Tatsuhiro Tsujikawa
f0d2c9f94b
Compile with BoringSSL
...
Compile with BoringSSL except for neverbleed and libnghttp2_asio. The
former uses ENGINE and RSA_METHOD, and they are quite different
between OpenSSL and BoringSSL. The latter uses boost::asio, which
calls OpenSSL functions deleted in BoringSSL.
2015-09-29 23:38:17 +09:00
Tatsuhiro Tsujikawa
a28aee058f
nghttpx: Don't need to trap SIGTERM and SIGINT signals
2015-09-29 00:07:29 +09:00
Tatsuhiro Tsujikawa
8acf9a2802
nghttpx: Trie based routing
2015-09-26 22:19:10 +09:00
Tatsuhiro Tsujikawa
044385ab6e
Add neverbleed support
...
neverbleed is disabled by default. To enable it, use
--with-neverbleed configure option.
2015-09-26 19:01:31 +09:00
Tatsuhiro Tsujikawa
6680d8b792
nghttpx: Call setsid after executing new binary
2015-09-25 00:55:08 +09:00
Tatsuhiro Tsujikawa
0b32df94a5
nghttpx: Log when worker process exits
2015-09-25 00:11:35 +09:00
Tatsuhiro Tsujikawa
c44587a70c
nghttpx: Use _Exit when exiting from child process
2015-09-24 23:57:24 +09:00
Tatsuhiro Tsujikawa
389a96483a
nghttpx: Fix improper signal handling
2015-09-24 23:43:24 +09:00
Tatsuhiro Tsujikawa
a54062bd5e
nghttpx: Fix output glitch
2015-09-24 00:11:02 +09:00
Tatsuhiro Tsujikawa
2be6a94d70
nghttpx: Show textual signal description when worker process exited
2015-09-22 21:21:40 +09:00
Tatsuhiro Tsujikawa
e77f9d95d3
nghttpx: Set CLOEXEC for ipc fds
2015-09-22 19:52:35 +09:00
Tatsuhiro Tsujikawa
87a38bdf8d
nghttpx: Chown UNIX domain socket to user specified as --user
2015-09-22 18:34:03 +09:00
Tatsuhiro Tsujikawa
03bb58006b
nghttpx: Extract several chown() usages into 1 function
2015-09-22 18:32:40 +09:00
Tatsuhiro Tsujikawa
ab824d1230
nghttpx: Add missing sys/wait.h
2015-09-19 19:50:29 +09:00
Tatsuhiro Tsujikawa
dbbc7296f5
strdup is not required here
2015-09-18 23:28:27 +09:00
Tatsuhiro Tsujikawa
ce1b11e3a0
nghttpx: Split monolithic one process into control and worker processes
...
The control process handles signals, reads configuration, reads
private keys, and bind port (which may be privileged one). It never
drop privileges, so that it can execute new binary with the same
privilege. It forks worker process. The worker process handles all
incoming connections. It drops privilege.
2015-09-18 23:28:26 +09:00
Lucas Pardue
ec47dfb9b8
Initial HTTP/1.1 capability. Add npn-list option to h2load. Make NPN/ALPN more runtime dependent
2015-09-17 14:49:27 +00:00
Tatsuhiro Tsujikawa
33601f1a51
nghttpx: Fix compile error with --disable-threads
2015-09-13 00:42:59 +09:00
Tatsuhiro Tsujikawa
f8c1da7f3c
nghttpx: Add --accept-proxy-protocol usage to help message
2015-09-06 23:27:07 +09:00
Tatsuhiro Tsujikawa
ce53bd239e
nghttpx: Implement PROXY protocol version 1
...
Use --accept-proxy-protocol to enable PROXY protocol handling
2015-09-06 21:30:19 +09:00
Tatsuhiro Tsujikawa
39287314d3
nghttpx: Fix missing `break`
2015-09-06 18:34:10 +09:00
Tatsuhiro Tsujikawa
c30d252f94
nghttpx: Show warning if certain feature is not compiled in
2015-09-06 16:59:57 +09:00
Tatsuhiro Tsujikawa
d722a09581
nghttpx: Rename mruby script options
2015-09-04 01:19:57 +09:00
Tatsuhiro Tsujikawa
14f5240d8f
nghttpx: Update doc
2015-09-03 01:37:47 +09:00
Tatsuhiro Tsujikawa
baadec5ef4
nghttpx: Add response mruby hook
2015-09-03 01:33:52 +09:00
Tatsuhiro Tsujikawa
1508c50a45
nghttpx: Add basic infrastructure for mruby support
2015-09-02 02:45:15 +09:00
Tatsuhiro Tsujikawa
e1f7643c92
nghttpx: Fix memory leak
2015-09-02 02:07:29 +09:00
Tomasz Buchert
97566ce4e3
nghttpx: make early copy of stderr
2015-08-13 11:01:37 +02:00
Tomasz Buchert
900dcf4ced
nghttpx: remove Android-specific code
2015-08-12 20:17:03 +02:00
Tatsuhiro Tsujikawa
b384b76f66
nghttpx: Fix hmac_keylen should be 16 for aes-128-cbc
2015-08-12 00:38:07 +09:00
Tatsuhiro Tsujikawa
a73cfd5f7b
nghttpx: Add reference to manual section for session resumption
2015-07-29 00:00:43 +09:00
Tatsuhiro Tsujikawa
a1288a5826
nghttpx: Rename --tls-ticket-cipher as --tls-ticket-key-cipher
2015-07-28 23:49:37 +09:00
Tatsuhiro Tsujikawa
80d96590c5
nghttpx: Update doc
2015-07-28 23:43:32 +09:00
Tatsuhiro Tsujikawa
a6fdca730d
nghttpx: Add options to set maximum retry and failure when getting ticket keys
2015-07-28 01:17:29 +09:00
Tatsuhiro Tsujikawa
4949dd4888
nghttpx: Add --tls-ticket-key-memcached-interval option
2015-07-28 01:02:33 +09:00
Tatsuhiro Tsujikawa
2f2a300e83
nghttpx: Add TLS ticket key sharing among nghttpx instances using memcached
2015-07-28 00:54:44 +09:00
Tatsuhiro Tsujikawa
e3cdfd12ea
nghttpx: Use std::array for TicketKey
2015-07-27 02:12:07 +09:00
Tatsuhiro Tsujikawa
cd25c6846e
nghttpx: Create struct Address which holds struct sockaddr_union and length
2015-07-27 01:41:10 +09:00
Tatsuhiro Tsujikawa
90b4b48c7e
nghttpx: Add shared session cache using memcached
2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa
adec2c06bf
nghttpx: Set SSL/TLS session timeout to 12 hours
2015-07-24 23:59:19 +09:00
Tatsuhiro Tsujikawa
9b63fc011e
nghttpx: Open log files by default configuration
2015-07-24 00:32:19 +09:00
Tatsuhiro Tsujikawa
cab6c7871c
nghttpx: Don't rewrite host header field by default
...
In reverse proxy usage, backend server most likely wants to see the
original header field. So this commit turns off host header rewrite
by default. --no-host-rewrite option is deprecated, and if it is
used, warning message is displayed. --host-rewrite option is added to
enable host rewrite.
2015-07-23 23:54:56 +09:00
Tatsuhiro Tsujikawa
04bd25d468
nghttpx: Simplify ticket handling between workers just using mutex
2015-07-23 23:13:29 +09:00
Tatsuhiro Tsujikawa
cd2c751f82
nghttpx: Generate new ticket key every 1hr and its life time is now 12hrs
2015-07-23 21:14:38 +09:00
Tatsuhiro Tsujikawa
ca3444c34c
Fix compile error/warnings with gcc-4.7
2015-07-19 20:50:14 +09:00
Tatsuhiro Tsujikawa
5dc060c1a2
src: Use C++11 value-initialization, instead of memset-ing 0
2015-07-19 17:55:37 +09:00
Tatsuhiro Tsujikawa
e8167ceea7
nghttpx: Add AES-256-CBC encryption for TLS session ticket
2015-07-18 02:02:33 +09:00
Tatsuhiro Tsujikawa
a2c78cfc69
nghttpx: Update doc
2015-07-14 23:44:58 +09:00
Tatsuhiro Tsujikawa
7f7b6d641d
nghttpx: Allow log variable to be enclosed by curly braces
2015-07-14 22:25:52 +09:00
Tatsuhiro Tsujikawa
fb7775e382
nghttpx: Detect loop in --include paths
2015-07-13 21:44:06 +09:00
Tatsuhiro Tsujikawa
3097547491
nghttpx: Add --include option to read additional configuration from given file
2015-07-12 23:18:36 +09:00
Tatsuhiro Tsujikawa
6307f96fb3
nghttpx: Enable host-path backend routing in HTTP/2 backend
...
To achieve host-path backend routing, we changed behaviour of
--backend-http2-connections-per-worker. It now sets the number of
HTTP/2 physical connections per pattern group if pattern is used in -b
option.
Fixes GH-292
2015-07-12 23:02:30 +09:00
Tatsuhiro Tsujikawa
7c216c6df8
nghttpx: Document that patterns with host take precedence
2015-07-11 16:46:13 +09:00
Tatsuhiro Tsujikawa
c2e4ed9624
nghttpx: Deal with the path without trailing slash on pattern match
...
If pattern ends with '/', and pattern and path matches without that
slash, we consider they match to deal with request to the directory
without trailing slash. That is if pattern is "/foo/" and path is
"/foo", we consider they match.
2015-07-11 12:43:48 +09:00
Tatsuhiro Tsujikawa
3119fc259c
Select backend based on request host and path by extending -b option
...
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]]. The optional
<PATTERN>s specify the request host and path it is used for. The
<PATTERN> can contain path, host + path or host. The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa
515c313073
nghttpx: Add $ssl_session_reused log variable
...
The syntax for this variable is the same as nginx: if SSL/TLS session
was reused, "r" is produced. Otherwise ".".
2015-06-28 22:15:04 +09:00
Tatsuhiro Tsujikawa
197493afd4
nghttpx: Add log variables related to SSL/TLS connection
...
This commit add following 3 log variables to SSL/TLS connection:
$ssl_cipher, $ssl_protocol, $ssl_session_id. If no information is
available for them, '-' is produced for each.
2015-06-28 16:44:34 +09:00
Tatsuhiro Tsujikawa
b06e339dbb
Prepare for IRIX support, port relevant change from spdylay
2015-06-27 17:51:07 +09:00
Tatsuhiro Tsujikawa
f3b7f4140b
nghttpx: Clarify origin host for --backend-http1-connection-per-host
2015-06-22 21:09:39 +09:00
Tatsuhiro Tsujikawa
cebfdacc5a
src: Use user-defined literals for time (hours and minutes)
2015-06-21 14:51:32 +09:00
Tatsuhiro Tsujikawa
39f89f4a60
src: Use user-defined literals for k, m, and g.
2015-06-21 14:32:47 +09:00
Tatsuhiro Tsujikawa
6d537c419e
nghttpx: Document failure case on bind()
2015-06-07 00:05:33 +09:00
Tatsuhiro Tsujikawa
4894e24dc8
nghttpx: Add error logging for listener socket creation failure
2015-06-07 00:02:30 +09:00
Tatsuhiro Tsujikawa
00efa86fb6
nghttpx: Add --add-request-header option
2015-06-05 23:04:20 +09:00
Tatsuhiro Tsujikawa
ee4d53a9e4
More constexpr
2015-05-31 18:44:37 +09:00
Tatsuhiro Tsujikawa
3d59c6c0b7
nghttpx: Use defined string iteral when defining long_options
2015-05-29 22:48:46 +09:00
Tatsuhiro Tsujikawa
791660ef8d
Fix up OpenSSL initialization
...
Use the example presented at
http://en.wikibooks.org/wiki/OpenSSL/Initialization
2015-05-23 00:23:38 +09:00
Tatsuhiro Tsujikawa
0b27f005e0
Merge branch 'master' into v1.0.0
...
Conflicts:
src/HttpServer.cc
2015-05-15 23:24:19 +09:00
Tatsuhiro Tsujikawa
53bfc70c9e
Include inttypes.h (or cintypes for C++) instead of stdint.h
...
From autoconf manual, section 5.6.1 Portability of Headers, says:
"""
The C99 standard says that inttypes.h includes stdint.h, so there's no
need to include stdint.h separately in a standard environment. Some
implementations have inttypes.h but not stdint.h (e.g., Solaris 7),
but we don't know of any implementation that has stdint.h but not
inttypes.h.
"""
2015-05-14 00:17:45 +09:00
Tatsuhiro Tsujikawa
38cfc5c47c
Check more headers and funcs
2015-05-13 23:29:20 +09:00
Tatsuhiro Tsujikawa
e63d6e490a
Merge branch 'master' into v1.0.0
...
Conflicts:
lib/nghttp2_option.h
lib/nghttp2_session.h
src/HttpServer.cc
2015-05-08 19:21:51 +09:00
Tatsuhiro Tsujikawa
552f675466
nghttpx: Add --header-field-buffer and --max-header-fields options
2015-04-29 21:10:59 +09:00
Tatsuhiro Tsujikawa
5937b4b6f7
Merge branch 'master' into v1.0.0
2015-04-19 23:13:38 +09:00
Tatsuhiro Tsujikawa
889e705f35
nghttpx: Add logging for somewhat important events (logs, tickets, and ocsp)
2015-04-11 00:08:28 +09:00
Tatsuhiro Tsujikawa
b873930802
nghttpx: Now ocsp works without threads
2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa
09c485e712
nghttpx: Eliminate 1 second refresh timer
2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa
d247470da2
nghttpx: Rewrite ocsp without thread
...
Since libev handles SIGCHLD, using waitpid in separate thread to wait
for the completion of fetch-ocsp-response script process is undefined.
This commit rewrite ocsp handling code so that it utilizes libev
ev_child watcher and perform ocsp update without thread.
2015-04-09 01:03:28 +09:00
Tatsuhiro Tsujikawa
cf0576253f
Merge branch 'master' into v1.0.0
2015-04-08 18:10:04 +09:00
Tatsuhiro Tsujikawa
1fcd881395
nghttpx: Document that stderr is redirected to error log file
2015-04-08 17:33:18 +09:00
Tatsuhiro Tsujikawa
dd435b51ab
nghttpx: Redirect stderr to errorlog file
2015-04-08 16:59:58 +09:00
Tatsuhiro Tsujikawa
3e50ef439d
Announce h2, final HTTP/2 ALPN identifier
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa
d0c27d5229
Send 24 bytes client magic byte string by library
...
Previously nghttp2_session_send() and nghttp2_session_mem_send() did
not send 24 bytes client magic byte string (MAGIC). We made
nghttp2_session_recv() and nghttp2_session_mem_recv() process MAGIC by
default, so it is natural to make library send MAGIC as well. This
commit makes nghttp2_session_send() and nghttp2_session_mem_send()
send MAGIC. This commit also replace "connection preface" with
"client magic", since we call MAGIC as "connection preface" but it is
just a part of connection preface. NGHTTP2_CLIENT_CONNECTION_PREFACE
macro was replaced with NGHTTP2_CLIENT_MAGIC. The already deprecated
NGHTTP2_CLIENT_CONNECTION_HEADER macro was removed permanently.
nghttp2_option_set_no_recv_client_preface() was renamed as
nghttp2_option_set_no_recv_client_magic(). NGHTTP2_ERR_BAD_PREFACE
was renamed as NGHTTP2_ERR_BAD_CLIENT_MAGIC.
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa
250ea53e4b
Deal with 24 bytes client connection preface by default
...
Since HTTP/2 spec requires for client to send connection preface, it
is reasonable to make this option enabled by default. It is still a
use case to disable this, so replace this option with
nghttp2_option_set_no_recv_client_preface().
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa
01af6ea70c
Remove ALTSVC related code
...
HTTP/2 and HPACK are going to be published as RFC, but ALTSVC is still
in draft state. To make our API stable, it would be better to remove
ALTSVC API for 1.0.0 release.
2015-04-05 23:15:20 +09:00
Tatsuhiro Tsujikawa
1442b1bd0a
nghttpx: Remove --tls-ctx-per-worker option
...
--tls-ctx-per-worker option does not work well of OCSP stapling. Also
it makes session ID useless.
2015-03-31 00:42:21 +09:00
Tatsuhiro Tsujikawa
cc94632b29
src: Use separator "--" to mark start of the footer without ambiguity
2015-03-31 00:21:52 +09:00
Tatsuhiro Tsujikawa
4bc9afe20a
nghttpx: Add OCSP stapling feature
2015-03-30 23:58:28 +09:00
Tatsuhiro Tsujikawa
93013f4205
nghttpx: Remove --backend-http2-connection-check option, enable it by default
2015-03-11 00:22:05 +09:00
Tatsuhiro Tsujikawa
0e3ae63965
nghttpx: Add --backend-http2-connections-per-worker
2015-03-10 23:43:25 +09:00
Tatsuhiro Tsujikawa
446de923f3
nghttpx: Support multiple HTTP/2 session per worker
...
Currently, we use same number of HTTP/2 sessions per worker with given
backend addresses. New option to specify the number of HTTP/2 session
per worker will follow.
2015-03-10 23:20:21 +09:00
Tatsuhiro Tsujikawa
c5860fc6f4
nghttpx: Support multiple -b option for HTTP/2 backend
2015-03-10 21:54:29 +09:00
Tatsuhiro Tsujikawa
41e266181e
nghttpx: Attempt to improve HTTP/2 backend connection check
...
It turns out that writing successfully to network is not enough.
After apparently successful network write, read fails and then we
first know network has been lost (at least my android mobile network).
In this change, we say connection check is successful only when
successful read. We already send PING in this case, so we just wait
PING ACK with short timeout. If timeout has expired, drop connection.
Since waiting for PING ACK could degrade performance for fast reliably
connected network, we decided to disable connection check by default.
Use --backend-http2-connection-check to enable it.
2015-03-09 23:37:54 +09:00
Tatsuhiro Tsujikawa
c2426bc732
Merge branch 'pthread-getspecific' of https://github.com/icing/nghttp2 into icing-pthread-getspecific
2015-03-05 02:04:56 +09:00
Stefan Eissing
1fd44b1567
replacing thread_local, which does not exist on OS X, with pthread_getspecific call
2015-03-03 17:09:15 +01:00
Tatsuhiro Tsujikawa
1c0d617742
nghttpx: Rename WorkerConfig as LogConfig
...
This is a sign that we only use thread-local storage for logging only.
2015-02-26 00:02:29 +09:00
Tatsuhiro Tsujikawa
b161dfe573
nghttpx: Move graceful_shutdown flag from WorkerConfig to Worker
...
A part of an effort to eliminate thread_local WorkerConfig
2015-02-25 22:53:53 +09:00
Tatsuhiro Tsujikawa
1a2bccd71c
nghttpx: Share nghttp2_session_callbacks between objects
2015-02-24 15:21:10 +09:00
Tatsuhiro Tsujikawa
8b533e19bb
nghttpx: Remove option name from unix path sample since it is a bit strange
2015-02-22 18:09:37 +09:00
Tatsuhiro Tsujikawa
df32a534fc
nghttpx: Rename ConnectionHandler::acceptor4_ as acceptor_
...
This change is motivated by that fact that we use it for UNIX domain
socket as well as IPv4.
2015-02-22 17:59:50 +09:00
Tatsuhiro Tsujikawa
e583a25a8b
nghttpx: Fix error found by coverity scan
2015-02-22 17:53:12 +09:00
Tatsuhiro Tsujikawa
da2376effd
nghttpx: Add host_unix field to DownstreamAddr to tell it is UNIX domain sock
2015-02-22 17:25:23 +09:00
Tatsuhiro Tsujikawa
0c4ae3dea5
nghttpx: Support UNIX domain socket on frontend
...
This commit also fixes environment variables used to tell inherited
file descriptors to new binary are stacked up each time new binary is
executed.
2015-02-22 17:25:23 +09:00
Tatsuhiro Tsujikawa
997f9233bc
nghttpx: Support UNIX domain socket in backend connections
2015-02-22 12:27:51 +09:00
Tatsuhiro Tsujikawa
a26a597453
nghttpx: Cast configuration value to rlim_t to avoid compile error on 32bit
2015-02-21 16:57:02 +09:00
Tatsuhiro Tsujikawa
ab93a700ce
src: Announce h2 ALPN
2015-02-20 23:50:17 +09:00
Tatsuhiro Tsujikawa
ae0100a9ab
nghttpx: Refactor worker interface
2015-02-11 22:49:03 +09:00
Tatsuhiro Tsujikawa
502b552b68
nghttpx: Add --no-server-push option
2015-02-08 16:19:12 +09:00
Tatsuhiro Tsujikawa
4dea318b5b
nghttpx: Fix compile error if SOCK_NONBLOCK is undefined
2015-02-08 00:49:56 +09:00
Tatsuhiro Tsujikawa
54851ef7a6
src: Move make_unique to nghttp2 namespace
2015-02-06 00:15:43 +09:00
Tatsuhiro Tsujikawa
7c75d9db98
nghttpx: Set nghttp2_option_set_peer_max_concurrent_streams for HTTP/2 backend
2015-02-05 03:05:34 +09:00
Tatsuhiro Tsujikawa
a68c4c1e3c
nghttpx: Add --no-host-rewrite option
2015-02-04 01:42:26 +09:00
Tatsuhiro Tsujikawa
e03f36eeeb
nghttpx: Use <DURATION> instead of <T>
2015-01-29 23:23:30 +09:00
Tatsuhiro Tsujikawa
00555dc7bb
nghttpx: Use TCP_DEFER_ACCEPT if available
2015-01-29 21:14:44 +09:00
Tatsuhiro Tsujikawa
d1a4002b22
nghttpx: Remove --accept-delay and --num-accept options
2015-01-29 20:58:47 +09:00
Tatsuhiro Tsujikawa
96e66b1a81
nghttpx: Make num_accept 0 on graceful shutdown
...
Make num_accept unlimited so that we can accept all pending
connections waiting in listen queue.
2015-01-28 21:02:31 +09:00
Tatsuhiro Tsujikawa
19429abd07
nghttpx: Make --accept-delay default to 10ms
2015-01-28 21:00:47 +09:00
Fabian Möller
3167aa4081
nghttpx: set the supplementary group access list
2015-01-28 20:56:05 +09:00
Tatsuhiro Tsujikawa
f8765be817
nghttpx: Make --backend-keep-alive-timeout default to 2s
2015-01-28 00:47:09 +09:00
Tatsuhiro Tsujikawa
f0c7839f25
nghttpx: Clarify --num-accept=0 case
2015-01-28 00:39:56 +09:00
Tatsuhiro Tsujikawa
6a39de0ae5
nghttpx: Accept s or ms as unit for <T> argument
2015-01-28 00:36:44 +09:00
Tatsuhiro Tsujikawa
402ebb277f
nghttpx: Add --num-accept and --accept-delay options
2015-01-27 23:47:56 +09:00
Tatsuhiro Tsujikawa
f604cbae70
nghttpx: Fix shutdown too early with QUIT signal if num_worker == 1
2015-01-22 01:46:25 +09:00
Tatsuhiro Tsujikawa
8997e4369d
nghttpx: Adjust backend buffers
2015-01-21 01:47:43 +09:00
Tatsuhiro Tsujikawa
5d204fc3aa
nghttpx: Add more option categories
2015-01-15 23:19:35 +09:00
Tatsuhiro Tsujikawa
8fe093de1d
nghttpx: Set initial backlog to 512
2015-01-14 21:24:12 +09:00
Tatsuhiro Tsujikawa
f004361ef2
nghttpx: Add --backend-request-buffer option
2015-01-13 23:30:28 +09:00
Tatsuhiro Tsujikawa
c88a5291b7
nghttpx: Add --backend-response-buffer option
2015-01-13 23:20:06 +09:00
Tatsuhiro Tsujikawa
0d614cf103
nghttpx: Longer help message
2015-01-13 23:02:18 +09:00
Tatsuhiro Tsujikawa
29d6cfae80
nghttpx: Add explanation about units in <SIZE>
2015-01-13 22:42:52 +09:00
Tatsuhiro Tsujikawa
c48a6e73e8
nghttpx: Clean up metavar
2015-01-13 22:39:35 +09:00
Tatsuhiro Tsujikawa
956c11388c
nghttpx: Allow units (k, m, and g) in --{read,write}-{rate,burst}
...
So that you can specify --read-rate=1M --read-burst=4M
2015-01-13 21:54:53 +09:00
Tatsuhiro Tsujikawa
5e8eb926f2
nghttpx: Fix server error with -n1 and --tls-ctx-per-worker
2015-01-13 21:53:53 +09:00
Tatsuhiro Tsujikawa
1e4f8f27fd
nghttpx: Add --tls-ctx-per-worker option
...
When same SSL_CTX is used by multiple thread simultaneously we have to
setup some number of mutex locks for it. We could not check how this
locking affects scalability since we have 4 cores at best in our
development machine. Good side of sharing SSL_CTX across threads is
we can share session ID pool.
If --tls-ctx-per-worker is enabled, SSL_CTX is created per thread
basis and we can eliminate mutex locks. The downside is session ID is
no longer shared, which means if session ID generated by one thread
cannot be acceptable by another thread. But we have now session
ticket enabled and its keys are shared by all threads.
2015-01-13 00:25:02 +09:00
Tatsuhiro Tsujikawa
e048deb64c
nghttpx: Fix error message
2015-01-12 22:35:45 +09:00
Tatsuhiro Tsujikawa
f7455d48cc
Compile with android NDK
...
This also fixes the bug that nghttpx's acceptor fd is blocking if
SOCK_NONBLOCK is undefined.
2015-01-11 00:28:00 +09:00
Tatsuhiro Tsujikawa
0ca979b453
nghttpx: Add --rlimit-nofile option
2015-01-10 23:17:48 +09:00
Tatsuhiro Tsujikawa
bc17f95c80
src: Move ipv6_numeric_addr to util and add test
2015-01-10 21:33:53 +09:00
Tatsuhiro Tsujikawa
a3dcf1e004
Produce man pages using sphinx
...
Previously to create manual page for bundled programs, we use help2man
to create man page from program's help output. Then our man2rst.py
script converts man page to rst document. Sphinx generates html from
rst documents.
Now help2rst.py produces rst document from programs output. We use
Sphinx solely to produce both man pages and html files.
2015-01-10 00:37:42 +09:00
Tatsuhiro Tsujikawa
019f1e9fc7
nghttpx: Remove useless comments
2015-01-08 22:28:30 +09:00
Tatsuhiro Tsujikawa
0173929538
nghttpx: Rename ListenHandler as ConnectionHandler
2015-01-08 21:48:39 +09:00
Tatsuhiro Tsujikawa
fcddb5c06c
nghttpx: Distribute session ticket keys to workers without mutex
2015-01-08 21:15:45 +09:00
Tatsuhiro Tsujikawa
5d3544185c
nghttpx: Fix crash in SSL_CTX_set_tlsext_ticket_key_cb
...
It seems that returning 0 when enc == 0 crashes OpenSSL.
2015-01-08 20:46:35 +09:00
Tatsuhiro Tsujikawa
5dce9501a6
Fix compile error with libstdc++ and/or --disable-threads
2015-01-08 01:57:59 +09:00
Tatsuhiro Tsujikawa
08e8cc1915
nghttpx: Add --tls-ticket-key-file option
...
This option specifies files contains 48 random bytes to construct
session ticket key data. This option can be used repeatedly to
specify multiple keys, but only the first one is used to encrypt
tickets.
2015-01-08 01:26:30 +09:00
Tatsuhiro Tsujikawa
52f3572d5b
nghttpx: Enable TLS session tickets with session key rotation every 12hrs
2015-01-08 00:01:09 +09:00
Tatsuhiro Tsujikawa
ba795d86f0
nghttpx: Don't cache time for logging
...
Update is done by main event loop which is stopped after graceful
shutdown is commenced, which means time is no longer update. To avoid
this situation, we just avoid caching and get time for each logging.
2015-01-06 23:17:09 +09:00
Tatsuhiro Tsujikawa
94e69d5e30
nghttpx: Remove commented lines
2015-01-06 22:55:01 +09:00
Tatsuhiro Tsujikawa
7db1864766
nghttpx: Add --backend-http1-connections-per-frontend option
2015-01-03 00:19:41 +09:00
Tatsuhiro Tsujikawa
a55a07940c
nghttpx: Show not implemented warning for per wroker rate limit
2015-01-03 00:19:41 +09:00
Tatsuhiro Tsujikawa
bfac015d61
src: Use libev for rest of the applications
2015-01-03 00:19:41 +09:00