NPN has been superseeded by ALPN. OpenSSL provides a configure
option to disable npn (no-npn) which results in an OpenSSL
installation that defines OPENSSL_NO_NEXTPROTONEG in opensslconf.h
The #ifdef's look safe here (as the next_proto is initialized as
nullptr). Alteratively, macros could be defined for the used npn
methods that return a 0 for next_proto.
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
If OpenSSL supports TLSv1.3, enable it by default for all applications
under src. BoringSSL can work at the moment although it does not
unlock all the features nghttpx offers. OpenSSL's TLSv1.3 support is
still WIP at the time of writing.
Previously, when parsing HTML links, we only take into account
overridden host. But we actually need more variables to consider. In
this commit, we take into account overridden scheme, host, and port to
parse HTML links.
boringssl says:
/* It is an error to clear any bits that have already been set. (We can't try
* to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
The N-th -p options sets N-th URI's weight. If the number of -p is
less than the number of URIs, the last -p value is repeated. If no -p
is set, use default weight, 16.
The ContinueTimer could expire before the full HEADERS frame was
actually sent. By moving the call to timer->start() to the
on_frame_send_callback(), this race is fixed.
If a 100 Continue interim response was received after the continue
timeout was reached, dispatch_continue() would force a double submission
of DATA frames. This patch prevents dispatch_continue() from doing
anything if the timer callback has already been invoked. This makes
ContinueTimer a single-shot mechanism, as originally intended.
To deal with servers that don't conform to RFC 7231 (or, potentially,
connections with a large round-trip time), don't wait forever for a 100
Continue status to come back. Currently, the timeout is hard-coded to
one second.
A ContinueTimer encapsulates the handshake timeout logic for a single
request. Somewhat counterintuitively, ContinueTimers are owned by the
HttpClient instead of the Request object, because their lifetime must be
bound to the life of the connection (which is owned by the HttpClient
and not the Requests). A Request is associated with its corresponding
ContinueTimer through a std::weak_ptr.