87360b4f7d
nghttpx: Require TLSv.12 for h2
2014-06-18 12:09:30 +09:00
174e410b93
Use hex in nghttp2_error_code and nghttp2_settings_id
2014-06-18 10:48:31 +09:00
94b9c3771d
nghttpx: Throw away request and response headers when they are done
2014-06-15 17:25:24 +09:00
041cec2d97
nghttpx: Check error from SSL_set_fd
2014-06-12 23:39:58 +09:00
25b58d5e22
nghttpx: Code cleanup
2014-06-12 23:37:33 +09:00
1ee847c21a
nghttp: Code cleanup
2014-06-12 22:48:40 +09:00
1af9a9cee0
nghttpx: Don't stderr log if syslog is used
...
This change also reverts previous commits and tty is set to false if
syslog is used.
2014-06-12 21:47:00 +09:00
6a2950aef0
nghttpx: Make tty to false when daemonized
2014-06-12 00:19:46 +09:00
9b174bf5c9
Fix compile error with -Wshorten-64-to-32
...
The original patch was contributed by Alexis La Goutte
2014-06-11 23:37:16 +09:00
21c4931197
nghttpx: Get rid of openssl filter
...
Libevent Openssl filter is very inconvenient in various respect. The
most annoying thing is it somehow emits data when SSL_shutdown is
called. The reason we introduced this filter solution is drop
connection if TLS renegotiation is detected. This commit implements
renegotiation detection and drop connection without filtering.
2014-06-11 01:16:49 +09:00
24762db8f5
nghttpx: Drop connection if HTTP/2 security level is not satisfied on backend
2014-06-11 00:19:54 +09:00
492b42e6e9
nghttpx: Drop connection if HTTP/2 security level is not satisfied on frontend
2014-06-11 00:07:51 +09:00
d6b5824c9c
nghttpx: Don't check TLS requirement in ALPN cb cause cipher obj is nullptr
...
Also don't compare ALPN identifier with streq, since they are just
byte string.
2014-06-10 23:22:52 +09:00
c204861dec
nghttpx: Create NPN prefs only once
2014-06-10 23:22:23 +09:00
7b0ed5d9bd
nghttpx: Only allow DHE, ECDHE + AEAD ciphers for HTTP/2
...
Cipher suites are chosen by DHE and ECDHE ciphers + GCM (AEAD). Now
default cipher list is the one recommended by Mozilla web site. The
--honor-cipher-order option is removed and now it is always assumed.
2014-06-10 22:47:22 +09:00
5f5b5378c9
Merge branch 'master' into h2-13
...
Conflicts:
lib/nghttp2_session.c
2014-06-10 21:38:26 +09:00
dacc9b2f1c
Separate extension frames from core frames
...
ALTSVC and BLOCKED frames are now extension frames. To add new
extension frame without modifying nghttp2_frame union, which causes so
name bump, we separated extension frames from core frames.
nghttp2_frame includes generic nghttp2_extension. The payload member
of nghttp2_extension will point to the structure of extension frame
payload. The frame types of extension frames are defined in
nghttp2_ext_frame_type.
2014-06-09 23:16:54 +09:00
de14c02227
nghttpx: Code cleanup
2014-06-08 23:09:44 +09:00
e665123ebe
nghttpx: Use nullptr instead of NULL
2014-06-08 23:09:44 +09:00
db8af31e2b
nghttpx: Code cleanup
2014-06-08 23:09:44 +09:00
0fd5b2aa32
nghttpx: Use std::vector for tls_proto_list and npn_list
...
Now SSL/TLS option mask to disable particular SSL/TLS protocol
versions are pre-calculated and stored in Config.
2014-06-08 23:09:44 +09:00
1f58be423d
nghttpx: Use nullptr instead of 0
2014-06-08 21:05:36 +09:00
14b818efc8
nghttpx: Use std::unique_ptr<char[]> instead of char*
2014-06-08 21:02:40 +09:00
c46d3dafc6
Remove PAD_HIGH and Pad High field
...
CONTINUATION now doesn't have padding.
2014-06-07 18:15:36 +09:00
3db8935e20
Remove per-frame compression
2014-06-07 16:04:43 +09:00
b8ed74c1ec
nghttpx: Disable SSL_CTX_set_ecdh_auto() for now
2014-06-06 23:17:32 +09:00
fcec996925
h2load: Use 1 thread if the number of concurrent client is 1
2014-06-06 23:11:08 +09:00
7cb28e88e2
h2load: Return Stats rather than Worker from std::future
2014-06-06 23:08:32 +09:00
aea4001d73
deflatehd: Fix crash with -t option
2014-06-05 00:59:22 +09:00
7e217511bf
nghttpx: Code cleanup
...
Mainly make nested code block to rather flat style.
2014-06-01 23:44:32 +09:00
8c67bbe3a8
src: Avoid copy in evbuffer_pullup()
...
Previously, we use evbuffer_pullup(buf, -1) to linearize the memory
region and it may cause buffer copy. To avoid this, we use the return
value of evbuffer_get_contiguous_space() as 2nd parameter. According
to the libevent manual, by doing so evbuffer_pullup() will not copy or
modify any data in evbuffer.
2014-06-01 21:01:01 +09:00
cc250386df
nghttpx: Lower read watermark
2014-06-01 02:32:26 +09:00
3b7c733246
nghttpx: Fix typo
2014-06-01 02:32:15 +09:00
7e5567341f
nghttpx: Set timeout to underlying bufferevent
...
Setting write timeout to filter bufferevent does not work as intended.
It timeouts even when there is no data to write.
2014-06-01 02:25:23 +09:00
7a797b2c11
nghttpx: Reduce socket I/O buffer size
2014-05-29 22:24:15 +09:00
86ab9f33de
nghttpx: Fix regression bug that frame with stream_id = 0 not handled
2014-05-28 00:26:27 +09:00
d844b0acd0
h2load: Use std::async to dispatch parallel jobs
2014-05-26 23:29:28 +09:00
1fa5852f8f
nghttpx: Treat '*' in <HOST> parameter of --frontend as wildcard explicitly
...
It seems that specifyig '*' to node parameter in getaddrinfo() is
treated as specifying NULL, but it is not documented. So rather than
relying on this feature, we explicitly treat '*' as "wildcard" address
and specify NULL to node parameter in getaddrinfo().
Now '*,3000' is a default value of --frontend option. Specyfing '*'
binds all addresses including both IPv4 and IPv6.
2014-05-25 16:15:48 +09:00
ebf0e4d787
nghttpd, nghttpx: Check END_STREAM flag in HEADERS other than request
2014-05-24 15:02:46 +09:00
672ad82849
nghttpx: Clarify that --npn-list is used in both ALPN and NPN
2014-05-21 21:28:58 +09:00
896717f5d4
nghttpx: Make --npn-list option work in ALPN
...
Previously --npn-list option is ignored in ALPN protocol selection
callback. This change fixes this issue.
2014-05-21 21:16:44 +09:00
3f80472e0a
nghttpx: Minor tweak to buffer size
...
Simplified when to send WINDOW_UPDATE to the backend, that is we send
WINDOW_UPDATE when input buffer is empty.
2014-05-16 21:42:30 +09:00
3b5b5ce254
Update http-parser to 8d9e5db981b623fffc93657abacdc80270cbee58
2014-05-16 00:23:03 +09:00
694cd07f1d
nghttpx: Remove Connection: close header field from CONNECT response
...
It appears that some Android client does not like Connection: close in
200 CONNECT response. Browsers fine with this header field. It is
better to remove it. Squid does not emit it too.
2014-05-15 23:45:17 +09:00
2ae1da113e
src: Use C++ style comments for C++ source code
2014-05-14 23:22:23 +09:00
5b4f02dfe0
src: Rewrite util::format_hex
2014-05-14 23:09:33 +09:00
e47b976691
src: Eliminate use of snprintf
2014-05-14 22:39:28 +09:00
be4c75a7e9
src: Use gmtime_r instead of gmtime
2014-05-14 21:23:21 +09:00
7b9a8acc22
Add HPACK deflation API
2014-05-13 23:42:55 +09:00
d3fa938f1f
nghttpd: Fix compiler warning
2014-05-11 21:51:25 +09:00
Tatsuhiro Tsujikawa