Tatsuhiro Tsujikawa
2ab319c137
Don't hide error code from openssl
2018-09-08 17:54:35 +09:00
Tatsuhiro Tsujikawa
3992302432
Remove SSL_ERROR_WANT_WRITE handling
2018-09-08 17:54:35 +09:00
Tatsuhiro Tsujikawa
b30f312a70
Honor SSL_read semantics
2018-09-08 17:54:35 +09:00
Tatsuhiro Tsujikawa
c5cdb78a95
nghttpx: Add TLSv1.3 0-RTT early data support
2018-09-08 17:54:35 +09:00
Tatsuhiro Tsujikawa
e959e7338e
src: Refactor utos
2018-09-01 22:29:11 +09:00
Tatsuhiro Tsujikawa
fb9a204de2
nghttpx: Fix compile error without mruby
2018-08-31 21:58:35 +09:00
Tatsuhiro Tsujikawa
7417fd71a4
nghttpx: Per-pattern not per-backend
2018-08-28 17:50:01 +09:00
Tatsuhiro Tsujikawa
45acc922eb
clang-format
2018-08-27 21:34:18 +09:00
Tatsuhiro Tsujikawa
214d089910
Merge branch 'master' of https://github.com/akonskarm/nghttp2 into akonskarm-master
2018-08-27 21:30:36 +09:00
Tatsuhiro Tsujikawa
31fd707d0c
nghttpx: Fix broken healthmon frontend
2018-08-27 21:21:55 +09:00
Alexandros Konstantinakis-Karmis
9a2e38e058
fix code for reuse addr on asio client
2018-08-27 10:53:14 +03:00
Tatsuhiro Tsujikawa
6195d747ce
nghttpx: Share mruby context if it is compiled from same file
2018-08-24 23:11:21 +09:00
Tatsuhiro Tsujikawa
fb97f596e1
nghttpx: Allocate mruby file because fopen requires NULL terminated string
2018-08-24 23:08:15 +09:00
Tatsuhiro Tsujikawa
0ccc7a770d
nghttpx: Move blocked request data to request buffer for API request
2018-08-24 23:07:43 +09:00
Tatsuhiro Tsujikawa
32826466f5
nghttpx: Fix crash with API request
2018-08-24 23:07:16 +09:00
Tatsuhiro Tsujikawa
0422f8a844
nghttpx: Fix worker process crash with neverbleed write error
2018-08-24 22:22:53 +09:00
Tatsuhiro Tsujikawa
e329479a99
Merge pull request #1215 from nghttp2/mruby-per-backend
...
nghttpx: Support per-backend mruby script
2018-08-23 18:41:40 +09:00
Alexandros Konstantinakis-Karmis
866ac6ab27
add option reuse addr in local endpoint configuration of asio client
2018-08-23 18:19:10 +09:00
Tatsuhiro Tsujikawa
b574ae6aa2
nghttpx: Support per-backend mruby script
2018-08-23 18:13:29 +09:00
Tatsuhiro Tsujikawa
32d7883c47
nghttpx: Downstream::request_buf_full: take into account blocked_request_buf_
2018-08-23 10:55:42 +09:00
Tatsuhiro Tsujikawa
9b24e19763
nghttpx: Choose h1 protocol if headers have been sent to backend on retry
2018-08-22 23:20:13 +09:00
Tatsuhiro Tsujikawa
9d5b781df6
Fix stream reset if data from client is arrived before dconn is attached
2018-08-22 22:32:25 +09:00
Alexandros Konstantinakis-Karmis
c6d8c4013c
support definition of local endpoint for cleartext client session
2018-08-02 16:18:23 +09:00
Tatsuhiro Tsujikawa
880f948684
Enable IndentPPDirectives
2018-06-09 16:21:30 +09:00
Tatsuhiro Tsujikawa
fc94018b97
clang-format-6.0
2018-06-09 16:02:26 +09:00
Tatsuhiro Tsujikawa
388e785822
Fix typo
2018-06-03 13:10:32 +09:00
Tatsuhiro Tsujikawa
325612bcde
nghttp: Receive ORIGIN frame
2018-05-12 12:35:08 +09:00
Tatsuhiro Tsujikawa
3e4f257b91
asio: Support client side SNI
2018-05-03 20:29:16 +09:00
Tatsuhiro Tsujikawa
c65ca20a49
h2load: -r and --duration are mutually exclusive
2018-04-28 00:30:43 +09:00
Tatsuhiro Tsujikawa
009646421c
Use LIBRESSL_IN_USE instead of defined(LIBRESSL_VERSION_NUMBER)
2018-04-14 18:31:57 +09:00
Tatsuhiro Tsujikawa
8d0b4544f8
libressl 2.7 has X509_VERIFY_PARAM_*
2018-04-14 18:31:57 +09:00
Tatsuhiro Tsujikawa
d8a34131e1
libressl 2.7 has SSL_CTX_get0_certificate
2018-04-14 18:31:57 +09:00
Tatsuhiro Tsujikawa
5db17d0af9
Compile with libressl 2.7.2
2018-04-14 18:09:47 +09:00
Tatsuhiro Tsujikawa
1bf69b5662
Define LIBRESSL_LEGACY_API and LIBRESSL_2_7_API
...
LIBRESSL_LEGACY_API is drop-in replacement for LIBRESSL_IN_USE. In
the upcoming commits, we will add changes to support libressl 2.7.
2018-04-14 18:09:47 +09:00
Tatsuhiro Tsujikawa
e65e7711ca
Add comment on #endif
2018-04-03 21:39:44 +09:00
Tatsuhiro Tsujikawa
636ef51b0f
Fix compile error with -Wunused-function
2018-04-03 21:33:09 +09:00
Bernard Spil
400934e5a3
[PATCH] Allow building without NPN
...
NPN has been superseeded by ALPN. OpenSSL provides a configure
option to disable npn (no-npn) which results in an OpenSSL
installation that defines OPENSSL_NO_NEXTPROTONEG in opensslconf.h
The #ifdef's look safe here (as the next_proto is initialized as
nullptr). Alteratively, macros could be defined for the used npn
methods that return a 0 for next_proto.
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2018-03-25 18:27:23 +02:00
Tatsuhiro Tsujikawa
45d76cf501
nghttpx: Close listening socket on graceful shutdown
2018-02-26 22:40:24 +09:00
Tatsuhiro Tsujikawa
e70195ae91
nghttpx: Update doc
2018-02-22 16:12:38 +09:00
Tatsuhiro Tsujikawa
eb951c2ce4
src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro
2018-02-12 16:22:47 +09:00
Tatsuhiro Tsujikawa
39f0ce7c25
Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert
...
nghttpx: Add an option to accept expired client certificate
2018-02-10 16:00:43 +09:00
Tatsuhiro Tsujikawa
e8af7afc65
nghttpx: Add an option to accept expired client certificate
2018-02-08 16:51:23 +09:00
Tatsuhiro Tsujikawa
38abfd1863
nghttpx: Add mruby tls_client_not_before, and tls_client_not_after
2018-02-08 16:25:31 +09:00
Tatsuhiro Tsujikawa
ff3edc09ed
nghttpx: Fix potential memory leak
2018-02-03 18:21:42 +09:00
Tatsuhiro Tsujikawa
c1a496cf4e
nghttpx: Fix bug that h1 backend idle timeout expires sooner
2018-02-02 21:09:04 +09:00
Tatsuhiro Tsujikawa
e098a21132
mruby: Fix bug that response header is unexpectedly overwritten
...
The bug is the same bug fixed by
6deee2037d
, but in response handler.
2018-01-28 19:41:45 +09:00
Dylan Plecki
6deee2037d
Fix #1119 : Stop overwrite of first header on mruby call to env.req.set_header(..)
2018-01-26 18:49:08 -08:00
Tatsuhiro Tsujikawa
5cc3d159e1
nghttpx: Add upgrade-scheme parameter to backend option
...
If "upgrade-scheme" parameter is present in backend option along with
"tls" paramter, HTTP/2 :scheme pseudo header field is changed to
"https" from "http" when forwarding a request to this particular
backend. This is a workaround for a server which requests "https"
scheme on HTTP/2 connection encrypted by TLS.
2018-01-08 18:08:01 +09:00
Tatsuhiro Tsujikawa
0fbb46edd6
Merge pull request #1101 from nghttp2/remember-pushed-links
...
nghttpx: Remember which resource is pushed
2018-01-04 23:15:35 +09:00
Tatsuhiro Tsujikawa
74754982f1
nghttpx: Fix missing ALPN validation (--npn-list)
...
This commit fixes the bug that ALPN validation does not occur when
ALPN list is not sent from client.
2018-01-04 22:43:47 +09:00
Tatsuhiro Tsujikawa
a31a2e3b2c
nghttpx: Remember which resource is pushed
...
Remember which resource is pushed in order to conform to the semantics
described in RFC 8297.
2018-01-04 22:35:22 +09:00
Tatsuhiro Tsujikawa
cfd926f09b
src: Define 103 status code
2017-12-20 19:30:55 +09:00
Tatsuhiro Tsujikawa
4d1139f653
Remove SPDY
2017-12-17 13:28:44 +09:00
Tatsuhiro Tsujikawa
48f574076c
nghttpx: Update doc
2017-12-16 00:13:27 +09:00
Tatsuhiro Tsujikawa
216f4dad83
nghttpx: Remove redundant check
2017-12-14 21:39:22 +09:00
Tatsuhiro Tsujikawa
a4e27d766b
Revert "nghttpx: Use an existing h2 backend connection as much as possible"
...
This reverts commit f507b5eee4
.
Balancing load is more important at the moment.
2017-12-14 21:34:04 +09:00
Tatsuhiro Tsujikawa
03f7ec0f60
nghttpx: Write API request body in temporary file
2017-12-03 16:19:57 +09:00
Tatsuhiro Tsujikawa
2056e812bd
nghttpx: Increase api-max-request-body
2017-12-02 13:49:42 +09:00
Tatsuhiro Tsujikawa
04348ff20e
Merge pull request #1081 from nghttp2/nghttpx-faster-parse-config
...
nghttpx: Faster configuration loading with lots of backends
2017-12-01 23:47:34 +09:00
Tatsuhiro Tsujikawa
1ebb6810a1
nghttpx: Faster configuration loading with lots of backends
2017-12-01 23:06:06 +09:00
Tatsuhiro Tsujikawa
a3ebeeafba
nghttpx: Fix crash with --backend-http-proxy-uri option
2017-12-01 22:28:16 +09:00
Tatsuhiro Tsujikawa
ff200bfcf3
clang-format-5.0
2017-11-23 14:19:12 +09:00
Tatsuhiro Tsujikawa
0028275d7b
nghttpx: Add affinity-cookie-secure parameter to backend option
2017-11-21 22:29:22 +09:00
Tatsuhiro Tsujikawa
194acb1f2c
src: Use nghttp2_error_callback2
2017-11-19 16:51:52 +09:00
Tatsuhiro Tsujikawa
73344ae9aa
nghttpx: Use plain hex string format for client serial
2017-11-17 00:04:23 +09:00
Tatsuhiro Tsujikawa
eca0a3025b
nghttpx: Add $tls_client_serial log variable
2017-11-16 22:53:54 +09:00
Tatsuhiro Tsujikawa
4720c5cb3d
nghttpx: Make client serial available in mruby script
2017-11-16 22:53:54 +09:00
Tatsuhiro Tsujikawa
cd55ab28ab
nghttpx: Add function to get serial number from certificate
2017-11-16 22:53:54 +09:00
Tatsuhiro Tsujikawa
22502182d0
Add tls_client_issuer_name log variable and expose it to mruby
2017-11-15 23:41:47 +09:00
Tatsuhiro Tsujikawa
f5ddd7f43b
nghttpx: Make initial_addr_idx_ unsigned
2017-11-04 17:30:56 +09:00
Tatsuhiro Tsujikawa
88abbce7e7
nghttpx: Fix compile error with gcc
2017-11-04 17:30:27 +09:00
Tatsuhiro Tsujikawa
16e9036568
nghttpx: Fix affinity retry
2017-11-04 17:13:45 +09:00
Tatsuhiro Tsujikawa
fa7945c627
nghttpx: Refactor
2017-11-04 15:55:25 +09:00
Tatsuhiro Tsujikawa
daca43f0dd
nghttpx: Fix stalled backend connection on retry
2017-11-04 15:46:08 +09:00
Tatsuhiro Tsujikawa
16bc11e670
nghttpx: Remove duplicated util::make_socket_nodelay
2017-11-04 13:00:17 +09:00
Tatsuhiro Tsujikawa
8c0ea56bb8
Merge pull request #1036 from nghttp2/nghttpx-affinity-cookie
...
nghttpx: Cookie based session affinity
2017-11-01 22:45:38 +09:00
Tatsuhiro Tsujikawa
549053710b
nghttpx: Refactor
2017-11-01 22:33:49 +09:00
Tatsuhiro Tsujikawa
be5c39a1cf
src: Add tests
2017-11-01 22:18:03 +09:00
Tatsuhiro Tsujikawa
b8fda6808b
nghttpx: Cookie based session affinity
2017-11-01 22:18:03 +09:00
Tatsuhiro Tsujikawa
539e27812b
nghttpx: Add tls_client_fingerprint_sha1 to mruby and accesslog
...
Also tls_client_fingerprint is renamed to
tls_client_fingerprint_sha256.
2017-10-31 21:41:40 +09:00
Tatsuhiro Tsujikawa
7008afd40e
nghttpx: Refactor get_x509_fingerprint to accept hash function
2017-10-31 21:28:16 +09:00
Tatsuhiro Tsujikawa
60baca27e4
nghttpx: Add more TLS related attributes to mruby Env object
...
The added attributes are:
* tls_cipher
* tls_protocol
* tls_session_id
* tls_session_reused
* alpn
2017-10-29 22:42:30 +09:00
Tatsuhiro Tsujikawa
cb376bcd80
nghttpx: Add client fingerprint and subject name to accesslog
2017-10-29 21:47:00 +09:00
Tatsuhiro Tsujikawa
f2b8edd1e2
nghttpx: Fix memory leak
2017-10-29 21:46:12 +09:00
Tatsuhiro Tsujikawa
c4f8afcfde
nghttpx: Get TLS info only when it is necessary when writing accesslog
2017-10-29 21:22:33 +09:00
Tatsuhiro Tsujikawa
9f80a82c1a
nghttpx: Add client fingerprint and subject name to mruby env
2017-10-29 19:54:42 +09:00
Tatsuhiro Tsujikawa
c573c80bd3
nghttpx: Pass a pointer to SSL instead of TLSSessionInfo to LogSpec
2017-10-29 19:47:39 +09:00
Tatsuhiro Tsujikawa
3cd6817e21
Fix typos
2017-10-29 16:54:21 +09:00
Tatsuhiro Tsujikawa
aaeeec8f1c
Fix typos
2017-10-28 22:25:42 +09:00
Tatsuhiro Tsujikawa
5119e82b93
src: Fix memory leak in unit test
2017-10-24 21:40:30 +09:00
Tatsuhiro Tsujikawa
3be5856c82
nghttpx: Fix unused function warnings
2017-10-24 21:40:30 +09:00
Tatsuhiro Tsujikawa
a319143901
nghttpx: Fix bug that header fields are missing in HTTP/1.0 response
2017-10-22 01:11:32 +09:00
Tatsuhiro Tsujikawa
f507b5eee4
nghttpx: Use an existing h2 backend connection as much as possible
...
h2load measurement reveals that this strategy is 3 times faster than
the previous implementations.
2017-10-19 21:15:08 +09:00
Tatsuhiro Tsujikawa
aaa0b858e4
Amend some macro comments
2017-10-14 11:50:16 +09:00
Tatsuhiro Tsujikawa
5fa1938691
clang-format
2017-10-14 11:45:41 +09:00
Daniel Evers
c2d9a1ed6f
Support for Windows / MinGW
2017-10-12 18:15:12 +02:00
Tatsuhiro Tsujikawa
8ffe389daa
h2load: Print out h2 header fields with --verbose option
2017-09-22 18:12:20 +09:00
Tatsuhiro Tsujikawa
2576855ded
nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client only
2017-09-21 21:42:56 +09:00
Tatsuhiro Tsujikawa
cc6f759190
src: Add static to constexpr char[]
2017-09-20 23:54:10 +09:00
Tatsuhiro Tsujikawa
323001238a
clang-format
2017-09-20 22:08:22 +09:00