Commit Graph

87 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 402ebb277f nghttpx: Add --num-accept and --accept-delay options 2015-01-27 23:47:56 +09:00
acesso 7ea8037ee1 Use fcntl and FD_CLOEXEC if O_CLOEXEC is undefined
Same reported at #87 but at src/shrpx_config.cc src/instead of util.cc
2015-01-23 21:17:06 +09:00
Tatsuhiro Tsujikawa f004361ef2 nghttpx: Add --backend-request-buffer option 2015-01-13 23:30:28 +09:00
Tatsuhiro Tsujikawa d6db38a318 nghttpx: Clean up integer configuration range checking 2015-01-13 23:23:35 +09:00
Tatsuhiro Tsujikawa c88a5291b7 nghttpx: Add --backend-response-buffer option 2015-01-13 23:20:06 +09:00
Tatsuhiro Tsujikawa 956c11388c nghttpx: Allow units (k, m, and g) in --{read,write}-{rate,burst}
So that you can specify --read-rate=1M --read-burst=4M
2015-01-13 21:54:53 +09:00
Tatsuhiro Tsujikawa 1e4f8f27fd nghttpx: Add --tls-ctx-per-worker option
When same SSL_CTX is used by multiple thread simultaneously we have to
setup some number of mutex locks for it.  We could not check how this
locking affects scalability since we have 4 cores at best in our
development machine.  Good side of sharing SSL_CTX across threads is
we can share session ID pool.

If --tls-ctx-per-worker is enabled, SSL_CTX is created per thread
basis and we can eliminate mutex locks.  The downside is session ID is
no longer shared, which means if session ID generated by one thread
cannot be acceptable by another thread.  But we have now session
ticket enabled and its keys are shared by all threads.
2015-01-13 00:25:02 +09:00
Tatsuhiro Tsujikawa 0ca979b453 nghttpx: Add --rlimit-nofile option 2015-01-10 23:17:48 +09:00
Tatsuhiro Tsujikawa 08e8cc1915 nghttpx: Add --tls-ticket-key-file option
This option specifies files contains 48 random bytes to construct
session ticket key data.  This option can be used repeatedly to
specify multiple keys, but only the first one is used to encrypt
tickets.
2015-01-08 01:26:30 +09:00
Tatsuhiro Tsujikawa 52f3572d5b nghttpx: Enable TLS session tickets with session key rotation every 12hrs 2015-01-08 00:01:09 +09:00
Tatsuhiro Tsujikawa d3a606e9d9 nghttpx: open_file_for_write: Use O_CLOEXEC flag 2015-01-07 00:25:10 +09:00
Tatsuhiro Tsujikawa 7db1864766 nghttpx: Add --backend-http1-connections-per-frontend option 2015-01-03 00:19:41 +09:00
Tatsuhiro Tsujikawa a55a07940c nghttpx: Show not implemented warning for per wroker rate limit 2015-01-03 00:19:41 +09:00
Tatsuhiro Tsujikawa bfac015d61 src: Use libev for rest of the applications 2015-01-03 00:19:41 +09:00
Tatsuhiro Tsujikawa b607a22076 nghttpx: Support multiple HTTP/1 backend address
For HTTP/1 backend, -b option can be used several times to specify
multiple backend address.  HTTP/2 backend does not support multiple
addresses and only uses first address even if multiple addresses are
specified.
2014-12-06 19:30:27 +09:00
Tatsuhiro Tsujikawa 9614611969 nghttpx: Limit # of downstream connections per host when h2 proxy is used
This commit limits the number of concurrent HTTP/1 downstream
connections to same host.  By defualt, it is limited to 8 connections.
--backend-connections-per-frontend option was replaced with
--backend-http1-connections-per-host, which changes the maximum number
of connections per host.  This limitation only kicks in when h2 proxy
is used (-s option).
2014-12-05 01:47:03 +09:00
Tatsuhiro Tsujikawa b1f807abd1 Reformat lines with clang-format-3.5 2014-11-27 23:56:30 +09:00
Tatsuhiro Tsujikawa 9bba616426 nghttpx: Add $alpn variable to accesslog formatting
$alpn is a variable which represents ALPN identifier of the protocol
which generates the response.
2014-11-24 15:24:09 +09:00
Tatsuhiro Tsujikawa 1fe50f272b nghttpx: Add $pid to --accesslog-format variable
$pid refers to the PID of the running process.
2014-11-24 14:34:43 +09:00
Lucas Pardue 9cf1a0c77c Add features to logging, client and server port,
time_iso8601 and request_time.
2014-11-23 20:37:51 +00:00
Tatsuhiro Tsujikawa 958cd0de64 nghttpx: Add configurable access logging format
This commit adds functionality to customize access logging format in
nghttpx.  The format variables are inspired by nginx.  The default
format is combined format.
2014-11-19 01:29:55 +09:00
Tatsuhiro Tsujikawa ce71e65aee nghttpx: Replace WARNING with WARN for consistency 2014-11-08 10:51:56 +09:00
Lucas Pardue 9ea4905f68 Added X-Forwarded-For header stripping option to nghttpx 2014-10-27 10:23:20 +00:00
Tatsuhiro Tsujikawa a23a705121 nghttpx: Strict integer config validation 2014-08-27 23:36:36 +09:00
Tatsuhiro Tsujikawa 822ec75814 nghttpx: Add --listener-disable-timeout option 2014-08-27 22:34:00 +09:00
Tatsuhiro Tsujikawa c81e87bf37 nghttpx: Fix dereference after null check 2014-08-20 00:17:50 +09:00
Tatsuhiro Tsujikawa 5d2390deba nghttpx: Bring per-connection rate limit back
--read-burst=0 still does not work.  But specifying n > 0 workarounds
this.
2014-08-17 16:17:10 +09:00
Tatsuhiro Tsujikawa 0e8419ac37 nghttpx: Add backend-connections-per-frontend option
This option limits the number of backend connections per frontend.
This is meaningful for the combination of HTTP/2 and SPDY frontend and
HTTP/1 backend.
2014-08-16 22:24:17 +09:00
Tatsuhiro Tsujikawa ca680c16e3 nghttpx: Chown file to effective user 2014-08-13 01:53:44 +09:00
Tatsuhiro Tsujikawa bf13d91264 nghttpx: Add hot deploy feature
nghttpx supports hot deploy feature using signals.  The host deploy in
nghttpx is multi step process.  First send USR2 signal to nghttpx
process.  It will do fork and execute new executable, using same
command-line arguments and environment variables.  At this point, both
current and new processes can accept requests.  To gracefully shutdown
current process, send QUIT signal to current nghttpx process.  When
all existing frontend connections are done, the current process will
exit.  At this point, only new nghttpx process exists and serves
incoming requests.
2014-08-13 00:43:54 +09:00
Tatsuhiro Tsujikawa 24cfb52b5a nghttpx: Add --no-location-rewrite option
--no-location-rewrite option disallows location header rewrite on
--http2-bridge, --client and default mode.  This option is useful when
connecting nghttpx proxy with --http2-bridge to backend nghttpx with
http2-proxy mode.
2014-08-10 12:39:27 +09:00
Tatsuhiro Tsujikawa 76703f79fa nghttpx: Add stream level timeout for HTTP/2 and SPDY upstream/downstream 2014-08-09 22:56:27 +09:00
Tatsuhiro Tsujikawa 0ce848a611 nghttpx: Rewrite logging system
This change rewrites logging system of nghttpx.  Previously access log
and error log are written to stderr or syslog and there was no option
to change stderr to something else.  With this change, file path of
access log and error log can be configured separately and logging to
regular file is now added.  To support rotating log, if SIGUSR1 signal
is received by nghttpx, it closes the current log files and reopen it
with the same name.  The format of access log is changed and has same
look of apache's.  But not all columns are not supported yet.
2014-07-05 18:43:24 +09:00
Tatsuhiro Tsujikawa 479e15469c nghttpx: Add worker-frontend-connections option 2014-06-26 22:55:22 +09:00
Tatsuhiro Tsujikawa 266a15ccd3 nghttpx: Remove per-connection rate limit
It looks like setting read-rate and read-burst to 0 makes busy loop.
It seems a bug.  On the other hand, we most likely want per-thread
rate limit rather than per-connection.  So we decided to drop them.
2014-06-19 23:19:14 +09:00
Tatsuhiro Tsujikawa 7b0ed5d9bd nghttpx: Only allow DHE, ECDHE + AEAD ciphers for HTTP/2
Cipher suites are chosen by DHE and ECDHE ciphers + GCM (AEAD).  Now
default cipher list is the one recommended by Mozilla web site.  The
--honor-cipher-order option is removed and now it is always assumed.
2014-06-10 22:47:22 +09:00
Tatsuhiro Tsujikawa de14c02227 nghttpx: Code cleanup 2014-06-08 23:09:44 +09:00
Tatsuhiro Tsujikawa e665123ebe nghttpx: Use nullptr instead of NULL 2014-06-08 23:09:44 +09:00
Tatsuhiro Tsujikawa db8af31e2b nghttpx: Code cleanup 2014-06-08 23:09:44 +09:00
Tatsuhiro Tsujikawa 0fd5b2aa32 nghttpx: Use std::vector for tls_proto_list and npn_list
Now SSL/TLS option mask to disable particular SSL/TLS protocol
versions are pre-calculated and stored in Config.
2014-06-08 23:09:44 +09:00
Tatsuhiro Tsujikawa 14b818efc8 nghttpx: Use std::unique_ptr<char[]> instead of char* 2014-06-08 21:02:40 +09:00
Tatsuhiro Tsujikawa a8a2236da9 nghttpx: Add --add-response-header option 2014-04-26 14:56:08 +09:00
Tatsuhiro Tsujikawa 6326aec089 nghttpx: Return std::unique_ptr from parse_config_str_list 2014-04-08 22:44:30 +09:00
Tatsuhiro Tsujikawa f9f6cdc93d nghttpx: Specify altsvc info in one option and allow multiple occurrences 2014-04-08 22:28:50 +09:00
Tatsuhiro Tsujikawa db6c41a219 nghttpx: Add altsvc related options
To advertise alternative serive, at least --altsvc-port and
--altsvc-protocol-id must be specified.
2014-04-03 13:20:50 +09:00
Tatsuhiro Tsujikawa ab2dc5967d Replace HTTP/2.0 with HTTP/2 2014-03-30 19:26:37 +09:00
Tatsuhiro Tsujikawa d074cb611f nghttpx: Add rate limit per worker thread
The existing options --{read,write}-{rate,burst} are per connection.
The new options --worker-{read,write}-{rate,burst} are per worker
thread, which is overall rate limit of all connections worker handles.
2014-03-09 14:53:28 +09:00
Tatsuhiro Tsujikawa c280cc7c4d nghttpx: Add --padding option for debugging purpose 2014-02-11 17:23:22 +09:00
Tatsuhiro Tsujikawa c7c283f3a9 nghttpx: Add --frontend-frame-debug option to debug HTTP/2 frame in upstream
The output format is the same one with nghttp/nghttpd. The output
is made into stderr to make it sync with logging.
2014-02-09 18:47:26 +09:00
Tatsuhiro Tsujikawa 7ce3065f32 nghttpx: Add --tls-proto-list option to enable SSL/TLS protocol selectively 2014-01-02 13:08:54 +09:00