Previously, when parsing HTML links, we only take into account
overridden host. But we actually need more variables to consider. In
this commit, we take into account overridden scheme, host, and port to
parse HTML links.
--accesslog-write-early option is analogous to HAProxy's logasap. If
used, nghttpx writes access log when response header fields are
received from backend rather than when request transaction finishes.
Previously, we have dedicated read buffer for each frontend
connection. With this commit, the buffer spaces are only used when
needed, and pooled if they are not used. This reduces memory usage
for idle client connections.
Previously, ciphers option sets cipher list for both frontend and
backend TLS connections. With this commit, ciphers option only sets
cipher list for frontend connections. The new client-ciphers option
sets cipher list for backend connection.
This commit adds client-no-http2-cipher-black-list option to disable
enforcement of HTTP/2 cipher black list on backend HTTP/2 connection.
Previously, existing no-http2-cipher-black-list option disables it for
both frontend and backend connections. Now no-http2-cipher-black-list
option only disables it for frontend connection.
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible. To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
boringssl says:
/* It is an error to clear any bits that have already been set. (We can't try
* to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
on_read may fail, but we failed to check its return value most of the
places. This is because failure means deletion of ClientHandler, but
because of architecture, we cannot delete it. Feeding read event is
better since we can move call on_read from libev callback. We can
delete ClientHandler form there.
Because of bidirectional nature of TCP, we may fail write(2), but have
still pending read in TCP buffer, which may contain response body. To
forward them, we should keep reading until get EOF from backend.
To avoid stalling HTTP/1 upload when request buffer is full, and we
have received complete response from backend, drop connection in that
case.
Tatsuhiro Tsujikawa
Benedikt Christoph Wolters