nginx.git/src/http/v2, branch release-1.19.10 nginx Introduced the "keepalive_time" directive. 2021-04-07T21:15:48+00:00 Maxim Dounin mdounin@mdounin.ru 2021-04-07T21:15:48+00:00 d9996d6f27150bfb9c9c00d77fac940712aa1d28 Similar to lingering_time, it limits total connection lifetime before keepalive is switched off. The default is 1 hour, which is close to the total maximum connection lifetime possible with default keepalive_requests and keepalive_timeout. 
Similar to lingering_time, it limits total connection lifetime before
keepalive is switched off.  The default is 1 hour, which is close to
the total maximum connection lifetime possible with default
keepalive_requests and keepalive_timeout.
HTTP/2: relaxed PRIORITY frames limit. 2021-04-06T23:03:29+00:00 Maxim Dounin mdounin@mdounin.ru 2021-04-06T23:03:29+00:00 5599731c00bd152f765c7cea24a7d257bf13320c Firefox uses several idle streams for PRIORITY frames[1], and "http2_max_concurrent_streams 1;" results in "client sent too many PRIORITY frames" errors when a connection is established by Firefox. Fix is to relax the PRIORITY frames limit to use at least 100 as the initial value (which is the recommended by the HTTP/2 protocol minimum limit on the number of concurrent streams, so it is not unreasonable for clients to assume that similar number of idle streams can be used for prioritization). [1] https://hg.mozilla.org/mozilla-central/file/32a9e6e145d6e3071c3993a20bb603a2f388722b/netwerk/protocol/http/Http2Stream.cpp#l1270 
Firefox uses several idle streams for PRIORITY frames[1], and
"http2_max_concurrent_streams 1;" results in "client sent too many
PRIORITY frames" errors when a connection is established by Firefox.

Fix is to relax the PRIORITY frames limit to use at least 100 as
the initial value (which is the recommended by the HTTP/2 protocol
minimum limit on the number of concurrent streams, so it is not
unreasonable for clients to assume that similar number of idle streams
can be used for prioritization).

[1] https://hg.mozilla.org/mozilla-central/file/32a9e6e145d6e3071c3993a20bb603a2f388722b/netwerk/protocol/http/Http2Stream.cpp#l1270
HTTP/2: improved handling of "keepalive_timeout 0". 2021-03-25T22:44:57+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-25T22:44:57+00:00 1f5271cd61a102514070c0d22ce5001cf0a70d61 Without explicit handling, a zero timer was actually added, leading to multiple unneeded syscalls. Further, sending GOAWAY frame early might be beneficial for clients. Reported by Sergey Kandaurov. 
Without explicit handling, a zero timer was actually added, leading to
multiple unneeded syscalls.  Further, sending GOAWAY frame early might
be beneficial for clients.

Reported by Sergey Kandaurov.
HTTP/2: client_header_timeout before first request (ticket #2142). 2021-03-01T14:31:28+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-01T14:31:28+00:00 0f5d0c5798eacb60407bcf0a76fc0b2c39e356bb With this change, behaviour of HTTP/2 becomes even closer to HTTP/1.x, and client_header_timeout instead of keepalive_timeout is used before the first request is received. This fixes HTTP/2 connections being closed even before the first request if "keepalive_timeout 0;" was used in the configuration; the problem appeared in f790816a0e87 (1.19.7). 
With this change, behaviour of HTTP/2 becomes even closer to HTTP/1.x,
and client_header_timeout instead of keepalive_timeout is used before
the first request is received.

This fixes HTTP/2 connections being closed even before the first request
if "keepalive_timeout 0;" was used in the configuration; the problem
appeared in f790816a0e87 (1.19.7).
HTTP/2: removed http2_max_field_size and http2_max_header_size. 2021-02-11T18:52:26+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:26+00:00 51fea093e4374dbd857dc437ff9588060ef56471 Instead, size of one large_client_header_buffers buffer and all large client header buffers are used. 
Instead, size of one large_client_header_buffers buffer and all large
client header buffers are used.
HTTP/2: keepalive_timeout now armed once between requests. 2021-02-11T18:52:24+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:24+00:00 94567a8f849c02c70ee7f51307fa0372c94c925b Previously, PINGs and other frames extended possible keepalive time, making it possible to keep an open HTTP/2 connection for a long time. Now the connection is always closed as long as keepalive_timeout expires, similarly to how it happens in HTTP/1.x. Note that as a part of this change, incomplete frames are no longer trigger a separate timeout, so http2_recv_timeout (replaced by client_header_timeout in previous patches) is essentially cancelled. The client_header_timeout is, however, used for SSL handshake and while reading HEADERS frames. 
Previously, PINGs and other frames extended possible keepalive time,
making it possible to keep an open HTTP/2 connection for a long time.
Now the connection is always closed as long as keepalive_timeout expires,
similarly to how it happens in HTTP/1.x.

Note that as a part of this change, incomplete frames are no longer
trigger a separate timeout, so http2_recv_timeout (replaced by
client_header_timeout in previous patches) is essentially cancelled.
The client_header_timeout is, however, used for SSL handshake and
while reading HEADERS frames.
HTTP/2: removed http2_idle_timeout and http2_max_requests. 2021-02-11T18:52:23+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:23+00:00 49ab3312448495f0ee8e00143a29624dde46ef5c Instead, keepalive_timeout and keepalive_requests are now used. This is expected to simplify HTTP/2 code and usage. This also matches directives used by upstream module for all protocols. In case of default settings, this effectively changes maximum number of requests per connection from 1000 to 100. This looks acceptable, especially given that HTTP/2 code now properly supports lingering close. Further, this changes default keepalive timeout in HTTP/2 from 300 seconds to 75 seconds. This also looks acceptable, and larger than PING interval used by Firefox (network.http.spdy.ping-threshold defaults to 58s), the only browser to use PINGs. 
Instead, keepalive_timeout and keepalive_requests are now used.  This
is expected to simplify HTTP/2 code and usage.  This also matches
directives used by upstream module for all protocols.

In case of default settings, this effectively changes maximum number
of requests per connection from 1000 to 100.  This looks acceptable,
especially given that HTTP/2 code now properly supports lingering close.

Further, this changes default keepalive timeout in HTTP/2 from 300 seconds
to 75 seconds.  This also looks acceptable, and larger than PING interval
used by Firefox (network.http.spdy.ping-threshold defaults to 58s),
the only browser to use PINGs.
HTTP/2: removed http2_recv_timeout. 2021-02-11T18:52:20+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:20+00:00 d18e066d650bff39f1705d3038804873584007af Instead, the client_header_timeout is now used for HTTP/2 reading. Further, the timeout is changed to be set once till no further data left to read, similarly to how client_header_timeout is used in other places. 
Instead, the client_header_timeout is now used for HTTP/2 reading.
Further, the timeout is changed to be set once till no further data
left to read, similarly to how client_header_timeout is used in other
places.
HTTP/2: removed SPDY directives handling. 2021-02-11T18:52:19+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:19+00:00 e82939206dc80a392ecc685013dc98691d9d2f06 The spdy_* directives are not available since introduction of HTTP/2 module in nginx 1.9.5 more than five years ago. 
The spdy_* directives are not available since introduction of HTTP/2 module
in nginx 1.9.5 more than five years ago.
HTTP/2: fixed reusing connections with active requests. 2021-02-11T18:52:17+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:17+00:00 797a2dc7cf970d2ee7523ec1f276156c5ea16b01 New connections are marked reusable by ngx_http_init_connection() if there are no data available for reading. As a result, if SSL is not used, ngx_http_v2_init() might be called when the connection is marked reusable. If a HEADERS frame is immediately available for reading, this resulted in connection being preserved in reusable state with an active request, and possibly closed later as if during worker shutdown (that is, after all active requests were finalized). Fix is to explicitly mark connections non-reusable in ngx_http_v2_init() instead of (incorrectly) assuming they are already non-reusable. Found by Sergey Kandaurov. 
New connections are marked reusable by ngx_http_init_connection() if there
are no data available for reading.  As a result, if SSL is not used,
ngx_http_v2_init() might be called when the connection is marked reusable.
If a HEADERS frame is immediately available for reading, this resulted
in connection being preserved in reusable state with an active request,
and possibly closed later as if during worker shutdown (that is, after
all active requests were finalized).

Fix is to explicitly mark connections non-reusable in ngx_http_v2_init()
instead of (incorrectly) assuming they are already non-reusable.

Found by Sergey Kandaurov.