Commit Graph

2681 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa e77883e980 nghttpx: Fix typo 2017-03-22 22:53:46 +09:00
Tatsuhiro Tsujikawa 0994c92550 nghttpx: Don't cache session server side if TLS version is 1.3 2017-03-22 21:34:13 +09:00
Tatsuhiro Tsujikawa 465c7208cc nghttpx: Don't look up session ID if length is 0 2017-03-22 21:33:31 +09:00
Tatsuhiro Tsujikawa b7e7a4bf26 asio: client: Send PING after 30 seconds idle 2017-03-20 18:37:56 +09:00
Tatsuhiro Tsujikawa c7df65309b nghttpx: Ignore further input if connection is going to close 2017-03-19 13:24:12 +09:00
Tatsuhiro Tsujikawa 26900262f3 Revert "nghttpx: Attempt to avoid TCP RST on socket closure on Linux"
This reverts commit f69b52b1aa.
2017-03-18 22:43:30 +09:00
Tatsuhiro Tsujikawa 9b5ce36368 nghttpx: Reset write timer on write 2017-03-18 21:33:00 +09:00
Tatsuhiro Tsujikawa f69b52b1aa nghttpx: Attempt to avoid TCP RST on socket closure on Linux 2017-03-18 00:59:26 +09:00
Tatsuhiro Tsujikawa 1e1d908c12 nghttpx: Eliminate global std::random_device 2017-03-17 22:25:10 +09:00
Tatsuhiro Tsujikawa 6c69d675da nghttpx: Should take reference 2017-03-17 22:24:32 +09:00
Tatsuhiro Tsujikawa feabd6f739 nghttpx: Delete unused delete_bio_method 2017-03-15 23:37:39 +09:00
Tatsuhiro Tsujikawa 1ea590c364 nghttpx: Return new BIO_METHOD object with OpenSSL < 1.1.0 2017-03-15 23:36:38 +09:00
Tatsuhiro Tsujikawa b21779e685 nghttpx: Use raw pointer for apis 2017-03-15 23:33:07 +09:00
Tatsuhiro Tsujikawa 12a4e7c3a2 src: Use raw pointer for ssl_global_locks 2017-03-15 23:24:28 +09:00
Tatsuhiro Tsujikawa 799a76de74 nghttpx: Lesser usage of DIE 2017-03-15 23:14:07 +09:00
Tatsuhiro Tsujikawa b1fee8ff63 nghttpx: Use raw pointer for config 2017-03-15 23:13:14 +09:00
Tatsuhiro Tsujikawa 9cc223d419 nghttpx: Use constexpr 2017-03-15 23:12:50 +09:00
Tatsuhiro Tsujikawa 20edd64301 nghttpx: Handle return value of write(2) 2017-03-15 21:28:53 +09:00
Tatsuhiro Tsujikawa 9aee518352 nghttpx: Effectively revert ff64f64e1d 2017-03-15 00:07:57 +09:00
Tatsuhiro Tsujikawa 51b933c5f0 src: Use "Modern compatibility" ciphers by default 2017-03-11 23:58:52 +09:00
Tatsuhiro Tsujikawa 3e0e3f5459 src: Fix typo 2017-03-10 23:10:13 +09:00
Tatsuhiro Tsujikawa fa074145a4 Merge pull request #788 from nghttp2/nghttpx-h2-proxy-pattern-match
nghttpx: Enable backend pattern matching with http2-proxy
2017-03-06 21:22:34 +09:00
Tatsuhiro Tsujikawa b2d6550179 src: BoringSSL only requires CRYPTO_library_init 2017-03-05 21:36:52 +09:00
Tatsuhiro Tsujikawa 62dd1f5177 src: OpenSSL 1.1.0 does not require explicit initialization 2017-03-05 19:57:06 +09:00
Tatsuhiro Tsujikawa a6dda5f91c nghttpx: Log rstatus in hex 2017-03-01 23:21:11 +09:00
Tatsuhiro Tsujikawa c1f7795dd6 nghttpx: Set close-on-exec flag on listener in worker process 2017-03-01 23:20:36 +09:00
Tatsuhiro Tsujikawa 4989e6e419 nghttpx: Don't call functions which are not async-signal-safe
.. after fork but before execv in multithreaded process.
2017-03-01 22:42:30 +09:00
Alexis La Goutte d725255784 nghttp2_gzip: fix this statement may fall through [-Werror=implicit-fallthrough=] found by gcc7 2017-02-27 21:38:55 +01:00
Tatsuhiro Tsujikawa 373be22d7e nghttpx: Simpler 2017-02-23 22:32:04 +09:00
Tatsuhiro Tsujikawa b647a7c5b7 nghttpx: Simplify code using parse_uint 2017-02-23 22:22:49 +09:00
Tatsuhiro Tsujikawa e1b8317ae8 nghttpx: Strip version number from server header field 2017-02-22 20:56:40 +09:00
Tatsuhiro Tsujikawa 2af57c3cfc nghttpx: Add --single-worker option
Previously, nghttpx will use only one single thread inside the worker
process if --workers=1 (this is default).  If --workers=N, N > 1, we
use additional threads for accepting connections, or API request
processing, etc.

With this commit, we use the same processing model for N > 1 even if N
== 1.  To restore the original single thread execution mode,
--single-worker option is added.  If threading is disabled
--single-worker is always true.
2017-02-21 22:19:34 +09:00
Tatsuhiro Tsujikawa 0c8b1a4f74 nghttpx: Fix bug that send_reply does not participate graceful shutdown 2017-02-21 21:27:57 +09:00
Tatsuhiro Tsujikawa 9d16292fe4 nghttpx: Add --frontend-max-requests option 2017-02-20 23:36:50 +09:00
Tatsuhiro Tsujikawa e2b9590c0f nghttpx: Enable stream-write-timeout by default 2017-02-20 22:18:49 +09:00
Tatsuhiro Tsujikawa 24fb640a55 nghttpx: Fix stream wtimer handling 2017-02-20 22:08:39 +09:00
Tatsuhiro Tsujikawa 450ffaa6f0 nghttpx: Add configrevision API endpoint
This commit adds configuration revision, which is considered opaque
string, and changes after reloading configuration with SIGHUP.  This
revision is returned as a response to configrevision API endpoint.
This allows external application to know whether nghttpx has finished
reloading new configuration or not.  Note that this revision does not
change on backendconfig API calls.
2017-02-19 23:40:06 +09:00
Tatsuhiro Tsujikawa dc15832030 nghttpx: Refactor API downstream connection to allow more endpoints 2017-02-19 22:49:53 +09:00
Tatsuhiro Tsujikawa a7c780a732 nghttpx: Redirect to HTTPS URI with redirect-if-not-tls param
This commit removes frontend-tls parameter, and adds
redirect-if-not-tls parameter parameter to --backend option.  nghttpx
now responds to the request with 308 status code to redirect the
request to https URI if frontend connection is not TLS encrypted, and
redirect-if-no-tls parameter is used in --backend option.  The port
number in Location header field is 443 by default (thus omitted), but
it can be configurable using --redirect-https-port option.
2017-02-18 22:32:27 +09:00
Tatsuhiro Tsujikawa e06ed85747 nghttpx: Fix travis gcc compile error 2017-02-17 00:42:25 +09:00
Tatsuhiro Tsujikawa 83fd72c97e nghttpx: Use std::chrono::duration_cast 2017-02-17 00:33:26 +09:00
Tatsuhiro Tsujikawa ace40f298d nghttpx: Update log time stamp in millisecond interval 2017-02-17 00:18:07 +09:00
Tatsuhiro Tsujikawa 1133cc0bbc nghttpx: Don't call get_config() repeatedly 2017-02-16 23:41:23 +09:00
Tatsuhiro Tsujikawa 6960039aee nghttpx: C++ style cast 2017-02-16 23:02:19 +09:00
Tatsuhiro Tsujikawa bf5eeb831b nghttpx: Better error message when private key and certificate are missing 2017-02-16 23:00:25 +09:00
Tatsuhiro Tsujikawa e5b84fad09 nghttpx: Fix bug that old config is used during reloading config 2017-02-16 22:46:22 +09:00
Tatsuhiro Tsujikawa cfb39171a7 nghttpx: Remove redundant StringRef ctor invocation 2017-02-16 22:45:55 +09:00
Tatsuhiro Tsujikawa 9e8d9d658a src: Enable TLSv1.3 if OpenSSL supports it
If OpenSSL supports TLSv1.3, enable it by default for all applications
under src.  BoringSSL can work at the moment although it does not
unlock all the features nghttpx offers.  OpenSSL's TLSv1.3 support is
still WIP at the time of writing.
2017-02-15 22:34:53 +09:00
Tatsuhiro Tsujikawa 6ecfac6954 nghttpx: Parse default TLS min and max versions from string 2017-02-15 21:28:40 +09:00
Tatsuhiro Tsujikawa 56e86cd944 src: h2 requires >= TLSv1.2 2017-02-14 22:21:35 +09:00
Tatsuhiro Tsujikawa b36e53cccd nghttpx: Specify TLS protocol by version range
This commit deprecates --tls-proto-list option, and adds 2 new
options: --tls-min-proto-version and --tls-max-proto-version to
specify minimum and maximum protocol version respectively.  Versions
between the two are enabled.  The deprecated --tls-proto-list has
empty default value, and acts like enabling only specific protocol
versions in the range for now.
2017-02-14 00:01:09 +09:00
Tatsuhiro Tsujikawa 001d45efad Merge branch 'nghttpx-graceful-sigusr2' 2017-02-12 23:52:03 +09:00
Tatsuhiro Tsujikawa 56c455bca4 nghttpx: Send SIGQUIT to the original master process
Previously, after sending SIGUSR2 to the original master process, and
the new master process gets ready, user has to send SIGQUIT to the
original master process to shut it down gracefully.  With this commit,
the new master process sends SIGQUIT to the original master process
when it is ready to serve requests, eliminating for user to send
SIGQUIT manually.

This works nicely with systemd, because now you can replace nghttpx
binary with new one by "systemctl kill -s USR2 --kill-who=main
nghttpx".
2017-02-12 23:29:44 +09:00
Tatsuhiro Tsujikawa 4bf3cb2cc0 Revert "nghttpx: Don't capitalize h1 header fields"
This reverts commit f994664934.
2017-02-12 23:27:38 +09:00
Tatsuhiro Tsujikawa c78528d54b nghttpx: Restrict HTTP major and minor in 0 or 1 2017-02-11 18:42:29 +09:00
Tatsuhiro Tsujikawa f994664934 nghttpx: Don't capitalize h1 header fields 2017-02-11 18:41:52 +09:00
Tatsuhiro Tsujikawa 44e290da66 clang-format 2017-02-11 13:08:08 +09:00
Tatsuhiro Tsujikawa 8aed101585 Merge pull request #805 from pakdel/graceful_stop
graceful stop of nghttp2::asio_http2::server::http2
2017-02-11 13:07:10 +09:00
Tatsuhiro Tsujikawa e44c58282e Drop privilege of neverbleed daemon first 2017-02-10 17:43:19 +09:00
Tatsuhiro Tsujikawa c02b1041d9 nghttpx: Use nullptr instead of NULL 2017-02-10 17:14:47 +09:00
Tatsuhiro Tsujikawa 23209baaf5 clang-format 2017-02-10 17:02:46 +09:00
Tatsuhiro Tsujikawa 9d2503f9c0 Merge pull request #802 from zdzichu/master
nghttpx: add systemd support
2017-02-10 16:17:01 +09:00
Amir Pakdel 1c31213aef More graceful stop of nghttp2::asio_http2::server::http2
Explicit io_service::stop() will prevent running streams from
finishing their task. That means if there are already reposnes
that we have called end(std::string) on them and they have not
finished sending back their data, they will be closed with a
NGHTTP2_INTERNAL_ERROR
Instead, we can stop accepting connections and destroy all
io_service::work objects to signals end of work.
2017-02-09 23:34:19 -05:00
Tomasz Torcz fdb75ba5fe nghttpx: add systemd support
Add systemd's Type=notify support by sending information about
 master process PID around forks.
  Add some hardening option to service unit.
2017-02-09 18:58:00 +01:00
Tatsuhiro Tsujikawa 8f888b29bd clang-format 2017-02-09 21:00:47 +09:00
clemahieu 298808f276 Holding more shared_ptrs instead of raw ptrs to make sure called objects don't get deleted. 2017-02-09 21:00:11 +09:00
Tatsuhiro Tsujikawa a231874e1e Merge branch 'nghttpx-certs-per-sigalg' 2017-02-08 23:36:23 +09:00
Tatsuhiro Tsujikawa 2101f4ae3f Merge branch 'mruby-send-1xx' 2017-02-08 22:18:11 +09:00
Tatsuhiro Tsujikawa 4a06f9684f nghttpx: Fix crash on SIGHUP with multi thread configuration 2017-02-08 22:14:23 +09:00
Tatsuhiro Tsujikawa 9a85c5264a nghttpx: Send 1xx non-final response using mruby script 2017-02-08 00:30:03 +09:00
Tatsuhiro Tsujikawa 68a724cf7b nghttpx: Select certificate by client's supported signature algo
nghttpx supports multiple certificates using --subcert option.
Previously, SNI hostname is used to select certificate.  With this
commit, signature algorithm presented by client is also taken into
consideration.  nghttpx now accepts certificates which share the same
hostname (CN, SAN), but have different signature algorithm (e.g.,
ECDSA+SHA256, RSA+SHA256).

Currently, this feature requires OpenSSL >= 1.0.2.  BoringSSL, and
LibreSSL do not work since they lack required APIs.
2017-02-04 23:37:24 +09:00
Tatsuhiro Tsujikawa 779ec50e73 Merge pull request #795 from clemahieu/close_stream_iterator
close_stream erases from streams_ while it's being iterated over.
2017-02-04 11:37:43 +09:00
Tatsuhiro Tsujikawa 1649948e78 asio: Add curly brackets to avoid possible well known issue 2017-02-04 11:33:21 +09:00
clemahieu 6d3e010ae7 Infinite loop in acceptor handler. 2017-02-04 11:31:12 +09:00
Tatsuhiro Tsujikawa 7dddac081e clang-format 2017-02-04 11:29:10 +09:00
clemahieu f0b6b9508d close_stream erases from streams_ while it's being iterated over.
The destructor will already clean this structure up.
2017-02-03 01:36:18 -06:00
Benedikt Christoph Wolters 14ccb24be5 add support for link rel="preload" for --get-assets 2017-02-01 15:54:15 +01:00
Tatsuhiro Tsujikawa 025ec85144 Merge pull request #790 from nghttp2/nghttpx-backend-frontend-tls-parameter
nghttpx: Add frontend-tls parameter to backend to require client TLS
2017-01-31 21:49:51 +09:00
Tatsuhiro Tsujikawa bd97886d8e nghttpx: Use stack allocated buffer instead of making std::string 2017-01-29 22:11:33 +09:00
Tatsuhiro Tsujikawa 0b1ddad62b nghttpx: Add frontend-tls parameter to backend to require client TLS 2017-01-28 22:19:14 +09:00
Tatsuhiro Tsujikawa 540853bde8 nghttpx: Fix typo 2017-01-28 22:18:17 +09:00
Tatsuhiro Tsujikawa 1cc08c0a51 nghttpx: Show warning if PSK options are used but not supported 2017-01-26 20:34:58 +09:00
Bernard Spil 16be89f9cc nghttpx: Don't build PSK features with LibreSSL
LibreSSL removed PSK

Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2017-01-26 20:21:55 +09:00
Tatsuhiro Tsujikawa 3ddc446ba2 nghttpx: Enable backend pattern matching with http2-proxy 2017-01-26 01:04:27 +09:00
Tatsuhiro Tsujikawa b72c5f104e h2load: Fix wrong req_stat updates 2017-01-26 00:26:35 +09:00
Tatsuhiro Tsujikawa 7e6eb7e02a h2load: Explicitly count the number of requests left and inflight 2017-01-26 00:16:12 +09:00
Tatsuhiro Tsujikawa ba9f2c3ae2 Compile with Android NDK r13b using clang 2017-01-23 00:32:51 +09:00
Tatsuhiro Tsujikawa 5311185333 nghttpx: Define the maximum number of digits in uint64_t 2017-01-22 22:33:52 +09:00
Tatsuhiro Tsujikawa 2fc2a27ac1 nghttpx: Use char instead of char[] if possible 2017-01-22 22:28:14 +09:00
Tatsuhiro Tsujikawa db938afd66 nghttpx: Increase default backlog 2017-01-20 23:06:24 +09:00
Tatsuhiro Tsujikawa 89ddc47616 nghttpx: More constexpr 2017-01-20 23:04:48 +09:00
Tatsuhiro Tsujikawa 3176e872b3 nghttpx: Efficient access.log writer
Write integer to log buffer directly to improve efficiency.  Remove
unused function templates.  Use [first, last) style arguments for
copy() function templates.
2017-01-20 22:42:41 +09:00
Tatsuhiro Tsujikawa 16206d5f67 nghttp: Use std::unique_ptr for html_parser 2017-01-18 00:34:39 +09:00
Tatsuhiro Tsujikawa 0f33749790 nghttp: Take into account scheme and port when parsing HTML links
Previously, when parsing HTML links, we only take into account
overridden host.  But we actually need more variables to consider.  In
this commit, we take into account overridden scheme, host, and port to
parse HTML links.
2017-01-18 00:29:51 +09:00
Tatsuhiro Tsujikawa 5e7e4c0cc0 nghttp: config.headers should be inspected rather than req->req_nva 2017-01-17 23:00:37 +09:00
Benedikt Christoph Wolters 8f513fceca Fix authority for --get-assets if IP adress is used in conjunction with user-defined :authority header 2017-01-17 21:14:36 +09:00
Tatsuhiro Tsujikawa 685e926494 nghttpx: Add --accesslog-write-early option
--accesslog-write-early option is analogous to HAProxy's logasap.  If
used, nghttpx writes access log when response header fields are
received from backend rather than when request transaction finishes.
2017-01-13 22:12:21 +09:00
Tatsuhiro Tsujikawa a2afd393ed nghttpx: Remove field from LogSpec which can be got from Downstream 2017-01-11 22:30:12 +09:00
Tatsuhiro Tsujikawa 33aa327ef5 nghttpx: Fix access.log timestamp
access.log timestamp is now when request header fields are received,
rather than when access log is written.
2017-01-11 20:47:17 +09:00
Tatsuhiro Tsujikawa 9067ff5eee nghttp: Use nghttp2::ssl::DEFAULT_CIPHER_LIST 2017-01-09 23:50:38 +09:00
Tatsuhiro Tsujikawa efeede4192 nghttpx: Fix typo 2017-01-09 23:49:10 +09:00
Tatsuhiro Tsujikawa 6a8749873f nghttpx: Add detailed TLS connection logging 2017-01-09 23:32:35 +09:00
Tatsuhiro Tsujikawa 9b574a5a76 nghttpx: Fix typo 2017-01-09 22:19:19 +09:00
Tatsuhiro Tsujikawa 0567f1f038 Add constexpr to StringRef(const CharT *, size_t) 2017-01-09 21:15:53 +09:00
Tatsuhiro Tsujikawa 4be5de1163 src: Move log related functions from util.cc to shrpx_log.cc 2017-01-09 19:34:40 +09:00
Tatsuhiro Tsujikawa 9db1c9467c src: Add constexpr to long_options 2017-01-09 19:28:00 +09:00
Tatsuhiro Tsujikawa 3444b42d44 src: Add more constexpr 2017-01-09 17:17:48 +09:00
Tatsuhiro Tsujikawa 6595ae26ea src: Add constexpr to const objects 2017-01-09 17:11:37 +09:00
Tatsuhiro Tsujikawa 7e1a0d204b h2load: Show default cipher list in -h 2017-01-09 14:47:32 +09:00
Tatsuhiro Tsujikawa cbca2e35b5 nghttpx: Show default cipher list in -h 2017-01-09 14:43:13 +09:00
Tatsuhiro Tsujikawa fc9bdf024f src: Make DEFAULT_CIPHER_LIST constexpr char[] 2017-01-09 14:42:40 +09:00
Tatsuhiro Tsujikawa 4fa150c494 nghttpx: Use Memchunk based read buffer for frontend connection
Previously, we have dedicated read buffer for each frontend
connection.  With this commit, the buffer spaces are only used when
needed, and pooled if they are not used.  This reduces memory usage
for idle client connections.
2017-01-08 23:20:14 +09:00
Tatsuhiro Tsujikawa e8b2508036 nghttpx: Rename confusing names in HttpDownstreamConnection 2017-01-08 23:09:00 +09:00
Tatsuhiro Tsujikawa ac399e41ac nghttpx: Update doc
Mention client-ciphers, and no-http2-cipher-black-list options in
psk-secrets and client-psk-secrets options.
2017-01-08 23:04:07 +09:00
Tatsuhiro Tsujikawa 9c7e54d9b5 nghttpx: Add client-ciphers option
Previously, ciphers option sets cipher list for both frontend and
backend TLS connections.  With this commit, ciphers option only sets
cipher list for frontend connections.  The new client-ciphers option
sets cipher list for backend connection.
2017-01-08 22:40:58 +09:00
Tatsuhiro Tsujikawa 3c03024881 nghttpx: Add client-no-http2-cipher-black-list option
This commit adds client-no-http2-cipher-black-list option to disable
enforcement of HTTP/2 cipher black list on backend HTTP/2 connection.
Previously, existing no-http2-cipher-black-list option disables it for
both frontend and backend connections.  Now no-http2-cipher-black-list
option only disables it for frontend connection.
2017-01-08 22:33:19 +09:00
Tatsuhiro Tsujikawa 36dfc0a56a nghttpx: Reorganize client side TLS configuration 2017-01-08 22:25:30 +09:00
Tatsuhiro Tsujikawa 55bf6cdb15 Merge branch 'nghttpx-psk' 2017-01-08 21:10:07 +09:00
Tatsuhiro Tsujikawa 0abc220013 nghttpx: Fix the bug that no-http2-cipher-black-list does not work
Because of the redundant check in backend HTTP/2 session,
no-http2-cipher-black-list does not work on backend HTTP/2 connection.
This commit fixes it.
2017-01-08 19:43:24 +09:00
Tatsuhiro Tsujikawa c28900990a h2load: Show custom server temp key such as X25519 2017-01-08 17:58:19 +09:00
Tatsuhiro Tsujikawa 5108193d7b h2load: Fix incorrect return value from spdylay_send_callback 2017-01-08 17:32:35 +09:00
Tatsuhiro Tsujikawa 79a24f5dd9 nghttpx: Add --client-psk-secret option to enable PSK in backend 2017-01-08 00:35:55 +09:00
Tatsuhiro Tsujikawa 83c759572c nghttpx: Add --psk-secret option to enable PSK in frontend connection 2017-01-08 00:35:54 +09:00
Tatsuhiro Tsujikawa 1a07fb000b nghttpx: Enable SCT with OpenSSL 1.1.0 2017-01-06 21:29:04 +09:00
Tatsuhiro Tsujikawa b064d8a9ff Merge branch 'nghttpx-fronend-proxyproto' 2017-01-03 17:28:20 +09:00
Tatsuhiro Tsujikawa c6827a7dac nghttpx: Fix assertion error in libev ev_io_start 2017-01-03 16:43:49 +09:00
Tatsuhiro Tsujikawa 55ecb082ee nghttpx: Handle c-ares success without result 2017-01-03 14:35:05 +09:00
Tatsuhiro Tsujikawa b313386988 nghttpx: Add proxyproto to frontend option to accept PROXY protocol
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible.  To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa 3933280d29 src: Fix assertion error with boringssl
boringssl says:

/* It is an error to clear any bits that have already been set. (We can't try
 * to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
2017-01-02 11:48:38 +09:00
Tatsuhiro Tsujikawa d1ba43a69f nghttpx: Fix bug that DNS timeout was erroneously disabled 2016-12-30 11:09:02 +09:00
Tatsuhiro Tsujikawa a0779edec4 nghttpx: Fix bug that DNS timeout was ignored 2016-12-30 11:08:26 +09:00
Tatsuhiro Tsujikawa 25df164219 nghttpx: Don't write again after failure
Plain write(2) is OK, but SSL_write requires same arguments on retry.
It would be better to avoid calling them again.
2016-12-26 00:35:38 +09:00
Tatsuhiro Tsujikawa bcfa333322 nghttpx: Refactor h1 backend retry code 2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa c4aeadd57d nghttpx: Retry h1 backend request if first write fails 2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa e6b4454e48 Merge branch 'nghttpx-better-early-final-response-handling' 2016-12-24 23:02:52 +09:00
Tatsuhiro Tsujikawa 3226d21609 Merge pull request #755 from nghttp2/nghttpx-h1-frontend-keep-alive-timeout
nghttpx: Add frontend-keep-alive-timeout option
2016-12-24 23:01:17 +09:00
Tatsuhiro Tsujikawa 3d20c2dce6 nghttpx: Feed read event rather than calling on_read
on_read may fail, but we failed to check its return value most of the
places.  This is because failure means deletion of ClientHandler, but
because of architecture, we cannot delete it.  Feeding read event is
better since we can move call on_read from libev callback.  We can
delete ClientHandler form there.
2016-12-24 22:57:59 +09:00
Tatsuhiro Tsujikawa cd83d70e7b nghttpx: Don't reset stream if we have already received response 2016-12-24 22:54:22 +09:00
Tatsuhiro Tsujikawa a0ce5ea9ab nghttpx: Keep reading after backend write failed
Because of bidirectional nature of TCP, we may fail write(2), but have
still pending read in TCP buffer, which may contain response body.  To
forward them, we should keep reading until get EOF from backend.

To avoid stalling HTTP/1 upload when request buffer is full, and we
have received complete response from backend, drop connection in that
case.
2016-12-24 22:50:02 +09:00
Tatsuhiro Tsujikawa 3c600c103f nghttpx: Add frontend-keep-alive-timeout option 2016-12-23 11:01:29 +09:00
Tatsuhiro Tsujikawa 841ac75c3e nghttpx: Clarify that backend-keep-alive-timeout applies to h1 only 2016-12-23 10:49:39 +09:00
Tatsuhiro Tsujikawa 359730af54 Fix regression in ff64f64e1d 2016-12-21 23:19:10 +09:00
Tatsuhiro Tsujikawa 049e064e28 nghttpx: New error log format
To debug multi threaded configuration easier, we added current PID and
thread ID to error log.  Previously, we didn't add date and time if
log level is NOTICE.  In this change, we always write date and time
regardless of log level.
2016-12-20 23:13:19 +09:00
Tatsuhiro Tsujikawa 0463928a1e nghttpx: Fix uninitialized errors found by coverity scan 2016-12-18 22:16:52 +09:00
Tatsuhiro Tsujikawa 02d34c8c4c nghttpx: Fix dead code found by coverity scan 2016-12-18 22:14:26 +09:00
Tatsuhiro Tsujikawa cab0a76795 Use pkg-config to detect libxml2 2016-12-18 00:20:30 +09:00
Tatsuhiro Tsujikawa 22bd9fb530 nghttpx: Set DNS cache expire date for error and ok statuses only 2016-12-11 11:49:24 +09:00
Tatsuhiro Tsujikawa c487cd888f nghttpx: Periodically remove expired DNS cache entries 2016-12-11 10:42:54 +09:00
Tatsuhiro Tsujikawa fd403a85c8 nghttpx: Just return DNS_STATUS_ERROR
At the moment, we use both resolvers, and if either one is not
DNS_STATUS_IDLE, the other one is also not DNS_STATUS_IDLE.  This may
change if we are going to configure DNS so that either A or AAAA
lookup is done.  In that case, it is better to just return
DNS_STATUS_ERROR in the diff.  This is because the calling side does
not expect DNS_STATUS_IDLE in that case.
2016-12-11 10:39:19 +09:00
Tatsuhiro Tsujikawa a06a8c36a4 nghttpx: Add --dns-lookup-timeout and --dns-max-try options 2016-12-11 00:50:16 +09:00