update to nghttp2-1.33
This upstream release is currently used by RHEL-8.
This commit is contained in:
Kamil Dudka
parent
62a83efa63
commit
7cb7846cee
|
|
@ -60,7 +60,7 @@ diff --git a/integration-tests/server_tester.go b/integration-tests/server_teste
|
|||
index d145519..1156986 100644
|
||||
--- a/integration-tests/server_tester.go
|
||||
+++ b/integration-tests/server_tester.go
|
||||
@@ -810,7 +810,9 @@ func cloneHeader(h http.Header) http.Header {
|
||||
@@ -662,7 +662,9 @@ func cloneHeader(h http.Header) http.Header {
|
||||
return h2
|
||||
}
|
||||
|
||||
|
|
@ -75,17 +75,17 @@ diff --git a/src/shrpx_downstream.cc b/src/shrpx_downstream.cc
|
|||
index 360a9a9..48db65b 100644
|
||||
--- a/src/shrpx_downstream.cc
|
||||
+++ b/src/shrpx_downstream.cc
|
||||
@@ -142,7 +142,8 @@ Downstream::Downstream(Upstream *upstream, MemchunkPool *mcpool,
|
||||
request_pending_(false),
|
||||
@@ -144,7 +144,8 @@ Downstream::Downstream(Upstream *upstream, MemchunkPool *mcpool,
|
||||
request_header_sent_(false),
|
||||
accesslog_written_(false),
|
||||
- new_affinity_cookie_(false) {
|
||||
+ new_affinity_cookie_(false),
|
||||
new_affinity_cookie_(false),
|
||||
- blocked_request_data_eof_(false) {
|
||||
+ blocked_request_data_eof_(false),
|
||||
+ expect_100_continue_(false) {
|
||||
|
||||
auto &timeoutconf = get_config()->http2.timeout;
|
||||
|
||||
@@ -764,6 +765,11 @@ void Downstream::inspect_http1_request() {
|
||||
@@ -807,6 +808,11 @@ void Downstream::inspect_http1_request() {
|
||||
chunked_request_ = true;
|
||||
}
|
||||
}
|
||||
|
|
@ -97,8 +97,8 @@ index 360a9a9..48db65b 100644
|
|||
}
|
||||
|
||||
void Downstream::inspect_http1_response() {
|
||||
@@ -1052,4 +1058,8 @@ uint32_t Downstream::get_affinity_cookie_to_send() const {
|
||||
return 0;
|
||||
@@ -1103,4 +1109,8 @@ bool Downstream::get_blocked_request_data_eof() const {
|
||||
return blocked_request_data_eof_;
|
||||
}
|
||||
|
||||
+bool Downstream::get_expect_100_continue() const {
|
||||
|
|
@ -110,7 +110,7 @@ diff --git a/src/shrpx_downstream.h b/src/shrpx_downstream.h
|
|||
index c81fcf6..b9a851f 100644
|
||||
--- a/src/shrpx_downstream.h
|
||||
+++ b/src/shrpx_downstream.h
|
||||
@@ -463,6 +463,8 @@ public:
|
||||
@@ -466,6 +466,8 @@ public:
|
||||
EVENT_TIMEOUT = 0x2,
|
||||
};
|
||||
|
||||
|
|
@ -119,10 +119,10 @@ index c81fcf6..b9a851f 100644
|
|||
enum {
|
||||
DISPATCH_NONE,
|
||||
DISPATCH_PENDING,
|
||||
@@ -547,6 +549,8 @@ private:
|
||||
bool accesslog_written_;
|
||||
// true if affinity cookie is generated for this request.
|
||||
bool new_affinity_cookie_;
|
||||
@@ -556,6 +558,8 @@ private:
|
||||
// true if eof is received from client before sending header fields
|
||||
// to backend.
|
||||
bool blocked_request_data_eof_;
|
||||
+ // true if request contains "expect: 100-continue" header field.
|
||||
+ bool expect_100_continue_;
|
||||
};
|
||||
|
|
@ -132,17 +132,17 @@ diff --git a/src/shrpx_http_downstream_connection.cc b/src/shrpx_http_downstream
|
|||
index f50c0f4..85ca947 100644
|
||||
--- a/src/shrpx_http_downstream_connection.cc
|
||||
+++ b/src/shrpx_http_downstream_connection.cc
|
||||
@@ -694,7 +694,8 @@ int HttpDownstreamConnection::push_request_headers() {
|
||||
@@ -698,7 +698,8 @@ int HttpDownstreamConnection::push_request_headers() {
|
||||
// signal_write() when we received request body chunk, and it
|
||||
// enables us to send headers and data in one writev system call.
|
||||
if (connect_method ||
|
||||
if (connect_method || downstream_->get_blocked_request_buf()->rleft() ||
|
||||
- (!req.http2_expect_body && req.fs.content_length == 0)) {
|
||||
+ (!req.http2_expect_body && req.fs.content_length == 0) ||
|
||||
+ downstream_->get_expect_100_continue()) {
|
||||
signal_write();
|
||||
}
|
||||
|
||||
@@ -1142,6 +1143,19 @@ int HttpDownstreamConnection::write_reuse_first() {
|
||||
@@ -1172,6 +1173,19 @@ int HttpDownstreamConnection::write_reuse_first() {
|
||||
|
||||
reuse_first_write_done_ = true;
|
||||
|
||||
|
|
@ -166,7 +166,7 @@ diff --git a/src/shrpx_https_upstream.cc b/src/shrpx_https_upstream.cc
|
|||
index 452ec90..96ca2cd 100644
|
||||
--- a/src/shrpx_https_upstream.cc
|
||||
+++ b/src/shrpx_https_upstream.cc
|
||||
@@ -448,9 +448,7 @@ int htp_hdrs_completecb(http_parser *htp) {
|
||||
@@ -467,9 +467,7 @@ int htp_hdrs_completecb(http_parser *htp) {
|
||||
// and let them decide whether responds with 100 Continue or not.
|
||||
// For alternative mode, we have no backend, so just send 100
|
||||
// Continue here to make the client happy.
|
||||
|
|
@ -214,7 +214,7 @@ diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
|
|||
index 14f8950..137a675 100644
|
||||
--- a/lib/includes/nghttp2/nghttp2.h
|
||||
+++ b/lib/includes/nghttp2/nghttp2.h
|
||||
@@ -2632,6 +2632,17 @@ nghttp2_option_set_max_deflate_dynamic_table_size(nghttp2_option *option,
|
||||
@@ -2637,6 +2637,17 @@ nghttp2_option_set_max_deflate_dynamic_table_size(nghttp2_option *option,
|
||||
NGHTTP2_EXTERN void nghttp2_option_set_no_closed_streams(nghttp2_option *option,
|
||||
int val);
|
||||
|
||||
|
|
@ -236,7 +236,7 @@ diff --git a/lib/nghttp2_option.c b/lib/nghttp2_option.c
|
|||
index aec5dcf..ae22493 100644
|
||||
--- a/lib/nghttp2_option.c
|
||||
+++ b/lib/nghttp2_option.c
|
||||
@@ -112,3 +112,8 @@ void nghttp2_option_set_no_closed_streams(nghttp2_option *option, int val) {
|
||||
@@ -116,3 +116,8 @@ void nghttp2_option_set_no_closed_streams(nghttp2_option *option, int val) {
|
||||
option->opt_set_mask |= NGHTTP2_OPT_NO_CLOSED_STREAMS;
|
||||
option->no_closed_streams = val;
|
||||
}
|
||||
|
|
@ -272,7 +272,7 @@ diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
|
|||
index c58f059..8628cc7 100644
|
||||
--- a/lib/nghttp2_session.c
|
||||
+++ b/lib/nghttp2_session.c
|
||||
@@ -447,6 +447,7 @@ static int session_new(nghttp2_session **session_ptr,
|
||||
@@ -457,6 +457,7 @@ static int session_new(nghttp2_session **session_ptr,
|
||||
(*session_ptr)->remote_settings.max_concurrent_streams = 100;
|
||||
|
||||
(*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
|
||||
|
|
@ -280,7 +280,7 @@ index c58f059..8628cc7 100644
|
|||
|
||||
if (option) {
|
||||
if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
|
||||
@@ -506,6 +507,10 @@ static int session_new(nghttp2_session **session_ptr,
|
||||
@@ -516,6 +517,10 @@ static int session_new(nghttp2_session **session_ptr,
|
||||
option->no_closed_streams) {
|
||||
(*session_ptr)->opt_flags |= NGHTTP2_OPTMASK_NO_CLOSED_STREAMS;
|
||||
}
|
||||
|
|
@ -291,7 +291,7 @@ index c58f059..8628cc7 100644
|
|||
}
|
||||
|
||||
rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
|
||||
@@ -6654,7 +6659,7 @@ int nghttp2_session_add_ping(nghttp2_session *session, uint8_t flags,
|
||||
@@ -6831,7 +6836,7 @@ int nghttp2_session_add_ping(nghttp2_session *session, uint8_t flags,
|
||||
mem = &session->mem;
|
||||
|
||||
if ((flags & NGHTTP2_FLAG_ACK) &&
|
||||
|
|
@ -300,7 +300,7 @@ index c58f059..8628cc7 100644
|
|||
return NGHTTP2_ERR_FLOODED;
|
||||
}
|
||||
|
||||
@@ -6799,7 +6804,7 @@ int nghttp2_session_add_settings(nghttp2_session *session, uint8_t flags,
|
||||
@@ -6976,7 +6981,7 @@ int nghttp2_session_add_settings(nghttp2_session *session, uint8_t flags,
|
||||
return NGHTTP2_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
|
|
@ -313,7 +313,7 @@ diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h
|
|||
index c7cb27d..d9e2846 100644
|
||||
--- a/lib/nghttp2_session.h
|
||||
+++ b/lib/nghttp2_session.h
|
||||
@@ -96,7 +96,7 @@ typedef struct {
|
||||
@@ -97,7 +97,7 @@ typedef struct {
|
||||
response frames are stacked up, which leads to memory exhaustion.
|
||||
The value selected here is arbitrary, but safe value and if we have
|
||||
these frames in this number, it is considered suspicious. */
|
||||
|
|
@ -322,7 +322,7 @@ index c7cb27d..d9e2846 100644
|
|||
|
||||
/* The default value of maximum number of concurrent streams. */
|
||||
#define NGHTTP2_DEFAULT_MAX_CONCURRENT_STREAMS 0xffffffffu
|
||||
@@ -258,8 +258,12 @@ struct nghttp2_session {
|
||||
@@ -260,8 +260,12 @@ struct nghttp2_session {
|
||||
size_t num_idle_streams;
|
||||
/* The number of bytes allocated for nvbuf */
|
||||
size_t nvbuflen;
|
||||
|
|
@ -340,7 +340,7 @@ diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c
|
|||
index 783b0ed..debec59 100644
|
||||
--- a/tests/nghttp2_session_test.c
|
||||
+++ b/tests/nghttp2_session_test.c
|
||||
@@ -9552,7 +9552,7 @@ void test_nghttp2_session_flooding(void) {
|
||||
@@ -9894,7 +9894,7 @@ void test_nghttp2_session_flooding(void) {
|
||||
|
||||
buf = &bufs.head->buf;
|
||||
|
||||
|
|
@ -349,7 +349,7 @@ index 783b0ed..debec59 100644
|
|||
CU_ASSERT(
|
||||
(ssize_t)nghttp2_buf_len(buf) ==
|
||||
nghttp2_session_mem_recv(session, buf->pos, nghttp2_buf_len(buf)));
|
||||
@@ -9574,7 +9574,7 @@ void test_nghttp2_session_flooding(void) {
|
||||
@@ -9916,7 +9916,7 @@ void test_nghttp2_session_flooding(void) {
|
||||
|
||||
buf = &bufs.head->buf;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
Summary: Experimental HTTP/2 client, server and proxy
|
||||
Name: nghttp2
|
||||
Version: 1.31.1
|
||||
Release: 2%{?dist}
|
||||
Version: 1.33.0
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Group: Applications/Internet
|
||||
URL: https://nghttp2.org/
|
||||
|
|
@ -121,6 +121,9 @@ make %{?_smp_mflags} check
|
|||
|
||||
|
||||
%changelog
|
||||
* Mon Jun 08 2020 Kamil Dudka <kdudka@redhat.com> 1.33.0-1
|
||||
- update to nghttp2-1.33
|
||||
|
||||
* Mon Aug 19 2019 Kamil Dudka <kdudka@redhat.com> 1.31.1-2
|
||||
- backport security fixes from nghttp2-1.39.2 (CVE-2019-9511 and CVE-2019-9513)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue