2f26b04730
nghttpx: Code cleanup
2013-09-01 00:23:07 +09:00
9e703170cd
nghttpx: Enable --honor-cipher-order automatically when --ciphers is used
2013-08-30 23:02:47 +09:00
aea036c9d4
nghttpx: Support ECDHE and DHE cipher suites
...
Use --dh-param-file option to specify a file including DH parameters
in PEM format.
For example, you can create DH parameters with 1024 bit key using
following command:
$ openssl dhparam -outform PEM -out dhparam.pem 1024
2013-08-30 22:07:42 +09:00
e818d098ec
nghttp: Fix off-by-one error when allocating space for request headers
2013-08-30 21:30:04 +09:00
59286adc5e
Add int return value to nghttp2_on_unknown_frame_recv_callback
2013-08-29 23:10:18 +09:00
db4f519500
Add int return value to nghttp2_on_frame_recv_parse_error_callback
2013-08-29 23:07:07 +09:00
053c444769
Add int return value to nghttp2_on_request_recv_callback
2013-08-29 23:03:21 +09:00
81653c1d1b
Add int return value to nghttp2_on_stream_close_callback
2013-08-29 22:58:05 +09:00
5a7f65f1f7
Add int return value to on_data_send_callback
2013-08-29 21:55:04 +09:00
b9d2f9b6b0
Add int return value to on_frame_not_send_callback
2013-08-29 21:51:58 +09:00
d4852b0f11
Add int return value to on_frame_send_callback
2013-08-29 21:48:34 +09:00
a51cdaacfc
Add int return value to nghttp2_before_frame_send_callback
2013-08-29 21:45:10 +09:00
544ac9f61f
Add int return value to nghttp2_on_data_recv_callback
2013-08-29 21:41:33 +09:00
972b47d6af
Add int return value to nghttp2_on_data_chunk_recv_callback
2013-08-29 21:39:32 +09:00
fb7d22fcb9
Add int return value to nghttp2_on_invalid_frame_recv_callback
2013-08-29 21:37:26 +09:00
a59cd3be82
Add int return value to nghttp2_on_frame_recv_callback
2013-08-29 21:33:52 +09:00
6387d18f23
nghttpx: Fix expect header field handling
2013-08-29 00:03:26 +09:00
400615ca35
nghttpd: Check disallowed headers
2013-08-28 03:14:19 +09:00
3544bfdbef
src: Move pure HTTP code from shrpx_http.cc to http2.cc
2013-08-28 02:47:22 +09:00
1f3b96e233
nghttpx: Rewrite header handling
2013-08-28 00:09:46 +09:00
89cd2ff479
nghttpx: Stream error if disallowed header field in HTTP2 is received
2013-08-26 01:25:31 +09:00
33743ab832
nghttpx: Remove banned header fields in HTTP2 request and response
2013-08-26 01:09:15 +09:00
4744e90054
nghttpd: Include status code only in :status header field
2013-08-26 00:58:06 +09:00
4fb1811d18
nghttpx: Include status code only in :status header field in HTTP2 response
2013-08-25 23:28:34 +09:00
5d7b7a1691
nghttpx: Stream error if mandatory HTTP/2 request header field is missing
2013-08-25 23:21:07 +09:00
556212a602
nghttpx: Replace \r\n in the header field to SPC in http downstream
2013-08-24 23:27:45 +09:00
e55abcd634
nghttpx: Fix stream hang when http2 downstream CONNECT failed
2013-08-24 01:43:05 +09:00
2764c55678
src: Code cleanup
2013-08-23 03:33:05 +09:00
5ae8605883
src: Use std::thread
2013-08-23 03:33:05 +09:00
47ee8e3c79
src: Code cleanup
2013-08-23 03:33:05 +09:00
0c9703fa2c
Remove NGHTTP2_FLAG_END_FLOW_CONTROL
2013-08-23 03:33:05 +09:00
c38c6cdd09
nghttpx: Fix bug writecb is nullptr for HTTP/1 connection
2013-08-23 03:32:26 +09:00
b2a34c2e5b
nghttpx: Fix bug content-length is removed
2013-08-23 02:49:21 +09:00
358d12a842
nghttpx: Fix bug CONNECT does not work
2013-08-22 21:28:27 +09:00
b8a01f5212
nghttpx: Require content-length in HTTP2 upstream if END_STREAM flag is not set
2013-08-21 01:19:16 +09:00
823bb6c35e
nghttpx: Require content-length in SPDY upstream if FIN flag is not set
2013-08-21 01:05:06 +09:00
4d51def65f
nghttpx: Limit read rate on upstream-end
2013-08-21 01:00:55 +09:00
aa9688b459
nghttpx: Fix possible multiple replies on HTTP2 and SPDY upstreams
2013-08-21 00:56:08 +09:00
ef6ccc0d74
Update .gitignore
2013-08-15 10:41:22 +09:00
3e1aad60b7
nghttp: Remove --no-tls option and detect TLS requirement using URI scheme
2013-08-12 22:33:51 +09:00
4fac4eb92d
nghttpx: HttpUpstream: Check required request headers strictly
...
If multiple required headers (e.g., :path) found, return HTTP 400
error.
Fix util::strieq(a,b,n) where boundary of b is not checked in the
loop.
2013-08-11 00:08:44 +09:00
989d613448
nghttpx: Save pid file after daemon() call
2013-08-10 18:55:18 +09:00
c36fcf1794
src: Print opaque_data_len of GOAWAY
2013-08-10 00:46:00 +09:00
02a7182ebd
src: Create strframetype to handle unknown frame types
2013-08-10 00:42:11 +09:00
47c1447030
src: Print SETTINGS string name
2013-08-10 00:37:57 +09:00
d194a31e4a
src: Use print_frame_hd from print_data_frame
2013-08-10 00:31:59 +09:00
19377fb3cd
Allow disabling auto WINDOW_UPDATE for connection and stream individually
...
Now NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE is split into 2 options:
NGHTTP2_OPT_NO_AUTO_STREAM_WINDOW_UPDATE and
NGHTTP2_OPT_NO_AUTO_CONNECTION_WINDOW_UPDATE.
This is preparation for the upcoming removal of END_FLOW_CONTROL
flag. For nghttpx, instead of using END_FLOW_CONTROL to disable
connection-level flow control, increase window size by large
enough value, which is friendly way to current chromium
implementation.
2013-08-09 01:23:39 +09:00
fafec1fdb8
nghttpx: Accept incoming bytes at least initial window size
2013-08-07 21:27:08 +09:00
7f71e83c52
nghttpd: Use 100 for MAX_CONCURRENT_STREAMS
2013-08-07 01:23:43 +09:00
07814be5b2
src: HttpServer: Remove unused member variable sfd_
2013-08-06 23:17:13 +09:00
2b71598bdf
src: Reorder AM_CPPFLAGS and AM_LDFLAGS
2013-08-06 21:24:34 +09:00
1b95e23bfb
Add ax_cxx_compile_stdcxx_11 to check C++11 availability and flags
2013-08-06 21:20:36 +09:00
168c5ac5b3
HttpServer: Code cleanup
2013-08-06 00:07:51 +09:00
fadbdbae0b
nghttp: Add -p option to specify stream priority
2013-08-04 18:55:26 +09:00
2a311b3102
src: Print flags in DATA
2013-08-04 18:44:11 +09:00
690349009d
nghttp: Call on_read() to process all data in buffer after upgrade succeeded
2013-08-04 18:43:10 +09:00
d4ade2d7d0
nghttpx: Return -1 if dconn_ is nullptr on push_upload_data_chunk
2013-08-03 23:45:28 +09:00
f613f68a13
src: Make window size - 1
...
To match the -w16 to 65535, which is HTTP/2.0 default initial window
size, decrement 1 from (1 << window_bits).
2013-08-03 19:53:07 +09:00
6bcfb99cc0
nghttpx: Update help messages
2013-08-03 19:19:04 +09:00
079f867d68
nghttp: Ignore -u if --no-tls is not given
2013-08-03 19:08:52 +09:00
d1bc3c89a7
nghttpx: Code cleanup
2013-08-03 19:04:44 +09:00
0150312022
nghttpx: Rename spdy_{upstream,downstream}_no_tls as {upstream,downstream}_no_tls
2013-08-03 19:01:57 +09:00
564e6b9ffc
nghttpx: Rename --{front,back}end-spdy-no-tls as --{front,back}end-no-tls
2013-08-03 18:58:14 +09:00
f620655d08
nghttp, nghttpx: Add HTTP Upgrade from HTTP/1.1 to HTTP/2.0
...
nghttpx does not perform upgrade if the request has request body.
2013-08-03 18:51:01 +09:00
5594f0ef0b
nghttpx: Preserve upgrade in Connection header field
2013-08-02 00:00:33 +09:00
8fd1953b21
app_helper: Show flags in hex
2013-08-01 21:42:16 +09:00
1bbcbd365c
shrpx: Cast uint8_t to uint32_t to print its decimal number
2013-08-01 20:33:04 +09:00
fec566aa23
src: Send out data in output buffer before HTTP2/SPDY session tear down
2013-08-01 20:31:29 +09:00
8cb92fc277
nghttpx: Handle error from Upstream::resume_read in upgrade code
2013-07-31 22:14:25 +09:00
924b1bd61a
Use unmodified http-parser
...
Handle HTTP Upgrade and CONNECT explicitly
2013-07-31 21:48:37 +09:00
ab56cd4ea3
nghttpx: Fix bug: end marker of chunked encoding is written twice
2013-07-30 21:46:00 +09:00
dc2ed7414c
src: Cleanup src builds
2013-07-28 19:50:02 +09:00
9f9c0cbcd1
nghttpd: Add -F and -f option to disable connection/stream level flow control
2013-07-28 19:29:11 +09:00
56db10cb5e
nghttp: Add -F and -f option to disable connection/stream level flow controls
2013-07-28 19:29:11 +09:00
60fe0337da
app_helper: Print PUSH_PROMISE
2013-07-27 22:37:09 +09:00
f7c0df1235
Remove :version from downstream HTTP/2.0 request
2013-07-27 18:57:33 +09:00
90b06e8572
nghttpx: Add HTTP/2.0 word in help message
2013-07-26 21:55:08 +09:00
1fca42ed2b
nghttpx: Remove :version from http2 connection
2013-07-26 21:47:53 +09:00
5ccf647df9
Rename shrpx as nghttpx superficially
2013-07-26 21:42:39 +09:00
86174f537a
shrpx: Send and receive client connection header
2013-07-26 21:35:14 +09:00
9b27160195
HttpServer: Fix left_connhd_len_ is not updated
2013-07-26 21:34:39 +09:00
32bd1425b4
shrpx: SPDY support in upstream connection
2013-07-26 20:12:55 +09:00
41b21f7938
fixup
2013-07-26 19:38:54 +09:00
18f450fd2a
Port shrpx to nghttp2 use
2013-07-26 19:33:25 +09:00
459a269049
Define HTTP/2.0 protocol version ID
2013-07-26 01:38:04 +09:00
3cc71a707e
Rename nghttp2_headers_category members
...
Add NGHTTP2_HCAT_PUSH_RESPONSE
2013-07-25 20:57:50 +09:00
cca1d19d3d
Fix WINDOW_UPDATE enum value
2013-07-23 02:08:32 +09:00
57401bfb8d
src: Print PRIORITY frame in print_frame()
2013-07-23 00:29:52 +09:00
42ff5b5c04
Rename nghttp2_ssl as app_helper
2013-07-22 22:12:54 +09:00
ec79d70bd0
Code cleanup
2013-07-22 22:08:52 +09:00
551ae72f3a
Remove spdyd and spdycat
2013-07-22 22:06:31 +09:00
9e9a7fb160
Add nghttpd and 24 bytes client connection header support
2013-07-22 21:56:19 +09:00
6bc7e7bd0b
Add nghttp client backed by libevent
2013-07-22 00:01:33 +09:00
94258cd0b8
Move NGHTTP2_PRI_* to nghttp2.h, fix too small pri data type in src
2013-07-20 01:59:43 +09:00
61bf7c6b02
Integrate new header compression
2013-07-20 00:08:14 +09:00
257bc1c924
print_frame: Show pri only when NGHTTP2_FLAG_PRIORITY flag set
2013-07-17 01:13:58 +09:00
307e13375d
spdycat: Set on_data_send_callback
2013-07-17 01:10:50 +09:00
3ed5c78a2c
Remove unnecessary indent in DATA frame line
2013-07-16 20:54:01 +09:00
68c072485c
Remove :version existence check in spdyd
2013-07-16 20:53:29 +09:00
24cab312cf
Make spdycat and spdyd barely work
2013-07-16 00:15:04 +09:00
39e0b06bfc
Comment out shrpx build in Makefile for now
2013-07-13 00:45:42 +09:00
0edce70343
Rebranding nghttp2
2013-07-13 00:43:06 +09:00
7b59a11480
shrpx: Create default SSL context once
2013-06-21 23:17:46 +09:00
d1b9af0268
shrpx: Fix usage doc
2013-06-09 23:09:49 +09:00
e91b386422
src: Add SRC_LIBS to shrpx_unittest_LDFLAGS
2013-05-03 22:15:07 +09:00
c02fefe063
spdylay_ssl.cc: Cast tv.tv_sec to long int to pass printf
2013-05-03 22:14:16 +09:00
aa13b9b980
Drop priveleges only after listening on possibly priveleged port
2013-04-19 07:58:58 -04:00
7dfa559bc4
Add --honor-cipher-order option to mitigate BEAST attacks
2013-04-18 14:25:48 -04:00
4c238c5b36
fix building on mac os x. "error: invalid suffix on literal; C++11 requires a space between literal and identifier"
2013-04-17 14:33:55 +08:00
34e119fde2
shrpx: Remove useless backend spdy version check
...
It is unnecessary because spdy version at this point is always valid.
2013-03-29 22:16:50 +09:00
a9f475fb88
spdycat, shrpx: TLS SNI enhancements
...
shrpx:
* Added an option to set the TLS SNI extension between shrpx and the
origin on the command line
spdycat:
* If the user set an explicit host header ( using --headers ) use that
name for the TLS SNI extension.
* Added the handshake completion time to the verbose output
* The gettimeofday call in get_time was using the incorrect structure
( I believe )
* In update_html_parser it was submitting the request regardless of
the return value of add_request.
Patch from Stephen Ludin
2013-03-29 22:06:33 +09:00
bdade00e68
cygwin build fix
2013-03-28 01:25:42 +09:00
7d709fa3ff
shrpx: Support non-TLS SPDY in frontend connection
2013-03-24 21:03:39 +09:00
7264966bb5
shrpx: Check get_request_state() == MSG_COMPLETE when body is empty
2013-03-08 01:50:46 +09:00
4461cb24ed
shrpx: Fix assertion failure in SpdyDownstreamConnection::attach_stream_data
2013-03-07 21:32:10 +09:00
add067ed7e
Provide timegm replacement and android build fix
2013-03-07 21:17:55 +09:00
eddd48b783
shrpx: Don't issue RST_STREAM on downstream tunnel connection EOF
...
The RST_STREAM will be issued in spdy_data_read_callback.
2013-03-01 20:43:35 +09:00
2d23ae3741
shrpx: Fix missing delete
2013-03-01 00:07:00 +09:00
cf1cfca51f
shrpx: Fix not send RST_STREAM when downstream gets valid EOF
2013-03-01 00:05:57 +09:00
da36fc3953
shrpx: Fix WINDOW_UPDATE may block until SpdyUpstream::send()
...
spdy_data_read_callback in SpdyDownstreamConnection calls
SpdyUpstream::resume_read() which submits WINDOW_UPDATE, but after
that they are not call SpdyUpstream::send(). This means that if no
pending outgoing data in upstream, then WINDOW_UPDATE is blocked until
SpdyUpstream::send() from somewhere. This change adds
SpdyUpstream::send() to resume_read() so that WINDOW_UPDATE is not
blocked.
2013-02-27 22:55:44 +09:00
7b3f57cef8
shrpx: Fix blocking upstream RST_STREAM and propagate REFUSED_STREAM
...
This change fixes upstream RST_STREAM is blocked until
SpdyUpstream::send() is called. Now downstream REFUSED_STREAM is
propagated to upstream client so that client can reset request. The
RST_STREAM error code when downstream went wrong is changed from
CANCEL to INTERNAL_ERROR.
2013-02-27 22:39:44 +09:00
dbb0df5c5b
Remove strerror(3) from code which may run in multi-thread
2013-02-25 22:43:44 +09:00
c487d152b2
shrpx: Add non-TLS SPDY backend connection support
...
Use --backend-spdy-no-tls to disable TLS on backend SPDY connection.
The SPDY protocol used there must be configured by
--backend-spdy-proto option.
2013-02-22 22:54:54 +09:00
fc26f08af2
shrpx: Fix Proxy-Authorization is alwasy sent even if userinfo is empty
...
Surprisingly, field_set & UF_USERINFO is nonzero even if userinfo
component is empty string.
2013-02-22 21:23:59 +09:00
78523c6701
shrpx: Fix backend SPDY connection does not go through proxy
2013-02-22 19:30:15 +09:00
64fcac48b7
shrpx: Fix bug in building certificate lookup tree
2013-02-16 17:51:38 +09:00
c8167234fa
shrpx: Fix bug in certificate lookup
2013-02-16 02:33:16 +09:00
abe5fd1e39
spdycat: Fix -d option in usage
2013-02-14 21:25:46 +09:00
54d5dda6c4
spdycat: Add --multiply option
2013-02-14 21:24:57 +09:00
3d2ef18afb
spdycat: Fix error handling of spdylay_gzip_inflate()
2013-02-14 21:12:16 +09:00
291cbc639b
shrpx: Use patricia trie for cert lookup
2013-02-14 00:28:55 +09:00
e322af8a6f
src: Add missing base64.h
2013-02-11 21:49:04 +09:00
e28f169228
shrpx: More backend EOF handling
...
Now we set Downstream::set_response_connection_close(true) for
tunneled connections. Also call
Upstream::on_downstream_body_complete() callback when setting
MSG_COMPLETE in SpdySession when RST_STREAM is caught. Clean up EOF
handling in https_downstream_readcb.
2013-02-11 17:20:52 +09:00
d830e099a6
shrpx: Send pending response data before RST_STREAM in tunnel connection
2013-02-11 02:05:11 +09:00
734d7bced8
shrpx: Handle downstream response_state == MSG_RESET case in SPDY upstream
2013-02-09 23:20:29 +09:00
8b6fbbf3a6
shrpx: Update --backend-http-proxy-uri usage
2013-02-09 19:08:02 +09:00
39df51188c
shrpx: Log stream ID when submitting RST_STREAM to downstream
2013-02-09 17:56:44 +09:00
ceba5539a1
shrpx: Fix client mode does not work
2013-02-09 17:45:57 +09:00
18dc6384d4
shrpx: Remove x-forwarded-proto header from SPDY downstream
...
SPDY frame has :scheme header field, so x-forwarded-proto is not
necessary.
2013-02-09 17:22:33 +09:00
b43b31c362
shrpx: Remove x-forwarded-spdy header field
2013-02-09 17:21:46 +09:00
4876412f7d
shrpx: Check return value of HttpsUpstream::resume_read()
...
Currently, resume_read() fails if on_read() returns -1 in case that
evbuffer_add failed, which means, most likely, memory allocation
failure. ClientHandler is marked "should be closed", but if
evbuffer_add is failed, write callback will not be invoked and its
marking is not evaluated. It will eventually be deleted when the
client is disconnected or backend failure though.
2013-02-09 17:03:03 +09:00
99b687ceca
shrpx: Documented --spdy-bridge
2013-02-09 16:55:49 +09:00
cb8b8050b5
shprx: Add --backend-http-proxy-uri option
...
Specify proxy URI in the form http://[USER:PASS]PROXY:PORT . USER and
PASS are optional and if they exist they must be properly
percent-encoded. This proxy is used when the backend connection is
SPDY. First, make a CONNECT request to the proxy and it connects to
the backend on behalf of shrpx. This forms tunnel. After that, shrpx
performs SSL/TLS handshake with the downstream through the tunnel. The
timeouts when connecting and making CONNECT request can be specified
by --backend-read-timeout and --backend-write-timeout options.
2013-02-09 16:55:39 +09:00
9ba19df813
shrpx: Add --spdy-bridge option
...
With --spdy-bridge option, it listens SPDY/HTTPS connections from
front end and forwards them to the backend in SPDY. The usage will be
written later. This change fixes the crash when more than 2
outstanding SpdyDownstreamConnection objects are added to SpdySession
and establishing connection to SPDY backend is failed.
2013-02-08 21:46:58 +09:00
8925c58d71
shrpx: Send RST_STREAM when downstream becomes stale
2013-02-08 00:22:22 +09:00
9b4245368a
shrpx: Refactor spdy downstream header field handling
2013-02-07 21:53:20 +09:00
c707125839
shrpx: Explicitly hold server SSL_CTX and client SSL_CTX
2013-02-07 21:13:36 +09:00
b18af854af
shrpx: Add --subcert option to add additional certificate/private key
...
This option specifies additional certificate and private key
file. Shrpx will choose certificates based on the hostname indicated
by client using TLS SNI extension. This option can be used multiple
times.
2013-02-06 23:41:28 +09:00
e3401b0159
shrpx: Lowercase x-forwarded-proto
2013-02-01 23:36:08 +09:00
ae0533334c
shrpx: Relay Connection: upgrade header field for HTTP/1.1 connections
2013-02-01 23:30:12 +09:00
Tatsuhiro Tsujikawa
moparisthebest
snnn