Commit Graph

125 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 200217d8ea nghttpx: Store empty string to path for server-wide OPTIONS request
This change is required to show path attribute to mruby script.  It is
desirable to construct URI from parts.  Just checking method and path
is "*" is awkward.
2015-09-04 00:14:09 +09:00
Tatsuhiro Tsujikawa d70eb14ce0 nghttpx: Drop connection before TLS finish if h2 requirement is not fulfilled 2015-08-31 23:30:40 +09:00
Tatsuhiro Tsujikawa 1c12606e70 nghttpx: Don't allow blacked listed cipher suites for HTTP/2 connection 2015-08-19 23:42:43 +09:00
Tatsuhiro Tsujikawa b8f05c89bd nghttpx: App data in SSL is Connection, not ClientHandler 2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa e91a576179 nghttpx: Rewrite TLS async handshake using memchunk buffers 2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa 6446660113 nghttpx: Make record size timeout more durable to high load situation 2015-07-29 20:57:11 +09:00
Tatsuhiro Tsujikawa 90b4b48c7e nghttpx: Add shared session cache using memcached 2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa f96edbf987 nghttpx: Pin frontend to specific HTTP/2 session object per group 2015-07-13 21:31:37 +09:00
Tatsuhiro Tsujikawa 6307f96fb3 nghttpx: Enable host-path backend routing in HTTP/2 backend
To achieve host-path backend routing, we changed behaviour of
--backend-http2-connections-per-worker.  It now sets the number of
HTTP/2 physical connections per pattern group if pattern is used in -b
option.

Fixes GH-292
2015-07-12 23:02:30 +09:00
Tatsuhiro Tsujikawa 3119fc259c Select backend based on request host and path by extending -b option
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]].  The optional
<PATTERN>s specify the request host and path it is used for.  The
<PATTERN> can contain path, host + path or host.  The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa 197493afd4 nghttpx: Add log variables related to SSL/TLS connection
This commit add following 3 log variables to SSL/TLS connection:
$ssl_cipher, $ssl_protocol, $ssl_session_id.  If no information is
available for them, '-' is produced for each.
2015-06-28 16:44:34 +09:00
Tatsuhiro Tsujikawa 41dd5f6897 nghttpx: Tokenize request method
We share the same method value with http-parser.  This commit also
returns 501 for unknown request method on HTTP/2 and SPDY frontend.
2015-06-09 23:33:14 +09:00
Tatsuhiro Tsujikawa 9a0b9428da nghttpx: Fill request scheme in upstream
We may log before filling scheme in Downstream, so we leave
construct_absolute_request_uri as is.
2015-05-22 02:22:59 +09:00
Tatsuhiro Tsujikawa 0b27f005e0 Merge branch 'master' into v1.0.0
Conflicts:
	src/HttpServer.cc
2015-05-15 23:24:19 +09:00
Tatsuhiro Tsujikawa 38cfc5c47c Check more headers and funcs 2015-05-13 23:29:20 +09:00
Tatsuhiro Tsujikawa e63d6e490a Merge branch 'master' into v1.0.0
Conflicts:
	lib/nghttp2_option.h
	lib/nghttp2_session.h
	src/HttpServer.cc
2015-05-08 19:21:51 +09:00
Tatsuhiro Tsujikawa 4be4d875f3 nghttpx: Log absolute URI for HTTP/2 or client proxy request 2015-05-04 23:24:33 +09:00
Tatsuhiro Tsujikawa 1ab707713f nghttpx: Accept reference instead of pointer by upstream_accesslog 2015-05-04 22:45:34 +09:00
Tatsuhiro Tsujikawa 1c4df1832b Update doc, mainly for RFC numbers 2015-04-28 23:05:00 +09:00
Tatsuhiro Tsujikawa cf0576253f Merge branch 'master' into v1.0.0 2015-04-08 18:10:04 +09:00
Tatsuhiro Tsujikawa e9660c3558 nghttpx: Fix heap-use-after-free
The bug was introduced by 8c3b379b66.
2015-04-08 13:43:57 +09:00
Tatsuhiro Tsujikawa 8c3b379b66 Pool Memchunk per worker 2015-04-08 00:10:48 +09:00
Tatsuhiro Tsujikawa d42f31ca78 nghttpx: Fix bug that data buffered in SSL object are not read
This is same issue described in https://github.com/h2o/h2o/issues/268.
That is if SSL object has decrypted data buffered inside it, and
application does not read it for some reason (e.g., rate limit), we
have to check the existence of data using SSL_pending.  This is
because buffered data inside SSL is not notified by io watcher.  It is
obvious, but we totally missed it.

nghttpx code normally reads everything until SSL_read returns error
(want-read).  But if rate limit is involved, we stop reading early.
Also in HTTP/1 code, while processing one request, we just read until
buffer is filled up.  In these cases, we may suffer from this problem.

This commit fixes this problem, by performing SSL_pending() and if it
has buffered data and read io watcher is enabled, we feed event using
ev_feed_event().
2015-04-06 22:31:36 +09:00
Tatsuhiro Tsujikawa 3e50ef439d Announce h2, final HTTP/2 ALPN identifier 2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa d0c27d5229 Send 24 bytes client magic byte string by library
Previously nghttp2_session_send() and nghttp2_session_mem_send() did
not send 24 bytes client magic byte string (MAGIC).  We made
nghttp2_session_recv() and nghttp2_session_mem_recv() process MAGIC by
default, so it is natural to make library send MAGIC as well.  This
commit makes nghttp2_session_send() and nghttp2_session_mem_send()
send MAGIC.  This commit also replace "connection preface" with
"client magic", since we call MAGIC as "connection preface" but it is
just a part of connection preface.  NGHTTP2_CLIENT_CONNECTION_PREFACE
macro was replaced with NGHTTP2_CLIENT_MAGIC.  The already deprecated
NGHTTP2_CLIENT_CONNECTION_HEADER macro was removed permanently.
nghttp2_option_set_no_recv_client_preface() was renamed as
nghttp2_option_set_no_recv_client_magic().  NGHTTP2_ERR_BAD_PREFACE
was renamed as NGHTTP2_ERR_BAD_CLIENT_MAGIC.
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa 12ced1cddc nghttpx: Add flag to track connection state in HTTP/1 backend 2015-03-29 01:47:22 +09:00
Tatsuhiro Tsujikawa 3576f20e5a nghttpx: Revert part of 6f58434d89
The reverted part of the change may use not connected socket in HTTP/1
backend.
2015-03-29 01:32:27 +09:00
Tatsuhiro Tsujikawa 6f58434d89 nghttpx, h2load: Perform write whenever read succeeds 2015-03-28 19:13:14 +09:00
Tatsuhiro Tsujikawa d34095cf49 nghttpx: Pin HTTP/2 upstream to one Http2Session to improve performance 2015-03-11 21:14:55 +09:00
Tatsuhiro Tsujikawa 446de923f3 nghttpx: Support multiple HTTP/2 session per worker
Currently, we use same number of HTTP/2 sessions per worker with given
backend addresses.  New option to specify the number of HTTP/2 session
per worker will follow.
2015-03-10 23:20:21 +09:00
Tatsuhiro Tsujikawa 185ebd7b79 nghttpx: Fix crash when upgrading HTTP/2 failed 2015-03-01 10:11:45 +09:00
Tatsuhiro Tsujikawa 1c0d617742 nghttpx: Rename WorkerConfig as LogConfig
This is a sign that we only use thread-local storage for logging only.
2015-02-26 00:02:29 +09:00
Tatsuhiro Tsujikawa b161dfe573 nghttpx: Move graceful_shutdown flag from WorkerConfig to Worker
A part of an effort to eliminate thread_local WorkerConfig
2015-02-25 22:53:53 +09:00
Tatsuhiro Tsujikawa 011e3b325d nghttpx: Cancel backend request when frontend HTTP/1 connection is lost 2015-02-13 22:41:50 +09:00
Tatsuhiro Tsujikawa ae0100a9ab nghttpx: Refactor worker interface 2015-02-11 22:49:03 +09:00
Tatsuhiro Tsujikawa 4401f697e5 src: Try to write immediately after read 2015-02-11 00:44:30 +09:00
Tatsuhiro Tsujikawa 90746cdd0e nghttpx: Fix compile error with OpenSSL 1.0.2 2015-02-06 21:14:04 +09:00
Tatsuhiro Tsujikawa 54851ef7a6 src: Move make_unique to nghttp2 namespace 2015-02-06 00:15:43 +09:00
Tatsuhiro Tsujikawa b2fb888363 Share I/O code with all upstreams/downstream objects 2015-02-05 03:05:34 +09:00
Tatsuhiro Tsujikawa 6b1ef95d3f nghttpx: Replace RingBuf with sequential Buffer
It turns out that we don't need circular buffer functionality.  We
replaced RingBuf with simple sequential Buffer.
2015-01-29 22:57:56 +09:00
Tatsuhiro Tsujikawa 76a97b9718 nghttpx: Update last_write_time_ after SSL_write
SSL_write may return error indicating blocking until all given data
are written.  Because of this, it is preferable to update
last_write_time_ after SSL_write regardless of its return value.
2015-01-22 21:14:16 +09:00
Tatsuhiro Tsujikawa 3c5ca63b6f nghttpx: Fix TLS write limit does not work 2015-01-21 21:47:25 +09:00
Tatsuhiro Tsujikawa 53a41c953d nghttpx: Don't call ev_TYPE_set macro while watcher is active 2015-01-21 21:43:49 +09:00
Tatsuhiro Tsujikawa 473f1d71ff src: Clear OpenSSL error queue before SSL_shutdown 2015-01-09 09:15:01 +09:00
Tatsuhiro Tsujikawa 7add262721 nghttpx: Detect TLS renegotiation after SSL_read and SSL_write 2015-01-09 00:49:27 +09:00
Tatsuhiro Tsujikawa 4a218f1b79 nghttpx: Clear OpenSSL error and handle limit change in read_tls 2015-01-09 00:08:34 +09:00
Tatsuhiro Tsujikawa 419c03daa2 nghttpx: Fix TLS write error
SSL_write requires the same arguments (buf pointer and its length) on
SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE.  get_write_limit() may
return smaller length than previously passed to SSL_write, which
violates OpenSSL assumption.  To avoid this, we keep last legnth
passed to SSL_write to tls_last_writelen_ if SSL_write indicated I/O
blocking.
2015-01-08 23:03:56 +09:00
Tatsuhiro Tsujikawa 5473e870eb nghttpx: Use smaller buffer for reading 2015-01-08 21:28:52 +09:00
Tatsuhiro Tsujikawa 40e8eaf5fd nghttpx: Fix uninitialized pointer member 2015-01-07 00:25:42 +09:00
Tatsuhiro Tsujikawa e8107b68c8 nghttpx: Avoid std::chrono::high_resolution_clock as wall clock
This is because std::chrono::high_resolution_clock may not be wall
clock; it may be alias of std::chrono::stead_clock.
2015-01-06 23:10:11 +09:00