Commit Graph

757 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa f59a9c5c58 nghttpx: Disable TLS renegotiation properly
4ed4efc does not disable TLS renegotiation at all, if client keeps
rengotiations without sending application data. In this change,
we intercept the raw incoming data from the client and if it is a
renegotiation, drop the connection immediately.
2014-01-19 17:25:18 +09:00
Tatsuhiro Tsujikawa 6f5e1662c6 nghttpx: Handle error from Downstream::resume_read() 2014-01-19 14:42:42 +09:00
Tatsuhiro Tsujikawa becc206ba9 nghttpx: Don't show warning WINDOW_UPDATE failure for HTTP/1 downstream 2014-01-19 00:38:11 +09:00
Tatsuhiro Tsujikawa 4ed4efc241 nghttpx: Disable TLS renegotiation 2014-01-18 19:53:52 +09:00
Tatsuhiro Tsujikawa 8f3d4fdeec nghttpx: Remove deprecated evbuffer_setcb, send WU before buffer gets empty 2014-01-18 18:39:25 +09:00
Tatsuhiro Tsujikawa 0872ce27f4 nghttpx: Use nghttp2_session_mem_recv instead of nghttp2_session_recv 2014-01-18 16:50:52 +09:00
Tatsuhiro Tsujikawa 50dd7ada50 nghttpx: Code cleanup 2014-01-18 16:32:22 +09:00
Tatsuhiro Tsujikawa 59ff0b2f77 nghttpx: Propagate upstream priority change to downstream 2014-01-18 16:12:03 +09:00
Tatsuhiro Tsujikawa 68b5204f29 src: Set errno = 0 before calling strtol 2014-01-18 15:32:50 +09:00
Tatsuhiro Tsujikawa 707a0b4103 Move name/value validation functions to src
nghttp2 library itself now accept octet header/value pairs,
completely not restricted by HTTP/1 header name/value rule.
The applications may impose restriction about them using
validators.
2014-01-17 02:16:53 +09:00
Tatsuhiro Tsujikawa 0e4b3d435e Emit header name/value pair using callback functions
Now, in nghttp2_on_frame_recv_callback, nva and nvlen in
HEADERS and PUSH_PROMISE frames are always NULL and 0 respectively.
The header name/value pairs are emitted successive
nghttp2_on_header_callback functions. The end of header fields are
signaled with nghttp2_on_end_headers_callback function.

Since NGHTTP2_ERR_PAUSE for nghttp2_on_frame_recv_callback is
introduced to handle header block, it is now deprecated.
Instead, nghttp2_on_header_callback can be paused using
NGHTTP2_ERR_PAUSE.
2014-01-17 01:49:43 +09:00
Tatsuhiro Tsujikawa 8fdc37ab13 src: Don't show option candidates if full-match or single prefix-match 2014-01-13 23:51:10 +09:00
Tatsuhiro Tsujikawa a54c5bef54 src: Must suffix-match at least 3 characters to be a option candidate 2014-01-13 23:29:10 +09:00
Tatsuhiro Tsujikawa 8c6f3d1054 nghttpx: Set our own default cipher list 2014-01-13 23:01:22 +09:00
Tatsuhiro Tsujikawa 59c10ea4c2 src: Make the cost of suffix matched option 0 2014-01-12 22:02:19 +09:00
Tatsuhiro Tsujikawa c3949b0d7f Fix compiler warning 2014-01-11 17:49:33 +09:00
Tatsuhiro Tsujikawa da9bbb58fb HPACK tools: Use JSON data format used in hpack-test-case
The input and output data format now use same JSON format used in
hpack-test-case.
2014-01-11 17:02:14 +09:00
Tatsuhiro Tsujikawa 0e9390d5ad Move http-parser to third-party dir and fix `make distcheck` 2014-01-11 00:36:20 +09:00
Tatsuhiro Tsujikawa 505d607b22 src: Update .gitignore 2014-01-10 23:22:23 +09:00
Tatsuhiro Tsujikawa 9dcd6b003d Refactor configure options
--enable-src is renamed as --enable-app. Fix build failure if
libxml2 is not available.
2014-01-10 23:19:36 +09:00
Tatsuhiro Tsujikawa 0f1dea4f42 Move HPACK tools from hdtest to src 2014-01-10 21:53:48 +09:00
Tatsuhiro Tsujikawa 25a6596e77 nghttpx: Call Http2Session::disconnect() if initiate_connection() failed
This will clean up resources allocated in initiate_connection()
properly.
2014-01-10 21:32:39 +09:00
Tatsuhiro Tsujikawa 8721631287 nghttp: Fix port checking to share connection 2014-01-10 00:59:14 +09:00
Tatsuhiro Tsujikawa 88d31ada75 src: Handle PUSH_PROMISE from client and request HEADERS from server
They are just RST_STREAMed for now
2014-01-09 23:47:21 +09:00
Tatsuhiro Tsujikawa 90ea7ba92a src: Add command-line option guess 2014-01-09 01:27:56 +09:00
Tatsuhiro Tsujikawa a15fc5fbb4 nghttpx: Send acceptable list of CAs when client cert auth is enabled 2014-01-09 00:07:51 +09:00
Tatsuhiro Tsujikawa c36ce28f69 src: Call SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN) 2014-01-08 23:32:47 +09:00
Tatsuhiro Tsujikawa dacfecf41a lib, src, hdtest: Ensure that config.h is included 2014-01-08 23:30:02 +09:00
Tatsuhiro Tsujikawa ecc4290d3d nghttp: Fix crash on plain HTTP 2014-01-08 02:15:46 +09:00
Tatsuhiro Tsujikawa c531e691fc src: Use SSLv23_method for tests 2014-01-06 16:07:18 +09:00
Tatsuhiro Tsujikawa f2e830309e src: Add test for shrpx_config 2014-01-06 16:06:02 +09:00
Tatsuhiro Tsujikawa 7ce3065f32 nghttpx: Add --tls-proto-list option to enable SSL/TLS protocol selectively 2014-01-02 13:08:54 +09:00
Tatsuhiro Tsujikawa 3e21bed4f9 nghttpx: Make parse_config_npn_list generic 2014-01-02 13:08:54 +09:00
Tatsuhiro Tsujikawa 20877b1107 nghttpx: Don't allow application protocol not listed in --npn-list option 2014-01-02 00:53:07 +09:00
Tatsuhiro Tsujikawa 78e5149495 src: Support ALPN
Requires unreleased OpenSSL >= 1.0.2
2014-01-02 00:15:08 +09:00
Tatsuhiro Tsujikawa f0d7323902 nghttpx: Use SSL_CTX_set_ecdh_auto for OpenSSL >= 1.0.2 2014-01-01 23:26:00 +09:00
Tatsuhiro Tsujikawa 73866124f3 nghttp: Untabify 2013-12-31 11:15:58 +09:00
David Weekly 19e187cd92 More useful warning on NPN negotiation failure due to draft version mismatch 2013-12-31 00:12:21 +00:00
Tatsuhiro Tsujikawa 1c43cdbbc8 nghttpx: Don't rewrite location if proxy mode is used 2013-12-28 17:02:43 +09:00
Tatsuhiro Tsujikawa c0726036b1 nghttpd: Use -1 as backlog 2013-12-27 00:02:43 +09:00
Tatsuhiro Tsujikawa ad369ec299 nghttpx: Use -1 as default value of --backlog 2013-12-26 21:39:00 +09:00
Tatsuhiro Tsujikawa 9cb8754d09 Rename nghttp2_session_fail_session as nghttp2_session_terminate_session 2013-12-26 00:23:07 +09:00
Tatsuhiro Tsujikawa 5bb1c653ef src: Omit \r\n sanitization on header value
This is because nghttp2 and spdylay now don't allow \r\n in header
value. Require spdylay >= 1.2.3.
2013-12-26 00:08:42 +09:00
Tatsuhiro Tsujikawa 04e496d7bd nghttpd: Use nghttp2_session_fail_session instead of nghttp2_submit_goaway 2013-12-25 00:40:57 +09:00
Tatsuhiro Tsujikawa f8356dd037 nghttp: Use nghttp2_session_fail_session instead of nghttp2_submit_goaway 2013-12-25 00:28:58 +09:00
Tatsuhiro Tsujikawa 53271e1e52 nghttp: Close fd on disconnect 2013-12-22 19:23:01 +09:00
Tatsuhiro Tsujikawa c4539046be nghttpx: No string copy if no cookie crumbling occurs 2013-12-22 15:42:12 +09:00
Tatsuhiro Tsujikawa 2af9a37643 src: Code cleanup 2013-12-22 15:33:37 +09:00
Tatsuhiro Tsujikawa e955598923 nghttpx: Remove downstream_port from location rewrite code 2013-12-21 18:35:53 +09:00
Tatsuhiro Tsujikawa 9afebcb229 nghttpx: Ignore port when rewriting location header 2013-12-21 18:26:11 +09:00
Tatsuhiro Tsujikawa ccfa13cd5b nghttpx: Rewrite location header field
We thought that this kind of rewrite can be achieved by the configuration
of the backend severs, but in some configuration, however, it may get
complicated. So we decided to implement at least location rewrite in
nghttpx.

This commit also contains a fix to the bug which prevents the http2
backend request from concatenating header fields with the same value.
2013-12-21 17:49:31 +09:00
Tatsuhiro Tsujikawa bb70cdf6ad src: Rename verbose callback functions 2013-12-20 23:48:56 +09:00
Tatsuhiro Tsujikawa 9f7b231c2c nghttpx: Code cleanup 2013-12-20 23:36:24 +09:00
Tatsuhiro Tsujikawa b38b233aa6 nghttpx: Check failure of evbuffer_* and bufferevent_* functions 2013-12-20 23:28:54 +09:00
Tatsuhiro Tsujikawa 873d457dd2 nghttpx: Fix log message 2013-12-20 22:44:30 +09:00
Tatsuhiro Tsujikawa ff2eb0de81 Update doc 2013-12-16 21:17:25 +09:00
Tatsuhiro Tsujikawa 7222f63dbd Revert 3c57327274
It may violate draft-09 section 8.1.3.1. Proxy should perseve
host header field.
2013-12-16 21:14:31 +09:00
Tatsuhiro Tsujikawa 3c57327274 nghttpx: Remove host if :authority is available on HTTP2 downstream request 2013-12-15 18:09:56 +09:00
Tatsuhiro Tsujikawa f4ae707bf2 Revert 0b7b95923e 2013-12-13 21:46:41 +09:00
Tatsuhiro Tsujikawa 0b7b95923e nghttp: Adjust relative priority with -a 2013-12-11 23:26:55 +09:00
Tatsuhiro Tsujikawa 09ba2e8c78 nghttp: Ensure that all settings can be encoded in settings_payload 2013-12-09 21:12:09 +09:00
Tatsuhiro Tsujikawa c3a361fb52 nghttpd: Create Request object in hd_before_frame_send_callback
This is pathological case, but we may get RST_STREAM to the promised
stream while we are sending PUSH_PROMISE. To handle this case,
instantiate Request object before transmission.
2013-12-09 00:22:01 +09:00
Tatsuhiro Tsujikawa ed1d7cdea4 nghttpd: Fix allow_push is not used 2013-12-09 00:04:54 +09:00
Tatsuhiro Tsujikawa 47f53940da nghttpd: Add -p, --push option to configure server push
The option syntax is <PATH>=<PUSH_PATH,...>.
Push resources PUSH_PATHs when PATH is requested. This option can be used
repeatedly to specify multiple push configurations. For example,
  -p/=/foo.png -p/doc=/bar.css
PATH and PUSH_PATHs are relative to document root.
2013-12-09 00:00:12 +09:00
Tatsuhiro Tsujikawa 658b7d0727 src: Replace MAKE_NV macros with function templates 2013-12-08 22:31:43 +09:00
Tatsuhiro Tsujikawa 6c77cec270 Remove nghttp2_submit_* API functions which has char **nv parameter
The nghttp2_submit_{request,response}2 functions are renamed as
nghttp2_submit_{request, response}.
2013-12-08 21:39:43 +09:00
Tatsuhiro Tsujikawa baa2272b0a src: Concatenate header fields with same name by NULL as delimiter
cookie and set-cookie are treated specially and won't be concatenated.
2013-12-07 00:32:14 +09:00
Tatsuhiro Tsujikawa 6ea91e57e0 Adjust struct/class alignment 2013-12-06 23:17:38 +09:00
Tatsuhiro Tsujikawa e596385fc0 src: Split NULL-separated values 2013-12-05 21:54:36 +09:00
Tatsuhiro Tsujikawa 1f0dfd4316 nghttpx: Update doc 2013-12-01 20:55:16 +09:00
Tatsuhiro Tsujikawa 93ad48fe6c nghttpx: Update usage 2013-11-29 22:59:49 +09:00
Tatsuhiro Tsujikawa d1049f389f nghttpx: Use nghttp2_submit_{request, response}2 API 2013-11-28 21:36:04 +09:00
Tatsuhiro Tsujikawa 679a389bd3 nghttpx: Code cleanup 2013-11-26 22:57:29 +09:00
Tatsuhiro Tsujikawa bbebc4ad8d nghttpx: Fix crash on CONNECT or downstream failure 2013-11-21 02:06:28 +09:00
Tatsuhiro Tsujikawa 01f7162be3 nghttpx: Add connection-level flow control window size options
This commit also changes SPDY's flow control size. Previously,
the size for SPDY is the same amount of bytes with HTTP/2.
For example, --frontend-http2-upstream-window-bits=N,
the window size is 2**N - 1. Now SPDY code uses 2**N.
2013-11-21 00:15:17 +09:00
Tatsuhiro Tsujikawa 53b3fba05b nghttpx: Add --http2-no-cookie-crumbling option 2013-11-18 00:03:55 +09:00
Tatsuhiro Tsujikawa faedc4381d nghttpx: Add options to dump HTTP headers in HTTP/2.0 upstream 2013-11-17 23:52:19 +09:00
Tatsuhiro Tsujikawa e14baf134c nghttpx: Implement cookie crumbling 2013-11-16 21:15:55 +09:00
Tatsuhiro Tsujikawa 0c669898a4 nghttp: Allow multiple same headers in -H 2013-11-16 21:13:09 +09:00
Tatsuhiro Tsujikawa a255e4efa6 nghttpx: Use same priority in frontend and backend HTTP2 2013-11-16 15:41:24 +09:00
Tatsuhiro Tsujikawa 81cf484124 Don't DIE when establishing backend HTTP2 connection failed 2013-11-16 01:31:32 +09:00
Tatsuhiro Tsujikawa d946b06e51 src/http-parser: Update to latest HEAD 2013-11-14 23:53:48 +09:00
Tatsuhiro Tsujikawa 40347487c9 Don't sort headers in library code
Remove sorting headers from library code. The application must sort
them if necessary. nghttpx and nghttpd do the sorting of the headers
in stable way if names are equal.
2013-11-13 23:56:02 +09:00
Tatsuhiro Tsujikawa 0ba2883940 nghttpx: Use initial window size in config directly 2013-11-12 11:08:43 +09:00
Tatsuhiro Tsujikawa 58beaa371d nghttpx: Support spdy/3.1, require spdylay >= 1.2.0 2013-11-12 11:03:46 +09:00
Tatsuhiro Tsujikawa b405b4bc9f src: Fix token68 decoding 2013-11-09 16:18:01 +09:00
Tatsuhiro Tsujikawa 2ae788eddd Replace nghttp2_set_option with nghttp2_session_{client,server}_new2
nghttp2_session_client_new2 and nghttp2_session_server_new2 take
additional parameters which specifies session options.
nghttp2_set_option is somewhat crumsy because of type checking.
Now we use nghttp2_opt_set, which specifies individual options with
types. We changed the value of nghttp2_opt, so this change will
require re-compile.
2013-11-08 00:12:39 +09:00
Tatsuhiro Tsujikawa e684b8149b nghttpd: Fix -c option 2013-11-06 23:32:32 +09:00
Tatsuhiro Tsujikawa be5d08647e nghttpd: Add -c, --header-table-size option 2013-11-05 23:44:20 +09:00
Tatsuhiro Tsujikawa b1905c5815 nghttpx: More replacement of spdy with http2 2013-11-04 18:22:29 +09:00
Tatsuhiro Tsujikawa 0fcd14300a nghttpx: Rename PROTO_SPDY with PROTO_HTTP2 for backend protocol name 2013-11-04 18:15:56 +09:00
Tatsuhiro Tsujikawa ba3db66cec nghttpx: Replace "spdy" in option name with "http2" 2013-11-04 18:14:05 +09:00
Tatsuhiro Tsujikawa f3d71aa5bb nghttpx: Rename Spdy{Session,DownstreamConnection} to Http2{*} 2013-11-04 17:53:57 +09:00
Tatsuhiro Tsujikawa a483105e11 nghttpx: Set read/write timeout for HTTP/2 backend as well 2013-11-04 17:22:52 +09:00
Tatsuhiro Tsujikawa 69967aeef8 nghttpx: Add --client-private-key-file and --client-cert-file options 2013-11-02 23:34:25 +09:00
Tatsuhiro Tsujikawa 5bb7066474 nghttpx: Add --verify-client-cacert option
Using --cacert to load certificate for client certificate authentication
is problematic since, --cacert is also used for client mode.
This commit adds --verify-client-cacert option which specify the CA
certficate file used only for client certificate validation.
This change also removes the default certficate load function for
client certificate validation.
2013-11-02 21:41:05 +09:00
Tatsuhiro Tsujikawa 41208950ec nghttpx: Disable push in HTTP/2 backend 2013-11-02 16:59:59 +09:00
Tatsuhiro Tsujikawa 02acfd7d70 nghttpx: Add --verify-client option
This option requires client certificate and successful verification.
Use --cacert option to add CA certificates as necessary.
2013-11-02 01:10:18 +09:00
Tatsuhiro Tsujikawa 1835bda02e nghttp, nghttpd: Add --color option to force colored log output 2013-11-01 23:06:53 +09:00
Tatsuhiro Tsujikawa d9f5451810 nghttpx: Add SETTINGS ACK timeout to HTTP/2 backend connections 2013-10-31 21:45:17 +09:00
Tatsuhiro Tsujikawa e0fe939951 nghttpx: Add SETTINGS timeout timer to Http2Upstream 2013-10-31 00:44:23 +09:00
Tatsuhiro Tsujikawa 3ea28863e4 nghttpx: Set "dconn_ is null" log in INFO 2013-10-30 01:26:28 +09:00
Tatsuhiro Tsujikawa dfa1194804 Add new API to return effective recv data/win size for connection
Using this feature, connection level flow control is now enabled
in nghttpx.
2013-10-30 00:51:01 +09:00
Tatsuhiro Tsujikawa b75455dd96 nghttpx: Remove recv data length calculation in HTTP/2 code 2013-10-30 00:10:28 +09:00
Tatsuhiro Tsujikawa 6c23c34d77 Add new API to return effective received data length and local window size 2013-10-30 00:07:35 +09:00
Tatsuhiro Tsujikawa 9b6a0e5875 nghttpx: Fix stream hang with request body
The end of request stream is not detected correct place.
Also Downstream::end_upload_data() is not called.
2013-10-30 00:00:58 +09:00
Tatsuhiro Tsujikawa 0ced4741d2 nghttpx: Remove flow control error detection code
Now flow control error detection is handled by the library
2013-10-29 22:46:38 +09:00
Tatsuhiro Tsujikawa 535329779c nghttp: Add --header-table-size option 2013-10-29 21:34:22 +09:00
Tatsuhiro Tsujikawa dc61f705df nghttp, nghttpd: Add SETTINGS timeout handling
SETTINGS timeout is 10 seconds for now.
2013-10-27 23:02:39 +09:00
Tatsuhiro Tsujikawa 5ace898392 Update error code 2013-10-27 19:31:24 +09:00
Tatsuhiro Tsujikawa a46ccdb144 Apply initiated SETTINGS changes on reception of ACK 2013-10-27 19:22:51 +09:00
Tatsuhiro Tsujikawa 2afa9f75f5 src/HttpServer: Fix compile error 2013-10-27 17:00:41 +09:00
Tatsuhiro Tsujikawa 5ca8f147f2 nghttpx: Code cleanup 2013-10-27 16:25:50 +09:00
Tatsuhiro Tsujikawa 67553d47e0 nghttpx: Use :authority and host instead of :host 2013-10-27 16:25:50 +09:00
Tatsuhiro Tsujikawa c4ae19e2a0 nghttp, nghttpd: Use :authority and host instead of :host 2013-10-27 16:25:50 +09:00
Tatsuhiro Tsujikawa 8f8c841df0 Merge branch 'master' into hpack-exp 2013-10-25 22:51:51 +09:00
Tatsuhiro Tsujikawa 896db5b24f API change: Add flags parameter to all submit_* functions
The nghttp2_submit_{request,response} family do not get this change.
2013-10-25 22:50:24 +09:00
Tatsuhiro Tsujikawa b193069110 Merge branch 'master' into hpack-exp 2013-10-23 23:23:51 +09:00
Tatsuhiro Tsujikawa 8c855c5567 src: Use std::vector to store name/value pairs 2013-10-23 23:18:24 +09:00
Tatsuhiro Tsujikawa 5add90489f Protocol ID change for HPACK experiment 2013-10-16 01:19:06 +09:00
Tatsuhiro Tsujikawa e85418f045 Fix local window size adjustments
Now shrinking local window size properly limits the amount of
WINDOW_UPDATE value so that shrinked window is honored.
2013-10-12 17:02:37 +09:00
Tatsuhiro Tsujikawa 2e7edf88bc nghttp: Add -W option to specify connection level window size bits 2013-10-10 22:04:37 +09:00
Tatsuhiro Tsujikawa 154a0014ef nghttp: Fix typo in help message 2013-10-10 21:25:53 +09:00
Tatsuhiro Tsujikawa 6249038cc0 src: Print headers in PUSH_PROMISE 2013-10-10 21:24:54 +09:00
Tatsuhiro Tsujikawa f355187176 nghttpx: Fix missing extension HTTP status code in response 2013-10-02 23:29:44 +09:00
Tatsuhiro Tsujikawa c7ce6d811e src/shrpx_config.cc: Code cleanup 2013-10-02 23:13:25 +09:00
Tatsuhiro Tsujikawa d90e0d4262 src/HtmlParser: Code cleanup 2013-10-02 23:08:47 +09:00
Tatsuhiro Tsujikawa a9ba00914e nghttpx: Log error_code when submitting RST_STREAM 2013-09-30 00:13:04 +09:00
Tatsuhiro Tsujikawa 8e9f08f81d nghttp: Assign different priority according to the resource type 2013-09-29 18:58:46 +09:00
Tatsuhiro Tsujikawa 31ae1fe660 app_helper.cc: Handle NGHTTP2_COMPRESSION_ERROR in strstatus 2013-09-28 22:57:12 +09:00
Tatsuhiro Tsujikawa bfe7a9af00 nghttp: Fix crash if attrs parameter of get_attr() is nullptr 2013-09-26 22:56:26 +09:00
Tatsuhiro Tsujikawa 55b8a0b777 shrpx_http2_upstream: Use std::unique_ptr for pre_upstream_ 2013-09-26 21:46:35 +09:00
Tatsuhiro Tsujikawa 3368c8b378 nghttpx: Fix wrong version ID in Upgrade response header field 2013-09-26 21:46:03 +09:00
Tatsuhiro Tsujikawa c5912341ad nghttpx: Fix crash on upgrade success 2013-09-26 21:39:19 +09:00
Tatsuhiro Tsujikawa 825c1bac6b shrpx_downstream.cc: Utilize std::move 2013-09-24 23:53:55 +09:00
Tatsuhiro Tsujikawa dc0af2e074 shrpx_https_upstream.cc: Code cleanup 2013-09-24 23:39:36 +09:00
Tatsuhiro Tsujikawa a0326b3f2b nghttpx: Handle error from bufferevent_socket_new and event_base_new 2013-09-24 23:17:53 +09:00
Tatsuhiro Tsujikawa 57f5730756 shrpx_http_downstream_connection.cc: Code cleanup 2013-09-24 21:42:50 +09:00
Tatsuhiro Tsujikawa 2572fb6fb4 shrpx.cc: Code cleanup 2013-09-24 21:34:59 +09:00
Tatsuhiro Tsujikawa 991f14846d shrpx_spdy_session.cc: Code cleanup 2013-09-24 21:34:04 +09:00
Tatsuhiro Tsujikawa e1dfc1cdc5 shrpx_spdy_session: Use std::unique_ptr for proxy_htp_ 2013-09-24 21:31:48 +09:00
Tatsuhiro Tsujikawa 769f560586 shrpx_https_upstream: Embed http_parser 2013-09-24 21:31:48 +09:00
Tatsuhiro Tsujikawa 811173f5c8 shrxp_worker.cc: Use std::unique_ptr for ThreadEventReceiver 2013-09-24 21:31:48 +09:00
Tatsuhiro Tsujikawa b459e42ee5 shrpx_ssl.cc: Use std::unique_ptr for ssl_locks 2013-09-24 21:31:48 +09:00
Tatsuhiro Tsujikawa cdbe6acfce shrpx_http_downstream_connection: Embed http_parser 2013-09-24 21:31:48 +09:00
Tatsuhiro Tsujikawa 3c1cad9272 shrpx_client_handler: Use std::unique_ptr for upstream_ 2013-09-24 21:31:47 +09:00
Tatsuhiro Tsujikawa ab39ae849f nghttpx: Add --npn-list option 2013-09-23 20:55:39 +09:00
Tatsuhiro Tsujikawa e5e1e9b76e shrpx_ssl.cc: Another code cleanup 2013-09-23 18:49:39 +09:00
Tatsuhiro Tsujikawa bd55f9cf2a shrxp_ssl.cc: Code cleanup 2013-09-23 18:40:17 +09:00
Tatsuhiro Tsujikawa 7d333f202a HtmlParser: Collect scripts URI as well 2013-09-19 01:19:35 +09:00
Tatsuhiro Tsujikawa 8dcaa08405 Replace steady_clock with monotonic_clock if steady_clock is not available 2013-09-17 22:48:30 +09:00
Tatsuhiro Tsujikawa 0a649e2499 src: Use std::chrono instead of gettimeofday and clock_gettime 2013-09-16 17:36:24 +09:00
Tatsuhiro Tsujikawa 04457aae62 nghttp: Code cleanup 2013-09-16 16:54:11 +09:00
Tatsuhiro Tsujikawa e2ff41c44c nghttp: Use -M as short option for --peer-max-concurrent-streams 2013-09-16 16:44:13 +09:00
Tatsuhiro Tsujikawa b14a97a273 Update .gitignore 2013-09-14 21:18:08 +09:00
Tatsuhiro Tsujikawa 99ba622fed Add NGHTTP2_OPT_PEER_MAX_CONCURRENT_STREAMS option
And utilize it in nghttp to limit initial max concurrent streams.
2013-09-14 19:41:49 +09:00
Tatsuhiro Tsujikawa c5d7d570e3 nghttpx: Code cleanup 2013-09-13 21:27:29 +09:00
Tatsuhiro Tsujikawa c48a1d7516 nghttpx: Add rate limit options 2013-09-13 21:23:55 +09:00
Tatsuhiro Tsujikawa 0f75997839 nghttpx: Share ev_token_bucket_cfg across ClientHandlers 2013-09-13 00:25:24 +09:00
Tatsuhiro Tsujikawa cbef6fd0c6 nghttpx: Replace \r\n with space when constructing HTTP/1 headers 2013-09-11 23:24:32 +09:00
Tatsuhiro Tsujikawa b7e1701f06 nghttp: Fix nghttp2_pack_settings_payload use 2013-09-09 21:25:46 +09:00
Tatsuhiro Tsujikawa 5cd1d4f0d6 Fix clang warnings 2013-09-08 23:16:08 +09:00
Tatsuhiro Tsujikawa 72802b92c5 src: Fix linker error 2013-09-08 16:29:39 +09:00
Tatsuhiro Tsujikawa cc1cfd97e3 src: Archive nghttpx sources into libnghttpx.a to reuse for tests 2013-09-08 15:52:41 +09:00
Tatsuhiro Tsujikawa 588fd3bda7 src, examples: Update .gitignore 2013-09-08 15:33:17 +09:00
Tatsuhiro Tsujikawa 1a05caf847 src: Use util::utos instead of std::to_string
Some platform (e.g., freebsd) does not define _GLIBCXX_USE_C99
and it hides std::to_string functions.
2013-09-08 14:29:18 +09:00
Tatsuhiro Tsujikawa 10f131c9d8 nghttpx: Guard ecdh use with !OPENSSL_NO_EC 2013-09-07 23:37:17 +09:00
Tatsuhiro Tsujikawa c751a6e935 Fix cosmetic errors 2013-09-07 16:38:21 +09:00
Tatsuhiro Tsujikawa 776cff3dc7 src: Use std::unique_ptr for nv 2013-09-07 01:52:46 +09:00
Tatsuhiro Tsujikawa 56f7debad6 nghttpx: Fix resource leak 2013-09-07 01:46:46 +09:00
Tatsuhiro Tsujikawa 92a6549f78 nghttp: Initialize flag to 0 2013-09-07 01:46:20 +09:00
Tatsuhiro Tsujikawa bb7361cd9b nghttp: Code cleanup 2013-09-06 00:18:43 +09:00
Tatsuhiro Tsujikawa 586533be2f nghttpx: Fix CONNECT fail on SPDY upstream 2013-09-05 23:40:48 +09:00
Tatsuhiro Tsujikawa dd4151330e nghttp: Use before_frame_send_callback to check stream_id 2013-09-03 21:27:33 +09:00
Tatsuhiro Tsujikawa d960cf8953 Add const to read-only nghttp2_frame* parameter in callbacks 2013-09-03 21:24:14 +09:00
Tatsuhiro Tsujikawa 2f26b04730 nghttpx: Code cleanup 2013-09-01 00:23:07 +09:00
Tatsuhiro Tsujikawa 9e703170cd nghttpx: Enable --honor-cipher-order automatically when --ciphers is used 2013-08-30 23:02:47 +09:00
Tatsuhiro Tsujikawa aea036c9d4 nghttpx: Support ECDHE and DHE cipher suites
Use --dh-param-file option to specify a file including DH parameters
in PEM format.

For example, you can create DH parameters with 1024 bit key using
following command:

$ openssl dhparam -outform PEM -out dhparam.pem 1024
2013-08-30 22:07:42 +09:00
Tatsuhiro Tsujikawa e818d098ec nghttp: Fix off-by-one error when allocating space for request headers 2013-08-30 21:30:04 +09:00
Tatsuhiro Tsujikawa 59286adc5e Add int return value to nghttp2_on_unknown_frame_recv_callback 2013-08-29 23:10:18 +09:00
Tatsuhiro Tsujikawa db4f519500 Add int return value to nghttp2_on_frame_recv_parse_error_callback 2013-08-29 23:07:07 +09:00
Tatsuhiro Tsujikawa 053c444769 Add int return value to nghttp2_on_request_recv_callback 2013-08-29 23:03:21 +09:00
Tatsuhiro Tsujikawa 81653c1d1b Add int return value to nghttp2_on_stream_close_callback 2013-08-29 22:58:05 +09:00
Tatsuhiro Tsujikawa 5a7f65f1f7 Add int return value to on_data_send_callback 2013-08-29 21:55:04 +09:00
Tatsuhiro Tsujikawa b9d2f9b6b0 Add int return value to on_frame_not_send_callback 2013-08-29 21:51:58 +09:00
Tatsuhiro Tsujikawa d4852b0f11 Add int return value to on_frame_send_callback 2013-08-29 21:48:34 +09:00
Tatsuhiro Tsujikawa a51cdaacfc Add int return value to nghttp2_before_frame_send_callback 2013-08-29 21:45:10 +09:00
Tatsuhiro Tsujikawa 544ac9f61f Add int return value to nghttp2_on_data_recv_callback 2013-08-29 21:41:33 +09:00
Tatsuhiro Tsujikawa 972b47d6af Add int return value to nghttp2_on_data_chunk_recv_callback 2013-08-29 21:39:32 +09:00
Tatsuhiro Tsujikawa fb7d22fcb9 Add int return value to nghttp2_on_invalid_frame_recv_callback 2013-08-29 21:37:26 +09:00
Tatsuhiro Tsujikawa a59cd3be82 Add int return value to nghttp2_on_frame_recv_callback 2013-08-29 21:33:52 +09:00
Tatsuhiro Tsujikawa 6387d18f23 nghttpx: Fix expect header field handling 2013-08-29 00:03:26 +09:00
Tatsuhiro Tsujikawa 400615ca35 nghttpd: Check disallowed headers 2013-08-28 03:14:19 +09:00
Tatsuhiro Tsujikawa 3544bfdbef src: Move pure HTTP code from shrpx_http.cc to http2.cc 2013-08-28 02:47:22 +09:00
Tatsuhiro Tsujikawa 1f3b96e233 nghttpx: Rewrite header handling 2013-08-28 00:09:46 +09:00
Tatsuhiro Tsujikawa 89cd2ff479 nghttpx: Stream error if disallowed header field in HTTP2 is received 2013-08-26 01:25:31 +09:00
Tatsuhiro Tsujikawa 33743ab832 nghttpx: Remove banned header fields in HTTP2 request and response 2013-08-26 01:09:15 +09:00
Tatsuhiro Tsujikawa 4744e90054 nghttpd: Include status code only in :status header field 2013-08-26 00:58:06 +09:00
Tatsuhiro Tsujikawa 4fb1811d18 nghttpx: Include status code only in :status header field in HTTP2 response 2013-08-25 23:28:34 +09:00
Tatsuhiro Tsujikawa 5d7b7a1691 nghttpx: Stream error if mandatory HTTP/2 request header field is missing 2013-08-25 23:21:07 +09:00
Tatsuhiro Tsujikawa 556212a602 nghttpx: Replace \r\n in the header field to SPC in http downstream 2013-08-24 23:27:45 +09:00
Tatsuhiro Tsujikawa e55abcd634 nghttpx: Fix stream hang when http2 downstream CONNECT failed 2013-08-24 01:43:05 +09:00
Tatsuhiro Tsujikawa 2764c55678 src: Code cleanup 2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa 5ae8605883 src: Use std::thread 2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa 47ee8e3c79 src: Code cleanup 2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa 0c9703fa2c Remove NGHTTP2_FLAG_END_FLOW_CONTROL 2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa c38c6cdd09 nghttpx: Fix bug writecb is nullptr for HTTP/1 connection 2013-08-23 03:32:26 +09:00
Tatsuhiro Tsujikawa b2a34c2e5b nghttpx: Fix bug content-length is removed 2013-08-23 02:49:21 +09:00
Tatsuhiro Tsujikawa 358d12a842 nghttpx: Fix bug CONNECT does not work 2013-08-22 21:28:27 +09:00
Tatsuhiro Tsujikawa b8a01f5212 nghttpx: Require content-length in HTTP2 upstream if END_STREAM flag is not set 2013-08-21 01:19:16 +09:00
Tatsuhiro Tsujikawa 823bb6c35e nghttpx: Require content-length in SPDY upstream if FIN flag is not set 2013-08-21 01:05:06 +09:00
Tatsuhiro Tsujikawa 4d51def65f nghttpx: Limit read rate on upstream-end 2013-08-21 01:00:55 +09:00
Tatsuhiro Tsujikawa aa9688b459 nghttpx: Fix possible multiple replies on HTTP2 and SPDY upstreams 2013-08-21 00:56:08 +09:00
Tatsuhiro Tsujikawa ef6ccc0d74 Update .gitignore 2013-08-15 10:41:22 +09:00
Tatsuhiro Tsujikawa 3e1aad60b7 nghttp: Remove --no-tls option and detect TLS requirement using URI scheme 2013-08-12 22:33:51 +09:00
Tatsuhiro Tsujikawa 4fac4eb92d nghttpx: HttpUpstream: Check required request headers strictly
If multiple required headers (e.g., :path) found, return HTTP 400
error.
Fix util::strieq(a,b,n) where boundary of b is not checked in the
loop.
2013-08-11 00:08:44 +09:00
Tatsuhiro Tsujikawa 989d613448 nghttpx: Save pid file after daemon() call 2013-08-10 18:55:18 +09:00
Tatsuhiro Tsujikawa c36fcf1794 src: Print opaque_data_len of GOAWAY 2013-08-10 00:46:00 +09:00
Tatsuhiro Tsujikawa 02a7182ebd src: Create strframetype to handle unknown frame types 2013-08-10 00:42:11 +09:00
Tatsuhiro Tsujikawa 47c1447030 src: Print SETTINGS string name 2013-08-10 00:37:57 +09:00
Tatsuhiro Tsujikawa d194a31e4a src: Use print_frame_hd from print_data_frame 2013-08-10 00:31:59 +09:00
Tatsuhiro Tsujikawa 19377fb3cd Allow disabling auto WINDOW_UPDATE for connection and stream individually
Now NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE is split into 2 options:
NGHTTP2_OPT_NO_AUTO_STREAM_WINDOW_UPDATE and
NGHTTP2_OPT_NO_AUTO_CONNECTION_WINDOW_UPDATE.
This is preparation for the upcoming removal of END_FLOW_CONTROL
flag. For nghttpx, instead of using END_FLOW_CONTROL to disable
connection-level flow control, increase window size by large
enough value, which is friendly way to current chromium
implementation.
2013-08-09 01:23:39 +09:00
Tatsuhiro Tsujikawa fafec1fdb8 nghttpx: Accept incoming bytes at least initial window size 2013-08-07 21:27:08 +09:00
Tatsuhiro Tsujikawa 7f71e83c52 nghttpd: Use 100 for MAX_CONCURRENT_STREAMS 2013-08-07 01:23:43 +09:00
Tatsuhiro Tsujikawa 07814be5b2 src: HttpServer: Remove unused member variable sfd_ 2013-08-06 23:17:13 +09:00
Tatsuhiro Tsujikawa 2b71598bdf src: Reorder AM_CPPFLAGS and AM_LDFLAGS 2013-08-06 21:24:34 +09:00
Tatsuhiro Tsujikawa 1b95e23bfb Add ax_cxx_compile_stdcxx_11 to check C++11 availability and flags 2013-08-06 21:20:36 +09:00
Tatsuhiro Tsujikawa 168c5ac5b3 HttpServer: Code cleanup 2013-08-06 00:07:51 +09:00
Tatsuhiro Tsujikawa fadbdbae0b nghttp: Add -p option to specify stream priority 2013-08-04 18:55:26 +09:00
Tatsuhiro Tsujikawa 2a311b3102 src: Print flags in DATA 2013-08-04 18:44:11 +09:00
Tatsuhiro Tsujikawa 690349009d nghttp: Call on_read() to process all data in buffer after upgrade succeeded 2013-08-04 18:43:10 +09:00
Tatsuhiro Tsujikawa d4ade2d7d0 nghttpx: Return -1 if dconn_ is nullptr on push_upload_data_chunk 2013-08-03 23:45:28 +09:00
Tatsuhiro Tsujikawa f613f68a13 src: Make window size - 1
To match the -w16 to 65535, which is HTTP/2.0 default initial window
size, decrement 1 from (1 << window_bits).
2013-08-03 19:53:07 +09:00
Tatsuhiro Tsujikawa 6bcfb99cc0 nghttpx: Update help messages 2013-08-03 19:19:04 +09:00
Tatsuhiro Tsujikawa 079f867d68 nghttp: Ignore -u if --no-tls is not given 2013-08-03 19:08:52 +09:00
Tatsuhiro Tsujikawa d1bc3c89a7 nghttpx: Code cleanup 2013-08-03 19:04:44 +09:00
Tatsuhiro Tsujikawa 0150312022 nghttpx: Rename spdy_{upstream,downstream}_no_tls as {upstream,downstream}_no_tls 2013-08-03 19:01:57 +09:00
Tatsuhiro Tsujikawa 564e6b9ffc nghttpx: Rename --{front,back}end-spdy-no-tls as --{front,back}end-no-tls 2013-08-03 18:58:14 +09:00
Tatsuhiro Tsujikawa f620655d08 nghttp, nghttpx: Add HTTP Upgrade from HTTP/1.1 to HTTP/2.0
nghttpx does not perform upgrade if the request has request body.
2013-08-03 18:51:01 +09:00
Tatsuhiro Tsujikawa 5594f0ef0b nghttpx: Preserve upgrade in Connection header field 2013-08-02 00:00:33 +09:00
Tatsuhiro Tsujikawa 8fd1953b21 app_helper: Show flags in hex 2013-08-01 21:42:16 +09:00
Tatsuhiro Tsujikawa 1bbcbd365c shrpx: Cast uint8_t to uint32_t to print its decimal number 2013-08-01 20:33:04 +09:00
Tatsuhiro Tsujikawa fec566aa23 src: Send out data in output buffer before HTTP2/SPDY session tear down 2013-08-01 20:31:29 +09:00
Tatsuhiro Tsujikawa 8cb92fc277 nghttpx: Handle error from Upstream::resume_read in upgrade code 2013-07-31 22:14:25 +09:00
Tatsuhiro Tsujikawa 924b1bd61a Use unmodified http-parser
Handle HTTP Upgrade and CONNECT explicitly
2013-07-31 21:48:37 +09:00
Tatsuhiro Tsujikawa ab56cd4ea3 nghttpx: Fix bug: end marker of chunked encoding is written twice 2013-07-30 21:46:00 +09:00
Tatsuhiro Tsujikawa dc2ed7414c src: Cleanup src builds 2013-07-28 19:50:02 +09:00
Tatsuhiro Tsujikawa 9f9c0cbcd1 nghttpd: Add -F and -f option to disable connection/stream level flow control 2013-07-28 19:29:11 +09:00
Tatsuhiro Tsujikawa 56db10cb5e nghttp: Add -F and -f option to disable connection/stream level flow controls 2013-07-28 19:29:11 +09:00
Tatsuhiro Tsujikawa 60fe0337da app_helper: Print PUSH_PROMISE 2013-07-27 22:37:09 +09:00
Tatsuhiro Tsujikawa f7c0df1235 Remove :version from downstream HTTP/2.0 request 2013-07-27 18:57:33 +09:00
Tatsuhiro Tsujikawa 90b06e8572 nghttpx: Add HTTP/2.0 word in help message 2013-07-26 21:55:08 +09:00
Tatsuhiro Tsujikawa 1fca42ed2b nghttpx: Remove :version from http2 connection 2013-07-26 21:47:53 +09:00
Tatsuhiro Tsujikawa 5ccf647df9 Rename shrpx as nghttpx superficially 2013-07-26 21:42:39 +09:00
Tatsuhiro Tsujikawa 86174f537a shrpx: Send and receive client connection header 2013-07-26 21:35:14 +09:00
Tatsuhiro Tsujikawa 9b27160195 HttpServer: Fix left_connhd_len_ is not updated 2013-07-26 21:34:39 +09:00
Tatsuhiro Tsujikawa 32bd1425b4 shrpx: SPDY support in upstream connection 2013-07-26 20:12:55 +09:00
Tatsuhiro Tsujikawa 41b21f7938 fixup 2013-07-26 19:38:54 +09:00
Tatsuhiro Tsujikawa 18f450fd2a Port shrpx to nghttp2 use 2013-07-26 19:33:25 +09:00
Tatsuhiro Tsujikawa 459a269049 Define HTTP/2.0 protocol version ID 2013-07-26 01:38:04 +09:00
Tatsuhiro Tsujikawa 3cc71a707e Rename nghttp2_headers_category members
Add NGHTTP2_HCAT_PUSH_RESPONSE
2013-07-25 20:57:50 +09:00
Tatsuhiro Tsujikawa cca1d19d3d Fix WINDOW_UPDATE enum value 2013-07-23 02:08:32 +09:00
Tatsuhiro Tsujikawa 57401bfb8d src: Print PRIORITY frame in print_frame() 2013-07-23 00:29:52 +09:00
Tatsuhiro Tsujikawa 42ff5b5c04 Rename nghttp2_ssl as app_helper 2013-07-22 22:12:54 +09:00
Tatsuhiro Tsujikawa ec79d70bd0 Code cleanup 2013-07-22 22:08:52 +09:00
Tatsuhiro Tsujikawa 551ae72f3a Remove spdyd and spdycat 2013-07-22 22:06:31 +09:00
Tatsuhiro Tsujikawa 9e9a7fb160 Add nghttpd and 24 bytes client connection header support 2013-07-22 21:56:19 +09:00
Tatsuhiro Tsujikawa 6bc7e7bd0b Add nghttp client backed by libevent 2013-07-22 00:01:33 +09:00
Tatsuhiro Tsujikawa 94258cd0b8 Move NGHTTP2_PRI_* to nghttp2.h, fix too small pri data type in src 2013-07-20 01:59:43 +09:00
Tatsuhiro Tsujikawa 61bf7c6b02 Integrate new header compression 2013-07-20 00:08:14 +09:00
Tatsuhiro Tsujikawa 257bc1c924 print_frame: Show pri only when NGHTTP2_FLAG_PRIORITY flag set 2013-07-17 01:13:58 +09:00
Tatsuhiro Tsujikawa 307e13375d spdycat: Set on_data_send_callback 2013-07-17 01:10:50 +09:00
Tatsuhiro Tsujikawa 3ed5c78a2c Remove unnecessary indent in DATA frame line 2013-07-16 20:54:01 +09:00
Tatsuhiro Tsujikawa 68c072485c Remove :version existence check in spdyd 2013-07-16 20:53:29 +09:00
Tatsuhiro Tsujikawa 24cab312cf Make spdycat and spdyd barely work 2013-07-16 00:15:04 +09:00
Tatsuhiro Tsujikawa 39e0b06bfc Comment out shrpx build in Makefile for now 2013-07-13 00:45:42 +09:00
Tatsuhiro Tsujikawa 0edce70343 Rebranding nghttp2 2013-07-13 00:43:06 +09:00
Tatsuhiro Tsujikawa 7b59a11480 shrpx: Create default SSL context once 2013-06-21 23:17:46 +09:00
Tatsuhiro Tsujikawa d1b9af0268 shrpx: Fix usage doc 2013-06-09 23:09:49 +09:00
Tatsuhiro Tsujikawa e91b386422 src: Add SRC_LIBS to shrpx_unittest_LDFLAGS 2013-05-03 22:15:07 +09:00
Tatsuhiro Tsujikawa c02fefe063 spdylay_ssl.cc: Cast tv.tv_sec to long int to pass printf 2013-05-03 22:14:16 +09:00
moparisthebest aa13b9b980 Drop priveleges only after listening on possibly priveleged port 2013-04-19 07:58:58 -04:00
moparisthebest 7dfa559bc4 Add --honor-cipher-order option to mitigate BEAST attacks 2013-04-18 14:25:48 -04:00
snnn 4c238c5b36 fix building on mac os x. "error: invalid suffix on literal; C++11 requires a space between literal and identifier" 2013-04-17 14:33:55 +08:00
Tatsuhiro Tsujikawa 34e119fde2 shrpx: Remove useless backend spdy version check
It is unnecessary because spdy version at this point is always valid.
2013-03-29 22:16:50 +09:00
Tatsuhiro Tsujikawa a9f475fb88 spdycat, shrpx: TLS SNI enhancements
shrpx:
* Added an option to set the TLS SNI extension between shrpx and the
  origin on the command line

spdycat:
* If the user set an explicit host header ( using --headers ) use that
  name for the TLS SNI extension.
* Added the handshake completion time to the verbose output
* The gettimeofday call in get_time was using the incorrect structure
  ( I believe )
* In update_html_parser it was submitting the request regardless of
  the return value of add_request.

Patch from Stephen Ludin
2013-03-29 22:06:33 +09:00
Tatsuhiro Tsujikawa bdade00e68 cygwin build fix 2013-03-28 01:25:42 +09:00
Tatsuhiro Tsujikawa 7d709fa3ff shrpx: Support non-TLS SPDY in frontend connection 2013-03-24 21:03:39 +09:00
Tatsuhiro Tsujikawa 7264966bb5 shrpx: Check get_request_state() == MSG_COMPLETE when body is empty 2013-03-08 01:50:46 +09:00
Tatsuhiro Tsujikawa 4461cb24ed shrpx: Fix assertion failure in SpdyDownstreamConnection::attach_stream_data 2013-03-07 21:32:10 +09:00
Tatsuhiro Tsujikawa add067ed7e Provide timegm replacement and android build fix 2013-03-07 21:17:55 +09:00
Tatsuhiro Tsujikawa eddd48b783 shrpx: Don't issue RST_STREAM on downstream tunnel connection EOF
The RST_STREAM will be issued in spdy_data_read_callback.
2013-03-01 20:43:35 +09:00
Tatsuhiro Tsujikawa 2d23ae3741 shrpx: Fix missing delete 2013-03-01 00:07:00 +09:00
Tatsuhiro Tsujikawa cf1cfca51f shrpx: Fix not send RST_STREAM when downstream gets valid EOF 2013-03-01 00:05:57 +09:00
Tatsuhiro Tsujikawa da36fc3953 shrpx: Fix WINDOW_UPDATE may block until SpdyUpstream::send()
spdy_data_read_callback in SpdyDownstreamConnection calls
SpdyUpstream::resume_read() which submits WINDOW_UPDATE, but after
that they are not call SpdyUpstream::send(). This means that if no
pending outgoing data in upstream, then WINDOW_UPDATE is blocked until
SpdyUpstream::send() from somewhere. This change adds
SpdyUpstream::send() to resume_read() so that WINDOW_UPDATE is not
blocked.
2013-02-27 22:55:44 +09:00
Tatsuhiro Tsujikawa 7b3f57cef8 shrpx: Fix blocking upstream RST_STREAM and propagate REFUSED_STREAM
This change fixes upstream RST_STREAM is blocked until
SpdyUpstream::send() is called. Now downstream REFUSED_STREAM is
propagated to upstream client so that client can reset request.  The
RST_STREAM error code when downstream went wrong is changed from
CANCEL to INTERNAL_ERROR.
2013-02-27 22:39:44 +09:00
Tatsuhiro Tsujikawa dbb0df5c5b Remove strerror(3) from code which may run in multi-thread 2013-02-25 22:43:44 +09:00
Tatsuhiro Tsujikawa c487d152b2 shrpx: Add non-TLS SPDY backend connection support
Use --backend-spdy-no-tls to disable TLS on backend SPDY connection.
The SPDY protocol used there must be configured by
--backend-spdy-proto option.
2013-02-22 22:54:54 +09:00
Tatsuhiro Tsujikawa fc26f08af2 shrpx: Fix Proxy-Authorization is alwasy sent even if userinfo is empty
Surprisingly, field_set & UF_USERINFO is nonzero even if userinfo
component is empty string.
2013-02-22 21:23:59 +09:00
Tatsuhiro Tsujikawa 78523c6701 shrpx: Fix backend SPDY connection does not go through proxy 2013-02-22 19:30:15 +09:00
Tatsuhiro Tsujikawa 64fcac48b7 shrpx: Fix bug in building certificate lookup tree 2013-02-16 17:51:38 +09:00
Tatsuhiro Tsujikawa c8167234fa shrpx: Fix bug in certificate lookup 2013-02-16 02:33:16 +09:00
Tatsuhiro Tsujikawa abe5fd1e39 spdycat: Fix -d option in usage 2013-02-14 21:25:46 +09:00
Tatsuhiro Tsujikawa 54d5dda6c4 spdycat: Add --multiply option 2013-02-14 21:24:57 +09:00
Tatsuhiro Tsujikawa 3d2ef18afb spdycat: Fix error handling of spdylay_gzip_inflate() 2013-02-14 21:12:16 +09:00
Tatsuhiro Tsujikawa 291cbc639b shrpx: Use patricia trie for cert lookup 2013-02-14 00:28:55 +09:00
Tatsuhiro Tsujikawa e322af8a6f src: Add missing base64.h 2013-02-11 21:49:04 +09:00
Tatsuhiro Tsujikawa e28f169228 shrpx: More backend EOF handling
Now we set Downstream::set_response_connection_close(true) for
tunneled connections. Also call
Upstream::on_downstream_body_complete() callback when setting
MSG_COMPLETE in SpdySession when RST_STREAM is caught.  Clean up EOF
handling in https_downstream_readcb.
2013-02-11 17:20:52 +09:00
Tatsuhiro Tsujikawa d830e099a6 shrpx: Send pending response data before RST_STREAM in tunnel connection 2013-02-11 02:05:11 +09:00
Tatsuhiro Tsujikawa 734d7bced8 shrpx: Handle downstream response_state == MSG_RESET case in SPDY upstream 2013-02-09 23:20:29 +09:00
Tatsuhiro Tsujikawa 8b6fbbf3a6 shrpx: Update --backend-http-proxy-uri usage 2013-02-09 19:08:02 +09:00
Tatsuhiro Tsujikawa 39df51188c shrpx: Log stream ID when submitting RST_STREAM to downstream 2013-02-09 17:56:44 +09:00
Tatsuhiro Tsujikawa ceba5539a1 shrpx: Fix client mode does not work 2013-02-09 17:45:57 +09:00
Tatsuhiro Tsujikawa 18dc6384d4 shrpx: Remove x-forwarded-proto header from SPDY downstream
SPDY frame has :scheme header field, so x-forwarded-proto is not
necessary.
2013-02-09 17:22:33 +09:00
Tatsuhiro Tsujikawa b43b31c362 shrpx: Remove x-forwarded-spdy header field 2013-02-09 17:21:46 +09:00
Tatsuhiro Tsujikawa 4876412f7d shrpx: Check return value of HttpsUpstream::resume_read()
Currently, resume_read() fails if on_read() returns -1 in case that
evbuffer_add failed, which means, most likely, memory allocation
failure. ClientHandler is marked "should be closed", but if
evbuffer_add is failed, write callback will not be invoked and its
marking is not evaluated. It will eventually be deleted when the
client is disconnected or backend failure though.
2013-02-09 17:03:03 +09:00
Tatsuhiro Tsujikawa 99b687ceca shrpx: Documented --spdy-bridge 2013-02-09 16:55:49 +09:00
Tatsuhiro Tsujikawa cb8b8050b5 shprx: Add --backend-http-proxy-uri option
Specify proxy URI in the form http://[USER:PASS]PROXY:PORT. USER and
PASS are optional and if they exist they must be properly
percent-encoded. This proxy is used when the backend connection is
SPDY. First, make a CONNECT request to the proxy and it connects to
the backend on behalf of shrpx. This forms tunnel. After that, shrpx
performs SSL/TLS handshake with the downstream through the tunnel. The
timeouts when connecting and making CONNECT request can be specified
by --backend-read-timeout and --backend-write-timeout options.
2013-02-09 16:55:39 +09:00
Tatsuhiro Tsujikawa 9ba19df813 shrpx: Add --spdy-bridge option
With --spdy-bridge option, it listens SPDY/HTTPS connections from
front end and forwards them to the backend in SPDY. The usage will be
written later. This change fixes the crash when more than 2
outstanding SpdyDownstreamConnection objects are added to SpdySession
and establishing connection to SPDY backend is failed.
2013-02-08 21:46:58 +09:00
Tatsuhiro Tsujikawa 8925c58d71 shrpx: Send RST_STREAM when downstream becomes stale 2013-02-08 00:22:22 +09:00
Tatsuhiro Tsujikawa 9b4245368a shrpx: Refactor spdy downstream header field handling 2013-02-07 21:53:20 +09:00
Tatsuhiro Tsujikawa c707125839 shrpx: Explicitly hold server SSL_CTX and client SSL_CTX 2013-02-07 21:13:36 +09:00
Tatsuhiro Tsujikawa b18af854af shrpx: Add --subcert option to add additional certificate/private key
This option specifies additional certificate and private key
file. Shrpx will choose certificates based on the hostname indicated
by client using TLS SNI extension. This option can be used multiple
times.
2013-02-06 23:41:28 +09:00
Tatsuhiro Tsujikawa e3401b0159 shrpx: Lowercase x-forwarded-proto 2013-02-01 23:36:08 +09:00
Tatsuhiro Tsujikawa ae0533334c shrpx: Relay Connection: upgrade header field for HTTP/1.1 connections 2013-02-01 23:30:12 +09:00
Tatsuhiro Tsujikawa d9611e65ac spdycat: Send "accept-encoding: gzip, deflate" header field 2013-02-01 00:17:28 +09:00
Tatsuhiro Tsujikawa 2e3cd7d04f spdycat: Output error messages to std::cerr 2013-01-30 21:50:36 +09:00
Tatsuhiro Tsujikawa 37cb94d154 src: Use clock_gettime instead of gettimeofday if available 2013-01-27 17:16:13 +09:00
Tatsuhiro Tsujikawa 09154c61f6 spdycat, spdyd: Color verbose output 2013-01-27 16:27:17 +09:00
Tatsuhiro Tsujikawa 964c0d1005 shrpx: Don't return chunked response for pre-HTTP/1.1 request 2013-01-27 16:20:14 +09:00
Tatsuhiro Tsujikawa 817f35f3e4 spdycat: Free fd and SSL object on error 2013-01-25 23:15:34 +09:00
Tatsuhiro Tsujikawa ac01e48f7a spdycat: Initialize SpdySession::sc 2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa f6c0061117 spdycat: Log if set_tcp_nodelay() failed 2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa f0fc026799 shrpx: Check return value of library functions 2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa 9f28b3056f spdyd: Initialize Config::on_request_recv_callback 2013-01-25 21:37:43 +09:00
Tatsuhiro Tsujikawa 6732219dc7 spdyd: ListenEventHandler creation fix 2013-01-25 21:27:54 +09:00
Tatsuhiro Tsujikawa 5774f8110d shrpx: Fix resource leak 2013-01-25 21:26:03 +09:00
Tatsuhiro Tsujikawa 29bec93eb9 shrpx: Don't run expensive INFO log code
INFO log and its surrounding code are now guarded by
LOG_ENABLED(SEVERITY) macro so that they don't run if log level
threshold is higher. This increases performance because log formatting
is somewhat expensive.
2013-01-21 22:48:08 +09:00
Tatsuhiro Tsujikawa 87c1f07013 shrpx: HttpsUpstream::error_reply() without std::stringstream 2013-01-16 22:51:33 +09:00
Tatsuhiro Tsujikawa c48fb56d3f shrpx: Add content-length header field to SPDY upstream error page
create_error_html() is rewritten without std::stringstream.
2013-01-16 22:47:39 +09:00
Tatsuhiro Tsujikawa dc2fe52e57 shrpx: Add missing \n to help message 2013-01-12 16:42:48 +09:00
Tatsuhiro Tsujikawa ae8e5b7a95 spdycat: Add -d option to POST data 2013-01-11 00:15:45 +09:00
Tatsuhiro Tsujikawa 28489fd6a8 shrpx: Set TCP_NODELAY to downstream sockets 2013-01-11 00:11:41 +09:00
Tatsuhiro Tsujikawa e454cc1301 shrpx: Remove warn log from upstream_{read,write}cb 2013-01-11 00:10:08 +09:00
Tatsuhiro Tsujikawa c306402a20 shrpx: Capitalize header field name in HTTP downstream connection 2013-01-09 22:55:29 +09:00
Tatsuhiro Tsujikawa c45fa16f94 shrpx: Add --no-via option
If --no-via option is given, shrpx does not append to Via header
field. If Via header field is received, it is left unaltered.
2013-01-09 22:03:49 +09:00
Tatsuhiro Tsujikawa 4d1f1f2395 shrpx: Log IP version number when getaddrinfo failed 2013-01-09 22:03:34 +09:00
Tatsuhiro Tsujikawa 6da492c4e8 Remove uri.{cc,h} and use http_parser_parse_url() instead 2013-01-09 00:42:06 +09:00
Tatsuhiro Tsujikawa 633e85246f Include http-parser/http_parser.h locally 2013-01-05 23:21:09 +09:00
Tatsuhiro Tsujikawa 6a4a0e7f8c Remove useless extern "C" 2013-01-05 23:20:18 +09:00
Tatsuhiro Tsujikawa be5066c450 Updated http-parser 2012-12-23 01:13:02 +09:00
Tatsuhiro Tsujikawa 92260ccc81 Add patch for http-parser to handle tunneling connection transparently 2012-12-20 01:05:51 +09:00
Tatsuhiro Tsujikawa 9425f8a45f shrpx: Handle graceful shutdown in SPDY backend 2012-12-17 01:10:45 +09:00
Tatsuhiro Tsujikawa 3ba73db7d7 shrpx: Remove unused function modify_location_header_value 2012-12-14 01:14:42 +09:00
Tatsuhiro Tsujikawa 4d80a26188 spdycat: Log error when no supported SPDY version was negotiated 2012-12-12 23:28:32 +09:00
Tatsuhiro Tsujikawa 8c456674cf shrpx: Remove upstream_spdy_stream and upstream_spdy_stream_close
upstream_response logs more detailed information.
2012-12-09 23:30:11 +09:00
Tatsuhiro Tsujikawa 90eebbc88c shrpx: Log status code, method, path and HTTP version in accesslog 2012-12-09 23:29:43 +09:00
Tatsuhiro Tsujikawa 6ef9b7430d shrpx: Color HTTP headers in console log 2012-12-09 21:36:02 +09:00
Tatsuhiro Tsujikawa 9b1f36d274 shrpx: Color severity level in terminal
Color severity level if stderr refers to a terminal.
2012-12-09 21:02:48 +09:00
Tatsuhiro Tsujikawa bbf6c18575 shrpx: Log format change
Added macros which log messages from the following components are
prefixed with their component name + object pointer address:

ListenHandler: LISTEN
ThreadEventReceiver: THREAD_RECV
Upstream: UPSTREAM
Downstream: DOWNSTREAM
DownstreamConnection: DCONN
SpdySession: DSPDY
2012-12-09 19:15:14 +09:00
Tatsuhiro Tsujikawa 65e965791f shrpx: Replace strncpy + putting null with memcpy in ssl_pem_passwd_cb 2012-12-07 23:42:58 +09:00
Tatsuhiro Tsujikawa 06220f7fdf shrpx: Make is_secure() static 2012-12-07 23:14:20 +09:00
Raul Gutierrez Segales cbf8ccf7d1 [shrpx] read private key's passwd from a file
This avoids the need to provide the password for your
private key interactively.

It can be used via --private-key-passwd-file or private-key-passwd-file
in the given config file. The first line in the file
(without \n) will be treated as the passwd. There isn't
any validation and all lines after the first one (if any)
are ignored.

The security model behind this is a bit simplistic so I
am open to better ideas. Basically your password file
should be root:root (700) and you *should* drop root
and run as an unprivileged user.

If the file exists and a line can be read then a callback
will be set for the SSL ctxt and it'll feed the passwd
when the private key is read (if password is needed).

If the file exists with the wrong permisions it'll be
logged and ignored.
2012-12-03 21:55:32 -08:00
Tatsuhiro Tsujikawa f97110f092 spdycat, spdyd: Support SPDY without SSL/TLS
Use --no-tls option to disable SSL/TLS and specify SPDY protocol
version using -2 or -3.
2012-11-25 21:58:44 +09:00
Tatsuhiro Tsujikawa 50211bc1ad shrpx: Replace "https" with "http" in log message in shrpx_https_upstream.cc 2012-11-23 21:30:57 +09:00
Tatsuhiro Tsujikawa 282b8b567a shrpx: Log upstream https request headers 2012-11-23 21:30:17 +09:00
Tatsuhiro Tsujikawa 8f62441112 src: Rewrite util::stripIter 2012-11-23 21:14:39 +09:00
Tatsuhiro Tsujikawa baf2dc3ddf shrpx: Add --backend-ipv4 and --backend-ipv6 options. 2012-11-23 21:11:01 +09:00
Tatsuhiro Tsujikawa 7a21905312 shrpx: Remove Config ctor and fill all initial values in fill_default_config() 2012-11-22 23:35:10 +09:00
Tatsuhiro Tsujikawa c1332a35a5 shrpx: Add -v, --version option 2012-11-22 23:08:36 +09:00
Tatsuhiro Tsujikawa 774e64d2b4 shrpx: Group up options in -h output 2012-11-22 23:04:27 +09:00
Tatsuhiro Tsujikawa 9c70c1b867 shrpx: Code cleanup 2012-11-22 22:05:52 +09:00
Tatsuhiro Tsujikawa 4349d42988 shrpx: Add usage for <PRIVATE_KEY> <CERT> 2012-11-22 22:00:38 +09:00
Tatsuhiro Tsujikawa 9aa7af2c7f shrpx: Use SNI TLS extension in client mode 2012-11-22 21:51:11 +09:00
Tatsuhiro Tsujikawa d589f4c74c shrpx: Verify backend server's certificate in client mode
The -k, --insecure option is added to skip this verification.  The
system wide trusted CA certificates will be loaded at startup. The
--cacert option is added to specify the trusted CA certificate file.
2012-11-22 21:46:15 +09:00
Tatsuhiro Tsujikawa 8a5db1751e shrpx: Check the length of output buffer in write callback
Possibly because of deferred callback, we may get this callback when
the output buffer is not empty.
2012-11-22 03:13:30 +09:00
Tatsuhiro Tsujikawa 81adb6bc7f shrpx: Implement downstream SPDY flow control 2012-11-21 23:47:48 +09:00
Tatsuhiro Tsujikawa 0bf15a7694 Rename --client-mode as --client and add --client-proxy
With --client-proxy option, shrpx makes sure that the request path is
an absolute URI, otherwise it will return 400 status code.
2012-11-21 22:10:35 +09:00
Tatsuhiro Tsujikawa fa552c6788 shrpx: Share SPDY session among multiple frontend connections per thread
In client mode, now SPDY connection to the backend server is
established per thread.  The frontend connections which belong to the
same thread share the SPDY connection.
2012-11-21 01:29:39 +09:00
Tatsuhiro Tsujikawa ae30e7f71b shrpx: Split request path into SPDY specific headers 2012-11-19 21:40:59 +09:00
Tatsuhiro Tsujikawa bebea5e16a Update http-parser 2012-11-19 02:16:42 +09:00
Tatsuhiro Tsujikawa 542fd6420b Fix recursive HttpsUpstream::on_read() call
Don't call HttpsUpstream::resume_read() from the call tree of
on_read().  Avoid parsing next http data after parse error.
2012-11-19 02:11:46 +09:00
Tatsuhiro Tsujikawa 077275e783 Fix typo SPDY/3 2012-11-19 02:10:58 +09:00
Tatsuhiro Tsujikawa aa07076f29 shrpx: Don't propagate expect: 100-continue to backend 2012-11-18 23:49:41 +09:00
Tatsuhiro Tsujikawa 52c4d26927 shrpx: Deadlock with upload data in clinet mode 2012-11-18 23:48:55 +09:00
Tatsuhiro Tsujikawa 19bf97b3e5 Support x-forwarded-proto and x-forwarded-for in SpdyDownstreamConnection 2012-11-18 23:04:14 +09:00
Tatsuhiro Tsujikawa 026f4ca3a2 Add --client-mode option
With --client-mode option, shrpx now accepts unencrypted HTTP
connections and communicates with backend server in SPDY.  In short,
this is the "reversed" operation mode against normal mode.  This may
be useful for testing purpose because it can sit between HTTP client
and shrpx "normal" mode.
2012-11-18 21:46:07 +09:00
Tatsuhiro Tsujikawa aa64a7f7f5 Don't send response-body for 304 response 2012-11-18 21:22:08 +09:00
Tatsuhiro Tsujikawa 4748443899 shrpx: Log detailed error description in SSL code 2012-11-14 21:14:11 +09:00
Raul Gutierrez Segales 6f6f6ffc41 [shrpx] fix password handling for certs keys
We should only call daemon() after ListenHandler is
instantiated, where  SSL_CTX_use_PrivateKey_file is called,
otherwise we have no stdin/stdout to get the password for
keyfile.
2012-10-27 22:29:27 -07:00
Tatsuhiro Tsujikawa fdc19550fc spdyd: Open file with O_BINARY flag 2012-10-16 22:57:26 +09:00
Tatsuhiro Tsujikawa 22840dbfaf spdycat: Handle timeout in connect and SSL/TLS handshake 2012-10-14 23:39:41 +09:00
Tatsuhiro Tsujikawa a28e1c6e7d Add src/.gitignore and edit examples/.gitignore 2012-10-06 00:01:13 +09:00
Tatsuhiro Tsujikawa 2ea0c1c1b0 Add missing url_parser.c 2012-10-05 23:56:26 +09:00
Tatsuhiro Tsujikawa 9378b74fc3 spdycat: Rewritten time_delta 2012-10-04 23:54:39 +09:00
Tatsuhiro Tsujikawa c0577602d1 shrpx: Made SPDY/3 default protocol in SPDY proxy mode
The reason why we choose SPDY/2 as default for SPDY prxy was due to
Chrome's window update bug. Now its fix is available in Chrome stable,
we make SPDY/3 as default.
2012-10-01 23:01:44 +09:00
Tatsuhiro Tsujikawa e69947a054 Removed trailing spaces 2012-10-01 21:51:24 +09:00
Tatsuhiro Tsujikawa 9d6257a4cc spdycat: Just return in check_response_header if stream_user_data is NULL
We cannot use assert(stream_user_data) because server-pushed stream
does not have stream_user_data.
2012-09-22 16:07:49 +09:00
Tatsuhiro Tsujikawa 00172f827a spdycat: Add missing break after handling -H option 2012-09-22 16:05:20 +09:00
Tatsuhiro Tsujikawa abf2ddc3a6 shrpx: Use request HTTP version in HTTPS upstream response 2012-09-20 22:36:17 +09:00