nginx.git/src/http/v2, branch release-1.19.9 nginx HTTP/2: improved handling of "keepalive_timeout 0". 2021-03-25T22:44:57+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-25T22:44:57+00:00 1f5271cd61a102514070c0d22ce5001cf0a70d61 Without explicit handling, a zero timer was actually added, leading to multiple unneeded syscalls. Further, sending GOAWAY frame early might be beneficial for clients. Reported by Sergey Kandaurov. 
Without explicit handling, a zero timer was actually added, leading to
multiple unneeded syscalls.  Further, sending GOAWAY frame early might
be beneficial for clients.

Reported by Sergey Kandaurov.
HTTP/2: client_header_timeout before first request (ticket #2142). 2021-03-01T14:31:28+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-01T14:31:28+00:00 0f5d0c5798eacb60407bcf0a76fc0b2c39e356bb With this change, behaviour of HTTP/2 becomes even closer to HTTP/1.x, and client_header_timeout instead of keepalive_timeout is used before the first request is received. This fixes HTTP/2 connections being closed even before the first request if "keepalive_timeout 0;" was used in the configuration; the problem appeared in f790816a0e87 (1.19.7). 
With this change, behaviour of HTTP/2 becomes even closer to HTTP/1.x,
and client_header_timeout instead of keepalive_timeout is used before
the first request is received.

This fixes HTTP/2 connections being closed even before the first request
if "keepalive_timeout 0;" was used in the configuration; the problem
appeared in f790816a0e87 (1.19.7).
HTTP/2: removed http2_max_field_size and http2_max_header_size. 2021-02-11T18:52:26+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:26+00:00 51fea093e4374dbd857dc437ff9588060ef56471 Instead, size of one large_client_header_buffers buffer and all large client header buffers are used. 
Instead, size of one large_client_header_buffers buffer and all large
client header buffers are used.
HTTP/2: keepalive_timeout now armed once between requests. 2021-02-11T18:52:24+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:24+00:00 94567a8f849c02c70ee7f51307fa0372c94c925b Previously, PINGs and other frames extended possible keepalive time, making it possible to keep an open HTTP/2 connection for a long time. Now the connection is always closed as long as keepalive_timeout expires, similarly to how it happens in HTTP/1.x. Note that as a part of this change, incomplete frames are no longer trigger a separate timeout, so http2_recv_timeout (replaced by client_header_timeout in previous patches) is essentially cancelled. The client_header_timeout is, however, used for SSL handshake and while reading HEADERS frames. 
Previously, PINGs and other frames extended possible keepalive time,
making it possible to keep an open HTTP/2 connection for a long time.
Now the connection is always closed as long as keepalive_timeout expires,
similarly to how it happens in HTTP/1.x.

Note that as a part of this change, incomplete frames are no longer
trigger a separate timeout, so http2_recv_timeout (replaced by
client_header_timeout in previous patches) is essentially cancelled.
The client_header_timeout is, however, used for SSL handshake and
while reading HEADERS frames.
HTTP/2: removed http2_idle_timeout and http2_max_requests. 2021-02-11T18:52:23+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:23+00:00 49ab3312448495f0ee8e00143a29624dde46ef5c Instead, keepalive_timeout and keepalive_requests are now used. This is expected to simplify HTTP/2 code and usage. This also matches directives used by upstream module for all protocols. In case of default settings, this effectively changes maximum number of requests per connection from 1000 to 100. This looks acceptable, especially given that HTTP/2 code now properly supports lingering close. Further, this changes default keepalive timeout in HTTP/2 from 300 seconds to 75 seconds. This also looks acceptable, and larger than PING interval used by Firefox (network.http.spdy.ping-threshold defaults to 58s), the only browser to use PINGs. 
Instead, keepalive_timeout and keepalive_requests are now used.  This
is expected to simplify HTTP/2 code and usage.  This also matches
directives used by upstream module for all protocols.

In case of default settings, this effectively changes maximum number
of requests per connection from 1000 to 100.  This looks acceptable,
especially given that HTTP/2 code now properly supports lingering close.

Further, this changes default keepalive timeout in HTTP/2 from 300 seconds
to 75 seconds.  This also looks acceptable, and larger than PING interval
used by Firefox (network.http.spdy.ping-threshold defaults to 58s),
the only browser to use PINGs.
HTTP/2: removed http2_recv_timeout. 2021-02-11T18:52:20+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:20+00:00 d18e066d650bff39f1705d3038804873584007af Instead, the client_header_timeout is now used for HTTP/2 reading. Further, the timeout is changed to be set once till no further data left to read, similarly to how client_header_timeout is used in other places. 
Instead, the client_header_timeout is now used for HTTP/2 reading.
Further, the timeout is changed to be set once till no further data
left to read, similarly to how client_header_timeout is used in other
places.
HTTP/2: removed SPDY directives handling. 2021-02-11T18:52:19+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:19+00:00 e82939206dc80a392ecc685013dc98691d9d2f06 The spdy_* directives are not available since introduction of HTTP/2 module in nginx 1.9.5 more than five years ago. 
The spdy_* directives are not available since introduction of HTTP/2 module
in nginx 1.9.5 more than five years ago.
HTTP/2: fixed reusing connections with active requests. 2021-02-11T18:52:17+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:17+00:00 797a2dc7cf970d2ee7523ec1f276156c5ea16b01 New connections are marked reusable by ngx_http_init_connection() if there are no data available for reading. As a result, if SSL is not used, ngx_http_v2_init() might be called when the connection is marked reusable. If a HEADERS frame is immediately available for reading, this resulted in connection being preserved in reusable state with an active request, and possibly closed later as if during worker shutdown (that is, after all active requests were finalized). Fix is to explicitly mark connections non-reusable in ngx_http_v2_init() instead of (incorrectly) assuming they are already non-reusable. Found by Sergey Kandaurov. 
New connections are marked reusable by ngx_http_init_connection() if there
are no data available for reading.  As a result, if SSL is not used,
ngx_http_v2_init() might be called when the connection is marked reusable.
If a HEADERS frame is immediately available for reading, this resulted
in connection being preserved in reusable state with an active request,
and possibly closed later as if during worker shutdown (that is, after
all active requests were finalized).

Fix is to explicitly mark connections non-reusable in ngx_http_v2_init()
instead of (incorrectly) assuming they are already non-reusable.

Found by Sergey Kandaurov.
HTTP/2: reuse of connections with incomplete frames. 2021-02-11T18:52:12+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:12+00:00 76672e6500c1a51905c9366f7c833ea58f351bc4 Prodded by Taewoo Kim. 
Prodded by Taewoo Kim.
Reuse of connections in lingering close. 2021-02-11T18:52:09+00:00 Maxim Dounin mdounin@mdounin.ru 2021-02-11T18:52:09+00:00 fb2a2152d756f23ce191ab109116585f90acf087 This is particularly important in HTTP/2, where keepalive connections are closed with lingering. Before the patch, reusing a keepalive HTTP/2 connection resulted in the connection waiting for lingering close to remain in the reusable connections queue, preventing ngx_drain_connections() from closing additional connections. The patch fixes it by marking the connection reusable again, and so moving it in the reusable connections queue. Further, it makes actually possible to reuse such connections if needed. 
This is particularly important in HTTP/2, where keepalive connections
are closed with lingering.  Before the patch, reusing a keepalive HTTP/2
connection resulted in the connection waiting for lingering close to
remain in the reusable connections queue, preventing ngx_drain_connections()
from closing additional connections.

The patch fixes it by marking the connection reusable again, and so
moving it in the reusable connections queue.  Further, it makes actually
possible to reuse such connections if needed.