Tatsuhiro Tsujikawa
e763770f3e
nghttpx: Add option to specify maximum number of session cache
2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa
bb4e2f6a24
nghttpx: Add TLS support for HTTP/1 backend
2016-02-07 17:43:30 +09:00
Tatsuhiro Tsujikawa
ee07694783
nghttpx: Add request-header-field-buffer and max-request-header-fields options
...
This commit adds request-header-field-buffer and
max-request-header-fields, and deprecates header-field-buffer and
max-header-fields options.
2016-02-06 17:22:23 +09:00
Tatsuhiro Tsujikawa
8741503db1
nghttpx: Add --no-http2-cipher-black-list to allow black listed cipher suite
2016-02-06 17:05:14 +09:00
Tatsuhiro Tsujikawa
eec409dba7
nghttpx: Limit header fields from backend
2016-02-06 12:27:01 +09:00
Tatsuhiro Tsujikawa
aa07fe7fa6
nghttpx: Support multiple frontend addresses
...
This commit allows nghttpx to listen to multiple address and port pair
by specifying -f option multiple times.
2016-02-01 23:10:29 +09:00
Tatsuhiro Tsujikawa
5a3ca7e700
nghttpx: Disallow user defined static obfuscated string for "for" parameter
2016-01-21 21:05:07 +09:00
Tatsuhiro Tsujikawa
9ac3e643d8
Revert "nghttpx: Add --curves option to specify supported elliptic curves"
...
This reverts commit e278893b64
.
SSL_CONF_CTX functions are not working correctly with OpenSSL 1.0.2.
It requires 1.1.0 to make it work.
2016-01-21 19:50:38 +09:00
Tatsuhiro Tsujikawa
e278893b64
nghttpx: Add --curves option to specify supported elliptic curves
2016-01-21 18:23:13 +09:00
Tatsuhiro Tsujikawa
db8de490a0
nghttpx: Omit Forwarded for and by parameter if UNIX domain socket is used
2016-01-19 23:26:04 +09:00
Tatsuhiro Tsujikawa
0402481be4
nghttpx: Organize connection related configuration into struct
2016-01-19 16:56:12 +09:00
Tatsuhiro Tsujikawa
35feae3b0c
nghttpx: Group up logging related options
2016-01-18 17:26:27 +09:00
Tatsuhiro Tsujikawa
16549bb276
nghttpx: Structured configurations for http and http2
2016-01-18 17:00:20 +09:00
Tatsuhiro Tsujikawa
f3e1dc7a4f
nghttpx: Structured TLS related configurations
2016-01-18 14:21:09 +09:00
Tatsuhiro Tsujikawa
b12af8c410
nghttpx: Refactor backend proxy configuration
2016-01-17 22:51:40 +09:00
Tatsuhiro Tsujikawa
ee43250015
nghttpx: Remove useless comment
2016-01-17 22:26:13 +09:00
Tatsuhiro Tsujikawa
4f07db8bcb
src: Rename our new string classes
2016-01-17 11:33:45 +09:00
Tatsuhiro Tsujikawa
d16ff1f519
nghttpx: Use StringAdaptor for Config::server_name
2016-01-17 01:15:11 +09:00
Tatsuhiro Tsujikawa
2c7ed01f0c
nghttpx: Use std::string for Downstream::backend_tls_sni_name
2016-01-17 01:00:15 +09:00
Tatsuhiro Tsujikawa
34d5382d66
nghttpx: Use VString for DownstreamAddr::host and hostport to remember size
2016-01-17 00:52:41 +09:00
Tatsuhiro Tsujikawa
d678c07ddf
nghttpx: Allow user to specify static obfuscated value via command-line
2016-01-16 11:32:26 +09:00
Tatsuhiro Tsujikawa
5c3f74b424
nghttpx: Add RFC 7239 Forwarded header field support
2016-01-16 11:32:14 +09:00
Lucas Pardue
dcc9aaaa24
Add TLS dynamic record size behaviour command line options
2015-10-22 14:07:18 +00:00
Tatsuhiro Tsujikawa
f1eb7638d1
nghttpx: Change mruby script handling
...
This commit changes nghttpx's mruby script handling. Previously we
have 2 options to specify the mruby script file to be run on request
and on response. Now they are merged into 1 option, namely
--mruby-file. It now must return object. On request, the object's
on_req(env) method is invoked with env object. Similarly, on
response, the object's on_resp(env) method is invoked. The
specification of Env object has not changed.
2015-10-08 23:32:15 +09:00
Peeyush Aggarwal
349f3e2c7b
Added support for RFC 7413 (TCP Fast Open) on nghttpx proxy listening connections.
...
Fixed code as per PR comments
2015-10-05 13:40:45 -07:00
Tatsuhiro Tsujikawa
8acf9a2802
nghttpx: Trie based routing
2015-09-26 22:19:10 +09:00
Tatsuhiro Tsujikawa
ce1b11e3a0
nghttpx: Split monolithic one process into control and worker processes
...
The control process handles signals, reads configuration, reads
private keys, and bind port (which may be privileged one). It never
drop privileges, so that it can execute new binary with the same
privilege. It forks worker process. The worker process handles all
incoming connections. It drops privilege.
2015-09-18 23:28:26 +09:00
Lucas Pardue
ec47dfb9b8
Initial HTTP/1.1 capability. Add npn-list option to h2load. Make NPN/ALPN more runtime dependent
2015-09-17 14:49:27 +00:00
Tatsuhiro Tsujikawa
ce53bd239e
nghttpx: Implement PROXY protocol version 1
...
Use --accept-proxy-protocol to enable PROXY protocol handling
2015-09-06 21:30:19 +09:00
Tatsuhiro Tsujikawa
d722a09581
nghttpx: Rename mruby script options
2015-09-04 01:19:57 +09:00
Tatsuhiro Tsujikawa
baadec5ef4
nghttpx: Add response mruby hook
2015-09-03 01:33:52 +09:00
Tatsuhiro Tsujikawa
1508c50a45
nghttpx: Add basic infrastructure for mruby support
2015-09-02 02:45:15 +09:00
Tatsuhiro Tsujikawa
a1288a5826
nghttpx: Rename --tls-ticket-cipher as --tls-ticket-key-cipher
2015-07-28 23:49:37 +09:00
Tatsuhiro Tsujikawa
a6fdca730d
nghttpx: Add options to set maximum retry and failure when getting ticket keys
2015-07-28 01:17:29 +09:00
Tatsuhiro Tsujikawa
4949dd4888
nghttpx: Add --tls-ticket-key-memcached-interval option
2015-07-28 01:02:33 +09:00
Tatsuhiro Tsujikawa
2f2a300e83
nghttpx: Add TLS ticket key sharing among nghttpx instances using memcached
2015-07-28 00:54:44 +09:00
Tatsuhiro Tsujikawa
e3cdfd12ea
nghttpx: Use std::array for TicketKey
2015-07-27 02:12:07 +09:00
Tatsuhiro Tsujikawa
cd25c6846e
nghttpx: Create struct Address which holds struct sockaddr_union and length
2015-07-27 01:41:10 +09:00
Tatsuhiro Tsujikawa
90b4b48c7e
nghttpx: Add shared session cache using memcached
2015-07-26 23:33:06 +09:00
Tatsuhiro Tsujikawa
adec2c06bf
nghttpx: Set SSL/TLS session timeout to 12 hours
2015-07-24 23:59:19 +09:00
Tatsuhiro Tsujikawa
cab6c7871c
nghttpx: Don't rewrite host header field by default
...
In reverse proxy usage, backend server most likely wants to see the
original header field. So this commit turns off host header rewrite
by default. --no-host-rewrite option is deprecated, and if it is
used, warning message is displayed. --host-rewrite option is added to
enable host rewrite.
2015-07-23 23:54:56 +09:00
Tatsuhiro Tsujikawa
0ec1b98f27
nghttpx: Reorder config fields
2015-07-20 23:15:01 +09:00
Tatsuhiro Tsujikawa
a8574fdef2
nghttpx: Use Use std::string instead of std::unique_ptr<char[]> for tls config
2015-07-20 23:15:01 +09:00
Tatsuhiro Tsujikawa
dd8ce1e9d2
nghttpx: Use std::unique_ptr<char[]> instead of raw char pointer
2015-07-20 21:37:23 +09:00
Tatsuhiro Tsujikawa
e8167ceea7
nghttpx: Add AES-256-CBC encryption for TLS session ticket
2015-07-18 02:02:33 +09:00
Tatsuhiro Tsujikawa
0a6877d091
nghttpx: Supply template version strcopy
2015-07-14 22:40:33 +09:00
Tatsuhiro Tsujikawa
fb7775e382
nghttpx: Detect loop in --include paths
2015-07-13 21:44:06 +09:00
Tatsuhiro Tsujikawa
3097547491
nghttpx: Add --include option to read additional configuration from given file
2015-07-12 23:18:36 +09:00
Tatsuhiro Tsujikawa
3119fc259c
Select backend based on request host and path by extending -b option
...
-b option syntax is now <HOST>,<PORT>[;<PATTERN>[:...]]. The optional
<PATTERN>s specify the request host and path it is used for. The
<PATTERN> can contain path, host + path or host. The matching rule is
closely designed to ServeMux in Go programming language.
2015-07-11 00:15:52 +09:00
Tatsuhiro Tsujikawa
00efa86fb6
nghttpx: Add --add-request-header option
2015-06-05 23:04:20 +09:00