Commit Graph

1060 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa f2a498e3c4 Disallow upper-cased header field name 2015-02-24 18:45:59 +09:00
Tatsuhiro Tsujikawa 814c7e68e0 Ignore regular headers if it includes illegal characters.
This commit only affects the library behaviour unless
nghttp2_option_set_no_http_messaging() is used.

We like strict validation against header field name and value against
RFC 7230, but we have already so much web sites and libraries in
public internet which do not obey these rules.  Simply just
terminating stream because of this may break web sites and it is too
disruptive.  So we decided that we should be conservative here so
those header fields containing illegal characters are just ignored.
But we are conservative only for regular headers.  We are strict for
pseudo headers since it is new to HTTP/2 and new implementations
should know the rules better.
2015-02-22 23:13:27 +09:00
Tatsuhiro Tsujikawa 4430b06c71 Add parentheses around macro parameters 2015-02-22 17:43:14 +09:00
Tatsuhiro Tsujikawa 20a689ef44 Update doc 2015-02-21 16:53:41 +09:00
Tatsuhiro Tsujikawa 2fc1dd77d2 Update doc 2015-02-20 23:30:57 +09:00
Tatsuhiro Tsujikawa e45c523dc7 Add nghttp2_option_set_no_http_messaging() API function
This API function with nonzero |val| parameter disables HTTP Messaging
validation in nghttp2 library, so that application can use nghttp2
library for non-HTTP use.
2015-02-20 23:26:56 +09:00
Tatsuhiro Tsujikawa b3846d6c27 Rename NGHTTP2_OPTMASK_NO_HTTP_SEMANTICS with NGHTTP2_OPTMASK_NO_HTTP_MESSAGING 2015-02-20 23:07:48 +09:00
Tatsuhiro Tsujikawa b39aa43537 Use C-style comment 2015-02-20 21:49:47 +09:00
Tatsuhiro Tsujikawa 83952ef0af Insert '_' before header name nghttp2_http_flag to consistent with token 2015-02-20 19:30:34 +09:00
Tatsuhiro Tsujikawa 3dbd2d31bd Early return after :method is seen 2015-02-20 19:26:34 +09:00
Tatsuhiro Tsujikawa b157d4ebb2 Validate HTTP semantics by default
Previously we did not check HTTP semantics and it is left out for
application.  Although checking is relatively easy, but they are
scattered and error prone.  We have implemented these checks in our
applications and also feel they are tedious.  To make application
development a bit easier, this commit adds basic HTTP semantics
validation to library code.  We do following checks:

server:

* HEADERS is either request header or trailer header.  Other type of
header is disallowed.

client:

* HEADERS is either zero or more non-final response header or final
  response header or trailer header.  Other type of header is
  disallowed.

For both:

* Check mandatory pseudo header fields.
* Make sure that content-length matches the amount of DATA we
  received.

If validation fails, RST_STREAM of type PROTOCOL_ERROR is issued.
2015-02-20 01:01:10 +09:00
Tatsuhiro Tsujikawa 9c30211da9 Ignore all incoming bytes when first SETTINGS is not received 2015-02-15 01:20:10 +09:00
Tatsuhiro Tsujikawa 442572c1f4 Handle situation where request HEADERS in queue is reset by RST_STREAM
Previously we did not handle the situation where RST_STREAM is
submitted against a stream while requet HEADERS which opens that
stream is still in queue.  Due to max concurrent streams limit,
RST_STREAM is sent first, and then request HEADERS, which effectively
voids RST_STREAM.

In this commit, we checks RST_STREAM against currently pending request
HEADERS in queue and if stream ID matches, we mark that HEADERS as
canceled and RST_STREAM is not sent in this case.  The library will
call on_frame_not_sent_callback for the canceled HEADERS with error
code from RST_STREAM.
2015-02-13 23:48:16 +09:00
Tatsuhiro Tsujikawa a473641e3f Update doc 2015-02-12 23:54:38 +09:00
Tatsuhiro Tsujikawa 0bdacd3e77 Code cleanup 2015-02-12 23:02:17 +09:00
Tatsuhiro Tsujikawa 57a50f981b Refactor session_prep_frame to eliminate framerv 2015-02-12 22:58:43 +09:00
Tatsuhiro Tsujikawa eb94603c51 Make nghttp2_session_get_stream_user_data work inside nghttp2_on_frame_not_send_callback 2015-02-12 22:41:57 +09:00
Tatsuhiro Tsujikawa 354de30874 Make default min frame payload size to 16K
Previously we use 16K - 9 bytes (frame header) as frame payload size
so that whole frame fits in 1 TLS record size (16K).  But it turns out
that in proxy use case, we will receive 16K payload from backend and
we have to split it into 2 odd looking frames (16K - 9 and 9), and
latter is highly inefficient.  To avoid this situation, we decided to
use min frame payload size to 16K.  Since we operates on TLS as stream
of data, we are not so much restricted in its record size.
2015-02-12 00:09:18 +09:00
Tatsuhiro Tsujikawa eec8870ac1 Fix bug that client may send PROTOCOL_ERROR upon canceled push stream
Previously we treat stream in NGHTTP2_STREAM_RESERVED state specially,
that is we don't increment or decrement streams counts if stream is in
that state.  Because of this, we don't change the stream state to
NGHTTP2_STREAM_CLOSING if stream is in NGHTTP2_STREAM_RESERVED.  But
it turns out that it causes a problem.  If client canceled pushed
stream before push response HEADERS, stream is still in
NGHTTP2_STREAM_RESERVED state.  If push response HEADERS arrived in
this state, library happily accepts it and passed to application.

With this commit, this bug was corrected.  We now change stream state
to NGHTTP2_STREAM_CLOSING even if it was in NGHTTP2_STREAM_RESERVED
state.  We now use NGHTTP2_STREAM_FLAG_PUSH to determine whether we
have to increase/decrase stream count.
2015-02-09 22:23:20 +09:00
Tatsuhiro Tsujikawa 33879219ff Refactor ALPN/NPN protocol selection and introduce NGHTTP2_PROTO_ALPN macro 2015-02-06 22:35:30 +09:00
Tatsuhiro Tsujikawa f93a2b71a1 Treat first SETTINGS bearing ACK as connection error 2015-02-06 01:22:41 +09:00
Tatsuhiro Tsujikawa 208abd8cc5 Fix debug output 2015-02-06 01:18:23 +09:00
Tatsuhiro Tsujikawa e2bbc94616 Use NGHTTP2_PROTOCOL_ERROR when peer exceeds MAX_CONCURRENT_STREAMS limit
Kudos to h2spec to find this details
2015-02-02 00:14:17 +09:00
Tatsuhiro Tsujikawa bbc34904c1 Workaround stream treated inferior when it hits connection window limit 2015-01-31 15:49:10 +09:00
Tatsuhiro Tsujikawa b685747643 Add nghttp2_submit_shutdown_notice() to start graceful shutdown
nghttp2_submit_shutdown_notice() is used to notify the client that
graceful shutdown is started.  We expect that after this call, the
server application should send another GOAWAY using
nghttp2_submit_goaway() with appropriate last_stream_id.  In this
commit, we also added nghttp2_session_get_last_proc_stream_id(), which
can be used as last_stream_id parameter.

This commit implements graceful shutdown in nghttpx.  The integration
test for graceful shutdown is also added.
2015-01-22 23:21:58 +09:00
Tatsuhiro Tsujikawa 9938a4e952 Remove AM_EXTRA_RECURSIVE_TARGETS since travis automake is too old 2015-01-21 02:07:16 +09:00
Tatsuhiro Tsujikawa 6e446934d4 integration: Add recursive it target 2015-01-20 21:19:52 +09:00
Tatsuhiro Tsujikawa 06a8d684a6 Fixed typo 2015-01-16 22:29:22 +09:00
Tatsuhiro Tsujikawa b0078a2379 Suppress to send frames other than GOAWAY if NGHTTP2_GOAWAY_TERM_ON_SEND is set
This change makes sure that GOAWAY which terminates session is
immediately sent without blocked by other frames.
NGHTTP2_ERR_SESSION_CLOSING library error code was added to indicate
this situation to callback.
2015-01-15 22:32:29 +09:00
Tatsuhiro Tsujikawa 50109bb307 Use NGHTTP2_STREAM_CLOSED when DATA arrived to stream which is not open 2015-01-14 23:31:21 +09:00
Alexis La Goutte c87631c2e6 Fix other shorten-64-to-32 casting error found by MSVC (64bits)
Thanks to Pascal
2015-01-10 15:17:31 +01:00
Tatsuhiro Tsujikawa b2411d949e Remove return in void function 2015-01-09 20:56:37 +09:00
Tatsuhiro Tsujikawa b313068cab Fix compile error with --enable-werror 2015-01-08 01:33:09 +09:00
Tatsuhiro Tsujikawa a804117c83 Fix GOAWAY handling
On reception of GOAWAY, new stream creation is disallowed regardless
of last-stream-id in GOAWAY is larger than next stream ID.
2015-01-07 22:53:43 +09:00
Tatsuhiro Tsujikawa c3215af5f6 Fix missing error handling for session_after_frame_sent1 2015-01-02 14:49:36 +09:00
Alexis La Goutte fef9530ca5 fix error: variable 'mem' set but not used [-Werror=unused-but-set-variable] 2014-12-30 16:18:52 +01:00
Tatsuhiro Tsujikawa e60183313b Document that calling nghttp2_submit_response to same stream twice is bad idea 2014-12-20 21:53:33 +09:00
Tatsuhiro Tsujikawa 7c0a0c495d Rename nghttp2_stream.data_item to nghttp2_stream.item and related functions
Initially, we use nghttp2_stream.data_item to refer only item with
DATA frame.  But recently we use it to refer HEADERS frame as well.
So it is better to call just item rather than data_item.  This applies
to all related functions.
2014-12-20 21:48:31 +09:00
Tatsuhiro Tsujikawa e8513b3241 Make huffman encoding faster 2014-12-19 23:22:55 +09:00
Tatsuhiro Tsujikawa 8bac2087cf nghttp2_session_mem_send: Handle stream closure early
Previously session_after_frame_sent is called after we detected all
data is sent.  In nghttp2_session_mem_send, we only detect it in the
next call of the function.  It means that if a frame data bearing
END_STREAM is on flight to the peer as a result of
nghttp2_session_mem_send, peer may get that data and knows the stream
closure and issues new stream.  We may receive this new stream before
the next nghttp2_session_mem_send call, which means that we may
incorrectly assumes that peer violates maximum concurrent stream
limit.  To fix this issue, we separate session_after_frame_sent into 2
functions: session_after_frame_sent1 and session_after_frame_sent2.
session_after_frame_sent1 handles on_frame_send_callback and stream
closure and we call this early in nghttp2_session_mem_send.  This
makes number of streams are synchronized correctly with peer.
2014-12-18 21:52:17 +09:00
Tatsuhiro Tsujikawa ce1bf11d4b Fix memory leak 2014-12-18 21:02:44 +09:00
Tatsuhiro Tsujikawa 4bc9f2422b Add nghttp2_mem example 2014-12-16 23:21:50 +09:00
Tatsuhiro Tsujikawa ee158fb0aa Add nghttp2_session_{set,get}_next_stream_id API function 2014-12-13 01:18:15 +09:00
Tatsuhiro Tsujikawa 280c9dfcf3 Keep idle streams in separate list
Previously we handle idle streams as closed streams.  We only keeps
sum of closed streams and active streams under max concurrent streams
limit, idle streams gets deleted earlier than client expects.

In this change, idle streams are kept in separate list and not handled
as closed streams.  To mitigate possible attack vector to make
unlimited idle streams, we cap the number of idle streams in a half of
max concurrent streams.  This is arbitrary choice.  It may be adjusted
in the future when we have interop experience.
2014-12-13 00:14:52 +09:00
Tatsuhiro Tsujikawa f705b2aec4 Use NGHTTP2_PROTOCOL_ERROR for WINDOW_UPDATE with increments == 0 2014-12-10 01:02:30 +09:00
Tatsuhiro Tsujikawa e0a2353c56 Fix crash with custom memory allocator 2014-12-08 21:22:20 +09:00
Tatsuhiro Tsujikawa c0ffed7788 Support custom memory allocator
nghttp2_mem structure is introduced to hold custom memory allocator
functions and user supplied pointer.  nghttp2_mem object can be passed
to nghttp2_session_client_new3(), nghttp2_session_server_new3(),
nghttp2_hd_deflate_new2() and nghttp2_hd_inflate_new2() to replace
standard malloc(), free(), calloc() and realloc().  nghttp2_mem
structure has user supplied pointer mem_user_data which can be used as
per session/object memory pool.
2014-12-08 00:55:55 +09:00
Tatsuhiro Tsujikawa 21b48d24e4 Remove altsvc 2014-12-07 23:11:54 +09:00
Tatsuhiro Tsujikawa 7036859823 Do not change user variable CFLAGS in configure.ac 2014-12-01 23:06:11 +09:00
Tatsuhiro Tsujikawa 60cb3f67f2 Refactor nghttp2_adjust_local_window_size 2014-12-01 21:49:32 +09:00
Tatsuhiro Tsujikawa d23105ccb7 Add note about pseudo header ordering validation in on_header_callback 2014-11-30 21:30:48 +09:00
Tatsuhiro Tsujikawa 7e092a7658 Make sure that head_stream is not NULL 2014-11-30 19:52:05 +09:00
Tatsuhiro Tsujikawa d39b56adaa Remove unused nghttp2_stream.blocked_sent 2014-11-30 17:41:40 +09:00
Tatsuhiro Tsujikawa 152a20a416 Influence last_stream_id to nghttp2_session_want_{read,write} 2014-11-29 23:13:42 +09:00
Tatsuhiro Tsujikawa 7ff0797535 Rewrite session_is_new_peer_stream_id() 2014-11-29 17:24:49 +09:00
Tatsuhiro Tsujikawa ca57c2f6b6 Rename NGHTTP2_GOAWAY_FAIL_ON_SEND with NGHTTP2_GOAWAY_TERM_ON_FAIL 2014-11-29 16:28:08 +09:00
Tatsuhiro Tsujikawa d75ba74bbd Return error if invalid stream_id is given to nghttp2_submit_push_promise 2014-11-29 16:17:02 +09:00
Tatsuhiro Tsujikawa 9ff1925538 Robust GOAWAY handling
This change will utilize last_stream_id in GOAWAY extensively.  When
GOAWAY is received with a last_stream_id, library closes all outgoing
streams whose stream_id > received last_stream_id.
nghttp2_on_stream_callback is called for each stream to be closed.

When GOAWAY is sent with a last_stream_id, library closes all incoming
streams whose stream_id > sent last_stream_id.
nghttp2_on_stream_callback is called for each stream to be closed.
2014-11-29 16:02:13 +09:00
Tatsuhiro Tsujikawa 45801883ba Cleanup previous commit 2014-11-28 01:35:12 +09:00
Tatsuhiro Tsujikawa 382a328ead Issue connection error if client receives HEADERS with idle stream ID
If stream ID is not idle, it might be valid HEADERS.  If stream ID is
idle, it is invalid regardless stream ID is even or odd, since client
is not expected to recieve request from server.  nghttp2 library
historically allows this, but now we forbids this.
2014-11-28 01:22:57 +09:00
Tatsuhiro Tsujikawa babfa41424 Just ignore HEADERS with non-idle stream ID and not found in stream map 2014-11-28 01:01:33 +09:00
Tatsuhiro Tsujikawa b1f807abd1 Reformat lines with clang-format-3.5 2014-11-27 23:56:30 +09:00
Alexis La Goutte d1285255eb Fix last warning found by Clang Analyzer
nghttp2_session.c:636:3: warning: Branch condition evaluates to a garbage value
2014-11-26 18:20:16 +01:00
Alexis La Goutte bac44d7ffb Fix -Werror=unused-parameter using _U_ macro 2014-11-25 17:08:09 +01:00
Tatsuhiro Tsujikawa 8e94551881 Handle idle stream in priority field 2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa 6e1470c9d3 Remove duplicated code 2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa 9416bf9079 Update doc 2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa 24f83eef7c Reduce nghttp2_session_get_stream() call before sending frame 2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa b7c0576eb5 Make certain type of HEADERS subject to priority
We make following HEADERS under priority control:
* push response HEADERS
* HEADERS submitted by nghttp2_submit_response

Currently, HEADERS submitted by nghttp2_submit_headers is not attached
to stream.  This is because it may be used as non-final response
header and application may submit final response using
nghttp2_submit_response without checking non-final response header
transmission.
2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa 5a48750e16 Assign default weight if NGHTTP2_MAX_DEP_TREE_LENGTH is exceeded 2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa ae93f6345c Allow PRIORITY frame at anytime.
Allowing PRIORITY frame at anytime so that PRIORITY frame to idle
stream can create anchor node in dependency tree.  In this change, we
open stream with new NGHTTP2_STREAM_IDLE state, which is linked in
session->closed_stream_head and is treated as if it is closed stream.
One difference is that if the stream is opened, we remove it from
linked list and change the state to the appropriate one.  To O(1)
removal from linked list, we change session->closed_stream_head to
doubly linked list.
2014-11-24 15:25:19 +09:00
Tatsuhiro Tsujikawa 4ee89e62fc nghttp2_hd: Refactor a bit 2014-11-21 01:59:20 +09:00
Tatsuhiro Tsujikawa a8eeea0b18 Initialize frame header for upgrade SETTINGS frame 2014-11-15 11:30:01 +09:00
Tatsuhiro Tsujikawa efa344be98 Add assert to ensure non-null dep_stream 2014-11-08 23:23:54 +09:00
Tatsuhiro Tsujikawa c31be5af4d Assign default priority if dep_stream in PRIORITY does not exist 2014-11-08 16:12:13 +09:00
Tatsuhiro Tsujikawa 91f7d43e84 Assign default priority if dependency parent stream does not exist 2014-11-08 11:23:18 +09:00
Tatsuhiro Tsujikawa 42122c270a Don't reprioritize stream if it is not in dependency tree
Normally stream is in dependency tree, but sometimes it isn't.  For
example, client does not put pushed reserved stream in dependency
tree.
2014-11-08 10:31:53 +09:00
Tatsuhiro Tsujikawa 1348621d9e Fix bug that priority is ignored if dependency parent does not exist 2014-11-08 10:18:10 +09:00
Tatsuhiro Tsujikawa 62ede05c09 Fix heap-use-after-free due to duplicated push of DATA item 2014-11-06 23:47:41 +09:00
Tatsuhiro Tsujikawa 9a33116526 Fix bug in priority tree
This change fixes the bug that stream is out of dependency tree if the
number of nodes in a dependency tree which we add new node to is
already maximum (NGHTTP2_MAX_DEP_TREE_LENGTH) and the number of
maximum concurrent streams is more than more than
NGHTTP2_MAX_DEP_TREE_LENGTH.
2014-11-05 00:32:16 +09:00
Tatsuhiro Tsujikawa 76800dc8e7 Remove unused functions 2014-10-30 23:31:36 +09:00
Tatsuhiro Tsujikawa 7d282cd0bd Code cleanup 2014-10-30 23:31:28 +09:00
Tatsuhiro Tsujikawa 49b8d1d88c Rename max_header_set_size as max_header_list_size 2014-10-30 22:42:15 +09:00
Tatsuhiro Tsujikawa 4d93dd9d91 Upate to draft-15
* Add NGHTTP2_HTTP_1_1_REQUIRED error code
* Allow transmission of WINDOW_UPDATE on reserved (remote)
* Allow reception of WINDOW_UPDATE on reserved (local)
* Treat frame larger than MAX_FRAME_SIZE as FRAME_SIZE_ERROR

ALPN identifier is still h2-14 to continue interop, since draft-14 and
-15 are binary compatible.  The new error code was added in draft-15,
but HTTP/2 allows extensions can freely add new error code, so it is
not a problem.
2014-10-30 22:40:02 +09:00
Tatsuhiro Tsujikawa 6b9382d865 Add comments to the auto-generated table 2014-10-27 21:27:03 +09:00
Tatsuhiro Tsujikawa 2c335dbc7a Add more comment about local window size adjustment 2014-10-27 21:24:41 +09:00
Tatsuhiro Tsujikawa b3463b20a3 Update doc 2014-10-27 21:24:41 +09:00
Tatsuhiro Tsujikawa e330520341 Fix compile error on arm 2014-10-19 22:40:39 +09:00
Tatsuhiro Tsujikawa bc8a583184 Refactor stream tree code 2014-10-16 21:59:52 +09:00
Tatsuhiro Tsujikawa 502ff24568 Avoid iterate siblings when adding/removing stream tree 2014-10-16 01:12:59 +09:00
Tatsuhiro Tsujikawa 70c0558443 Set payload length when expected SETTINGS is not received 2014-10-10 21:46:02 +09:00
Tatsuhiro Tsujikawa 80dcb565eb Check first SETTINGS strictly 2014-10-09 21:37:18 +09:00
Tatsuhiro Tsujikawa 402c262de5 Push stream to queue after effective weight was calculated 2014-10-08 22:44:02 +09:00
Tatsuhiro Tsujikawa 03c4092862 Distribute closed or blocked stream's weight to its siblings
This also means that at least one stream whose dpri is
NGHTTP2_STREAM_DPRI_TOP exists, its siblings descendants have no
chance to send streams, even if their parent stream has
NGHTTP2_STREAM_DPRI_NODATA.
2014-10-07 23:52:36 +09:00
Tatsuhiro Tsujikawa f3a76d84f1 Document that only one data is allowed for one stream at a time 2014-10-06 23:47:43 +09:00
Tatsuhiro Tsujikawa 32ddca532a Use 256 elements table in nghttp2_downcast 2014-10-04 00:40:51 +09:00
Tatsuhiro Tsujikawa 1d138accb9 Unify DATA and other frames in nghttp2_outbound_item and save malloc() 2014-10-03 21:31:37 +09:00
Tatsuhiro Tsujikawa 7e6019aef1 nghttp2_hd: Don't malloc if name/value is in first chunk without indexing 2014-09-30 23:01:58 +09:00
Tatsuhiro Tsujikawa e20b417b84 Embed aux_data to nghttp2_outbound_item so that we can save some malloc() calls 2014-09-30 21:45:15 +09:00
Tatsuhiro Tsujikawa df56b69060 nghttp2_map: Use initial size 256 so that we don't resize it until 100 streams 2014-09-29 22:46:13 +09:00