Tatsuhiro Tsujikawa
83c759572c
nghttpx: Add --psk-secret option to enable PSK in frontend connection
2017-01-08 00:35:54 +09:00
Tatsuhiro Tsujikawa
b313386988
nghttpx: Add proxyproto to frontend option to accept PROXY protocol
...
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible. To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa
3c600c103f
nghttpx: Add frontend-keep-alive-timeout option
2016-12-23 11:01:29 +09:00
Tatsuhiro Tsujikawa
a06a8c36a4
nghttpx: Add --dns-lookup-timeout and --dns-max-try options
2016-12-11 00:50:16 +09:00
Tatsuhiro Tsujikawa
d66377d4b6
nghttpx: Add dns-cache-timeout option
...
This option controls how long cached DNS entries remain valid.
2016-12-10 21:09:51 +09:00
Tatsuhiro Tsujikawa
38b5cad4e3
nghttpx: Lookup backend host name dynamically
...
We have added "dns" parameter to backend option. If specified, name
lookup is done dynamically. If not, name lookup is done at start up,
or configuration reloading. nghttpx caches DNS result including error
case in 30 seconds in this commit. Later commit makes this
configurable.
DNS resolution is done asynchronously using c-ares library.
2016-12-10 21:09:50 +09:00
Tatsuhiro Tsujikawa
3a831fa95c
nghttpx: Fix file descriptor leak in read_tls_sct_from_dir
2016-10-24 20:30:30 +09:00
Tatsuhiro Tsujikawa
8b64e7b4e1
src: Add XSI-compliant version strerror_r
2016-10-16 22:47:56 +09:00
Tatsuhiro Tsujikawa
0cf6848646
clang-format-3.9
2016-10-15 18:36:04 +09:00
Tatsuhiro Tsujikawa
00a8c378d4
nghttpx: Add --backend-connect-timeout option
2016-10-10 22:50:41 +09:00
Tatsuhiro Tsujikawa
412c8f9e67
nghttpx: Add TLS signed_certificate_timestamp extension support
2016-10-09 18:43:36 +09:00
Tatsuhiro Tsujikawa
8babaac8c3
nghttpx: Add --ecdh-curves option to specify list of named curves
...
This option requires OpenSSL >= 1.0.2. With OpenSSL 1.0.2, the
default value is "P-256". With OpenSSL 1.1.0 or later, the default
value is "X25519:P-256".
2016-10-08 10:50:56 +09:00
Tatsuhiro Tsujikawa
9439ba75d3
nghttpx: Fix heap-use-after-free when executing new binary
2016-10-04 00:32:02 +09:00
Tatsuhiro Tsujikawa
dba0d2791c
nghttpx: Use emplace_back instead of push_back
2016-10-03 22:09:46 +09:00
Tatsuhiro Tsujikawa
8efccddcf4
nghttpx: Use StringRef for HttpProxy
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
97843e3874
nghttpx: Use StringRef for tls_proto_list
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
5dd2704051
nghttpx: Use StringRef for tls.npn_list
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
de7b7fd440
nghttpx: Use StringRef for tls.subcerts
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
1037d3ad26
nghttpx: Use StringRef for tls.ticket.files
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
c4368a9416
nghttpx: Use StringRef for AltSvc fields
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
fdc1eb526b
nghttpx: Use HeaderRefs for add_request_headers and add_response_headers
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
99a91e3172
nghttpx: Add BlockAllocator to Config object
2016-10-03 22:09:45 +09:00
Tatsuhiro Tsujikawa
272cfa320e
nghttpx: Use BlockAllocator per DownstreamConfig
2016-10-02 22:28:43 +09:00
Tatsuhiro Tsujikawa
f4016644a9
nghttpx: Add option to specify HPACK encoder/decoder dynamic table size
2016-09-12 22:53:02 +09:00
Tatsuhiro Tsujikawa
456038e3de
nghttpx: Fix compile error with gcc
2016-09-10 16:51:35 +09:00
Tatsuhiro Tsujikawa
f5a2f1da25
nghttpx: Add --frontend-http2-window-size option, and its family
...
We added --frontend-http2-window-size,
--frontend-http2-connection-window-size, --backend-http2-window-size,
and --backend-http2-connection-window-size option to replace existing
*-bits options. The old options are not flexible because they only
specify number of bits. Now we can specify integer value, with
possible g, m, and k unit. The old options are still available for
backend compatibility, but are deprecated.
2016-09-10 16:27:48 +09:00
Tatsuhiro Tsujikawa
27b250ac8e
nghttpx: Add experimental TCP optimization for h2 frontend
2016-09-10 16:27:48 +09:00
Tatsuhiro Tsujikawa
136aae725f
nghttpx: Add --no-server-rewrite option not to rewrite server header field
2016-08-31 23:47:15 +09:00
Tatsuhiro Tsujikawa
13d3f785bd
Make ImmutableString(const std::string&) explicit
2016-08-26 22:52:08 +09:00
Tatsuhiro Tsujikawa
39c068974d
Make ImmutableString(const char*) explicit
2016-08-26 22:40:59 +09:00
Tatsuhiro Tsujikawa
0d4d1a63d4
nghttpx: Add --server-name option to change server response header field
2016-08-26 22:28:09 +09:00
Tatsuhiro Tsujikawa
ad3d43b8be
nghttpx: Add access log variable for backend host and port
...
Use $backend_host and $backend_port. $backend_host is backend host
name given in --backend option. It could be a path to UNIX domain
socket.
2016-08-05 00:04:47 +09:00
Tatsuhiro Tsujikawa
8c3e864989
nghttpx: Define ~Config for automatic clean up with std::unique_ptr
...
Now config global is backed with std::unique_ptr. configuration
swapping dance is now a bit cleaner, but YMMV.
2016-07-31 19:01:29 +09:00
Tatsuhiro Tsujikawa
1214f9e23b
nghttpx: Reload configuration with SIGHUP
...
This commit implements configuration reloading with SIGHUP.
There are rough edges left:
* Rename SignalServer with more meaningful name, say, WorkerProcess.
* We should introduce global configuration object which is not
affected by configuration reloading. It should hold cmdcfgs, argc,
argv, and last worker PID.
* We should close the listener file descriptor when some operation was
failed after that.
2016-07-31 15:57:41 +09:00
Tatsuhiro Tsujikawa
30f26a2b9d
nghttpx: Explicitly cast to uint32_t for hash calculation
2016-07-06 23:58:53 +09:00
Tatsuhiro Tsujikawa
2bbe4422d2
nghttpx: Use consistent hashing for client IP based session affinity
...
We use technique described in https://github.com/RJ/ketama
2016-07-06 23:31:10 +09:00
Tatsuhiro Tsujikawa
aa16412850
nghttpx: Add --backend-max-backoff option
2016-06-22 00:13:43 +09:00
Tatsuhiro Tsujikawa
e2bdf1d734
nghttpx: Enforce the fact that api and healthmon are mutually exclusive
2016-06-21 22:44:26 +09:00
Tatsuhiro Tsujikawa
fa8bccbae2
nghttpx: Move api enabled to APIConfig
2016-06-17 00:09:15 +09:00
Tatsuhiro Tsujikawa
56e7cd4be2
nghttpx: Add healthmon parameter to -f option to enable health monitor mode
2016-06-17 00:00:37 +09:00
Tatsuhiro Tsujikawa
af9662f971
nghttpx: Make API processing one of alternative mode
2016-06-16 23:30:35 +09:00
Tatsuhiro Tsujikawa
af4e262d47
nghttpx: Use AI_NUMERICSERV
2016-06-16 23:06:17 +09:00
Tatsuhiro Tsujikawa
50c9c3358a
nghttpx: Silence logging
2016-06-16 22:12:42 +09:00
Tatsuhiro Tsujikawa
6f025619de
nghttpx: Use dedicated worker for API processing
...
Some API processing is very slow (e.g., getaddrinfo). To avoid to
slow down regular request handling, if multi threaded configuration is
enabled, we allocate dedicated worker for API.
2016-06-16 21:22:36 +09:00
Tatsuhiro Tsujikawa
a809da68a3
nghttpx: Aggregate router configuration into one struct
2016-06-11 18:25:38 +09:00
Tatsuhiro Tsujikawa
288449b9bc
nghttpx: Rewrite wildcard router
2016-06-10 23:43:44 +09:00
Tatsuhiro Tsujikawa
38f4f50e93
nghttpx: Erase wildcard patterns with http2 proxy enabled
2016-06-09 23:32:27 +09:00
Tatsuhiro Tsujikawa
143d0b69b7
nghttpx: Implement client IP based session affinity
2016-06-09 22:35:59 +09:00
Tatsuhiro Tsujikawa
851cbd49f4
nghttpx: Only parse backend option for API request for now
2016-06-04 17:43:37 +09:00
Tatsuhiro Tsujikawa
8288f5713b
nghttpx: Add --api-max-request-body option to set maximum API request body size
2016-06-04 17:24:54 +09:00
Tatsuhiro Tsujikawa
43913838b4
nghttpx: Retain memory in Router
2016-06-03 23:52:44 +09:00
Tatsuhiro Tsujikawa
845aa7a710
nghttpx: Share downstream config object
...
This is the unit of sharing configurations to change
2016-06-03 19:57:43 +09:00
Tatsuhiro Tsujikawa
fe58614b23
nghttpx: Use std::shared_ptr for downstream addresses so that we can swap them
2016-06-03 01:20:49 +09:00
Tatsuhiro Tsujikawa
2fd095d036
nghttpx: Share the code to configure backends
2016-06-03 00:22:55 +09:00
Tatsuhiro Tsujikawa
09150a7927
nghttpx: Pass pointer to Config object to store parsed configurations
2016-06-02 23:59:59 +09:00
Tatsuhiro Tsujikawa
2a0d0e798b
nghttpx: Add api parameter to --frontend option to mark API endpoint
2016-06-02 23:50:00 +09:00
Tatsuhiro Tsujikawa
2a4bf9f615
nghttpx: Allow mixed protocol and TLS settings among backends under same pattern
2016-05-24 23:36:43 +09:00
Tatsuhiro Tsujikawa
0fca352114
nghttpx: Make SETTINGS timeout value configurable
...
SETTINGS timeout can be configurable using
--frontend-http2-settings-timeout and
--backend-http2-settings-timeout.
2016-05-21 14:13:57 +09:00
Tatsuhiro Tsujikawa
d39335829d
nghttpx: Enable kqueue by default
...
We enabled libev kqueue backend in nghttpx by default. Since it might
not work on some platforms, we also added --no-kqueue option to
disable it.
2016-05-06 23:10:09 +09:00
Tatsuhiro Tsujikawa
fd801864e3
nghttpx: Add sni keyword to --backend option
...
The --backend-tls-sni-field is deprecated in favor of sni keyword.
--backend-tls-sni-field still works, and it overrides all sni keyword
in --backend option. But it will be removed in the future release.
2016-04-29 14:42:18 +09:00
Tatsuhiro Tsujikawa
9e64d10223
nghttpx: Move fall/rise configuration to --backend option
...
This commit removes --backend-fall and --backend-rise options. The
these configurations are now set as fall and rise parameters in
--backend option.
2016-04-09 21:58:08 +09:00
Tatsuhiro Tsujikawa
7bc35044c7
nghttpx: Add --backend-fall and --backend-rise options
...
These options are analogous to fall and rise parameter found in
haproxy.
2016-04-08 23:07:17 +09:00
Tatsuhiro Tsujikawa
e30edb096a
clang-format
2016-03-29 22:11:42 +09:00
Tatsuhiro Tsujikawa
cdb466956d
nghttpx: One more fix for usage help
2016-03-29 22:10:30 +09:00
Jianqing Wang
199600af73
Fix error messages on deprecated mode
2016-03-29 12:09:52 +08:00
Tatsuhiro Tsujikawa
a104d8a80b
fixup! nghttpx: Use StringRef for SHRPX_UNIX_PATH_PREFIX
2016-03-25 01:10:25 +09:00
Tatsuhiro Tsujikawa
848e45e333
nghttpx: Use StringRef for SHRPX_UNIX_PATH_PREFIX
2016-03-25 01:00:04 +09:00
Tatsuhiro Tsujikawa
2d2d6c3cc0
src: Remove istarts_with(const char*) overload
2016-03-25 00:14:12 +09:00
Tatsuhiro Tsujikawa
17ccbae084
src: Don't compare against c-string
2016-03-25 00:07:21 +09:00
Tatsuhiro Tsujikawa
0875e66aab
src: Remove streq(const char *) overload
2016-03-25 00:02:07 +09:00
Tatsuhiro Tsujikawa
13596bde90
nghttpx: Refactor option handling using StringRef
2016-03-24 22:15:58 +09:00
Tatsuhiro Tsujikawa
daa1ae3a45
nghttpx: Cosmetic change
2016-03-24 00:38:10 +09:00
Tatsuhiro Tsujikawa
44ee67ff71
nghttpx: Refactor split_host_port
2016-03-24 00:35:13 +09:00
Tatsuhiro Tsujikawa
144ae3af9d
nghttpx: Memcached connection encryption with tls keyword
...
Like frontend and backend options, encryption for memcached
connections is configured using tls keyword in
tls-session-cache-memcached and tls-ticket-key-memcached options.
tls-session-cache-memcached-tls and tls-ticket-key-memcached-tls
options are deprecated.
2016-03-24 00:22:13 +09:00
Tatsuhiro Tsujikawa
eec0b04a33
nghttpx: Enable/disable TLS per frontend address
...
This change allows user to disable TLS per frontend address using
no-tls keyword in --frontend option. We removed --frontend-no-tls in
favor of this new feature.
2016-03-23 23:56:09 +09:00
Tatsuhiro Tsujikawa
58b06f32a2
nghttpx: Configure TLS per backend routing pattern
...
We added "tls" parameter to --backend option to enable TLS on that
backend connection. --backend-tls options was deprecated, now is
noop.
2016-03-23 22:56:18 +09:00
Tatsuhiro Tsujikawa
d2b55ad1a2
nghttpx: Allow '*' in --error-page to be used as wildcard
2016-03-19 23:49:15 +09:00
Tatsuhiro Tsujikawa
d7051f5207
nghttpx: Add custom error pages
2016-03-19 23:41:21 +09:00
Tatsuhiro Tsujikawa
3b2811bfc4
nghttpx: Remove AltSvc ctor
2016-03-13 14:01:59 +09:00
Tatsuhiro Tsujikawa
27275a02ac
nghttpx: Remove unused EMPTY_STRING
2016-03-13 13:59:06 +09:00
Tatsuhiro Tsujikawa
34d209b30b
nghttpx: Add wildcard host routing
...
This change allows host pattern in --backend to include '*' to
indicate wildcard match. The wildcard match is made in suffix match
only.
2016-03-13 01:01:34 +09:00
Tatsuhiro Tsujikawa
7a412df9a5
nghttpx: Fix tests
2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa
478fde5fef
nghttpx: Fix compile error
2016-02-29 01:16:45 +09:00
Tatsuhiro Tsujikawa
2326337d32
nghttpx: Deprecate backend-http1-connections-per-host in favor of backend-connections-per-host
2016-02-28 22:15:49 +09:00
Tatsuhiro Tsujikawa
06921f35f3
nghttpx: Restructure mode settings
...
It is very hard to support multiple protocols in backend while
retaining multiple mode settings. Therefore, we dropped modes except
for default and HTTP/2 proxy mode. The other removed modes can be
emulated using combinations of options. Now the backend connection is
not encrypted by default. To enable encryption on backend connection,
use --backend-tls option.
2016-02-28 21:35:26 +09:00
Tatsuhiro Tsujikawa
44d3801760
nghttpx: Deprecate backend-http1-connections-per-frontend in favor of backend-connections-per-frontend
2016-02-28 17:11:12 +09:00
Tatsuhiro Tsujikawa
aafcc55006
nghttpx: Deprecate --http2-max-concurrent-streams option
...
We added 2 new option instead: --frontend-http2-max-concurrent-streams
and --backend-http2-max-concurrent-streams.
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa
c731d1fea5
nghttpx: Deprecate --backend-http2-connections-per-worker option
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa
8ca3e5f6ba
nghttpx: Separate Downstream address group from config to runtime
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa
c098b4ac70
nghttpx: Remove --backend-tls-session-cache-per-worker option
2016-02-25 22:46:25 +09:00
Tatsuhiro Tsujikawa
aa3373a107
nghttpx: Use ImmutableString for mruby_file
2016-02-14 22:27:59 +09:00
Tatsuhiro Tsujikawa
7aabc6b125
nghttpx: Use ImmutableString for user
2016-02-14 22:21:55 +09:00
Tatsuhiro Tsujikawa
76a425226f
nghttpx: Use ImmutableString for pid_file
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
2b707bff27
nghttpx: Use ImmutableString for log file
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
9055323b67
nghttpx: Use ImmutableString for request_header_file and response_header_file
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
67804cfc8c
nghttpx: Use ImmutableString for ciphers
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
2344932b45
nghttpx: Use ImmutableString for dh_param_file
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
35ebdd35bc
nghttpx: Use ImmutableString for private_key_file
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
ac81003669
nghttpx: Use ImmutableString for cert_file
2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa
c999987baf
nghttpx: Use ImmutableString for private_key_file
2016-02-14 22:17:10 +09:00