update to nghttp2-1.33

This upstream release is currently used by RHEL-8.
This commit is contained in:
Kamil Dudka 2020-06-08 11:08:29 +02:00
parent 62a83efa63
commit 7cb7846cee
2 changed files with 32 additions and 29 deletions

View File

@ -60,7 +60,7 @@ diff --git a/integration-tests/server_tester.go b/integration-tests/server_teste
index d145519..1156986 100644
--- a/integration-tests/server_tester.go
+++ b/integration-tests/server_tester.go
@@ -810,7 +810,9 @@ func cloneHeader(h http.Header) http.Header {
@@ -662,7 +662,9 @@ func cloneHeader(h http.Header) http.Header {
return h2
}
@ -75,17 +75,17 @@ diff --git a/src/shrpx_downstream.cc b/src/shrpx_downstream.cc
index 360a9a9..48db65b 100644
--- a/src/shrpx_downstream.cc
+++ b/src/shrpx_downstream.cc
@@ -142,7 +142,8 @@ Downstream::Downstream(Upstream *upstream, MemchunkPool *mcpool,
request_pending_(false),
@@ -144,7 +144,8 @@ Downstream::Downstream(Upstream *upstream, MemchunkPool *mcpool,
request_header_sent_(false),
accesslog_written_(false),
- new_affinity_cookie_(false) {
+ new_affinity_cookie_(false),
new_affinity_cookie_(false),
- blocked_request_data_eof_(false) {
+ blocked_request_data_eof_(false),
+ expect_100_continue_(false) {
auto &timeoutconf = get_config()->http2.timeout;
@@ -764,6 +765,11 @@ void Downstream::inspect_http1_request() {
@@ -807,6 +808,11 @@ void Downstream::inspect_http1_request() {
chunked_request_ = true;
}
}
@ -97,8 +97,8 @@ index 360a9a9..48db65b 100644
}
void Downstream::inspect_http1_response() {
@@ -1052,4 +1058,8 @@ uint32_t Downstream::get_affinity_cookie_to_send() const {
return 0;
@@ -1103,4 +1109,8 @@ bool Downstream::get_blocked_request_data_eof() const {
return blocked_request_data_eof_;
}
+bool Downstream::get_expect_100_continue() const {
@ -110,7 +110,7 @@ diff --git a/src/shrpx_downstream.h b/src/shrpx_downstream.h
index c81fcf6..b9a851f 100644
--- a/src/shrpx_downstream.h
+++ b/src/shrpx_downstream.h
@@ -463,6 +463,8 @@ public:
@@ -466,6 +466,8 @@ public:
EVENT_TIMEOUT = 0x2,
};
@ -119,10 +119,10 @@ index c81fcf6..b9a851f 100644
enum {
DISPATCH_NONE,
DISPATCH_PENDING,
@@ -547,6 +549,8 @@ private:
bool accesslog_written_;
// true if affinity cookie is generated for this request.
bool new_affinity_cookie_;
@@ -556,6 +558,8 @@ private:
// true if eof is received from client before sending header fields
// to backend.
bool blocked_request_data_eof_;
+ // true if request contains "expect: 100-continue" header field.
+ bool expect_100_continue_;
};
@ -132,17 +132,17 @@ diff --git a/src/shrpx_http_downstream_connection.cc b/src/shrpx_http_downstream
index f50c0f4..85ca947 100644
--- a/src/shrpx_http_downstream_connection.cc
+++ b/src/shrpx_http_downstream_connection.cc
@@ -694,7 +694,8 @@ int HttpDownstreamConnection::push_request_headers() {
@@ -698,7 +698,8 @@ int HttpDownstreamConnection::push_request_headers() {
// signal_write() when we received request body chunk, and it
// enables us to send headers and data in one writev system call.
if (connect_method ||
if (connect_method || downstream_->get_blocked_request_buf()->rleft() ||
- (!req.http2_expect_body && req.fs.content_length == 0)) {
+ (!req.http2_expect_body && req.fs.content_length == 0) ||
+ downstream_->get_expect_100_continue()) {
signal_write();
}
@@ -1142,6 +1143,19 @@ int HttpDownstreamConnection::write_reuse_first() {
@@ -1172,6 +1173,19 @@ int HttpDownstreamConnection::write_reuse_first() {
reuse_first_write_done_ = true;
@ -166,7 +166,7 @@ diff --git a/src/shrpx_https_upstream.cc b/src/shrpx_https_upstream.cc
index 452ec90..96ca2cd 100644
--- a/src/shrpx_https_upstream.cc
+++ b/src/shrpx_https_upstream.cc
@@ -448,9 +448,7 @@ int htp_hdrs_completecb(http_parser *htp) {
@@ -467,9 +467,7 @@ int htp_hdrs_completecb(http_parser *htp) {
// and let them decide whether responds with 100 Continue or not.
// For alternative mode, we have no backend, so just send 100
// Continue here to make the client happy.
@ -214,7 +214,7 @@ diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
index 14f8950..137a675 100644
--- a/lib/includes/nghttp2/nghttp2.h
+++ b/lib/includes/nghttp2/nghttp2.h
@@ -2632,6 +2632,17 @@ nghttp2_option_set_max_deflate_dynamic_table_size(nghttp2_option *option,
@@ -2637,6 +2637,17 @@ nghttp2_option_set_max_deflate_dynamic_table_size(nghttp2_option *option,
NGHTTP2_EXTERN void nghttp2_option_set_no_closed_streams(nghttp2_option *option,
int val);
@ -236,7 +236,7 @@ diff --git a/lib/nghttp2_option.c b/lib/nghttp2_option.c
index aec5dcf..ae22493 100644
--- a/lib/nghttp2_option.c
+++ b/lib/nghttp2_option.c
@@ -112,3 +112,8 @@ void nghttp2_option_set_no_closed_streams(nghttp2_option *option, int val) {
@@ -116,3 +116,8 @@ void nghttp2_option_set_no_closed_streams(nghttp2_option *option, int val) {
option->opt_set_mask |= NGHTTP2_OPT_NO_CLOSED_STREAMS;
option->no_closed_streams = val;
}
@ -272,7 +272,7 @@ diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
index c58f059..8628cc7 100644
--- a/lib/nghttp2_session.c
+++ b/lib/nghttp2_session.c
@@ -447,6 +447,7 @@ static int session_new(nghttp2_session **session_ptr,
@@ -457,6 +457,7 @@ static int session_new(nghttp2_session **session_ptr,
(*session_ptr)->remote_settings.max_concurrent_streams = 100;
(*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
@ -280,7 +280,7 @@ index c58f059..8628cc7 100644
if (option) {
if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
@@ -506,6 +507,10 @@ static int session_new(nghttp2_session **session_ptr,
@@ -516,6 +517,10 @@ static int session_new(nghttp2_session **session_ptr,
option->no_closed_streams) {
(*session_ptr)->opt_flags |= NGHTTP2_OPTMASK_NO_CLOSED_STREAMS;
}
@ -291,7 +291,7 @@ index c58f059..8628cc7 100644
}
rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
@@ -6654,7 +6659,7 @@ int nghttp2_session_add_ping(nghttp2_session *session, uint8_t flags,
@@ -6831,7 +6836,7 @@ int nghttp2_session_add_ping(nghttp2_session *session, uint8_t flags,
mem = &session->mem;
if ((flags & NGHTTP2_FLAG_ACK) &&
@ -300,7 +300,7 @@ index c58f059..8628cc7 100644
return NGHTTP2_ERR_FLOODED;
}
@@ -6799,7 +6804,7 @@ int nghttp2_session_add_settings(nghttp2_session *session, uint8_t flags,
@@ -6976,7 +6981,7 @@ int nghttp2_session_add_settings(nghttp2_session *session, uint8_t flags,
return NGHTTP2_ERR_INVALID_ARGUMENT;
}
@ -313,7 +313,7 @@ diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h
index c7cb27d..d9e2846 100644
--- a/lib/nghttp2_session.h
+++ b/lib/nghttp2_session.h
@@ -96,7 +96,7 @@ typedef struct {
@@ -97,7 +97,7 @@ typedef struct {
response frames are stacked up, which leads to memory exhaustion.
The value selected here is arbitrary, but safe value and if we have
these frames in this number, it is considered suspicious. */
@ -322,7 +322,7 @@ index c7cb27d..d9e2846 100644
/* The default value of maximum number of concurrent streams. */
#define NGHTTP2_DEFAULT_MAX_CONCURRENT_STREAMS 0xffffffffu
@@ -258,8 +258,12 @@ struct nghttp2_session {
@@ -260,8 +260,12 @@ struct nghttp2_session {
size_t num_idle_streams;
/* The number of bytes allocated for nvbuf */
size_t nvbuflen;
@ -340,7 +340,7 @@ diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c
index 783b0ed..debec59 100644
--- a/tests/nghttp2_session_test.c
+++ b/tests/nghttp2_session_test.c
@@ -9552,7 +9552,7 @@ void test_nghttp2_session_flooding(void) {
@@ -9894,7 +9894,7 @@ void test_nghttp2_session_flooding(void) {
buf = &bufs.head->buf;
@ -349,7 +349,7 @@ index 783b0ed..debec59 100644
CU_ASSERT(
(ssize_t)nghttp2_buf_len(buf) ==
nghttp2_session_mem_recv(session, buf->pos, nghttp2_buf_len(buf)));
@@ -9574,7 +9574,7 @@ void test_nghttp2_session_flooding(void) {
@@ -9916,7 +9916,7 @@ void test_nghttp2_session_flooding(void) {
buf = &bufs.head->buf;

View File

@ -1,7 +1,7 @@
Summary: Experimental HTTP/2 client, server and proxy
Name: nghttp2
Version: 1.31.1
Release: 2%{?dist}
Version: 1.33.0
Release: 1%{?dist}
License: MIT
Group: Applications/Internet
URL: https://nghttp2.org/
@ -121,6 +121,9 @@ make %{?_smp_mflags} check
%changelog
* Mon Jun 08 2020 Kamil Dudka <kdudka@redhat.com> 1.33.0-1
- update to nghttp2-1.33
* Mon Aug 19 2019 Kamil Dudka <kdudka@redhat.com> 1.31.1-2
- backport security fixes from nghttp2-1.39.2 (CVE-2019-9511 and CVE-2019-9513)