walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

src: Format help message and add --version to make man page generation easier

This commit is contained in:
Tatsuhiro Tsujikawa 2014-02-16 19:39:41 +09:00
parent 1fd5fdd54a
commit f5342494f4
3 changed files with 375 additions and 348 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
src/nghttp.cc
View File

@ -1654,14 +1654,18 @@ int run(char **uris, int n)
}
} // namespace
namespace {
void print_version(std::ostream& out)
{
out << "nghttp nghttp2/" NGHTTP2_VERSION << std::endl;
}
} // namespace
namespace {
void print_usage(std::ostream& out)
{
out << "Usage: nghttp [-Oansuv] [-t <SECONDS>] [-w <WINDOW_BITS>] [-W <WINDOW_BITS>]\n"
<< " [--cert=<CERT>] [--key=<KEY>] [-d <FILE>] [-m <N>]\n"
<< " [-p <PRIORITY>] [-M <N>] [-b <ALIGNMENT>]\n"
<< " <URI>..."
<< std::endl;
out << "Usage: nghttp [OPTIONS]... <URI>...\n"
<< "HTTP/2 experimental client" << std::endl;
}
} // namespace
@ -1670,56 +1674,59 @@ void print_help(std::ostream& out)
{
print_usage(out);
out << "\n"
<< "OPTIONS:\n"
<< " -v, --verbose Print debug information such as reception/\n"
<< " transmission of frames and name/value pairs.\n"
<< " -n, --null-out Discard downloaded data.\n"
<< " -O, --remote-name Save download data in the current directory.\n"
<< " The filename is dereived from URI. If URI\n"
<< " ends with '/', 'index.html' is used as a\n"
<< " filename. Not implemented yet.\n"
<< " -t, --timeout=<N> Timeout each request after <N> seconds.\n"
<< " -w, --window-bits=<N>\n"
<< " Sets the stream level initial window size\n"
<< " to 2**<N>-1.\n"
<< " -W, --connection-window-bits=<N>\n"
<< " Sets the connection level initial window\n"
<< " size to 2**<N>-1.\n"
<< " -a, --get-assets Download assets such as stylesheets, images\n"
<< " and script files linked from the downloaded\n"
<< " resource. Only links whose origins are the\n"
<< " same with the linking resource will be\n"
<< " downloaded.\n"
<< " -s, --stat Print statistics.\n"
<< " -H, --header Add a header to the requests.\n"
<< " --cert=<CERT> Use the specified client certificate file.\n"
<< " The file must be in PEM format.\n"
<< " --key=<KEY> Use the client private key file. The file\n"
<< " must be in PEM format.\n"
<< " -d, --data=<FILE> Post FILE to server. If - is given, data\n"
<< " will be read from stdin.\n"
<< " -m, --multiply=<N> Request each URI <N> times. By default, same\n"
<< " URI is not requested twice. This option\n"
<< " disables it too.\n"
<< " -u, --upgrade Perform HTTP Upgrade for HTTP/2.0. This\n"
<< " option is ignored if the request URI has\n"
<< " https scheme.\n"
<< " If -d is used, the HTTP upgrade request is\n"
<< " performed with OPTIONS method.\n"
<< " -p, --pri=<PRIORITY>\n"
<< " Sets stream priority. Default: "
<< " <URI> Specify URI to access.\n"
<< "Options:\n"
<< " -v, --verbose Print debug information such as reception/\n"
<< " transmission of frames and name/value pairs.\n"
<< " -n, --null-out Discard downloaded data.\n"
<< " -O, --remote-name Save download data in the current directory.\n"
<< " The filename is dereived from URI. If URI\n"
<< " ends with '/', 'index.html' is used as a\n"
<< " filename. Not implemented yet.\n"
<< " -t, --timeout=<N> Timeout each request after <N> seconds.\n"
<< " -w, --window-bits=<N>\n"
<< " Sets the stream level initial window size\n"
<< " to 2**<N>-1.\n"
<< " -W, --connection-window-bits=<N>\n"
<< " Sets the connection level initial window\n"
<< " size to 2**<N>-1.\n"
<< " -a, --get-assets Download assets such as stylesheets, images\n"
<< " and script files linked from the downloaded\n"
<< " resource. Only links whose origins are the\n"
<< " same with the linking resource will be\n"
<< " downloaded.\n"
<< " -s, --stat Print statistics.\n"
<< " -H, --header Add a header to the requests.\n"
<< " --cert=<CERT> Use the specified client certificate file.\n"
<< " The file must be in PEM format.\n"
<< " --key=<KEY> Use the client private key file. The file\n"
<< " must be in PEM format.\n"
<< " -d, --data=<FILE> Post FILE to server. If - is given, data\n"
<< " will be read from stdin.\n"
<< " -m, --multiply=<N> Request each URI <N> times. By default, same\n"
<< " URI is not requested twice. This option\n"
<< " disables it too.\n"
<< " -u, --upgrade Perform HTTP Upgrade for HTTP/2.0. This\n"
<< " option is ignored if the request URI has\n"
<< " https scheme.\n"
<< " If -d is used, the HTTP upgrade request is\n"
<< " performed with OPTIONS method.\n"
<< " -p, --pri=<PRIORITY>\n"
<< " Sets stream priority. Default: "
<< NGHTTP2_PRI_DEFAULT << "\n"
<< " -M, --peer-max-concurrent-streams=<N>\n"
<< " Use <N> as SETTINGS_MAX_CONCURRENT_STREAMS\n"
<< " value of remote endpoint as if it is\n"
<< " received in SETTINGS frame. The default\n"
<< " is large enough as it is seen as unlimited.\n"
<< " -c, --header-table-size=<N>\n"
<< " Specify decoder header table size.\n"
<< " -b, --padding=<N> Add at most <N> bytes to a frame payload as\n"
<< " padding. Specify 0 to disable padding.\n"
<< " --color Force colored log output.\n"
<< " --continuation Send large header to test CONTINUATION.\n"
<< " -M, --peer-max-concurrent-streams=<N>\n"
<< " Use <N> as SETTINGS_MAX_CONCURRENT_STREAMS\n"
<< " value of remote endpoint as if it is\n"
<< " received in SETTINGS frame. The default\n"
<< " is large enough as it is seen as unlimited.\n"
<< " -c, --header-table-size=<N>\n"
<< " Specify decoder header table size.\n"
<< " -b, --padding=<N> Add at most <N> bytes to a frame payload as\n"
<< " padding. Specify 0 to disable padding.\n"
<< " --color Force colored log output.\n"
<< " --continuation Send large header to test CONTINUATION.\n"
<< " --version Display version information and exit.\n"
<< " -h, --help Display this help and exit.\n"
<< std::endl;
}
} // namespace
@ -1751,6 +1758,7 @@ int main(int argc, char **argv)
{"key", required_argument, &flag, 2},
{"color", no_argument, &flag, 3},
{"continuation", no_argument, &flag, 4},
{"version", no_argument, &flag, 5},
{nullptr, 0, nullptr, 0 }
};
int option_index = 0;
@ -1889,6 +1897,10 @@ int main(int argc, char **argv)
// continuation option
config.continuation = true;
break;
case 5:
// version option
print_version(std::cout);
exit(EXIT_SUCCESS);
}
break;
default:

89
src/nghttpd.cc
View File

@ -72,12 +72,19 @@ int parse_push_config(Config& config, const char *optarg)
}
} // namespace
namespace {
void print_version(std::ostream& out)
{
out << "nghttpd nghttp2/" NGHTTP2_VERSION << std::endl;
}
} // namespace
namespace {
void print_usage(std::ostream& out)
{
out << "Usage: nghttpd [-DVhpv] [-d <PATH>] [--no-tls] [-b <ALIGNMENT>]\n"
<< " <PORT> [<PRIVATE_KEY> <CERT>]"
<< std::endl;
out << "Usage: nghttpd [OPTION]... <PORT> <PRIVATE_KEY> <CERT>\n"
<< " or: nghttpd --no-tls [OPTION]... <PORT>\n"
<< "HTTP/2 experimental server" << std::endl;
}
} // namespace
@ -86,38 +93,45 @@ void print_help(std::ostream& out)
{
print_usage(out);
out << "\n"
<< "OPTIONS:\n"
<< " -D, --daemon Run in a background. If -D is used, the\n"
<< " current working directory is changed to '/'.\n"
<< " Therefore if this option is used, -d option\n"
<< " must be specified.\n"
<< " -V, --verify-client\n"
<< " The server sends a client certificate\n"
<< " request. If the client did not return a\n"
<< " certificate, the handshake is terminated.\n"
<< " Currently, this option just requests a\n"
<< " client certificate and does not verify it.\n"
<< " -d, --htdocs=<PATH>\n"
<< " Specify document root. If this option is\n"
<< " not specified, the document root is the\n"
<< " current working directory.\n"
<< " -v, --verbose Print debug information such as reception/\n"
<< " transmission of frames and name/value pairs.\n"
<< " --no-tls Disable SSL/TLS.\n"
<< " -c, --header-table-size=<N>\n"
<< " Specify decoder header table size.\n"
<< " --color Force colored log output.\n"
<< " -p, --push=<PATH>=<PUSH_PATH,...>\n"
<< " Push resources PUSH_PATHs when PATH is\n"
<< " requested. This option can be used\n"
<< " repeatedly to specify multiple push\n"
<< " configurations. For example,\n"
<< " -p/=/foo.png -p/doc=/bar.css\n"
<< " PATH and PUSH_PATHs are relative to document\n"
<< " root. See --htdocs option.\n"
<< " -b, --padding=<N> Add at most <N> bytes to a frame payload as\n"
<< " padding. Specify 0 to disable padding.\n"
<< " -h, --help Print this help.\n"
<< " <PORT> Specify listening port number.\n"
<< " <PRIVATE_KEY> Set path to server's private key. Required\n"
<< " unless --no-tls is specified.\n"
<< " <CERT> Set path to server's certificate. Required\n"
<< " unless --no-tls is specified.\n"
<< "\n"
<< "Options:\n"
<< " -D, --daemon Run in a background. If -D is used, the\n"
<< " current working directory is changed to '/'.\n"
<< " Therefore if this option is used, -d option\n"
<< " must be specified.\n"
<< " -V, --verify-client\n"
<< " The server sends a client certificate\n"
<< " request. If the client did not return a\n"
<< " certificate, the handshake is terminated.\n"
<< " Currently, this option just requests a\n"
<< " client certificate and does not verify it.\n"
<< " -d, --htdocs=<PATH>\n"
<< " Specify document root. If this option is\n"
<< " not specified, the document root is the\n"
<< " current working directory.\n"
<< " -v, --verbose Print debug information such as reception/\n"
<< " transmission of frames and name/value pairs.\n"
<< " --no-tls Disable SSL/TLS.\n"
<< " -c, --header-table-size=<N>\n"
<< " Specify decoder header table size.\n"
<< " --color Force colored log output.\n"
<< " -p, --push=<PATH>=<PUSH_PATH,...>\n"
<< " Push resources PUSH_PATHs when PATH is\n"
<< " requested. This option can be used\n"
<< " repeatedly to specify multiple push\n"
<< " configurations. For example,\n"
<< " -p/=/foo.png -p/doc=/bar.css\n"
<< " PATH and PUSH_PATHs are relative to document\n"
<< " root. See --htdocs option.\n"
<< " -b, --padding=<N> Add at most <N> bytes to a frame payload as\n"
<< " padding. Specify 0 to disable padding.\n"
<< " --version Display version information and exit.\n"
<< " -h, --help Display this help and exit.\n"
<< std::endl;
}
} // namespace
@ -139,6 +153,7 @@ int main(int argc, char **argv)
{"padding", required_argument, nullptr, 'b'},
{"no-tls", no_argument, &flag, 1},
{"color", no_argument, &flag, 2},
{"version", no_argument, &flag, 3},
{nullptr, 0, nullptr, 0}
};
int option_index = 0;
@ -192,6 +207,10 @@ int main(int argc, char **argv)
// color option
color = true;
break;
case 3:
// version
print_version(std::cout);
exit(EXIT_SUCCESS);
}
break;
default:

514
src/shrpx.cc
View File

@ -462,12 +462,8 @@ void print_version(std::ostream& out)
namespace {
void print_usage(std::ostream& out)
{
out << "Usage: nghttpx [-Dh] [-s|--client|-p] [-b <HOST,PORT>]\n"
<< " [-f <HOST,PORT>] [-n <CORES>] [-c <NUM>] [-L <LEVEL>]\n"
<< " [OPTIONS...] [<PRIVATE_KEY> <CERT>]\n"
<< "\n"
<< "A reverse proxy for HTTP/2, HTTP/1 and SPDY.\n"
<< std::endl;
out << "Usage: nghttpx [OPTIONS]... [<PRIVATE_KEY> <CERT>]\n"
<< "A reverse proxy for HTTP/2, HTTP/1 and SPDY." << std::endl;
}
} // namespace
@ -475,289 +471,289 @@ namespace {
void print_help(std::ostream& out)
{
print_usage(out);
out << "Positional arguments:\n"
<< " <PRIVATE_KEY> Set path to server's private key. Required\n"
<< " unless -p, --client or --frontend-no-tls\n"
<< " are given.\n"
<< " <CERT> Set path to server's certificate. Required\n"
<< " unless -p, --client or --frontend-no-tls\n"
<< " are given.\n"
out << "\n"
<< " <PRIVATE_KEY> Set path to server's private key. Required\n"
<< " unless -p, --client or --frontend-no-tls\n"
<< " are given.\n"
<< " <CERT> Set path to server's certificate. Required\n"
<< " unless -p, --client or --frontend-no-tls\n"
<< " are given.\n"
<< "Options:\n"
<< " The options are categorized into several groups.\n"
<< "\n"
<< "OPTIONS:\n"
<< "\n"
<< " Connections:\n"
<< " -b, --backend=<HOST,PORT>\n"
<< " Set backend host and port.\n"
<< " Default: '"
<< "Connections:\n"
<< " -b, --backend=<HOST,PORT>\n"
<< " Set backend host and port.\n"
<< " Default: '"
<< get_config()->downstream_host << ","
<< get_config()->downstream_port << "'\n"
<< " -f, --frontend=<HOST,PORT>\n"
<< " Set frontend host and port.\n"
<< " Default: '"
<< " -f, --frontend=<HOST,PORT>\n"
<< " Set frontend host and port.\n"
<< " Default: '"
<< get_config()->host << "," << get_config()->port << "'\n"
<< " --backlog=<NUM> Set listen backlog size. If -1 is given,\n"
<< " libevent will choose suitable value.\n"
<< " Default: "
<< " --backlog=<NUM> Set listen backlog size. If -1 is given,\n"
<< " libevent will choose suitable value.\n"
<< " Default: "
<< get_config()->backlog << "\n"
<< " --backend-ipv4 Resolve backend hostname to IPv4 address\n"
<< " only.\n"
<< " --backend-ipv6 Resolve backend hostname to IPv6 address\n"
<< " only.\n"
<< " --backend-ipv4 Resolve backend hostname to IPv4 address\n"
<< " only.\n"
<< " --backend-ipv6 Resolve backend hostname to IPv6 address\n"
<< " only.\n"
<< "\n"
<< " Performance:\n"
<< " -n, --workers=<CORES>\n"
<< " Set the number of worker threads.\n"
<< " Default: "
<< "Performance:\n"
<< " -n, --workers=<CORES>\n"
<< " Set the number of worker threads.\n"
<< " Default: "
<< get_config()->num_worker << "\n"
<< " --read-rate=<RATE> Set maximum average read rate on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " read rate is unlimited.\n"
<< " Default: "
<< " --read-rate=<RATE> Set maximum average read rate on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " read rate is unlimited.\n"
<< " Default: "
<< get_config()->read_rate << "\n"
<< " --read-burst=<SIZE>\n"
<< " Set maximum read burst size on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " read burst size is unlimited.\n"
<< " Default: "
<< " --read-burst=<SIZE>\n"
<< " Set maximum read burst size on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " read burst size is unlimited.\n"
<< " Default: "
<< get_config()->read_burst << "\n"
<< " --write-rate=<RATE>\n"
<< " Set maximum average write rate on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " write rate is unlimited.\n"
<< " Default: "
<< " --write-rate=<RATE>\n"
<< " Set maximum average write rate on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " write rate is unlimited.\n"
<< " Default: "
<< get_config()->write_rate << "\n"
<< " --write-burst=<SIZE>\n"
<< " Set maximum write burst size on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " write burst size is unlimited.\n"
<< " Default: "
<< " --write-burst=<SIZE>\n"
<< " Set maximum write burst size on frontend\n"
<< " connection. Setting 0 to this option means\n"
<< " write burst size is unlimited.\n"
<< " Default: "
<< get_config()->write_burst << "\n"
<< "\n"
<< " Timeout:\n"
<< " --frontend-http2-read-timeout=<SEC>\n"
<< " Specify read timeout for HTTP/2.0 and SPDY frontend\n"
<< " connection. Default: "
<< "Timeout:\n"
<< " --frontend-http2-read-timeout=<SEC>\n"
<< " Specify read timeout for HTTP/2.0 and SPDY frontend\n"
<< " connection. Default: "
<< get_config()->http2_upstream_read_timeout.tv_sec << "\n"
<< " --frontend-read-timeout=<SEC>\n"
<< " Specify read timeout for HTTP/1.1 frontend\n"
<< " connection. Default: "
<< " --frontend-read-timeout=<SEC>\n"
<< " Specify read timeout for HTTP/1.1 frontend\n"
<< " connection. Default: "
<< get_config()->upstream_read_timeout.tv_sec << "\n"
<< " --frontend-write-timeout=<SEC>\n"
<< " Specify write timeout for all frontends.\n"
<< " connection. Default: "
<< " --frontend-write-timeout=<SEC>\n"
<< " Specify write timeout for all frontends.\n"
<< " connection. Default: "
<< get_config()->upstream_write_timeout.tv_sec << "\n"
<< " --backend-read-timeout=<SEC>\n"
<< " Specify read timeout for backend connection.\n"
<< " Default: "
<< " --backend-read-timeout=<SEC>\n"
<< " Specify read timeout for backend connection.\n"
<< " Default: "
<< get_config()->downstream_read_timeout.tv_sec << "\n"
<< " --backend-write-timeout=<SEC>\n"
<< " Specify write timeout for backend\n"
<< " connection. Default: "
<< " --backend-write-timeout=<SEC>\n"
<< " Specify write timeout for backend\n"
<< " connection. Default: "
<< get_config()->downstream_write_timeout.tv_sec << "\n"
<< " --backend-keep-alive-timeout=<SEC>\n"
<< " Specify keep-alive timeout for backend\n"
<< " connection. Default: "
<< " --backend-keep-alive-timeout=<SEC>\n"
<< " Specify keep-alive timeout for backend\n"
<< " connection. Default: "
<< get_config()->downstream_idle_read_timeout.tv_sec << "\n"
<< " --backend-http-proxy-uri=<URI>\n"
<< " Specify proxy URI in the form\n"
<< " http://[<USER>:<PASS>@]<PROXY>:<PORT>. If\n"
<< " a proxy requires authentication, specify\n"
<< " <USER> and <PASS>. Note that they must be\n"
<< " properly percent-encoded. This proxy is used\n"
<< " when the backend connection is HTTP/2.0. First,\n"
<< " make a CONNECT request to the proxy and\n"
<< " it connects to the backend on behalf of\n"
<< " nghttpx. This forms tunnel. After that, nghttpx\n"
<< " performs SSL/TLS handshake with the\n"
<< " downstream through the tunnel. The timeouts\n"
<< " when connecting and making CONNECT request\n"
<< " can be specified by --backend-read-timeout\n"
<< " and --backend-write-timeout options.\n"
<< " --backend-http-proxy-uri=<URI>\n"
<< " Specify proxy URI in the form\n"
<< " http://[<USER>:<PASS>@]<PROXY>:<PORT>. If\n"
<< " a proxy requires authentication, specify\n"
<< " <USER> and <PASS>. Note that they must be\n"
<< " properly percent-encoded. This proxy is used\n"
<< " when the backend connection is HTTP/2.0. First,\n"
<< " make a CONNECT request to the proxy and\n"
<< " it connects to the backend on behalf of\n"
<< " nghttpx. This forms tunnel. After that, nghttpx\n"
<< " performs SSL/TLS handshake with the\n"
<< " downstream through the tunnel. The timeouts\n"
<< " when connecting and making CONNECT request\n"
<< " can be specified by --backend-read-timeout\n"
<< " and --backend-write-timeout options.\n"
<< "\n"
<< " SSL/TLS:\n"
<< " --ciphers=<SUITE> Set allowed cipher list. The format of the\n"
<< " string is described in OpenSSL ciphers(1).\n"
<< " If this option is used, --honor-cipher-order\n"
<< " is implicitly enabled.\n"
<< " --honor-cipher-order\n"
<< " Honor server cipher order, giving the\n"
<< " ability to mitigate BEAST attacks.\n"
<< " -k, --insecure Don't verify backend server's certificate\n"
<< " if -p, --client or --http2-bridge are given\n"
<< " and --backend-no-tls is not given\n"
<< " --cacert=<PATH> Set path to trusted CA certificate file\n"
<< " if -p, --client or --http2-bridge are given\n"
<< " and --backend-no-tls is not given\n"
<< " The file must be in PEM format. It can\n"
<< " contain multiple certificates. If the\n"
<< " linked OpenSSL is configured to load system\n"
<< " wide certificates, they are loaded\n"
<< " at startup regardless of this option.\n"
<< " --private-key-passwd-file=<FILEPATH>\n"
<< " Path to file that contains password for the\n"
<< " server's private key. If none is given and\n"
<< " the private key is password protected it'll\n"
<< " be requested interactively.\n"
<< " --subcert=<KEYPATH>:<CERTPATH>\n"
<< " Specify additional certificate and private\n"
<< " key file. nghttpx will choose certificates\n"
<< " based on the hostname indicated by client\n"
<< " using TLS SNI extension. This option can be\n"
<< " used multiple times.\n"
<< " --backend-tls-sni-field=<HOST>\n"
<< " Explicitly set the content of the TLS SNI\n"
<< " extension. This will default to the backend\n"
<< " HOST name.\n"
<< " --dh-param-file=<PATH>\n"
<< " Path to file that contains DH parameters in\n"
<< " PEM format. Without this option, DHE cipher\n"
<< " suites are not available.\n"
<< " --npn-list=<LIST> Comma delimited list of NPN/ALPN protocol sorted\n"
<< " in the order of preference. That means\n"
<< " most desirable protocol comes first.\n"
<< " The parameter must be delimited by a single\n"
<< " comma only and any white spaces are treated\n"
<< " as a part of protocol string.\n"
<< " Default: " << DEFAULT_NPN_LIST << "\n"
<< " --verify-client Require and verify client certificate.\n"
<< " --verify-client-cacert=<PATH>\n"
<< " Path to file that contains CA certificates\n"
<< " to verify client certificate.\n"
<< " The file must be in PEM format. It can\n"
<< " contain multiple certificates.\n"
<< " --client-private-key-file=<PATH>\n"
<< " Path to file that contains client private\n"
<< " key used in backend client authentication.\n"
<< " --client-cert-file=<PATH>\n"
<< " Path to file that contains client\n"
<< " certificate used in backend client\n"
<< " authentication.\n"
<< " --tls-proto-list=<LIST>\n"
<< " Comma delimited list of SSL/TLS protocol to\n"
<< " be enabled.\n"
<< " The following protocols are available:\n"
<< " TLSv1.2, TLSv1.1, TLSv1.0, SSLv3\n"
<< " The name matching is done in case-insensitive\n"
<< " manner.\n"
<< " The parameter must be delimited by a single\n"
<< " comma only and any white spaces are treated\n"
<< " as a part of protocol string.\n"
<< " Default: " << DEFAULT_TLS_PROTO_LIST << "\n"
<< "SSL/TLS:\n"
<< " --ciphers=<SUITE> Set allowed cipher list. The format of the\n"
<< " string is described in OpenSSL ciphers(1).\n"
<< " If this option is used, --honor-cipher-order\n"
<< " is implicitly enabled.\n"
<< " --honor-cipher-order\n"
<< " Honor server cipher order, giving the\n"
<< " ability to mitigate BEAST attacks.\n"
<< " -k, --insecure Don't verify backend server's certificate\n"
<< " if -p, --client or --http2-bridge are given\n"
<< " and --backend-no-tls is not given\n"
<< " --cacert=<PATH> Set path to trusted CA certificate file\n"
<< " if -p, --client or --http2-bridge are given\n"
<< " and --backend-no-tls is not given\n"
<< " The file must be in PEM format. It can\n"
<< " contain multiple certificates. If the\n"
<< " linked OpenSSL is configured to load system\n"
<< " wide certificates, they are loaded\n"
<< " at startup regardless of this option.\n"
<< " --private-key-passwd-file=<FILEPATH>\n"
<< " Path to file that contains password for the\n"
<< " server's private key. If none is given and\n"
<< " the private key is password protected it'll\n"
<< " be requested interactively.\n"
<< " --subcert=<KEYPATH>:<CERTPATH>\n"
<< " Specify additional certificate and private\n"
<< " key file. nghttpx will choose certificates\n"
<< " based on the hostname indicated by client\n"
<< " using TLS SNI extension. This option can be\n"
<< " used multiple times.\n"
<< " --backend-tls-sni-field=<HOST>\n"
<< " Explicitly set the content of the TLS SNI\n"
<< " extension. This will default to the backend\n"
<< " HOST name.\n"
<< " --dh-param-file=<PATH>\n"
<< " Path to file that contains DH parameters in\n"
<< " PEM format. Without this option, DHE cipher\n"
<< " suites are not available.\n"
<< " --npn-list=<LIST> Comma delimited list of NPN/ALPN protocol sorted\n"
<< " in the order of preference. That means\n"
<< " most desirable protocol comes first.\n"
<< " The parameter must be delimited by a single\n"
<< " comma only and any white spaces are treated\n"
<< " as a part of protocol string.\n"
<< " Default: " << DEFAULT_NPN_LIST << "\n"
<< " --verify-client Require and verify client certificate.\n"
<< " --verify-client-cacert=<PATH>\n"
<< " Path to file that contains CA certificates\n"
<< " to verify client certificate.\n"
<< " The file must be in PEM format. It can\n"
<< " contain multiple certificates.\n"
<< " --client-private-key-file=<PATH>\n"
<< " Path to file that contains client private\n"
<< " key used in backend client authentication.\n"
<< " --client-cert-file=<PATH>\n"
<< " Path to file that contains client\n"
<< " certificate used in backend client\n"
<< " authentication.\n"
<< " --tls-proto-list=<LIST>\n"
<< " Comma delimited list of SSL/TLS protocol to\n"
<< " be enabled.\n"
<< " The following protocols are available:\n"
<< " TLSv1.2, TLSv1.1, TLSv1.0, SSLv3\n"
<< " The name matching is done in case-insensitive\n"
<< " manner.\n"
<< " The parameter must be delimited by a single\n"
<< " comma only and any white spaces are treated\n"
<< " as a part of protocol string.\n"
<< " Default: " << DEFAULT_TLS_PROTO_LIST << "\n"
<< "\n"
<< " HTTP/2.0 and SPDY:\n"
<< " -c, --http2-max-concurrent-streams=<NUM>\n"
<< " Set the maximum number of the concurrent\n"
<< " streams in one HTTP/2.0 and SPDY session.\n"
<< " Default: "
<< "HTTP/2.0 and SPDY:\n"
<< " -c, --http2-max-concurrent-streams=<NUM>\n"
<< " Set the maximum number of the concurrent\n"
<< " streams in one HTTP/2.0 and SPDY session.\n"
<< " Default: "
<< get_config()->http2_max_concurrent_streams << "\n"
<< " --frontend-http2-window-bits=<N>\n"
<< " Sets the per-stream initial window size of HTTP/2.0\n"
<< " SPDY frontend connection. For HTTP/2.0, the size is\n"
<< " 2**<N>-1. For SPDY, the size is 2**<N>\n"
<< " Default: "
<< " --frontend-http2-window-bits=<N>\n"
<< " Sets the per-stream initial window size of HTTP/2.0\n"
<< " SPDY frontend connection. For HTTP/2.0, the size is\n"
<< " 2**<N>-1. For SPDY, the size is 2**<N>\n"
<< " Default: "
<< get_config()->http2_upstream_window_bits << "\n"
<< " --frontend-http2-connection-window-bits=<N>\n"
<< " Sets the per-connection window size of HTTP/2.0 and\n"
<< " SPDY frontend connection. For HTTP/2.0, the size is\n"
<< " 2**<N>-1. For SPDY, the size is 2**<N>.\n"
<< " Default: "
<< " --frontend-http2-connection-window-bits=<N>\n"
<< " Sets the per-connection window size of HTTP/2.0 and\n"
<< " SPDY frontend connection. For HTTP/2.0, the size is\n"
<< " 2**<N>-1. For SPDY, the size is 2**<N>.\n"
<< " Default: "
<< get_config()->http2_upstream_connection_window_bits << "\n"
<< " --frontend-no-tls Disable SSL/TLS on frontend connections.\n"
<< " --backend-http2-window-bits=<N>\n"
<< " Sets the initial window size of HTTP/2.0 backend\n"
<< " connection to 2**<N>-1.\n"
<< " Default: "
<< " --frontend-no-tls Disable SSL/TLS on frontend connections.\n"
<< " --backend-http2-window-bits=<N>\n"
<< " Sets the initial window size of HTTP/2.0 backend\n"
<< " connection to 2**<N>-1.\n"
<< " Default: "
<< get_config()->http2_downstream_window_bits << "\n"
<< " --backend-http2-connection-window-bits=<N>\n"
<< " Sets the per-connection window size of HTTP/2.0\n"
<< " backend connection to 2**<N>-1.\n"
<< " Default: "
<< " --backend-http2-connection-window-bits=<N>\n"
<< " Sets the per-connection window size of HTTP/2.0\n"
<< " backend connection to 2**<N>-1.\n"
<< " Default: "
<< get_config()->http2_downstream_connection_window_bits << "\n"
<< " --backend-no-tls Disable SSL/TLS on backend connections.\n"
<< " --http2-no-cookie-crumbling\n"
<< " Don't crumble cookie header field.\n"
<< " --padding=<N> Add at most <N> bytes to a HTTP/2 frame payload\n"
<< " as padding.\n"
<< " Specify 0 to disable padding. This option is\n"
<< " meant for debugging purpose and not intended\n"
<< " to enhance protocol security.\n"
<< " --backend-no-tls Disable SSL/TLS on backend connections.\n"
<< " --http2-no-cookie-crumbling\n"
<< " Don't crumble cookie header field.\n"
<< " --padding=<N> Add at most <N> bytes to a HTTP/2 frame payload\n"
<< " as padding.\n"
<< " Specify 0 to disable padding. This option is\n"
<< " meant for debugging purpose and not intended\n"
<< " to enhance protocol security.\n"
<< "\n"
<< " Mode:\n"
<< " (default mode) Accept HTTP/2.0, SPDY and HTTP/1.1 over\n"
<< " SSL/TLS. If --frontend-no-tls is used,\n"
<< " accept HTTP/2.0 and HTTP/1.1. The incoming\n"
<< " HTTP/1.1 connection can be upgraded to\n"
<< " HTTP/2.0 through HTTP Upgrade.\n"
<< " The protocol to the backend is HTTP/1.1.\n"
<< " -s, --http2-proxy Like default mode, but enable secure proxy mode.\n"
<< " --http2-bridge Like default mode, but communicate with the\n"
<< " backend in HTTP/2.0 over SSL/TLS. Thus the\n"
<< " incoming all connections are converted\n"
<< " to HTTP/2.0 connection and relayed to\n"
<< " the backend. See --backend-http-proxy-uri\n"
<< " option if you are behind the proxy and want\n"
<< " to connect to the outside HTTP/2.0 proxy.\n"
<< " --client Accept HTTP/2.0 and HTTP/1.1 without SSL/TLS.\n"
<< " The incoming HTTP/1.1 connection can be\n"
<< " upgraded to HTTP/2.0 connection through\n"
<< " HTTP Upgrade.\n"
<< " The protocol to the backend is HTTP/2.0.\n"
<< " To use nghttpx as a forward proxy, use -p\n"
<< " option instead.\n"
<< " -p, --client-proxy Like --client option, but it also requires\n"
<< " the request path from frontend must be\n"
<< " an absolute URI, suitable for use as a\n"
<< " forward proxy.\n"
<< "Mode:\n"
<< " (default mode) Accept HTTP/2.0, SPDY and HTTP/1.1 over\n"
<< " SSL/TLS. If --frontend-no-tls is used,\n"
<< " accept HTTP/2.0 and HTTP/1.1. The incoming\n"
<< " HTTP/1.1 connection can be upgraded to\n"
<< " HTTP/2.0 through HTTP Upgrade.\n"
<< " The protocol to the backend is HTTP/1.1.\n"
<< " -s, --http2-proxy Like default mode, but enable secure proxy mode.\n"
<< " --http2-bridge Like default mode, but communicate with the\n"
<< " backend in HTTP/2.0 over SSL/TLS. Thus the\n"
<< " incoming all connections are converted\n"
<< " to HTTP/2.0 connection and relayed to\n"
<< " the backend. See --backend-http-proxy-uri\n"
<< " option if you are behind the proxy and want\n"
<< " to connect to the outside HTTP/2.0 proxy.\n"
<< " --client Accept HTTP/2.0 and HTTP/1.1 without SSL/TLS.\n"
<< " The incoming HTTP/1.1 connection can be\n"
<< " upgraded to HTTP/2.0 connection through\n"
<< " HTTP Upgrade.\n"
<< " The protocol to the backend is HTTP/2.0.\n"
<< " To use nghttpx as a forward proxy, use -p\n"
<< " option instead.\n"
<< " -p, --client-proxy Like --client option, but it also requires\n"
<< " the request path from frontend must be\n"
<< " an absolute URI, suitable for use as a\n"
<< " forward proxy.\n"
<< "\n"
<< " Logging:\n"
<< " -L, --log-level=<LEVEL>\n"
<< " Set the severity level of log output.\n"
<< " INFO, WARNING, ERROR and FATAL.\n"
<< " Default: WARNING\n"
<< " --accesslog Print simple accesslog to stderr.\n"
<< " --syslog Send log messages to syslog.\n"
<< " --syslog-facility=<FACILITY>\n"
<< " Set syslog facility.\n"
<< " Default: "
<< "Logging:\n"
<< " -L, --log-level=<LEVEL>\n"
<< " Set the severity level of log output.\n"
<< " INFO, WARNING, ERROR and FATAL.\n"
<< " Default: WARNING\n"
<< " --accesslog Print simple accesslog to stderr.\n"
<< " --syslog Send log messages to syslog.\n"
<< " --syslog-facility=<FACILITY>\n"
<< " Set syslog facility.\n"
<< " Default: "
<< str_syslog_facility(get_config()->syslog_facility) << "\n"
<< "\n"
<< " Misc:\n"
<< " --add-x-forwarded-for\n"
<< " Append X-Forwarded-For header field to the\n"
<< " downstream request.\n"
<< " --no-via Don't append to Via header field. If Via\n"
<< " header field is received, it is left\n"
<< " unaltered.\n"
<< " --frontend-http2-dump-request-header=<PATH>\n"
<< " Dumps request headers received by HTTP/2.0\n"
<< " frontend to the file denoted in PATH.\n"
<< " The output is done in HTTP/1 header field\n"
<< " format and each header block is followed by\n"
<< " an empty line.\n"
<< " This option is not thread safe and MUST NOT\n"
<< " be used with option -n=N, where N >= 2.\n"
<< " --frontend-http2-dump-response-header=<PATH>\n"
<< " Dumps response headers sent from HTTP/2.0\n"
<< " frontend to the file denoted in PATH.\n"
<< " The output is done in HTTP/1 header field\n"
<< " format and each header block is followed by\n"
<< " an empty line.\n"
<< " This option is not thread safe and MUST NOT\n"
<< " be used with option -n=N, where N >= 2.\n"
<< " -o, --frontend-frame-debug\n"
<< " Print HTTP/2 frames in frontend to stderr.\n"
<< " This option is not thread safe and MUST NOT\n"
<< " be used with option -n=N, where N >= 2.\n"
<< " -D, --daemon Run in a background. If -D is used, the\n"
<< " current working directory is changed to '/'.\n"
<< " --pid-file=<PATH> Set path to save PID of this program.\n"
<< " --user=<USER> Run this program as USER. This option is\n"
<< " intended to be used to drop root privileges.\n"
<< " --conf=<PATH> Load configuration from PATH.\n"
<< " Default: "
<< "Misc:\n"
<< " --add-x-forwarded-for\n"
<< " Append X-Forwarded-For header field to the\n"
<< " downstream request.\n"
<< " --no-via Don't append to Via header field. If Via\n"
<< " header field is received, it is left\n"
<< " unaltered.\n"
<< " --frontend-http2-dump-request-header=<PATH>\n"
<< " Dumps request headers received by HTTP/2.0\n"
<< " frontend to the file denoted in PATH.\n"
<< " The output is done in HTTP/1 header field\n"
<< " format and each header block is followed by\n"
<< " an empty line.\n"
<< " This option is not thread safe and MUST NOT\n"
<< " be used with option -n=N, where N >= 2.\n"
<< " --frontend-http2-dump-response-header=<PATH>\n"
<< " Dumps response headers sent from HTTP/2.0\n"
<< " frontend to the file denoted in PATH.\n"
<< " The output is done in HTTP/1 header field\n"
<< " format and each header block is followed by\n"
<< " an empty line.\n"
<< " This option is not thread safe and MUST NOT\n"
<< " be used with option -n=N, where N >= 2.\n"
<< " -o, --frontend-frame-debug\n"
<< " Print HTTP/2 frames in frontend to stderr.\n"
<< " This option is not thread safe and MUST NOT\n"
<< " be used with option -n=N, where N >= 2.\n"
<< " -D, --daemon Run in a background. If -D is used, the\n"
<< " current working directory is changed to '/'.\n"
<< " --pid-file=<PATH> Set path to save PID of this program.\n"
<< " --user=<USER> Run this program as USER. This option is\n"
<< " intended to be used to drop root privileges.\n"
<< " --conf=<PATH> Load configuration from PATH.\n"
<< " Default: "
<< get_config()->conf_path << "\n"
<< " -v, --version Print version and exit.\n"
<< " -h, --help Print this help and exit.\n"
<< " -v, --version Print version and exit.\n"
<< " -h, --help Print this help and exit.\n"
<< std::endl;
}
} // namespace