Commit Graph

1580 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa f96edbf987 nghttpx: Pin frontend to specific HTTP/2 session object per group 2015-07-13 21:31:37 +09:00
Tatsuhiro Tsujikawa 3097547491 nghttpx: Add --include option to read additional configuration from given file 2015-07-12 23:18:36 +09:00
Tatsuhiro Tsujikawa 6307f96fb3 nghttpx: Enable host-path backend routing in HTTP/2 backend
To achieve host-path backend routing, we changed behaviour of
--backend-http2-connections-per-worker.  It now sets the number of
HTTP/2 physical connections per pattern group if pattern is used in -b
option.

Fixes GH-292
2015-07-12 23:02:30 +09:00
Tatsuhiro Tsujikawa 8a2543d7b7 asio: Fix custom OpenSSL build 2015-07-11 19:37:04 +09:00
Tatsuhiro Tsujikawa fa7069a273 nghttpx: Don't rewrite path if http2 proxy or client proxy is enabled
There are many requests which changes its meaning when we rewrite
path.  This is due to bad percent-encoding in URI; reserved characters
are just used without percent encoding.  It seems this is common in ad
services, but I suspect more to come.  For reverse proxying situation,
sane service most likely encodes URI properly, so probably this is not
an issue.
2015-07-11 17:50:58 +09:00
Tatsuhiro Tsujikawa 1a63cd94aa nghttpx: Pass by reference, since it just get copied there 2015-07-11 17:30:38 +09:00
Tatsuhiro Tsujikawa 7c216c6df8 nghttpx: Document that patterns with host take precedence 2015-07-11 16:46:13 +09:00
Tatsuhiro Tsujikawa e7724914a9 nghttpx: Less copy when matching path 2015-07-11 16:46:13 +09:00
Tatsuhiro Tsujikawa 19e47a1922 nghttpx: Normalize path when setting it to Downstream 2015-07-11 16:12:35 +09:00
Tatsuhiro Tsujikawa c2e4ed9624 nghttpx: Deal with the path without trailing slash on pattern match
If pattern ends with '/', and pattern and path matches without that
slash, we consider they match to deal with request to the directory
without trailing slash.  That is if pattern is "/foo/" and path is
"/foo", we consider they match.
2015-07-11 12:43:48 +09:00
Tatsuhiro Tsujikawa d457f39b1e nghttpx: Fix unix domain backend 2015-07-11 02:41:33 +09:00
Tatsuhiro Tsujikawa 6d556755ee Attemp to fix travis build error 2015-07-11 02:08:16 +09:00
Tatsuhiro Tsujikawa 3119fc259c Select backend based on request host and path by extending -b option
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]].  The optional
<PATTERN>s specify the request host and path it is used for.  The
<PATTERN> can contain path, host + path or host.  The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa 237f742100 h2load: Add --ciphers option 2015-07-08 23:14:41 +09:00
Tatsuhiro Tsujikawa 8fcf5f60e4 nghttp: Add --max-concurrent-streams option 2015-07-08 00:22:21 +09:00
Tatsuhiro Tsujikawa 7af638f921 Merge branch 'patch-2' of https://github.com/acesso/nghttp2 into acesso-patch-2 2015-07-07 21:19:23 +09:00
Tatsuhiro Tsujikawa 43d6f6b16a Compile with IRIX gcc-4.7
Patch from Klaus Ziegler
2015-07-01 21:30:27 +09:00
Tatsuhiro Tsujikawa 2f7839fa42 Fix compiler warning 2015-06-30 21:33:54 +09:00
acesso 49c3d75f9a Right place for comment
comment of pushed moved from request to entry array
added stream_id as string to connection element as string
2015-06-29 15:31:00 -03:00
Tatsuhiro Tsujikawa dc7232fa53 Fix travis compile error 2015-06-30 00:01:26 +09:00
Tatsuhiro Tsujikawa 51ef646678 src: Always use our own faster simpler timegm, use it to calculate gmtoff 2015-06-29 23:14:54 +09:00
Tatsuhiro Tsujikawa 515c313073 nghttpx: Add $ssl_session_reused log variable
The syntax for this variable is the same as nginx: if SSL/TLS session
was reused, "r" is produced.  Otherwise ".".
2015-06-28 22:15:04 +09:00
Tatsuhiro Tsujikawa 197493afd4 nghttpx: Add log variables related to SSL/TLS connection
This commit add following 3 log variables to SSL/TLS connection:
$ssl_cipher, $ssl_protocol, $ssl_session_id.  If no information is
available for them, '-' is produced for each.
2015-06-28 16:44:34 +09:00
acesso 2ea1deafd0 Add comment on HAR on pushed objects
It seems that HAR 1.2 does not have a proper representaion for pushed objects. I could´t just add a custom parameter so I think a comment at response will not hurt anybody.
2015-06-27 09:47:53 -03:00
Tatsuhiro Tsujikawa b06e339dbb Prepare for IRIX support, port relevant change from spdylay 2015-06-27 17:51:07 +09:00
Tatsuhiro Tsujikawa 68c0f8a310 Fix compile error with gcc-4.7
Use std::map::insert instead of std::map::emplace, since gcc-4.7 does
not support the latter.
2015-06-27 11:19:54 +09:00
Tatsuhiro Tsujikawa 285c74c394 nghttpx: Fix crash with --http2-bridge and both frontend and backend TLS 2015-06-24 21:31:17 +09:00
Tatsuhiro Tsujikawa 301df2a856 src: Disable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 2015-06-22 23:26:45 +09:00
Tatsuhiro Tsujikawa f3b7f4140b nghttpx: Clarify origin host for --backend-http1-connection-per-host 2015-06-22 21:09:39 +09:00
Tatsuhiro Tsujikawa 878b873c69 src: Use using instead of typedef 2015-06-21 19:37:50 +09:00
Tatsuhiro Tsujikawa 2ca8cf36b7 util: Use constexpr for ALPN id 2015-06-21 19:34:43 +09:00
Tatsuhiro Tsujikawa cebfdacc5a src: Use user-defined literals for time (hours and minutes) 2015-06-21 14:51:32 +09:00
Tatsuhiro Tsujikawa 39f89f4a60 src: Use user-defined literals for k, m, and g. 2015-06-21 14:32:47 +09:00
Tatsuhiro Tsujikawa 0a6de0d378 nghttp: Perform special handling of IPv6 literal with zone ID as per RFC 6874
This commit adds special handling of IPv6 literal with zone ID as per
RFC 6874.  Still IPv6 link local address does not work, since URI
parser from http-parser does not allow this syntax.
2015-06-18 20:00:02 +09:00
Tatsuhiro Tsujikawa 25d1de0278 nghttp: Print error if all connect() syscall faild 2015-06-18 18:03:25 +09:00
Tatsuhiro Tsujikawa 39eb8b8a6b nghttp: Print error when parsing URI failed 2015-06-18 18:00:24 +09:00
Tatsuhiro Tsujikawa 69119f47c4 src: Support compile with LibreSSL 2015-06-17 18:24:51 +09:00
Tatsuhiro Tsujikawa 8aab74ad36 nghttpx: Refactor a bit 2015-06-16 21:31:33 +09:00
Tatsuhiro Tsujikawa f418d1239f nghttpx: Fix bug that XFP header always http on HTTP/2 backend
This commit fixes the bug that x-forwarded-proto header field sent on
HTTP/2 backend always "http", regardless of frontend scheme.
2015-06-16 21:29:47 +09:00
Tatsuhiro Tsujikawa 5b51320dc5 nghttpx: Validate :path on SPDY frontend
Unless method is CONNECT, we require that :path starts with "/",
except for OPTIONS method, which can take "*" as :path (server-wide
OPTIONS request).
2015-06-16 00:09:22 +09:00
Tatsuhiro Tsujikawa 6d5c00b8eb nghttpx: Use vector for WorkerEvent queue 2015-06-12 21:28:24 +09:00
Tatsuhiro Tsujikawa 532bffdb01 nghttpx: Minimize critical section for shared ocsp response 2015-06-12 21:27:12 +09:00
Tatsuhiro Tsujikawa c6c7145167 Fix compile warning with android NDK 2015-06-12 19:19:53 +09:00
Tatsuhiro Tsujikawa d4d7597efb nghttpx: Delete SSL_CTX on quit 2015-06-10 21:31:58 +09:00
Tatsuhiro Tsujikawa 2952706b53 Fix scan-build error 2015-06-10 00:29:03 +09:00
Tatsuhiro Tsujikawa 9b0ccdef34 h2load: Code cleanup 2015-06-10 00:28:27 +09:00
Tatsuhiro Tsujikawa 41dd5f6897 nghttpx: Tokenize request method
We share the same method value with http-parser.  This commit also
returns 501 for unknown request method on HTTP/2 and SPDY frontend.
2015-06-09 23:33:14 +09:00
Tatsuhiro Tsujikawa f9c60d5e9d nghttpx: Return 501 if invalid method is received on h1 frontend 2015-06-09 22:08:49 +09:00
Tatsuhiro Tsujikawa 6d537c419e nghttpx: Document failure case on bind() 2015-06-07 00:05:33 +09:00
Tatsuhiro Tsujikawa 4894e24dc8 nghttpx: Add error logging for listener socket creation failure 2015-06-07 00:02:30 +09:00
Tatsuhiro Tsujikawa bbbddedb8f Fix compiler warning 2015-06-06 23:37:46 +09:00
Tatsuhiro Tsujikawa 00efa86fb6 nghttpx: Add --add-request-header option 2015-06-05 23:04:20 +09:00
Tatsuhiro Tsujikawa 590a5c3ff3 Fix typo 2015-06-05 00:18:29 +09:00
Tatsuhiro Tsujikawa ee4d53a9e4 More constexpr 2015-05-31 18:44:37 +09:00
Tatsuhiro Tsujikawa 3d59c6c0b7 nghttpx: Use defined string iteral when defining long_options 2015-05-29 22:48:46 +09:00
Tatsuhiro Tsujikawa 34efc6b7a4 More constexpr 2015-05-29 22:36:05 +09:00
Tatsuhiro Tsujikawa 7582640fd5 nghttpx: Remove unused 2015-05-29 22:20:46 +09:00
Tatsuhiro Tsujikawa 323fc8c552 nghttpx: Make WebSocket upgrade work
This commit makes sure that WebSocket upgrade works for HTTP/1.1
frontend and backend pair.  Actually, this implementation probably
supports other upgrade as well, other than HTTP/2 Upgrade, which is
handled specially in other place.
2015-05-26 22:26:17 +09:00
Tatsuhiro Tsujikawa 326b4c467b nghttpx: Fix bug that END_STREAM is not set in backend for POST with Upgrade 2015-05-26 00:00:11 +09:00
Tatsuhiro Tsujikawa 7e51a87111 nghttpx: Don't upgrade to HTTP/2 if we have non-final HTTP/1 response pending 2015-05-25 23:59:44 +09:00
Tatsuhiro Tsujikawa 5fdb36239a nghttpx: Don't send Expect header field twice 2015-05-25 23:59:18 +09:00
Tatsuhiro Tsujikawa 90eac0709d src: Make sure that empty param is error when parsing Link header field 2015-05-24 15:40:16 +09:00
Tatsuhiro Tsujikawa 791660ef8d Fix up OpenSSL initialization
Use the example presented at
http://en.wikibooks.org/wiki/OpenSSL/Initialization
2015-05-23 00:23:38 +09:00
Tatsuhiro Tsujikawa 9a0b9428da nghttpx: Fill request scheme in upstream
We may log before filling scheme in Downstream, so we leave
construct_absolute_request_uri as is.
2015-05-22 02:22:59 +09:00
Tatsuhiro Tsujikawa b20abfc11a nghttpx: Allow HTTP Upgrade from POST request if response header was not sent 2015-05-22 01:59:40 +09:00
Tatsuhiro Tsujikawa 890a10b216 nghttpx: Fix bug that PUSH_PROMISE is sent after associated response HEADERS 2015-05-22 00:53:02 +09:00
Tatsuhiro Tsujikawa 28adb2dad3 h2load: Fix bug that NPN fails if ALPN is enabled 2015-05-22 00:48:32 +09:00
Tatsuhiro Tsujikawa fe752174a9 nghttpd: Close connection after settings timeout and GOAWAY was sent 2015-05-18 21:38:12 +09:00
Tatsuhiro Tsujikawa 0b27f005e0 Merge branch 'master' into v1.0.0
Conflicts:
	src/HttpServer.cc
2015-05-15 23:24:19 +09:00
Tatsuhiro Tsujikawa 3572e7c634 inflatehd: Fix crash if 'wire' value is not string
Fixes GH-235
2015-05-15 22:29:57 +09:00
Tatsuhiro Tsujikawa 0479f833fc Revert "nghttpx: Remove last write/read fields for TLS"
This reverts commit 585af93828.
2015-05-15 22:20:15 +09:00
Tatsuhiro Tsujikawa 53bfc70c9e Include inttypes.h (or cintypes for C++) instead of stdint.h
From autoconf manual, section 5.6.1 Portability of Headers, says:

"""
The C99 standard says that inttypes.h includes stdint.h, so there's no
need to include stdint.h separately in a standard environment. Some
implementations have inttypes.h but not stdint.h (e.g., Solaris 7),
but we don't know of any implementation that has stdint.h but not
inttypes.h.
"""
2015-05-14 00:17:45 +09:00
Tatsuhiro Tsujikawa 38cfc5c47c Check more headers and funcs 2015-05-13 23:29:20 +09:00
Tatsuhiro Tsujikawa 5da49989f8 nghttpd: Add --echo-upload option to send back request body 2015-05-13 00:38:28 +09:00
Tatsuhiro Tsujikawa 2f2a7ace81 Fix corresponding upstream source reported in previous commits accordingly 2015-05-12 23:24:18 +09:00
Tatsuhiro Tsujikawa a8625e15f0 clang-format 2015-05-08 19:24:17 +09:00
Tatsuhiro Tsujikawa e63d6e490a Merge branch 'master' into v1.0.0
Conflicts:
	lib/nghttp2_option.h
	lib/nghttp2_session.h
	src/HttpServer.cc
2015-05-08 19:21:51 +09:00
Tatsuhiro Tsujikawa 2d5d9d5d04 nghttpd: Add -m, --max-concurrent-streams option 2015-05-06 10:42:43 +09:00
Tatsuhiro Tsujikawa 7ecca39025 nghttpx: Fix heap-use-after-free bug in http/1 frontend
This is a regression introduced in
4be4d875f3
2015-05-05 23:45:39 +09:00
Tatsuhiro Tsujikawa 4be4d875f3 nghttpx: Log absolute URI for HTTP/2 or client proxy request 2015-05-04 23:24:33 +09:00
Tatsuhiro Tsujikawa 1ab707713f nghttpx: Accept reference instead of pointer by upstream_accesslog 2015-05-04 22:45:34 +09:00
Tatsuhiro Tsujikawa cc46d363c5 h2load: Refactor statistics hanlding to scale more upcoming new metrics 2015-05-04 22:36:21 +09:00
Tatsuhiro Tsujikawa 016d40ea0f Merge branch 'include_pull_request' of https://github.com/alex-nalivko/nghttp2 into alex-nalivko-include_pull_request 2015-05-03 16:50:52 +09:00
Tatsuhiro Tsujikawa b4e8bea4b5 clang-format 2015-05-03 16:47:32 +09:00
Tatsuhiro Tsujikawa 555d5abac9 Merge branch 'finer_stats' of https://github.com/ericcarlschwartz/nghttp2 into ericcarlschwartz-finer_stats 2015-05-03 16:37:02 +09:00
Alex Nalivko 3137dc4a70 h2load_spdy_session errno include 2015-05-02 19:33:04 +00:00
es 4bba4bf66c update h2load to give connect time and ttfb stats
finer statistics for h2load: update per comments from tatsuhiro-t

finer stats for h2load: fixed formatting
2015-05-01 10:30:09 -07:00
Tatsuhiro Tsujikawa 9dc5259593 nghttpx: Take into account request URI in header size in https frontend 2015-04-29 22:23:25 +09:00
Tatsuhiro Tsujikawa ea8a566d98 nghttpx: Send 431 if header field size exceeded the configuration limit 2015-04-29 21:39:46 +09:00
Tatsuhiro Tsujikawa 8c6f9e899f nghttpx: Enforce header field buffer limit for SPDY frontend 2015-04-29 21:27:36 +09:00
Tatsuhiro Tsujikawa 552f675466 nghttpx: Add --header-field-buffer and --max-header-fields options 2015-04-29 21:10:59 +09:00
Tatsuhiro Tsujikawa 1c4df1832b Update doc, mainly for RFC numbers 2015-04-28 23:05:00 +09:00
Tatsuhiro Tsujikawa 1ad1fe6005 Merge branch 'master' into v1.0.0 2015-04-28 22:48:34 +09:00
Tatsuhiro Tsujikawa f05a4830c5 nghttp: Fix assertion error if very large value is given to -t 2015-04-28 21:51:28 +09:00
Tatsuhiro Tsujikawa b41835f19b h2load: Effectively disable flow control by setting large window size
Previously h2load used default flow control window as described in
HTTP/2 and SPDY specification.  The window size is 64KiB, which is a
bit small, and cannot utilize full server performance when response
size is not too small.  Basically, we do this kind of benchmarking
test to measure server's throughput, and optimal performance.  Smaller
window certainly degrades performance even in local testing because
server is so fast that it has to wait for WINDOW_UPDATE from h2load.
To make default behaviour suitable for peak performance test, we
decided to disable flow control in h2load by setting large enough
window size.

Most users used h2load without -w or -W options, so they were
implicitly throttled by flow control and the result was affected by
that negatively.  Now flow control is disabled by default, the result
may improve depending on the implementations.
2015-04-27 21:23:01 +09:00
Tatsuhiro Tsujikawa eb05777d88 clang-format 2015-04-24 00:17:13 +09:00
Tatsuhiro Tsujikawa db4a68454a Merge branch 'master' into v1.0.0
Conflicts:
	lib/includes/nghttp2/nghttp2.h
2015-04-24 00:13:15 +09:00
Tatsuhiro Tsujikawa 77c556901c nghttpx: Increase maximum header field set size 2015-04-22 22:27:48 +09:00
Tatsuhiro Tsujikawa 4928959213 asio: Document asynchronous parameter for listen_and_serve 2015-04-22 22:25:16 +09:00
Xiaoguang Sun 92a1ca5917 Graceful shutdown and joinable server 2015-04-22 17:51:28 +08:00
Tatsuhiro Tsujikawa 5937b4b6f7 Merge branch 'master' into v1.0.0 2015-04-19 23:13:38 +09:00
Tatsuhiro Tsujikawa 102ea7c0bb nghttpd: Cache fd
Implement fd caching for static files.  The response body for such as
404 was dynamically generated previously, but now it is written in
temporally file and its fd is cached.  Currently, cache is reference
counted and expired when count becomes 0.  This makes caching is not
effective other than "busy" period, but we don't need this feature if
we are not busy.
2015-04-19 17:38:06 +09:00
Tatsuhiro Tsujikawa c4e994c97d nghttp: Add --no-push option to disable server push 2015-04-17 23:35:16 +09:00
Tatsuhiro Tsujikawa 0b41e20d54 nghttp: Show stream ID in statistics output 2015-04-17 23:35:16 +09:00
Tatsuhiro Tsujikawa 436595df98 nghttp: Remove --dep-idle option
In this commit, we made --dep-idle behaviour by default.  This is
because the previous default behaviour is not reflect current usage of
dependency priority and never will be because of fragility of tree due
to stream closure.
2015-04-17 22:24:06 +09:00
Tatsuhiro Tsujikawa d3561a63b1 nghttp: Depend on "leader" anchor if js is linked inside head element 2015-04-17 21:25:31 +09:00
Tatsuhiro Tsujikawa e23225689f nghttp: Use same priority anchor nodes as Firefox does 2015-04-16 23:56:37 +09:00
Tatsuhiro Tsujikawa 8f4e2d941f Revert accidental change in nghttp.cc 2015-04-16 22:58:25 +09:00
Tatsuhiro Tsujikawa dc335b9025 Improve weight handling a bit 2015-04-16 21:38:13 +09:00
Tatsuhiro Tsujikawa 82e2c5bd22 Never index authorization and small cookie header field
nghttp2 library now use Literal Header Field never Indexed for
"authorization" header field and small "cookie" header field,
regardless of nghttp2_nv.flags.
2015-04-15 23:58:56 +09:00
Tatsuhiko Kubo 59f8397659 Use nullptr instead of NULL in C++. 2015-04-15 21:18:39 +09:00
Tatsuhiko Kubo 061732adf0 improved malloc error handlings. 2015-04-15 09:20:45 +09:00
Tatsuhiro Tsujikawa 5c2ca28706 asio: client: Call error_cb on error occurred in do_read and do_write
Fixes GH-207
2015-04-13 21:33:43 +09:00
Tatsuhiro Tsujikawa a8ea86cfe5 src: constexpr 2015-04-12 17:51:23 +09:00
Tatsuhiro Tsujikawa 7451a73def nghttpx: Don't push resource if link header has non empty loadpolicy 2015-04-12 17:42:25 +09:00
Tatsuhiro Tsujikawa 889e705f35 nghttpx: Add logging for somewhat important events (logs, tickets, and ocsp) 2015-04-11 00:08:28 +09:00
Tatsuhiro Tsujikawa 14d4979c54 Don't install libnghttp2_asio headers if they are disabled 2015-04-10 23:11:40 +09:00
Tatsuhiro Tsujikawa 095bc178f3 nghttpx: Robust HTTP/1 backend CL and TE handling
We should ignore Content-Length and Transfer-Encoding for upgraded
response, and reset content-length if this is a non-final response.
2015-04-10 22:30:20 +09:00
Tatsuhiro Tsujikawa 308738025c nghttpx: Don't set response content-length if HTTP/2 response upgraded 2015-04-10 22:24:17 +09:00
Tatsuhiro Tsujikawa 97366bf55c nghttpx: Set content-length after complete request/response headers 2015-04-10 22:10:51 +09:00
Tatsuhiro Tsujikawa 9803f92e9c nghttpx: Set Downstream to stream user data on HTTP Upgrade to h2 2015-04-10 02:40:09 +09:00
Tatsuhiro Tsujikawa 44b4cda200 src: Check return value from nghttp2_session_get_stream_user_data 2015-04-10 00:21:31 +09:00
Tatsuhiro Tsujikawa 69a4f3bf42 nghttp: Consider :authority custom header field for SNI 2015-04-10 00:15:01 +09:00
Tatsuhiro Tsujikawa b873930802 nghttpx: Now ocsp works without threads 2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa bc53c81616 nghttpx: Replace posix_spawn functions with fork + dup2 + execve
Although posx_spawn is very convenient and useful, we have platform
which don't have these functions (e.g., Android NDK r10d).
2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa 09c485e712 nghttpx: Eliminate 1 second refresh timer 2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa d247470da2 nghttpx: Rewrite ocsp without thread
Since libev handles SIGCHLD, using waitpid in separate thread to wait
for the completion of fetch-ocsp-response script process is undefined.
This commit rewrite ocsp handling code so that it utilizes libev
ev_child watcher and perform ocsp update without thread.
2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa cf0576253f Merge branch 'master' into v1.0.0 2015-04-08 18:10:04 +09:00
Tatsuhiro Tsujikawa 1fcd881395 nghttpx: Document that stderr is redirected to error log file 2015-04-08 17:33:18 +09:00
Tatsuhiro Tsujikawa dd435b51ab nghttpx: Redirect stderr to errorlog file 2015-04-08 16:59:58 +09:00
Tatsuhiro Tsujikawa 80743ddc7b nghttpx: Set promised Downstream as nghttp2 stream user data 2015-04-08 16:07:53 +09:00
Tatsuhiro Tsujikawa 36a8f24559 nghttpx: Finish incomplete incoming request with END_STREAM flag
Previously we send RST_STREAM when we send DATA with END_STREAM flag
set.  With this commit, we also do this when we send HEADERS with
END_STREAM flag set.
2015-04-08 16:07:13 +09:00
Tatsuhiro Tsujikawa b25e19e876 nghttpx: HTTP backend: Check parser error first so that we can get error msg 2015-04-08 14:39:27 +09:00
Tatsuhiro Tsujikawa e9660c3558 nghttpx: Fix heap-use-after-free
The bug was introduced by 8c3b379b66.
2015-04-08 13:43:57 +09:00
Tatsuhiro Tsujikawa 8c3b379b66 Pool Memchunk per worker 2015-04-08 00:10:48 +09:00
Tatsuhiro Tsujikawa d42f31ca78 nghttpx: Fix bug that data buffered in SSL object are not read
This is same issue described in https://github.com/h2o/h2o/issues/268.
That is if SSL object has decrypted data buffered inside it, and
application does not read it for some reason (e.g., rate limit), we
have to check the existence of data using SSL_pending.  This is
because buffered data inside SSL is not notified by io watcher.  It is
obvious, but we totally missed it.

nghttpx code normally reads everything until SSL_read returns error
(want-read).  But if rate limit is involved, we stop reading early.
Also in HTTP/1 code, while processing one request, we just read until
buffer is filled up.  In these cases, we may suffer from this problem.

This commit fixes this problem, by performing SSL_pending() and if it
has buffered data and read io watcher is enabled, we feed event using
ev_feed_event().
2015-04-06 22:31:36 +09:00
Tatsuhiro Tsujikawa 3e50ef439d Announce h2, final HTTP/2 ALPN identifier 2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa d0c27d5229 Send 24 bytes client magic byte string by library
Previously nghttp2_session_send() and nghttp2_session_mem_send() did
not send 24 bytes client magic byte string (MAGIC).  We made
nghttp2_session_recv() and nghttp2_session_mem_recv() process MAGIC by
default, so it is natural to make library send MAGIC as well.  This
commit makes nghttp2_session_send() and nghttp2_session_mem_send()
send MAGIC.  This commit also replace "connection preface" with
"client magic", since we call MAGIC as "connection preface" but it is
just a part of connection preface.  NGHTTP2_CLIENT_CONNECTION_PREFACE
macro was replaced with NGHTTP2_CLIENT_MAGIC.  The already deprecated
NGHTTP2_CLIENT_CONNECTION_HEADER macro was removed permanently.
nghttp2_option_set_no_recv_client_preface() was renamed as
nghttp2_option_set_no_recv_client_magic().  NGHTTP2_ERR_BAD_PREFACE
was renamed as NGHTTP2_ERR_BAD_CLIENT_MAGIC.
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa ebf214c8fc nghttp2_on_invalid_frame_recv_callback should have lib_error_code as param
nghttp2_error_code is HTTP/2 standard error code and is too coarse to
know what's going on.
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa 250ea53e4b Deal with 24 bytes client connection preface by default
Since HTTP/2 spec requires for client to send connection preface, it
is reasonable to make this option enabled by default.  It is still a
use case to disable this, so replace this option with
nghttp2_option_set_no_recv_client_preface().
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa 01af6ea70c Remove ALTSVC related code
HTTP/2 and HPACK are going to be published as RFC, but ALTSVC is still
in draft state.  To make our API stable, it would be better to remove
ALTSVC API for 1.0.0 release.
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa 7522d50d1a nghttpd, tiny-nghttpd: No need to check existence of stream
The stream existence is guaranteed by library as of
cc03a12b75.
2015-04-05 23:13:29 +09:00
Tatsuhiro Tsujikawa 9eff511c5e Add nghttp2_send_data_callback to send DATA payload without copying
To avoid buffer copy in nghttp2_data_source_read_callback, this commit
introduces NGHTTP2_DATA_FLAG_NO_COPY and nghttp2_send_data_callback.
By using NGHTTP2_DATA_FLAG_NO_COPY in
nghttp2_data_source_read_callback, application can avoid to copy
application data to given buffer.  Instead, application has to
implement nghttp2_send_data_callback to send complete DATA frame by
itself.  We see noticeable performance increase in nghttpd and
tiny-nghttpd using this new feature.  On the other hand, nghttpx does
not show such difference, probably because buffer copy is not
bottleneck.  Using nghttp2_send_data_callback adds complexity, so it
is recommended to measure the performance to see whether this extra
complexity worth it.
2015-04-04 21:23:50 +09:00
Tatsuhiro Tsujikawa 1442b1bd0a nghttpx: Remove --tls-ctx-per-worker option
--tls-ctx-per-worker option does not work well of OCSP stapling.  Also
it makes session ID useless.
2015-03-31 00:42:21 +09:00
Tatsuhiro Tsujikawa cc94632b29 src: Use separator "--" to mark start of the footer without ambiguity 2015-03-31 00:21:52 +09:00
Tatsuhiro Tsujikawa 5df770b9c1 h2load: Fix compile error with Android NDK 2015-03-30 23:59:03 +09:00
Tatsuhiro Tsujikawa 4bc9afe20a nghttpx: Add OCSP stapling feature 2015-03-30 23:58:28 +09:00
Tatsuhiro Tsujikawa ccea4d42b5 Refactor .gitignore files 2015-03-29 18:40:37 +09:00
Tatsuhiro Tsujikawa 12ced1cddc nghttpx: Add flag to track connection state in HTTP/1 backend 2015-03-29 01:47:22 +09:00
Tatsuhiro Tsujikawa 3576f20e5a nghttpx: Revert part of 6f58434d89
The reverted part of the change may use not connected socket in HTTP/1
backend.
2015-03-29 01:32:27 +09:00
Tatsuhiro Tsujikawa a2486daee1 nghttpd: Rename Http2Handler::on_connect as connection_made 2015-03-28 20:21:12 +09:00
Tatsuhiro Tsujikawa 8bf440b89c nghttpx: Rename Http2Session::on_connect as connection_made 2015-03-28 20:19:17 +09:00
Tatsuhiro Tsujikawa e9cdb9c896 h2load: Remove unused fields in Client class 2015-03-28 20:17:30 +09:00
Tatsuhiro Tsujikawa c4804ee50b h2load: Remove Client::noop 2015-03-28 20:14:12 +09:00
Tatsuhiro Tsujikawa 95cb284e27 h2load: Rename Client::on_connect as connection_made 2015-03-28 20:13:37 +09:00
Tatsuhiro Tsujikawa c4ccc376df nghttp: Refactor function names
on_SOMETHING should be used only for I/O callback functions
2015-03-28 20:07:12 +09:00
Tatsuhiro Tsujikawa 6f58434d89 nghttpx, h2load: Perform write whenever read succeeds 2015-03-28 19:13:14 +09:00
Tatsuhiro Tsujikawa de2c2ad65c src: Update hexdump usage output so that help2rst.py can produce good output 2015-03-27 00:36:19 +09:00
Tatsuhiro Tsujikawa dc85623060 nghttpx: Fix PUSH_PROMISE header field corruption
Fixes GH-194
2015-03-26 22:52:51 +09:00
Tatsuhiro Tsujikawa 8afbb6ca26 h2load: Fix crash if -t > -c 2015-03-26 19:57:37 +09:00
Tatsuhiro Tsujikawa ed79637737 h2load: Add -d option to upload data to server 2015-03-26 19:53:42 +09:00
Tatsuhiro Tsujikawa 3b24be3bcd src: Fix compile error with clang-3.6 2015-03-25 01:27:18 +09:00
Tatsuhiro Tsujikawa ece8289aaf nghttpx: Forward only "trailers" keyword in te when forwarding HTTP/2 backend 2015-03-25 01:20:41 +09:00
Tatsuhiro Tsujikawa 4042ff0fc4 nghttpx: Fix te header field is duplicated when forwarding HTTP/2 backend 2015-03-25 01:17:06 +09:00
Tatsuhiro Tsujikawa 125e32eb56 src: Refactor a bit 2015-03-24 21:45:59 +09:00
Tatsuhiro Tsujikawa 94bf8dcd4e src: Refactor util::hexdump 2015-03-24 21:43:28 +09:00
Tatsuhiro Tsujikawa 89b8039466 nghttp, nghttpd: Add --hexdump option to hexdump incoming traffic
The output format is similar to `hexdump -C`
2015-03-24 02:30:51 +09:00
Tatsuhiro Tsujikawa 661fb2eb0e NULL-terminate name and value in nghttp2_nv
Guaranteeing NULL-termination is very useful when name or value are
used with C functions which requires NULL-terminated string.
2015-03-23 23:25:57 +09:00
Tatsuhiro Tsujikawa 6893608ae2 Use literal instead of computed value in token lookup 2015-03-21 23:03:37 +09:00
mod-h2-dev 076eefbed6 fix for segfault by reserving correct worker count 2015-03-16 17:42:22 +02:00
Tatsuhiro Tsujikawa 08ec5b3fc0 nghttp: Restore same message displayed when some requests failed 2015-03-14 18:32:53 +09:00
Tatsuhiro Tsujikawa 4219fe7822 Bump up libnghttp2_asio LT revision to 1:0:0 2015-03-14 18:20:00 +09:00
Tatsuhiro Tsujikawa 8ea26fddfd Fix compile error "chosen constructor is explicit in copy-initialization" 2015-03-14 15:54:55 +09:00
Tatsuhiro Tsujikawa 98add63cdf nghttp: Treat stream as success if we see END_STREAM from peer 2015-03-14 00:09:10 +09:00
Tatsuhiro Tsujikawa 7b90404072 nghttpx: Omit well-known port from hostport in downstream request 2015-03-14 00:09:10 +09:00
Tatsuhiro Tsujikawa de0543f684 nghttpx: Refactor a bit 2015-03-14 00:09:10 +09:00
Tatsuhiro Tsujikawa 46e3be7b5b nghttpx: Simplify backend request line construction
It turns out that the cause of complication in backend request line
construction is a absolute-form in HTTP/1 request.  In HTTP/2, we have
separated pseudo-header fields and no problem at all.  In this commit,
we parse request URI in HTTP/1 frontend and extract values from it to
make backend logic simpler.  This patch removes host header field
emission in HTTP/2 backend if :authority is emitted.  It also rewrites
host header field with authority part in absolute-form URI as per RFC
7230.
2015-03-14 00:09:10 +09:00
Tatsuhiro Tsujikawa d46e50b112 nghttpx: Refactor DownstreamQueue to avoid expensive std::map 2015-03-12 01:13:55 +09:00
Tatsuhiro Tsujikawa 0f87cedc2d nghttpx: Use doubly linked list for dconns_ and streams_ 2015-03-11 21:35:47 +09:00
Tatsuhiro Tsujikawa d34095cf49 nghttpx: Pin HTTP/2 upstream to one Http2Session to improve performance 2015-03-11 21:14:55 +09:00
Tatsuhiro Tsujikawa 4877f72a75 nghttpx: Optimize a bit 2015-03-11 00:42:18 +09:00
Tatsuhiro Tsujikawa 274b3a2296 nghttpx: Reset connection check timer on successful write while not checking 2015-03-11 00:27:51 +09:00
Tatsuhiro Tsujikawa 93013f4205 nghttpx: Remove --backend-http2-connection-check option, enable it by default 2015-03-11 00:22:05 +09:00
Tatsuhiro Tsujikawa a0524ef05d Fix busy loop 2015-03-11 00:11:51 +09:00
Tatsuhiro Tsujikawa 0e3ae63965 nghttpx: Add --backend-http2-connections-per-worker 2015-03-10 23:43:25 +09:00
Tatsuhiro Tsujikawa 3e14261ebf nghttpx: Setting failure mode in on_connect() may affect other backends 2015-03-10 23:21:48 +09:00
Tatsuhiro Tsujikawa 446de923f3 nghttpx: Support multiple HTTP/2 session per worker
Currently, we use same number of HTTP/2 sessions per worker with given
backend addresses.  New option to specify the number of HTTP/2 session
per worker will follow.
2015-03-10 23:20:21 +09:00
Tatsuhiro Tsujikawa c5860fc6f4 nghttpx: Support multiple -b option for HTTP/2 backend 2015-03-10 21:54:29 +09:00
Tatsuhiro Tsujikawa 6b714030dd nghttpx: Disable acceptor temporarily when process runs out of fd 2015-03-10 21:25:20 +09:00
Tatsuhiro Tsujikawa 8483225839 nghttpx: Don't rewrite host for CONNECT method 2015-03-10 00:44:35 +09:00
Tatsuhiro Tsujikawa 585af93828 nghttpx: Remove last write/read fields for TLS
It seems that we don't care about this since we don't change buffer
pointer between would-block write/read and next write/read.  Somehow
we decided we need these fields.  As a precaution, we set
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER in SSL_set_mode() for both server
and client contexts.
2015-03-10 00:11:11 +09:00
Tatsuhiro Tsujikawa 41e266181e nghttpx: Attempt to improve HTTP/2 backend connection check
It turns out that writing successfully to network is not enough.
After apparently successful network write, read fails and then we
first know network has been lost (at least my android mobile network).
In this change, we say connection check is successful only when
successful read.  We already send PING in this case, so we just wait
PING ACK with short timeout.  If timeout has expired, drop connection.
Since waiting for PING ACK could degrade performance for fast reliably
connected network, we decided to disable connection check by default.
Use --backend-http2-connection-check to enable it.
2015-03-09 23:37:54 +09:00
Kazuho Oku 2a4f347dbc do not send pseudo-headers when in HTTP/1 2015-03-09 11:40:13 +09:00
Tatsuhiro Tsujikawa b9d6fff962 nghttpx: Allow accepting trailer part in h1 frontend
Downstream's headers mutation functions have been rewritten to share
code.
2015-03-08 18:39:45 +09:00
Tatsuhiro Tsujikawa 9ffbc45ba6 nghttpx: Allow sending trailer part in h1 backend link 2015-03-08 17:58:00 +09:00
Tatsuhiro Tsujikawa 961f41d7ce nghttp, nghttpd: Add trailer header field when sending trailer part 2015-03-08 17:52:36 +09:00
Tatsuhiro Tsujikawa 928d3e5f3f nghttpx: Allow sending trailer header field 2015-03-08 17:51:52 +09:00
Tatsuhiro Tsujikawa 42eeebc7f6 nghttpx: Add function to send trailer part in h1 frontend 2015-03-08 17:32:38 +09:00
Tatsuhiro Tsujikawa 991baf9e69 nghttpx: Use http2::copy_headers_to_nva in trailer part handling 2015-03-08 17:32:01 +09:00
Tatsuhiro Tsujikawa 6ad63a06b0 nghttpx: Support response trailer part handling in h1 backend 2015-03-08 17:20:38 +09:00