close the connection. Handling of custom HTTP methods can of course still be +implemented in your VCL. + +Parameter aliases +~~~~~~~~~~~~~~~~~ + +It is no longer possible to set a parameter alias as read only, instead the +actual parameter that it refers to should be set directly. + +Other changes in varnishd +~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``Content-Length`` response header is now also sent in response to all +``HEAD`` requests. + +Request body read failures now result in a ``400`` response status. + +Bans +==== + +The default value of the ``ban_any_variant``parameter was changed to 0. +This means that during a lookup, only the matching variants of an object will be +evaluated against the ban list. +As a side effect, variants that are rarely requested may never get a chance to +be tested against ``req`` based bans, which can lead to an accumulation of bans +over time. In such cases, it is recommended to set ``ban_any_variant`` to a +higher value. +You can also consider using the new ``obj.last_hit`` ban variable to evict such +objects. + + vmod_std changes ================ From walid.boudebouda at gmail.com Mon Sep 15 10:02:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 10:02:05 +0000 (UTC) Subject: [master] 53958d63d vrt.h: Mention new VRT_r_obj_stale_is_valid() Message-ID: <20250915100205.521B76584@lists.varnish-cache.org> commit 53958d63d2352d1af6473a6a1756cba87364ece2 Author: Walid Boudebouda Date: Mon Sep 15 12:00:24 2025 +0200 vrt.h: Mention new VRT_r_obj_stale_is_valid() diff --git a/include/vrt.h b/include/vrt.h index 188ab693e..c854b88f3 100644 --- a/include/vrt.h +++ b/include/vrt.h @@ -70,6 +70,7 @@ * VRT_r_obj_stale_time() added * VRT_r_obj_stale_ttl() added * VRT_r_obj_stale_uncacheable() added + * VRT_r_obj_stale_is_valid() added * enum gethdr_e has new value HDR_OBJ_STALE * typedef hdr_t added * struct gethdr_s.what changed to hdr_t From walid.boudebouda at gmail.com Mon Sep 15 11:54:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 11:54:05 +0000 (UTC) Subject: [master] c95655a11 upgrading-8.0.rst: Polish Message-ID: <20250915115405.CF1B662C52@lists.varnish-cache.org> commit c95655a119f8b6eb7e521eb985524d683871ccd2 Author: Walid Boudebouda Date: Mon Sep 15 13:43:39 2025 +0200 upgrading-8.0.rst: Polish diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index c3295c8c0..1db1aade3 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -40,7 +40,7 @@ Request body read failures now result in a ``400`` response status. Bans ==== -The default value of the ``ban_any_variant``parameter was changed to 0. +The default value of the ``ban_any_variant`` parameter was changed to 0. This means that during a lookup, only the matching variants of an object will be evaluated against the ban list. As a side effect, variants that are rarely requested may never get a chance to From walid.boudebouda at gmail.com Mon Sep 15 11:54:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 11:54:05 +0000 (UTC) Subject: [master] b4787ce2c changes.rst: Polish Message-ID: <20250915115405.E8BE262C55@lists.varnish-cache.org> commit b4787ce2c2b5aff912c3da1d6fcb49d45eb8fd10 Author: Walid Boudebouda Date: Mon Sep 15 13:49:47 2025 +0200 changes.rst: Polish diff --git a/doc/changes.rst b/doc/changes.rst index 57ffed4d9..479e75e26 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -126,7 +126,7 @@ Varnish-Cache 8.0 (2025-09-15) .. _4369: https://github.com/varnishcache/varnish-cache/issues/4369 -* A bug as been fixed in the Access Control List (ACL) implementation which +* A bug has been fixed in the Access Control List (ACL) implementation which could get triggered with folding enabled (``+fold``) where negated entries could erroneously get folded with positive ones. (`4369`_) @@ -253,7 +253,7 @@ Varnish-Cache 8.0 (2025-09-15) * A failure to allocate a synthetic beresp body now properly fails the respective response. (4313_) -* New ban expression variable `obj.last_hit` allows to remove objects from +* New ban expression variable ``obj.last_hit`` allows to remove objects from cache which have not been accessed for a given amount of time. This is particularly useful to get rid of request bans by removing all objects which have not been touched since the request ban. diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index 1db1aade3..e6a8b72ab 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -94,7 +94,7 @@ usually created through existing VRT functions, but where they are managed specifically, they should now be initialized / allocated with: * ``INIT_OBJ(strands, STRANDS_MAGIC)`` / ``ALLOC_OBJ(strands, STRANDS_MAGIC)`` -* ``INIT_OBJ(blob, VMOD_BLOB_MAGIC)`` / ``ALLOC_OBJ(blo, VMOD_BLOB_MAGIC)`` +* ``INIT_OBJ(blob, VMOD_BLOB_MAGIC)`` / ``ALLOC_OBJ(blob, VMOD_BLOB_MAGIC)`` The already deprecated functions ``VRT_{Add,Remove}_{VDP,VFP}`` have been removed from VRT. They had already been replaced by ``VRT_AddFilter()`` and From walid.boudebouda at gmail.com Mon Sep 15 12:49:02 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 12:49:02 +0000 (UTC) Subject: [8.0] c95655a11 upgrading-8.0.rst: Polish Message-ID: <20250915124902.960DB1000EE@lists.varnish-cache.org> commit c95655a119f8b6eb7e521eb985524d683871ccd2 Author: Walid Boudebouda Date: Mon Sep 15 13:43:39 2025 +0200 upgrading-8.0.rst: Polish diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index c3295c8c0..1db1aade3 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -40,7 +40,7 @@ Request body read failures now result in a ``400`` response status. Bans ==== -The default value of the ``ban_any_variant``parameter was changed to 0. +The default value of the ``ban_any_variant`` parameter was changed to 0. This means that during a lookup, only the matching variants of an object will be evaluated against the ban list. As a side effect, variants that are rarely requested may never get a chance to From walid.boudebouda at gmail.com Mon Sep 15 12:49:02 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 12:49:02 +0000 (UTC) Subject: [8.0] b4787ce2c changes.rst: Polish Message-ID: <20250915124902.AE1041000F4@lists.varnish-cache.org> commit b4787ce2c2b5aff912c3da1d6fcb49d45eb8fd10 Author: Walid Boudebouda Date: Mon Sep 15 13:49:47 2025 +0200 changes.rst: Polish diff --git a/doc/changes.rst b/doc/changes.rst index 57ffed4d9..479e75e26 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -126,7 +126,7 @@ Varnish-Cache 8.0 (2025-09-15) .. _4369: https://github.com/varnishcache/varnish-cache/issues/4369 -* A bug as been fixed in the Access Control List (ACL) implementation which +* A bug has been fixed in the Access Control List (ACL) implementation which could get triggered with folding enabled (``+fold``) where negated entries could erroneously get folded with positive ones. (`4369`_) @@ -253,7 +253,7 @@ Varnish-Cache 8.0 (2025-09-15) * A failure to allocate a synthetic beresp body now properly fails the respective response. (4313_) -* New ban expression variable `obj.last_hit` allows to remove objects from +* New ban expression variable ``obj.last_hit`` allows to remove objects from cache which have not been accessed for a given amount of time. This is particularly useful to get rid of request bans by removing all objects which have not been touched since the request ban. diff --git a/doc/sphinx/whats-new/upgrading-8.0.rst b/doc/sphinx/whats-new/upgrading-8.0.rst index 1db1aade3..e6a8b72ab 100644 --- a/doc/sphinx/whats-new/upgrading-8.0.rst +++ b/doc/sphinx/whats-new/upgrading-8.0.rst @@ -94,7 +94,7 @@ usually created through existing VRT functions, but where they are managed specifically, they should now be initialized / allocated with: * ``INIT_OBJ(strands, STRANDS_MAGIC)`` / ``ALLOC_OBJ(strands, STRANDS_MAGIC)`` -* ``INIT_OBJ(blob, VMOD_BLOB_MAGIC)`` / ``ALLOC_OBJ(blo, VMOD_BLOB_MAGIC)`` +* ``INIT_OBJ(blob, VMOD_BLOB_MAGIC)`` / ``ALLOC_OBJ(blob, VMOD_BLOB_MAGIC)`` The already deprecated functions ``VRT_{Add,Remove}_{VDP,VFP}`` have been removed from VRT. They had already been replaced by ``VRT_AddFilter()`` and From walid.boudebouda at gmail.com Mon Sep 15 13:05:04 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 13:05:04 +0000 (UTC) Subject: [8.0] 71d4d7566 Prepare for 8.0.0 Message-ID: <20250915130504.D78E0100C50@lists.varnish-cache.org> commit 71d4d75665f4d1949f7eeca28092a12df7037f3a Author: Walid Boudebouda Date: Mon Sep 15 12:17:22 2025 +0200 Prepare for 8.0.0 diff --git a/bin/varnishtest/tests/m00003.vtc b/bin/varnishtest/tests/m00003.vtc index 0ace9b61d..5b1dbe7e2 100644 --- a/bin/varnishtest/tests/m00003.vtc +++ b/bin/varnishtest/tests/m00003.vtc @@ -111,7 +111,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ "$FOOBAR" @@ -131,7 +131,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ] ] @@ -149,7 +149,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ "$CPROTO" @@ -171,7 +171,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_std_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ "$CPROTO", "/* blabla */" diff --git a/bin/varnishtest/tests/m00055.vtc b/bin/varnishtest/tests/m00055.vtc index e41f61dde..1c884d9a8 100644 --- a/bin/varnishtest/tests/m00055.vtc +++ b/bin/varnishtest/tests/m00055.vtc @@ -21,7 +21,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ diff --git a/configure.ac b/configure.ac index 2483dfeac..b5f46b4be 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_COPYRIGHT([Copyright (c) 2006 Verdens Gang AS Copyright (c) 2006-2025 Varnish Software Copyright 2010-2025 UPLEX - Nils Goroll Systemoptimierung]) AC_REVISION([$Id$]) -AC_INIT([Varnish], [trunk], [varnish-dev at varnish-cache.org]) +AC_INIT([Varnish], [8.0.0], [varnish-dev at varnish-cache.org]) AC_CONFIG_SRCDIR(include/miniobj.h) if ! test -f "${srcdir}/bin/varnishtest/vtest2/src/vtc_main.c" ; then AC_MSG_ERROR([vtest2 seems to be missing, use "git clone --recursive" or "git submodule update --init"]) diff --git a/doc/changes.rst b/doc/changes.rst index 479e75e26..70cb0cc58 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -34,9 +34,9 @@ http://varnish-cache.org/docs/trunk/whats-new/index.html and via individual releases. These documents are updated as part of the release process. -============================== -Varnish-Cache 8.0 (2025-09-15) -============================== +================================ +Varnish-Cache 8.0.0 (2025-09-15) +================================ .. PLEASE keep this roughly in commit order as shown by git-log / tig (new to old) diff --git a/doc/sphinx/index.rst b/doc/sphinx/index.rst index 59678cebf..49a4b4807 100644 --- a/doc/sphinx/index.rst +++ b/doc/sphinx/index.rst @@ -40,7 +40,7 @@ Conventions used in this manual include: Longer listings like example command output and VCL look like this:: $ /opt/varnish/sbin/varnishd -V - varnishd (varnish-7.7.0 revision 1234567) + varnishd (varnish-8.0.0 revision 1234567) Copyright (c) 2006 Verdens Gang AS Copyright (c) 2006-2025 Varnish Software diff --git a/include/vrt.h b/include/vrt.h index c854b88f3..c21a5232f 100644 --- a/include/vrt.h +++ b/include/vrt.h @@ -46,7 +46,7 @@ # error "include vdef.h before vrt.h" #endif -#define VRT_MAJOR_VERSION 21U +#define VRT_MAJOR_VERSION 22U #define VRT_MINOR_VERSION 0U @@ -57,7 +57,7 @@ * Whenever something is deleted or changed in a way which is not * binary/load-time compatible, increment MAJOR version * - * XX.X (unreleased) + * 22.0 (2025-09-15) * VRT_r_obj_stale_age() added * VRT_r_obj_stale_can_esi() added * VRT_r_obj_stale_grace() added From walid.boudebouda at gmail.com Mon Sep 15 13:22:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 13:22:05 +0000 (UTC) Subject: [master] 71d4d7566 Prepare for 8.0.0 Message-ID: <20250915132205.1D2D81017FC@lists.varnish-cache.org> commit 71d4d75665f4d1949f7eeca28092a12df7037f3a Author: Walid Boudebouda Date: Mon Sep 15 12:17:22 2025 +0200 Prepare for 8.0.0 diff --git a/bin/varnishtest/tests/m00003.vtc b/bin/varnishtest/tests/m00003.vtc index 0ace9b61d..5b1dbe7e2 100644 --- a/bin/varnishtest/tests/m00003.vtc +++ b/bin/varnishtest/tests/m00003.vtc @@ -111,7 +111,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ "$FOOBAR" @@ -131,7 +131,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ] ] @@ -149,7 +149,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ "$CPROTO" @@ -171,7 +171,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_std_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ "$CPROTO", "/* blabla */" diff --git a/bin/varnishtest/tests/m00055.vtc b/bin/varnishtest/tests/m00055.vtc index e41f61dde..1c884d9a8 100644 --- a/bin/varnishtest/tests/m00055.vtc +++ b/bin/varnishtest/tests/m00055.vtc @@ -21,7 +21,7 @@ filewrite -a ${tmpdir}/libvmod_wrong.so { "Vmod_vmod_wrong_Func", "0000000000000000000000000000000000000000000000000000000000000000", "0000000000000000000000000000000000000000000000000000000000000000", - "21", + "22", "0" ], [ diff --git a/configure.ac b/configure.ac index 2483dfeac..b5f46b4be 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_COPYRIGHT([Copyright (c) 2006 Verdens Gang AS Copyright (c) 2006-2025 Varnish Software Copyright 2010-2025 UPLEX - Nils Goroll Systemoptimierung]) AC_REVISION([$Id$]) -AC_INIT([Varnish], [trunk], [varnish-dev at varnish-cache.org]) +AC_INIT([Varnish], [8.0.0], [varnish-dev at varnish-cache.org]) AC_CONFIG_SRCDIR(include/miniobj.h) if ! test -f "${srcdir}/bin/varnishtest/vtest2/src/vtc_main.c" ; then AC_MSG_ERROR([vtest2 seems to be missing, use "git clone --recursive" or "git submodule update --init"]) diff --git a/doc/changes.rst b/doc/changes.rst index 479e75e26..70cb0cc58 100644 --- a/doc/changes.rst +++ b/doc/changes.rst @@ -34,9 +34,9 @@ http://varnish-cache.org/docs/trunk/whats-new/index.html and via individual releases. These documents are updated as part of the release process. -============================== -Varnish-Cache 8.0 (2025-09-15) -============================== +================================ +Varnish-Cache 8.0.0 (2025-09-15) +================================ .. PLEASE keep this roughly in commit order as shown by git-log / tig (new to old) diff --git a/doc/sphinx/index.rst b/doc/sphinx/index.rst index 59678cebf..49a4b4807 100644 --- a/doc/sphinx/index.rst +++ b/doc/sphinx/index.rst @@ -40,7 +40,7 @@ Conventions used in this manual include: Longer listings like example command output and VCL look like this:: $ /opt/varnish/sbin/varnishd -V - varnishd (varnish-7.7.0 revision 1234567) + varnishd (varnish-8.0.0 revision 1234567) Copyright (c) 2006 Verdens Gang AS Copyright (c) 2006-2025 Varnish Software diff --git a/include/vrt.h b/include/vrt.h index c854b88f3..c21a5232f 100644 --- a/include/vrt.h +++ b/include/vrt.h @@ -46,7 +46,7 @@ # error "include vdef.h before vrt.h" #endif -#define VRT_MAJOR_VERSION 21U +#define VRT_MAJOR_VERSION 22U #define VRT_MINOR_VERSION 0U @@ -57,7 +57,7 @@ * Whenever something is deleted or changed in a way which is not * binary/load-time compatible, increment MAJOR version * - * XX.X (unreleased) + * 22.0 (2025-09-15) * VRT_r_obj_stale_age() added * VRT_r_obj_stale_can_esi() added * VRT_r_obj_stale_grace() added From walid.boudebouda at gmail.com Mon Sep 15 13:22:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 13:22:05 +0000 (UTC) Subject: [master] 4b1e115fa Merge tag 'varnish-8.0.0' Message-ID: <20250915132205.31DAD1017FF@lists.varnish-cache.org> commit 4b1e115fa16df27fde4777936c925898d2f31872 Merge: b4787ce2c 71d4d7566 Author: Walid Boudebouda Date: Mon Sep 15 15:21:21 2025 +0200 Merge tag 'varnish-8.0.0' Releasing 8.0.0 From walid.boudebouda at gmail.com Mon Sep 15 15:43:05 2025 From: walid.boudebouda at gmail.com (Walid Boudebouda) Date: Mon, 15 Sep 2025 15:43:05 +0000 (UTC) Subject: [8.0] 855a97d6e cci: Build from 8.0 pkg-varnish-cache branch Message-ID: <20250915154305.2BFB5112F4D@lists.varnish-cache.org> commit 855a97d6ecf60293bebcc1d2dbce1e9510573bba Author: Walid Boudebouda Date: Mon Sep 15 17:41:27 2025 +0200 cci: Build from 8.0 pkg-varnish-cache branch diff --git a/.circleci/config.yml b/.circleci/config.yml index 4aa420d3f..96cd1570f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -6,7 +6,7 @@ parameters: default: "HEAD" pkg-commit: type: string - default: "master" + default: "8.0" dist-url: type: string default: ""