Commit Graph

271 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 4fca2502d8 nghttpx: Ignore Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT
A well known server sends content-length: 0 in 101 response.  RFC 7230
says Content-Length or Transfer-Encoding in 200 response to CONNECT
request: https://tools.ietf.org/html/rfc7230#section-3.3.3
2019-05-17 22:58:26 +09:00
Tatsuhiro Tsujikawa 0288093caf Fix llhttp_get_error_pos usage
It returns NULL if return value is HPE_OK.
2019-04-21 00:07:11 +09:00
Tatsuhiro Tsujikawa c64d2573dc Replace http-parser with llhttp
llhttp does not include URL parser.  We extracted URL parser code from
http-parser and put it under third-party/url-parser.

llhttp bd3d224eb8cdc92c6fc8f508d7bbe0ba266e8e92
2019-04-20 18:42:30 +09:00
Tatsuhiro Tsujikawa 2cff8b43cf nghttpx: Fix bug that chunked request stalls 2019-04-15 23:58:30 +09:00
Tatsuhiro Tsujikawa d93842db3e nghttpx: Fix backend stall if header and request body are sent in 2 packets 2019-01-23 17:57:12 +09:00
Tatsuhiro Tsujikawa 1ff9de4c87 nghttpx: Backend address selection with weight 2019-01-21 22:23:19 +09:00
Tatsuhiro Tsujikawa e9c9838cdc nghttpx: Pool h1 backend connection per address
Pool HTTP/1.1 backend connection per address and reuse it only when
the next round robin index refers to this address.  Previously if
there is a pooled connection, there is no round robin selection.
2019-01-14 22:20:58 +09:00
Tatsuhiro Tsujikawa 1b42110d4f nghttpx: Make Downstream state enum class 2018-10-17 14:19:58 +09:00
Tatsuhiro Tsujikawa 0735ec55f3 nghttpx: Convert shrpx_connect_proto to enum class 2018-10-17 14:19:58 +09:00
Tatsuhiro Tsujikawa 00554779e1 nghttpx: Convert DNSResolverStatus to enum class 2018-10-17 14:19:58 +09:00
Tatsuhiro Tsujikawa 5e4f434fd8 nghttpx: Convert shrpx_session_affinity to enum class 2018-10-16 23:03:17 +09:00
Tatsuhiro Tsujikawa 20ea964f2f nghttpx: Convert shrpx_proto to enum class 2018-10-16 22:59:34 +09:00
Tatsuhiro Tsujikawa ec5729b1fa Use std::make_unique 2018-10-15 23:02:44 +09:00
Tatsuhiro Tsujikawa 46576178a3 Don't send Transfer-Encoding to pre-HTTP/1.1 clients 2018-10-14 22:57:54 +09:00
Tatsuhiro Tsujikawa 7c8cb3a0ce nghttpx: Improve CONNECT response status handling 2018-10-04 12:04:15 +09:00
Tatsuhiro Tsujikawa aeb92bbbe2 nghttpx: Add read/write-timeout parameters to backend option 2018-09-30 12:32:43 +09:00
Tatsuhiro Tsujikawa d2a594a753 nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2 2018-09-29 11:35:41 +09:00
Tatsuhiro Tsujikawa 3575a1325e nghttpx: Fix crash with plain text HTTP 2018-09-15 12:16:23 +09:00
Tatsuhiro Tsujikawa 5b42815afb nghttpx: Strip incoming Early-Data header field by default 2018-09-09 22:37:22 +09:00
Tatsuhiro Tsujikawa 770e44de4d Implement draft-ietf-httpbis-replay-02
nghttpx sends early-data header field when forwarding requests which
are received in TLSv1.3 early data, and the TLS handshake is still in
progress.
2018-09-08 17:54:35 +09:00
Tatsuhiro Tsujikawa 9b24e19763 nghttpx: Choose h1 protocol if headers have been sent to backend on retry 2018-08-22 23:20:13 +09:00
Tatsuhiro Tsujikawa 9d5b781df6 Fix stream reset if data from client is arrived before dconn is attached 2018-08-22 22:32:25 +09:00
Tatsuhiro Tsujikawa c1a496cf4e nghttpx: Fix bug that h1 backend idle timeout expires sooner 2018-02-02 21:09:04 +09:00
Tatsuhiro Tsujikawa f5ddd7f43b nghttpx: Make initial_addr_idx_ unsigned 2017-11-04 17:30:56 +09:00
Tatsuhiro Tsujikawa 16e9036568 nghttpx: Fix affinity retry 2017-11-04 17:13:45 +09:00
Tatsuhiro Tsujikawa fa7945c627 nghttpx: Refactor 2017-11-04 15:55:25 +09:00
Tatsuhiro Tsujikawa daca43f0dd nghttpx: Fix stalled backend connection on retry 2017-11-04 15:46:08 +09:00
Tatsuhiro Tsujikawa b8fda6808b nghttpx: Cookie based session affinity 2017-11-01 22:18:03 +09:00
Tatsuhiro Tsujikawa 1b442cb16f Compile with --disable-assert 2017-05-18 23:10:44 +09:00
Tatsuhiro Tsujikawa a584cf5a4f Use clang-format-4.0 2017-04-30 15:45:53 +09:00
Tatsuhiro Tsujikawa d63b4c1034 nghttpx: Forward multiple via, xff, and xfp header fields
Previously, for Via, X-Forwarded-For, and X-Forwarded-Proto header
field, nghttpx only forwarded the last header field of each.  With
this commit, nghttpx forwards all of them if it is configured to do
so.
2017-04-26 21:23:13 +09:00
Tatsuhiro Tsujikawa cc9190ab37 nghttpx: Add options for X-Forwarded-Proto header field
This commit adds 2 new options to handle X-Forwarded-Proto header
field.  The --no-add-x-forwarded-proto option makes nghttpx not to
append X-Forwarded-Proto value.  The
--no-strip-incoming-x-forwarded-proto option prevents nghttpx from
stripping the header field from client.

Previously, nghttpx always strips incoming header field, and set its
own header field.  This commit preserves this behaviour, and adds
additional knobs.
2017-04-08 18:46:36 +09:00
Tatsuhiro Tsujikawa 980570de71 Revert "nghttpx: Add options for X-Forwarded-Proto header field"
This reverts commit 8c0b2c684a.
2017-04-08 18:37:54 +09:00
Tatsuhiro Tsujikawa 46ccc4332c nghttpx: Fix bug that 204 from h1 backend is always treated as error 2017-04-07 21:45:13 +09:00
Tatsuhiro Tsujikawa 8c0b2c684a nghttpx: Add options for X-Forwarded-Proto header field
This commit adds 2 new options to handle X-Forwarded-Proto header
field.  The --add-x-forwarded-proto option makes nghttpx append
X-Forwarded-Proto value.  The --strip-incoming-x-forwarded-proto
option makes nghttpx to strip the header field from client.

Previously, nghttpx always strips incoming header field, and set its
own header field.  This commit changes this behaviour.  Now nghttpx
does not strip, and append X-Forwarded-Proto header field by default.
The X-Forwarded-For, and Forwarded header fields are also handled in
the same way.  To recover the old behaviour, use
--add-x-forwarded-proto and --strip-incoming-x-forwarded-proto
options.
2017-04-06 19:17:36 +09:00
Tatsuhiro Tsujikawa 058122b804 nghttpx: Rename shrpx_ssl.{h,cc} as shrpx_tls.{h,cc}
The namespace shrpx::ssl was also renamed as shrpx::tls.
2017-04-01 15:12:28 +09:00
Tatsuhiro Tsujikawa e17a6b29b6 nghttpx: Use 502 as server error code 2017-04-01 14:04:55 +09:00
Tatsuhiro Tsujikawa aa1eec4642 nghttpx: Cache client side session inside openssl callback 2017-03-30 21:07:58 +09:00
Tatsuhiro Tsujikawa a7c780a732 nghttpx: Redirect to HTTPS URI with redirect-if-not-tls param
This commit removes frontend-tls parameter, and adds
redirect-if-not-tls parameter parameter to --backend option.  nghttpx
now responds to the request with 308 status code to redirect the
request to https URI if frontend connection is not TLS encrypted, and
redirect-if-no-tls parameter is used in --backend option.  The port
number in Location header field is 443 by default (thus omitted), but
it can be configurable using --redirect-https-port option.
2017-02-18 22:32:27 +09:00
Tatsuhiro Tsujikawa e5b84fad09 nghttpx: Fix bug that old config is used during reloading config 2017-02-16 22:46:22 +09:00
Tatsuhiro Tsujikawa c78528d54b nghttpx: Restrict HTTP major and minor in 0 or 1 2017-02-11 18:42:29 +09:00
Tatsuhiro Tsujikawa 685e926494 nghttpx: Add --accesslog-write-early option
--accesslog-write-early option is analogous to HAProxy's logasap.  If
used, nghttpx writes access log when response header fields are
received from backend rather than when request transaction finishes.
2017-01-13 22:12:21 +09:00
Tatsuhiro Tsujikawa 6595ae26ea src: Add constexpr to const objects 2017-01-09 17:11:37 +09:00
Tatsuhiro Tsujikawa e8b2508036 nghttpx: Rename confusing names in HttpDownstreamConnection 2017-01-08 23:09:00 +09:00
Tatsuhiro Tsujikawa 25df164219 nghttpx: Don't write again after failure
Plain write(2) is OK, but SSL_write requires same arguments on retry.
It would be better to avoid calling them again.
2016-12-26 00:35:38 +09:00
Tatsuhiro Tsujikawa bcfa333322 nghttpx: Refactor h1 backend retry code 2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa c4aeadd57d nghttpx: Retry h1 backend request if first write fails 2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa a0ce5ea9ab nghttpx: Keep reading after backend write failed
Because of bidirectional nature of TCP, we may fail write(2), but have
still pending read in TCP buffer, which may contain response body.  To
forward them, we should keep reading until get EOF from backend.

To avoid stalling HTTP/1 upload when request buffer is full, and we
have received complete response from backend, drop connection in that
case.
2016-12-24 22:50:02 +09:00
Tatsuhiro Tsujikawa 0463928a1e nghttpx: Fix uninitialized errors found by coverity scan 2016-12-18 22:16:52 +09:00
Tatsuhiro Tsujikawa 38b5cad4e3 nghttpx: Lookup backend host name dynamically
We have added "dns" parameter to backend option.  If specified, name
lookup is done dynamically.  If not, name lookup is done at start up,
or configuration reloading.  nghttpx caches DNS result including error
case in 30 seconds in this commit.  Later commit makes this
configurable.

DNS resolution is done asynchronously using c-ares library.
2016-12-10 21:09:50 +09:00