354f46d8c5
nghttpx: Add QUIC timeouts
2021-08-21 18:34:07 +09:00
138419d232
Add "dnf" (= "do not forward") parameter to backend option
2021-08-14 17:16:21 +09:00
cef458c31c
Replace black-list with block-list
...
nghttpx --no-http2-cipher-black-list and
--client-no-http2-cipher-black-list are deprecated and replaced with
--no-http2-cipher-block-list and --client-no-http2-cipher-block-list
respectively.
2021-04-02 22:35:37 +09:00
617a5766a2
Replace master with main
2021-04-02 22:08:19 +09:00
6787423edc
nghttpx: Add workaround to include ':' in backend pattern
2020-11-27 22:15:46 +09:00
4e3c61ef4d
nghttpx: Add accesslog variables to record request path without query
...
This commit the following variables to construct request line without
including query component:
* $method
* $path
* $path_without_query
* $protocol_version
2020-09-19 23:58:37 +09:00
49cd8e6e73
nghttpx: Add PROXY-protocol v2 support
2020-04-18 17:16:30 +09:00
abef9b90ef
Fix log-level is not set with cmd-line or configuration file
2019-06-11 23:13:43 +09:00
77f1c872b1
nghttpx: Fix unchanged log level on configuration reload
...
Previously, if log-level is not mentioned in configuration file and
reload happens, the log level was not set to the default value NOTICE.
Instead, the log level stayed the same. This commit fixes this bug.
2019-06-05 21:17:23 +09:00
b0f5e5cc79
Implement daemon() using fork() for OSX
2019-05-30 23:22:44 +09:00
1ff9de4c87
nghttpx: Backend address selection with weight
2019-01-21 22:23:19 +09:00
732245e562
make clang-format
2019-01-12 00:11:31 +09:00
b0eb68ee9e
nghttpx: Convert shrpx_forwarded_node_type to enum class
2018-10-16 23:10:17 +09:00
ec5729b1fa
Use std::make_unique
2018-10-15 23:02:44 +09:00
aeb92bbbe2
nghttpx: Add read/write-timeout parameters to backend option
2018-09-30 12:32:43 +09:00
5b42815afb
nghttpx: Strip incoming Early-Data header field by default
2018-09-09 22:37:22 +09:00
cfe7fa9a75
nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
2018-09-09 16:35:47 +09:00
9b03c64f68
nghttpx: Should postpone early data by default
2018-09-08 19:22:30 +09:00
9f21258720
Specify SSL_CTX_set_max_early_data and add an option to change max value
2018-09-08 17:59:28 +09:00
47f6012407
nghttpx: Add an option to postpone early data processing
2018-09-08 17:57:21 +09:00
7417fd71a4
nghttpx: Per-pattern not per-backend
2018-08-28 17:50:01 +09:00
b574ae6aa2
nghttpx: Support per-backend mruby script
2018-08-23 18:13:29 +09:00
880f948684
Enable IndentPPDirectives
2018-06-09 16:21:30 +09:00
fc94018b97
clang-format-6.0
2018-06-09 16:02:26 +09:00
45d76cf501
nghttpx: Close listening socket on graceful shutdown
2018-02-26 22:40:24 +09:00
e70195ae91
nghttpx: Update doc
2018-02-22 16:12:38 +09:00
e8af7afc65
nghttpx: Add an option to accept expired client certificate
2018-02-08 16:51:23 +09:00
5cc3d159e1
nghttpx: Add upgrade-scheme parameter to backend option
...
If "upgrade-scheme" parameter is present in backend option along with
"tls" paramter, HTTP/2 :scheme pseudo header field is changed to
"https" from "http" when forwarding a request to this particular
backend. This is a workaround for a server which requests "https"
scheme on HTTP/2 connection encrypted by TLS.
2018-01-08 18:08:01 +09:00
4d1139f653
Remove SPDY
2017-12-17 13:28:44 +09:00
2056e812bd
nghttpx: Increase api-max-request-body
2017-12-02 13:49:42 +09:00
1ebb6810a1
nghttpx: Faster configuration loading with lots of backends
2017-12-01 23:06:06 +09:00
ff200bfcf3
clang-format-5.0
2017-11-23 14:19:12 +09:00
0028275d7b
nghttpx: Add affinity-cookie-secure parameter to backend option
2017-11-21 22:29:22 +09:00
eca0a3025b
nghttpx: Add $tls_client_serial log variable
2017-11-16 22:53:54 +09:00
22502182d0
Add tls_client_issuer_name log variable and expose it to mruby
2017-11-15 23:41:47 +09:00
b8fda6808b
nghttpx: Cookie based session affinity
2017-11-01 22:18:03 +09:00
539e27812b
nghttpx: Add tls_client_fingerprint_sha1 to mruby and accesslog
...
Also tls_client_fingerprint is renamed to
tls_client_fingerprint_sha256.
2017-10-31 21:41:40 +09:00
cb376bcd80
nghttpx: Add client fingerprint and subject name to accesslog
2017-10-29 21:47:00 +09:00
3cd6817e21
Fix typos
2017-10-29 16:54:21 +09:00
a170023f23
nghttpx: Verify OCSP response using trusted CA certificates
2017-09-01 21:35:38 +09:00
4be4c0cddc
Revert "nghttpx: Verify OCSP response using trusted CA certificates"
...
This reverts commit 59c78d5809
2017-08-30 22:27:02 +09:00
a18d154e0e
Merge pull request #943 from nghttp2/nghttpx-verify-ocsp-resp-with-cacerts
...
nghttpx: Verify OCSP response using trusted CA certificates
2017-06-15 20:56:44 +09:00
59c78d5809
nghttpx: Verify OCSP response using trusted CA certificates
2017-06-13 23:00:26 +09:00
be164fc8f9
nghttpx: Set default minimum TLS version to TLSv1.2
...
Previously, the default minimum TLS version was TLSv1.1, but the
default cipher list didn't include any compatible ciphers with it.
This made handshake fail if TLSv1.1 was negotiated because there was
no shared ciphers. To make the default settings consistent, the
default minimum TLS version is now TLSv1.2.
2017-06-12 23:54:12 +09:00
74c2f1257a
nghttpx: Add --no-verify-ocsp to disable OCSP response verification
2017-05-25 23:14:58 +09:00
796ab87b14
nghttpx: Fix certificate selection based on pub key algorithm
2017-05-21 11:12:47 +09:00
0d4f0f0db5
nghttpx: Run OCSP at startup
...
With --ocsp-startup option, nghttpx starts accepting connections after
initial attempts to get OCSP responses finish. It does not matter
some of the attempts fail. This feature is useful if OCSP responses
must be available before accepting connections.
2017-05-18 22:33:49 +09:00
b5007d45f7
nghttpx: Wildcard path matching
...
This commit adds wildcard path matching. If path pattern given in
backend option ends with "*", it is considered as wildcard path. "*"
must match at least one character. All paths which include wildcard
path without last "*" as prefix, and are strictly longer than wildcard
path without last "*" are matched.
2017-05-11 22:15:28 +09:00
c3f5f5ca36
nghttpx: Clarify --conf option behaviour
2017-04-20 22:25:38 +09:00
911d12f7c4
nghttpx: Add log when loading configuration file
2017-04-20 22:22:29 +09:00
Tatsuhiro Tsujikawa