5b42815afb
nghttpx: Strip incoming Early-Data header field by default
2018-09-09 22:37:22 +09:00
cfe7fa9a75
nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
2018-09-09 16:35:47 +09:00
cb8a9d58fd
src: Remove TLSv1.3 ciphers from DEFAULT_CIPHER_LIST
...
TLSv1.3 ciphers are treated differently from the ciphers for TLSv1.2
or earlier.
2018-09-09 15:53:04 +09:00
9b03c64f68
nghttpx: Should postpone early data by default
2018-09-08 19:22:30 +09:00
b8eccec62d
nghttpx: Disable OpenSSL anti-replay
2018-09-08 19:10:59 +09:00
9f21258720
Specify SSL_CTX_set_max_early_data and add an option to change max value
2018-09-08 17:59:28 +09:00
47f6012407
nghttpx: Add an option to postpone early data processing
2018-09-08 17:57:21 +09:00
770e44de4d
Implement draft-ietf-httpbis-replay-02
...
nghttpx sends early-data header field when forwarding requests which
are received in TLSv1.3 early data, and the TLS handshake is still in
progress.
2018-09-08 17:54:35 +09:00
2ab319c137
Don't hide error code from openssl
2018-09-08 17:54:35 +09:00
3992302432
Remove SSL_ERROR_WANT_WRITE handling
2018-09-08 17:54:35 +09:00
b30f312a70
Honor SSL_read semantics
2018-09-08 17:54:35 +09:00
c5cdb78a95
nghttpx: Add TLSv1.3 0-RTT early data support
2018-09-08 17:54:35 +09:00
e959e7338e
src: Refactor utos
2018-09-01 22:29:11 +09:00
fb9a204de2
nghttpx: Fix compile error without mruby
2018-08-31 21:58:35 +09:00
7417fd71a4
nghttpx: Per-pattern not per-backend
2018-08-28 17:50:01 +09:00
45acc922eb
clang-format
2018-08-27 21:34:18 +09:00
214d089910
Merge branch 'master' of https://github.com/akonskarm/nghttp2 into akonskarm-master
2018-08-27 21:30:36 +09:00
31fd707d0c
nghttpx: Fix broken healthmon frontend
2018-08-27 21:21:55 +09:00
9a2e38e058
fix code for reuse addr on asio client
2018-08-27 10:53:14 +03:00
6195d747ce
nghttpx: Share mruby context if it is compiled from same file
2018-08-24 23:11:21 +09:00
fb97f596e1
nghttpx: Allocate mruby file because fopen requires NULL terminated string
2018-08-24 23:08:15 +09:00
0ccc7a770d
nghttpx: Move blocked request data to request buffer for API request
2018-08-24 23:07:43 +09:00
32826466f5
nghttpx: Fix crash with API request
2018-08-24 23:07:16 +09:00
0422f8a844
nghttpx: Fix worker process crash with neverbleed write error
2018-08-24 22:22:53 +09:00
e329479a99
Merge pull request #1215 from nghttp2/mruby-per-backend
...
nghttpx: Support per-backend mruby script
2018-08-23 18:41:40 +09:00
866ac6ab27
add option reuse addr in local endpoint configuration of asio client
2018-08-23 18:19:10 +09:00
b574ae6aa2
nghttpx: Support per-backend mruby script
2018-08-23 18:13:29 +09:00
32d7883c47
nghttpx: Downstream::request_buf_full: take into account blocked_request_buf_
2018-08-23 10:55:42 +09:00
9b24e19763
nghttpx: Choose h1 protocol if headers have been sent to backend on retry
2018-08-22 23:20:13 +09:00
9d5b781df6
Fix stream reset if data from client is arrived before dconn is attached
2018-08-22 22:32:25 +09:00
c6d8c4013c
support definition of local endpoint for cleartext client session
2018-08-02 16:18:23 +09:00
880f948684
Enable IndentPPDirectives
2018-06-09 16:21:30 +09:00
fc94018b97
clang-format-6.0
2018-06-09 16:02:26 +09:00
388e785822
Fix typo
2018-06-03 13:10:32 +09:00
325612bcde
nghttp: Receive ORIGIN frame
2018-05-12 12:35:08 +09:00
3e4f257b91
asio: Support client side SNI
2018-05-03 20:29:16 +09:00
c65ca20a49
h2load: -r and --duration are mutually exclusive
2018-04-28 00:30:43 +09:00
009646421c
Use LIBRESSL_IN_USE instead of defined(LIBRESSL_VERSION_NUMBER)
2018-04-14 18:31:57 +09:00
8d0b4544f8
libressl 2.7 has X509_VERIFY_PARAM_*
2018-04-14 18:31:57 +09:00
d8a34131e1
libressl 2.7 has SSL_CTX_get0_certificate
2018-04-14 18:31:57 +09:00
5db17d0af9
Compile with libressl 2.7.2
2018-04-14 18:09:47 +09:00
1bf69b5662
Define LIBRESSL_LEGACY_API and LIBRESSL_2_7_API
...
LIBRESSL_LEGACY_API is drop-in replacement for LIBRESSL_IN_USE. In
the upcoming commits, we will add changes to support libressl 2.7.
2018-04-14 18:09:47 +09:00
e65e7711ca
Add comment on #endif
2018-04-03 21:39:44 +09:00
636ef51b0f
Fix compile error with -Wunused-function
2018-04-03 21:33:09 +09:00
400934e5a3
[PATCH] Allow building without NPN
...
NPN has been superseeded by ALPN. OpenSSL provides a configure
option to disable npn (no-npn) which results in an OpenSSL
installation that defines OPENSSL_NO_NEXTPROTONEG in opensslconf.h
The #ifdef's look safe here (as the next_proto is initialized as
nullptr). Alteratively, macros could be defined for the used npn
methods that return a 0 for next_proto.
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2018-03-25 18:27:23 +02:00
45d76cf501
nghttpx: Close listening socket on graceful shutdown
2018-02-26 22:40:24 +09:00
e70195ae91
nghttpx: Update doc
2018-02-22 16:12:38 +09:00
eb951c2ce4
src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro
2018-02-12 16:22:47 +09:00
39f0ce7c25
Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert
...
nghttpx: Add an option to accept expired client certificate
2018-02-10 16:00:43 +09:00
e8af7afc65
nghttpx: Add an option to accept expired client certificate
2018-02-08 16:51:23 +09:00
Tatsuhiro Tsujikawa
Alexandros Konstantinakis-Karmis
Bernard Spil