Commit Graph

311 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 56284b1e15 nghttpx: Fix regression introduced in f267e400fa 2016-09-15 22:03:04 +09:00
Tatsuhiro Tsujikawa f267e400fa nghttpx: Migrate backend stream to another h2 session on graceful shutdown 2016-09-15 00:53:41 +09:00
Tatsuhiro Tsujikawa 8bac5899cc nghttpx: Handle h2 backend error per Downstream
Previously we wrongly handles stream per connection when h2 backend
failed or closed.  If upstream is h2 or spdy, streams which are not
associated to the failed h2 backend are also handled, which is
unnecessary.
2016-09-14 22:18:38 +09:00
Tatsuhiro Tsujikawa f4016644a9 nghttpx: Add option to specify HPACK encoder/decoder dynamic table size 2016-09-12 22:53:02 +09:00
Tatsuhiro Tsujikawa f5a2f1da25 nghttpx: Add --frontend-http2-window-size option, and its family
We added --frontend-http2-window-size,
--frontend-http2-connection-window-size, --backend-http2-window-size,
and --backend-http2-connection-window-size option to replace existing
*-bits options.  The old options are not flexible because they only
specify number of bits.  Now we can specify integer value, with
possible g, m, and k unit.  The old options are still available for
backend compatibility, but are deprecated.
2016-09-10 16:27:48 +09:00
Tatsuhiro Tsujikawa 1064e017c6 nghttpx: Reset stream if invalid header field is received in h2 2016-08-28 00:49:38 +09:00
Tatsuhiro Tsujikawa cf7f87c2ad nghttpx: Log error code from getsockopt(SO_ERROR) on first write event 2016-08-25 00:25:03 +09:00
Tatsuhiro Tsujikawa 41b2745dad nghttpx: Log backend connection failure in WARN level 2016-08-19 16:25:05 +09:00
Tatsuhiro Tsujikawa 30f9f9ef87 nghttpx: Guard with LOG_ENABLED(INFO) 2016-08-19 16:24:48 +09:00
Tatsuhiro Tsujikawa ad3d43b8be nghttpx: Add access log variable for backend host and port
Use $backend_host and $backend_port.  $backend_host is backend host
name given in --backend option.  It could be a path to UNIX domain
socket.
2016-08-05 00:04:47 +09:00
Tatsuhiro Tsujikawa cbced219ec nghttpx: Rewrite read timer handling
For HTTP/2, read timer starts when there is no downstream, and timer
stops when there is at least one downstream.  For HTTP/1, read timer
starts when request handling finished, and timer stops when request
handling starts.
2016-06-24 00:04:39 +09:00
Tatsuhiro Tsujikawa ec5e438a7c nghttpx: Make backend fail with TLS handshake failure, including ALPN mismatch 2016-06-17 00:53:38 +09:00
Tatsuhiro Tsujikawa 9237d30e34 nghttpx: Remove flow_control_ from Http2Session
This is a legacy of SPDY era where it can disable flow control.
2016-06-04 12:38:39 +09:00
Tatsuhiro Tsujikawa ef3fa23b2e nghttpx: Send GOAWAY for retired h2 backend connection 2016-06-04 12:36:22 +09:00
Tatsuhiro Tsujikawa 845aa7a710 nghttpx: Share downstream config object
This is the unit of sharing configurations to change
2016-06-03 19:57:43 +09:00
Tatsuhiro Tsujikawa fe58614b23 nghttpx: Use std::shared_ptr for downstream addresses so that we can swap them 2016-06-03 01:20:49 +09:00
Tatsuhiro Tsujikawa e4dc6cf432 src: Use nghttp2_session_set_local_window_size() 2016-05-29 23:34:38 +09:00
Tatsuhiro Tsujikawa 2a4bf9f615 nghttpx: Allow mixed protocol and TLS settings among backends under same pattern 2016-05-24 23:36:43 +09:00
Tatsuhiro Tsujikawa 45f7c17932 nghttpx: Make backend fail if connect attempt is timed out 2016-05-24 21:59:24 +09:00
Tatsuhiro Tsujikawa 65135bc319 nghttpx: Check null just in case 2016-05-22 21:57:24 +09:00
Tatsuhiro Tsujikawa 0fca352114 nghttpx: Make SETTINGS timeout value configurable
SETTINGS timeout can be configurable using
--frontend-http2-settings-timeout and
--backend-http2-settings-timeout.
2016-05-21 14:13:57 +09:00
Tatsuhiro Tsujikawa 9a3461e2b6 nghttpx: Use ev_timer_start intead of ev_timer_again for settings_timer_
Since we only use it once, we don't have to use ev_timer_again, and
stop timer manually.
2016-05-21 13:48:41 +09:00
Tatsuhiro Tsujikawa a224aba577 nghttpx: No need to check activeness of SETTINGS ACK timer
We don't have to check activeness of SETTINGS ACK timer since we only
send SETTINGS frame without ACK only once per session at the moment.
2016-05-21 13:18:22 +09:00
Tatsuhiro Tsujikawa e99f3c58f7 nghttpx: Call downstream_failure where it should be
Also, we say connection succeeded only when we got SETTINGS ACK from
peer, rather than when we just connected to the peer in TCP or TLS.
2016-05-21 10:30:09 +09:00
Tatsuhiro Tsujikawa d1968c4465 nghttpx: Treat backend failure if SETTINGS is not received within timeout 2016-05-19 23:12:34 +09:00
Tatsuhiro Tsujikawa b011012d8f nghttpx: Use NGHTTP2_DATA_FLAG_NO_COPY for backend HTTP/2 session 2016-05-14 17:17:27 +09:00
Tatsuhiro Tsujikawa fd801864e3 nghttpx: Add sni keyword to --backend option
The --backend-tls-sni-field is deprecated in favor of sni keyword.
--backend-tls-sni-field still works, and it overrides all sni keyword
in --backend option.  But it will be removed in the future release.
2016-04-29 14:42:18 +09:00
Tatsuhiro Tsujikawa 4aa4fe56e1 nghttpx: Destroy SSL object, and always lookup TLS session cache 2016-04-28 22:25:55 +09:00
Tatsuhiro Tsujikawa 2d2b72d4eb nghttpx: Don't add 0-length DATA when response HEADERS bears END_STREAM flag 2016-04-27 21:19:28 +09:00
Tatsuhiro Tsujikawa 81f81e6b70 nghttpx: Error handling without assert 2016-04-13 19:22:32 +09:00
Tatsuhiro Tsujikawa b6708a4b87 nghttpx: Retry next HTTP/2 backend address when connection cannot be made 2016-04-13 00:38:08 +09:00
Tatsuhiro Tsujikawa f9b872ab78 nghttpx: Detect online/offline state of backend servers 2016-04-08 23:07:17 +09:00
Tatsuhiro Tsujikawa ffddefc177 nghttpx: Refactor handling of negotiated ALPN 2016-04-08 23:06:37 +09:00
Tatsuhiro Tsujikawa 2a59c832c1 nghttpx: Set 0 to next_proto_len explicitly for clarification 2016-04-08 23:03:42 +09:00
Tatsuhiro Tsujikawa 46514074a4 nghttpx: Better load balancing between backend HTTP/2 servers 2016-04-03 15:09:01 +09:00
Tatsuhiro Tsujikawa b1662a31f4 nghttpx: Fix crash with backend failure 2016-04-03 00:23:44 +09:00
Tatsuhiro Tsujikawa 2cee80acf0 nghttpx: Fix handing stream after connection check was failed 2016-03-27 15:53:26 +09:00
Tatsuhiro Tsujikawa 0875e66aab src: Remove streq(const char *) overload 2016-03-25 00:02:07 +09:00
Tatsuhiro Tsujikawa 58b06f32a2 nghttpx: Configure TLS per backend routing pattern
We added "tls" parameter to --backend option to enable TLS on that
backend connection.  --backend-tls options was deprecated, now is
noop.
2016-03-23 22:56:18 +09:00
Tatsuhiro Tsujikawa e9f4d0eec2 nghttpx: Properly log incoming GOAWAY from backend 2016-03-23 01:16:44 +09:00
Tatsuhiro Tsujikawa 0f9ed40bd9 nghttpx: Share connection among different patterns if address set are same 2016-03-23 00:01:27 +09:00
Tatsuhiro Tsujikawa 12dad32890 Add nghttp2_on_header_callback2 2016-03-12 21:13:09 +09:00
Tatsuhiro Tsujikawa eb393985b7 nghttpx: Make a copy before adding header to Downstream 2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa b1b57cc740 nghttpx: Use StringRef for authority, scheme and path 2016-03-12 21:12:26 +09:00
Tatsuhiro Tsujikawa 06921f35f3 nghttpx: Restructure mode settings
It is very hard to support multiple protocols in backend while
retaining multiple mode settings.  Therefore, we dropped modes except
for default and HTTP/2 proxy mode.  The other removed modes can be
emulated using combinations of options.  Now the backend connection is
not encrypted by default.  To enable encryption on backend connection,
use --backend-tls option.
2016-02-28 21:35:26 +09:00
Tatsuhiro Tsujikawa 1832f78684 nghttpx: Move downstream proto to DownstreamAddrGroup 2016-02-28 16:56:14 +09:00
Tatsuhiro Tsujikawa e7601cde8a nghttpx: Don't share session which is already in draining state 2016-02-28 12:41:34 +09:00
Tatsuhiro Tsujikawa aafcc55006 nghttpx: Deprecate --http2-max-concurrent-streams option
We added 2 new option instead: --frontend-http2-max-concurrent-streams
and --backend-http2-max-concurrent-streams.
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa aa892e4d37 nghttpx: Share TLS session cache between HTTP/2 and HTTP/1 backend 2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa 8ca3e5f6ba nghttpx: Separate Downstream address group from config to runtime 2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa 21007da392 nghttpx: Rewrite backend HTTP/2 connection coalesce strategy
Previously, we use one Http2Session object per DownstreamAddrGroup.
This is not flexible, and we have to provision how many HTTP/2
connection is required in advance.  The new strategy is we add
Http2Session object on demand.  We measure the number of attached
downstream connection object and server advertised concurrency limit.
As long as former is smaller than the latter, we attach new downstream
connection to it.  Once the limit is reached, we create new
Http2Session object.  If the number lowers the limit, we start to
share Http2Session object again.
2016-02-28 00:19:18 +09:00
Tatsuhiro Tsujikawa 177d0a513f nghttpx: More logging for backend connection initiation 2016-02-21 16:11:50 +09:00
Tatsuhiro Tsujikawa 11c8803b92 nghttpx: Worker wide blocker which is used when socket(2) is failed 2016-02-21 15:27:19 +09:00
Tatsuhiro Tsujikawa c9a4f293a1 nghttpx: ConnectBlocker per backend address 2016-02-21 14:53:06 +09:00
Tatsuhiro Tsujikawa 23ecfd412d nghttpx: Fix mruby compile error, clean up add_header interface 2016-02-20 23:30:02 +09:00
Tatsuhiro Tsujikawa 3ff148811b nghttpx: Use StringRef for add_hedeader 2016-02-20 23:30:02 +09:00
Tatsuhiro Tsujikawa 6f1347fc8b nghttpx: Tokenize trailer field as well so that we can ditch prohibited headers in HTTP/2 2016-02-20 23:30:02 +09:00
Tatsuhiro Tsujikawa 62c43ce2be nghttpx: Remove rb_ from HTTP/2 backend session 2016-02-07 19:20:17 +09:00
Tatsuhiro Tsujikawa 88eaeb5d1c nghttpx: Use memchunks for HTTP/2 backend 2016-02-07 18:54:44 +09:00
Tatsuhiro Tsujikawa 6c147aa1c5 nghttpx: Remove unnecessary condition 2016-02-07 18:39:06 +09:00
Tatsuhiro Tsujikawa 2a9b23bfab nghttpx: Store pointer to DownstreamAddr 2016-02-07 18:38:06 +09:00
Tatsuhiro Tsujikawa ee07694783 nghttpx: Add request-header-field-buffer and max-request-header-fields options
This commit adds request-header-field-buffer and
max-request-header-fields, and deprecates header-field-buffer and
max-header-fields options.
2016-02-06 17:22:23 +09:00
Tatsuhiro Tsujikawa eec409dba7 nghttpx: Limit header fields from backend 2016-02-06 12:27:01 +09:00
Tatsuhiro Tsujikawa 85bb37ab7c Enable ConstructorInitializerAllOnOneLineOrOnePerLine for better diff 2016-01-27 21:14:07 +09:00
Tatsuhiro Tsujikawa 2faf9623ce nghttpx: Fix crash with http2 backend 2016-01-21 17:09:50 +09:00
Tatsuhiro Tsujikawa 0402481be4 nghttpx: Organize connection related configuration into struct 2016-01-19 16:56:12 +09:00
Tatsuhiro Tsujikawa 16549bb276 nghttpx: Structured configurations for http and http2 2016-01-18 17:00:20 +09:00
Tatsuhiro Tsujikawa f3e1dc7a4f nghttpx: Structured TLS related configurations 2016-01-18 14:21:09 +09:00
Tatsuhiro Tsujikawa b12af8c410 nghttpx: Refactor backend proxy configuration 2016-01-17 22:51:40 +09:00
Tatsuhiro Tsujikawa ef5d981ab1 nghttpx: Simplify 2016-01-17 17:04:16 +09:00
Tatsuhiro Tsujikawa 2c7ed01f0c nghttpx: Use std::string for Downstream::backend_tls_sni_name 2016-01-17 01:00:15 +09:00
Tatsuhiro Tsujikawa 34d5382d66 nghttpx: Use VString for DownstreamAddr::host and hostport to remember size 2016-01-17 00:52:41 +09:00
Tatsuhiro Tsujikawa f8472f4709 nghttpx: Remove backend priority handling code
Currently, this does not do anything useful.
2016-01-15 00:17:40 +09:00
Tatsuhiro Tsujikawa 3218c160be nghttpx: Refactor Downstream::response_datalen_ 2016-01-14 23:49:21 +09:00
Tatsuhiro Tsujikawa e7e52b11ce nghttpx: Refactor Downstream::response_bodylen_ 2016-01-14 23:20:44 +09:00
Tatsuhiro Tsujikawa 3b8889a2a1 nghttpx: Extract response related fields to Response struct 2016-01-14 01:05:10 +09:00
Tatsuhiro Tsujikawa 919f08eb38 nghttpx: Extract request related fields to Request struct
Header field related functions are now gathered into FieldStore class.
This commit only handles request.  Subsequent commit will do the same
thing for response.
2016-01-14 01:04:32 +09:00
Tatsuhiro Tsujikawa 848f8fbe54 nghttpx: Don't apply max_header_fields and header_field_buffer limit to response
We modeled max_header_fields and header_field_buffer limit from Apache
configuration directives.  In Apache, they are only applied to request
header fields, while we applied both request and response.  Since
nghttpx is used as reverse proxy and backend server is relatively
"trusted", this commit removes the application to response header
fields.
2016-01-05 16:44:44 +09:00
Tatsuhiro Tsujikawa c0858d8c1a src: Minor optimization for appending single character 2015-11-28 00:03:16 +09:00
Tatsuhiro Tsujikawa 1753bea692 nghttpx: Support server push from HTTP/2 backend
This commits enables HTTP/2 server push from HTTP/2 backend to be
relayed to HTTP/2 frontend.  To use this feature, --http2-bridge or
--client is required.  Server push via Link header field contiues to
work.
2015-11-16 23:12:25 +09:00
Tatsuhiro Tsujikawa c6ef1c02b9 Switch to clang-format-3.6 2015-11-13 00:53:29 +09:00
Tatsuhiro Tsujikawa dbbed64146 nghttpx: Fix bug that causes connection failure with backend proxy URI
This is a regression when we introduced SSL/TLS session resumption in
HTTP/2 backend.  Before the introduction of session resumption,
conn_.tls.ssl is always nullptr when connection is made to proxy.  But
we have to keep conn_.tls.ssl to enable session resumption, so our
code breaks when it is reused.  This commit fixes this issue.

See GH-421
2015-11-09 21:35:53 +09:00
Lucas Pardue dcc9aaaa24 Add TLS dynamic record size behaviour command line options 2015-10-22 14:07:18 +00:00
Tatsuhiro Tsujikawa baadec5ef4 nghttpx: Add response mruby hook 2015-09-03 01:33:52 +09:00
Tatsuhiro Tsujikawa 1c12606e70 nghttpx: Don't allow blacked listed cipher suites for HTTP/2 connection 2015-08-19 23:42:43 +09:00
Tatsuhiro Tsujikawa e91a576179 nghttpx: Rewrite TLS async handshake using memchunk buffers 2015-08-13 00:42:59 +09:00
Tatsuhiro Tsujikawa ff44e211ed nghttpx: Fix tls handshake bug
This fixes 2 things:
1. potential busy loop
2. disabling ticket is not working after resumption
2015-08-09 18:33:49 +09:00
Tatsuhiro Tsujikawa 6446660113 nghttpx: Make record size timeout more durable to high load situation 2015-07-29 20:57:11 +09:00
Tatsuhiro Tsujikawa d0a37d59a5 nghttpx: Disable TLS session ticket if ticket key is not available 2015-07-29 20:38:49 +09:00
Tatsuhiro Tsujikawa cd25c6846e nghttpx: Create struct Address which holds struct sockaddr_union and length 2015-07-27 01:41:10 +09:00
Tatsuhiro Tsujikawa 90b4b48c7e nghttpx: Add shared session cache using memcached 2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa afbb99ecf7 nghttpx: Enable session resumption on HTTP/2 backend 2015-07-24 23:40:27 +09:00
Tatsuhiro Tsujikawa f96edbf987 nghttpx: Pin frontend to specific HTTP/2 session object per group 2015-07-13 21:31:37 +09:00
Tatsuhiro Tsujikawa 6307f96fb3 nghttpx: Enable host-path backend routing in HTTP/2 backend
To achieve host-path backend routing, we changed behaviour of
--backend-http2-connections-per-worker.  It now sets the number of
HTTP/2 physical connections per pattern group if pattern is used in -b
option.

Fixes GH-292
2015-07-12 23:02:30 +09:00
Tatsuhiro Tsujikawa 3119fc259c Select backend based on request host and path by extending -b option
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]].  The optional
<PATTERN>s specify the request host and path it is used for.  The
<PATTERN> can contain path, host + path or host.  The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa 0b27f005e0 Merge branch 'master' into v1.0.0
Conflicts:
	src/HttpServer.cc
2015-05-15 23:24:19 +09:00
Tatsuhiro Tsujikawa 38cfc5c47c Check more headers and funcs 2015-05-13 23:29:20 +09:00
Tatsuhiro Tsujikawa e63d6e490a Merge branch 'master' into v1.0.0
Conflicts:
	lib/nghttp2_option.h
	lib/nghttp2_session.h
	src/HttpServer.cc
2015-05-08 19:21:51 +09:00
Tatsuhiro Tsujikawa 552f675466 nghttpx: Add --header-field-buffer and --max-header-fields options 2015-04-29 21:10:59 +09:00
Tatsuhiro Tsujikawa 5937b4b6f7 Merge branch 'master' into v1.0.0 2015-04-19 23:13:38 +09:00