Exceeding ACKed max concurrent streams results in connection error.
This change fixes the bug that num_{incoming,outgoing}_streams
is decremented wrongly if a stream is in reserved state and
RST_STREAM is send and its state is changed to NGHTTP2_STREAM_CLOSING.
This change also fixes the bug that transmission of push response
HEADERS does not increase num_outgoing_streams.
We need paddings regardless of payload and frame boundary to mitigate
certain attacks.
Since we handles CONTINUATION internally, we don't show FLAG_PAD_HIGH
and PAD_LOW flags of HEADERS in nghttp/nghttpd. We just show the
total paddings in HEADERS + CONTINUATION.
* Use 1 Huffman code table for both request and response
* Remove complicated deflater side table size management
* Add encoding context update
* Fix memory leak in inflater
Now previous padding options are removed and instead we added
select_padding_callback to select padding length for each frame
by application. If this callback is not implemented by application,
no padding is added.
This change also fixes the broken session_detect_idle_stream()
if stream_id is our side.
Previously, there is inconsistency when on_frame_recv_callback
is called between HEADERS/PUSH_PROMISE and the other frames.
For former case, it is called before header block, in latter
case, it is called after whole frame is received. To make it
consistent, we call on_frame_recv_callback for HEADERS/PUSH_PROMISE
after its frame is fully received. Since on_frame_recv_callback
can signal the end of header block, we replaced on_end_headers_callback
with on_begin_headers_callback, which is called when the reception
of the header block is started.
nghttp2_data is added to nghttp2_frame union. When DATA is
received, nghttp2_on_frame_recv_callback is called. When DATA is
sent, nghttp2_on_frame_send_callback is called.
Now incoming data is processed in very small buffer (up to 8 bytes)
using state machine. GOAWAY debug data can get to 16K - 1, and we
don't have callback for it. Since we don't want to buffer that
amount of data just for debugging, we currently discard it.
This change also makes parse_error callback not function.
It probably be removed from API.
This stream inflater can inflate incoming header block in streaming
fashion. Currently, we buffer up single name/value pair, but we chose
far more smaller buffer size than HTTP/2 frame size.
Remove the check to see that stream exists at the time when submitting
DATA, PRIORITY and WINDOW_UPDATE. We will do this check when we actually
serialize and send them off to the network (or application provided
buffer).
nghttp2 library itself now accept octet header/value pairs,
completely not restricted by HTTP/1 header name/value rule.
The applications may impose restriction about them using
validators.
Now, in nghttp2_on_frame_recv_callback, nva and nvlen in
HEADERS and PUSH_PROMISE frames are always NULL and 0 respectively.
The header name/value pairs are emitted successive
nghttp2_on_header_callback functions. The end of header fields are
signaled with nghttp2_on_end_headers_callback function.
Since NGHTTP2_ERR_PAUSE for nghttp2_on_frame_recv_callback is
introduced to handle header block, it is now deprecated.
Instead, nghttp2_on_header_callback can be paused using
NGHTTP2_ERR_PAUSE.
We tried several times about this subject, but for the current
HTTP/2.0 priority scheme, we think it is best to serve the highest
priroty streams first (interleaving streams if there are several
higest ones). There are an issue when aggregating several frontend
connections to one connection in backend, but it is HTTP/2.0
spec issue, rather than implementation.
The specification now says that index to the header table entry is
1-based. Since 0-based index is very handy to access arrays, we
internally uses 0-based index. We just convert it to 1-based when
we emit to the block and convert 1-based to 0-based on decoding.
Remove sorting headers from library code. The application must sort
them if necessary. nghttpx and nghttpd do the sorting of the headers
in stable way if names are equal.
nghttp2_session_client_new2 and nghttp2_session_server_new2 take
additional parameters which specifies session options.
nghttp2_set_option is somewhat crumsy because of type checking.
Now we use nghttp2_opt_set, which specifies individual options with
types. We changed the value of nghttp2_opt, so this change will
require re-compile.
It is not clear that SETTINGS_ENABLE_PUSH = 0 disallows HEADERS
to the reserved streams. For now, we just check the reception
and transmission of PUSH_PROMISE against SETTINGS_ENABLE_PUSH.
The NGHTTP2_ERR_PAUSE library error code is introduced to pause
the execution of nghttp2_session_mem_recv() when that error code
is returned from nghttp2_on_frame_recv_callback or
nghttp2_on_data_chunk_recv_callback. If this happens, the parameters
available for both callbacks are retained until the application
calls nghttp2_session_continue(). The application must retain
input bytes which was used to produce the frame.
After successful call of nghttp2_session_continue, the application
can continue to call nghttp2_session_mem_recv() to process
additional data.
This function is similar to nghttp2_submit_request and the
difference is it takes an array of nghttp2_nv as name/value pairs.
It is useful if name/value pairs is not NULL-terminated in the
application code.
Following cases are now treated as connection error of type
PROTOCOL_ERROR.
* Receiving HEADERS from client in reserved (local)
* Receiving PUSH_PROMISE against peer-initiated stream
* Receiving WINDOW_UPDATE against in reserved (local, remote)
Now NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE is split into 2 options:
NGHTTP2_OPT_NO_AUTO_STREAM_WINDOW_UPDATE and
NGHTTP2_OPT_NO_AUTO_CONNECTION_WINDOW_UPDATE.
This is preparation for the upcoming removal of END_FLOW_CONTROL
flag. For nghttpx, instead of using END_FLOW_CONTROL to disable
connection-level flow control, increase window size by large
enough value, which is friendly way to current chromium
implementation.
Fix the bug that connection-level local window is not updated
for the data is the last part of the stream. For the stream
level window may ignore this, connection-level window must
be updated. Also this change fixes the bug that connection-level
window is not updated for the ignored DATA frames.
SPDY spec does not allow multiple empty header values in one header
field. This change makes out-going framer ignore such empty header
value if there is non-empty header value with the same name.
This change implements spdylay_map functions in iterative approach
instead of original recursive approach. The iterative version is
overall faster than recursive one. The traversal function
(spdylay_map_each) is slightly slower but it is not noticeable.
If resultant length of a frame exceeds the maximum value (which is
2**24 - 1 for SPDY/2 and 3), SPDYLAY_ERR_FRAME_TOO_LARGE is used to
indicate this error. This error will be notified by
on_ctrl_not_send_callback.
When --enable-src is given, the programs in src directory will be
built. If --disable-src is given, those programs will not be built. If
none of them are given, --enable-src is assumed.
To distinguish the to-be-installed programs and non-installable
example source code, the former programs, spdycat, spdydyd and shrpx,
were moved to src directory. spdynative was removed from Makefile
because it does not appeal to any users much.
spdylay_npn_get_proto_list() returns a pointer to the supported SPDY
version list. The element of the list is spdylay_npn_proto struct. It
contains all SPDY version information this library supports. The
application can use this information to configure NPN protocol
offerings/selection.
This option sets maximum receive buffer size for incoming control
frame. Basically the library checks the length field of the incoming
control frame. For frames with name/value header block, the library
also checks the length of inflated block is also under the limit. This
is done while incrementally inflating block. If the length of frames
with name/value header block exceeds the limit, the library will issue
RST_STREAM with FRAME_TOO_LARGE. For other frames, it will issue
GOAWAY.
Current SPDY/3 spec does not clearly prohibit to send
delta_window_size which makes resulting window size more than initial
window size. For this reason, spdylay_submit_window_update() can send
delta_window_size in [1, (1 << 31)-1], inclusive, without bounded by
stream's recv_window_size. Of course, the application is now
responsible to keep the resulting window size <= (1 << 31)-1.
spdylay_submit_window_update() now returns
SPDYLAY_ERR_INVALID_ARGUMENT if delta_window_size is 0 or negative.
Tatsuhiro Tsujikawa
Daniel Stenberg