aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| * | | | | | | | | | | | HTTP/3: fixed pushed request finalization in case of error.Roman Arutyunyan2021-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously request could be finalized twice. For example, this could happen if "Host" header was invalid.
| * | | | | | | | | | | | QUIC: set NGX_TCP_NODELAY_DISABLED for fake stream connections.Sergey Kandaurov2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Notably, it is to avoid setting the TCP_NODELAY flag for QUIC streams in ngx_http_upstream_send_response(). It is an invalid operation on inherently SOCK_DGRAM sockets, which leads to QUIC connection close. The change reduces diff to the default branch in stream content phase.
| * | | | | | | | | | | | QUIC: simplified stream fd initialization.Roman Arutyunyan2021-09-21
| | | | | | | | | | | | |
| * | | | | | | | | | | | Configure: USE_OPENSSL_QUIC=YES implies USE_OPENSSL=YES.Ruslan Ermilov2021-09-21
| | | | | | | | | | | | |
| * | | | | | | | | | | | Configure: ordered directories.Ruslan Ermilov2021-09-21
| | | | | | | | | | | | |
| * | | | | | | | | | | | Configure: simplified condition.Ruslan Ermilov2021-09-21
| | | | | | | | | | | | |
| * | | | | | | | | | | | HTTP/3: make ngx_http_log_error() static again.Roman Arutyunyan2021-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function was only referenced from ngx_http_v3_create_push_request() to initialize push connection log. Now the log handler is copied from the parent request connection. The change reduces diff to the default branch.
| * | | | | | | | | | | | QUIC: separate event handling functions.Roman Arutyunyan2021-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The functions ngx_quic_handle_read_event() and ngx_quic_handle_write_event() are added. Previously this code was a part of ngx_handle_read_event() and ngx_handle_write_event(). The change simplifies ngx_handle_read_event() and ngx_handle_write_event() by moving QUIC-related code to a QUIC source file.
| * | | | | | | | | | | | HTTP/3: added CONNECT and TRACE methods rejection.Sergey Kandaurov2021-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It has got lost in e1eb7f4ca9f1, let alone a subsequent update in 63c66b7cc07c.
| * | | | | | | | | | | | Removed NGX_OPENSSL_QUIC macro, NGX_QUIC is enough.Ruslan Ermilov2021-09-14
| | | | | | | | | | | | |
| * | | | | | | | | | | | HTTP/3: added debug logging of response fields.Sergey Kandaurov2021-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because of QPACK compression it's hard to see what fields are actually sent by the server.
| * | | | | | | | | | | | HTTP/3: Huffman encoding for the Location response field.Sergey Kandaurov2021-09-13
| | | | | | | | | | | | |
| * | | | | | | | | | | | HTTP/3: Huffman encoding for the Last-Modified response field.Sergey Kandaurov2021-09-13
| | | | | | | | | | | | |
| * | | | | | | | | | | | HTTP/3: Huffman encoding for the Content-Type response field.Sergey Kandaurov2021-09-13
| | | | | | | | | | | | |
| * | | | | | | | | | | | HTTP/3: implemented QPACK Huffman encoding for response fields.Sergey Kandaurov2021-09-13
| | | | | | | | | | | | |
| * | | | | | | | | | | | HTTP/3: reading body buffering in filters.Roman Arutyunyan2021-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change follows similar changes in HTTP/1 and HTTP/2 in 9cf043a5d9ca.
| * | | | | | | | | | | | QUIC: removed Firefox workaround for trailing zeroes in datagrams.Sergey Kandaurov2021-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This became unnecessary after discarding invalid packets since a6784cf32c13.
| * | | | | | | | | | | | QUIC: macro style.Ruslan Ermilov2021-09-09
| | | | | | | | | | | | |
| * | | | | | | | | | | | Changed the OpenSSL QUIC support detection.Ruslan Ermilov2021-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As was changed in 253cf267f95a.
| * | | | | | | | | | | | Merged with the default branch.Sergey Kandaurov2021-09-08
| |\ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | QUIC: store QUIC connection fd in stream fake connection.Roman Arutyunyan2021-09-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously it had -1 as fd. This fixes proxying, which relies on downstream connection having a real fd. Also, this reduces diff to the default branch for ngx_close_connection().
| * | | | | | | | | | | | | QUIC: fixed null pointer dereference in MAX_DATA handler.Mariano Di Martino2021-09-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a MAX_DATA frame was received before any stream was created, then the worker process would crash in nginx_quic_handle_max_data_frame() while traversing the stream tree. The issue is solved by adding a check that makes sure the tree is not empty.
| * | | | | | | | | | | | | README: HTTP/3 trailers are now supported.Sergey Kandaurov2021-09-01
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Merged with the default branch.Sergey Kandaurov2021-09-01
| |\ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | HTTP/3: bulk parse functions.Roman Arutyunyan2021-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously HTTP/3 streams were parsed by one character. Now all parse functions receive buffers. This should optimize parsing time and CPU load.
| * | | | | | | | | | | | | | QUIC: Stateless Reset Token debug logging cleanup.Sergey Kandaurov2021-08-24
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | QUIC: removed duplicate logging of Stateless Reset Token.Sergey Kandaurov2021-08-24
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | HTTP/3: fixed dead store assignment.Sergey Kandaurov2021-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Found by Clang Static Analyzer.
| * | | | | | | | | | | | | | QUIC: fixed dead store assignment.Sergey Kandaurov2021-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Found by Clang Static Analyzer.
| * | | | | | | | | | | | | | QUIC: fixed format specifiers in ngx_quic_bpf module.Sergey Kandaurov2021-08-17
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | HTTP/3: disabled control characters and space in header names.Sergey Kandaurov2021-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a follow up to 41f4bd4c51f1.
| * | | | | | | | | | | | | | QUIC: better ordering in auto/modules.Vladimir Homutov2021-08-05
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | HTTP/3: got rid of HTTP/2 module dependency.Vladimir Homutov2021-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Huffman encoder/decoder now can be built separately from HTTP/2 module.
| * | | | | | | | | | | | | | HTTP/3: replaced macros with values.Roman Arutyunyan2021-08-04
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | QUIC: asynchronous shutdown.Roman Arutyunyan2021-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, when cleaning up a QUIC stream in shutdown mode, ngx_quic_shutdown_quic() was called, which could close the QUIC connection right away. This could be a problem if the connection was referenced up the stack. For example, this could happen in ngx_quic_init_streams(), ngx_quic_close_streams(), ngx_quic_create_client_stream() etc. With a typical HTTP/3 client the issue is unlikely because of HTTP/3 uni streams which need a posted event to close. In this case QUIC connection cannot be closed right away. Now QUIC connection read event is posted and it will shut down the connection asynchronously.
| * | | | | | | | | | | | | | QUIC: client certificate validation with OCSP.Sergey Kandaurov2021-08-04
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | HTTP/3: close connection on keepalive_requests * 2.Roman Arutyunyan2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After receiving GOAWAY, client is not supposed to create new streams. However, until client reads this frame, we allow it to create new streams, which are gracefully rejected. To prevent client from abusing this algorithm, a new limit is introduced. Upon reaching keepalive_requests * 2, server now closes the entire QUIC connection claiming excessive load.
| * | | | | | | | | | | | | | QUIC: stream limits in "hq" mode.Roman Arutyunyan2021-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "hq" mode is HTTP/0.9-1.1 over QUIC. The following limits are introduced: - uni streams are not allowed - keepalive_requests is enforced - keepalive_time is enforced In case of error, QUIC connection is finalized with 0x101 code. This code corresponds to HTTP/3 General Protocol Error.
| * | | | | | | | | | | | | | HTTP/3: http3_max_uni_streams directive.Roman Arutyunyan2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The directive limits the number of uni streams client is allowed to create.
| * | | | | | | | | | | | | | QUIC: limit in-flight bytes by congestion window.Roman Arutyunyan2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, in-flight byte counter and congestion window were properly maintained, but the limit was not properly implemented. Now a new datagram is sent only if in-flight byte counter is less than window. The limit is datagram-based, which means that a single datagram may lead to exceeding the limit, but the next one will not be sent.
| * | | | | | | | | | | | | | QUIC: handle EAGAIN properly on UDP sockets.Vladimir Homutov2021-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the error was ignored leading to unnecessary retransmits. Now, unsent frames are returned into output queue, state is reset, and timer is started for the next send attempt.
| * | | | | | | | | | | | | | HTTP/3: require mandatory uni streams before additional ones.Roman Arutyunyan2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As per quic-http-34: Endpoints SHOULD create the HTTP control stream as well as the unidirectional streams required by mandatory extensions (such as the QPACK encoder and decoder streams) first, and then create additional streams as allowed by their peer. Previously, client could create and destroy additional uni streams unlimited number of times before creating mandatory streams.
| * | | | | | | | | | | | | | QUIC: eliminated stream type from ngx_quic_stream_frame_t.Roman Arutyunyan2021-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The information about the type is contained in off/len/fin bits. Also, where possible, only the first stream type (0x08) is used for simplicity.
| * | | | | | | | | | | | | | QUIC: updated README with GSO details.Vladimir Homutov2021-07-23
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | HTTP/3: use request pool instead of connection pool.Roman Arutyunyan2021-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In several parts of ngx_http_v3_header_filter() connection pool was used for request-related data.
| * | | | | | | | | | | | | | HTTP/3: response trailers support.Roman Arutyunyan2021-07-13
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.Sergey Kandaurov2021-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenSSL is known to provide read keys for an encryption level before the level is active in TLS, following the old BoringSSL API. In BoringSSL, it was then fixed to defer releasing read keys until QUIC may use them.
| * | | | | | | | | | | | | | QUIC: the "quic_gso" directive.Vladimir Homutov2021-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The directive enables usage of UDP segmentation offloading by quic. By default, gso is disabled since it is not always operational when detected (depends on interface configuration).
| * | | | | | | | | | | | | | Core: fixed errno clobbering in ngx_sendmsg().Vladimir Homutov2021-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This was broken by 2dfd313f22f2.
| * | | | | | | | | | | | | | Merged with the default branch.Sergey Kandaurov2021-07-15
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 08:58:24 +0000