Merge pull request #1436 from nexcess/devel

Devel

CHANGELOG.md

@@ -475,3 +475,9 @@ Magento CE 1.8+ or EE 1.13+, see [these instructions](https://github.com/nexcess
 * [#1335] Revert "use pass instead of pipe on non GET requests to improve performance" @miguelbalparda
 * [#1336] Scrutinizer Auto-Fixes @miguelbalparda
 * [#1313] Keep params from original url @hmphu
+
+### RELEASE-0.7.3
+* [#1400] Use vcl_ prefix in vcl name to avoid invalid character in name error @josh-palan
+* [#1405] When using hitch, we need to set http.X-Forwarded-Proto to HTTPS @craigcarnell
+* [#1410] Fix issue #1409: Solved by keeping Cache-Control header @jeroenvermeulen
+* [#1423] Fixes for #1404 #1361 #1423

app/code/community/Nexcessnet/Turpentine/Model/Varnish/Admin.php

@@ -104,7 +104,7 @@ public function applyConfig() {
  $result[$socketName] = 'Failed to load configurator';
  } else {
  $vcl = $cfgr->generate($helper->shouldStripVclWhitespace('apply'));
- $vclName = Mage::helper('turpentine/data')
+ $vclName = 'vcl_' . Mage::helper('turpentine/data')
  ->secureHash(microtime());
  try {
  $this->_testEsiSyntaxParam($socket);

app/code/community/Nexcessnet/Turpentine/Model/Varnish/Configurator/Abstract.php

@@ -684,7 +684,7 @@ protected function _vcl_director($name, $backendOptions) {
  $parts = explode(':', $backendNode, 2);
  $host = (empty($parts[0])) ? '127.0.0.1' : $parts[0];
  $port = (empty($parts[1])) ? '80' : $parts[1];
- $backends .= $this->_vcl_director_backend($host, $port, $probeUrl, $backendOptions);
+ $backends .= $this->_vcl_director_backend($host, $port, $prefix.$number, $probeUrl, $backendOptions);
  }
  $vars = array(
  'name' => $name,
@@ -698,14 +698,15 @@ protected function _vcl_director($name, $backendOptions) {
  *
  * @param string $host backend host
  * @param string $port backend port
+ * @param string $descriptor backend descriptor
  * @param string $probeUrl URL to check if backend is up
  * @param array $options extra options for backend
  * @return string
  */
- protected function _vcl_director_backend($host, $port, $probeUrl = '', $options = array()) {
+ protected function _vcl_director_backend($host, $port, $descriptor = '', $probeUrl = '', $options = array()) {
  $tpl = <<<EOS
  {
- .backend = {
+ .backend {$descriptor} = {
  .host = "{{host}}";
  .port = "{{port}}";
 {{probe}}
@@ -901,6 +902,20 @@ protected function _vcl_sub_maintenance_allowed_ips() {
  'debug_ips' => Mage::getStoreConfig('dev/restrict/allow_ips') ));
  }
 
+ /**
+ * When using Varnish on port 80 and Hitch listen on port 443 for HTTPS, the fix will set X-Forwarded-Proto to HTTPS to prevent redirect loop.
+ *
+ * @return string
+ */
+ protected function _vcl_sub_https_proto_fix() {
+ $tpl = <<<EOS
+if (std.port(server.ip) == 443) {
+ set req.http.X-Forwarded-Proto = "https";
+}
+EOS;
+ return $tpl;
+ }
+
  /**
  * When using Varnish as front door listen on port 80 and Nginx/Apache listen on port 443 for HTTPS, the fix will keep the url parameters when redirect from HTTP to HTTPS.
  *
@@ -1085,6 +1100,10 @@ protected function _getTemplateVars() {
  // set the vcl_error from Magento database
  $vars['vcl_synth'] = $this->_vcl_sub_synth();
  }
+
+ if (Mage::getStoreConfig('turpentine_varnish/general/https_proto_fix')) {
+ $vars['https_proto_fix'] = $this->_vcl_sub_https_proto_fix();
+ }
 
  if (Mage::getStoreConfig('turpentine_varnish/general/https_redirect_fix')) {
  $vars['https_redirect'] = $this->_vcl_sub_https_redirect_fix();

app/code/community/Nexcessnet/Turpentine/etc/config.xml

@@ -20,7 +20,7 @@
 <config>
  <modules>
  <Nexcessnet_Turpentine>
- <version>0.7.2</version>
+ <version>0.7.3</version>
  </Nexcessnet_Turpentine>
  </modules>
  <default>

app/code/community/Nexcessnet/Turpentine/etc/system.xml

@@ -72,6 +72,16 @@
  <show_in_website>1</show_in_website>
  <show_in_store>1</show_in_store>
  </vcl_fix>
+ <https_proto_fix translate="label comment">
+ <label>Set X-Forwarded-Proto Header to HTTPS on port 443</label>
+ <comment>When using Varnish on port 80 and hitch on port 443 for HTTPS, the fix will set X-Forwarded-Proto header to HTTPS to prevent a re-direct loop.</comment>
+ <frontend_type>select</frontend_type>
+ <sort_order>27</sort_order>
+ <source_model>adminhtml/system_config_source_enabledisable</source_model>
+ <show_in_default>1</show_in_default>
+ <show_in_website>1</show_in_website>
+ <show_in_store>1</show_in_store>
+ </https_proto_fix>
  <https_redirect_fix translate="label comment">
  <label>Fix HTTPS redirect</label>
  <comment>When using Varnish as front door listen on port 80 and Nginx/Apache listen on port 443 for HTTPS, the fix will keep the url parameters when redirect from HTTP to HTTPS.</comment>

app/code/community/Nexcessnet/Turpentine/misc/version-2.vcl

@@ -329,7 +329,7 @@ sub vcl_fetch {
  remove beresp.http.Set-Cookie;
  }
  # we'll set our own cache headers if we need them
- remove beresp.http.Cache-Control;
+ # we'll override the "Cache-Control" header if needed.
  remove beresp.http.Expires;
  remove beresp.http.Pragma;
  remove beresp.http.Cache;
@@ -341,6 +341,7 @@ sub vcl_fetch {
  if (beresp.http.X-Turpentine-Cache == "0") {
  set beresp.cacheable = false;
  set beresp.ttl = {{grace_period}}s;
+ set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate";
  return (pass);
  } else {
  set beresp.cacheable = true;
@@ -360,6 +361,7 @@ sub vcl_fetch {
  }
  if (req.http.X-Varnish-Esi-Method == "ajax") {
  set beresp.ttl = {{grace_period}}s;
+ set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate";
  return (pass);
  } else {
  set beresp.ttl = {{esi_private_ttl}}s;

app/code/community/Nexcessnet/Turpentine/misc/version-3.vcl

@@ -335,7 +335,7 @@ sub vcl_fetch {
  unset beresp.http.Set-Cookie;
  }
  # we'll set our own cache headers if we need them
- unset beresp.http.Cache-Control;
+ # we'll override the "Cache-Control" header if needed
  unset beresp.http.Expires;
  unset beresp.http.Pragma;
  unset beresp.http.Cache;
@@ -346,6 +346,7 @@ sub vcl_fetch {
  }
  if (beresp.http.X-Turpentine-Cache == "0") {
  set beresp.ttl = {{grace_period}}s;
+ set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate";
  return (hit_for_pass);
  } else {
  if ({{force_cache_static}} &&
@@ -374,6 +375,7 @@ sub vcl_fetch {
  # this is probably faster than bothering with 0 ttl
  # cache objects
  set beresp.ttl = {{grace_period}}s;
+ set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate";
  return (hit_for_pass);
  }
  } else {

app/code/community/Nexcessnet/Turpentine/misc/version-4.vcl

@@ -109,6 +109,7 @@ sub vcl_init {
 sub vcl_recv {
  {{maintenance_allowed_ips}}
 
+ {{https_proto_fix}}
  {{https_redirect}}
 
  # this always needs to be done so it's up at the top
@@ -355,8 +356,9 @@ sub vcl_backend_response {
  set beresp.http.X-Varnish-Set-Cookie = beresp.http.Set-Cookie;
  unset beresp.http.Set-Cookie;
  }
+
  # we'll set our own cache headers if we need them
- unset beresp.http.Cache-Control;
+ # we'll override the "Cache-Control" header if needed
  unset beresp.http.Expires;
  unset beresp.http.Pragma;
  unset beresp.http.Cache;
@@ -368,6 +370,7 @@ sub vcl_backend_response {
  if (beresp.http.X-Turpentine-Cache == "0") {
  set beresp.ttl = {{grace_period}}s;
  set beresp.uncacheable = true;
+ set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate";
  return (deliver);
  } else {
  if ({{force_cache_static}} &&
@@ -397,6 +400,7 @@ sub vcl_backend_response {
  # cache objects
  set beresp.ttl = {{grace_period}}s;
  set beresp.uncacheable = true;
+ set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate";
  return (deliver);
  }
  } else {