Add --frontend-quic-secret-file to read QUIC keying materials from
file. --frontend-quic-connection-id-encryption-key was removed in
favor of this new option.
Forward QUIC UDP datagram to lingering worker process which is in
graceful shutdown. Both SIGHUP and SIGUSR2 work. To make this work
correctly, eBPF is required.
With --ocsp-startup option, nghttpx starts accepting connections after
initial attempts to get OCSP responses finish. It does not matter
some of the attempts fail. This feature is useful if OCSP responses
must be available before accepting connections.
Previously, nghttpx will use only one single thread inside the worker
process if --workers=1 (this is default). If --workers=N, N > 1, we
use additional threads for accepting connections, or API request
processing, etc.
With this commit, we use the same processing model for N > 1 even if N
== 1. To restore the original single thread execution mode,
--single-worker option is added. If threading is disabled
--single-worker is always true.
Normally, we don't have wait for child process to exit, since init can
take care of them. But in containerized environment, pid 0 init might
not be available, and defunct processes can be piled up. This commit
ensures that OCSP and neverbleed processes are waited for before
worker process exits.
Previously, we didn't retry request on connection failure. Sometimes
we hit the edge case where connection is about to lost just when we
write request. To avoid this situation, we now retry request to
failed attempt. We also add ConnectBlocker to MemcachedConnection not
to attempt to connect to memcached if connection could not be made
previously.
This change allows user to disable TLS per frontend address using
no-tls keyword in --frontend option. We removed --frontend-no-tls in
favor of this new feature.
To keep ipc channel being read from worker process, default loop
should not be stopped. To join all worker threads, now we use
dedicated thread to do this. When all worker threads are joined,
ev_async_send sends message to default loop, and it is finally
stopped.
Tatsuhiro Tsujikawa
Vernon Tang