From 9f52a5f7a4d5a66d8dae0f8da09947b3d11bced3 Mon Sep 17 00:00:00 2001
From: Kazuhiko SHIOZAKI <kazuhiko@nexedi.com>
Date: Mon, 11 Jan 2021 13:09:43 +0100
Subject: [PATCH] component/trafficserver: do not return stale negative cache.

https://github.com/apache/trafficserver/issues/7417#issuecomment-757866872
---
 component/trafficserver/buildout.cfg          |  6 ++++-
 ...-stale-negative-cache-not-returnable.patch | 23 +++++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 component/trafficserver/trafficserver-8.1-stale-negative-cache-not-returnable.patch

diff --git a/component/trafficserver/buildout.cfg b/component/trafficserver/buildout.cfg
index 009b006f9..89c336757 100644
--- a/component/trafficserver/buildout.cfg
+++ b/component/trafficserver/buildout.cfg
@@ -6,6 +6,7 @@ extends =
   ../make/buildout.cfg
   ../ncurses/buildout.cfg
   ../openssl/buildout.cfg
+  ../patch/buildout.cfg
   ../pcre/buildout.cfg
   ../perl/buildout.cfg
   ../pkgconfig/buildout.cfg
@@ -25,6 +26,9 @@ recipe = slapos.recipe.cmmi
 url = http://apache.claz.org/trafficserver/trafficserver-8.1.0.tar.bz2
 md5sum = 99bfeb61095e55cb151ef58d884cb3f1
 shared = true
+patch-options = -p1
+patches =
+  ${:_profile_base_location_}/trafficserver-8.1-stale-negative-cache-not-returnable.patch#e1a2f8a23f00cee1301ccf1a84e46763
 configure-options =
   --with-openssl=${openssl:location}
   --with-pcre=${pcre:location}
@@ -37,7 +41,7 @@ configure-options =
   --enable-experimental-plugins
   --disable-posix-cap
 environment =
-  PATH=${libtool:location}/bin:${make:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
+  PATH=${libtool:location}/bin:${make:location}/bin:${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
   LDFLAGS =-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
 
 make-target =
diff --git a/component/trafficserver/trafficserver-8.1-stale-negative-cache-not-returnable.patch b/component/trafficserver/trafficserver-8.1-stale-negative-cache-not-returnable.patch
new file mode 100644
index 000000000..2988586d6
--- /dev/null
+++ b/component/trafficserver/trafficserver-8.1-stale-negative-cache-not-returnable.patch
@@ -0,0 +1,23 @@
+--- trafficserver-8.1.1/proxy/http/HttpTransact.cc.orig	2020-12-01 00:30:26.000000000 +0100
++++ trafficserver-8.1.1/proxy/http/HttpTransact.cc	2021-01-11 11:35:41.946893735 +0100
+@@ -5752,6 +5752,7 @@
+ HttpTransact::is_stale_cache_response_returnable(State *s)
+ {
+   HTTPHdr *cached_response = s->cache_info.object_read->response_get();
++  HTTPStatus cache_response_code = cached_response->status_get();
+ 
+   // First check if client allows cached response
+   // Note does_client_permit_lookup was set to
+@@ -5760,6 +5761,12 @@
+   if (!s->cache_info.directives.does_client_permit_lookup) {
+     return false;
+   }
++  // We don't serve stale negative cache.
++  if (cache_response_code == HTTP_STATUS_INTERNAL_SERVER_ERROR || cache_response_code == HTTP_STATUS_GATEWAY_TIMEOUT ||
++      cache_response_code == HTTP_STATUS_BAD_GATEWAY || cache_response_code == HTTP_STATUS_SERVICE_UNAVAILABLE) {
++    TxnDebug("http_trans", "[is_stale_cache_response_returnable] stale negative cache");
++    return false;
++  }
+   // Spec says that we can not serve a stale document with a
+   //   "must-revalidate header"
+   // How about "s-maxage" and "no-cache" directives?
-- 
2.30.9