Commit Graph

374 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 9055323b67 nghttpx: Use ImmutableString for request_header_file and response_header_file 2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa ac81003669 nghttpx: Use ImmutableString for cert_file 2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa c999987baf nghttpx: Use ImmutableString for private_key_file 2016-02-14 22:17:10 +09:00
Tatsuhiro Tsujikawa 660bc389e6 nghttpx: Use ImmutableString for fetch_ocsp_response_file 2016-02-14 21:01:54 +09:00
Tatsuhiro Tsujikawa bfc26e8299 nghttpx: Use ImmutableString to store memcached server host 2016-02-14 20:59:10 +09:00
Tatsuhiro Tsujikawa 2d273f8237 nghttpx: Use StringRef for pattern paramter in Router::add_route 2016-02-14 18:55:53 +09:00
Tatsuhiro Tsujikawa a53f0f0a17 nghttpx: Refactor DownstreamAddrGroup and router API 2016-02-14 18:47:24 +09:00
Tatsuhiro Tsujikawa 1bd98dcf4f nghttpx: Remove user defined ctor/assignment op from DownstreamAddr 2016-02-14 18:31:08 +09:00
Tatsuhiro Tsujikawa eb0c82d91f nghttpx: More log output when resolving addresses for better debugging 2016-02-13 23:21:32 +09:00
Tatsuhiro Tsujikawa 72877379ec nghttpx: Deprecate --backend-ipv4 and --backend-ipv6 in favor of --backend-address-family 2016-02-13 19:09:39 +09:00
Tatsuhiro Tsujikawa c0078ab45a nghttpx: Add options to specify address family of memcached connections 2016-02-13 18:46:07 +09:00
Tatsuhiro Tsujikawa 3a41e4dd1a nghttpx: Add encryption support for TLS ticket key retrieval 2016-02-13 18:46:07 +09:00
Tatsuhiro Tsujikawa 3297a303bf nghttpx: Add client auth options for session cache memcached TLS connection 2016-02-13 18:46:07 +09:00
Tatsuhiro Tsujikawa f1580f95d4 nghttpx: Add TLS support for session cache memcached connection 2016-02-13 18:46:07 +09:00
Tatsuhiro Tsujikawa 60c0c2dd56 src: Code cleanup 2016-02-07 18:41:38 +09:00
Tatsuhiro Tsujikawa 6d49110a33 Rename FrontendAddr as UpstreamAddr 2016-02-07 17:51:53 +09:00
Tatsuhiro Tsujikawa 15fa38c72f nghttpx: Rename backend_session_cache_per_worker as downstream_session_cache_per_worker 2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa 6806196404 nghttpx: Update doc for HTTP/1 TLS backend connections 2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa e763770f3e nghttpx: Add option to specify maximum number of session cache 2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa bb4e2f6a24 nghttpx: Add TLS support for HTTP/1 backend 2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa 024d0d09ee nghttpx: Fix unexpected failure due to missing address family 2016-02-06 23:28:04 +09:00
Tatsuhiro Tsujikawa ee07694783 nghttpx: Add request-header-field-buffer and max-request-header-fields options
This commit adds request-header-field-buffer and
max-request-header-fields, and deprecates header-field-buffer and
max-header-fields options.
2016-02-06 17:22:23 +09:00
Tatsuhiro Tsujikawa 8741503db1 nghttpx: Add --no-http2-cipher-black-list to allow black listed cipher suite 2016-02-06 17:05:14 +09:00
Tatsuhiro Tsujikawa eec409dba7 nghttpx: Limit header fields from backend 2016-02-06 12:27:01 +09:00
Tatsuhiro Tsujikawa 35c3b36549 nghttpx: Document special value localhost in Forwarded "by" and "for" params 2016-02-01 23:34:07 +09:00
Tatsuhiro Tsujikawa aa07fe7fa6 nghttpx: Support multiple frontend addresses
This commit allows nghttpx to listen to multiple address and port pair
by specifying -f option multiple times.
2016-02-01 23:10:29 +09:00
Tatsuhiro Tsujikawa 85bb37ab7c Enable ConstructorInitializerAllOnOneLineOrOnePerLine for better diff 2016-01-27 21:14:07 +09:00
Tatsuhiro Tsujikawa efc3206ae0 nghttpx: Revert accidental change 2016-01-21 22:14:10 +09:00
Tatsuhiro Tsujikawa 497ffc6387 nghttpx: Change pushed stream's priority
By default, as RFC 7540 calls for, pushed stream depends on its
associated (parent) stream.  There are some situations that this is
sub-optimal.  For example, if associated stream is HTML, and server is
configured to push css and javascript files which are in critical
rendering path.  Then the default priority scheme is sub-optimal,
since browser typically blocks rendering while waiting for critical
resources.  In this case, it is better to at least give pushed stream
the same priority of associated stream, and interleave these streams.

This change gives pushed stream the same priority of associated stream
if pushed stream has content-type "application/javascript" or
"text/css".  The pushed stream now depends on the stream which
associated stream depends on.  We use the same weight of associated
stream.
2016-01-21 21:11:57 +09:00
Tatsuhiro Tsujikawa 5a3ca7e700 nghttpx: Disallow user defined static obfuscated string for "for" parameter 2016-01-21 21:05:07 +09:00
Tatsuhiro Tsujikawa 9ac3e643d8 Revert "nghttpx: Add --curves option to specify supported elliptic curves"
This reverts commit e278893b64.

SSL_CONF_CTX functions are not working correctly with OpenSSL 1.0.2.
It requires 1.1.0 to make it work.
2016-01-21 19:50:38 +09:00
Tatsuhiro Tsujikawa e278893b64 nghttpx: Add --curves option to specify supported elliptic curves 2016-01-21 18:23:13 +09:00
Tatsuhiro Tsujikawa 03f7f8cb9c nghttpx: About implicit conversion from ImmutableString and std::string to StringRef
This is required to avoid creation of temporary ImmutableString
like so:

std::string x;
ImmutableString y = ...;
StringRef ref = !x.empty() ? x : y;

First, temporary ImmutableString is created with x since
ImmutableString has constructor to accept std::string.  After
StringRef gets this, the temporary ImmutableString is destroyed, and
ref has dangling pointer.
2016-01-21 17:12:40 +09:00
Tatsuhiro Tsujikawa f44128774c nghttpx: Update doc 2016-01-19 21:01:34 +09:00
Tatsuhiro Tsujikawa f3946ae314 nghttpx: Remove assignment of zero values
Because of zero initialization, these assignments are unnecessary.
2016-01-19 17:27:56 +09:00
Tatsuhiro Tsujikawa 2f9946327a nghttpx: Fix bug that --listener-disable-timeout option is not used 2016-01-19 17:03:01 +09:00
Tatsuhiro Tsujikawa 0402481be4 nghttpx: Organize connection related configuration into struct 2016-01-19 16:56:12 +09:00
Tatsuhiro Tsujikawa 35feae3b0c nghttpx: Group up logging related options 2016-01-18 17:26:27 +09:00
Tatsuhiro Tsujikawa a053d10839 nghttpx: Move option handling code to separate function 2016-01-18 17:08:28 +09:00
Tatsuhiro Tsujikawa 16549bb276 nghttpx: Structured configurations for http and http2 2016-01-18 17:00:20 +09:00
Tatsuhiro Tsujikawa f3e1dc7a4f nghttpx: Structured TLS related configurations 2016-01-18 14:21:09 +09:00
Tatsuhiro Tsujikawa b12af8c410 nghttpx: Refactor backend proxy configuration 2016-01-17 22:51:40 +09:00
Tatsuhiro Tsujikawa 4f07db8bcb src: Rename our new string classes 2016-01-17 11:33:45 +09:00
Tatsuhiro Tsujikawa d16ff1f519 nghttpx: Use StringAdaptor for Config::server_name 2016-01-17 01:15:11 +09:00
Tatsuhiro Tsujikawa 34d5382d66 nghttpx: Use VString for DownstreamAddr::host and hostport to remember size 2016-01-17 00:52:41 +09:00
Tatsuhiro Tsujikawa 25570367b3 nghttpx: Document Forwarded related options 2016-01-16 11:58:02 +09:00
Tatsuhiro Tsujikawa d678c07ddf nghttpx: Allow user to specify static obfuscated value via command-line 2016-01-16 11:32:26 +09:00
Tatsuhiro Tsujikawa 5c3f74b424 nghttpx: Add RFC 7239 Forwarded header field support 2016-01-16 11:32:14 +09:00
Tatsuhiro Tsujikawa fe8005327a src: Make util::utos_with_unit and utos_with_funit names shorter 2016-01-11 18:12:31 +09:00
Tatsuhiro Tsujikawa 848f8fbe54 nghttpx: Don't apply max_header_fields and header_field_buffer limit to response
We modeled max_header_fields and header_field_buffer limit from Apache
configuration directives.  In Apache, they are only applied to request
header fields, while we applied both request and response.  Since
nghttpx is used as reverse proxy and backend server is relatively
"trusted", this commit removes the application to response header
fields.
2016-01-05 16:44:44 +09:00