Commit Graph

281 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 27609327ee nghttpx: Fix heap-after-free crash in https upstream
Add Upstream::on_handler_delete() hook to safely write log for
HttpsUpstream.
2014-11-19 01:59:09 +09:00
Tatsuhiro Tsujikawa 958cd0de64 nghttpx: Add configurable access logging format
This commit adds functionality to customize access logging format in
nghttpx.  The format variables are inspired by nginx.  The default
format is combined format.
2014-11-19 01:29:55 +09:00
Tatsuhiro Tsujikawa 7fa0f2763e nghttpx: Update Alt-Svc header field spec to alt-svc-04 2014-10-28 00:17:32 +09:00
Tatsuhiro Tsujikawa b305495a75 nghttpx: Reset both timeouts when either read or write succeeds
Previously read and write timeouts work independently.  When we are
writing response to the client, read timeout still ticks (e.g., HTTP/2
or tunneled HTTPS connection).  So read timeout may occur during long
download.  This commit fixes this issue.  This commit only fixes the
upstream part.  We need similar fix for the downstream.
2014-09-18 23:03:36 +09:00
Tatsuhiro Tsujikawa 44ac571037 nghttpx: Add more handling situation where response ends before request 2014-09-17 22:53:29 +09:00
Tatsuhiro Tsujikawa 0209b7c083 nghttpx: Fix location rewrite is failed because request headers are empty
Previously we empties request headers after they are sent to
downstream in order to free memory.  But it turns out that we use
request headers when rewriting location header response field.  Also
user reported that request headers are useful to add new features.
This commits defers the deletion of request headers to the point when
response headers are deleted (which is after response headers are sent
to upstream client).
2014-08-27 21:25:25 +09:00
Tatsuhiro Tsujikawa d5dcbf6f3b nghttpx: Fix possible flow control issue
Previously we only update consumed flow control window when number of
bytes read in nghttp2 and spdylay callback is 0.  Now we notify
nghttp2 library the consumed bytes even if number of bytes read > 0.
This change also uses newly added spdylay_session_consume() API, so we
require spdylay >= 1.3.0.
2014-08-21 21:22:16 +09:00
Tatsuhiro Tsujikawa d6b495f2a7 nghttpx: Returns 503 if downstream connect fail for https upstream 2014-08-19 23:41:53 +09:00
Tatsuhiro Tsujikawa fb62a5ed4f nghttpx: Use pointer for worker_config 2014-08-19 22:29:44 +09:00
Tatsuhiro Tsujikawa a5dfe24e49 nghttpx: Use std::unique_ptr for DownstreamConnection 2014-08-19 00:20:57 +09:00
Tatsuhiro Tsujikawa 273d9f4f7d nghttpx: Use std::unique_ptr for Downstream object 2014-08-19 00:20:56 +09:00
Tatsuhiro Tsujikawa 30fa6d24d0 nghttpx: Rewirte server header field if configured as reverse proxy 2014-08-14 22:45:21 +09:00
Tatsuhiro Tsujikawa 24cfb52b5a nghttpx: Add --no-location-rewrite option
--no-location-rewrite option disallows location header rewrite on
--http2-bridge, --client and default mode.  This option is useful when
connecting nghttpx proxy with --http2-bridge to backend nghttpx with
http2-proxy mode.
2014-08-10 12:39:27 +09:00
Tatsuhiro Tsujikawa 04b5d1679f nghttpx: Log non-final response headers 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 079db14d45 Add nghttp2_session_consume() API
Reworked no automatic WINDOW_UPDATE feature.  We added new API
nghttp2_session_consume() which tells the library how many bytes are
consumed by the application.  Instead of submitting WINDOW_UPDATE by
the application, the library is now responsible to submit
WINDOW_UPDATE based on consumed bytes.  This is more reliable method,
since it enables us to properly send WINDOW_UPDATE for stream and
connection individually.  The previous implementation of nghttpx had
broken connection window management.
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 4f815521ae nghttpx, nghttpd: Support non-final response 2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa 0ce848a611 nghttpx: Rewrite logging system
This change rewrites logging system of nghttpx.  Previously access log
and error log are written to stderr or syslog and there was no option
to change stderr to something else.  With this change, file path of
access log and error log can be configured separately and logging to
regular file is now added.  To support rotating log, if SIGUSR1 signal
is received by nghttpx, it closes the current log files and reopen it
with the same name.  The format of access log is changed and has same
look of apache's.  But not all columns are not supported yet.
2014-07-05 18:43:24 +09:00
Tatsuhiro Tsujikawa ca87b45fe4 nghttpx: Don't fail backend connection if one of backend request fails 2014-06-27 22:34:54 +09:00
Tatsuhiro Tsujikawa 94b9c3771d nghttpx: Throw away request and response headers when they are done 2014-06-15 17:25:24 +09:00
Tatsuhiro Tsujikawa 7e217511bf nghttpx: Code cleanup
Mainly make nested code block to rather flat style.
2014-06-01 23:44:32 +09:00
Tatsuhiro Tsujikawa 8c67bbe3a8 src: Avoid copy in evbuffer_pullup()
Previously, we use evbuffer_pullup(buf, -1) to linearize the memory
region and it may cause buffer copy.  To avoid this, we use the return
value of evbuffer_get_contiguous_space() as 2nd parameter.  According
to the libevent manual, by doing so evbuffer_pullup() will not copy or
modify any data in evbuffer.
2014-06-01 21:01:01 +09:00
Tatsuhiro Tsujikawa 7a797b2c11 nghttpx: Reduce socket I/O buffer size 2014-05-29 22:24:15 +09:00
Tatsuhiro Tsujikawa 3f80472e0a nghttpx: Minor tweak to buffer size
Simplified when to send WINDOW_UPDATE to the backend, that is we send
WINDOW_UPDATE when input buffer is empty.
2014-05-16 21:42:30 +09:00
Tatsuhiro Tsujikawa 3b5b5ce254 Update http-parser to 8d9e5db981b623fffc93657abacdc80270cbee58 2014-05-16 00:23:03 +09:00
Tatsuhiro Tsujikawa 694cd07f1d nghttpx: Remove Connection: close header field from CONNECT response
It appears that some Android client does not like Connection: close in
200 CONNECT response.  Browsers fine with this header field.  It is
better to remove it.  Squid does not emit it too.
2014-05-15 23:45:17 +09:00
Tatsuhiro Tsujikawa 2ae1da113e src: Use C++ style comments for C++ source code 2014-05-14 23:22:23 +09:00
Tatsuhiro Tsujikawa e47b976691 src: Eliminate use of snprintf 2014-05-14 22:39:28 +09:00
Tatsuhiro Tsujikawa a8a2236da9 nghttpx: Add --add-response-header option 2014-04-26 14:56:08 +09:00
Tatsuhiro Tsujikawa f9f6cdc93d nghttpx: Specify altsvc info in one option and allow multiple occurrences 2014-04-08 22:28:50 +09:00
Tatsuhiro Tsujikawa 22c88af1ab nghttpx: Resume deferred DATA after complete DATA frame arrived on backend
If SPDY or HTTP/2 ustream is used and HTTP/2 downstream is used, only
call {spdylay,nghttp2}_resume_data when complete DATA frame was read
in backend to avoid to transmit too small DATA frame to the upstream.
2014-04-03 18:54:15 +09:00
Tatsuhiro Tsujikawa db6c41a219 nghttpx: Add altsvc related options
To advertise alternative serive, at least --altsvc-port and
--altsvc-protocol-id must be specified.
2014-04-03 13:20:50 +09:00
Tatsuhiro Tsujikawa b1edb1f3ae Don't index name/value pair bearing NO_INDEX flag when forwarding it 2014-04-03 11:22:11 +09:00
Tatsuhiro Tsujikawa ab2dc5967d Replace HTTP/2.0 with HTTP/2 2014-03-30 19:26:37 +09:00
Tatsuhiro Tsujikawa f7162ab702 Implement dependency based priority 2014-03-30 01:24:16 +09:00
Tatsuhiro Tsujikawa 864789ca65 nghttpx: Limit the maximum header block size (again) 2014-01-28 01:17:54 +09:00
Tatsuhiro Tsujikawa dfbea797bd src: Use static_cast instead of reinterpret_cast if possible 2014-01-19 21:18:37 +09:00
Tatsuhiro Tsujikawa a37bc88f40 nghttpx: Rename ClientHandler::get_pending_write_length to get_outbuf_length
And other renames.
2014-01-19 17:49:04 +09:00
Tatsuhiro Tsujikawa f59a9c5c58 nghttpx: Disable TLS renegotiation properly
4ed4efc does not disable TLS renegotiation at all, if client keeps
rengotiations without sending application data. In this change,
we intercept the raw incoming data from the client and if it is a
renegotiation, drop the connection immediately.
2014-01-19 17:25:18 +09:00
Tatsuhiro Tsujikawa 1c43cdbbc8 nghttpx: Don't rewrite location if proxy mode is used 2013-12-28 17:02:43 +09:00
Tatsuhiro Tsujikawa e955598923 nghttpx: Remove downstream_port from location rewrite code 2013-12-21 18:35:53 +09:00
Tatsuhiro Tsujikawa ccfa13cd5b nghttpx: Rewrite location header field
We thought that this kind of rewrite can be achieved by the configuration
of the backend severs, but in some configuration, however, it may get
complicated. So we decided to implement at least location rewrite in
nghttpx.

This commit also contains a fix to the bug which prevents the http2
backend request from concatenating header fields with the same value.
2013-12-21 17:49:31 +09:00
Tatsuhiro Tsujikawa b38b233aa6 nghttpx: Check failure of evbuffer_* and bufferevent_* functions 2013-12-20 23:28:54 +09:00
Tatsuhiro Tsujikawa a255e4efa6 nghttpx: Use same priority in frontend and backend HTTP2 2013-11-16 15:41:24 +09:00
Tatsuhiro Tsujikawa b1905c5815 nghttpx: More replacement of spdy with http2 2013-11-04 18:22:29 +09:00
Tatsuhiro Tsujikawa f3d71aa5bb nghttpx: Rename Spdy{Session,DownstreamConnection} to Http2{*} 2013-11-04 17:53:57 +09:00
Tatsuhiro Tsujikawa f355187176 nghttpx: Fix missing extension HTTP status code in response 2013-10-02 23:29:44 +09:00
Tatsuhiro Tsujikawa dc0af2e074 shrpx_https_upstream.cc: Code cleanup 2013-09-24 23:39:36 +09:00
Tatsuhiro Tsujikawa 769f560586 shrpx_https_upstream: Embed http_parser 2013-09-24 21:31:48 +09:00
Tatsuhiro Tsujikawa cbef6fd0c6 nghttpx: Replace \r\n with space when constructing HTTP/1 headers 2013-09-11 23:24:32 +09:00
Tatsuhiro Tsujikawa 3544bfdbef src: Move pure HTTP code from shrpx_http.cc to http2.cc 2013-08-28 02:47:22 +09:00
Tatsuhiro Tsujikawa 1f3b96e233 nghttpx: Rewrite header handling 2013-08-28 00:09:46 +09:00
Tatsuhiro Tsujikawa f620655d08 nghttp, nghttpx: Add HTTP Upgrade from HTTP/1.1 to HTTP/2.0
nghttpx does not perform upgrade if the request has request body.
2013-08-03 18:51:01 +09:00
Tatsuhiro Tsujikawa 924b1bd61a Use unmodified http-parser
Handle HTTP Upgrade and CONNECT explicitly
2013-07-31 21:48:37 +09:00
Tatsuhiro Tsujikawa ab56cd4ea3 nghttpx: Fix bug: end marker of chunked encoding is written twice 2013-07-30 21:46:00 +09:00
Tatsuhiro Tsujikawa 0edce70343 Rebranding nghttp2 2013-07-13 00:43:06 +09:00
Tatsuhiro Tsujikawa e28f169228 shrpx: More backend EOF handling
Now we set Downstream::set_response_connection_close(true) for
tunneled connections. Also call
Upstream::on_downstream_body_complete() callback when setting
MSG_COMPLETE in SpdySession when RST_STREAM is caught.  Clean up EOF
handling in https_downstream_readcb.
2013-02-11 17:20:52 +09:00
Tatsuhiro Tsujikawa d830e099a6 shrpx: Send pending response data before RST_STREAM in tunnel connection 2013-02-11 02:05:11 +09:00
Tatsuhiro Tsujikawa 4876412f7d shrpx: Check return value of HttpsUpstream::resume_read()
Currently, resume_read() fails if on_read() returns -1 in case that
evbuffer_add failed, which means, most likely, memory allocation
failure. ClientHandler is marked "should be closed", but if
evbuffer_add is failed, write callback will not be invoked and its
marking is not evaluated. It will eventually be deleted when the
client is disconnected or backend failure though.
2013-02-09 17:03:03 +09:00
Tatsuhiro Tsujikawa 9ba19df813 shrpx: Add --spdy-bridge option
With --spdy-bridge option, it listens SPDY/HTTPS connections from
front end and forwards them to the backend in SPDY. The usage will be
written later. This change fixes the crash when more than 2
outstanding SpdyDownstreamConnection objects are added to SpdySession
and establishing connection to SPDY backend is failed.
2013-02-08 21:46:58 +09:00
Tatsuhiro Tsujikawa ae0533334c shrpx: Relay Connection: upgrade header field for HTTP/1.1 connections 2013-02-01 23:30:12 +09:00
Tatsuhiro Tsujikawa f0fc026799 shrpx: Check return value of library functions 2013-01-25 22:58:07 +09:00
Tatsuhiro Tsujikawa 5774f8110d shrpx: Fix resource leak 2013-01-25 21:26:03 +09:00
Tatsuhiro Tsujikawa 29bec93eb9 shrpx: Don't run expensive INFO log code
INFO log and its surrounding code are now guarded by
LOG_ENABLED(SEVERITY) macro so that they don't run if log level
threshold is higher. This increases performance because log formatting
is somewhat expensive.
2013-01-21 22:48:08 +09:00
Tatsuhiro Tsujikawa 87c1f07013 shrpx: HttpsUpstream::error_reply() without std::stringstream 2013-01-16 22:51:33 +09:00
Tatsuhiro Tsujikawa c45fa16f94 shrpx: Add --no-via option
If --no-via option is given, shrpx does not append to Via header
field. If Via header field is received, it is left unaltered.
2013-01-09 22:03:49 +09:00
Tatsuhiro Tsujikawa be5066c450 Updated http-parser 2012-12-23 01:13:02 +09:00
Tatsuhiro Tsujikawa 90eebbc88c shrpx: Log status code, method, path and HTTP version in accesslog 2012-12-09 23:29:43 +09:00
Tatsuhiro Tsujikawa 6ef9b7430d shrpx: Color HTTP headers in console log 2012-12-09 21:36:02 +09:00
Tatsuhiro Tsujikawa bbf6c18575 shrpx: Log format change
Added macros which log messages from the following components are
prefixed with their component name + object pointer address:

ListenHandler: LISTEN
ThreadEventReceiver: THREAD_RECV
Upstream: UPSTREAM
Downstream: DOWNSTREAM
DownstreamConnection: DCONN
SpdySession: DSPDY
2012-12-09 19:15:14 +09:00
Tatsuhiro Tsujikawa 50211bc1ad shrpx: Replace "https" with "http" in log message in shrpx_https_upstream.cc 2012-11-23 21:30:57 +09:00
Tatsuhiro Tsujikawa 282b8b567a shrpx: Log upstream https request headers 2012-11-23 21:30:17 +09:00
Tatsuhiro Tsujikawa 8a5db1751e shrpx: Check the length of output buffer in write callback
Possibly because of deferred callback, we may get this callback when
the output buffer is not empty.
2012-11-22 03:13:30 +09:00
Tatsuhiro Tsujikawa 81adb6bc7f shrpx: Implement downstream SPDY flow control 2012-11-21 23:47:48 +09:00
Tatsuhiro Tsujikawa 0bf15a7694 Rename --client-mode as --client and add --client-proxy
With --client-proxy option, shrpx makes sure that the request path is
an absolute URI, otherwise it will return 400 status code.
2012-11-21 22:10:35 +09:00
Tatsuhiro Tsujikawa fa552c6788 shrpx: Share SPDY session among multiple frontend connections per thread
In client mode, now SPDY connection to the backend server is
established per thread.  The frontend connections which belong to the
same thread share the SPDY connection.
2012-11-21 01:29:39 +09:00
Tatsuhiro Tsujikawa 542fd6420b Fix recursive HttpsUpstream::on_read() call
Don't call HttpsUpstream::resume_read() from the call tree of
on_read().  Avoid parsing next http data after parse error.
2012-11-19 02:11:46 +09:00
Tatsuhiro Tsujikawa 026f4ca3a2 Add --client-mode option
With --client-mode option, shrpx now accepts unencrypted HTTP
connections and communicates with backend server in SPDY.  In short,
this is the "reversed" operation mode against normal mode.  This may
be useful for testing purpose because it can sit between HTTP client
and shrpx "normal" mode.
2012-11-18 21:46:07 +09:00
Tatsuhiro Tsujikawa abf2ddc3a6 shrpx: Use request HTTP version in HTTPS upstream response 2012-09-20 22:36:17 +09:00
Tatsuhiro Tsujikawa 5597ee68da shrpx: Use raw pointer for downstream instead of deque 2012-09-20 22:28:40 +09:00
Tatsuhiro Tsujikawa 436b201d6f shrpx: Check request_connection_close_ when deciding closing connection
When deciding whether to close the client connection, check
request_connection_close_ of Downstream in addition of
response_connection_close_. Also we only add "Connection: Keep-Alive"
header to the HTTP/1.0 or HTTP/0.9 clients.
2012-09-13 21:33:35 +09:00
Tatsuhiro Tsujikawa b0fcd68783 Move spdycat, spdyd and shrpx from examples to src
To distinguish the to-be-installed programs and non-installable
example source code, the former programs, spdycat, spdydyd and shrpx,
were moved to src directory. spdynative was removed from Makefile
because it does not appeal to any users much.
2012-09-10 21:39:51 +09:00