Tatsuhiro Tsujikawa
1cc08c0a51
nghttpx: Show warning if PSK options are used but not supported
2017-01-26 20:34:58 +09:00
Bernard Spil
16be89f9cc
nghttpx: Don't build PSK features with LibreSSL
...
LibreSSL removed PSK
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2017-01-26 20:21:55 +09:00
Tatsuhiro Tsujikawa
b72c5f104e
h2load: Fix wrong req_stat updates
2017-01-26 00:26:35 +09:00
Tatsuhiro Tsujikawa
7e6eb7e02a
h2load: Explicitly count the number of requests left and inflight
2017-01-26 00:16:12 +09:00
Tatsuhiro Tsujikawa
ba9f2c3ae2
Compile with Android NDK r13b using clang
2017-01-23 00:32:51 +09:00
Tatsuhiro Tsujikawa
5311185333
nghttpx: Define the maximum number of digits in uint64_t
2017-01-22 22:33:52 +09:00
Tatsuhiro Tsujikawa
2fc2a27ac1
nghttpx: Use char instead of char[] if possible
2017-01-22 22:28:14 +09:00
Tatsuhiro Tsujikawa
db938afd66
nghttpx: Increase default backlog
2017-01-20 23:06:24 +09:00
Tatsuhiro Tsujikawa
89ddc47616
nghttpx: More constexpr
2017-01-20 23:04:48 +09:00
Tatsuhiro Tsujikawa
3176e872b3
nghttpx: Efficient access.log writer
...
Write integer to log buffer directly to improve efficiency. Remove
unused function templates. Use [first, last) style arguments for
copy() function templates.
2017-01-20 22:42:41 +09:00
Tatsuhiro Tsujikawa
16206d5f67
nghttp: Use std::unique_ptr for html_parser
2017-01-18 00:34:39 +09:00
Tatsuhiro Tsujikawa
0f33749790
nghttp: Take into account scheme and port when parsing HTML links
...
Previously, when parsing HTML links, we only take into account
overridden host. But we actually need more variables to consider. In
this commit, we take into account overridden scheme, host, and port to
parse HTML links.
2017-01-18 00:29:51 +09:00
Tatsuhiro Tsujikawa
5e7e4c0cc0
nghttp: config.headers should be inspected rather than req->req_nva
2017-01-17 23:00:37 +09:00
Benedikt Christoph Wolters
8f513fceca
Fix authority for --get-assets if IP adress is used in conjunction with user-defined :authority header
2017-01-17 21:14:36 +09:00
Tatsuhiro Tsujikawa
685e926494
nghttpx: Add --accesslog-write-early option
...
--accesslog-write-early option is analogous to HAProxy's logasap. If
used, nghttpx writes access log when response header fields are
received from backend rather than when request transaction finishes.
2017-01-13 22:12:21 +09:00
Tatsuhiro Tsujikawa
a2afd393ed
nghttpx: Remove field from LogSpec which can be got from Downstream
2017-01-11 22:30:12 +09:00
Tatsuhiro Tsujikawa
33aa327ef5
nghttpx: Fix access.log timestamp
...
access.log timestamp is now when request header fields are received,
rather than when access log is written.
2017-01-11 20:47:17 +09:00
Tatsuhiro Tsujikawa
9067ff5eee
nghttp: Use nghttp2::ssl::DEFAULT_CIPHER_LIST
2017-01-09 23:50:38 +09:00
Tatsuhiro Tsujikawa
efeede4192
nghttpx: Fix typo
2017-01-09 23:49:10 +09:00
Tatsuhiro Tsujikawa
6a8749873f
nghttpx: Add detailed TLS connection logging
2017-01-09 23:32:35 +09:00
Tatsuhiro Tsujikawa
9b574a5a76
nghttpx: Fix typo
2017-01-09 22:19:19 +09:00
Tatsuhiro Tsujikawa
0567f1f038
Add constexpr to StringRef(const CharT *, size_t)
2017-01-09 21:15:53 +09:00
Tatsuhiro Tsujikawa
4be5de1163
src: Move log related functions from util.cc to shrpx_log.cc
2017-01-09 19:34:40 +09:00
Tatsuhiro Tsujikawa
9db1c9467c
src: Add constexpr to long_options
2017-01-09 19:28:00 +09:00
Tatsuhiro Tsujikawa
3444b42d44
src: Add more constexpr
2017-01-09 17:17:48 +09:00
Tatsuhiro Tsujikawa
6595ae26ea
src: Add constexpr to const objects
2017-01-09 17:11:37 +09:00
Tatsuhiro Tsujikawa
7e1a0d204b
h2load: Show default cipher list in -h
2017-01-09 14:47:32 +09:00
Tatsuhiro Tsujikawa
cbca2e35b5
nghttpx: Show default cipher list in -h
2017-01-09 14:43:13 +09:00
Tatsuhiro Tsujikawa
fc9bdf024f
src: Make DEFAULT_CIPHER_LIST constexpr char[]
2017-01-09 14:42:40 +09:00
Tatsuhiro Tsujikawa
4fa150c494
nghttpx: Use Memchunk based read buffer for frontend connection
...
Previously, we have dedicated read buffer for each frontend
connection. With this commit, the buffer spaces are only used when
needed, and pooled if they are not used. This reduces memory usage
for idle client connections.
2017-01-08 23:20:14 +09:00
Tatsuhiro Tsujikawa
e8b2508036
nghttpx: Rename confusing names in HttpDownstreamConnection
2017-01-08 23:09:00 +09:00
Tatsuhiro Tsujikawa
ac399e41ac
nghttpx: Update doc
...
Mention client-ciphers, and no-http2-cipher-black-list options in
psk-secrets and client-psk-secrets options.
2017-01-08 23:04:07 +09:00
Tatsuhiro Tsujikawa
9c7e54d9b5
nghttpx: Add client-ciphers option
...
Previously, ciphers option sets cipher list for both frontend and
backend TLS connections. With this commit, ciphers option only sets
cipher list for frontend connections. The new client-ciphers option
sets cipher list for backend connection.
2017-01-08 22:40:58 +09:00
Tatsuhiro Tsujikawa
3c03024881
nghttpx: Add client-no-http2-cipher-black-list option
...
This commit adds client-no-http2-cipher-black-list option to disable
enforcement of HTTP/2 cipher black list on backend HTTP/2 connection.
Previously, existing no-http2-cipher-black-list option disables it for
both frontend and backend connections. Now no-http2-cipher-black-list
option only disables it for frontend connection.
2017-01-08 22:33:19 +09:00
Tatsuhiro Tsujikawa
36dfc0a56a
nghttpx: Reorganize client side TLS configuration
2017-01-08 22:25:30 +09:00
Tatsuhiro Tsujikawa
55bf6cdb15
Merge branch 'nghttpx-psk'
2017-01-08 21:10:07 +09:00
Tatsuhiro Tsujikawa
0abc220013
nghttpx: Fix the bug that no-http2-cipher-black-list does not work
...
Because of the redundant check in backend HTTP/2 session,
no-http2-cipher-black-list does not work on backend HTTP/2 connection.
This commit fixes it.
2017-01-08 19:43:24 +09:00
Tatsuhiro Tsujikawa
c28900990a
h2load: Show custom server temp key such as X25519
2017-01-08 17:58:19 +09:00
Tatsuhiro Tsujikawa
5108193d7b
h2load: Fix incorrect return value from spdylay_send_callback
2017-01-08 17:32:35 +09:00
Tatsuhiro Tsujikawa
79a24f5dd9
nghttpx: Add --client-psk-secret option to enable PSK in backend
2017-01-08 00:35:55 +09:00
Tatsuhiro Tsujikawa
83c759572c
nghttpx: Add --psk-secret option to enable PSK in frontend connection
2017-01-08 00:35:54 +09:00
Tatsuhiro Tsujikawa
1a07fb000b
nghttpx: Enable SCT with OpenSSL 1.1.0
2017-01-06 21:29:04 +09:00
Tatsuhiro Tsujikawa
b064d8a9ff
Merge branch 'nghttpx-fronend-proxyproto'
2017-01-03 17:28:20 +09:00
Tatsuhiro Tsujikawa
c6827a7dac
nghttpx: Fix assertion error in libev ev_io_start
2017-01-03 16:43:49 +09:00
Tatsuhiro Tsujikawa
55ecb082ee
nghttpx: Handle c-ares success without result
2017-01-03 14:35:05 +09:00
Tatsuhiro Tsujikawa
b313386988
nghttpx: Add proxyproto to frontend option to accept PROXY protocol
...
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible. To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa
3933280d29
src: Fix assertion error with boringssl
...
boringssl says:
/* It is an error to clear any bits that have already been set. (We can't try
* to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
2017-01-02 11:48:38 +09:00
Tatsuhiro Tsujikawa
d1ba43a69f
nghttpx: Fix bug that DNS timeout was erroneously disabled
2016-12-30 11:09:02 +09:00
Tatsuhiro Tsujikawa
a0779edec4
nghttpx: Fix bug that DNS timeout was ignored
2016-12-30 11:08:26 +09:00
Tatsuhiro Tsujikawa
25df164219
nghttpx: Don't write again after failure
...
Plain write(2) is OK, but SSL_write requires same arguments on retry.
It would be better to avoid calling them again.
2016-12-26 00:35:38 +09:00