1442b1bd0a
nghttpx: Remove --tls-ctx-per-worker option
...
--tls-ctx-per-worker option does not work well of OCSP stapling. Also
it makes session ID useless.
2015-03-31 00:42:21 +09:00
cc94632b29
src: Use separator "--" to mark start of the footer without ambiguity
2015-03-31 00:21:52 +09:00
4bc9afe20a
nghttpx: Add OCSP stapling feature
2015-03-30 23:58:28 +09:00
93013f4205
nghttpx: Remove --backend-http2-connection-check option, enable it by default
2015-03-11 00:22:05 +09:00
0e3ae63965
nghttpx: Add --backend-http2-connections-per-worker
2015-03-10 23:43:25 +09:00
446de923f3
nghttpx: Support multiple HTTP/2 session per worker
...
Currently, we use same number of HTTP/2 sessions per worker with given
backend addresses. New option to specify the number of HTTP/2 session
per worker will follow.
2015-03-10 23:20:21 +09:00
c5860fc6f4
nghttpx: Support multiple -b option for HTTP/2 backend
2015-03-10 21:54:29 +09:00
41e266181e
nghttpx: Attempt to improve HTTP/2 backend connection check
...
It turns out that writing successfully to network is not enough.
After apparently successful network write, read fails and then we
first know network has been lost (at least my android mobile network).
In this change, we say connection check is successful only when
successful read. We already send PING in this case, so we just wait
PING ACK with short timeout. If timeout has expired, drop connection.
Since waiting for PING ACK could degrade performance for fast reliably
connected network, we decided to disable connection check by default.
Use --backend-http2-connection-check to enable it.
2015-03-09 23:37:54 +09:00
c2426bc732
Merge branch 'pthread-getspecific' of https://github.com/icing/nghttp2 into icing-pthread-getspecific
2015-03-05 02:04:56 +09:00
1fd44b1567
replacing thread_local, which does not exist on OS X, with pthread_getspecific call
2015-03-03 17:09:15 +01:00
1c0d617742
nghttpx: Rename WorkerConfig as LogConfig
...
This is a sign that we only use thread-local storage for logging only.
2015-02-26 00:02:29 +09:00
b161dfe573
nghttpx: Move graceful_shutdown flag from WorkerConfig to Worker
...
A part of an effort to eliminate thread_local WorkerConfig
2015-02-25 22:53:53 +09:00
1a2bccd71c
nghttpx: Share nghttp2_session_callbacks between objects
2015-02-24 15:21:10 +09:00
8b533e19bb
nghttpx: Remove option name from unix path sample since it is a bit strange
2015-02-22 18:09:37 +09:00
df32a534fc
nghttpx: Rename ConnectionHandler::acceptor4_ as acceptor_
...
This change is motivated by that fact that we use it for UNIX domain
socket as well as IPv4.
2015-02-22 17:59:50 +09:00
e583a25a8b
nghttpx: Fix error found by coverity scan
2015-02-22 17:53:12 +09:00
da2376effd
nghttpx: Add host_unix field to DownstreamAddr to tell it is UNIX domain sock
2015-02-22 17:25:23 +09:00
0c4ae3dea5
nghttpx: Support UNIX domain socket on frontend
...
This commit also fixes environment variables used to tell inherited
file descriptors to new binary are stacked up each time new binary is
executed.
2015-02-22 17:25:23 +09:00
997f9233bc
nghttpx: Support UNIX domain socket in backend connections
2015-02-22 12:27:51 +09:00
a26a597453
nghttpx: Cast configuration value to rlim_t to avoid compile error on 32bit
2015-02-21 16:57:02 +09:00
ab93a700ce
src: Announce h2 ALPN
2015-02-20 23:50:17 +09:00
ae0100a9ab
nghttpx: Refactor worker interface
2015-02-11 22:49:03 +09:00
502b552b68
nghttpx: Add --no-server-push option
2015-02-08 16:19:12 +09:00
4dea318b5b
nghttpx: Fix compile error if SOCK_NONBLOCK is undefined
2015-02-08 00:49:56 +09:00
54851ef7a6
src: Move make_unique to nghttp2 namespace
2015-02-06 00:15:43 +09:00
7c75d9db98
nghttpx: Set nghttp2_option_set_peer_max_concurrent_streams for HTTP/2 backend
2015-02-05 03:05:34 +09:00
a68c4c1e3c
nghttpx: Add --no-host-rewrite option
2015-02-04 01:42:26 +09:00
e03f36eeeb
nghttpx: Use <DURATION> instead of <T>
2015-01-29 23:23:30 +09:00
00555dc7bb
nghttpx: Use TCP_DEFER_ACCEPT if available
2015-01-29 21:14:44 +09:00
d1a4002b22
nghttpx: Remove --accept-delay and --num-accept options
2015-01-29 20:58:47 +09:00
96e66b1a81
nghttpx: Make num_accept 0 on graceful shutdown
...
Make num_accept unlimited so that we can accept all pending
connections waiting in listen queue.
2015-01-28 21:02:31 +09:00
19429abd07
nghttpx: Make --accept-delay default to 10ms
2015-01-28 21:00:47 +09:00
3167aa4081
nghttpx: set the supplementary group access list
2015-01-28 20:56:05 +09:00
f8765be817
nghttpx: Make --backend-keep-alive-timeout default to 2s
2015-01-28 00:47:09 +09:00
f0c7839f25
nghttpx: Clarify --num-accept=0 case
2015-01-28 00:39:56 +09:00
6a39de0ae5
nghttpx: Accept s or ms as unit for <T> argument
2015-01-28 00:36:44 +09:00
402ebb277f
nghttpx: Add --num-accept and --accept-delay options
2015-01-27 23:47:56 +09:00
f604cbae70
nghttpx: Fix shutdown too early with QUIT signal if num_worker == 1
2015-01-22 01:46:25 +09:00
8997e4369d
nghttpx: Adjust backend buffers
2015-01-21 01:47:43 +09:00
5d204fc3aa
nghttpx: Add more option categories
2015-01-15 23:19:35 +09:00
8fe093de1d
nghttpx: Set initial backlog to 512
2015-01-14 21:24:12 +09:00
f004361ef2
nghttpx: Add --backend-request-buffer option
2015-01-13 23:30:28 +09:00
c88a5291b7
nghttpx: Add --backend-response-buffer option
2015-01-13 23:20:06 +09:00
0d614cf103
nghttpx: Longer help message
2015-01-13 23:02:18 +09:00
29d6cfae80
nghttpx: Add explanation about units in <SIZE>
2015-01-13 22:42:52 +09:00
c48a6e73e8
nghttpx: Clean up metavar
2015-01-13 22:39:35 +09:00
956c11388c
nghttpx: Allow units (k, m, and g) in --{read,write}-{rate,burst}
...
So that you can specify --read-rate=1M --read-burst=4M
2015-01-13 21:54:53 +09:00
5e8eb926f2
nghttpx: Fix server error with -n1 and --tls-ctx-per-worker
2015-01-13 21:53:53 +09:00
1e4f8f27fd
nghttpx: Add --tls-ctx-per-worker option
...
When same SSL_CTX is used by multiple thread simultaneously we have to
setup some number of mutex locks for it. We could not check how this
locking affects scalability since we have 4 cores at best in our
development machine. Good side of sharing SSL_CTX across threads is
we can share session ID pool.
If --tls-ctx-per-worker is enabled, SSL_CTX is created per thread
basis and we can eliminate mutex locks. The downside is session ID is
no longer shared, which means if session ID generated by one thread
cannot be acceptable by another thread. But we have now session
ticket enabled and its keys are shared by all threads.
2015-01-13 00:25:02 +09:00
e048deb64c
nghttpx: Fix error message
2015-01-12 22:35:45 +09:00
f7455d48cc
Compile with android NDK
...
This also fixes the bug that nghttpx's acceptor fd is blocking if
SOCK_NONBLOCK is undefined.
2015-01-11 00:28:00 +09:00
0ca979b453
nghttpx: Add --rlimit-nofile option
2015-01-10 23:17:48 +09:00
bc17f95c80
src: Move ipv6_numeric_addr to util and add test
2015-01-10 21:33:53 +09:00
a3dcf1e004
Produce man pages using sphinx
...
Previously to create manual page for bundled programs, we use help2man
to create man page from program's help output. Then our man2rst.py
script converts man page to rst document. Sphinx generates html from
rst documents.
Now help2rst.py produces rst document from programs output. We use
Sphinx solely to produce both man pages and html files.
2015-01-10 00:37:42 +09:00
019f1e9fc7
nghttpx: Remove useless comments
2015-01-08 22:28:30 +09:00
0173929538
nghttpx: Rename ListenHandler as ConnectionHandler
2015-01-08 21:48:39 +09:00
fcddb5c06c
nghttpx: Distribute session ticket keys to workers without mutex
2015-01-08 21:15:45 +09:00
5d3544185c
nghttpx: Fix crash in SSL_CTX_set_tlsext_ticket_key_cb
...
It seems that returning 0 when enc == 0 crashes OpenSSL.
2015-01-08 20:46:35 +09:00
5dce9501a6
Fix compile error with libstdc++ and/or --disable-threads
2015-01-08 01:57:59 +09:00
08e8cc1915
nghttpx: Add --tls-ticket-key-file option
...
This option specifies files contains 48 random bytes to construct
session ticket key data. This option can be used repeatedly to
specify multiple keys, but only the first one is used to encrypt
tickets.
2015-01-08 01:26:30 +09:00
52f3572d5b
nghttpx: Enable TLS session tickets with session key rotation every 12hrs
2015-01-08 00:01:09 +09:00
ba795d86f0
nghttpx: Don't cache time for logging
...
Update is done by main event loop which is stopped after graceful
shutdown is commenced, which means time is no longer update. To avoid
this situation, we just avoid caching and get time for each logging.
2015-01-06 23:17:09 +09:00
94e69d5e30
nghttpx: Remove commented lines
2015-01-06 22:55:01 +09:00
7db1864766
nghttpx: Add --backend-http1-connections-per-frontend option
2015-01-03 00:19:41 +09:00
a55a07940c
nghttpx: Show not implemented warning for per wroker rate limit
2015-01-03 00:19:41 +09:00
bfac015d61
src: Use libev for rest of the applications
2015-01-03 00:19:41 +09:00
d695d2ccc0
nghttp, nghttpx, nghttpd, h2load: Support h2-16 in NPN/ALPN
...
The nghttp2 library itself is still h2-14. To experiment with the
implementations to require h2-16 to test new features (e.g.,
prioritization), nghttp, nghttpx, nghttpd and h2load now support h2-16
as well as h2-14. Cleartext HTTP Upgrade is still limited to h2-14
however.
2014-12-16 22:57:58 +09:00
b607a22076
nghttpx: Support multiple HTTP/1 backend address
...
For HTTP/1 backend, -b option can be used several times to specify
multiple backend address. HTTP/2 backend does not support multiple
addresses and only uses first address even if multiple addresses are
specified.
2014-12-06 19:30:27 +09:00
9614611969
nghttpx: Limit # of downstream connections per host when h2 proxy is used
...
This commit limits the number of concurrent HTTP/1 downstream
connections to same host. By defualt, it is limited to 8 connections.
--backend-connections-per-frontend option was replaced with
--backend-http1-connections-per-host, which changes the maximum number
of connections per host. This limitation only kicks in when h2 proxy
is used (-s option).
2014-12-05 01:47:03 +09:00
f178b78816
nghttpx: Longer read timeouts
2014-12-03 23:45:44 +09:00
e180d8e594
nghttpx: Longer downstream HTTP/1 idle connection timeout
2014-12-03 23:00:53 +09:00
b1f807abd1
Reformat lines with clang-format-3.5
2014-11-27 23:56:30 +09:00
c67ccad74d
nghttpx: Use cached get_config()->pid in save_pid()
2014-11-27 22:41:14 +09:00
04dae32509
nghttpx: Store PID to Config again after daemon()
2014-11-27 21:32:34 +09:00
9bba616426
nghttpx: Add $alpn variable to accesslog formatting
...
$alpn is a variable which represents ALPN identifier of the protocol
which generates the response.
2014-11-24 15:24:09 +09:00
1fe50f272b
nghttpx: Add $pid to --accesslog-format variable
...
$pid refers to the PID of the running process.
2014-11-24 14:34:43 +09:00
93023acc6c
nghttpx: Make --accesslog-format usage doc help2man friendly
...
This is unfortunate but help2man behaves badly when there is indented
lines in help messages in commnad-line args. We removed indentations
to make help2man happy.
2014-11-24 14:16:48 +09:00
daf659c64e
nghttpx: Note the conversion made in <VAR>
2014-11-24 14:04:37 +09:00
9cf1a0c77c
Add features to logging, client and server port,
...
time_iso8601 and request_time.
2014-11-23 20:37:51 +00:00
958cd0de64
nghttpx: Add configurable access logging format
...
This commit adds functionality to customize access logging format in
nghttpx. The format variables are inspired by nginx. The default
format is combined format.
2014-11-19 01:29:55 +09:00
5ce8ae79f0
nghttpx: Disable spdy/3 and spdy/2 by default
2014-11-14 23:16:06 +09:00
ce71e65aee
nghttpx: Replace WARNING with WARN for consistency
2014-11-08 10:51:56 +09:00
1119701071
nghttpx: Fix -L option help message
...
WARNING should be WARN.
2014-11-08 10:45:58 +09:00
a067eb02a5
Add LOG_NOTICE level logging for application lifecycle events
2014-11-06 14:32:56 +00:00
be1a513c59
nghttpx: Shut up scan-build
2014-10-30 22:36:22 +09:00
9ea4905f68
Added X-Forwarded-For header stripping option to nghttpx
2014-10-27 10:23:20 +00:00
c6cfcc3c30
src: Disable insecure SSLv3
2014-10-22 23:14:07 +09:00
8fffa05513
src: Fix possible heap-use-after free for OpenSSL global locking
...
This is simply programming error, but it is interesting that using
libstdc++ does not reveal this error. With clang++-libc++, we got
std::system_error: mutex lock faild: Invalid argument. This is
because we did not give a name to lock object, so it is immediately
destructed. I think this will fix the reported crash on Mac OSX.
2014-10-14 21:47:07 +09:00
df875db989
Avoid PATH_MAX by using getcwd(nullptr, 0) as supported by modern glibc-based OSes.
2014-10-03 21:58:15 +09:00
f8471a5f45
nghttpx: Move --backend-http-proxy-uri to Connections section
2014-08-27 23:37:54 +09:00
822ec75814
nghttpx: Add --listener-disable-timeout option
2014-08-27 22:34:00 +09:00
9ad2c0887e
nghttpx: Use _Exit() instead of exit() when execve is failed in child process
2014-08-23 18:15:47 +09:00
c7e9fe8154
nghttpx: Implement connection blocker for HTTP/1 backend
2014-08-19 23:36:04 +09:00
fb62a5ed4f
nghttpx: Use pointer for worker_config
2014-08-19 22:29:44 +09:00
2fb675f13c
nghttpx: Open default log files for errors occurred while parsing options
2014-08-17 22:37:30 +09:00
eebd1f5492
nghttpx: Add some more info about prohibition of --read-burst=0
2014-08-17 22:31:44 +09:00
86dd1519b4
nghttpx: Android specific hack for special files for logging
...
Android lacks /dev/stderr, so directly use /proc/self/fd/2 as default
errorlog-file. Android does not like O_APPEND for /proc/self/fd/1 and
/proc/self/fd/2, so omit the flag for these paths.
2014-08-17 19:01:51 +09:00
5d2390deba
nghttpx: Bring per-connection rate limit back
...
--read-burst=0 still does not work. But specifying n > 0 workarounds
this.
2014-08-17 16:17:10 +09:00
3c056973a1
nghttpx: Ignore SIGCHLD not to create zombie on SIGUSR2 if -D is used
2014-08-17 00:05:24 +09:00
0e8419ac37
nghttpx: Add backend-connections-per-frontend option
...
This option limits the number of backend connections per frontend.
This is meaningful for the combination of HTTP/2 and SPDY frontend and
HTTP/1 backend.
2014-08-16 22:24:17 +09:00
Tatsuhiro Tsujikawa
Stefan Eissing
Fabian Möller
Lucas Pardue
Svante Signell