Merge pull request #41 from baidu/release/v0.2.0

Release/v0.2.0

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,23 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior.
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE/pull_request.md

@@ -0,0 +1,5 @@
+## What does this PR do
+Please link to the relevant issues.
+
+## Additional context
+Add any other context here.

CHANGELOG.md

@@ -0,0 +1,39 @@
+<!--
+This changelog should always be read on `master` branch. Its contents on other branches
+does not necessarily reflect the changes.
+-->
+
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+
+## [v0.2.0] - 2019-09-26
+
+### Added
+- Add proxy protocol to be compatible with F5 BigIP/Citrix ADC etc
+- Add mod_access to write request/session log in customized format
+- Add mod_key_log to wirte tls key log so that external programs(eg. wireshark) can decrypt TLS connections for trouble shooting
+- Add security grade 'A+' in tls
+- Add condition primitive: req_query_value_contain/req_header_value_contain/req_cookie_value_contain
+- Documents optimization
+
+### Changed
+- reverseproxy: flush response header immediately if flushInterval<0
+
+
+## [v0.1.0] - 2019-08-01
+
+### Added
+- Multiple protocols supported, including HTTP, HTTPS, SPDY, HTTP2, WebSocket, TLS, etc
+- Content based routing, support user-defined routing rule in advanced domain-specific language
+- Support multiple load balancing policies
+- Flexible plugin framework to extend functionality. Based on the framework, developer can add new features rapidly
+- Detailed built-in metrics available for service status monitor
+
+
+[v0.2.0]: https://github.com/baidu/bfe/compare/v0.1.0...v0.2.0
+[v0.1.0]: https://github.com/baidu/bfe/releases/tag/v0.1.0

CODE_OF_CONDUCT.md

@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [email protected]. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq

CONTRIBUTORS.md

@@ -0,0 +1,15 @@
+* This is the list of people who have contributed code/doc to the BFE repository.
+* Please keep the list sorted by **name**. 
+
+| Name | Github Account |
+| ---- | -------------- |
+| Kaiyu Zheng | kaiyuzheng | 
+| Lu Guo | guolu60 |
+| Miao Zhang |     |
+| Min Dai | daimin |
+| Qingxin Yang | yangqingxin1993 |
+| Sijie Yang | iyangsj |
+| Wenjie Tian | WJTian |
+| Wensi Yang | tianxinheihei | 
+| Xiaofei Yu | xiaofei0800 |
+| Yang Liu | dut-yangliu |

Makefile

@@ -30,7 +30,7 @@ GOGET   := $(GO) get
 GOGEN   := $(GO) generate
 
 # init bfe version
-BFE_VERSION ?= $(shell git rev-parse --short HEAD || echo "GitNotFound")
+BFE_VERSION ?= $(shell cat VERSION)
 
 # make, make all
 all: prepare compile package

README.md

@@ -1,4 +1,11 @@
 # BFE
+
+[![GitHub](https://img.shields.io/github/license/baidu/bfe)](https://github.com/baidu/bfe/blob/develop/LICENSE)
+[![Travis (.com)](https://img.shields.io/travis/com/baidu/bfe)](https://travis-ci.com/baidu/bfe)
+[![Go Report Card](https://goreportcard.com/badge/github.com/baidu/bfe)](https://goreportcard.com/report/github.com/baidu/bfe)
+[![GoDoc](https://godoc.org/github.com/baidu/bfe?status.svg)](https://godoc.org/github.com/baidu/bfe/bfe_module)
+[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/3209/badge)](https://bestpractices.coreinfrastructure.org/projects/3209)
+
 BFE is an open-source layer 7 load balancer derived from proprietary Baidu FrontEnd.
 
 ## Advantages
@@ -29,12 +36,15 @@ BFE is an open-source layer 7 load balancer derived from proprietary Baidu Front
 - See the [CONTRIBUTING](CONTRIBUTING.md) file for details
 
 ## Authors
-- Owners: zhangmiao02, yangsijie
-- Committers: yangsijie
+- Owners: [Miao Zhang](mailto:[email protected]), [Sijie Yang](mailto:[email protected])
+- Committers: [Sijie Yang](mailto:[email protected])
+- Contributors: [CONTRIBUTORS](CONTRIBUTORS.md)
 
 ## Discussion
 - Issue: https://github.com/baidu/bfe/issues
 
+## Contact
+- Email：[email protected]
+
 ## License
 BFE is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.
-

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please do not open issues for anything you think might have a security implication.
+
+Security issues and bugs should be reported privately to [email protected]. 
+You should receive a response within 24 hours. If for some reason you do not, 
+please follow up via email to ensure we received your original message. 

VERSION

@@ -0,0 +1 @@
+0.2.0

bfe_balance/bal_gslb/bal_gslb.go

@@ -304,7 +304,7 @@ func (bal *BalanceGslb) Balance(req *bfe_basic.Request) (*bal_backend.BfeBackend
 	var backend *bal_backend.BfeBackend
 	var current *SubCluster
 	var err error
-	balAlgor := bal_slb.WrrSmooth
+	var balAlgor int
 
 	bal.lock.Lock()
 	defer bal.lock.Unlock()

bfe_basic/condition/build.go

@@ -251,6 +251,13 @@ func buildPrimitive(node *parser.CallExpr) (Condition, error) {
 			fetcher: &QueryValueFetcher{node.Args[0].Value},
 			matcher: NewRegMatcher(reg),
 		}, nil
+	case "req_query_value_contain":
+		return &PrimitiveCond{
+			name:    node.Fun.Name,
+			node:    node,
+			fetcher: &QueryValueFetcher{node.Args[0].Value},
+			matcher: NewContainMatcher(node.Args[1].Value, node.Args[2].ToBool()),
+		}, nil
 	case "req_cookie_key_in":
 		return &PrimitiveCond{
 			name: node.Fun.Name,
@@ -281,6 +288,13 @@ func buildPrimitive(node *parser.CallExpr) (Condition, error) {
 			fetcher: &CookieValueFetcher{node.Args[0].Value},
 			matcher: NewSuffixInMatcher(node.Args[1].Value, node.Args[2].ToBool()),
 		}, nil
+	case "req_cookie_value_contain":
+		return &PrimitiveCond{
+			name:    node.Fun.Name,
+			node:    node,
+			fetcher: &CookieValueFetcher{node.Args[0].Value},
+			matcher: NewContainMatcher(node.Args[1].Value, node.Args[2].ToBool()),
+		}, nil
 	case "req_port_in":
 		return &PrimitiveCond{
 			name:    node.Fun.Name,
@@ -349,6 +363,13 @@ func buildPrimitive(node *parser.CallExpr) (Condition, error) {
 			fetcher: &HeaderValueFetcher{node.Args[0].Value},
 			matcher: NewRegMatcher(reg),
 		}, nil
+	case "req_header_value_contain":
+		return &PrimitiveCond{
+			name:    node.Fun.Name,
+			node:    node,
+			fetcher: &HeaderValueFetcher{node.Args[0].Value},
+			matcher: NewContainMatcher(node.Args[1].Value, node.Args[2].ToBool()),
+		}, nil
 	case "req_method_in":
 		return &PrimitiveCond{
 			name:    node.Fun.Name,

bfe_basic/condition/parser/semant.go

@@ -41,11 +41,13 @@ var funcProtos = map[string][]Token{
 	"req_query_value_prefix_in":  {STRING, STRING, BOOL},
 	"req_query_value_suffix_in":  {STRING, STRING, BOOL},
 	"req_query_value_regmatch":   {STRING, STRING},
+	"req_query_value_contain":    {STRING, STRING, BOOL},
 	"req_url_regmatch":           {STRING},
 	"req_cookie_key_in":          {STRING},
 	"req_cookie_value_in":        {STRING, STRING, BOOL},
 	"req_cookie_value_prefix_in": {STRING, STRING, BOOL},
 	"req_cookie_value_suffix_in": {STRING, STRING, BOOL},
+	"req_cookie_value_contain":   {STRING, STRING, BOOL},
 	"req_port_in":                {STRING},
 	"req_tag_match":              {STRING, STRING},
 	"req_ua_regmatch":            {STRING},
@@ -54,6 +56,7 @@ var funcProtos = map[string][]Token{
 	"req_header_value_prefix_in": {STRING, STRING, BOOL},
 	"req_header_value_suffix_in": {STRING, STRING, BOOL},
 	"req_header_value_regmatch":  {STRING, STRING},
+	"req_header_value_contain":   {STRING, STRING, BOOL},
 	"req_method_in":              {STRING},
 	"req_cip_range":              {STRING, STRING},
 	"req_vip_range":              {STRING, STRING},

bfe_basic/condition/primitive.go

@@ -720,3 +720,44 @@ func NewHostMatcher(patterns string) (*HostMatcher, error) {
 		patterns: p,
 	}, nil
 }
+
+type ContainMatcher struct {
+	patterns []string
+	foldCase bool
+}
+
+func NewContainMatcher(patterns string, foldCase bool) *ContainMatcher {
+	p := strings.Split(patterns, "|")
+
+	if foldCase {
+		p = toUpper(p)
+	}
+
+	return &ContainMatcher{
+		patterns: p,
+		foldCase: foldCase,
+	}
+}
+
+func contain(v string, patterns []string) bool {
+	for _, pattern := range patterns {
+		if strings.Contains(v, pattern) {
+			return true
+		}
+	}
+
+	return false
+}
+
+func (cm *ContainMatcher) Match(v interface{}) bool {
+	vs, ok := v.(string)
+	if !ok {
+		return false
+	}
+
+	if cm.foldCase {
+		vs = strings.ToUpper(vs)
+	}
+
+	return contain(vs, cm.patterns)
+}

bfe_basic/condition/primitive_test.go

@@ -185,3 +185,39 @@ func TestHostMatcher_2(t *testing.T) {
 		t.Errorf("NewHostMatcher() return wrong error: %v", err)
 	}
 }
+
+// test ContainMatcher, case-sensitive
+func TestContainMatcher_1(t *testing.T) {
+	matcher := NewContainMatcher("yingwen|中文|%e4%b8%ad%e6%96%87|YINGWEN", false)
+	if !matcher.Match("yingwen") {
+		t.Fatalf("should match yingwen")
+	}
+
+	if matcher.Match("Yingwen") {
+		t.Fatalf("should not match Yingwen")
+	}
+
+	if !matcher.Match("hi，中文") {
+		t.Fatalf("should match hi，中文")
+	}
+
+	if matcher.Match("文") {
+		t.Fatalf("should not match 文")
+	}
+
+	if !matcher.Match("%e4%b8%ad%e6%96%87") {
+		t.Fatalf("should match %%e4%%b8%%ad%%e6%%96%%87")
+	}
+
+	if !matcher.Match("YINGWEN") {
+		t.Fatalf("should match YINGWEN")
+	}
+}
+
+// test for ContainMatcher, ignore case
+func TestContainMatcher_2(t *testing.T) {
+	matcher := NewContainMatcher("yingwen", true)
+	if !matcher.Match("Yingwen") {
+		t.Fatalf("should match Yingwen")
+	}
+}