Tatsuhiro Tsujikawa
fc9bdf024f
src: Make DEFAULT_CIPHER_LIST constexpr char[]
2017-01-09 14:42:40 +09:00
Tatsuhiro Tsujikawa
3f97e6cd3a
Merge pull request #776 from nghttp2/nghttpx-memchunkbuffer
...
nghttpx: Use Memchunk based read buffer for frontend connection
2017-01-09 13:08:23 +09:00
Tatsuhiro Tsujikawa
4fa150c494
nghttpx: Use Memchunk based read buffer for frontend connection
...
Previously, we have dedicated read buffer for each frontend
connection. With this commit, the buffer spaces are only used when
needed, and pooled if they are not used. This reduces memory usage
for idle client connections.
2017-01-08 23:20:14 +09:00
Tatsuhiro Tsujikawa
e8b2508036
nghttpx: Rename confusing names in HttpDownstreamConnection
2017-01-08 23:09:00 +09:00
Tatsuhiro Tsujikawa
ac399e41ac
nghttpx: Update doc
...
Mention client-ciphers, and no-http2-cipher-black-list options in
psk-secrets and client-psk-secrets options.
2017-01-08 23:04:07 +09:00
Tatsuhiro Tsujikawa
95dd908834
Merge branch 'nghttpx-more-tls-options'
2017-01-08 22:57:21 +09:00
Tatsuhiro Tsujikawa
9c7e54d9b5
nghttpx: Add client-ciphers option
...
Previously, ciphers option sets cipher list for both frontend and
backend TLS connections. With this commit, ciphers option only sets
cipher list for frontend connections. The new client-ciphers option
sets cipher list for backend connection.
2017-01-08 22:40:58 +09:00
Tatsuhiro Tsujikawa
3c03024881
nghttpx: Add client-no-http2-cipher-black-list option
...
This commit adds client-no-http2-cipher-black-list option to disable
enforcement of HTTP/2 cipher black list on backend HTTP/2 connection.
Previously, existing no-http2-cipher-black-list option disables it for
both frontend and backend connections. Now no-http2-cipher-black-list
option only disables it for frontend connection.
2017-01-08 22:33:19 +09:00
Tatsuhiro Tsujikawa
36dfc0a56a
nghttpx: Reorganize client side TLS configuration
2017-01-08 22:25:30 +09:00
Tatsuhiro Tsujikawa
55bf6cdb15
Merge branch 'nghttpx-psk'
2017-01-08 21:10:07 +09:00
Tatsuhiro Tsujikawa
0abc220013
nghttpx: Fix the bug that no-http2-cipher-black-list does not work
...
Because of the redundant check in backend HTTP/2 session,
no-http2-cipher-black-list does not work on backend HTTP/2 connection.
This commit fixes it.
2017-01-08 19:43:24 +09:00
Tatsuhiro Tsujikawa
c28900990a
h2load: Show custom server temp key such as X25519
2017-01-08 17:58:19 +09:00
Tatsuhiro Tsujikawa
5108193d7b
h2load: Fix incorrect return value from spdylay_send_callback
2017-01-08 17:32:35 +09:00
Tatsuhiro Tsujikawa
79a24f5dd9
nghttpx: Add --client-psk-secret option to enable PSK in backend
2017-01-08 00:35:55 +09:00
Tatsuhiro Tsujikawa
83c759572c
nghttpx: Add --psk-secret option to enable PSK in frontend connection
2017-01-08 00:35:54 +09:00
Tatsuhiro Tsujikawa
1a07fb000b
nghttpx: Enable SCT with OpenSSL 1.1.0
2017-01-06 21:29:04 +09:00
Tatsuhiro Tsujikawa
4aab15999d
Merge pull request #769 from alagoutte/pvs
...
Fix issue reporting by PVS Studio
2017-01-04 20:27:55 +09:00
Tatsuhiro Tsujikawa
441982674f
Merge pull request #768 from makovich/master
...
Update README file
2017-01-04 20:24:04 +09:00
Alexis La Goutte
8256c6e070
libevent-client: fix Incorrect format found by PVS Studio (V576)
...
Consider checking the fourth actual argument of the 'fprintf' function. The SIGNED integer type argument is expected.
2017-01-03 22:03:53 +01:00
Alexis La Goutte
ae87a44b94
nghttp2_hd: fix It is odd that the body of 'hd_get_num_table_entries' function is fully equivalent to the body of 'get_max_index' function found by PVS Studio (V524)
2017-01-03 22:03:53 +01:00
Alexis La Goutte
87d1692e27
nghttp2_submit: fix Parameter 'flags' is always rewritten in function body before being used found by PVS Studio (V763)
2017-01-03 22:03:53 +01:00
makovich
1d2f008656
Update README file
2017-01-03 23:00:32 +03:00
Tatsuhiro Tsujikawa
b064d8a9ff
Merge branch 'nghttpx-fronend-proxyproto'
2017-01-03 17:28:20 +09:00
Tatsuhiro Tsujikawa
528af200b6
Merge branch 'nghttpx-fix-libev-assertion-error'
2017-01-03 17:26:05 +09:00
Tatsuhiro Tsujikawa
c6827a7dac
nghttpx: Fix assertion error in libev ev_io_start
2017-01-03 16:43:49 +09:00
Tatsuhiro Tsujikawa
55ecb082ee
nghttpx: Handle c-ares success without result
2017-01-03 14:35:05 +09:00
Tatsuhiro Tsujikawa
5f2cf461e6
integration: Avoid nghttpx accept-proxy-protocol option
2017-01-03 14:14:37 +09:00
Tatsuhiro Tsujikawa
b313386988
nghttpx: Add proxyproto to frontend option to accept PROXY protocol
...
Previously, global accept-proxy-protocol option enables PROXY protocol
support for all frontend listeners, but this was inflexible. To fix
this issue, accept-proxy-protocol option is now deprecated, and
instead proxyproto parameter in frontend option enables PROXY protocol
support per frontend.
2017-01-03 12:47:03 +09:00
Tatsuhiro Tsujikawa
3933280d29
src: Fix assertion error with boringssl
...
boringssl says:
/* It is an error to clear any bits that have already been set. (We can't try
* to get a second close_notify or send two.) */
assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
2017-01-02 11:48:38 +09:00
Tatsuhiro Tsujikawa
2b6073900f
Merge branch 'nghttpx-dns-timeout-fix'
2016-12-30 11:39:28 +09:00
Tatsuhiro Tsujikawa
d1ba43a69f
nghttpx: Fix bug that DNS timeout was erroneously disabled
2016-12-30 11:09:02 +09:00
Tatsuhiro Tsujikawa
a0779edec4
nghttpx: Fix bug that DNS timeout was ignored
2016-12-30 11:08:26 +09:00
Tatsuhiro Tsujikawa
d70fefe72f
Bump up version number to 1.19.0-DEV
2016-12-27 20:55:00 +09:00
Tatsuhiro Tsujikawa
b52db072f1
Update bash_completion
2016-12-27 20:43:30 +09:00
Tatsuhiro Tsujikawa
ab0b98db61
Update man pages
2016-12-27 20:42:46 +09:00
Tatsuhiro Tsujikawa
4245d98653
Bump up version number to 1.18.0, LT revision to 26:3:12
2016-12-27 20:35:31 +09:00
Tatsuhiro Tsujikawa
93b4866f5b
Merge branch 'nghttpx-dont-write-after-failure'
2016-12-26 00:49:45 +09:00
Tatsuhiro Tsujikawa
25df164219
nghttpx: Don't write again after failure
...
Plain write(2) is OK, but SSL_write requires same arguments on retry.
It would be better to avoid calling them again.
2016-12-26 00:35:38 +09:00
Tatsuhiro Tsujikawa
ba03c082e9
Merge branch 'nghttpx-retry-h1-backend-request'
2016-12-25 23:05:29 +09:00
Tatsuhiro Tsujikawa
bcfa333322
nghttpx: Refactor h1 backend retry code
2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa
c4aeadd57d
nghttpx: Retry h1 backend request if first write fails
2016-12-25 22:19:51 +09:00
Tatsuhiro Tsujikawa
e6b4454e48
Merge branch 'nghttpx-better-early-final-response-handling'
2016-12-24 23:02:52 +09:00
Tatsuhiro Tsujikawa
3226d21609
Merge pull request #755 from nghttp2/nghttpx-h1-frontend-keep-alive-timeout
...
nghttpx: Add frontend-keep-alive-timeout option
2016-12-24 23:01:17 +09:00
Tatsuhiro Tsujikawa
3d20c2dce6
nghttpx: Feed read event rather than calling on_read
...
on_read may fail, but we failed to check its return value most of the
places. This is because failure means deletion of ClientHandler, but
because of architecture, we cannot delete it. Feeding read event is
better since we can move call on_read from libev callback. We can
delete ClientHandler form there.
2016-12-24 22:57:59 +09:00
Tatsuhiro Tsujikawa
cd83d70e7b
nghttpx: Don't reset stream if we have already received response
2016-12-24 22:54:22 +09:00
Tatsuhiro Tsujikawa
a0ce5ea9ab
nghttpx: Keep reading after backend write failed
...
Because of bidirectional nature of TCP, we may fail write(2), but have
still pending read in TCP buffer, which may contain response body. To
forward them, we should keep reading until get EOF from backend.
To avoid stalling HTTP/1 upload when request buffer is full, and we
have received complete response from backend, drop connection in that
case.
2016-12-24 22:50:02 +09:00
Tatsuhiro Tsujikawa
3c600c103f
nghttpx: Add frontend-keep-alive-timeout option
2016-12-23 11:01:29 +09:00
Tatsuhiro Tsujikawa
841ac75c3e
nghttpx: Clarify that backend-keep-alive-timeout applies to h1 only
2016-12-23 10:49:39 +09:00
Tatsuhiro Tsujikawa
80a96817aa
Add c-ares to android build guide
2016-12-21 23:47:34 +09:00
Tatsuhiro Tsujikawa
ecc05e0a1a
Add `git submodule` to required build step
2016-12-21 23:34:28 +09:00