Tatsuhiro Tsujikawa
058122b804
nghttpx: Rename shrpx_ssl.{h,cc} as shrpx_tls.{h,cc}
...
The namespace shrpx::ssl was also renamed as shrpx::tls.
2017-04-01 15:12:28 +09:00
Tatsuhiro Tsujikawa
69f63c529d
src: Rename ssl.{h,cc} as tls.{h,cc}
...
nghttp2::ssl namespace was also renamed as nghttp2::tls.
2017-04-01 15:12:28 +09:00
Tatsuhiro Tsujikawa
a7c780a732
nghttpx: Redirect to HTTPS URI with redirect-if-not-tls param
...
This commit removes frontend-tls parameter, and adds
redirect-if-not-tls parameter parameter to --backend option. nghttpx
now responds to the request with 308 status code to redirect the
request to https URI if frontend connection is not TLS encrypted, and
redirect-if-no-tls parameter is used in --backend option. The port
number in Location header field is 443 by default (thus omitted), but
it can be configurable using --redirect-https-port option.
2017-02-18 22:32:27 +09:00
Tatsuhiro Tsujikawa
e5b84fad09
nghttpx: Fix bug that old config is used during reloading config
2017-02-16 22:46:22 +09:00
Tatsuhiro Tsujikawa
68a724cf7b
nghttpx: Select certificate by client's supported signature algo
...
nghttpx supports multiple certificates using --subcert option.
Previously, SNI hostname is used to select certificate. With this
commit, signature algorithm presented by client is also taken into
consideration. nghttpx now accepts certificates which share the same
hostname (CN, SAN), but have different signature algorithm (e.g.,
ECDSA+SHA256, RSA+SHA256).
Currently, this feature requires OpenSSL >= 1.0.2. BoringSSL, and
LibreSSL do not work since they lack required APIs.
2017-02-04 23:37:24 +09:00
Tatsuhiro Tsujikawa
83c759572c
nghttpx: Add --psk-secret option to enable PSK in frontend connection
2017-01-08 00:35:54 +09:00
Tatsuhiro Tsujikawa
8471c9e92e
nghttpx: Parse te header field a bit more properly
2016-11-07 22:47:48 +09:00
Tatsuhiro Tsujikawa
e1a865c406
nghttpx: Add BlockAllocator version of util::formax_hex
2016-10-02 22:28:42 +09:00
Tatsuhiro Tsujikawa
8a9810ed32
nghttpx: Add BlockAllocator to ClientHandler
2016-10-01 22:54:17 +09:00
Tatsuhiro Tsujikawa
f7c0d48152
nghttpx: Rewrite CertLookupTree using Router
2016-06-25 22:52:01 +09:00
Tatsuhiro Tsujikawa
084206bace
nghttpx: Handle edge case wildcard pattern and add tests
...
Suppose the wildcard patterns follows:
- *.nghttp2.org/foo
- *.img.nghttp2.org/bar
Previously, s.img.nghttp2.org/foo does not match anything. Now it
matches first pattern.
2016-06-11 13:33:59 +09:00
Tatsuhiro Tsujikawa
79968c6374
src: Rewrite strifind
2016-03-25 00:27:59 +09:00
Tatsuhiro Tsujikawa
67569486d1
src: Rewrite http:create_via_header_value
2016-03-12 21:13:09 +09:00
Tatsuhiro Tsujikawa
d64051fedc
src: Return StringRef from http2::stringify_status
2016-03-12 21:13:09 +09:00
Tatsuhiro Tsujikawa
eb393985b7
nghttpx: Make a copy before adding header to Downstream
2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa
7a412df9a5
nghttpx: Fix tests
2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa
124d4c9fad
src: Fix tests
2016-02-29 00:05:32 +09:00
Tatsuhiro Tsujikawa
9672bc322f
src: Remove unused functions
2016-02-21 16:51:46 +09:00
Tatsuhiro Tsujikawa
23ecfd412d
nghttpx: Fix mruby compile error, clean up add_header interface
2016-02-20 23:30:02 +09:00
Tatsuhiro Tsujikawa
eb0c82d91f
nghttpx: More log output when resolving addresses for better debugging
2016-02-13 23:21:32 +09:00
Tatsuhiro Tsujikawa
1cfdf386ff
src: Faster base64
2016-01-27 15:31:09 +09:00
Tatsuhiro Tsujikawa
acb38b726f
nghttpx: Don't quote Forwarded params if it is not required
2016-01-19 22:43:56 +09:00
Tatsuhiro Tsujikawa
39c0a71065
src: Add tests for ImmutableString and StringRef
2016-01-17 16:32:55 +09:00
Tatsuhiro Tsujikawa
dbbf3a4a10
nghttpx: Refactor TLS hostname match
2016-01-16 23:54:21 +09:00
Tatsuhiro Tsujikawa
3b8889a2a1
nghttpx: Extract response related fields to Response struct
2016-01-14 01:05:10 +09:00
Tatsuhiro Tsujikawa
fe8005327a
src: Make util::utos_with_unit and utos_with_funit names shorter
2016-01-11 18:12:31 +09:00
Tatsuhiro Tsujikawa
f0d2c9f94b
Compile with BoringSSL
...
Compile with BoringSSL except for neverbleed and libnghttp2_asio. The
former uses ENGINE and RSA_METHOD, and they are quite different
between OpenSSL and BoringSSL. The latter uses boost::asio, which
calls OpenSSL functions deleted in BoringSSL.
2015-09-29 23:38:17 +09:00
Lucas Pardue
ec47dfb9b8
Initial HTTP/1.1 capability. Add npn-list option to h2load. Make NPN/ALPN more runtime dependent
2015-09-17 14:49:27 +00:00
Tatsuhiro Tsujikawa
ef1595672c
nghttpx: Add Request#push in mruby scripting
...
Refactor Http2Upstream so that we can share code between link header
field based push and mruby push.
2015-09-06 00:05:07 +09:00
Tatsuhiro Tsujikawa
e91a576179
nghttpx: Rewrite TLS async handshake using memchunk buffers
2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa
90b4b48c7e
nghttpx: Add shared session cache using memcached
2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa
e8167ceea7
nghttpx: Add AES-256-CBC encryption for TLS session ticket
2015-07-18 02:02:33 +09:00
Tatsuhiro Tsujikawa
19e47a1922
nghttpx: Normalize path when setting it to Downstream
2015-07-11 16:12:35 +09:00
Tatsuhiro Tsujikawa
3119fc259c
Select backend based on request host and path by extending -b option
...
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]]. The optional
<PATTERN>s specify the request host and path it is used for. The
<PATTERN> can contain path, host + path or host. The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa
51ef646678
src: Always use our own faster simpler timegm, use it to calculate gmtoff
2015-06-29 23:14:54 +09:00
Tatsuhiro Tsujikawa
38cfc5c47c
Check more headers and funcs
2015-05-13 23:29:20 +09:00
Tatsuhiro Tsujikawa
c64bb62ffe
asio: Make redirect_handler use passed uri as is and percent-encode path part
2015-03-05 23:23:17 +09:00
Tatsuhiro Tsujikawa
7fa62c9904
src: Clean up string utlity functions
2015-02-10 23:16:34 +09:00
Tatsuhiro Tsujikawa
d151759f8a
nghttpx: Fix location rewrite, take 2
2015-02-08 21:26:47 +09:00
Tatsuhiro Tsujikawa
807d39abe3
nghttpx: Fix location rewrite does not work
2015-02-08 18:54:24 +09:00
Tatsuhiro Tsujikawa
c55d7343ca
nghttpx: Support server push using Link header field
...
nghttpx server push is initiated by looking for Link header field from
backend server response. Currently we only enable server push for
HTTP/1 backend and without HTTP/2 proxy mode. The URIs which have
rel=preload are eligible to resource to be pushed.
2015-02-08 16:10:00 +09:00
Tatsuhiro Tsujikawa
795a22a320
src: Remove ringbuf.h, use buffer.h instead
2015-02-06 23:40:34 +09:00
Tatsuhiro Tsujikawa
a91e0de06c
h2load: Add request stats (time for request min, max, mean and sd)
2015-01-31 23:49:30 +09:00
Tatsuhiro Tsujikawa
0a0618baac
nghttpx: Add test for util::duration_str, rename util::parse_duration_with_unit
2015-01-29 23:28:47 +09:00
Tatsuhiro Tsujikawa
6b1ef95d3f
nghttpx: Replace RingBuf with sequential Buffer
...
It turns out that we don't need circular buffer functionality. We
replaced RingBuf with simple sequential Buffer.
2015-01-29 22:57:56 +09:00
Tatsuhiro Tsujikawa
6a39de0ae5
nghttpx: Accept s or ms as unit for <T> argument
2015-01-28 00:36:44 +09:00
Tatsuhiro Tsujikawa
2a56a3d9ea
nghttpx: Fix te request header handling
...
Checking against "trailers" is enough for now.
2015-01-25 22:58:43 +09:00
Tatsuhiro Tsujikawa
434e80dc7b
nghttpx: Reset stream if TE header field contains other than trailer
2015-01-24 15:31:59 +09:00
Tatsuhiro Tsujikawa
d142830109
nghttpd: Issue RST_STREAM if content-length does not match uploaded bytes
2015-01-15 23:07:25 +09:00
Tatsuhiro Tsujikawa
956c11388c
nghttpx: Allow units (k, m, and g) in --{read,write}-{rate,burst}
...
So that you can specify --read-rate=1M --read-burst=4M
2015-01-13 21:54:53 +09:00