nginx.git/src/http, branch release-1.10.2 nginx HTTP/2: flushing of the SSL buffer in transition to the idle state. 2016-07-19T17:34:17+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:34:17+00:00 73d5e87a2b0dc4b8ea138fbee7917f9f1deaa0f9 It fixes potential connection leak if some unsent data was left in the SSL buffer. Particularly, that could happen when a client canceled the stream after the HEADERS frame has already been created. In this case no other frames might be produced and the HEADERS frame alone didn't flush the buffer. 
It fixes potential connection leak if some unsent data was left in the SSL
buffer.  Particularly, that could happen when a client canceled the stream
after the HEADERS frame has already been created.  In this case no other
frames might be produced and the HEADERS frame alone didn't flush the buffer.
HTTP/2: refactored ngx_http_v2_send_output_queue(). 2016-07-19T17:34:02+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:34:02+00:00 010321e6054fea211659e8f2b7bf7e08d2bb48bf Now it returns NGX_AGAIN if there's still data to be sent. 
Now it returns NGX_AGAIN if there's still data to be sent.
HTTP/2: fixed send timer handling. 2016-07-19T17:31:09+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:31:09+00:00 c64c12cae5c907ef90afffd6611cea4a752338b3 Checking for return value of c->send_chain() isn't sufficient since there are data can be left in the SSL buffer. Now the wew->ready flag is used instead. In particular, this fixed a connection leak in cases when all streams were closed, but there's still some data to be sent in the SSL buffer and the client forgot about the connection. 
Checking for return value of c->send_chain() isn't sufficient since there
are data can be left in the SSL buffer.  Now the wew->ready flag is used
instead.

In particular, this fixed a connection leak in cases when all streams were
closed, but there's still some data to be sent in the SSL buffer and the
client forgot about the connection.
HTTP/2: avoid sending output queue if there's nothing to send. 2016-07-19T17:30:21+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:30:21+00:00 6ebe94522a07e294121c8bbbe68e6215345aeba5 Particularly this fixes alerts on OS X and NetBSD systems when HTTP/2 is configured over plain TCP sockets. On these systems calling writev() with no data leads to EINVAL errors being logged as "writev() failed (22: Invalid argument) while processing HTTP/2 connection". 
Particularly this fixes alerts on OS X and NetBSD systems when HTTP/2 is
configured over plain TCP sockets.

On these systems calling writev() with no data leads to EINVAL errors
being logged as "writev() failed (22: Invalid argument) while processing
HTTP/2 connection".
HTTP/2: always handle streams in error state. 2016-07-19T17:22:44+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:22:44+00:00 b034effaf5bdc28a0fff25fd2f24eb3fb84a3b56 Previously, a stream could be closed by timeout if it was canceled while its send window was exhausted. 
Previously, a stream could be closed by timeout if it was canceled
while its send window was exhausted.
HTTP/2: prevented output of the HEADERS frame for canceled streams. 2016-07-19T17:22:44+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:22:44+00:00 8c1a6ae2ad4612f8e2365b0c2568223ae49dbf33 It's useless to generate HEADERS if the stream has been canceled already. 
It's useless to generate HEADERS if the stream has been canceled already.
HTTP/2: always send GOAWAY while worker is shutting down. 2016-07-19T17:22:44+00:00 Valentin Bartenev vbart@nginx.com 2016-07-19T17:22:44+00:00 e1d2701785d4a48da615cb53c48907bfffc4155b Previously, if the worker process exited, GOAWAY was sent to connections in idle state, but connections with active streams were closed without GOAWAY. 
Previously, if the worker process exited, GOAWAY was sent to connections in
idle state, but connections with active streams were closed without GOAWAY.
Sub filter: eliminate unnecessary buffering. 2016-07-02T12:59:53+00:00 Roman Arutyunyan arut@nginx.com 2016-07-02T12:59:53+00:00 5eaf2be27f04670a650cebf654e382951d5e5e57 Previously, when a buffer was processed by the sub filter, its final bytes could be buffered by the filter even if they don't match any pattern. This happened because the Boyer-Moore algorithm, employed by the sub filter since b9447fc457b4 (1.9.4), matches the last characters of patterns prior to checking other characters. If the last character is out of scope, initial bytes of a potential match are buffered until the last character is available. Now, after receiving a flush or recycled buffer, the filter performs additional checks to reduce the number of buffered bytes. The potential match is checked against the initial parts of all patterns. Non-matching bytes are not buffered. This improves processing of a chunked response from upstream by sending the entire chunks without buffering unless a partial match is found at the end of a chunk. 
Previously, when a buffer was processed by the sub filter, its final bytes
could be buffered by the filter even if they don't match any pattern.
This happened because the Boyer-Moore algorithm, employed by the sub filter
since b9447fc457b4 (1.9.4), matches the last characters of patterns prior to
checking other characters.  If the last character is out of scope, initial
bytes of a potential match are buffered until the last character is available.

Now, after receiving a flush or recycled buffer, the filter performs
additional checks to reduce the number of buffered bytes.  The potential match
is checked against the initial parts of all patterns.  Non-matching bytes are
not buffered.  This improves processing of a chunked response from upstream
by sending the entire chunks without buffering unless a partial match is found
at the end of a chunk.
Sub filter: introduced the ngx_http_sub_match() function. 2016-07-02T12:59:52+00:00 Roman Arutyunyan arut@nginx.com 2016-07-02T12:59:52+00:00 c0f65982357909598968abfe923e54205bf5cda3 No functional changes. 
No functional changes.
HTTP/2: fixed the "http request count is zero" alert. 2016-06-16T17:55:11+00:00 Valentin Bartenev vbart@nginx.com 2016-06-16T17:55:11+00:00 5cf695f82794d6d87e31a8fbbe0cac4f42e53289 When the stream is terminated the HEADERS frame can still wait in the output queue. This frame can't be removed and must be sent to the client anyway, since HTTP/2 uses stateful compression for headers. So in order to postpone closing and freeing memory of such stream the special close stream handler is set to the write event. After the HEADERS frame is sent the write event is called and the stream will be finally closed. Some events like receiving a RST_STREAM can trigger the read handler of such stream in closing state and cause unexpected processing that can result in another attempt to finalize the request. To prevent it the read handler is now set to ngx_http_empty_handler. Thanks to Amazon. 
When the stream is terminated the HEADERS frame can still wait in the output
queue.  This frame can't be removed and must be sent to the client anyway,
since HTTP/2 uses stateful compression for headers.  So in order to postpone
closing and freeing memory of such stream the special close stream handler
is set to the write event.  After the HEADERS frame is sent the write event
is called and the stream will be finally closed.

Some events like receiving a RST_STREAM can trigger the read handler of such
stream in closing state and cause unexpected processing that can result in
another attempt to finalize the request.  To prevent it the read handler is
now set to ngx_http_empty_handler.

Thanks to Amazon.