OpenSSL 1.0.2 is already released. Avoid the confusing wording that
seems to suggest that a development version of OpenSSL 1.0.2 provides
ALPN support.
For "http" or "https" URIs, :path header field must start with "/".
The only exception is OPTIONS method, which can contain "*" to
represent system-wide OPTIONS request.
It turns out that the cause of complication in backend request line
construction is a absolute-form in HTTP/1 request. In HTTP/2, we have
separated pseudo-header fields and no problem at all. In this commit,
we parse request URI in HTTP/1 frontend and extract values from it to
make backend logic simpler. This patch removes host header field
emission in HTTP/2 backend if :authority is emitted. It also rewrites
host header field with authority part in absolute-form URI as per RFC
7230.
Currently, we use same number of HTTP/2 sessions per worker with given
backend addresses. New option to specify the number of HTTP/2 session
per worker will follow.
It seems that we don't care about this since we don't change buffer
pointer between would-block write/read and next write/read. Somehow
we decided we need these fields. As a precaution, we set
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER in SSL_set_mode() for both server
and client contexts.
It turns out that writing successfully to network is not enough.
After apparently successful network write, read fails and then we
first know network has been lost (at least my android mobile network).
In this change, we say connection check is successful only when
successful read. We already send PING in this case, so we just wait
PING ACK with short timeout. If timeout has expired, drop connection.
Since waiting for PING ACK could degrade performance for fast reliably
connected network, we decided to disable connection check by default.
Use --backend-http2-connection-check to enable it.
Tatsuhiro Tsujikawa
Peter Wu
Ross Smith II
mod-h2-dev
Daniel Stenberg
Kazuho Oku