Are there plans to support client certificate verification for streams?
Any workarounds available?
Is this patch going to be worked into future releases?
https://forum.nginx.org/read.php?29,262636,262636
___
nginx-devel mailing list
nginx-devel
Hello everyone,
I've written a module for nginx that takes the concept of "Port
Knocking" and applies it to websites. When you visit an configured nginx
website, it returns a 404 "page not found" error. However if you go to
secret urls, even though they all, on the
nock_next_free_slot; i++) {
if (access_records[i].ip_addr == ip_addr)
Perhaps using the nginx Red-Black tree here would lead to better
performance (in place of O(n)) and remove the limitation on number of
IPs.
On Tue, Aug 19, 2014 at 9:50 AM, Phillip Taylor (nginx) <
[email protected]
X-Forwarded-For $proxy_add_x_forwarded_for;
}
Any suggestion will be greatly appreciated.
Thanks,
On Sunday, November 6, 2016 10:41 PM, "[email protected]"
wrote:
Welcome to the [email protected] mailing list! You were
successfully subscribed t
push rtmp://localhost:8080/live/test05;
}
Could anyone give an example on how to use control/redirect/publisher command
for the above config?
Thanks.___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hi,
I'm a sysadmin at a large organization, where we use a lot of drupal on nginx
(hundreds of sites).
Recently, we encountered two bugs related to drupal 8 vs nginx config. I
reached out to some friends of mine who are drupal core developers, and
essentially it boils down to this: They
Hello and thank you for the code review,
On 2018-10-15 16:27, Maxim Dounin wrote:
Hello!
On Fri, Oct 12, 2018 at 09:54:04PM +0200, Paul Pawlowski via
nginx-devel wrote:
# HG changeset patch
# User Paul Pawlowski
# Date 1539371172 -7200
# Fri Oct 12 21:06:12 2018 +0200
# Node ID
onsideration, perhaps a configuration option of:
starttls dedicated;
With the proposed patch would meet both a use case and RFC requirement
aspect.Thanks,
Nathan
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
..", which you can find on the internet.
But my settings seems right:
PHP:
> chroot = /test/website/example.com/Files
Nginx example.conf:
> root /test/website/example.com/Files;
> ...
> location ~ \.php$
> {
> try_files $uri =404;
> fastcgi_param SCRIPT_FILENAME $fastcgi_
ks for the clarification.
Gesendet mittels einer sicheren E-Mail von Proton Mail.
--- Original Message ---
Maxim Dounin schrieb am Sonntag, 29. Mai 2022 um 03:45:
> Hello!
>
> On Sat, May 28, 2022 at 12:38:45PM +, Dimitri via nginx-devel wrote:
>
> > Hi,
> >
> >
I've received your email and will will reply to you as soon as possible after the vacation.This is an auto reply email from QQ Mail.___
nginx-devel mailing list -- [email protected]
To unsubscribe send an email to nginx-dev
50,8 +464,6 @@
}
}
-slcf = ngx_http_get_module_loc_conf(r, ngx_http_ssi_filter_module);
-
while (ctx->in || ctx->buf) {
if (ctx->buf == NULL) {
___
nginx-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Hi Maxim,
Thanks for the quick reply.
> It looks like an attempt to fix ticket #1263
> (https://trac.nginx.org/nginx/ticket/1263). I've linked this
> thread to the ticket. It might be a good idea to add a reference
> into commit log.
I encountered this problem building my own w
*captures_data;
#endif
+unsigned is_main:1;
unsigned conditional:2;
unsigned encoding:2;
unsigned block:1;
___
nginx-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
ebian package maintainers for the patching of Debian 11 bullseye, if this patch
is now accepted by NGINX.
Thanks again for your attention and patience.
Ciel
___
nginx-devel mailing list -- [email protected]
To unsubscribe send an email to nginx-dev
.h Mon Nov 21 19:21:15
2022 +0800
@@ -71,6 +71,7 @@
u_char *captures_data;
#endif
+unsigned shared:1;
unsigned conditional:2;
unsigned encoding:2;
unsigned block:1;
___
nginx-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
x_event_openssl.h
--- a/src/event/ngx_event_openssl.h Fri Nov 04 19:12:19 2016 +0300
+++ b/src/event/ngx_event_openssl.h Sat Nov 05 23:13:12 2016 +0100
@@ -118,8 +118,8 @@
typedef struct {
u_char name[16];
- u_char aes_key[16];
-u_char hmac_key[16];
+u_char aes_key[32];
+u_char hmac_key[32];
} ngx_ssl_session_ticket_key_t;
#endif
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
with AES256).
Whether or not we want to support both is up to Maxim, but considering
that this is "advanced" feature, which users are expected to know how
to generate new keys, I'd recommend that NGINX should migrate to 80
byte files for use with AES256, without backward-compatibili
80
> byte files (for use with AES256) or both: 48 byte files (for use with
> AES128) & 80 byte files (for use with AES256).
>
> Whether or not we want to support both is up to Maxim, but considering
> that this is "advanced" feature, which users are expected to know
ity of Session Tickets.
If backward compatibility isn't a thing, the patch gets a bit simpler.
All the better. Let me send and updated variant.
Best regards,
Christian
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
enssl.h Fri Nov 04 19:12:19 2016 +0300
+++ b/src/event/ngx_event_openssl.h Sun Nov 06 22:45:39 2016 +0100
@@ -118,8 +118,8 @@
typedef struct {
u_char name[16];
-u_char aes_key[16];
-u_char hmac_key[16];
+ u_
age)
Best regards,
Christian
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
r, NULL, key[i].aes_key, iv) != 1)
> {
> diff -r 92ad1c92bcf9 -r 9cfbbce1ec24 src/event/ngx_event_openssl.h
> --- a/src/event/ngx_event_openssl.h Fri Nov 04 19:12:19 2016 +0300
> +++ b/src/event/ngx_event_openssl.h Sun Nov 06 22:45:39 2016 +0100
> @@ -118,8 +118,8 @@
>
> typedef struct {
> u_char name[16];
> -u_char aes_key[16];
> -u_char hmac_key[16];
> +u_char aes_key[32];
> +u_char hmac_key[32];
> } ngx_ssl_session_ticket_key_t;
>
> #endif
We might change the order here as well (name, hmac_key, aes_key).
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
aes_key[16];
-u_char hmac_key[16];
+u_char hmac_key[32];
+u_char aes_key[32];
} ngx_ssl_session_ticket_key_t;
#endif
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hey Maxim,
> How is that related to the commit in question?
>
> Please note that I pinged you on 3 out of 6 commits, which I'm
> interested in getting in, regardless of ngx_ssl_verify_client() &
> friends.
Ping.
Best regards,
Piotr Sikora
_
quot;http_429" parameter to "proxy_next_upstream" for retrying
> rate-limited requests, and to "proxy_cache_use_stale" for serving stale
> cached responses after being rate-limited.
Ping.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hello Shuxin,
I have seen the same issue before. As far as I can tell this is simply a
bug instead of by design (correct me if I'm wrong). I can also confirm that
nginx will leave behind the listening socket file when terminated with
SIGQUIT. There has been a bug report opened more than a
Hi Maxim,
Thanks for the explanation. Regarding a), what about checking and making
sure the type of file is actually a socket before removing? Obviously it
does not prevent NGINX from deleting sockets created by other processes but
it's a much smaller issue compared to deleting arbitrary
shutdown by using
ngx_close_listening_sockets() to close them.
This fixes https://trac.nginx.org/nginx/ticket/753
diff -r 75dbab4ea930 -r 1b7a6785d1f3 src/os/unix/ngx_process_cycle.c
--- a/src/os/unix/ngx_process_cycle.c Mon Nov 21 16:03:42 2016 +0300
+++ b/src/os/unix/ngx_process_cycle.c Fri Dec
PROCESS_MASTER
-&& ngx_new_binary == 0)
+&& ngx_new_binary == 0
+&& getppid() == 1)
{
u_char *name = ls[i].addr_text.data + sizeof("unix:") - 1;
--
Datong Sun
[email protected]
___
ngi
asn1time);
-len = BIO_get_mem_data(bio, &value);
+len = BIO_get_mem_data(bio, (char **) &value);
time = ngx_parse_http_time(value, len);
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hey Maxim,
> details: http://hg.nginx.org/nginx/rev/e75e854657ba
> branches:
> changeset: 6817:e75e854657ba
> user: Maxim Dounin
> date: Mon Dec 05 22:23:23 2016 +0300
> description:
> SSL: $ssl_curves (ticket #1088).
>
> The variable contains a list of
amp;value);
time = ngx_parse_http_time(value, len);
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hey Maxim,
> If the goal is to fix the call, shouldn't identical one in
> src/event/ngx_event_openssl_stapling.c be fixed as well?
Good catch, thanks!
Best regards,
Piotr Sikora
___
nginx-devel mailing list
nginx-devel@ngi
Hello,
I noticed that nginx does not check x509v3 certificates ( in
event/ngx_event_openssl.c::ngx_ssl_get_client_verify as an example ) to see
that the optional extended key usage settings are correct. I have a patch
for this that I would like to contribute, but I'm unable to find
contrib
Is HTTP/2 proxy support planned ?
-Sreekanth
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
quot;http_429" parameter to "proxy_next_upstream" for retrying
> rate-limited requests, and to "proxy_cache_use_stale" for serving stale
> cached responses after being rate-limited.
Ping.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
.
+
+###
+
+use warnings;
+use strict;
+
+use Test::More;
+
+BEGIN { use FindBin; chdir($FindBin::Bin); }
+
+use lib 'lib';
+use Test::Nginx qw/ :DEFAULT http_end /;
+
+###
+
+select STDERR; $| = 1;
+select STDOUT; $| = 1
I noticed there was no test suite for this new feature. I’m not expecting my
patch to be approved as time-based tests slow down test suites - but I think it
warrants some testing.
I have a conflicting requirement that isn’t easily supported by nginx
currently; I want to enable
= 1;
+v->no_cacheable = 0;
+v->not_found = 0;
+v->data = r->schema_start;
+
+return NGX_OK;
+}
+
#if (NGX_HTTP_SSL)
if (r->connection->ssl) {
_______
nginx-devel mailing list
[email protected]
Hi everyone,
I am looking for a module which does the authentication/access control for
reverse proxy (preferable `nginx`). This module should do:
1. user authentication using credential stored in database (such as
postgres)
2. Monitoring the ongoing connection and take action if
quot;http_429" parameter to "proxy_next_upstream" for retrying
> rate-limited requests, and to "proxy_cache_use_stale" for serving stale
> cached responses after being rate-limited.
Ping...
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
+
+return NGX_OK;
+}
+
+return ngx_http_variable_scheme(r, v, data);
+}
+
+
+static ngx_int_t
ngx_http_variable_connection(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
___
nginx-devel mailing list
[email protected]
tring, /* 424 */
+ngx_null_string, /* 425 */
+ngx_null_string, /* 426 */
+ngx_null_string, /* 427 */
+ngx_null_string, /* 428 */
+ngx_string(ngx_http_error_429_page),
-#define NGX_HTT
NGX_HTTP_SERVICE_UNAVAILABLE);
+ NGX_HTTP_TOO_MANY_REQUESTS);
return NGX_CONF_OK;
}
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
OFF 0x8000
@@ -38,7 +39,8 @@
|NGX_HTTP_UPSTREAM_FT_HTTP_503 \
|NGX_HTTP_UPSTREAM_FT_HTTP_504 \
|NGX_HTTP_UPSTREAM_FT_HTTP_403 \
- |NGX_HTTP_UPSTREAM_
ng limit_req limits, or a logged in user that's rate-limited
based on API usage), so I'd question marking backends as failed
because of that.
Best regards,
Piotr Sikora
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
reasoning for your
(possibly correct) opinion.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hello!
Looks like to me that the original patch does what it's supposed to do
(when combined with http://hg.nginx.org/nginx/rev/3069dd358ba2). Here is my
understanding:
Before this patch, an active connection could potentially delay shutdown
indefinitely due to the presence of connection re
tring, /* 424 */
+ngx_null_string, /* 425 */
+ngx_null_string, /* 426 */
+ngx_null_string, /* 427 */
+ngx_null_string, /* 428 */
+ngx_string(ngx_http_error_429_page),
-#define NGX_HTT
|NGX_HTTP_UPSTREAM_FT_HTTP_503 \
|NGX_HTTP_UPSTREAM_FT_HTTP_504 \
|NGX_HTTP_UPSTREAM_FT_HTTP_403 \
- |NGX_HTTP_UPSTREAM_FT_HTTP_404)
+ |NGX_HTTP_UP
Hey Maxim,
> Sure, but why one would use "proxy_next_upstream http_429" then?
>
> If one of your backends reject a requests based on client's IP /
> login, then you probably don't want nginx to retry such a request
> on other servers, as this will just allow
ttp_request_t *r);
+ngx_int_t ngx_http_eval_trailers(ngx_http_request_t *r);
ngx_int_t ngx_http_discard_request_body(ngx_http_request_t *r);
diff -r a0f291f0a903 -r 6d878f4585b9 src/http/v2/ngx_http_v2_filter_module.c
--- a/src/http/v2/ngx_http_v2_filter_module.c
+++ b/src/http/v2/ngx_http_v2_filter_module.c
@@ -667,6 +667,10 @@ ngx_http_v2_create_trailers_frame(ngx_ht
ngx_table_elt_t *header;
ngx_http_v2_out_frame_t *frame;
+if (ngx_http_eval_trailers(r) != NGX_OK) {
+return NGX_HTTP_V2_FRAME_ERROR;
+}
+
len = 0;
tmp_len = 0;
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
ide_headers_hash;
ngx_array_t *hide_headers;
ngx_array_t *pass_headers;
+ngx_flag_t pass_trailers;
ngx_http_upstream_local_t *local;
@@ -248,6 +249,7 @@ typedef struct {
typedef struct {
ngx_list_t
x_http_v2_filter_get_data_frame(stream, frame_size, out, cl);
-if (frame == NULL) {
-return NGX_CHAIN_ERROR;
+if (cl->buf->last_buf && r->allow_trailers && r->expect_trailers) {
+trailers = ngx_http_v2_create_trailers_frame(r);
+
TP_V2_SIZE_ERROR);
+return ngx_http_v2_connection_error(h2c,
+NGX_HTTP_V2_PROTOCOL_ERROR);
}
h2c->state.length -= h2c->state.padding;
___
nginx-devel mailing list
nginx-deve
andle_frame(stream, frame);
ngx_http_v2_handle_stream(h2c, stream);
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
n ngx_http_v2_connection_error(h2c,
+
NGX_HTTP_V2_PROTOCOL_ERROR);
+}
+
+break;
+
case NGX_HTTP_V2_INIT_WINDOW_SIZE_SETTING:
if (value > NGX_HTTP_V2_MAX_WINDOW) {
_______
flags = NGX_HTTP_V2_NO_FLAG;
continue;
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
out)->next) {
+
if ((*out)->blocked || (*out)->stream == NULL) {
break;
}
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
ction_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+}
+
if (window > NGX_HTTP_V2_MAX_WINDOW - h2c->send_window) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client violated connection flow control: "
___
, stream->recv_window);
if (ngx_http_v2_terminate_stream(h2c, stream,
NGX_HTTP_V2_FLOW_CTRL_ERROR)
@@ -871,7 +873,7 @@ ngx_http_v2_state_data(ngx_http_v2_conne
return ngx_http_v2_state_skip_padded(h2c, pos, end);
}
-stream->recv_window -=
, 0,
+ "client closed stream %ui", h2c->state.sid);
+break;
+
case NGX_HTTP_V2_CANCEL:
ngx_log_error(NGX_LOG_INFO, fc->log, 0,
"client canceled stream %ui", h2c->state.sid);
___
c const u_char ending[] = " HTTP/2.0";
if (r->method_name.len == 0
+|| r->schema_start == NULL
|| r->unparsed_uri.len == 0)
{
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
return ngx_http_v2_state_skip(h2c, pos, end);
}
+ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 send PING frame ack:1");
+
frame = ngx_http_v2_get_frame(h2c, NGX_HTTP_V2_PING_SIZE,
NGX_
| (stream->in_closed && stream->preread == NULL))
+{
r->request_body_no_buffering = 0;
post_handler(r);
return NGX_OK;
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
r->headers_in.connection_type = NGX_HTTP_CONNECTION_CLOSE;
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
ipient MUST treat this as a
connection error (Section 5.4.1) of type PROTOCOL_ERROR.
and matching code makes it easier to avoid off-by-one errors while
mentally translating this logic to the code.
Also, doing "h2c->state.padding > h2c->state.length" check and using
"size
.
Good catch, thanks! I'll send fixed version shortly.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hey Valentin,
> Is there any practical reason for the check considering that
> the value is ignored anyway?
None, other than following RFC and providing early detection of broken clients.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
ing early detection of broken clients.
Also, it looks that you have a test for it marked as TODO:
http://hg.nginx.org/nginx-tests/annotate/a6abbfed42c0/h2_headers.t#l972
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mai
nt 0");
+
+return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_PROTOCOL_ERROR);
+}
+
if (window > NGX_HTTP_V2_MAX_WINDOW - h2c->send_window) {
ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
"client violated connection flow control: "
__
WINDOW_UPDATE frame "
> + "with incorrect window increment 0");
I don't think that omitting Stream ID is a good idea.
Looks good, otherwise.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
popular clients doing this right now.
Best regards,
Piotr Sikora
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
e first
place.
Best regards,
Piotr Sikora
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
t;last_out; *out; out = &(*out)->next)
-{
+for (out = &h2c->last_out; *out; out = &(*out)->next) {
+
if ((*out)->blocked || (*out)->stream == NULL) {
break;
}
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
.len == 0
+|| r->schema_start == NULL
|| r->unparsed_uri.len == 0)
{
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
ith headers is produced.
In case of HTTP/2, two buffers are produced: one with headers and one
empty with last_buf = 1.
> Note, that in case of HTTP/1.x it always allocates r->request_body
> for the main request unless r->discard_body is set.
>
> Even if it doesn't break some
ULL) {
+r->request_body_no_buffering = 0;
+post_handler(r);
+return NGX_OK;
+}
+
h2scf = ngx_http_get_module_srv_conf(r, ngx_http_v2_module);
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
___
nginx-deve
Hey Maxim,
> How does google.com as a service behave with such clients?
It sends RST_STREAM with PROTOCOL_ERROR.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
x_http_v2_filter_get_data_frame(stream, frame_size, out, cl);
-if (frame == NULL) {
-return NGX_CHAIN_ERROR;
+if (cl->buf->last_buf && r->allow_trailers && r->expect_trailers) {
+trailers = ngx_http_v2_create_trailers_frame(r);
+
ttp_request_t *r);
+ngx_int_t ngx_http_eval_trailers(ngx_http_request_t *r);
ngx_int_t ngx_http_discard_request_body(ngx_http_request_t *r);
diff -r 8af81a0d66c0 -r 5bab17ebe2b1 src/http/v2/ngx_http_v2_filter_module.c
--- a/src/http/v2/ngx_http_v2_filter_module.c
+++ b/src/http/v2/ngx_http_v2_filter_module.c
@@ -667,6 +667,10 @@ ngx_http_v2_create_trailers_frame(ngx_ht
ngx_table_elt_t *header;
ngx_http_v2_out_frame_t *frame;
+if (ngx_http_eval_trailers(r) != NGX_OK) {
+return NGX_HTTP_V2_FRAME_ERROR;
+}
+
len = 0;
tmp_len = 0;
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
{
ngx_hash_t hide_headers_hash;
ngx_array_t *hide_headers;
ngx_array_t *pass_headers;
+ngx_flag_t pass_trailers;
ngx_http_upstream_local_t *local;
@@ -248,6 +249,7 @@ typedef struct
so that "Trailer" header is only forwarded with trailers.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
rame MAX_FRAME_SIZE:%ud",
+ NGX_HTTP_V2_MAX_FRAME_SIZE);
+
buf->last = ngx_http_v2_write_uint16(buf->last,
NGX_HTTP_V2_MAX_FRAME_SIZE_SETTING);
buf->last = ngx_http_v2_write_uint32(buf->last,
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "http2 http header: \":%V: %V\"",
+ &header->name, &header->value);
+
return ngx_http_v2_state_header_complete(h2c, pos, end);
}
___
rs and control frames.
>
> Signed-off-by: Piotr Sikora
This was split into:
http://mailman.nginx.org/pipermail/nginx-devel/2017-April/009767.html
http://mailman.nginx.org/pipermail/nginx-devel/2017-April/009768.html
Best regards,
Piotr Sikora
___
nginx-dev
> clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
>
Any thoughts on the updated patch? Thanks!
Best regards,
Piotr Sikora
_______
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
trailers must set r->expect_trailers = 1,
> otherwise they are going to be ignored.
>
> This change also adds $sent_trailer_* variables.
>
> Signed-off-by: Piotr Sikora
Ping.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
ser-agent: nghttp2/1.21.0-DEV"
The ":" prefix already indicates those are pseudo-headers, and because
of different alignment, all the alternatives make them look like
unrelated things.
This might be just a matter of taste, though, so if you feel strongly
about one of the alternatives, then I can change it, just please be
explicit about it.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
transcript of HTTP/2 exchange,
which can be shared with people that don't use NGINX, in which case
having SETTINGS values there is critical.
Actually, I have local patch that adds even more debugging for
SETTINGS frame (I'll squash it into this one and send to the mailing
list shortly).
[1] b
NGX_HTTP_V2_INIT_WINDOW_SIZE_SETTING);
buf->last = ngx_http_v2_write_uint32(buf->last, h2scf->preread_size);
+ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 send SETTINGS frame MAX_FRAME_SIZE:%ud",
+ NGX_HTTP_V2_MAX_FRAME_SIZE);
+
buf->last = ngx_http_v2_write_uint16(buf->last,
NGX_HTTP_V2_MAX_FRAME_SIZE_SETTING);
buf->last = ngx_http_v2_write_uint32(buf->last,
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
your patches work as well, so feel free to commit any of those.
Thanks!
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
&header->name, &header->value);
+
return ngx_http_v2_state_header_complete(h2c, pos, end);
}
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
_INTERNAL_ERROR);
+}
+}
+
return ngx_http_v2_state_complete(h2c, pos, end);
}
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
;
}
+ngx_http_v2_send_settings(h2c, 1);
+
if (adjustment) {
if (ngx_http_v2_adjust_windows(h2c, adjustment) != NGX_OK) {
return ngx_http_v2_connection_error(h2c,
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman
buf->last = ngx_http_v2_write_uint32(buf->last,
+ NGX_HTTP_V2_MAX_FRAME_SIZE);
ngx_http_v2_queue_blocked_frame(h2c, frame);
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
;
+}
+
+
void ngx_http_v2_init(ngx_event_t *rev);
void ngx_http_v2_request_headers_init(void);
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
quot;",
+ &header->name, &header->value);
+
return ngx_http_v2_state_header_complete(h2c, pos, end);
}
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
pdated.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx-devel
1 - 100 of 511 matches
Mail list logo
