Tatsuhiro Tsujikawa
3c1cad9272
shrpx_client_handler: Use std::unique_ptr for upstream_
2013-09-24 21:31:47 +09:00
Tatsuhiro Tsujikawa
ab39ae849f
nghttpx: Add --npn-list option
2013-09-23 20:55:39 +09:00
Tatsuhiro Tsujikawa
e5e1e9b76e
shrpx_ssl.cc: Another code cleanup
2013-09-23 18:49:39 +09:00
Tatsuhiro Tsujikawa
bd55f9cf2a
shrxp_ssl.cc: Code cleanup
2013-09-23 18:40:17 +09:00
Tatsuhiro Tsujikawa
7d333f202a
HtmlParser: Collect scripts URI as well
2013-09-19 01:19:35 +09:00
Tatsuhiro Tsujikawa
8dcaa08405
Replace steady_clock with monotonic_clock if steady_clock is not available
2013-09-17 22:48:30 +09:00
Tatsuhiro Tsujikawa
0a649e2499
src: Use std::chrono instead of gettimeofday and clock_gettime
2013-09-16 17:36:24 +09:00
Tatsuhiro Tsujikawa
04457aae62
nghttp: Code cleanup
2013-09-16 16:54:11 +09:00
Tatsuhiro Tsujikawa
e2ff41c44c
nghttp: Use -M as short option for --peer-max-concurrent-streams
2013-09-16 16:44:13 +09:00
Tatsuhiro Tsujikawa
b14a97a273
Update .gitignore
2013-09-14 21:18:08 +09:00
Tatsuhiro Tsujikawa
99ba622fed
Add NGHTTP2_OPT_PEER_MAX_CONCURRENT_STREAMS option
...
And utilize it in nghttp to limit initial max concurrent streams.
2013-09-14 19:41:49 +09:00
Tatsuhiro Tsujikawa
c5d7d570e3
nghttpx: Code cleanup
2013-09-13 21:27:29 +09:00
Tatsuhiro Tsujikawa
c48a1d7516
nghttpx: Add rate limit options
2013-09-13 21:23:55 +09:00
Tatsuhiro Tsujikawa
0f75997839
nghttpx: Share ev_token_bucket_cfg across ClientHandlers
2013-09-13 00:25:24 +09:00
Tatsuhiro Tsujikawa
cbef6fd0c6
nghttpx: Replace \r\n with space when constructing HTTP/1 headers
2013-09-11 23:24:32 +09:00
Tatsuhiro Tsujikawa
b7e1701f06
nghttp: Fix nghttp2_pack_settings_payload use
2013-09-09 21:25:46 +09:00
Tatsuhiro Tsujikawa
5cd1d4f0d6
Fix clang warnings
2013-09-08 23:16:08 +09:00
Tatsuhiro Tsujikawa
72802b92c5
src: Fix linker error
2013-09-08 16:29:39 +09:00
Tatsuhiro Tsujikawa
cc1cfd97e3
src: Archive nghttpx sources into libnghttpx.a to reuse for tests
2013-09-08 15:52:41 +09:00
Tatsuhiro Tsujikawa
588fd3bda7
src, examples: Update .gitignore
2013-09-08 15:33:17 +09:00
Tatsuhiro Tsujikawa
1a05caf847
src: Use util::utos instead of std::to_string
...
Some platform (e.g., freebsd) does not define _GLIBCXX_USE_C99
and it hides std::to_string functions.
2013-09-08 14:29:18 +09:00
Tatsuhiro Tsujikawa
10f131c9d8
nghttpx: Guard ecdh use with !OPENSSL_NO_EC
2013-09-07 23:37:17 +09:00
Tatsuhiro Tsujikawa
c751a6e935
Fix cosmetic errors
2013-09-07 16:38:21 +09:00
Tatsuhiro Tsujikawa
776cff3dc7
src: Use std::unique_ptr for nv
2013-09-07 01:52:46 +09:00
Tatsuhiro Tsujikawa
56f7debad6
nghttpx: Fix resource leak
2013-09-07 01:46:46 +09:00
Tatsuhiro Tsujikawa
92a6549f78
nghttp: Initialize flag to 0
2013-09-07 01:46:20 +09:00
Tatsuhiro Tsujikawa
bb7361cd9b
nghttp: Code cleanup
2013-09-06 00:18:43 +09:00
Tatsuhiro Tsujikawa
586533be2f
nghttpx: Fix CONNECT fail on SPDY upstream
2013-09-05 23:40:48 +09:00
Tatsuhiro Tsujikawa
dd4151330e
nghttp: Use before_frame_send_callback to check stream_id
2013-09-03 21:27:33 +09:00
Tatsuhiro Tsujikawa
d960cf8953
Add const to read-only nghttp2_frame* parameter in callbacks
2013-09-03 21:24:14 +09:00
Tatsuhiro Tsujikawa
2f26b04730
nghttpx: Code cleanup
2013-09-01 00:23:07 +09:00
Tatsuhiro Tsujikawa
9e703170cd
nghttpx: Enable --honor-cipher-order automatically when --ciphers is used
2013-08-30 23:02:47 +09:00
Tatsuhiro Tsujikawa
aea036c9d4
nghttpx: Support ECDHE and DHE cipher suites
...
Use --dh-param-file option to specify a file including DH parameters
in PEM format.
For example, you can create DH parameters with 1024 bit key using
following command:
$ openssl dhparam -outform PEM -out dhparam.pem 1024
2013-08-30 22:07:42 +09:00
Tatsuhiro Tsujikawa
e818d098ec
nghttp: Fix off-by-one error when allocating space for request headers
2013-08-30 21:30:04 +09:00
Tatsuhiro Tsujikawa
59286adc5e
Add int return value to nghttp2_on_unknown_frame_recv_callback
2013-08-29 23:10:18 +09:00
Tatsuhiro Tsujikawa
db4f519500
Add int return value to nghttp2_on_frame_recv_parse_error_callback
2013-08-29 23:07:07 +09:00
Tatsuhiro Tsujikawa
053c444769
Add int return value to nghttp2_on_request_recv_callback
2013-08-29 23:03:21 +09:00
Tatsuhiro Tsujikawa
81653c1d1b
Add int return value to nghttp2_on_stream_close_callback
2013-08-29 22:58:05 +09:00
Tatsuhiro Tsujikawa
5a7f65f1f7
Add int return value to on_data_send_callback
2013-08-29 21:55:04 +09:00
Tatsuhiro Tsujikawa
b9d2f9b6b0
Add int return value to on_frame_not_send_callback
2013-08-29 21:51:58 +09:00
Tatsuhiro Tsujikawa
d4852b0f11
Add int return value to on_frame_send_callback
2013-08-29 21:48:34 +09:00
Tatsuhiro Tsujikawa
a51cdaacfc
Add int return value to nghttp2_before_frame_send_callback
2013-08-29 21:45:10 +09:00
Tatsuhiro Tsujikawa
544ac9f61f
Add int return value to nghttp2_on_data_recv_callback
2013-08-29 21:41:33 +09:00
Tatsuhiro Tsujikawa
972b47d6af
Add int return value to nghttp2_on_data_chunk_recv_callback
2013-08-29 21:39:32 +09:00
Tatsuhiro Tsujikawa
fb7d22fcb9
Add int return value to nghttp2_on_invalid_frame_recv_callback
2013-08-29 21:37:26 +09:00
Tatsuhiro Tsujikawa
a59cd3be82
Add int return value to nghttp2_on_frame_recv_callback
2013-08-29 21:33:52 +09:00
Tatsuhiro Tsujikawa
6387d18f23
nghttpx: Fix expect header field handling
2013-08-29 00:03:26 +09:00
Tatsuhiro Tsujikawa
400615ca35
nghttpd: Check disallowed headers
2013-08-28 03:14:19 +09:00
Tatsuhiro Tsujikawa
3544bfdbef
src: Move pure HTTP code from shrpx_http.cc to http2.cc
2013-08-28 02:47:22 +09:00
Tatsuhiro Tsujikawa
1f3b96e233
nghttpx: Rewrite header handling
2013-08-28 00:09:46 +09:00
Tatsuhiro Tsujikawa
89cd2ff479
nghttpx: Stream error if disallowed header field in HTTP2 is received
2013-08-26 01:25:31 +09:00
Tatsuhiro Tsujikawa
33743ab832
nghttpx: Remove banned header fields in HTTP2 request and response
2013-08-26 01:09:15 +09:00
Tatsuhiro Tsujikawa
4744e90054
nghttpd: Include status code only in :status header field
2013-08-26 00:58:06 +09:00
Tatsuhiro Tsujikawa
4fb1811d18
nghttpx: Include status code only in :status header field in HTTP2 response
2013-08-25 23:28:34 +09:00
Tatsuhiro Tsujikawa
5d7b7a1691
nghttpx: Stream error if mandatory HTTP/2 request header field is missing
2013-08-25 23:21:07 +09:00
Tatsuhiro Tsujikawa
556212a602
nghttpx: Replace \r\n in the header field to SPC in http downstream
2013-08-24 23:27:45 +09:00
Tatsuhiro Tsujikawa
e55abcd634
nghttpx: Fix stream hang when http2 downstream CONNECT failed
2013-08-24 01:43:05 +09:00
Tatsuhiro Tsujikawa
2764c55678
src: Code cleanup
2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa
5ae8605883
src: Use std::thread
2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa
47ee8e3c79
src: Code cleanup
2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa
0c9703fa2c
Remove NGHTTP2_FLAG_END_FLOW_CONTROL
2013-08-23 03:33:05 +09:00
Tatsuhiro Tsujikawa
c38c6cdd09
nghttpx: Fix bug writecb is nullptr for HTTP/1 connection
2013-08-23 03:32:26 +09:00
Tatsuhiro Tsujikawa
b2a34c2e5b
nghttpx: Fix bug content-length is removed
2013-08-23 02:49:21 +09:00
Tatsuhiro Tsujikawa
358d12a842
nghttpx: Fix bug CONNECT does not work
2013-08-22 21:28:27 +09:00
Tatsuhiro Tsujikawa
b8a01f5212
nghttpx: Require content-length in HTTP2 upstream if END_STREAM flag is not set
2013-08-21 01:19:16 +09:00
Tatsuhiro Tsujikawa
823bb6c35e
nghttpx: Require content-length in SPDY upstream if FIN flag is not set
2013-08-21 01:05:06 +09:00
Tatsuhiro Tsujikawa
4d51def65f
nghttpx: Limit read rate on upstream-end
2013-08-21 01:00:55 +09:00
Tatsuhiro Tsujikawa
aa9688b459
nghttpx: Fix possible multiple replies on HTTP2 and SPDY upstreams
2013-08-21 00:56:08 +09:00
Tatsuhiro Tsujikawa
ef6ccc0d74
Update .gitignore
2013-08-15 10:41:22 +09:00
Tatsuhiro Tsujikawa
3e1aad60b7
nghttp: Remove --no-tls option and detect TLS requirement using URI scheme
2013-08-12 22:33:51 +09:00
Tatsuhiro Tsujikawa
4fac4eb92d
nghttpx: HttpUpstream: Check required request headers strictly
...
If multiple required headers (e.g., :path) found, return HTTP 400
error.
Fix util::strieq(a,b,n) where boundary of b is not checked in the
loop.
2013-08-11 00:08:44 +09:00
Tatsuhiro Tsujikawa
989d613448
nghttpx: Save pid file after daemon() call
2013-08-10 18:55:18 +09:00
Tatsuhiro Tsujikawa
c36fcf1794
src: Print opaque_data_len of GOAWAY
2013-08-10 00:46:00 +09:00
Tatsuhiro Tsujikawa
02a7182ebd
src: Create strframetype to handle unknown frame types
2013-08-10 00:42:11 +09:00
Tatsuhiro Tsujikawa
47c1447030
src: Print SETTINGS string name
2013-08-10 00:37:57 +09:00
Tatsuhiro Tsujikawa
d194a31e4a
src: Use print_frame_hd from print_data_frame
2013-08-10 00:31:59 +09:00
Tatsuhiro Tsujikawa
19377fb3cd
Allow disabling auto WINDOW_UPDATE for connection and stream individually
...
Now NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE is split into 2 options:
NGHTTP2_OPT_NO_AUTO_STREAM_WINDOW_UPDATE and
NGHTTP2_OPT_NO_AUTO_CONNECTION_WINDOW_UPDATE.
This is preparation for the upcoming removal of END_FLOW_CONTROL
flag. For nghttpx, instead of using END_FLOW_CONTROL to disable
connection-level flow control, increase window size by large
enough value, which is friendly way to current chromium
implementation.
2013-08-09 01:23:39 +09:00
Tatsuhiro Tsujikawa
fafec1fdb8
nghttpx: Accept incoming bytes at least initial window size
2013-08-07 21:27:08 +09:00
Tatsuhiro Tsujikawa
7f71e83c52
nghttpd: Use 100 for MAX_CONCURRENT_STREAMS
2013-08-07 01:23:43 +09:00
Tatsuhiro Tsujikawa
07814be5b2
src: HttpServer: Remove unused member variable sfd_
2013-08-06 23:17:13 +09:00
Tatsuhiro Tsujikawa
2b71598bdf
src: Reorder AM_CPPFLAGS and AM_LDFLAGS
2013-08-06 21:24:34 +09:00
Tatsuhiro Tsujikawa
1b95e23bfb
Add ax_cxx_compile_stdcxx_11 to check C++11 availability and flags
2013-08-06 21:20:36 +09:00
Tatsuhiro Tsujikawa
168c5ac5b3
HttpServer: Code cleanup
2013-08-06 00:07:51 +09:00
Tatsuhiro Tsujikawa
fadbdbae0b
nghttp: Add -p option to specify stream priority
2013-08-04 18:55:26 +09:00
Tatsuhiro Tsujikawa
2a311b3102
src: Print flags in DATA
2013-08-04 18:44:11 +09:00
Tatsuhiro Tsujikawa
690349009d
nghttp: Call on_read() to process all data in buffer after upgrade succeeded
2013-08-04 18:43:10 +09:00
Tatsuhiro Tsujikawa
d4ade2d7d0
nghttpx: Return -1 if dconn_ is nullptr on push_upload_data_chunk
2013-08-03 23:45:28 +09:00
Tatsuhiro Tsujikawa
f613f68a13
src: Make window size - 1
...
To match the -w16 to 65535, which is HTTP/2.0 default initial window
size, decrement 1 from (1 << window_bits).
2013-08-03 19:53:07 +09:00
Tatsuhiro Tsujikawa
6bcfb99cc0
nghttpx: Update help messages
2013-08-03 19:19:04 +09:00
Tatsuhiro Tsujikawa
079f867d68
nghttp: Ignore -u if --no-tls is not given
2013-08-03 19:08:52 +09:00
Tatsuhiro Tsujikawa
d1bc3c89a7
nghttpx: Code cleanup
2013-08-03 19:04:44 +09:00
Tatsuhiro Tsujikawa
0150312022
nghttpx: Rename spdy_{upstream,downstream}_no_tls as {upstream,downstream}_no_tls
2013-08-03 19:01:57 +09:00
Tatsuhiro Tsujikawa
564e6b9ffc
nghttpx: Rename --{front,back}end-spdy-no-tls as --{front,back}end-no-tls
2013-08-03 18:58:14 +09:00
Tatsuhiro Tsujikawa
f620655d08
nghttp, nghttpx: Add HTTP Upgrade from HTTP/1.1 to HTTP/2.0
...
nghttpx does not perform upgrade if the request has request body.
2013-08-03 18:51:01 +09:00
Tatsuhiro Tsujikawa
5594f0ef0b
nghttpx: Preserve upgrade in Connection header field
2013-08-02 00:00:33 +09:00
Tatsuhiro Tsujikawa
8fd1953b21
app_helper: Show flags in hex
2013-08-01 21:42:16 +09:00
Tatsuhiro Tsujikawa
1bbcbd365c
shrpx: Cast uint8_t to uint32_t to print its decimal number
2013-08-01 20:33:04 +09:00
Tatsuhiro Tsujikawa
fec566aa23
src: Send out data in output buffer before HTTP2/SPDY session tear down
2013-08-01 20:31:29 +09:00
Tatsuhiro Tsujikawa
8cb92fc277
nghttpx: Handle error from Upstream::resume_read in upgrade code
2013-07-31 22:14:25 +09:00
Tatsuhiro Tsujikawa
924b1bd61a
Use unmodified http-parser
...
Handle HTTP Upgrade and CONNECT explicitly
2013-07-31 21:48:37 +09:00
Tatsuhiro Tsujikawa
ab56cd4ea3
nghttpx: Fix bug: end marker of chunked encoding is written twice
2013-07-30 21:46:00 +09:00
Tatsuhiro Tsujikawa
dc2ed7414c
src: Cleanup src builds
2013-07-28 19:50:02 +09:00
Tatsuhiro Tsujikawa
9f9c0cbcd1
nghttpd: Add -F and -f option to disable connection/stream level flow control
2013-07-28 19:29:11 +09:00
Tatsuhiro Tsujikawa
56db10cb5e
nghttp: Add -F and -f option to disable connection/stream level flow controls
2013-07-28 19:29:11 +09:00
Tatsuhiro Tsujikawa
60fe0337da
app_helper: Print PUSH_PROMISE
2013-07-27 22:37:09 +09:00
Tatsuhiro Tsujikawa
f7c0df1235
Remove :version from downstream HTTP/2.0 request
2013-07-27 18:57:33 +09:00
Tatsuhiro Tsujikawa
90b06e8572
nghttpx: Add HTTP/2.0 word in help message
2013-07-26 21:55:08 +09:00
Tatsuhiro Tsujikawa
1fca42ed2b
nghttpx: Remove :version from http2 connection
2013-07-26 21:47:53 +09:00
Tatsuhiro Tsujikawa
5ccf647df9
Rename shrpx as nghttpx superficially
2013-07-26 21:42:39 +09:00
Tatsuhiro Tsujikawa
86174f537a
shrpx: Send and receive client connection header
2013-07-26 21:35:14 +09:00
Tatsuhiro Tsujikawa
9b27160195
HttpServer: Fix left_connhd_len_ is not updated
2013-07-26 21:34:39 +09:00
Tatsuhiro Tsujikawa
32bd1425b4
shrpx: SPDY support in upstream connection
2013-07-26 20:12:55 +09:00
Tatsuhiro Tsujikawa
41b21f7938
fixup
2013-07-26 19:38:54 +09:00
Tatsuhiro Tsujikawa
18f450fd2a
Port shrpx to nghttp2 use
2013-07-26 19:33:25 +09:00
Tatsuhiro Tsujikawa
459a269049
Define HTTP/2.0 protocol version ID
2013-07-26 01:38:04 +09:00
Tatsuhiro Tsujikawa
3cc71a707e
Rename nghttp2_headers_category members
...
Add NGHTTP2_HCAT_PUSH_RESPONSE
2013-07-25 20:57:50 +09:00
Tatsuhiro Tsujikawa
cca1d19d3d
Fix WINDOW_UPDATE enum value
2013-07-23 02:08:32 +09:00
Tatsuhiro Tsujikawa
57401bfb8d
src: Print PRIORITY frame in print_frame()
2013-07-23 00:29:52 +09:00
Tatsuhiro Tsujikawa
42ff5b5c04
Rename nghttp2_ssl as app_helper
2013-07-22 22:12:54 +09:00
Tatsuhiro Tsujikawa
ec79d70bd0
Code cleanup
2013-07-22 22:08:52 +09:00
Tatsuhiro Tsujikawa
551ae72f3a
Remove spdyd and spdycat
2013-07-22 22:06:31 +09:00
Tatsuhiro Tsujikawa
9e9a7fb160
Add nghttpd and 24 bytes client connection header support
2013-07-22 21:56:19 +09:00
Tatsuhiro Tsujikawa
6bc7e7bd0b
Add nghttp client backed by libevent
2013-07-22 00:01:33 +09:00
Tatsuhiro Tsujikawa
94258cd0b8
Move NGHTTP2_PRI_* to nghttp2.h, fix too small pri data type in src
2013-07-20 01:59:43 +09:00
Tatsuhiro Tsujikawa
61bf7c6b02
Integrate new header compression
2013-07-20 00:08:14 +09:00
Tatsuhiro Tsujikawa
257bc1c924
print_frame: Show pri only when NGHTTP2_FLAG_PRIORITY flag set
2013-07-17 01:13:58 +09:00
Tatsuhiro Tsujikawa
307e13375d
spdycat: Set on_data_send_callback
2013-07-17 01:10:50 +09:00
Tatsuhiro Tsujikawa
3ed5c78a2c
Remove unnecessary indent in DATA frame line
2013-07-16 20:54:01 +09:00
Tatsuhiro Tsujikawa
68c072485c
Remove :version existence check in spdyd
2013-07-16 20:53:29 +09:00
Tatsuhiro Tsujikawa
24cab312cf
Make spdycat and spdyd barely work
2013-07-16 00:15:04 +09:00
Tatsuhiro Tsujikawa
39e0b06bfc
Comment out shrpx build in Makefile for now
2013-07-13 00:45:42 +09:00
Tatsuhiro Tsujikawa
0edce70343
Rebranding nghttp2
2013-07-13 00:43:06 +09:00
Tatsuhiro Tsujikawa
7b59a11480
shrpx: Create default SSL context once
2013-06-21 23:17:46 +09:00
Tatsuhiro Tsujikawa
d1b9af0268
shrpx: Fix usage doc
2013-06-09 23:09:49 +09:00
Tatsuhiro Tsujikawa
e91b386422
src: Add SRC_LIBS to shrpx_unittest_LDFLAGS
2013-05-03 22:15:07 +09:00
Tatsuhiro Tsujikawa
c02fefe063
spdylay_ssl.cc: Cast tv.tv_sec to long int to pass printf
2013-05-03 22:14:16 +09:00
moparisthebest
aa13b9b980
Drop priveleges only after listening on possibly priveleged port
2013-04-19 07:58:58 -04:00
moparisthebest
7dfa559bc4
Add --honor-cipher-order option to mitigate BEAST attacks
2013-04-18 14:25:48 -04:00
snnn
4c238c5b36
fix building on mac os x. "error: invalid suffix on literal; C++11 requires a space between literal and identifier"
2013-04-17 14:33:55 +08:00
Tatsuhiro Tsujikawa
34e119fde2
shrpx: Remove useless backend spdy version check
...
It is unnecessary because spdy version at this point is always valid.
2013-03-29 22:16:50 +09:00
Tatsuhiro Tsujikawa
a9f475fb88
spdycat, shrpx: TLS SNI enhancements
...
shrpx:
* Added an option to set the TLS SNI extension between shrpx and the
origin on the command line
spdycat:
* If the user set an explicit host header ( using --headers ) use that
name for the TLS SNI extension.
* Added the handshake completion time to the verbose output
* The gettimeofday call in get_time was using the incorrect structure
( I believe )
* In update_html_parser it was submitting the request regardless of
the return value of add_request.
Patch from Stephen Ludin
2013-03-29 22:06:33 +09:00
Tatsuhiro Tsujikawa
bdade00e68
cygwin build fix
2013-03-28 01:25:42 +09:00
Tatsuhiro Tsujikawa
7d709fa3ff
shrpx: Support non-TLS SPDY in frontend connection
2013-03-24 21:03:39 +09:00
Tatsuhiro Tsujikawa
7264966bb5
shrpx: Check get_request_state() == MSG_COMPLETE when body is empty
2013-03-08 01:50:46 +09:00
Tatsuhiro Tsujikawa
4461cb24ed
shrpx: Fix assertion failure in SpdyDownstreamConnection::attach_stream_data
2013-03-07 21:32:10 +09:00
Tatsuhiro Tsujikawa
add067ed7e
Provide timegm replacement and android build fix
2013-03-07 21:17:55 +09:00
Tatsuhiro Tsujikawa
eddd48b783
shrpx: Don't issue RST_STREAM on downstream tunnel connection EOF
...
The RST_STREAM will be issued in spdy_data_read_callback.
2013-03-01 20:43:35 +09:00
Tatsuhiro Tsujikawa
2d23ae3741
shrpx: Fix missing delete
2013-03-01 00:07:00 +09:00
Tatsuhiro Tsujikawa
cf1cfca51f
shrpx: Fix not send RST_STREAM when downstream gets valid EOF
2013-03-01 00:05:57 +09:00
Tatsuhiro Tsujikawa
da36fc3953
shrpx: Fix WINDOW_UPDATE may block until SpdyUpstream::send()
...
spdy_data_read_callback in SpdyDownstreamConnection calls
SpdyUpstream::resume_read() which submits WINDOW_UPDATE, but after
that they are not call SpdyUpstream::send(). This means that if no
pending outgoing data in upstream, then WINDOW_UPDATE is blocked until
SpdyUpstream::send() from somewhere. This change adds
SpdyUpstream::send() to resume_read() so that WINDOW_UPDATE is not
blocked.
2013-02-27 22:55:44 +09:00
Tatsuhiro Tsujikawa
7b3f57cef8
shrpx: Fix blocking upstream RST_STREAM and propagate REFUSED_STREAM
...
This change fixes upstream RST_STREAM is blocked until
SpdyUpstream::send() is called. Now downstream REFUSED_STREAM is
propagated to upstream client so that client can reset request. The
RST_STREAM error code when downstream went wrong is changed from
CANCEL to INTERNAL_ERROR.
2013-02-27 22:39:44 +09:00
Tatsuhiro Tsujikawa
dbb0df5c5b
Remove strerror(3) from code which may run in multi-thread
2013-02-25 22:43:44 +09:00
Tatsuhiro Tsujikawa
c487d152b2
shrpx: Add non-TLS SPDY backend connection support
...
Use --backend-spdy-no-tls to disable TLS on backend SPDY connection.
The SPDY protocol used there must be configured by
--backend-spdy-proto option.
2013-02-22 22:54:54 +09:00
Tatsuhiro Tsujikawa
fc26f08af2
shrpx: Fix Proxy-Authorization is alwasy sent even if userinfo is empty
...
Surprisingly, field_set & UF_USERINFO is nonzero even if userinfo
component is empty string.
2013-02-22 21:23:59 +09:00
Tatsuhiro Tsujikawa
78523c6701
shrpx: Fix backend SPDY connection does not go through proxy
2013-02-22 19:30:15 +09:00
Tatsuhiro Tsujikawa
64fcac48b7
shrpx: Fix bug in building certificate lookup tree
2013-02-16 17:51:38 +09:00
Tatsuhiro Tsujikawa
c8167234fa
shrpx: Fix bug in certificate lookup
2013-02-16 02:33:16 +09:00
Tatsuhiro Tsujikawa
abe5fd1e39
spdycat: Fix -d option in usage
2013-02-14 21:25:46 +09:00
Tatsuhiro Tsujikawa
54d5dda6c4
spdycat: Add --multiply option
2013-02-14 21:24:57 +09:00
Tatsuhiro Tsujikawa
3d2ef18afb
spdycat: Fix error handling of spdylay_gzip_inflate()
2013-02-14 21:12:16 +09:00
Tatsuhiro Tsujikawa
291cbc639b
shrpx: Use patricia trie for cert lookup
2013-02-14 00:28:55 +09:00
Tatsuhiro Tsujikawa
e322af8a6f
src: Add missing base64.h
2013-02-11 21:49:04 +09:00
Tatsuhiro Tsujikawa
e28f169228
shrpx: More backend EOF handling
...
Now we set Downstream::set_response_connection_close(true) for
tunneled connections. Also call
Upstream::on_downstream_body_complete() callback when setting
MSG_COMPLETE in SpdySession when RST_STREAM is caught. Clean up EOF
handling in https_downstream_readcb.
2013-02-11 17:20:52 +09:00
Tatsuhiro Tsujikawa
d830e099a6
shrpx: Send pending response data before RST_STREAM in tunnel connection
2013-02-11 02:05:11 +09:00
Tatsuhiro Tsujikawa
734d7bced8
shrpx: Handle downstream response_state == MSG_RESET case in SPDY upstream
2013-02-09 23:20:29 +09:00
Tatsuhiro Tsujikawa
8b6fbbf3a6
shrpx: Update --backend-http-proxy-uri usage
2013-02-09 19:08:02 +09:00
Tatsuhiro Tsujikawa
39df51188c
shrpx: Log stream ID when submitting RST_STREAM to downstream
2013-02-09 17:56:44 +09:00
Tatsuhiro Tsujikawa
ceba5539a1
shrpx: Fix client mode does not work
2013-02-09 17:45:57 +09:00
Tatsuhiro Tsujikawa
18dc6384d4
shrpx: Remove x-forwarded-proto header from SPDY downstream
...
SPDY frame has :scheme header field, so x-forwarded-proto is not
necessary.
2013-02-09 17:22:33 +09:00
Tatsuhiro Tsujikawa
b43b31c362
shrpx: Remove x-forwarded-spdy header field
2013-02-09 17:21:46 +09:00
Tatsuhiro Tsujikawa
4876412f7d
shrpx: Check return value of HttpsUpstream::resume_read()
...
Currently, resume_read() fails if on_read() returns -1 in case that
evbuffer_add failed, which means, most likely, memory allocation
failure. ClientHandler is marked "should be closed", but if
evbuffer_add is failed, write callback will not be invoked and its
marking is not evaluated. It will eventually be deleted when the
client is disconnected or backend failure though.
2013-02-09 17:03:03 +09:00
Tatsuhiro Tsujikawa
99b687ceca
shrpx: Documented --spdy-bridge
2013-02-09 16:55:49 +09:00
Tatsuhiro Tsujikawa
cb8b8050b5
shprx: Add --backend-http-proxy-uri option
...
Specify proxy URI in the form http://[USER:PASS]PROXY:PORT . USER and
PASS are optional and if they exist they must be properly
percent-encoded. This proxy is used when the backend connection is
SPDY. First, make a CONNECT request to the proxy and it connects to
the backend on behalf of shrpx. This forms tunnel. After that, shrpx
performs SSL/TLS handshake with the downstream through the tunnel. The
timeouts when connecting and making CONNECT request can be specified
by --backend-read-timeout and --backend-write-timeout options.
2013-02-09 16:55:39 +09:00
Tatsuhiro Tsujikawa
9ba19df813
shrpx: Add --spdy-bridge option
...
With --spdy-bridge option, it listens SPDY/HTTPS connections from
front end and forwards them to the backend in SPDY. The usage will be
written later. This change fixes the crash when more than 2
outstanding SpdyDownstreamConnection objects are added to SpdySession
and establishing connection to SPDY backend is failed.
2013-02-08 21:46:58 +09:00
Tatsuhiro Tsujikawa
8925c58d71
shrpx: Send RST_STREAM when downstream becomes stale
2013-02-08 00:22:22 +09:00
Tatsuhiro Tsujikawa
9b4245368a
shrpx: Refactor spdy downstream header field handling
2013-02-07 21:53:20 +09:00
Tatsuhiro Tsujikawa
c707125839
shrpx: Explicitly hold server SSL_CTX and client SSL_CTX
2013-02-07 21:13:36 +09:00
Tatsuhiro Tsujikawa
b18af854af
shrpx: Add --subcert option to add additional certificate/private key
...
This option specifies additional certificate and private key
file. Shrpx will choose certificates based on the hostname indicated
by client using TLS SNI extension. This option can be used multiple
times.
2013-02-06 23:41:28 +09:00
Tatsuhiro Tsujikawa
e3401b0159
shrpx: Lowercase x-forwarded-proto
2013-02-01 23:36:08 +09:00
Tatsuhiro Tsujikawa
ae0533334c
shrpx: Relay Connection: upgrade header field for HTTP/1.1 connections
2013-02-01 23:30:12 +09:00
Tatsuhiro Tsujikawa
d9611e65ac
spdycat: Send "accept-encoding: gzip, deflate" header field
2013-02-01 00:17:28 +09:00
Tatsuhiro Tsujikawa
2e3cd7d04f
spdycat: Output error messages to std::cerr
2013-01-30 21:50:36 +09:00
Tatsuhiro Tsujikawa
37cb94d154
src: Use clock_gettime instead of gettimeofday if available
2013-01-27 17:16:13 +09:00
Tatsuhiro Tsujikawa
09154c61f6
spdycat, spdyd: Color verbose output
2013-01-27 16:27:17 +09:00
Tatsuhiro Tsujikawa
964c0d1005
shrpx: Don't return chunked response for pre-HTTP/1.1 request
2013-01-27 16:20:14 +09:00
Tatsuhiro Tsujikawa
817f35f3e4
spdycat: Free fd and SSL object on error
2013-01-25 23:15:34 +09:00
Tatsuhiro Tsujikawa
ac01e48f7a
spdycat: Initialize SpdySession::sc
2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa
f6c0061117
spdycat: Log if set_tcp_nodelay() failed
2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa
f0fc026799
shrpx: Check return value of library functions
2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa
9f28b3056f
spdyd: Initialize Config::on_request_recv_callback
2013-01-25 21:37:43 +09:00
Tatsuhiro Tsujikawa
6732219dc7
spdyd: ListenEventHandler creation fix
2013-01-25 21:27:54 +09:00
Tatsuhiro Tsujikawa
5774f8110d
shrpx: Fix resource leak
2013-01-25 21:26:03 +09:00
Tatsuhiro Tsujikawa
29bec93eb9
shrpx: Don't run expensive INFO log code
...
INFO log and its surrounding code are now guarded by
LOG_ENABLED(SEVERITY) macro so that they don't run if log level
threshold is higher. This increases performance because log formatting
is somewhat expensive.
2013-01-21 22:48:08 +09:00
Tatsuhiro Tsujikawa
87c1f07013
shrpx: HttpsUpstream::error_reply() without std::stringstream
2013-01-16 22:51:33 +09:00
Tatsuhiro Tsujikawa
c48fb56d3f
shrpx: Add content-length header field to SPDY upstream error page
...
create_error_html() is rewritten without std::stringstream.
2013-01-16 22:47:39 +09:00
Tatsuhiro Tsujikawa
dc2fe52e57
shrpx: Add missing \n to help message
2013-01-12 16:42:48 +09:00
Tatsuhiro Tsujikawa
ae8e5b7a95
spdycat: Add -d option to POST data
2013-01-11 00:15:45 +09:00
Tatsuhiro Tsujikawa
28489fd6a8
shrpx: Set TCP_NODELAY to downstream sockets
2013-01-11 00:11:41 +09:00
Tatsuhiro Tsujikawa
e454cc1301
shrpx: Remove warn log from upstream_{read,write}cb
2013-01-11 00:10:08 +09:00
Tatsuhiro Tsujikawa
c306402a20
shrpx: Capitalize header field name in HTTP downstream connection
2013-01-09 22:55:29 +09:00
Tatsuhiro Tsujikawa
c45fa16f94
shrpx: Add --no-via option
...
If --no-via option is given, shrpx does not append to Via header
field. If Via header field is received, it is left unaltered.
2013-01-09 22:03:49 +09:00
Tatsuhiro Tsujikawa
4d1f1f2395
shrpx: Log IP version number when getaddrinfo failed
2013-01-09 22:03:34 +09:00
Tatsuhiro Tsujikawa
6da492c4e8
Remove uri.{cc,h} and use http_parser_parse_url() instead
2013-01-09 00:42:06 +09:00
Tatsuhiro Tsujikawa
633e85246f
Include http-parser/http_parser.h locally
2013-01-05 23:21:09 +09:00
Tatsuhiro Tsujikawa
6a4a0e7f8c
Remove useless extern "C"
2013-01-05 23:20:18 +09:00
Tatsuhiro Tsujikawa
be5066c450
Updated http-parser
2012-12-23 01:13:02 +09:00
Tatsuhiro Tsujikawa
92260ccc81
Add patch for http-parser to handle tunneling connection transparently
2012-12-20 01:05:51 +09:00
Tatsuhiro Tsujikawa
9425f8a45f
shrpx: Handle graceful shutdown in SPDY backend
2012-12-17 01:10:45 +09:00
Tatsuhiro Tsujikawa
3ba73db7d7
shrpx: Remove unused function modify_location_header_value
2012-12-14 01:14:42 +09:00
Tatsuhiro Tsujikawa
4d80a26188
spdycat: Log error when no supported SPDY version was negotiated
2012-12-12 23:28:32 +09:00
Tatsuhiro Tsujikawa
8c456674cf
shrpx: Remove upstream_spdy_stream and upstream_spdy_stream_close
...
upstream_response logs more detailed information.
2012-12-09 23:30:11 +09:00
Tatsuhiro Tsujikawa
90eebbc88c
shrpx: Log status code, method, path and HTTP version in accesslog
2012-12-09 23:29:43 +09:00
Tatsuhiro Tsujikawa
6ef9b7430d
shrpx: Color HTTP headers in console log
2012-12-09 21:36:02 +09:00
Tatsuhiro Tsujikawa
9b1f36d274
shrpx: Color severity level in terminal
...
Color severity level if stderr refers to a terminal.
2012-12-09 21:02:48 +09:00
Tatsuhiro Tsujikawa
bbf6c18575
shrpx: Log format change
...
Added macros which log messages from the following components are
prefixed with their component name + object pointer address:
ListenHandler: LISTEN
ThreadEventReceiver: THREAD_RECV
Upstream: UPSTREAM
Downstream: DOWNSTREAM
DownstreamConnection: DCONN
SpdySession: DSPDY
2012-12-09 19:15:14 +09:00
Tatsuhiro Tsujikawa
65e965791f
shrpx: Replace strncpy + putting null with memcpy in ssl_pem_passwd_cb
2012-12-07 23:42:58 +09:00
Tatsuhiro Tsujikawa
06220f7fdf
shrpx: Make is_secure() static
2012-12-07 23:14:20 +09:00
Raul Gutierrez Segales
cbf8ccf7d1
[shrpx] read private key's passwd from a file
...
This avoids the need to provide the password for your
private key interactively.
It can be used via --private-key-passwd-file or private-key-passwd-file
in the given config file. The first line in the file
(without \n) will be treated as the passwd. There isn't
any validation and all lines after the first one (if any)
are ignored.
The security model behind this is a bit simplistic so I
am open to better ideas. Basically your password file
should be root:root (700) and you *should* drop root
and run as an unprivileged user.
If the file exists and a line can be read then a callback
will be set for the SSL ctxt and it'll feed the passwd
when the private key is read (if password is needed).
If the file exists with the wrong permisions it'll be
logged and ignored.
2012-12-03 21:55:32 -08:00
Tatsuhiro Tsujikawa
f97110f092
spdycat, spdyd: Support SPDY without SSL/TLS
...
Use --no-tls option to disable SSL/TLS and specify SPDY protocol
version using -2 or -3.
2012-11-25 21:58:44 +09:00
Tatsuhiro Tsujikawa
50211bc1ad
shrpx: Replace "https" with "http" in log message in shrpx_https_upstream.cc
2012-11-23 21:30:57 +09:00
Tatsuhiro Tsujikawa
282b8b567a
shrpx: Log upstream https request headers
2012-11-23 21:30:17 +09:00
Tatsuhiro Tsujikawa
8f62441112
src: Rewrite util::stripIter
2012-11-23 21:14:39 +09:00
Tatsuhiro Tsujikawa
baf2dc3ddf
shrpx: Add --backend-ipv4 and --backend-ipv6 options.
2012-11-23 21:11:01 +09:00
Tatsuhiro Tsujikawa
7a21905312
shrpx: Remove Config ctor and fill all initial values in fill_default_config()
2012-11-22 23:35:10 +09:00
Tatsuhiro Tsujikawa
c1332a35a5
shrpx: Add -v, --version option
2012-11-22 23:08:36 +09:00
Tatsuhiro Tsujikawa
774e64d2b4
shrpx: Group up options in -h output
2012-11-22 23:04:27 +09:00
Tatsuhiro Tsujikawa
9c70c1b867
shrpx: Code cleanup
2012-11-22 22:05:52 +09:00
Tatsuhiro Tsujikawa
4349d42988
shrpx: Add usage for <PRIVATE_KEY> <CERT>
2012-11-22 22:00:38 +09:00
Tatsuhiro Tsujikawa
9aa7af2c7f
shrpx: Use SNI TLS extension in client mode
2012-11-22 21:51:11 +09:00
Tatsuhiro Tsujikawa
d589f4c74c
shrpx: Verify backend server's certificate in client mode
...
The -k, --insecure option is added to skip this verification. The
system wide trusted CA certificates will be loaded at startup. The
--cacert option is added to specify the trusted CA certificate file.
2012-11-22 21:46:15 +09:00
Tatsuhiro Tsujikawa
8a5db1751e
shrpx: Check the length of output buffer in write callback
...
Possibly because of deferred callback, we may get this callback when
the output buffer is not empty.
2012-11-22 03:13:30 +09:00
Tatsuhiro Tsujikawa
81adb6bc7f
shrpx: Implement downstream SPDY flow control
2012-11-21 23:47:48 +09:00
Tatsuhiro Tsujikawa
0bf15a7694
Rename --client-mode as --client and add --client-proxy
...
With --client-proxy option, shrpx makes sure that the request path is
an absolute URI, otherwise it will return 400 status code.
2012-11-21 22:10:35 +09:00
Tatsuhiro Tsujikawa
fa552c6788
shrpx: Share SPDY session among multiple frontend connections per thread
...
In client mode, now SPDY connection to the backend server is
established per thread. The frontend connections which belong to the
same thread share the SPDY connection.
2012-11-21 01:29:39 +09:00
Tatsuhiro Tsujikawa
ae30e7f71b
shrpx: Split request path into SPDY specific headers
2012-11-19 21:40:59 +09:00
Tatsuhiro Tsujikawa
bebea5e16a
Update http-parser
2012-11-19 02:16:42 +09:00
Tatsuhiro Tsujikawa
542fd6420b
Fix recursive HttpsUpstream::on_read() call
...
Don't call HttpsUpstream::resume_read() from the call tree of
on_read(). Avoid parsing next http data after parse error.
2012-11-19 02:11:46 +09:00
Tatsuhiro Tsujikawa
077275e783
Fix typo SPDY/3
2012-11-19 02:10:58 +09:00
Tatsuhiro Tsujikawa
aa07076f29
shrpx: Don't propagate expect: 100-continue to backend
2012-11-18 23:49:41 +09:00
Tatsuhiro Tsujikawa
52c4d26927
shrpx: Deadlock with upload data in clinet mode
2012-11-18 23:48:55 +09:00
Tatsuhiro Tsujikawa
19bf97b3e5
Support x-forwarded-proto and x-forwarded-for in SpdyDownstreamConnection
2012-11-18 23:04:14 +09:00
Tatsuhiro Tsujikawa
026f4ca3a2
Add --client-mode option
...
With --client-mode option, shrpx now accepts unencrypted HTTP
connections and communicates with backend server in SPDY. In short,
this is the "reversed" operation mode against normal mode. This may
be useful for testing purpose because it can sit between HTTP client
and shrpx "normal" mode.
2012-11-18 21:46:07 +09:00
Tatsuhiro Tsujikawa
aa64a7f7f5
Don't send response-body for 304 response
2012-11-18 21:22:08 +09:00
Tatsuhiro Tsujikawa
4748443899
shrpx: Log detailed error description in SSL code
2012-11-14 21:14:11 +09:00
Raul Gutierrez Segales
6f6f6ffc41
[shrpx] fix password handling for certs keys
...
We should only call daemon() after ListenHandler is
instantiated, where SSL_CTX_use_PrivateKey_file is called,
otherwise we have no stdin/stdout to get the password for
keyfile.
2012-10-27 22:29:27 -07:00
Tatsuhiro Tsujikawa
fdc19550fc
spdyd: Open file with O_BINARY flag
2012-10-16 22:57:26 +09:00
Tatsuhiro Tsujikawa
22840dbfaf
spdycat: Handle timeout in connect and SSL/TLS handshake
2012-10-14 23:39:41 +09:00
Tatsuhiro Tsujikawa
a28e1c6e7d
Add src/.gitignore and edit examples/.gitignore
2012-10-06 00:01:13 +09:00
Tatsuhiro Tsujikawa
2ea0c1c1b0
Add missing url_parser.c
2012-10-05 23:56:26 +09:00
Tatsuhiro Tsujikawa
9378b74fc3
spdycat: Rewritten time_delta
2012-10-04 23:54:39 +09:00