Commit Graph

737 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 24cfb52b5a nghttpx: Add --no-location-rewrite option
--no-location-rewrite option disallows location header rewrite on
--http2-bridge, --client and default mode.  This option is useful when
connecting nghttpx proxy with --http2-bridge to backend nghttpx with
http2-proxy mode.
2014-08-10 12:39:27 +09:00
Tatsuhiro Tsujikawa 93ed89df5f nghttpx: Make stream timeout disable by default
It might be useful to clean the unused stream out to make up the room
for new streams.  On the other hand, proxy should maintain the
connection between upstream client and downstream server and they have
the timeout for their own.  Proxy just reacts to their decision.
2014-08-10 00:08:44 +09:00
Tatsuhiro Tsujikawa 1a2e50ca08 nghttpx: Lower timeouts 2014-08-09 22:59:31 +09:00
Tatsuhiro Tsujikawa 76703f79fa nghttpx: Add stream level timeout for HTTP/2 and SPDY upstream/downstream 2014-08-09 22:56:27 +09:00
Tatsuhiro Tsujikawa 4c3aa081a0 nghttp: Improve error logging a bit 2014-08-09 00:03:33 +09:00
Tatsuhiro Tsujikawa 88add854ff nghttpx: Treat malformed request as PROTOCOL_ERROR 2014-08-08 23:11:58 +09:00
Tatsuhiro Tsujikawa 704bbbfcaa nghttpx: Fail if :status is not digits on http2 downstream 2014-08-08 23:08:24 +09:00
Tatsuhiro Tsujikawa e217e789de nghttp: Support non-final response and check pseudo headers 2014-08-08 23:03:12 +09:00
Tatsuhiro Tsujikawa d4d56e1846 nghttpd, nghttpx: Check that pseudo headers come before normal headers 2014-08-08 20:52:32 +09:00
Tatsuhiro Tsujikawa d496c42dc9 Revert "nghttpx, nghttpd: Check pseudo header fields come before normal header fields"
This reverts commit cc24b9aaf0.
2014-08-08 20:17:03 +09:00
Tatsuhiro Tsujikawa 76b3ba2832 nghttp: Sort request header fields using http2::name_less 2014-08-08 00:27:04 +09:00
Tatsuhiro Tsujikawa 05f982dcfb src: Sort header fields so that pseudo headers come first 2014-08-07 23:27:13 +09:00
Tatsuhiro Tsujikawa cc24b9aaf0 nghttpx, nghttpd: Check pseudo header fields come before normal header fields 2014-08-07 22:49:34 +09:00
Tatsuhiro Tsujikawa e6695d9ba7 nghttp: Check HTTP header field characters 2014-08-07 22:01:00 +09:00
Tatsuhiro Tsujikawa 9fb2bc8468 src: Remove http2::sort_nva
This function is no longer necessary because 0x00 concatenation rule
is gone.
2014-08-07 21:55:30 +09:00
Tatsuhiro Tsujikawa 3f212a60a5 nghttpx: Fix android build error 2014-08-06 00:23:46 +09:00
Tatsuhiro Tsujikawa 5c61917007 src: Move jemalloc front so that it is surely linked 2014-08-05 22:27:54 +09:00
Tatsuhiro Tsujikawa 455d911f61 src, examples: Call OPENSSL_config() 2014-08-02 10:11:45 +09:00
Tatsuhiro Tsujikawa 7c781bcd1a nghttpx: Issue RST_STREAM instead of returning NGHTTP2_ERR_TEMPORAL_CALLBACKFAILURE
NGHTTP2_ERR_TEMPORAL_CALLBACKFAILURE is not supported in
on_frame_recv_callback.
2014-08-02 00:26:43 +09:00
Tatsuhiro Tsujikawa 2e083352d5 nghttpx: Fix crash on http2 downstream disconnect 2014-07-31 23:34:33 +09:00
Tatsuhiro Tsujikawa 6e027ad830 nghttpd, nghttpx: Check allowed pseudo headers 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 9d78167297 nghttpx: Treat unexpected HEADERS as stream error 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa b8a2bf2675 Remove END_SEGMENT flag 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 04b5d1679f nghttpx: Log non-final response headers 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 15055c11f9 nghttpx: Support server-wide OPTIONS in http/1 upstream 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa c859fb8f7c nghttpx: Don't respond DATA frame for HEAD request or 204, 304, 1xx 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 079db14d45 Add nghttp2_session_consume() API
Reworked no automatic WINDOW_UPDATE feature.  We added new API
nghttp2_session_consume() which tells the library how many bytes are
consumed by the application.  Instead of submitting WINDOW_UPDATE by
the application, the library is now responsible to submit
WINDOW_UPDATE based on consumed bytes.  This is more reliable method,
since it enables us to properly send WINDOW_UPDATE for stream and
connection individually.  The previous implementation of nghttpx had
broken connection window management.
2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 9f17bee51d Fix unittest failure 2014-07-31 23:05:53 +09:00
Tatsuhiro Tsujikawa 4f815521ae nghttpx, nghttpd: Support non-final response 2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa af5fd2019d src: Remove 0x00 concatenation for headers
Now concatenating header values with 0x00 as delimiter is not
necessary because HPACK reference set is removed and the order of
header field fed into HPACK encoder is preserved when they are
decoded.
2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa 38bfbffb1b Remove HPACK reference set 2014-07-31 23:05:52 +09:00
Tatsuhiro Tsujikawa 8dc47c6750 Fix resource leaks 2014-07-18 00:31:32 +09:00
Tatsuhiro Tsujikawa 61053653df src: Retry write(2) if errno == EINTR 2014-07-17 23:41:54 +09:00
Tatsuhiro Tsujikawa bb47484667 nghttpx: Log transmission and reception of GOAWAY 2014-07-12 23:30:13 +09:00
Tatsuhiro Tsujikawa c4d2639ed8 nghttpd: Don't shutdown session if pending data is left 2014-07-12 23:17:25 +09:00
Tatsuhiro Tsujikawa 25e18174dd src: Add additional HTTP status codes defined in RFC 6585 2014-07-08 22:41:17 +09:00
Tatsuhiro Tsujikawa a072d719b3 nghttpx: Use 431 instead of 413 2014-07-08 22:37:48 +09:00
Tatsuhiro Tsujikawa 0d1ebd73de nghttpx: Only use thread_local if NOTHREADS is not defined 2014-07-08 21:28:11 +09:00
Tatsuhiro Tsujikawa d3ca003346 Update android-config and fix build warning with android NDK 2014-07-06 23:32:08 +09:00
Tatsuhiro Tsujikawa 9cbedb16d0 nghttpx: Log filename and line number after severity in one line 2014-07-06 19:26:12 +09:00
Tatsuhiro Tsujikawa 9f1c819242 nghttpx: Cleanup create_evlistener 2014-07-06 19:21:18 +09:00
Tatsuhiro Tsujikawa a02624c9ed nghttpx: Use std::shared_ptr to share cached time
To ensure that cached time buffer is not altered while referencing it,
we rely on inerlocking in std::shared_ptr to acheive this.
2014-07-06 13:27:51 +09:00
Tatsuhiro Tsujikawa 933e24d412 nghttpx: Use std::atomic for Config::cached_time 2014-07-05 23:50:32 +09:00
Tatsuhiro Tsujikawa fe2843f9d6 nghttpx: Include pid in errorlog 2014-07-05 22:53:17 +09:00
Tatsuhiro Tsujikawa afdc61a253 nghttpx: Remove S_IROTH when creating log file 2014-07-05 22:41:53 +09:00
Tatsuhiro Tsujikawa 367e764ca3 nghttpx: Log user-agent as "-" if it is empty 2014-07-05 19:48:14 +09:00
Tatsuhiro Tsujikawa 9841f778a9 nghttpx: Do not compile pthread_sigmask if NOTHREADS is defined 2014-07-05 19:43:39 +09:00
Tatsuhiro Tsujikawa bf4042ce98 nghttpx: Cache time for logging 2014-07-05 19:40:30 +09:00
Tatsuhiro Tsujikawa 2e6d5e9bd0 nghttpx: Use %lld instead of PRId64 2014-07-05 18:51:55 +09:00
Tatsuhiro Tsujikawa 0ce848a611 nghttpx: Rewrite logging system
This change rewrites logging system of nghttpx.  Previously access log
and error log are written to stderr or syslog and there was no option
to change stderr to something else.  With this change, file path of
access log and error log can be configured separately and logging to
regular file is now added.  To support rotating log, if SIGUSR1 signal
is received by nghttpx, it closes the current log files and reopen it
with the same name.  The format of access log is changed and has same
look of apache's.  But not all columns are not supported yet.
2014-07-05 18:43:24 +09:00
Tatsuhiro Tsujikawa 57230b4029 nghttpx: Fix regression POST http2 downstream does not work 2014-07-04 02:03:09 +09:00
Tatsuhiro Tsujikawa 3111138ca3 nghttpx: Don't add transfer-encoding to CONNECT request 2014-07-03 23:44:20 +09:00
Tatsuhiro Tsujikawa 0f4d01c25c nghttpx: Pass through NGHTTP2_NO_ERROR from downstream to upstream 2014-07-03 23:00:19 +09:00
Tatsuhiro Tsujikawa f8b872096e nghttpx: Use NGHTTP2_NO_ERROR to close upgraded (tunneled) stream 2014-07-03 22:59:49 +09:00
Tatsuhiro Tsujikawa e18c439a73 nghttp: Add --no-content-length option 2014-07-03 22:48:43 +09:00
Tatsuhiro Tsujikawa 545732fed8 nghttpd: Add --early-response option
This option is testing the client behavior when it gets response
before sending all request.
2014-07-03 22:44:27 +09:00
Tatsuhiro Tsujikawa 4b6f124b7e Add API to check half-closed state for both direction of stream 2014-07-03 21:44:29 +09:00
Tatsuhiro Tsujikawa 119fb05cc2 nghttpx: Call on_response_headers for response header only in http2 downstream 2014-07-03 21:18:01 +09:00
Tatsuhiro Tsujikawa e08df2840c nghttpx: Disallow 2nd message in http downstream 2014-07-03 20:57:07 +09:00
Tatsuhiro Tsujikawa 1ce00f455c nghttpx: Remove requirement of content-length for HTTP2 upstream POST 2014-07-03 19:59:10 +09:00
Tatsuhiro Tsujikawa 9cddb05f54 nghttpx: Use error_reply instead of RST_STREAM for http2 upstream request 2014-07-03 00:12:16 +09:00
Tatsuhiro Tsujikawa 93b3a44fb5 nghttpx: Add ability to Http2Upstream to send RST_STREAM after END_STREAM 2014-07-02 23:56:26 +09:00
Tatsuhiro Tsujikawa acb3d4dcfc nghttpx: Handle connection flow control for DATA not sent to frontend 2014-07-02 23:24:59 +09:00
Tatsuhiro Tsujikawa 797edae4d4 nghttpx: Handle connection flow control for DATA not sent to backend 2014-07-02 23:24:58 +09:00
Tatsuhiro Tsujikawa 4e81a34146 nghttpd: Add --dh-param-file option to support DHE ciphers 2014-06-28 15:43:06 +09:00
Tatsuhiro Tsujikawa 9fec34968b nghttpd: Disable SSL_CTX_set_ecdh_auto for OpenSSL >= 1.0.2 2014-06-28 15:35:10 +09:00
Tatsuhiro Tsujikawa a3334bb21c nghttpd: Use cipher suites recommended by Mozilla 2014-06-28 15:28:19 +09:00
Tatsuhiro Tsujikawa c1be7c734f src: Update status code according to RFC 7231 2014-06-27 23:02:12 +09:00
Tatsuhiro Tsujikawa 303f0f3fcd nghttpx: Return 413 if request header is too large
For now, if request has request body, we'll issue RST_STREAM to inform
the peer to stop sending body.  RST_STREAM may be sent before error
page header or data, so peer may receive RST_STREAM only.
2014-06-27 22:54:33 +09:00
Tatsuhiro Tsujikawa ca87b45fe4 nghttpx: Don't fail backend connection if one of backend request fails 2014-06-27 22:34:54 +09:00
Tatsuhiro Tsujikawa 31d99b3664 nghttp: Adjust header size for CONTINUATION test 2014-06-27 21:16:36 +09:00
Tatsuhiro Tsujikawa 3312df42d2 nghttpx: Use std::unique_ptr for ListenHandler::http2session_ 2014-06-27 00:39:53 +09:00
Tatsuhiro Tsujikawa 68cd12ac29 nghttpx: Use std::vector instead of raw array 2014-06-27 00:26:21 +09:00
Tatsuhiro Tsujikawa 52ff158f34 h2load: Fix failed stream count is added multiple times
The number of failed stream is counted multiple times if several
connection attempts are made.
2014-06-26 23:20:12 +09:00
Tatsuhiro Tsujikawa 479e15469c nghttpx: Add worker-frontend-connections option 2014-06-26 22:55:22 +09:00
Tatsuhiro Tsujikawa ad60a18fb9 Remove BLOCKED frame 2014-06-24 00:22:41 +09:00
Tatsuhiro Tsujikawa 5aba6e6d1b h2load: Set number of request per client explicitly
Previously we do not specify the number of requests each client has to
issue.  The each client corresponds to 1 TCP connection.  If
connection was not accepted by server or not TLS handshake is not
done, we effectively don't use that connection and the requests
supposed to be issued for those connections are done via other
established connections.  If this occurs, servers which do not accept
all connections may gain good benchmark results since they don't have
to pay extra cost to handle all connections (e.g., SSL/TLS handshake).
This change explicitly set the number of requests each client has to
issue so that servers cannot *cheat*.
2014-06-22 15:03:46 +09:00
Tatsuhiro Tsujikawa 1caec7cb16 h2load: Fix memory leak detected by LeakSanitizer 2014-06-20 00:00:06 +09:00
Tatsuhiro Tsujikawa 0cd26d6f3b nghttp: Remove garbage for deprecated per-stream compression which cause leak 2014-06-19 23:35:58 +09:00
Tatsuhiro Tsujikawa 2bfa772472 nghttpx: Update cipher suite list 2014-06-19 23:26:30 +09:00
Tatsuhiro Tsujikawa 133c3d66be nghttpx: Remove TLSv1.0 from default TLS proto list 2014-06-19 23:21:53 +09:00
Tatsuhiro Tsujikawa 266a15ccd3 nghttpx: Remove per-connection rate limit
It looks like setting read-rate and read-burst to 0 makes busy loop.
It seems a bug.  On the other hand, we most likely want per-thread
rate limit rather than per-connection.  So we decided to drop them.
2014-06-19 23:19:14 +09:00
Tatsuhiro Tsujikawa 4ff522764c h2load: Call session->on_write() explicitly in Client::on_connect() 2014-06-19 22:49:38 +09:00
Tatsuhiro Tsujikawa 4ab594b144 nghttpx: Fix connection preface is not read by upstream_http2_connhd_readcb
It seems that if readcb is not set before SSL/TLS handshake, the
incoming data already available when eventcb (BEV_EVENT_CONNECTED
event) is fired is not further notified after setting new readcb.  We
knew this fact and call upstream->on_read() in eventcb, but it is
wrong for HTTP/2.  We have to call upstream_http2_connhd_readcb to
check connection preface.  Otherwise, we consume it by nghttp2 session
and it is treated as unknown frame and connection preface is not
detected properly.
2014-06-19 22:43:54 +09:00
Tatsuhiro Tsujikawa a344a8f566 src: Don't build h2load if std::future is not working 2014-06-18 14:24:45 +09:00
Tatsuhiro Tsujikawa 87360b4f7d nghttpx: Require TLSv.12 for h2 2014-06-18 12:09:30 +09:00
Tatsuhiro Tsujikawa 174e410b93 Use hex in nghttp2_error_code and nghttp2_settings_id 2014-06-18 10:48:31 +09:00
Tatsuhiro Tsujikawa 94b9c3771d nghttpx: Throw away request and response headers when they are done 2014-06-15 17:25:24 +09:00
Tatsuhiro Tsujikawa 041cec2d97 nghttpx: Check error from SSL_set_fd 2014-06-12 23:39:58 +09:00
Tatsuhiro Tsujikawa 25b58d5e22 nghttpx: Code cleanup 2014-06-12 23:37:33 +09:00
Tatsuhiro Tsujikawa 1ee847c21a nghttp: Code cleanup 2014-06-12 22:48:40 +09:00
Tatsuhiro Tsujikawa 1af9a9cee0 nghttpx: Don't stderr log if syslog is used
This change also reverts previous commits and tty is set to false if
syslog is used.
2014-06-12 21:47:00 +09:00
Tatsuhiro Tsujikawa 6a2950aef0 nghttpx: Make tty to false when daemonized 2014-06-12 00:19:46 +09:00
Tatsuhiro Tsujikawa 9b174bf5c9 Fix compile error with -Wshorten-64-to-32
The original patch was contributed by Alexis La Goutte
2014-06-11 23:37:16 +09:00
Tatsuhiro Tsujikawa 21c4931197 nghttpx: Get rid of openssl filter
Libevent Openssl filter is very inconvenient in various respect.  The
most annoying thing is it somehow emits data when SSL_shutdown is
called.  The reason we introduced this filter solution is drop
connection if TLS renegotiation is detected.  This commit implements
renegotiation detection and drop connection without filtering.
2014-06-11 01:16:49 +09:00
Tatsuhiro Tsujikawa 24762db8f5 nghttpx: Drop connection if HTTP/2 security level is not satisfied on backend 2014-06-11 00:19:54 +09:00
Tatsuhiro Tsujikawa 492b42e6e9 nghttpx: Drop connection if HTTP/2 security level is not satisfied on frontend 2014-06-11 00:07:51 +09:00
Tatsuhiro Tsujikawa d6b5824c9c nghttpx: Don't check TLS requirement in ALPN cb cause cipher obj is nullptr
Also don't compare ALPN identifier with streq, since they are just
byte string.
2014-06-10 23:22:52 +09:00
Tatsuhiro Tsujikawa c204861dec nghttpx: Create NPN prefs only once 2014-06-10 23:22:23 +09:00
Tatsuhiro Tsujikawa 7b0ed5d9bd nghttpx: Only allow DHE, ECDHE + AEAD ciphers for HTTP/2
Cipher suites are chosen by DHE and ECDHE ciphers + GCM (AEAD).  Now
default cipher list is the one recommended by Mozilla web site.  The
--honor-cipher-order option is removed and now it is always assumed.
2014-06-10 22:47:22 +09:00