Tatsuhiro Tsujikawa
56e86cd944
src: h2 requires >= TLSv1.2
2017-02-14 22:21:35 +09:00
Tatsuhiro Tsujikawa
19a311ad62
Merge branch 'nghttpx-tls-min-max-proto-version'
2017-02-14 22:17:13 +09:00
Tatsuhiro Tsujikawa
b36e53cccd
nghttpx: Specify TLS protocol by version range
...
This commit deprecates --tls-proto-list option, and adds 2 new
options: --tls-min-proto-version and --tls-max-proto-version to
specify minimum and maximum protocol version respectively. Versions
between the two are enabled. The deprecated --tls-proto-list has
empty default value, and acts like enabling only specific protocol
versions in the range for now.
2017-02-14 00:01:09 +09:00
Tatsuhiro Tsujikawa
001d45efad
Merge branch 'nghttpx-graceful-sigusr2'
2017-02-12 23:52:03 +09:00
Tatsuhiro Tsujikawa
56c455bca4
nghttpx: Send SIGQUIT to the original master process
...
Previously, after sending SIGUSR2 to the original master process, and
the new master process gets ready, user has to send SIGQUIT to the
original master process to shut it down gracefully. With this commit,
the new master process sends SIGQUIT to the original master process
when it is ready to serve requests, eliminating for user to send
SIGQUIT manually.
This works nicely with systemd, because now you can replace nghttpx
binary with new one by "systemctl kill -s USR2 --kill-who=main
nghttpx".
2017-02-12 23:29:44 +09:00
Tatsuhiro Tsujikawa
4bf3cb2cc0
Revert "nghttpx: Don't capitalize h1 header fields"
...
This reverts commit f994664934
.
2017-02-12 23:27:38 +09:00
Tatsuhiro Tsujikawa
c78528d54b
nghttpx: Restrict HTTP major and minor in 0 or 1
2017-02-11 18:42:29 +09:00
Tatsuhiro Tsujikawa
f994664934
nghttpx: Don't capitalize h1 header fields
2017-02-11 18:41:52 +09:00
Tatsuhiro Tsujikawa
44e290da66
clang-format
2017-02-11 13:08:08 +09:00
Tatsuhiro Tsujikawa
8aed101585
Merge pull request #805 from pakdel/graceful_stop
...
graceful stop of nghttp2::asio_http2::server::http2
2017-02-11 13:07:10 +09:00
Tatsuhiro Tsujikawa
54ba1bebf2
Update doc
2017-02-10 22:40:57 +09:00
Tatsuhiro Tsujikawa
e44c58282e
Drop privilege of neverbleed daemon first
2017-02-10 17:43:19 +09:00
Tatsuhiro Tsujikawa
c02b1041d9
nghttpx: Use nullptr instead of NULL
2017-02-10 17:14:47 +09:00
Tatsuhiro Tsujikawa
0d20e07436
Show SYSTEMD_CFLAGS in summary
2017-02-10 17:13:34 +09:00
Tatsuhiro Tsujikawa
b7f956c967
Add --with-systemd option to configure
2017-02-10 17:13:16 +09:00
Tatsuhiro Tsujikawa
786f52a81c
Document about systemd support in README
2017-02-10 17:02:52 +09:00
Tatsuhiro Tsujikawa
23209baaf5
clang-format
2017-02-10 17:02:46 +09:00
Tatsuhiro Tsujikawa
9d2503f9c0
Merge pull request #802 from zdzichu/master
...
nghttpx: add systemd support
2017-02-10 16:17:01 +09:00
Amir Pakdel
1c31213aef
More graceful stop of nghttp2::asio_http2::server::http2
...
Explicit io_service::stop() will prevent running streams from
finishing their task. That means if there are already reposnes
that we have called end(std::string) on them and they have not
finished sending back their data, they will be closed with a
NGHTTP2_INTERNAL_ERROR
Instead, we can stop accepting connections and destroy all
io_service::work objects to signals end of work.
2017-02-09 23:34:19 -05:00
Tomasz Torcz
fdb75ba5fe
nghttpx: add systemd support
...
Add systemd's Type=notify support by sending information about
master process PID around forks.
Add some hardening option to service unit.
2017-02-09 18:58:00 +01:00
Tatsuhiro Tsujikawa
8f888b29bd
clang-format
2017-02-09 21:00:47 +09:00
clemahieu
298808f276
Holding more shared_ptrs instead of raw ptrs to make sure called objects don't get deleted.
2017-02-09 21:00:11 +09:00
Tatsuhiro Tsujikawa
a231874e1e
Merge branch 'nghttpx-certs-per-sigalg'
2017-02-08 23:36:23 +09:00
Tatsuhiro Tsujikawa
2101f4ae3f
Merge branch 'mruby-send-1xx'
2017-02-08 22:18:11 +09:00
Tatsuhiro Tsujikawa
4a06f9684f
nghttpx: Fix crash on SIGHUP with multi thread configuration
2017-02-08 22:14:23 +09:00
Tatsuhiro Tsujikawa
5f31c09410
Mention about nghttp2_data_source_read_length_callback
2017-02-08 00:40:47 +09:00
Tatsuhiro Tsujikawa
9a85c5264a
nghttpx: Send 1xx non-final response using mruby script
2017-02-08 00:30:03 +09:00
Tatsuhiro Tsujikawa
fd475e4b2f
Merge branch 'oss-fuzz'
2017-02-07 00:28:24 +09:00
Tatsuhiro Tsujikawa
5dc1d116c9
fuzz: Add README
2017-02-06 23:13:23 +09:00
Tatsuhiro Tsujikawa
c566d3f475
Add fuzzer for oss-fuzz
2017-02-06 22:14:49 +09:00
Tatsuhiro Tsujikawa
68a724cf7b
nghttpx: Select certificate by client's supported signature algo
...
nghttpx supports multiple certificates using --subcert option.
Previously, SNI hostname is used to select certificate. With this
commit, signature algorithm presented by client is also taken into
consideration. nghttpx now accepts certificates which share the same
hostname (CN, SAN), but have different signature algorithm (e.g.,
ECDSA+SHA256, RSA+SHA256).
Currently, this feature requires OpenSSL >= 1.0.2. BoringSSL, and
LibreSSL do not work since they lack required APIs.
2017-02-04 23:37:24 +09:00
Tatsuhiro Tsujikawa
779ec50e73
Merge pull request #795 from clemahieu/close_stream_iterator
...
close_stream erases from streams_ while it's being iterated over.
2017-02-04 11:37:43 +09:00
Tatsuhiro Tsujikawa
aad3e275d1
Merge branch 'clemahieu-acceptor_infinite_loop'
2017-02-04 11:35:43 +09:00
Tatsuhiro Tsujikawa
1649948e78
asio: Add curly brackets to avoid possible well known issue
2017-02-04 11:33:21 +09:00
clemahieu
6d3e010ae7
Infinite loop in acceptor handler.
2017-02-04 11:31:12 +09:00
Tatsuhiro Tsujikawa
7dddac081e
clang-format
2017-02-04 11:29:10 +09:00
Tatsuhiro Tsujikawa
588dd33241
Merge branch 'worenga-github-pr-preload'
2017-02-04 11:28:53 +09:00
clemahieu
f0b6b9508d
close_stream erases from streams_ while it's being iterated over.
...
The destructor will already clean this structure up.
2017-02-03 01:36:18 -06:00
Benedikt Christoph Wolters
14ccb24be5
add support for link rel="preload" for --get-assets
2017-02-01 15:54:15 +01:00
Tatsuhiro Tsujikawa
025ec85144
Merge pull request #790 from nghttp2/nghttpx-backend-frontend-tls-parameter
...
nghttpx: Add frontend-tls parameter to backend to require client TLS
2017-01-31 21:49:51 +09:00
Tatsuhiro Tsujikawa
bd97886d8e
nghttpx: Use stack allocated buffer instead of making std::string
2017-01-29 22:11:33 +09:00
Tatsuhiro Tsujikawa
0b1ddad62b
nghttpx: Add frontend-tls parameter to backend to require client TLS
2017-01-28 22:19:14 +09:00
Tatsuhiro Tsujikawa
540853bde8
nghttpx: Fix typo
2017-01-28 22:18:17 +09:00
Tatsuhiro Tsujikawa
c757f7d848
nghttpx: Recommend POST for backendconfig API request
2017-01-28 17:54:00 +09:00
Tatsuhiro Tsujikawa
052f3a3871
Update doc
2017-01-26 23:40:12 +09:00
Tatsuhiro Tsujikawa
2ae83e871b
Merge branch 'Sp1l-master'
2017-01-26 20:36:57 +09:00
Tatsuhiro Tsujikawa
1cc08c0a51
nghttpx: Show warning if PSK options are used but not supported
2017-01-26 20:34:58 +09:00
Bernard Spil
16be89f9cc
nghttpx: Don't build PSK features with LibreSSL
...
LibreSSL removed PSK
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2017-01-26 20:21:55 +09:00
Tatsuhiro Tsujikawa
b72c5f104e
h2load: Fix wrong req_stat updates
2017-01-26 00:26:35 +09:00
Tatsuhiro Tsujikawa
7e6eb7e02a
h2load: Explicitly count the number of requests left and inflight
2017-01-26 00:16:12 +09:00