Tatsuhiro Tsujikawa
24cfb52b5a
nghttpx: Add --no-location-rewrite option
...
--no-location-rewrite option disallows location header rewrite on
--http2-bridge, --client and default mode. This option is useful when
connecting nghttpx proxy with --http2-bridge to backend nghttpx with
http2-proxy mode.
2014-08-10 12:39:27 +09:00
Tatsuhiro Tsujikawa
93ed89df5f
nghttpx: Make stream timeout disable by default
...
It might be useful to clean the unused stream out to make up the room
for new streams. On the other hand, proxy should maintain the
connection between upstream client and downstream server and they have
the timeout for their own. Proxy just reacts to their decision.
2014-08-10 00:08:44 +09:00
Tatsuhiro Tsujikawa
1a2e50ca08
nghttpx: Lower timeouts
2014-08-09 22:59:31 +09:00
Tatsuhiro Tsujikawa
76703f79fa
nghttpx: Add stream level timeout for HTTP/2 and SPDY upstream/downstream
2014-08-09 22:56:27 +09:00
Tatsuhiro Tsujikawa
4c3aa081a0
nghttp: Improve error logging a bit
2014-08-09 00:03:33 +09:00
Tatsuhiro Tsujikawa
88add854ff
nghttpx: Treat malformed request as PROTOCOL_ERROR
2014-08-08 23:11:58 +09:00
Tatsuhiro Tsujikawa
704bbbfcaa
nghttpx: Fail if :status is not digits on http2 downstream
2014-08-08 23:08:24 +09:00
Tatsuhiro Tsujikawa
e217e789de
nghttp: Support non-final response and check pseudo headers
2014-08-08 23:03:12 +09:00
Tatsuhiro Tsujikawa
d4d56e1846
nghttpd, nghttpx: Check that pseudo headers come before normal headers
2014-08-08 20:52:32 +09:00
Tatsuhiro Tsujikawa
d496c42dc9
Revert "nghttpx, nghttpd: Check pseudo header fields come before normal header fields"
...
This reverts commit cc24b9aaf0
.
2014-08-08 20:17:03 +09:00
Tatsuhiro Tsujikawa
76b3ba2832
nghttp: Sort request header fields using http2::name_less
2014-08-08 00:27:04 +09:00
Tatsuhiro Tsujikawa
05f982dcfb
src: Sort header fields so that pseudo headers come first
2014-08-07 23:27:13 +09:00
Tatsuhiro Tsujikawa
cc24b9aaf0
nghttpx, nghttpd: Check pseudo header fields come before normal header fields
2014-08-07 22:49:34 +09:00
Tatsuhiro Tsujikawa
e6695d9ba7
nghttp: Check HTTP header field characters
2014-08-07 22:01:00 +09:00
Tatsuhiro Tsujikawa
9fb2bc8468
src: Remove http2::sort_nva
...
This function is no longer necessary because 0x00 concatenation rule
is gone.
2014-08-07 21:55:30 +09:00
Tatsuhiro Tsujikawa
3f212a60a5
nghttpx: Fix android build error
2014-08-06 00:23:46 +09:00
Tatsuhiro Tsujikawa
5c61917007
src: Move jemalloc front so that it is surely linked
2014-08-05 22:27:54 +09:00
Tatsuhiro Tsujikawa
455d911f61
src, examples: Call OPENSSL_config()
2014-08-02 10:11:45 +09:00
Tatsuhiro Tsujikawa
7c781bcd1a
nghttpx: Issue RST_STREAM instead of returning NGHTTP2_ERR_TEMPORAL_CALLBACKFAILURE
...
NGHTTP2_ERR_TEMPORAL_CALLBACKFAILURE is not supported in
on_frame_recv_callback.
2014-08-02 00:26:43 +09:00
Tatsuhiro Tsujikawa
2e083352d5
nghttpx: Fix crash on http2 downstream disconnect
2014-07-31 23:34:33 +09:00
Tatsuhiro Tsujikawa
6e027ad830
nghttpd, nghttpx: Check allowed pseudo headers
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
9d78167297
nghttpx: Treat unexpected HEADERS as stream error
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
b8a2bf2675
Remove END_SEGMENT flag
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
04b5d1679f
nghttpx: Log non-final response headers
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
15055c11f9
nghttpx: Support server-wide OPTIONS in http/1 upstream
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
c859fb8f7c
nghttpx: Don't respond DATA frame for HEAD request or 204, 304, 1xx
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
079db14d45
Add nghttp2_session_consume() API
...
Reworked no automatic WINDOW_UPDATE feature. We added new API
nghttp2_session_consume() which tells the library how many bytes are
consumed by the application. Instead of submitting WINDOW_UPDATE by
the application, the library is now responsible to submit
WINDOW_UPDATE based on consumed bytes. This is more reliable method,
since it enables us to properly send WINDOW_UPDATE for stream and
connection individually. The previous implementation of nghttpx had
broken connection window management.
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
9f17bee51d
Fix unittest failure
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa
4f815521ae
nghttpx, nghttpd: Support non-final response
2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa
af5fd2019d
src: Remove 0x00 concatenation for headers
...
Now concatenating header values with 0x00 as delimiter is not
necessary because HPACK reference set is removed and the order of
header field fed into HPACK encoder is preserved when they are
decoded.
2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa
38bfbffb1b
Remove HPACK reference set
2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa
8dc47c6750
Fix resource leaks
2014-07-18 00:31:32 +09:00
Tatsuhiro Tsujikawa
61053653df
src: Retry write(2) if errno == EINTR
2014-07-17 23:41:54 +09:00
Tatsuhiro Tsujikawa
bb47484667
nghttpx: Log transmission and reception of GOAWAY
2014-07-12 23:30:13 +09:00
Tatsuhiro Tsujikawa
c4d2639ed8
nghttpd: Don't shutdown session if pending data is left
2014-07-12 23:17:25 +09:00
Tatsuhiro Tsujikawa
25e18174dd
src: Add additional HTTP status codes defined in RFC 6585
2014-07-08 22:41:17 +09:00
Tatsuhiro Tsujikawa
a072d719b3
nghttpx: Use 431 instead of 413
2014-07-08 22:37:48 +09:00
Tatsuhiro Tsujikawa
0d1ebd73de
nghttpx: Only use thread_local if NOTHREADS is not defined
2014-07-08 21:28:11 +09:00
Tatsuhiro Tsujikawa
d3ca003346
Update android-config and fix build warning with android NDK
2014-07-06 23:32:08 +09:00
Tatsuhiro Tsujikawa
9cbedb16d0
nghttpx: Log filename and line number after severity in one line
2014-07-06 19:26:12 +09:00
Tatsuhiro Tsujikawa
9f1c819242
nghttpx: Cleanup create_evlistener
2014-07-06 19:21:18 +09:00
Tatsuhiro Tsujikawa
a02624c9ed
nghttpx: Use std::shared_ptr to share cached time
...
To ensure that cached time buffer is not altered while referencing it,
we rely on inerlocking in std::shared_ptr to acheive this.
2014-07-06 13:27:51 +09:00
Tatsuhiro Tsujikawa
933e24d412
nghttpx: Use std::atomic for Config::cached_time
2014-07-05 23:50:32 +09:00
Tatsuhiro Tsujikawa
fe2843f9d6
nghttpx: Include pid in errorlog
2014-07-05 22:53:17 +09:00
Tatsuhiro Tsujikawa
afdc61a253
nghttpx: Remove S_IROTH when creating log file
2014-07-05 22:41:53 +09:00
Tatsuhiro Tsujikawa
367e764ca3
nghttpx: Log user-agent as "-" if it is empty
2014-07-05 19:48:14 +09:00
Tatsuhiro Tsujikawa
9841f778a9
nghttpx: Do not compile pthread_sigmask if NOTHREADS is defined
2014-07-05 19:43:39 +09:00
Tatsuhiro Tsujikawa
bf4042ce98
nghttpx: Cache time for logging
2014-07-05 19:40:30 +09:00
Tatsuhiro Tsujikawa
2e6d5e9bd0
nghttpx: Use %lld instead of PRId64
2014-07-05 18:51:55 +09:00
Tatsuhiro Tsujikawa
0ce848a611
nghttpx: Rewrite logging system
...
This change rewrites logging system of nghttpx. Previously access log
and error log are written to stderr or syslog and there was no option
to change stderr to something else. With this change, file path of
access log and error log can be configured separately and logging to
regular file is now added. To support rotating log, if SIGUSR1 signal
is received by nghttpx, it closes the current log files and reopen it
with the same name. The format of access log is changed and has same
look of apache's. But not all columns are not supported yet.
2014-07-05 18:43:24 +09:00
Tatsuhiro Tsujikawa
57230b4029
nghttpx: Fix regression POST http2 downstream does not work
2014-07-04 02:03:09 +09:00
Tatsuhiro Tsujikawa
3111138ca3
nghttpx: Don't add transfer-encoding to CONNECT request
2014-07-03 23:44:20 +09:00
Tatsuhiro Tsujikawa
0f4d01c25c
nghttpx: Pass through NGHTTP2_NO_ERROR from downstream to upstream
2014-07-03 23:00:19 +09:00
Tatsuhiro Tsujikawa
f8b872096e
nghttpx: Use NGHTTP2_NO_ERROR to close upgraded (tunneled) stream
2014-07-03 22:59:49 +09:00
Tatsuhiro Tsujikawa
e18c439a73
nghttp: Add --no-content-length option
2014-07-03 22:48:43 +09:00
Tatsuhiro Tsujikawa
545732fed8
nghttpd: Add --early-response option
...
This option is testing the client behavior when it gets response
before sending all request.
2014-07-03 22:44:27 +09:00
Tatsuhiro Tsujikawa
4b6f124b7e
Add API to check half-closed state for both direction of stream
2014-07-03 21:44:29 +09:00
Tatsuhiro Tsujikawa
119fb05cc2
nghttpx: Call on_response_headers for response header only in http2 downstream
2014-07-03 21:18:01 +09:00
Tatsuhiro Tsujikawa
e08df2840c
nghttpx: Disallow 2nd message in http downstream
2014-07-03 20:57:07 +09:00
Tatsuhiro Tsujikawa
1ce00f455c
nghttpx: Remove requirement of content-length for HTTP2 upstream POST
2014-07-03 19:59:10 +09:00
Tatsuhiro Tsujikawa
9cddb05f54
nghttpx: Use error_reply instead of RST_STREAM for http2 upstream request
2014-07-03 00:12:16 +09:00
Tatsuhiro Tsujikawa
93b3a44fb5
nghttpx: Add ability to Http2Upstream to send RST_STREAM after END_STREAM
2014-07-02 23:56:26 +09:00
Tatsuhiro Tsujikawa
acb3d4dcfc
nghttpx: Handle connection flow control for DATA not sent to frontend
2014-07-02 23:24:59 +09:00
Tatsuhiro Tsujikawa
797edae4d4
nghttpx: Handle connection flow control for DATA not sent to backend
2014-07-02 23:24:58 +09:00
Tatsuhiro Tsujikawa
4e81a34146
nghttpd: Add --dh-param-file option to support DHE ciphers
2014-06-28 15:43:06 +09:00
Tatsuhiro Tsujikawa
9fec34968b
nghttpd: Disable SSL_CTX_set_ecdh_auto for OpenSSL >= 1.0.2
2014-06-28 15:35:10 +09:00
Tatsuhiro Tsujikawa
a3334bb21c
nghttpd: Use cipher suites recommended by Mozilla
2014-06-28 15:28:19 +09:00
Tatsuhiro Tsujikawa
c1be7c734f
src: Update status code according to RFC 7231
2014-06-27 23:02:12 +09:00
Tatsuhiro Tsujikawa
303f0f3fcd
nghttpx: Return 413 if request header is too large
...
For now, if request has request body, we'll issue RST_STREAM to inform
the peer to stop sending body. RST_STREAM may be sent before error
page header or data, so peer may receive RST_STREAM only.
2014-06-27 22:54:33 +09:00
Tatsuhiro Tsujikawa
ca87b45fe4
nghttpx: Don't fail backend connection if one of backend request fails
2014-06-27 22:34:54 +09:00
Tatsuhiro Tsujikawa
31d99b3664
nghttp: Adjust header size for CONTINUATION test
2014-06-27 21:16:36 +09:00
Tatsuhiro Tsujikawa
3312df42d2
nghttpx: Use std::unique_ptr for ListenHandler::http2session_
2014-06-27 00:39:53 +09:00
Tatsuhiro Tsujikawa
68cd12ac29
nghttpx: Use std::vector instead of raw array
2014-06-27 00:26:21 +09:00
Tatsuhiro Tsujikawa
52ff158f34
h2load: Fix failed stream count is added multiple times
...
The number of failed stream is counted multiple times if several
connection attempts are made.
2014-06-26 23:20:12 +09:00
Tatsuhiro Tsujikawa
479e15469c
nghttpx: Add worker-frontend-connections option
2014-06-26 22:55:22 +09:00
Tatsuhiro Tsujikawa
ad60a18fb9
Remove BLOCKED frame
2014-06-24 00:22:41 +09:00
Tatsuhiro Tsujikawa
5aba6e6d1b
h2load: Set number of request per client explicitly
...
Previously we do not specify the number of requests each client has to
issue. The each client corresponds to 1 TCP connection. If
connection was not accepted by server or not TLS handshake is not
done, we effectively don't use that connection and the requests
supposed to be issued for those connections are done via other
established connections. If this occurs, servers which do not accept
all connections may gain good benchmark results since they don't have
to pay extra cost to handle all connections (e.g., SSL/TLS handshake).
This change explicitly set the number of requests each client has to
issue so that servers cannot *cheat*.
2014-06-22 15:03:46 +09:00
Tatsuhiro Tsujikawa
1caec7cb16
h2load: Fix memory leak detected by LeakSanitizer
2014-06-20 00:00:06 +09:00
Tatsuhiro Tsujikawa
0cd26d6f3b
nghttp: Remove garbage for deprecated per-stream compression which cause leak
2014-06-19 23:35:58 +09:00
Tatsuhiro Tsujikawa
2bfa772472
nghttpx: Update cipher suite list
2014-06-19 23:26:30 +09:00
Tatsuhiro Tsujikawa
133c3d66be
nghttpx: Remove TLSv1.0 from default TLS proto list
2014-06-19 23:21:53 +09:00
Tatsuhiro Tsujikawa
266a15ccd3
nghttpx: Remove per-connection rate limit
...
It looks like setting read-rate and read-burst to 0 makes busy loop.
It seems a bug. On the other hand, we most likely want per-thread
rate limit rather than per-connection. So we decided to drop them.
2014-06-19 23:19:14 +09:00
Tatsuhiro Tsujikawa
4ff522764c
h2load: Call session->on_write() explicitly in Client::on_connect()
2014-06-19 22:49:38 +09:00
Tatsuhiro Tsujikawa
4ab594b144
nghttpx: Fix connection preface is not read by upstream_http2_connhd_readcb
...
It seems that if readcb is not set before SSL/TLS handshake, the
incoming data already available when eventcb (BEV_EVENT_CONNECTED
event) is fired is not further notified after setting new readcb. We
knew this fact and call upstream->on_read() in eventcb, but it is
wrong for HTTP/2. We have to call upstream_http2_connhd_readcb to
check connection preface. Otherwise, we consume it by nghttp2 session
and it is treated as unknown frame and connection preface is not
detected properly.
2014-06-19 22:43:54 +09:00
Tatsuhiro Tsujikawa
a344a8f566
src: Don't build h2load if std::future is not working
2014-06-18 14:24:45 +09:00
Tatsuhiro Tsujikawa
87360b4f7d
nghttpx: Require TLSv.12 for h2
2014-06-18 12:09:30 +09:00
Tatsuhiro Tsujikawa
174e410b93
Use hex in nghttp2_error_code and nghttp2_settings_id
2014-06-18 10:48:31 +09:00
Tatsuhiro Tsujikawa
94b9c3771d
nghttpx: Throw away request and response headers when they are done
2014-06-15 17:25:24 +09:00
Tatsuhiro Tsujikawa
041cec2d97
nghttpx: Check error from SSL_set_fd
2014-06-12 23:39:58 +09:00
Tatsuhiro Tsujikawa
25b58d5e22
nghttpx: Code cleanup
2014-06-12 23:37:33 +09:00
Tatsuhiro Tsujikawa
1ee847c21a
nghttp: Code cleanup
2014-06-12 22:48:40 +09:00
Tatsuhiro Tsujikawa
1af9a9cee0
nghttpx: Don't stderr log if syslog is used
...
This change also reverts previous commits and tty is set to false if
syslog is used.
2014-06-12 21:47:00 +09:00
Tatsuhiro Tsujikawa
6a2950aef0
nghttpx: Make tty to false when daemonized
2014-06-12 00:19:46 +09:00
Tatsuhiro Tsujikawa
9b174bf5c9
Fix compile error with -Wshorten-64-to-32
...
The original patch was contributed by Alexis La Goutte
2014-06-11 23:37:16 +09:00
Tatsuhiro Tsujikawa
21c4931197
nghttpx: Get rid of openssl filter
...
Libevent Openssl filter is very inconvenient in various respect. The
most annoying thing is it somehow emits data when SSL_shutdown is
called. The reason we introduced this filter solution is drop
connection if TLS renegotiation is detected. This commit implements
renegotiation detection and drop connection without filtering.
2014-06-11 01:16:49 +09:00
Tatsuhiro Tsujikawa
24762db8f5
nghttpx: Drop connection if HTTP/2 security level is not satisfied on backend
2014-06-11 00:19:54 +09:00
Tatsuhiro Tsujikawa
492b42e6e9
nghttpx: Drop connection if HTTP/2 security level is not satisfied on frontend
2014-06-11 00:07:51 +09:00
Tatsuhiro Tsujikawa
d6b5824c9c
nghttpx: Don't check TLS requirement in ALPN cb cause cipher obj is nullptr
...
Also don't compare ALPN identifier with streq, since they are just
byte string.
2014-06-10 23:22:52 +09:00
Tatsuhiro Tsujikawa
c204861dec
nghttpx: Create NPN prefs only once
2014-06-10 23:22:23 +09:00
Tatsuhiro Tsujikawa
7b0ed5d9bd
nghttpx: Only allow DHE, ECDHE + AEAD ciphers for HTTP/2
...
Cipher suites are chosen by DHE and ECDHE ciphers + GCM (AEAD). Now
default cipher list is the one recommended by Mozilla web site. The
--honor-cipher-order option is removed and now it is always assumed.
2014-06-10 22:47:22 +09:00