Commit Graph

6094 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 175001a8d9 Add migration section from nghttpx v1.18.x 2017-01-09 16:09:30 +09:00
Tatsuhiro Tsujikawa 7cf9e00283 Update bash_completion 2017-01-09 14:56:03 +09:00
Tatsuhiro Tsujikawa 8a3eb3f066 Update man pages 2017-01-09 14:55:51 +09:00
Tatsuhiro Tsujikawa 7e1a0d204b h2load: Show default cipher list in -h 2017-01-09 14:47:32 +09:00
Tatsuhiro Tsujikawa cbca2e35b5 nghttpx: Show default cipher list in -h 2017-01-09 14:43:13 +09:00
Tatsuhiro Tsujikawa fc9bdf024f src: Make DEFAULT_CIPHER_LIST constexpr char[] 2017-01-09 14:42:40 +09:00
Tatsuhiro Tsujikawa 3f97e6cd3a Merge pull request #776 from nghttp2/nghttpx-memchunkbuffer
nghttpx: Use Memchunk based read buffer for frontend connection
2017-01-09 13:08:23 +09:00
Tatsuhiro Tsujikawa 4fa150c494 nghttpx: Use Memchunk based read buffer for frontend connection
Previously, we have dedicated read buffer for each frontend
connection.  With this commit, the buffer spaces are only used when
needed, and pooled if they are not used.  This reduces memory usage
for idle client connections.
2017-01-08 23:20:14 +09:00
Tatsuhiro Tsujikawa e8b2508036 nghttpx: Rename confusing names in HttpDownstreamConnection 2017-01-08 23:09:00 +09:00
Tatsuhiro Tsujikawa ac399e41ac nghttpx: Update doc
Mention client-ciphers, and no-http2-cipher-black-list options in
psk-secrets and client-psk-secrets options.
2017-01-08 23:04:07 +09:00
Tatsuhiro Tsujikawa 95dd908834 Merge branch 'nghttpx-more-tls-options' 2017-01-08 22:57:21 +09:00
Tatsuhiro Tsujikawa 9c7e54d9b5 nghttpx: Add client-ciphers option
Previously, ciphers option sets cipher list for both frontend and
backend TLS connections.  With this commit, ciphers option only sets
cipher list for frontend connections.  The new client-ciphers option
sets cipher list for backend connection.
2017-01-08 22:40:58 +09:00
Tatsuhiro Tsujikawa 3c03024881 nghttpx: Add client-no-http2-cipher-black-list option
This commit adds client-no-http2-cipher-black-list option to disable
enforcement of HTTP/2 cipher black list on backend HTTP/2 connection.
Previously, existing no-http2-cipher-black-list option disables it for
both frontend and backend connections.  Now no-http2-cipher-black-list
option only disables it for frontend connection.
2017-01-08 22:33:19 +09:00
Tatsuhiro Tsujikawa 36dfc0a56a nghttpx: Reorganize client side TLS configuration 2017-01-08 22:25:30 +09:00
Tatsuhiro Tsujikawa 55bf6cdb15 Merge branch 'nghttpx-psk' 2017-01-08 21:10:07 +09:00
Tatsuhiro Tsujikawa 0abc220013 nghttpx: Fix the bug that no-http2-cipher-black-list does not work
Because of the redundant check in backend HTTP/2 session,
no-http2-cipher-black-list does not work on backend HTTP/2 connection.
This commit fixes it.
2017-01-08 19:43:24 +09:00
Tatsuhiro Tsujikawa c28900990a h2load: Show custom server temp key such as X25519 2017-01-08 17:58:19 +09:00
Tatsuhiro Tsujikawa 5108193d7b h2load: Fix incorrect return value from spdylay_send_callback 2017-01-08 17:32:35 +09:00
Tatsuhiro Tsujikawa 79a24f5dd9 nghttpx: Add --client-psk-secret option to enable PSK in backend 2017-01-08 00:35:55 +09:00
Tatsuhiro Tsujikawa 83c759572c nghttpx: Add --psk-secret option to enable PSK in frontend connection 2017-01-08 00:35:54 +09:00
Tatsuhiro Tsujikawa 1a07fb000b nghttpx: Enable SCT with OpenSSL 1.1.0 2017-01-06 21:29:04 +09:00
Tatsuhiro Tsujikawa 4aab15999d Merge pull request #769 from alagoutte/pvs
Fix issue reporting by PVS Studio
2017-01-04 20:27:55 +09:00
Tatsuhiro Tsujikawa 441982674f Merge pull request #768 from makovich/master
Update README file
2017-01-04 20:24:04 +09:00
Alexis La Goutte 8256c6e070 libevent-client: fix Incorrect format found by PVS Studio (V576)
Consider checking the fourth actual argument of the 'fprintf' function. The SIGNED integer type argument is expected.
2017-01-03 22:03:53 +01:00
Alexis La Goutte ae87a44b94 nghttp2_hd: fix It is odd that the body of 'hd_get_num_table_entries' function is fully equivalent to the body of 'get_max_index' function found by PVS Studio (V524) 2017-01-03 22:03:53 +01:00
Alexis La Goutte 87d1692e27 nghttp2_submit: fix Parameter 'flags' is always rewritten in function body before being used found by PVS Studio (V763) 2017-01-03 22:03:53 +01:00
makovich 1d2f008656 Update README file 2017-01-03 23:00:32 +03:00
Tatsuhiro Tsujikawa b064d8a9ff Merge branch 'nghttpx-fronend-proxyproto' 2017-01-03 17:28:20 +09:00
Tatsuhiro Tsujikawa 528af200b6 Merge branch 'nghttpx-fix-libev-assertion-error' 2017-01-03 17:26:05 +09:00
Tatsuhiro Tsujikawa c6827a7dac nghttpx: Fix assertion error in libev ev_io_start 2017-01-03 16:43:49 +09:00
Tatsuhiro Tsujikawa 55ecb082ee nghttpx: Handle c-ares success without result 2017-01-03 14:35:05 +09:00
Tatsuhiro Tsujikawa 5f2cf461e6 integration: Avoid nghttpx accept-proxy-protocol option 2017-01-03 14:14:37 +09:00
Tatsuhiro Tsujikawa b313386988 nghttpx: Add proxyproto to frontend option to accept PROXY protocol
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible.  To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa 3933280d29 src: Fix assertion error with boringssl
boringssl says:

/* It is an error to clear any bits that have already been set. (We can't try
 * to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
2017-01-02 11:48:38 +09:00
Tatsuhiro Tsujikawa 2b6073900f Merge branch 'nghttpx-dns-timeout-fix' 2016-12-30 11:39:28 +09:00
Tatsuhiro Tsujikawa d1ba43a69f nghttpx: Fix bug that DNS timeout was erroneously disabled 2016-12-30 11:09:02 +09:00
Tatsuhiro Tsujikawa a0779edec4 nghttpx: Fix bug that DNS timeout was ignored 2016-12-30 11:08:26 +09:00
Tatsuhiro Tsujikawa d70fefe72f Bump up version number to 1.19.0-DEV 2016-12-27 20:55:00 +09:00
Tatsuhiro Tsujikawa b52db072f1 Update bash_completion 2016-12-27 20:43:30 +09:00
Tatsuhiro Tsujikawa ab0b98db61 Update man pages 2016-12-27 20:42:46 +09:00
Tatsuhiro Tsujikawa 4245d98653 Bump up version number to 1.18.0, LT revision to 26:3:12 2016-12-27 20:35:31 +09:00
Tatsuhiro Tsujikawa 93b4866f5b Merge branch 'nghttpx-dont-write-after-failure' 2016-12-26 00:49:45 +09:00
Tatsuhiro Tsujikawa 25df164219 nghttpx: Don't write again after failure
Plain write(2) is OK, but SSL_write requires same arguments on retry.
It would be better to avoid calling them again.
2016-12-26 00:35:38 +09:00
Tatsuhiro Tsujikawa ba03c082e9 Merge branch 'nghttpx-retry-h1-backend-request' 2016-12-25 23:05:29 +09:00
Tatsuhiro Tsujikawa bcfa333322 nghttpx: Refactor h1 backend retry code 2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa c4aeadd57d nghttpx: Retry h1 backend request if first write fails 2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa e6b4454e48 Merge branch 'nghttpx-better-early-final-response-handling' 2016-12-24 23:02:52 +09:00
Tatsuhiro Tsujikawa 3226d21609 Merge pull request #755 from nghttp2/nghttpx-h1-frontend-keep-alive-timeout
nghttpx: Add frontend-keep-alive-timeout option
2016-12-24 23:01:17 +09:00
Tatsuhiro Tsujikawa 3d20c2dce6 nghttpx: Feed read event rather than calling on_read
on_read may fail, but we failed to check its return value most of the
places.  This is because failure means deletion of ClientHandler, but
because of architecture, we cannot delete it.  Feeding read event is
better since we can move call on_read from libev callback.  We can
delete ClientHandler form there.
2016-12-24 22:57:59 +09:00
Tatsuhiro Tsujikawa cd83d70e7b nghttpx: Don't reset stream if we have already received response 2016-12-24 22:54:22 +09:00