summaryrefslogtreecommitdiff
path: root/src/h2.c
Commit message (Collapse)AuthorAgeFilesLines
* [build] _WIN32 __declspec(dllexport) *_plugin_initGlenn Strauss2023-05-031-0/+1
| | | | _WIN32 __declspec(dllexport) on mod_*_plugin_init()
* [core] _WIN32 socket-compat, filesystem-compatGlenn Strauss2023-05-031-0/+4
| | | | | | | | | | | | | | | | | | | | _WIN32 is sufficiently different -- *different*; not better -- that isolating _WIN32 code is clearer than #ifdef _WIN32 in almost every func in fdevent.c _WIN32-specific fdevent_socket_* funcs _WIN32 SOCKET fds must be closed with closesocket(), not close() _WIN32 HANDLE_FLAG_INHERIT for FD_CLOEXEC _WIN32 use _sopen_s() without _O_TEMPORARY Use _sopen_s() without _O_TEMPORARY in fdevent_mkostemp(). _O_TEMPORARY would remove file once last handle to file is closed. Temporary files in chunkqueue may be closed for large request/response _WIN32 fdevent_rename() using MoveFileExA _WIN32 rename() fails if the target file already exists. Alternatives are MoveFileExA() or ReplaceFileA(). Both of the above fail if either oldfile or newfile are open, so - not atomic - may fail sporadically
* [mod_h2] HTTP/2 module: mod_h2Glenn Strauss2023-05-031-0/+22
| | | | | | (mod_h2 module now available as build artifact of shared lib build, but is not yet used by lighttpd, in order to give package maintainers a chance to update release packages to contain mod_h2)
* [core] hxcon "base class" for h2conGlenn Strauss2023-05-031-32/+33
|
* [core] http_dispatch[] tables for HTTP proto versGlenn Strauss2023-05-031-8/+23
|
* [core] r->x union w/ structs for r->x.{h1,h2}Glenn Strauss2023-04-291-106/+106
|
* [core] r->x union w/ structs for r->x.{h1}Glenn Strauss2023-04-291-1/+1
|
* [core] h2_recv_reqbody()Glenn Strauss2023-04-291-1/+56
|
* [core] h2_process_streams()Glenn Strauss2023-04-291-11/+239
|
* [core] h2_check_timeout()Glenn Strauss2023-04-291-0/+79
|
* [core] h2_send_goaway_graceful()Glenn Strauss2023-04-241-0/+20
|
* [core] CON_STATE_REQUEST_END transient stateGlenn Strauss2023-04-241-1/+3
| | | | CON_STATE_REQUEST_END transient state is now implicit; not directly used
* [core] connection_check_upgrade() h2_upgrade_h2c()Glenn Strauss2023-04-241-64/+35
| | | | | separate generic HTTP handling of Upgrade request header from handling of Upgrade: h2c
* [core] add members to http_header_parse_ctxGlenn Strauss2023-04-041-5/+5
| | | | add log_request_header to http_header_parse_ctx
* [core] h2 match w/ lsxpack pseudo-header key onlyGlenn Strauss2023-03-251-5/+5
|
* [core] h2 mark :status matching lsxpack enum valueGlenn Strauss2023-03-251-0/+2
|
* [core] h2: remove obsolete commentGlenn Strauss2023-03-251-7/+0
| | | | (see "(lighttpd customization)" in ls-hpack/lshpack.h)
* [core] h2_get_stream_req() code reuseGlenn Strauss2023-03-241-26/+21
|
* [core] h2_recv_headers() tweak to reduce code sizeGlenn Strauss2023-03-221-8/+5
|
* [core] remove extra HTTP/2 HEADERS frame len checkGlenn Strauss2023-02-101-1/+1
| | | | | remove extra HTTP/2 HEADERS frame len check (now that the check has been added to proper place in prior commit)
* [core] fix HTTP/2 HEADERS frame parsing bugGlenn Strauss2023-02-101-2/+1
| | | | | | | | | (thx Sig Run for reproduction cases, ASAN logs, valgrind logs) credit: sig.run https://hackerone.com/sigrun 2023.02.10 edit: CVE ID assignment requested a few days ago, but id not yet assigned
* [core] add missed h2 state transition (fixes #3186)Glenn Strauss2023-01-191-0/+17
| | | | | | | | | | transition to h2 state half closed local if END_STREAM sent with HEADERS (thx gjoe) x-ref: HTTP 2 connections not properly closed https://redmine.lighttpd.net/issues/3186
* [multiple] codespell: correct spelling in commentsGlenn Strauss2023-01-071-4/+4
|
* [multiple] employ ck_calloc, ck_malloc shared codeGlenn Strauss2022-12-101-3/+1
| | | | | employ ck_calloc(), ck_malloc() shared code to slightly reduce code size (centralize the ck_assert() to check that memory allocation succeeded)
* [core] fix HTTP/2 downloads >= 4GiB (fixes #3166)Glenn Strauss2022-08-041-2/+2
| | | | | | | | | | (thx flynn) regression in lighttpd 1.4.60 - lighttpd 1.4.65 x-ref: "GET requests hangs on big files after 10% using HTTP/2" https://redmine.lighttpd.net/issues/3166
* [core] h2: optim: send window update in 16k unitsGlenn Strauss2022-06-091-11/+23
| | | | h2: optim: send window update in 16k units for both sessions and streams
* [core] update cached tables with Priority headerGlenn Strauss2022-06-071-0/+2
| | | | (thx jens-maus)
* [core] h2: avoid sending tiny DATA framesGlenn Strauss2022-06-071-0/+3
| | | | | | | | | h2: avoid sending tiny DATA frames when h2 window is tiny and a larger amount of data is pending to be sent; wait for slightly larger window to be available note: must temporarily disable this when running h2spec since some h2spec tests expect 1-byte DATA frame, not a deferred response
* [core] h2: avoid sending small WINDOW_UPDATE framesGlenn Strauss2022-06-071-3/+14
| | | | | | | | | | | | | | | | Note this may slow down uploads due to delay in sending WINDOW_UPDATE smaller than the default max frame size (16384), but as a trade-off this aims to reduce degenerative behavior from clients sending an increasing number of tiny DATA frames. The default 65535 value for SETTINGS_INITIAL_WINDOW_SIZE (which lighttpd immediately increases to 65536) is larger than 16384, so deferring small updates should not exhaust the window (from lighttpd's perspective). x-ref: "Slow upload / Increase CPU/Memory usage with HTTP/2 enabled" https://redmine.lighttpd.net/issues/3089 "libnghttp2 degenerative behavior possible when HTTP/2 window size exhausted" https://github.com/nghttp2/nghttp2/issues/1722
* [core] increase session window size to 256kGlenn Strauss2022-06-041-1/+1
| | | | | (adjust the HTTP/2 frame value to match the comment; previous value was actually adjusting only to 128k)
* [core] h2 SETTINGS_INITIAL_WINDOW_SIZE 64k (fixes #3089)Glenn Strauss2022-06-041-13/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Increase stream window size to 64k (from default 64k-1) Increase session window size to 256k (from default 64k-1) (multiple of SETTINGS_MAX_FRAME_SIZE (default 16k)) (rely on TCP window scaling and TCP congestion control to manage client sending too much data) Window size as multiple of SETTINGS_MAX_FRAME_SIZE (default 16k) may be friendlier to client buffer management and more efficient for uploading. Window sizes are not increased to arbitrarily large numbers as the HTTP/2 flow control may be useful to help simplistic/naive clients avoid symptoms of buffer bloat. Bandwidth delay product on high bandwidth, high latency links may be large, so increasing window sizes may increase performance. However, lighttpd code does not check actual per-connection RTT or kernel socket buffer sizes. 256k chosen as session window size, and 192k as stream window size. Above changes avoid degenerative behavior from the widely deployed libnghttp2 which may devolve to sending 1 byte at a time in some cases. https://redmine.lighttpd.net/issues/3089 x-ref: "Slow upload / Increase CPU/Memory usage with HTTP/2 enabled" https://redmine.lighttpd.net/issues/3089 Delivering HTTP/2 upload speed improvements https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
* [multiple] simplify bytes_in/bytes_out accountingGlenn Strauss2022-05-111-1/+0
| | | | | | | | | | | | | | | | encapsulate accounting calculations in http_request_stats_bytes_in() http_request_stats_bytes_out() more accurate accounting for HTTP/1.1 bytes_in on keep-alive requests (affects case where client pipelines HTTP/1.1 requests) remove con->bytes_read and con->bytes_written (no longer needed since request_st was split from connection struct and request bytes_read_ckpt and bytes_written_ckpt are maintained for HTTP/1.x bytes_in and bytes_out accounting. Also, further back, chunkqueue internal accounting was simplified to maintain bytes_in and bytes_out to always match chunkqueue length)
* [core] send Priority resp hdr w/ .css, .js re-prioGlenn Strauss2022-05-051-1/+5
| | | | send Priority response header with .css, .js re-prioriziation
* [core] h2 prio sort urgency, incr, then stream idGlenn Strauss2022-05-051-6/+14
| | | | h2 priority sort based on urgency, incremental, then stream id
* [core] stricter check of HTTP/2 GOAWAY frame sizeGlenn Strauss2022-04-101-1/+4
|
* [core] send HTTP/2 SETTINGS_NO_RFC7540_PRIORITIESGlenn Strauss2022-04-101-6/+1
| | | | | | | | | | | | | | | | | | send HTTP/2 SETTINGS_NO_RFC7540_PRIORITIES=1 with server connection preface RFC9218 Extensible Prioritization Scheme for HTTP 2.1 Disabling RFC 7540 Priorities If endpoints use SETTINGS_NO_RFC7540_PRIORITIES they MUST send it in the first SETTINGS frame. RFC7540 Hypertext Transfer Protocol Version 2 (HTTP/2) 6.5.3. Settings Synchronization Unsupported parameters MUST be ignored. x-ref: https://datatracker.ietf.org/doc/html/rfc9218 https://datatracker.ietf.org/doc/html/rfc7540
* [core] HTTP/2 PRIORITY_UPDATE frame (experimental)Glenn Strauss2022-04-101-6/+176
| | | | | | | | | *experimental* support for HTTP/2 PRIORITY_UPDATE frame x-ref: "Extensible Prioritization Scheme for HTTP" https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority-12 https://datatracker.ietf.org/doc/html/rfc9218
* [core] short-circuit earlier parsing h2 trailersGlenn Strauss2022-03-301-2/+5
|
* [multiple] WebSockets over HTTP/2 (fixes #3151)Glenn Strauss2022-03-251-1/+3
| | | | | | | | | | | | | | | | | Add support for WebSockets over HTTP/2 to lighttpd core and to mod_cgi w/ config: cgi.upgrade = "enable" mod_proxy w/ config: proxy.header += ("upgrade" => "enable") mod_wstunnel HTTP/2 CONNECT extension defined in RFC8441 is translated to HTTP/1.1 'Upgrade: websocket' requests to mod_cgi or mod_proxy, and is handled directly in mod_wstunnel. x-ref: WebSockets over HTTP/2 https://redmine.lighttpd.net/issues/3151 Bootstrapping WebSockets with HTTP/2 https://datatracker.ietf.org/doc/html/rfc8441
* [core] discard DATA from REFUSED_STREAM at h2 initGlenn Strauss2022-03-251-0/+6
| | | | | | | | | | | | | | | | | | discard DATA from REFUSED_STREAM at h2 connection init while waiting for SETTINGS ackn from client This is not a bugfix in lighttpd, but rather is a workaround for impolite/aggressive/dumb/lazy (take your picks) client behavior. x-ref: "POST request DATA part for non-existing URI closes HTTP/2 connection prematurely" https://redmine.lighttpd.net/issues/3078 "HTTP/2 Error" https://redmine.lighttpd.net/issues/3148 "Possible HTTP/2 error - GOAWAY sent" https://redmine.lighttpd.net/issues/3149 "[WAD] HTTP/2 GOAWAY with excessive PUT requests exceeding stream concurrency limit" https://redmine.lighttpd.net/boards/2/topics/10351
* [core] isolate plugins_*() funcs to main serverGlenn Strauss2022-02-191-1/+1
| | | | | (future: might rename plugin.c -> plugins.c since the functions contained within are all plugins_*())
* [core] prep server_tag at startup for h2 resp hdrGlenn Strauss2022-02-191-10/+9
|
* [core] connection_handle_read_state() tweakGlenn Strauss2021-12-171-3/+1
| | | | no need to set transient state CON_STATE_REQUEST_END
* [core] fix reqpool mem corruption in 1.4.62 (fixes #3118)Glenn Strauss2021-12-041-1/+1
| | | | | | | | x-ref: "Segfault after updating to version 1.4.62" https://redmine.lighttpd.net/issues/3118 "Segfault on closing connections" https://redmine.lighttpd.net/issues/3119
* [core] allocate one fewer cond_match_t, if neededGlenn Strauss2021-11-221-1/+1
| | | | allocate one fewer cond_match_t in r->cond_match_data, if any are needed
* [core] pcre2 support (--with-pcre2)Glenn Strauss2021-11-221-1/+1
| | | | | | x-ref: "lighttpd: depends on obsolete pcre3 library" https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000063
* [core] save config regex captures only if usedGlenn Strauss2021-11-191-2/+3
| | | | | | | | | | | | | | | | save config regex captures separately only if used by url.redirect or url.rewrite replacement directives within the condition (or for conditions containing directives from any other module which calls config_capture() for its directives during init) keep pointer to match data (cond_match_t *) in r->cond_match[] rather than cond_match_t to reduce data copying in h2_init_stream(). h2_init_stream() copies the results for already-evaluated conditions to avoid re-evaluating connection-level conditions for each and every stream. When conditions are reset, then the pointer in r->cond_match[] is updated when the condition is re-evaluated. (This all assumes that HTTP/2 connection-level conditions are not unset or re-evaluated once HTTP/2 streams begin.)
* [core] better asm for binary num to ascii stringGlenn Strauss2021-11-121-18/+26
| | | | | | | | | | | compiler optimizers generally convert div to an equivalent mul, though not always optimally for modulus (%). In places where lighttpd is using both quotient and remainder, calculate the remainder from the quotient. x-ref: inspiration: https://lemire.me/blog/2019/02/08/faster-remainders-when-the-divisor-is-a-constant-beating-compilers-and-libdivide/ https://lemire.me/blog/2019/02/20/more-fun-with-fast-remainders-when-the-divisor-is-a-constant/
* [core] thwart h2c smuggling when Upgrade enabledGlenn Strauss2021-10-271-0/+1
| | | | | | | | | | | | | | | | | Existing behavior: mod_proxy *does not* forward Upgrade header unless explicitly enabled in lighttpd.conf (default: not enabled) (proxy.header += ("upgrade" => "enable")) mod_cgi previously used to forward Upgrade request header, but would remove Upgrade response header if cgi.upgrade was not explicitly enabled (cgi.upgrade = "enable") This patch thwarts h2c smuggling when lighttpd.conf has also been explicitly configured to pass "Upgrade" request header x-ref: "h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)" https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c
* [core] expose chunkqueue_remove_empty_chunks()Glenn Strauss2021-10-271-1/+1
| | | | | expose chunkqueue_remove_empty_chunks() for use in error recovery when aborting a chunkqueue_append_buffer_open*()
View Lorry Controller Status