nghttp2 - HTTP/2 C Library and tools

Overview

nghttp2 - HTTP/2 C Library

This is an implementation of the Hypertext Transfer Protocol version 2 in C.

The framing layer of HTTP/2 is implemented as a reusable C library. On top of that, we have implemented an HTTP/2 client, server and proxy. We have also developed load test and benchmarking tools for HTTP/2.

An HPACK encoder and decoder are available as a public API.

An experimental high level C++ library is also available.

We have Python bindings of this library, but we do not have full code coverage yet.

Development Status

We have implemented RFC 7540 HTTP/2 and RFC 7541 HPACK - Header Compression for HTTP/2

The nghttp2 code base was forked from the spdylay (https://github.com/tatsuhiro-t/spdylay) project.

Public Test Server

The following endpoints are available to try out our nghttp2 implementation.

  • https://nghttp2.org/ (TLS + ALPN/NPN)

    This endpoint supports h2, h2-16, h2-14, and http/1.1 via ALPN/NPN and requires TLSv1.2 for HTTP/2 connection.

  • http://nghttp2.org/ (HTTP Upgrade and HTTP/2 Direct)

    h2c and http/1.1.

Requirements

The following package is required to build the libnghttp2 library:

  • pkg-config >= 0.20

To build and run the unit test programs, the following package is required:

  • cunit >= 2.1

To build the documentation, you need to install:

If you need libnghttp2 (C library) only, then the above packages are all you need. Use --enable-lib-only to ensure that only libnghttp2 is built. This avoids potential build error related to building bundled applications.

To build and run the application programs (nghttp, nghttpd, nghttpx and h2load) in the src directory, the following packages are required:

  • OpenSSL >= 1.0.1
  • libev >= 4.11
  • zlib >= 1.2.3
  • libc-ares >= 1.7.5

ALPN support requires OpenSSL >= 1.0.2 (released 22 January 2015). LibreSSL >= 2.2.0 can be used instead of OpenSSL, but OpenSSL has more features than LibreSSL at the time of this writing.

To enable -a option (getting linked assets from the downloaded resource) in nghttp, the following package is required:

  • libxml2 >= 2.6.26

To enable systemd support in nghttpx, the following package is required:

  • libsystemd-dev >= 209

The HPACK tools require the following package:

  • jansson >= 2.5

To build sources under the examples directory, libevent is required:

  • libevent-openssl >= 2.0.8

To mitigate heap fragmentation in long running server programs (nghttpd and nghttpx), jemalloc is recommended:

  • jemalloc

    Note

    Alpine Linux currently does not support malloc replacement due to musl limitations. See details in issue #762.

libnghttp2_asio C++ library requires the following packages:

  • libboost-dev >= 1.54.0
  • libboost-thread-dev >= 1.54.0

The Python bindings require the following packages:

  • cython >= 0.19
  • python >= 3.8
  • python-setuptools

If you are using Ubuntu 16.04 LTS (Xenial Xerus) or Debian 8 (jessie) and above, run the following to install the required packages:

sudo apt-get install g++ make binutils autoconf automake autotools-dev libtool pkg-config \
  zlib1g-dev libcunit1-dev libssl-dev libxml2-dev libev-dev libevent-dev libjansson-dev \
  libc-ares-dev libjemalloc-dev libsystemd-dev \
  cython python3-dev python-setuptools

To enable mruby support for nghttpx, mruby is required. We need to build mruby with C++ ABI explicitly turned on, and probably need other mrgems, mruby is manged by git submodule under third-party/mruby directory. Currently, mruby support for nghttpx is disabled by default. To enable mruby support, use --with-mruby configure option. Note that at the time of this writing, libmruby-dev and mruby packages in Debian/Ubuntu are not usable for nghttp2, since they do not enable C++ ABI. To build mruby, the following packages are required:

  • ruby
  • bison

nghttpx supports neverbleed, privilege separation engine for OpenSSL / LibreSSL. In short, it minimizes the risk of private key leakage when serious bug like Heartbleed is exploited. The neverbleed is disabled by default. To enable it, use --with-neverbleed configure option.

Compiling libnghttp2 C source code requires a C99 compiler. gcc 4.8 is known to be adequate. In order to compile the C++ source code, gcc >= 6.0 or clang >= 6.0 is required. C++ source code requires C++14 language features.

Note

To enable mruby support in nghttpx, and use --with-mruby configure option.

Note

Mac OS X users may need the --disable-threads configure option to disable multi-threading in nghttpd, nghttpx and h2load to prevent them from crashing. A patch is welcome to make multi threading work on Mac OS X platform.

Note

To compile the associated applications (nghttp, nghttpd, nghttpx and h2load), you must use the --enable-app configure option and ensure that the specified requirements above are met. Normally, configure script checks required dependencies to build these applications, and enable --enable-app automatically, so you don't have to use it explicitly. But if you found that applications were not built, then using --enable-app may find that cause, such as the missing dependency.

Note

In order to detect third party libraries, pkg-config is used (however we don't use pkg-config for some libraries (e.g., libev)). By default, pkg-config searches *.pc file in the standard locations (e.g., /usr/lib/pkgconfig). If it is necessary to use *.pc file in the custom location, specify paths to PKG_CONFIG_PATH environment variable, and pass it to configure script, like so:

$ ./configure PKG_CONFIG_PATH=/path/to/pkgconfig

For pkg-config managed libraries, *_CFLAG and *_LIBS environment variables are defined (e.g., OPENSSL_CFLAGS, OPENSSL_LIBS). Specifying non-empty string to these variables completely overrides pkg-config. In other words, if they are specified, pkg-config is not used for detection, and user is responsible to specify the correct values to these variables. For complete list of these variables, run ./configure -h.

Building nghttp2 from release tar archive

The nghttp2 project regularly releases tar archives which includes nghttp2 source code, and generated build files. They can be downloaded from Releases page.

Building nghttp2 from git requires autotools development packages. Building from tar archives does not require them, and thus it is much easier. The usual build step is as follows:

$ tar xf nghttp2-X.Y.Z.tar.bz2
$ cd nghttp2-X.Y.Z
$ ./configure
$ make

Building from git

Building from git is easy, but please be sure that at least autoconf 2.68 is used:

$ git submodule update --init
$ autoreconf -i
$ automake
$ autoconf
$ ./configure
$ make

Notes for building on Windows (MSVC)

The easiest way to build native Windows nghttp2 dll is use cmake. The free version of Visual C++ Build Tools works fine.

  1. Install cmake for windows
  2. Open "Visual C++ ... Native Build Tool Command Prompt", and inside nghttp2 directly, run cmake.
  3. Then run cmake --build to build library.
  4. nghttp2.dll, nghttp2.lib, nghttp2.exp are placed under lib directory.

Note that the above steps most likely produce nghttp2 library only. No bundled applications are compiled.

Notes for building on Windows (Mingw/Cygwin)

Under Mingw environment, you can only compile the library, it's libnghttp2-X.dll and libnghttp2.a.

If you want to compile the applications(h2load, nghttp, nghttpx, nghttpd), you need to use the Cygwin environment.

Under Cygwin environment, to compile the applications you need to compile and install the libev first.

Secondly, you need to undefine the macro __STRICT_ANSI__, if you not, the functions fdopen, fileno and strptime will not available.

the sample command like this:

$ export CFLAGS="-U__STRICT_ANSI__ -I$libev_PREFIX/include -L$libev_PREFIX/lib"
$ export CXXFLAGS=$CFLAGS
$ ./configure
$ make

If you want to compile the applications under examples/, you need to remove or rename the event.h from libev's installation, because it conflicts with libevent's installation.

Notes for installation on Linux systems

After installing nghttp2 tool suite with make install one might experience a similar error:

nghttpx: error while loading shared libraries: libnghttp2.so.14: cannot open shared object file: No such file or directory

This means that the tool is unable to locate the libnghttp2.so shared library.

To update the shared library cache run sudo ldconfig.

Building the documentation

Note

Documentation is still incomplete.

To build the documentation, run:

$ make html

The documents will be generated under doc/manual/html/.

The generated documents will not be installed with make install.

The online documentation is available at https://nghttp2.org/documentation/

Unit tests

Unit tests are done by simply running make check.

Integration tests

We have the integration tests for the nghttpx proxy server. The tests are written in the Go programming language and uses its testing framework. We depend on the following libraries:

Go modules will download these dependencies automatically.

To run the tests, run the following command under integration-tests directory:

$ make it

Inside the tests, we use port 3009 to run the test subject server.

Migration from v0.7.15 or earlier

nghttp2 v1.0.0 introduced several backward incompatible changes. In this section, we describe these changes and how to migrate to v1.0.0.

ALPN protocol ID is now h2 and h2c

Previously we announced h2-14 and h2c-14. v1.0.0 implements final protocol version, and we changed ALPN ID to h2 and h2c. The macros NGHTTP2_PROTO_VERSION_ID, NGHTTP2_PROTO_VERSION_ID_LEN, NGHTTP2_CLEARTEXT_PROTO_VERSION_ID, and NGHTTP2_CLEARTEXT_PROTO_VERSION_ID_LEN have been updated to reflect this change.

Basically, existing applications do not have to do anything, just recompiling is enough for this change.

Use word "client magic" where we use "client connection preface"

We use "client connection preface" to mean first 24 bytes of client connection preface. This is technically not correct, since client connection preface is composed of 24 bytes client magic byte string followed by SETTINGS frame. For clarification, we call "client magic" for this 24 bytes byte string and updated API.

  • NGHTTP2_CLIENT_CONNECTION_PREFACE was replaced with NGHTTP2_CLIENT_MAGIC.
  • NGHTTP2_CLIENT_CONNECTION_PREFACE_LEN was replaced with NGHTTP2_CLIENT_MAGIC_LEN.
  • NGHTTP2_BAD_PREFACE was renamed as NGHTTP2_BAD_CLIENT_MAGIC

The already deprecated NGHTTP2_CLIENT_CONNECTION_HEADER and NGHTTP2_CLIENT_CONNECTION_HEADER_LEN were removed.

If application uses these macros, just replace old ones with new ones. Since v1.0.0, client magic is sent by library (see next subsection), so client application may just remove these macro use.

Client magic is sent by library

Previously nghttp2 library did not send client magic, which is first 24 bytes byte string of client connection preface, and client applications have to send it by themselves. Since v1.0.0, client magic is sent by library via first call of nghttp2_session_send() or nghttp2_session_mem_send().

The client applications which send client magic must remove the relevant code.

Remove HTTP Alternative Services (Alt-Svc) related code

Alt-Svc specification is not finalized yet. To make our API stable, we have decided to remove all Alt-Svc related API from nghttp2.

  • NGHTTP2_EXT_ALTSVC was removed.
  • nghttp2_ext_altsvc was removed.

We have already removed the functionality of Alt-Svc in v0.7 series and they have been essentially noop. The application using these macro and struct, remove those lines.

Use nghttp2_error in nghttp2_on_invalid_frame_recv_callback

Previously nghttp2_on_invalid_frame_recv_cb_called took the error_code, defined in nghttp2_error_code, as parameter. But they are not detailed enough to debug. Therefore, we decided to use more detailed nghttp2_error values instead.

The application using this callback should update the callback signature. If it treats error_code as HTTP/2 error code, update the code so that it is treated as nghttp2_error.

Receive client magic by default

Previously nghttp2 did not process client magic (24 bytes byte string). To make it deal with it, we had to use nghttp2_option_set_recv_client_preface(). Since v1.0.0, nghttp2 processes client magic by default and nghttp2_option_set_recv_client_preface() was removed.

Some application may want to disable this behaviour, so we added nghttp2_option_set_no_recv_client_magic() to achieve this.

The application using nghttp2_option_set_recv_client_preface() with nonzero value, just remove it.

The application using nghttp2_option_set_recv_client_preface() with zero value or not using it must use nghttp2_option_set_no_recv_client_magic() with nonzero value.

Client, Server and Proxy programs

The src directory contains the HTTP/2 client, server and proxy programs.

nghttp - client

nghttp is a HTTP/2 client. It can connect to the HTTP/2 server with prior knowledge, HTTP Upgrade and NPN/ALPN TLS extension.

It has verbose output mode for framing information. Here is sample output from nghttp client:

$ nghttp -nv https://nghttp2.org
[  0.190] Connected
The negotiated protocol: h2
[  0.212] recv SETTINGS frame <length=12, flags=0x00, stream_id=0>
          (niv=2)
          [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100]
          [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535]
[  0.212] send SETTINGS frame <length=12, flags=0x00, stream_id=0>
          (niv=2)
          [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100]
          [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535]
[  0.212] send SETTINGS frame <length=0, flags=0x01, stream_id=0>
          ; ACK
          (niv=0)
[  0.212] send PRIORITY frame <length=5, flags=0x00, stream_id=3>
          (dep_stream_id=0, weight=201, exclusive=0)
[  0.212] send PRIORITY frame <length=5, flags=0x00, stream_id=5>
          (dep_stream_id=0, weight=101, exclusive=0)
[  0.212] send PRIORITY frame <length=5, flags=0x00, stream_id=7>
          (dep_stream_id=0, weight=1, exclusive=0)
[  0.212] send PRIORITY frame <length=5, flags=0x00, stream_id=9>
          (dep_stream_id=7, weight=1, exclusive=0)
[  0.212] send PRIORITY frame <length=5, flags=0x00, stream_id=11>
          (dep_stream_id=3, weight=1, exclusive=0)
[  0.212] send HEADERS frame <length=39, flags=0x25, stream_id=13>
          ; END_STREAM | END_HEADERS | PRIORITY
          (padlen=0, dep_stream_id=11, weight=16, exclusive=0)
          ; Open new stream
          :method: GET
          :path: /
          :scheme: https
          :authority: nghttp2.org
          accept: */*
          accept-encoding: gzip, deflate
          user-agent: nghttp2/1.0.1-DEV
[  0.221] recv SETTINGS frame <length=0, flags=0x01, stream_id=0>
          ; ACK
          (niv=0)
[  0.221] recv (stream_id=13) :method: GET
[  0.221] recv (stream_id=13) :scheme: https
[  0.221] recv (stream_id=13) :path: /stylesheets/screen.css
[  0.221] recv (stream_id=13) :authority: nghttp2.org
[  0.221] recv (stream_id=13) accept-encoding: gzip, deflate
[  0.222] recv (stream_id=13) user-agent: nghttp2/1.0.1-DEV
[  0.222] recv PUSH_PROMISE frame <length=50, flags=0x04, stream_id=13>
          ; END_HEADERS
          (padlen=0, promised_stream_id=2)
[  0.222] recv (stream_id=13) :status: 200
[  0.222] recv (stream_id=13) date: Thu, 21 May 2015 16:38:14 GMT
[  0.222] recv (stream_id=13) content-type: text/html
[  0.222] recv (stream_id=13) last-modified: Fri, 15 May 2015 15:38:06 GMT
[  0.222] recv (stream_id=13) etag: W/"555612de-19f6"
[  0.222] recv (stream_id=13) link: </stylesheets/screen.css>; rel=preload; as=stylesheet
[  0.222] recv (stream_id=13) content-encoding: gzip
[  0.222] recv (stream_id=13) server: nghttpx nghttp2/1.0.1-DEV
[  0.222] recv (stream_id=13) via: 1.1 nghttpx
[  0.222] recv (stream_id=13) strict-transport-security: max-age=31536000
[  0.222] recv HEADERS frame <length=166, flags=0x04, stream_id=13>
          ; END_HEADERS
          (padlen=0)
          ; First response header
[  0.222] recv DATA frame <length=2601, flags=0x01, stream_id=13>
          ; END_STREAM
[  0.222] recv (stream_id=2) :status: 200
[  0.222] recv (stream_id=2) date: Thu, 21 May 2015 16:38:14 GMT
[  0.222] recv (stream_id=2) content-type: text/css
[  0.222] recv (stream_id=2) last-modified: Fri, 15 May 2015 15:38:06 GMT
[  0.222] recv (stream_id=2) etag: W/"555612de-9845"
[  0.222] recv (stream_id=2) content-encoding: gzip
[  0.222] recv (stream_id=2) server: nghttpx nghttp2/1.0.1-DEV
[  0.222] recv (stream_id=2) via: 1.1 nghttpx
[  0.222] recv (stream_id=2) strict-transport-security: max-age=31536000
[  0.222] recv HEADERS frame <length=32, flags=0x04, stream_id=2>
          ; END_HEADERS
          (padlen=0)
          ; First push response header
[  0.228] recv DATA frame <length=8715, flags=0x01, stream_id=2>
          ; END_STREAM
[  0.228] send GOAWAY frame <length=8, flags=0x00, stream_id=0>
          (last_stream_id=2, error_code=NO_ERROR(0x00), opaque_data(0)=[])

The HTTP Upgrade is performed like so:

$ nghttp -nvu http://nghttp2.org
[  0.011] Connected
[  0.011] HTTP Upgrade request
GET / HTTP/1.1
Host: nghttp2.org
Connection: Upgrade, HTTP2-Settings
Upgrade: h2c
HTTP2-Settings: AAMAAABkAAQAAP__
Accept: */*
User-Agent: nghttp2/1.0.1-DEV


[  0.018] HTTP Upgrade response
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: h2c


[  0.018] HTTP Upgrade success
[  0.018] recv SETTINGS frame <length=12, flags=0x00, stream_id=0>
          (niv=2)
          [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100]
          [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535]
[  0.018] send SETTINGS frame <length=12, flags=0x00, stream_id=0>
          (niv=2)
          [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100]
          [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535]
[  0.018] send SETTINGS frame <length=0, flags=0x01, stream_id=0>
          ; ACK
          (niv=0)
[  0.018] send PRIORITY frame <length=5, flags=0x00, stream_id=3>
          (dep_stream_id=0, weight=201, exclusive=0)
[  0.018] send PRIORITY frame <length=5, flags=0x00, stream_id=5>
          (dep_stream_id=0, weight=101, exclusive=0)
[  0.018] send PRIORITY frame <length=5, flags=0x00, stream_id=7>
          (dep_stream_id=0, weight=1, exclusive=0)
[  0.018] send PRIORITY frame <length=5, flags=0x00, stream_id=9>
          (dep_stream_id=7, weight=1, exclusive=0)
[  0.018] send PRIORITY frame <length=5, flags=0x00, stream_id=11>
          (dep_stream_id=3, weight=1, exclusive=0)
[  0.018] send PRIORITY frame <length=5, flags=0x00, stream_id=1>
          (dep_stream_id=11, weight=16, exclusive=0)
[  0.019] recv (stream_id=1) :method: GET
[  0.019] recv (stream_id=1) :scheme: http
[  0.019] recv (stream_id=1) :path: /stylesheets/screen.css
[  0.019] recv (stream_id=1) host: nghttp2.org
[  0.019] recv (stream_id=1) user-agent: nghttp2/1.0.1-DEV
[  0.019] recv PUSH_PROMISE frame <length=49, flags=0x04, stream_id=1>
          ; END_HEADERS
          (padlen=0, promised_stream_id=2)
[  0.019] recv (stream_id=1) :status: 200
[  0.019] recv (stream_id=1) date: Thu, 21 May 2015 16:39:16 GMT
[  0.019] recv (stream_id=1) content-type: text/html
[  0.019] recv (stream_id=1) content-length: 6646
[  0.019] recv (stream_id=1) last-modified: Fri, 15 May 2015 15:38:06 GMT
[  0.019] recv (stream_id=1) etag: "555612de-19f6"
[  0.019] recv (stream_id=1) link: </stylesheets/screen.css>; rel=preload; as=stylesheet
[  0.019] recv (stream_id=1) accept-ranges: bytes
[  0.019] recv (stream_id=1) server: nghttpx nghttp2/1.0.1-DEV
[  0.019] recv (stream_id=1) via: 1.1 nghttpx
[  0.019] recv HEADERS frame <length=157, flags=0x04, stream_id=1>
          ; END_HEADERS
          (padlen=0)
          ; First response header
[  0.019] recv DATA frame <length=6646, flags=0x01, stream_id=1>
          ; END_STREAM
[  0.019] recv (stream_id=2) :status: 200
[  0.019] recv (stream_id=2) date: Thu, 21 May 2015 16:39:16 GMT
[  0.019] recv (stream_id=2) content-type: text/css
[  0.019] recv (stream_id=2) content-length: 38981
[  0.019] recv (stream_id=2) last-modified: Fri, 15 May 2015 15:38:06 GMT
[  0.019] recv (stream_id=2) etag: "555612de-9845"
[  0.019] recv (stream_id=2) accept-ranges: bytes
[  0.019] recv (stream_id=2) server: nghttpx nghttp2/1.0.1-DEV
[  0.019] recv (stream_id=2) via: 1.1 nghttpx
[  0.019] recv HEADERS frame <length=36, flags=0x04, stream_id=2>
          ; END_HEADERS
          (padlen=0)
          ; First push response header
[  0.026] recv DATA frame <length=16384, flags=0x00, stream_id=2>
[  0.027] recv DATA frame <length=7952, flags=0x00, stream_id=2>
[  0.027] send WINDOW_UPDATE frame <length=4, flags=0x00, stream_id=0>
          (window_size_increment=33343)
[  0.032] send WINDOW_UPDATE frame <length=4, flags=0x00, stream_id=2>
          (window_size_increment=33707)
[  0.032] recv DATA frame <length=14645, flags=0x01, stream_id=2>
          ; END_STREAM
[  0.032] recv SETTINGS frame <length=0, flags=0x01, stream_id=0>
          ; ACK
          (niv=0)
[  0.032] send GOAWAY frame <length=8, flags=0x00, stream_id=0>
          (last_stream_id=2, error_code=NO_ERROR(0x00), opaque_data(0)=[])

Using the -s option, nghttp prints out some timing information for requests, sorted by completion time:

$ nghttp -nas https://nghttp2.org/
***** Statistics *****

Request timing:
  responseEnd: the  time  when  last  byte of  response  was  received
               relative to connectEnd
 requestStart: the time  just before  first byte  of request  was sent
               relative  to connectEnd.   If  '*' is  shown, this  was
               pushed by server.
      process: responseEnd - requestStart
         code: HTTP status code
         size: number  of  bytes  received as  response  body  without
               inflation.
          URI: request URI

see http://www.w3.org/TR/resource-timing/#processing-model

sorted by 'complete'

id  responseEnd requestStart  process code size request path
 13    +37.19ms       +280us  36.91ms  200   2K /
  2    +72.65ms *   +36.38ms  36.26ms  200   8K /stylesheets/screen.css
 17    +77.43ms     +38.67ms  38.75ms  200   3K /javascripts/octopress.js
 15    +78.12ms     +38.66ms  39.46ms  200   3K /javascripts/modernizr-2.0.js

Using the -r option, nghttp writes more detailed timing data to the given file in HAR format.

nghttpd - server

nghttpd is a multi-threaded static web server.

By default, it uses SSL/TLS connection. Use --no-tls option to disable it.

nghttpd only accepts HTTP/2 connections via NPN/ALPN or direct HTTP/2 connections. No HTTP Upgrade is supported.

The -p option allows users to configure server push.

Just like nghttp, it has a verbose output mode for framing information. Here is sample output from nghttpd:

$ nghttpd --no-tls -v 8080
IPv4: listen 0.0.0.0:8080
IPv6: listen :::8080
[id=1] [  1.521] send SETTINGS frame <length=6, flags=0x00, stream_id=0>
          (niv=1)
          [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100]
[id=1] [  1.521] recv SETTINGS frame <length=12, flags=0x00, stream_id=0>
          (niv=2)
          [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100]
          [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535]
[id=1] [  1.521] recv SETTINGS frame <length=0, flags=0x01, stream_id=0>
          ; ACK
          (niv=0)
[id=1] [  1.521] recv PRIORITY frame <length=5, flags=0x00, stream_id=3>
          (dep_stream_id=0, weight=201, exclusive=0)
[id=1] [  1.521] recv PRIORITY frame <length=5, flags=0x00, stream_id=5>
          (dep_stream_id=0, weight=101, exclusive=0)
[id=1] [  1.521] recv PRIORITY frame <length=5, flags=0x00, stream_id=7>
          (dep_stream_id=0, weight=1, exclusive=0)
[id=1] [  1.521] recv PRIORITY frame <length=5, flags=0x00, stream_id=9>
          (dep_stream_id=7, weight=1, exclusive=0)
[id=1] [  1.521] recv PRIORITY frame <length=5, flags=0x00, stream_id=11>
          (dep_stream_id=3, weight=1, exclusive=0)
[id=1] [  1.521] recv (stream_id=13) :method: GET
[id=1] [  1.521] recv (stream_id=13) :path: /
[id=1] [  1.521] recv (stream_id=13) :scheme: http
[id=1] [  1.521] recv (stream_id=13) :authority: localhost:8080
[id=1] [  1.521] recv (stream_id=13) accept: */*
[id=1] [  1.521] recv (stream_id=13) accept-encoding: gzip, deflate
[id=1] [  1.521] recv (stream_id=13) user-agent: nghttp2/1.0.0-DEV
[id=1] [  1.521] recv HEADERS frame <length=41, flags=0x25, stream_id=13>
          ; END_STREAM | END_HEADERS | PRIORITY
          (padlen=0, dep_stream_id=11, weight=16, exclusive=0)
          ; Open new stream
[id=1] [  1.521] send SETTINGS frame <length=0, flags=0x01, stream_id=0>
          ; ACK
          (niv=0)
[id=1] [  1.521] send HEADERS frame <length=86, flags=0x04, stream_id=13>
          ; END_HEADERS
          (padlen=0)
          ; First response header
          :status: 200
          server: nghttpd nghttp2/1.0.0-DEV
          content-length: 10
          cache-control: max-age=3600
          date: Fri, 15 May 2015 14:49:04 GMT
          last-modified: Tue, 30 Sep 2014 12:40:52 GMT
[id=1] [  1.522] send DATA frame <length=10, flags=0x01, stream_id=13>
          ; END_STREAM
[id=1] [  1.522] stream_id=13 closed
[id=1] [  1.522] recv GOAWAY frame <length=8, flags=0x00, stream_id=0>
          (last_stream_id=0, error_code=NO_ERROR(0x00), opaque_data(0)=[])
[id=1] [  1.522] closed

nghttpx - proxy

nghttpx is a multi-threaded reverse proxy for HTTP/2, and HTTP/1.1, and powers http://nghttp2.org and supports HTTP/2 server push.

We reworked nghttpx command-line interface, and as a result, there are several incompatibles from 1.8.0 or earlier. This is necessary to extend its capability, and secure the further feature enhancements in the future release. Please read Migration from nghttpx v1.8.0 or earlier to know how to migrate from earlier releases.

nghttpx implements important performance-oriented features in TLS, such as session IDs, session tickets (with automatic key rotation), OCSP stapling, dynamic record sizing, ALPN/NPN, forward secrecy and HTTP/2. nghttpx also offers the functionality to share session cache and ticket keys among multiple nghttpx instances via memcached.

nghttpx has 2 operation modes:

Mode option Frontend Backend Note
default mode HTTP/2, HTTP/1.1 HTTP/1.1, HTTP/2 Reverse proxy
--http2-proxy HTTP/2, HTTP/1.1 HTTP/1.1, HTTP/2 Forward proxy

The interesting mode at the moment is the default mode. It works like a reverse proxy and listens for HTTP/2, and HTTP/1.1 and can be deployed as a SSL/TLS terminator for existing web server.

In all modes, the frontend connections are encrypted by SSL/TLS by default. To disable encryption, use the no-tls keyword in --frontend option. If encryption is disabled, incoming HTTP/1.1 connections can be upgraded to HTTP/2 through HTTP Upgrade. On the other hard, backend connections are not encrypted by default. To encrypt backend connections, use tls keyword in --backend option.

nghttpx supports a configuration file. See the --conf option and sample configuration file nghttpx.conf.sample.

In the default mode, nghttpx works as reverse proxy to the backend server:

Client <-- (HTTP/2, HTTP/1.1) --> nghttpx <-- (HTTP/1.1, HTTP/2) --> Web Server
                                [reverse proxy]

With the --http2-proxy option, it works as forward proxy, and it is so called secure HTTP/2 proxy:

Client <-- (HTTP/2, HTTP/1.1) --> nghttpx <-- (HTTP/1.1) --> Proxy
                                 [secure proxy]          (e.g., Squid, ATS)

The Client in the above example needs to be configured to use nghttpx as secure proxy.

At the time of this writing, both Chrome and Firefox support secure HTTP/2 proxy. One way to configure Chrome to use a secure proxy is to create a proxy.pac script like this:

function FindProxyForURL(url, host) {
    return "HTTPS SERVERADDR:PORT";
}

SERVERADDR and PORT is the hostname/address and port of the machine nghttpx is running on. Please note that Chrome requires a valid certificate for secure proxy.

Then run Chrome with the following arguments:

$ google-chrome --proxy-pac-url=file:///path/to/proxy.pac --use-npn

The backend HTTP/2 connections can be tunneled through an HTTP proxy. The proxy is specified using --backend-http-proxy-uri. The following figure illustrates how nghttpx talks to the outside HTTP/2 proxy through an HTTP proxy:

Client <-- (HTTP/2, HTTP/1.1) --> nghttpx <-- (HTTP/2) --

        --===================---> HTTP/2 Proxy
          (HTTP proxy tunnel)     (e.g., nghttpx -s)

Benchmarking tool

The h2load program is a benchmarking tool for HTTP/2. The UI of h2load is heavily inspired by weighttp (https://github.com/lighttpd/weighttp). The typical usage is as follows:

$ h2load -n100000 -c100 -m100 https://localhost:8443/
starting benchmark...
spawning thread #0: 100 concurrent clients, 100000 total requests
Protocol: TLSv1.2
Cipher: ECDHE-RSA-AES128-GCM-SHA256
Server Temp Key: ECDH P-256 256 bits
progress: 10% done
progress: 20% done
progress: 30% done
progress: 40% done
progress: 50% done
progress: 60% done
progress: 70% done
progress: 80% done
progress: 90% done
progress: 100% done

finished in 771.26ms, 129658 req/s, 4.71MB/s
requests: 100000 total, 100000 started, 100000 done, 100000 succeeded, 0 failed, 0 errored
status codes: 100000 2xx, 0 3xx, 0 4xx, 0 5xx
traffic: 3812300 bytes total, 1009900 bytes headers, 1000000 bytes data
                     min         max         mean         sd        +/- sd
time for request:    25.12ms    124.55ms     51.07ms     15.36ms    84.87%
time for connect:   208.94ms    254.67ms    241.38ms      7.95ms    63.00%
time to 1st byte:   209.11ms    254.80ms    241.51ms      7.94ms    63.00%

The above example issued total 100,000 requests, using 100 concurrent clients (in other words, 100 HTTP/2 sessions), and a maximum of 100 streams per client. With the -t option, h2load will use multiple native threads to avoid saturating a single core on client side.

Warning

Don't use this tool against publicly available servers. That is considered a DOS attack. Please only use it against your private servers.

HPACK tools

The src directory contains the HPACK tools. The deflatehd program is a command-line header compression tool. The inflatehd program is a command-line header decompression tool. Both tools read input from stdin and write output to stdout. Errors are written to stderr. They take JSON as input and output. We (mostly) use the same JSON data format described at https://github.com/http2jp/hpack-test-case.

deflatehd - header compressor

The deflatehd program reads JSON data or HTTP/1-style header fields from stdin and outputs compressed header block in JSON.

For the JSON input, the root JSON object must include a cases key. Its value has to include the sequence of input header set. They share the same compression context and are processed in the order they appear. Each item in the sequence is a JSON object and it must include a headers key. Its value is an array of JSON objects, which includes exactly one name/value pair.

Example:

{
  "cases":
  [
    {
      "headers": [
        { ":method": "GET" },
        { ":path": "/" }
      ]
    },
    {
      "headers": [
        { ":method": "POST" },
        { ":path": "/" }
      ]
    }
  ]
}

With the -t option, the program can accept more familiar HTTP/1 style header field blocks. Each header set is delimited by an empty line:

Example:

:method: GET
:scheme: https
:path: /

:method: POST
user-agent: nghttp2

The output is in JSON object. It should include a cases key and its value is an array of JSON objects, which has at least the following keys:

seq
The index of header set in the input.
input_length
The sum of the length of the name/value pairs in the input.
output_length
The length of the compressed header block.
percentage_of_original_size
output_length / input_length * 100
wire
The compressed header block as a hex string.
headers
The input header set.
header_table_size
The header table size adjusted before deflating the header set.

Examples:

{
  "cases":
  [
    {
      "seq": 0,
      "input_length": 66,
      "output_length": 20,
      "percentage_of_original_size": 30.303030303030305,
      "wire": "01881f3468e5891afcbf83868a3d856659c62e3f",
      "headers": [
        {
          ":authority": "example.org"
        },
        {
          ":method": "GET"
        },
        {
          ":path": "/"
        },
        {
          ":scheme": "https"
        },
        {
          "user-agent": "nghttp2"
        }
      ],
      "header_table_size": 4096
    }
    ,
    {
      "seq": 1,
      "input_length": 74,
      "output_length": 10,
      "percentage_of_original_size": 13.513513513513514,
      "wire": "88448504252dd5918485",
      "headers": [
        {
          ":authority": "example.org"
        },
        {
          ":method": "POST"
        },
        {
          ":path": "/account"
        },
        {
          ":scheme": "https"
        },
        {
          "user-agent": "nghttp2"
        }
      ],
      "header_table_size": 4096
    }
  ]
}

The output can be used as the input for inflatehd and deflatehd.

With the -d option, the extra header_table key is added and its associated value includes the state of dynamic header table after the corresponding header set was processed. The value includes at least the following keys:

entries
The entry in the header table. If referenced is true, it is in the reference set. The size includes the overhead (32 bytes). The index corresponds to the index of header table. The name is the header field name and the value is the header field value.
size
The sum of the spaces entries occupied, this includes the entry overhead.
max_size
The maximum header table size.
deflate_size
The sum of the spaces entries occupied within max_deflate_size.
max_deflate_size
The maximum header table size the encoder uses. This can be smaller than max_size. In this case, the encoder only uses up to first max_deflate_size buffer. Since the header table size is still max_size, the encoder has to keep track of entries outside the max_deflate_size but inside the max_size and make sure that they are no longer referenced.

Example:

{
  "cases":
  [
    {
      "seq": 0,
      "input_length": 66,
      "output_length": 20,
      "percentage_of_original_size": 30.303030303030305,
      "wire": "01881f3468e5891afcbf83868a3d856659c62e3f",
      "headers": [
        {
          ":authority": "example.org"
        },
        {
          ":method": "GET"
        },
        {
          ":path": "/"
        },
        {
          ":scheme": "https"
        },
        {
          "user-agent": "nghttp2"
        }
      ],
      "header_table_size": 4096,
      "header_table": {
        "entries": [
          {
            "index": 1,
            "name": "user-agent",
            "value": "nghttp2",
            "referenced": true,
            "size": 49
          },
          {
            "index": 2,
            "name": ":scheme",
            "value": "https",
            "referenced": true,
            "size": 44
          },
          {
            "index": 3,
            "name": ":path",
            "value": "/",
            "referenced": true,
            "size": 38
          },
          {
            "index": 4,
            "name": ":method",
            "value": "GET",
            "referenced": true,
            "size": 42
          },
          {
            "index": 5,
            "name": ":authority",
            "value": "example.org",
            "referenced": true,
            "size": 53
          }
        ],
        "size": 226,
        "max_size": 4096,
        "deflate_size": 226,
        "max_deflate_size": 4096
      }
    }
    ,
    {
      "seq": 1,
      "input_length": 74,
      "output_length": 10,
      "percentage_of_original_size": 13.513513513513514,
      "wire": "88448504252dd5918485",
      "headers": [
        {
          ":authority": "example.org"
        },
        {
          ":method": "POST"
        },
        {
          ":path": "/account"
        },
        {
          ":scheme": "https"
        },
        {
          "user-agent": "nghttp2"
        }
      ],
      "header_table_size": 4096,
      "header_table": {
        "entries": [
          {
            "index": 1,
            "name": ":method",
            "value": "POST",
            "referenced": true,
            "size": 43
          },
          {
            "index": 2,
            "name": "user-agent",
            "value": "nghttp2",
            "referenced": true,
            "size": 49
          },
          {
            "index": 3,
            "name": ":scheme",
            "value": "https",
            "referenced": true,
            "size": 44
          },
          {
            "index": 4,
            "name": ":path",
            "value": "/",
            "referenced": false,
            "size": 38
          },
          {
            "index": 5,
            "name": ":method",
            "value": "GET",
            "referenced": false,
            "size": 42
          },
          {
            "index": 6,
            "name": ":authority",
            "value": "example.org",
            "referenced": true,
            "size": 53
          }
        ],
        "size": 269,
        "max_size": 4096,
        "deflate_size": 269,
        "max_deflate_size": 4096
      }
    }
  ]
}

inflatehd - header decompressor

The inflatehd program reads JSON data from stdin and outputs decompressed name/value pairs in JSON.

The root JSON object must include the cases key. Its value has to include the sequence of compressed header blocks. They share the same compression context and are processed in the order they appear. Each item in the sequence is a JSON object and it must have at least a wire key. Its value is a compressed header block as a hex string.

Example:

{
  "cases":
  [
    { "wire": "8285" },
    { "wire": "8583" }
  ]
}

The output is a JSON object. It should include a cases key and its value is an array of JSON objects, which has at least following keys:

seq
The index of the header set in the input.
headers
A JSON array that includes decompressed name/value pairs.
wire
The compressed header block as a hex string.
header_table_size
The header table size adjusted before inflating compressed header block.

Example:

{
  "cases":
  [
    {
      "seq": 0,
      "wire": "01881f3468e5891afcbf83868a3d856659c62e3f",
      "headers": [
        {
          ":authority": "example.org"
        },
        {
          ":method": "GET"
        },
        {
          ":path": "/"
        },
        {
          ":scheme": "https"
        },
        {
          "user-agent": "nghttp2"
        }
      ],
      "header_table_size": 4096
    }
    ,
    {
      "seq": 1,
      "wire": "88448504252dd5918485",
      "headers": [
        {
          ":method": "POST"
        },
        {
          ":path": "/account"
        },
        {
          "user-agent": "nghttp2"
        },
        {
          ":scheme": "https"
        },
        {
          ":authority": "example.org"
        }
      ],
      "header_table_size": 4096
    }
  ]
}

The output can be used as the input for deflatehd and inflatehd.

With the -d option, the extra header_table key is added and its associated value includes the state of the dynamic header table after the corresponding header set was processed. The format is the same as deflatehd.

libnghttp2_asio: High level HTTP/2 C++ library

libnghttp2_asio is C++ library built on top of libnghttp2 and provides high level abstraction API to build HTTP/2 applications. It depends on the Boost::ASIO library and OpenSSL. Currently libnghttp2_asio provides both client and server APIs.

libnghttp2_asio is not built by default. Use the --enable-asio-lib configure flag to build libnghttp2_asio. The required Boost libraries are:

  • Boost::Asio
  • Boost::System
  • Boost::Thread

The server API is designed to build an HTTP/2 server very easily to utilize C++14 anonymous functions and closures. The bare minimum example of an HTTP/2 server looks like this:

#include <iostream>

#include <nghttp2/asio_http2_server.h>

using namespace nghttp2::asio_http2;
using namespace nghttp2::asio_http2::server;

int main(int argc, char *argv[]) {
  boost::system::error_code ec;
  http2 server;

  server.handle("/", [](const request &req, const response &res) {
    res.write_head(200);
    res.end("hello, world\n");
  });

  if (server.listen_and_serve(ec, "localhost", "3000")) {
    std::cerr << "error: " << ec.message() << std::endl;
  }
}

Here is sample code to use the client API:

#include <iostream>

#include <nghttp2/asio_http2_client.h>

using boost::asio::ip::tcp;

using namespace nghttp2::asio_http2;
using namespace nghttp2::asio_http2::client;

int main(int argc, char *argv[]) {
  boost::system::error_code ec;
  boost::asio::io_service io_service;

  // connect to localhost:3000
  session sess(io_service, "localhost", "3000");

  sess.on_connect([&sess](tcp::resolver::iterator endpoint_it) {
    boost::system::error_code ec;

    auto req = sess.submit(ec, "GET", "http://localhost:3000/");

    req->on_response([](const response &res) {
      // print status code and response header fields.
      std::cerr << "HTTP/2 " << res.status_code() << std::endl;
      for (auto &kv : res.header()) {
        std::cerr << kv.first << ": " << kv.second.value << "\n";
      }
      std::cerr << std::endl;

      res.on_data([](const uint8_t *data, std::size_t len) {
        std::cerr.write(reinterpret_cast<const char *>(data), len);
        std::cerr << std::endl;
      });
    });

    req->on_close([&sess](uint32_t error_code) {
      // shutdown session after first request was done.
      sess.shutdown();
    });
  });

  sess.on_error([](const boost::system::error_code &ec) {
    std::cerr << "error: " << ec.message() << std::endl;
  });

  io_service.run();
}

For more details, see the documentation of libnghttp2_asio.

Python bindings

The python directory contains nghttp2 Python bindings. The bindings currently provide HPACK compressor and decompressor classes and an HTTP/2 server.

The extension module is called nghttp2.

make will build the bindings and target Python version is determined by the configure script. If the detected Python version is not what you expect, specify a path to Python executable in a PYTHON variable as an argument to configure script (e.g., ./configure PYTHON=/usr/bin/python3.8).

The following example code illustrates basic usage of the HPACK compressor and decompressor in Python:

import binascii
import nghttp2

deflater = nghttp2.HDDeflater()
inflater = nghttp2.HDInflater()

data = deflater.deflate([(b'foo', b'bar'),
                         (b'baz', b'buz')])
print(binascii.b2a_hex(data))

hdrs = inflater.inflate(data)
print(hdrs)

The nghttp2.HTTP2Server class builds on top of the asyncio event loop. On construction, RequestHandlerClass must be given, which must be a subclass of nghttp2.BaseRequestHandler class.

The BaseRequestHandler class is used to handle the HTTP/2 stream. By default, it does nothing. It must be subclassed to handle each event callback method.

The first callback method invoked is on_headers(). It is called when HEADERS frame, which includes the request header fields, has arrived.

If the request has a request body, on_data(data) is invoked for each chunk of received data.

Once the entire request is received, on_request_done() is invoked.

When the stream is closed, on_close(error_code) is called.

The application can send a response using send_response() method. It can be used in on_headers(), on_data() or on_request_done().

The application can push resources using the push() method. It must be used before the send_response() call.

The following instance variables are available:

client_address
Contains a tuple of the form (host, port) referring to the client's address.
stream_id
Stream ID of this stream.
scheme
Scheme of the request URI. This is a value of :scheme header field.
method
Method of this stream. This is a value of :method header field.
host
This is a value of :authority or host header field.
path
This is a value of :path header field.

The following example illustrates the HTTP2Server and BaseRequestHandler usage:

#!/usr/bin/env python3

import io, ssl
import nghttp2

class Handler(nghttp2.BaseRequestHandler):

    def on_headers(self):
        self.push(path='/css/bootstrap.css',
                  request_headers = [('content-length', '3')],
                  status=200,
                  body='foo')

        self.push(path='/js/bootstrap.js',
                  method='GET',
                  request_headers = [('content-length', '10')],
                  status=200,
                  body='foobarbuzz')

        self.send_response(status=200,
                           headers = [('content-type', 'text/plain')],
                           body=io.BytesIO(b'nghttp2-python FTW'))

ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ctx.options = ssl.OP_ALL | ssl.OP_NO_SSLv2
ctx.load_cert_chain('server.crt', 'server.key')

# give None to ssl to make the server non-SSL/TLS
server = nghttp2.HTTP2Server(('127.0.0.1', 8443), Handler, ssl=ctx)
server.serve_forever()

Contribution

[This text was composed based on 1.2. License section of curl/libcurl project.]

When contributing with code, you agree to put your changes and new code under the same license nghttp2 is already using unless stated and agreed otherwise.

When changing existing source code, do not alter the copyright of the original file(s). The copyright will still be owned by the original creator(s) or those who have been assigned copyright by the original author(s).

By submitting a patch to the nghttp2 project, you (or your employer, as the case may be) agree to assign the copyright of your submission to us. .. the above really needs to be reworded to pass legal muster. We will credit you for your changes as far as possible, to give credit but also to keep a trace back to who made what changes. Please always provide us with your full real name when contributing!

See Contribution Guidelines for more details.

Reporting vulnerability

If you find a vulnerability in our software, please send the email to "tatsuhiro.t at gmail dot com" about its details instead of submitting issues on github issue page. It is a standard practice not to disclose vulnerability information publicly until a fixed version is released, or mitigation is worked out.

In the future, we may setup a dedicated mail address for this purpose.

Release schedule

In general, we follow Semantic Versioning. We release MINOR version update every month, and usually we ship it around 25th day of every month.

We may release PATCH releases between the regular releases, mainly for severe security bug fixes.

We have no plan to break API compatibility changes involving soname bump, so MAJOR version will stay 1 for the foreseeable future.

License

The MIT License

Issues
  • Keep getting HTTP status code 503

    Keep getting HTTP status code 503

    Hi, this is my syntax: nghttpx -o --http2-bridge -f172.24.178.176,8443 -b172.24.178.146,443 localhost.key localhost.crt

    Each time I try to connect from http2 client and from http1.1 \ spdy client I'm getting this:

    503 Service Unavailable

    503 Service Unavailable

    nghttpx nghttp2/0.7.4-DEV at port 8443
    [ 0.010] recv DATA frame

    I can't find the cause of this issue Hope to get help

    Thanks!

    opened by nergoza 47
  • How get get window size > 4096 for sending large amounts of data

    How get get window size > 4096 for sending large amounts of data

    I would like to be able to send more than 4096 bytes in a single frame. I have set the intial window side on both sides to the max value (I stole your frame logging code):

    [1406906541.461] send SETTINGS frame <length=12, flags=0x00, stream_id=0> (niv=2) [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):128] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):2147483647] [New Thread 0x7ffff6dde700 (LWP 14749)] [1406906541.465] recv SETTINGS frame <length=24, flags=0x00, stream_id=0> (niv=4) [SETTINGS_HEADER_TABLE_SIZE(0x01):4096] [SETTINGS_ENABLE_PUSH(0x02):1] [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):2147483647] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535]

    It seems like the nghttp2_session_next_data_read method used to acquire the number bytes to send will never return greater than NGHTTP2_DATA_PAYLOADLEN bytes due to the initialization code and then cascading this value through nghttp2_min calls. I am interpreting this correctly, and if not what am I missing?

    opened by Scottmitch 35
  • [WARN] shrpx_connect_blocker.cc:93 Could not connect X times in a row; sleep for T seconds

    [WARN] shrpx_connect_blocker.cc:93 Could not connect X times in a row; sleep for T seconds

    I'm using nghttpx v1.13.0 as a HTTP/2 proxy, and the backend is squid v3.5.20. Both of nghttpx and squid are on the same dedicated server, running the latest stable CentOS 7.

    But there are a lot of the following WARNINGS in /var/log/nghttpx/error.log even when the system is in light load:

    ... 19/Aug/2016:00:30:38 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.55938 seconds 19/Aug/2016:00:31:00 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.39127 seconds 19/Aug/2016:00:31:19 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.28279 seconds 19/Aug/2016:00:32:25 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.85783 seconds 19/Aug/2016:00:33:42 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.89725 seconds 19/Aug/2016:00:34:51 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.33974 seconds 19/Aug/2016:00:35:37 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.31277 seconds 19/Aug/2016:00:41:40 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.90595 seconds 19/Aug/2016:00:43:04 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.76135 seconds 19/Aug/2016:00:44:39 +0800 PID11918 [NOTICE] Renew new ticket keys 19/Aug/2016:00:45:54 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.41557 seconds 19/Aug/2016:00:47:05 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.84914 seconds 19/Aug/2016:00:48:10 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.62921 seconds 19/Aug/2016:00:49:24 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.86594 seconds 19/Aug/2016:00:50:52 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.85862 seconds 19/Aug/2016:00:53:27 +0800 PID14292 [NOTICE] Renew new ticket keys 19/Aug/2016:00:56:46 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.46331 seconds 19/Aug/2016:00:58:55 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.87852 seconds 19/Aug/2016:00:59:44 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.73629 seconds 19/Aug/2016:01:00:49 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.35262 seconds 19/Aug/2016:01:00:49 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.43397 seconds 19/Aug/2016:01:01:57 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.57779 seconds 19/Aug/2016:01:02:25 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.69779 seconds 19/Aug/2016:01:02:56 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.86793 seconds 19/Aug/2016:01:04:31 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.81543 seconds 19/Aug/2016:01:04:44 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.73382 seconds 19/Aug/2016:01:06:21 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.38318 seconds 19/Aug/2016:01:06:36 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.76642 seconds 19/Aug/2016:01:07:38 +0800 PID6821 [NOTICE] Renew new ticket keys 19/Aug/2016:01:07:38 +0800 PID6809 [NOTICE] Renew new ticket keys 19/Aug/2016:01:07:38 +0800 PID6832 [NOTICE] Renew new ticket keys 19/Aug/2016:01:08:07 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.69277 seconds 19/Aug/2016:01:10:22 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.82191 seconds 19/Aug/2016:01:11:43 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.64596 seconds 19/Aug/2016:01:14:48 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.40443 seconds 19/Aug/2016:01:18:12 +0800 PID11918 [WARN] shrpx_connect_blocker.cc:93 Could not connect 1 times in a row; sleep for 1.58199 seconds ...

    But there are no WARNING or ERROR messages in squid logs. Actually, squid seems to be running very well when I try connecting to it directly without nghttpx.

    This is my nghttpx conf:

    private-key-file=/usr/etc/foobar.com.key certificate-file=/usr/etc/foobar.com.crt

    frontend=0.0.0.0,443 backend=127.0.0.1,143 backend=127.0.0.1,144 backend=127.0.0.1,145 backend=127.0.0.1,146 backend=127.0.0.1,147 backend=127.0.0.1,148 backend=127.0.0.1,149 backend=127.0.0.1,150

    workers=8 daemon=yes http2-proxy=yes

    I've tried spdy/3.1,h2,h2-16,h2-14,http/1.1 and h2,h2-16,h2-14,spdy/3.1,http/1.1, but the warning messages are still there.

    npn-list=spdy/3.1,h2,h2-16,h2-14,http/1.1

    add-x-forwarded-for=yes no-via=yes

    accesslog-file=/var/log/nghttpx/access.log accesslog-format=[$time_iso8601] $remote_addr:$remote_port->:$server_port $body_bytes_sent $request_time $status $alpn "$request" "$http_user_agent"

    errorlog-file=/var/log/nghttpx/error.log

    This is /etc/sysctl.conf:

    fs.file-max=655350

    net.core.wmem_default=8388608 net.core.rmem_default=8388608 net.core.rmem_max=16777216 net.core.wmem_max=16777216 net.core.optmem_max=204800 net.core.somaxconn=65535 net.core.netdev_max_backlog=655350

    net.ipv4.tcp_max_orphans=655350 net.ipv4.tcp_max_syn_backlog=655350 net.ipv4.tcp_timestamps=0 net.ipv4.tcp_tw_reuse=1 net.ipv4.tcp_max_tw_buckets=655350 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_syn_retries=2 net.ipv4.tcp_synack_retries=2

    net.ipv4.ip_local_port_range=10000 60000 net.ipv4.ip_local_reserved_ports=20000-30000 net.ipv4.ip_forward=1

    net.ipv4.conf.lo.arp_announce=2 net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.default.arp_announce=2 net.ipv4.conf.all.arp_announce=2

    net.ipv4.tcp_fin_timeout=2 net.ipv4.tcp_keepalive_time=120 net.ipv4.tcp_sack=0 net.ipv4.tcp_rmem=4096 87380 4194304 net.ipv4.tcp_wmem=4096 16384 4194304 net.ipv4.tcp_mem=196608 262144 393216

    net.ipv4.udp_wmem_min=4096 net.ipv4.udp_rmem_min=4096 net.ipv4.udp_mem=772704 1030272 1545408

    net.ipv4.neigh.default.gc_stale_time=120

    net.ipv4.igmp_max_memberships = 20

    net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.lo.disable_ipv6=1

    net.nf_conntrack_max=25000000 net.netfilter.nf_conntrack_max=25000000

    And this is /etc/security/limits.conf:

    * hard nofile 409600

    • soft nofile 409600
    • hard noproc 409600
    • soft noproc 409600

    I wanna know what's wrong with nghttpx about the warnings, and how to fix it? Thank you!

    nghttpx 
    opened by joeshae 33
  • Push on nghttpx

    Push on nghttpx

    Hello Tatsuhrio-t,

    Sorry for opening this as a issue request but I could not find any other mean to contact you (twiter is blocked on my network) and github no longer have any PM feature.

    I´ve forked your project in order to to make a few tests and try to add some sort of server push funcionality on nghttpx by parsing the backend response data before send to frontend. In some point it could be able to push content if the backend reply with a corresponding 2xx and data, this should be true in most cases if nghttpx is running as default mode (reverse proxy).

    I know that you added Python API for those kind of situations but due my lack of knowledge in Python I could not use it as a proxy only as a server for static files.

    I´m not a C++ programer either but I really apretiate your inputs or guidelines on my idea.

    Thanks

    opened by acesso 30
  • nghttpx: dynamic TLS record size behaviour configuration

    nghttpx: dynamic TLS record size behaviour configuration

    During performance testing of nghttpx I identified that the dynamic TLS record size behavior implemented for HTTP/2 can reduce overall throughput in certain cases. During that activity I tested increasing the time out period before the record size decreased. More details are available on (this blog)[http://www.bbc.co.uk/rd/blog/2015/07/performance-testing-results-of-adaptive-media-streaming-over-http].

    The change was implemented by modifying code and recompiling, which is not a general solution. Therefore I would like to propose the addition of a new nghttpx option, perhaps --tls-warmup-threshold that takes a DURATION. This would allow a user to select a timeout appropriate for their use case.

    It looks like the implementation of this behaviour has changed since I last looked at it. Previously I had modified ClientHandler::get_write_limit(). However there is now a single reference to this function (in a comment block) so I need to investigate some more before being able to start on a pull request.

    opened by LPardue 28
  • crashes with nghttpx-1.2.0 on a high load website

    crashes with nghttpx-1.2.0 on a high load website

    Hi,

    a high load website crashed 2 times until now after upgrading from 1.1.2 to 1.2.0 with the following message in error.log:

    nghttpx: shrpx_client_handler.cc:272: int shrpx::ClientHandler::upstream_write(): Assertion `upstream_' failed.
    nghttpx: shrpx_client_handler.cc:272: int shrpx::ClientHandler::upstream_write(): Assertion `upstream_' failed.
    

    any ideas? TIA :-)

    opened by ghost 28
  • Proxy mode HTTP 1.1 request to HTTP/2 with --http2-bridge transmitting wrong

    Proxy mode HTTP 1.1 request to HTTP/2 with --http2-bridge transmitting wrong

    Hi,

    I'm running HTTP 1.1 requests to the nghttpx proxy using --http2-proxy mode. My clients sends 5 requests in 1 connection (persistence) and the proxy transmitting them to the HTTP/2 backend server like HTTP 1.1 requests just with h2-16 protocol.

    In the backend server we see that instead of using the default max concurrent streams 100 it's setting the concurrent to max 1 stream and the backend needs to handle each requests individually

    I think that the proxy should ignore how the clients sends the requests and transmitting them only what the --max-concurrent-streams value is.

    Tested it using browsers and also h2load tool

    Thanks

    question 
    opened by nergoza 28
  • Is it possible to make nghttpx(worked as a forwarded proxy) decide backend by the frontend domain names?

    Is it possible to make nghttpx(worked as a forwarded proxy) decide backend by the frontend domain names?

    Hi tatsuhiro-t, is it possible to make nghttpx(worked as a forwarded proxy) decide backend by the frontend domain names?

    We're using nghttpx as a forwarded proxy in front of squid.

    We have three domain names for nghttpx frontend:

    frontend=0.0.0.0,443
    
    private-key-file=/usr/etc/certs/a.test.com.key
    certificate-file=/usr/etc/certs/a.test.com.crt
    
    subcert=/usr/etc/certs/b.test.com.key:/usr/etc/certs/b.test.com.crt
    subcert=/usr/etc/certs/c.test.com.key:/usr/etc/certs/c.test.com.crt
    

    And we have four different backends:

    backend=127.0.0.1,10001
    backend=127.0.0.1,10002
    backend=127.0.0.1,10003
    backend=127.0.0.1,10004
    

    We want: the connections via a.test.com, *.a.test.com, *.*.a.test.com, *.*.*.a.test.com, ... are all redirected to 127.0.0.1:10001 the connections via ONLY b.test.com and *.b.test.com are all redirected to 127.0.0.1:10002 the connections via ONLY c.test.com are all redirected to 127.0.0.1:10003 all other connections are all redirected to 127.0.0.1:10004

    But the current nghttpx can not do this when nghttpx worked as a forwarded proxy. Could you please add this new feature? It's very important to us. Thank you!

    enhancement nghttpx 
    opened by joeshae 27
  • ERR_SPDY_PROTOCOL_ERROR

    ERR_SPDY_PROTOCOL_ERROR

    As you can see, this is the error: http://i.imgur.com/bZGOEiQ.png

    Running on SPDY reverse proxy on Chrome 40, Windows XP. @tatsuhiro-t, any idea on why this happens?

    opened by nubela 25
  • Priority of pushed streams

    Priority of pushed streams

    Pushed streams alway depend on the stream they are initiated on and are given the default weight. I think it is up to the client to manipulate those dependencies, just like for any other stream.

    However I would like to use a different initial weight, depending on the type (as param for example) of the resource pushed.

    What do you think?

    enhancement lib 
    opened by icing 24
  • ORIGIN frame support

    ORIGIN frame support

    This is a very rough 1st attempt at adding ORIGIN frame support natively into nghttp2, based on https://tools.ietf.org/html/draft-ietf-httpbis-origin-frame-03.

    More work is required but I wanted to gauge your opinion on adding this natively to the library before I flesh out tests etc.

    opened by LPardue 23
  • Getting error on RHEL 7 with 1.47.0

    Getting error on RHEL 7 with 1.47.0

    Hi,

    I am getting this error during make on RHEL 7

    nghttp.cc: In function ‘int nghttp2::{anonymous}::communicate(const string&, const string&, uint16_t, std::vector<std::tuple<std::basic_string<char, std::char_traits<char>, std::allocator<char> >, nghttp2_data_provider*, long int, int> >, const nghttp2_session_callbacks*)’:
    nghttp.cc:2271:27: error: ‘TLS_client_method’ was not declared in this scope
         ssl_ctx = SSL_CTX_new(TLS_client_method());
                               ^~~~~~~~~~~~~~~~~
    nghttp.cc:2271:27: note: suggested alternative: ‘DTLS_client_method’
         ssl_ctx = SSL_CTX_new(TLS_client_method());
                               ^~~~~~~~~~~~~~~~~
                               DTLS_client_method
    
    

    Any clue or suggestions ?

    opened by himanshumps 1
  • with nghttp2_submit_data(), could not send more than about 64-KB

    with nghttp2_submit_data(), could not send more than about 64-KB

    Is there any limit of data size in nghttp2?

    I tried to send more than 64-KB data. The part of my code is here.

    ...
    int32_t streamId = nghttp2_submit_headers(...)
    nghttp2_session_mem_send(...);
    ...
    
    DataInfo_t dataInfo;
    ...
    dataInfo->remainingSize= dataInfo->size;
    
    nghttp2_data_provider provider;
    provider.source.ptr = &dataInfo;
    provider.read_callback = [](nghttp2_session *session, int32_t streamId, uint8_t *buf, size_t len,
        uint32_t *flags, nghttp2_data_source *source, void *userData) -> ssize_t {
    
        auto dataInfo = static_cast<DataInfo_t>*>(source->ptr);
    
        size_t copiedSize;
        if (length < dataInfo->remainingSize)
            copiedSize = length;
        else
            copiedSize = dataInfo->remainingSize;
    
        std::copy_n( dataInfo->buf + (dataInfo->size - dataInfo->remainingSize), copiedSize, buf );
    
        dataInfo->remainingSize-= copiedSize;
        if (dataInfo->remainingSize == 0)
        {
            *flags |= NGHTTP2_DATA_FLAG_EOF;
        }
    
        return copiedSize;
    };
    
    ...
    
    int errorCode = nghttp2_submit_data( m_nghttp2Session, flag, streamId, &provider);
    if ( errorCode != 0 )
        return;
    
    ...
    
    while (true)
    {
        const uint8_t *data;
        int n = nghttp2_session_mem_send( m_nghttp2Session, &data );
        if ( n < 0 )
            return false;
    
        if ( n == 0 )
            break;
    
        // copy data
        ...
    }
    

    The callback is called multiple times, and the parameter len is always 16,384 except the last one. At the last callback, dataInfo->remainingSize is 16,384, and the parameter len is 13,171. Then, only 13,171 bytes could be copied and dataInfo->remainingSize becomes 3,213. The callback is not called any more.

    And since dataInfo->remainingSize is not zero, NGHTTP2_DATA_FLAG_EOF flag is not set. I couldn't send my data fully. The library that I used is v1.44.0.

    opened by wonhlees 0
  • fuzz: add extended fuzzer using FuzzedDataProvider

    fuzz: add extended fuzzer using FuzzedDataProvider

    Similar in nature to fuzz_target.cc but adds the difference of a random iv constructed by way of fuzzer data. This fuzzer achieves higher code coverage than fuzz_target.cc but I think we should create a new rather than extend the existing to keep corpus of the existing.

    opened by DavidKorczynski 0
  • fuzz: add frames fuzzer

    fuzz: add frames fuzzer

    Adds a fuzzer heavily inspired by https://github.com/nghttp2/nghttp2/blob/master/tests/nghttp2_frame_test.c The key goal is to increase code coverage of nghttp2_frame.c. Extensions are possible but would start with this.

    This PR sets up relevant OSS-Fuzz changes: https://github.com/google/oss-fuzz/pull/8149

    Am not entirely sure how much documentation is preferred, could you advise? I assume the existing fuzzer in practice only runs by way of OSS-Fuzz.

    One thing this fuzzer does differently in comparison to the existing fuzzer is use FuzzedDataProvider interface to generate random strings. See here for documentation on this class: https://github.com/google/fuzzing/blob/master/docs/split-inputs.md

    opened by DavidKorczynski 0
  • Using nghttp2's C API Directly (not as a reverse proxy)?

    Using nghttp2's C API Directly (not as a reverse proxy)?

    If I want to use nghttp2's C API directly (its functions for HTTP/2 support), without using it as a reverse proxy, can it be done? And is it possible to do this without compiling httpd as well? I'm using Windows so I won't be able to compile httpd without using Cygwin or WSL. I have WSL 2, but my first option is to host the app on a Windows VPS.

    I don't know how to implement HTTP/2 support, and rather than learning I'd rather use code developed by someone else. I'd like to use nghttp2 for that if possible. And not as a proxy but just using the code directly.

    opened by DragonOsman 4
  • Upgrading to HTTP/2 - Help Needed

    Upgrading to HTTP/2 - Help Needed

    If I want to upgrade from HTTP/1.1 to HTTP/2, what's the best way? ALPN or Upgrade header? And also, please help me with figuring out how to use nghttp2 to do this.

    The server app I want to do this for is a Google Maps + currency converter app I wrote the backend for in C++. Code's on GitHub.

    opened by DragonOsman 8
Releases(v1.48.0)
  • v1.48.0(Jun 24, 2022)

    • lib: Allow server to override RFC 9218 stream priority (GH-1734)
    • lib: Add a server option to fallback to RFC 7540 priorities (GH-1731)
    • lib: Add PRIORITY_UPDATE frame support (GH-1729)
    • lib: Implement RFC 9218 extensible prioritization scheme (GH-1728)
    • lib: Do not verify host field specific characters for response field (GH-1727)
    • lib: No rfc7540 priorities (GH-1725)
    • lib: Fix stream stall when initial window size is decreased (GH-1680)
    • doc: Document how to change stream prioritization scheme (GH-1732)
    • build: Compile with libressl 3.5 (GH-1724)
    • build: EXTRA_DIST: List mruby files explicitly (GH-1712)
    • build: Bump ngtcp2 and nghttp3 (GH-1693, GH-1698, GH-1714, GH-1736)
    • build: Do not check application libraries if --enable-lib-only is given (GH-1681)
    • src: Update default TLS cipher suites (GH-1735)
    • nghttpx, h2load: Better pack UDP packets in one GSO write (GH-1716)
    • nghttpx, h2load: Quic error handling (GH-1710)
    • nghttpx, h2load: Fix QUIC performance regression (GH-1695)
    • nghttp, nghttpd, nghttpx: Add ktls support (GH-1702, GH-1705)
    • h2load: Send more packets without GSO per event loop (GH-1739)
    • h2load: Add ktls support (GH-1704)
    • nghttpd: Fix TLS read stall (GH-1707)
    • nghttpx: Disable RFC 7540 priorities (GH-1733)
    • nghttpx: Client always uses simpler TLS handshake (GH-1703)
    • nghttpx: Add affinity-cookie-stickiness backend parameter (GH-1685)
    • nghttpx: Fix broken session affinity (GH-1683)
    • nghttpx: Limit CONNECTION_CLOSE and Retry under server amplification limit (GH-1682)
    • integration: Go update (GH-1719)
    • integration: Add go.mod (GH-1697)
    • third-party: Bump llhttp to 75b45129db961e1fb3c56044e1b8f7721bfaee5d (GH-1738)
    • third-party: Bump libbpf to v0.8.0 (GH-1737)
    • third-party: Bump mruby to 3.1.0 (GH-1709)
    • third-party: Bump neverbleed based on the latest head (GH-1708)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.48.0.tar.bz2(4.48 MB)
    nghttp2-1.48.0.tar.gz(4.87 MB)
    nghttp2-1.48.0.tar.xz(3.92 MB)
  • v1.47.0(Feb 23, 2022)

    • lib: Fix decoder table size update (GH-1667)
    • lib: chore: fix -Wunreachable-code-return (GH-1625)
    • build: Make Docker speak HTTP/3 (GH-1657)
    • build: Remove SPDY option for CMake (GH-1665)
    • build: cmake: Disable libbpf build by default
    • doc: Fix typos (GH-1668)
    • doc: Update nghttp2.pyx (GH-1666)
    • h2load: Handle EAGAIN/EWOULDBLOCK from sendmsg
    • h2load: allow setting max frame size for h2load (GH-1640)
    • nghttpx: Add --require-http-scheme option
    • nghttpx: Add support QUIC BBR2
    • nghttpx: Bump libbpf to v0.7.0 and turn on all strict features
    • nghttpx: Change qlog file extension to .sqlog
    • nghttpx: Fix bug that h3 stream ends prematurely
    • nghttpx: Fix the issue that forwarded h3 GET request always has chunked TE
    • nghttpx: Handle EAGAIN/EWOULDBLOCK from sendmsg
    • nghttpx: Send and receive ECN in QUIC packets
    • nghttpx: Set IP_PMTUDISC_DO explicitly
    • nghttpx: Support h3 trailer fields
    • nghttpx: fix quotes in --altsvc example (GH-1643)
    • nghttpx: shrpx: make nghttpx -v show ngtcp2 and nghttp3 version as well (GH-1636)
    • third-party: Bump llhttp to v6.0.6
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.47.0.tar.bz2(4.37 MB)
    nghttp2-1.47.0.tar.gz(4.75 MB)
    nghttp2-1.47.0.tar.xz(3.84 MB)
  • v1.46.0(Oct 19, 2021)

    • build: Workaround broken version check in AX_PYTHON_DEVEL (GH-1622)
    • build: Remove check for UDP_SEGMENT (GH-1619)
    • build: Fix issue that libev cannot be found with autotools under mac osx
    • build: Fix compile error with libressl
    • build: Always include optional files to EXTRA_DIST
    • build: Add missing cmake files to EXTRA_DIST
    • src: Enable HTTP/3 with boringssl
    • src: Compile with boringssl for non-http3 build
    • src: Guard msghdr_get_local_addr with ENABLE_HTTP3 macro (GH-1620)
    • nghttpx: Reduce dgram size if sendmsg fails with EINVAL or EMSGSIZE
    • nghttpx: Set SCT data when built with boringssl
    • nghttpx: Fix wrong SSL_CTX object usage
    • nghttpx: Respect !tls-no-postpone-early-data with boringssl
    • nghttpx: Send session ticket after handshake with boringssl
    • nghttpx: Add --frontend-quic-initial-rtt option
    • nghttpx: Unload BPF program after setting up all QUIC listeners
    • nghttpx: Add --worker-process-grace-shutdown-period option
    • nghttpx: Add --max-worker-processes option
    • nghttpx: Unload BPF objects on reload to avoid running out of memlock
    • nghttpx: Support h3-29
    • nghttpx: Fail h3 connection attempt if no ALPN is negotiated
    • nghttpx: Add --rlimit-memlock option
    • nghttpx: Read QUIC keying materials from file
    • nghttpx: Allocate server id in Connection ID (see --quic-server-id option)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.46.0.tar.bz2(4.37 MB)
    nghttp2-1.46.0.tar.gz(4.75 MB)
    nghttp2-1.46.0.tar.xz(3.83 MB)
  • v1.45.1(Sep 21, 2021)

  • v1.45.0(Sep 20, 2021)

    • lib: Stricter checks for pseudo-headers :method and :path (Patch from Michael Kaufmann) (GH-1613)
    • doc: Rename sphinxcontrib to rubydomain to avoid module loading error
    • doc: Allow SPHINXBUILD to be overridden by environment variable
    • doc: Fix reference to non-existing nghttp2_option_set_max_send_header_block_size() in comment (Patch from Amir Livneh) (GH-1610)
    • doc: update document for nghttp2_session_mem_recv (Patch from Jacky_Yin) (GH-1603)
    • build: Build with OpenSSL v3.0.0
    • build: Fix cmake Systemd warning
    • nghttpx: Check that HTTP response message finished safely
    • nghttpx: Use secure random to create websocket nonce
    • nghttpx: Fix heap-use-after-free on initialization failure
    • nghttpx: Add experimental HTTP/3 support
    • nghttpx: Add "dnf" (= "do not forward") parameter to backend option (GH-1607)
    • h2load: Add qlog output support (Patch from Hajime Fujita) (GH-1569)
    • h2load: Add SSLKEYLOGFILE support (Patch from Lucas Pardue) (GH-1399)
    • h2load: Add experimental HTTP/3 support
    • nghttpd: Fix prototype mismatch for function 'file_read_callback' (Patch from lhuang04) (GH-1602)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.45.0.tar.bz2(4.35 MB)
    nghttp2-1.45.0.tar.gz(4.74 MB)
    nghttp2-1.45.0.tar.xz(3.83 MB)
  • v1.44.0(Jul 18, 2021)

    lib: Port new ngtcp2 map implementation doc: Replace master with main build: Add precious variables for libev and jemalloc and use JEMALLOC_CFLAGS build: Add more --with-* configure flags build: Add LIBTOOL_LDFLAGS configure variable third-party: Bump llhttp to 6.0.2 src: Replace black-list with block-list nghttpx: Fix max distance in weight group/address cycle comparison nghttpx: Set connect_blocker and live_check after shuffling addresses nghttpx: Replace master with main nghttpx: Remove trailing white space after $method log variable (GH-1553) h2load: Add --rps option (GH-1559) h2load: Allow unit in -D option asio: fix some typos (Patch from Jan Kundrát) (GH-1550)

    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.44.0.tar.bz2(4.30 MB)
    nghttp2-1.44.0.tar.gz(4.66 MB)
    nghttp2-1.44.0.tar.xz(3.78 MB)
  • v1.43.0(Feb 2, 2021)

    doc: Make doc generation work with sphinx v3.3 (GH-1547) python: Require python3 for python bindings (GH-1548) python: Require python3 for python scripts (GH-1546) nghttpx: Make sure that Pool gets cleared when all buffers are returned (GH-1544) nghttpx: Choose ECDSA cert if compatible signature algorithm available (GH-1542) nghttpx: Add workaround to include ':' in backend pattern (GH-1537)

    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.43.0.tar.bz2(4.31 MB)
    nghttp2-1.43.0.tar.gz(4.66 MB)
    nghttp2-1.43.0.tar.xz(3.78 MB)
  • v1.42.0(Nov 23, 2020)

    • lib: fix ubsan errors (Patch from Asra Ali) (GH-1468)
    • lib: Don't send RST_STREAM to idle stream (GH-1477)
    • lib: nghttp2_map backed by nghttp2_ksl
    • doc: Update sphinx_rtd_theme
    • doc: nghttp2_session_send is also affected by max concurrent streams (Patch from Tomas Krizek) (GH-1489)
    • doc: clarify flow control behaviour for nghttp2_session_send() (Patch from Tomas Krizek) (GH-1488)
    • build: Add missing cmake/FindSystemd.cmake to dist (GH-1526)
    • third-party: Bump llhttp to 2.2.0
    • third-party: Bump mruby to 2.1.2
    • nghttpx: Deal with the case when h2 backend is retired before it is initialized
    • nghttpx: Add accesslog variables to record request path without query (GH-1511)
    • nghttpx: Fix stall when TLS follows after proxy protocol
    • nghttpx: Fix logging integer
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.42.0.tar.bz2(4.31 MB)
    nghttp2-1.42.0.tar.gz(4.66 MB)
    nghttp2-1.42.0.tar.xz(3.78 MB)
  • v1.41.0(Jun 2, 2020)

    • Fix CVE-2020-11080
    • lib: Implement max settings option (Patch from James M Snell)
    • lib: Earlier check for settings flood (Patch from James M Snell)
    • lib: Fix receiving stream data stall (GH-1444)
    • build: cmake: Make hard-coded static lib suffix optional (Patch from Viktor Szakats) (GH-1418)
    • third-party: Bump llhttp to 2.0.4 (GH-1442)
    • nghttpx: Add PROXY-protocol v2 support (GH-1452)
    • nghttpx: Fix get_x509_serial for long serial numbers (Patch from Jacky Tian) (GH-1455)
    • h2load: Allow port in --connect-to
    • h2load: add --connect-to option (Patch from Lucas Pardue) (GH-1426)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.41.0.tar.bz2(1.85 MB)
    nghttp2-1.41.0.tar.gz(2.24 MB)
    nghttp2-1.41.0.tar.xz(1.56 MB)
  • v1.40.0(Nov 15, 2019)

    • lib: Add nghttp2_check_authority as public API (GH-1413)
    • lib: Fix the bug that stream is closed with wrong error code (GH-1408)
    • lib: Faster huffman encoding and decoding (GH-1405)
    • build: Avoid filename collision of static and dynamic lib (Patch from William A Rowe Jr) (GH-1394)
    • build: Add new flag ENABLE_STATIC_CRT for Windows (Patch from William A Rowe Jr) (GH-1393)
    • build: cmake: Support building nghttpx with systemd (Patch from Andrew Penkrat) (GH-1377)
    • third-party: Update neverbleed to fix memory leak
    • nghttpx: Fix bug that mruby is incorrectly shared between backends (GH-1392)
    • nghttpx: Reconnect h1 backend if it lost connection before sending headers
    • nghttpx: Returns 408 if backend timed out before sending headers
    • nghttpx: Fix request stall (GH-1378)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.40.0.tar.bz2(1.84 MB)
    nghttp2-1.40.0.tar.gz(2.23 MB)
    nghttp2-1.40.0.tar.xz(1.56 MB)
  • v1.39.2(Aug 13, 2019)

    This release fixes CVE-2019-9511 “Data Dribble” and CVE-2019-9513 “Resource Loop” vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for details. For nghttpx, additionally limiting inbound traffic by --read-rate and --read-burst options is quite effective against this kind of attack.

    • Fix CVE-2019-9511 and CVE-2019-9513
    • Add nghttp2_option_set_max_outbound_ack API function
    • nghttpx: Fix request stall
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.39.2.tar.bz2(1.90 MB)
    nghttp2-1.39.2.tar.gz(2.29 MB)
    nghttp2-1.39.2.tar.xz(1.55 MB)
  • v1.39.1(Jun 11, 2019)

  • v1.39.0(Jun 11, 2019)

    • lib: Ignore content-length in 200 response to CONNECT request (GH-1347)
    • third-party: Upgrade mruby to 2.0.1 (GH-1337)
    • asio: support boost-1.70 (Patch from Adam Gołębiowski) (GH-1335)
    • src: Replace http-parser with llhttp (GH-1340)
    • nghttpx: Ignore Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT (GH-1347)
    • nghttpx: Fix unchanged log level on configuration reload (GH-1356)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.39.0.tar.bz2(1.84 MB)
    nghttp2-1.39.0.tar.gz(2.23 MB)
    nghttp2-1.39.0.tar.xz(1.56 MB)
  • v1.38.0(Apr 18, 2019)

    • lib: Fix bug that on_header callback is still called after stream is closed (GH-1331)
    • third-party: Update http-parser to v2.9.1
    • nghttpx: Fix bug that altered authority and path affect backend selection (GH-1334)
    • nghttpx: Fix bug that chunked request stalls (GH-1333)
    • nghttpx: Don't log authorization request header field value with -LINFO (GH-1332)
    • nghttpx: Fix for compilation against modern LibreSSL (Patch from Jeff 'Raid' Baitis) (GH-1270)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.38.0.tar.bz2(1.83 MB)
    nghttp2-1.38.0.tar.gz(2.22 MB)
    nghttp2-1.38.0.tar.xz(1.55 MB)
  • v1.37.0(Mar 8, 2019)

    • lib: Take into account larger frame size for prioritization
    • lib: Reuse name when indexing header by referencing dynamic table
    • build: Explicitly set install location when building shared libs (Patch from Don) (GH-1303)
    • nghttpx: Fix backend stall if header and request body are sent in 2 packets
    • nghttpx: Backend address selection with weight (GH-1297)
    • nghttpx: Fix compilation with boringssl (Patch from Simon Frankenberger) (GH-1295)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.37.0.tar.bz2(1.82 MB)
    nghttp2-1.37.0.tar.gz(2.22 MB)
    nghttp2-1.37.0.tar.xz(1.55 MB)
  • v1.36.0(Jan 18, 2019)

    • build: Disable shared library if ENABLE_SHARED_LIB is OFF (Patch from Brendan Heinonen) (GH-1285)
    • third-party: Use http-parser to v2.9.0 (GH-1294)
    • third-party: Update mruby to 2.0.0
    • nghttpx: Pool h1 backend connection per address (GH-1292)
    • nghttpx: Randomize backend address round robin order per thread (GH-1291)
    • nghttpx: Fix getting long serial numbers for openssl < 1.1 (Patch from Josh Braegger) (GH-1287)
    • h2load: add an option to write per-request logs (Patch from dawg) (GH-1256)
    • asio: added access to the number of the current server port (Patch from Pedro Santos) (GH-1257)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.36.0.tar.bz2(1.83 MB)
    nghttp2-1.36.0.tar.gz(2.22 MB)
    nghttp2-1.36.0.tar.xz(1.55 MB)
  • v1.35.0(Nov 23, 2018)

    • build: cmake: Fix libevent version detection (Patch from Jan Kundrát) (GH-1238)
    • lib: Use __has_declspec_attribute for shared builds (Patch from Don) (GH-1222)
    • src: Require C++14 language feature
    • nghttpx: Write mruby send_info early
    • nghttpx: Fix assertion failure on mruby send_info with HTTP/1 frontend
    • h2load: Handle HTTP/1 non-final response (GH-1259)
    • h2load: Clarify that time for connect includes TLS handshake
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.35.0.tar.bz2(1.81 MB)
    nghttp2-1.35.0.tar.gz(2.20 MB)
    nghttp2-1.35.0.tar.xz(1.54 MB)
  • v1.34.0(Oct 4, 2018)

    • lib: Implement RFC 8441 :protocol support (GH-1181)
    • nghttpx: Add read/write-timeout parameters to backend option (GH-1235)
    • nghttpx: Fix mruby parameter validation in backend option
    • nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2 (GH-1234)
    • nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues
    • nghttpx: Update mruby 1.4.1
    • nghttpx: Add mruby env.tls_handshake_finished
    • nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
    • nghttpx: Add RFC 8470 Early-Data header field support
    • nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support (GH-846)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.34.0.tar.bz2(1.80 MB)
    nghttp2-1.34.0.tar.gz(2.20 MB)
    nghttp2-1.34.0.tar.xz(1.53 MB)
  • v1.33.0(Sep 2, 2018)

    • lib: Tweak nghttp2_session_set_stream_user_data (GH-1211)
    • lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS. (Patch from Piotr Sikora) (GH-1184)
    • lib: Implement ORIGIN frame (GH-1177)
    • asio: support definition of local endpoint for cleartext client session (Patch from Alexandros Konstantinakis-Karmis) (GH-1204, GH-1212, GH-1217)
    • integration: Remove remaining SPDY code from the integration tests. (Patch from Piotr Sikora) (GH-1183)
    • nghttpx: Fix worker process crash with neverbleed write error
    • nghttpx: Support per-backend mruby script (GH-1215)
    • nghttpx: Fix stream reset if data from client is arrived before dconn is attached (GH-1214)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.33.0.tar.bz2(1.75 MB)
    nghttp2-1.33.0.tar.gz(2.12 MB)
    nghttp2-1.33.0.tar.xz(1.48 MB)
  • v1.32.0(May 8, 2018)

    • lib: Ignore all input after calling session_terminate_session
    • lib: Fix treatment of padding
    • lib: Don't allow 101 HTTP status code because HTTP/2 removes HTTP Upgrade
    • build: add ENABLE_STATIC_LIB option to build static lib (Patch from Viktor Szakats) (GH-1146)
    • third-party: Upgrade neverbleed to the latest master
    • asio: Support client side SNI (GH-1172)
    • src: Compile with libressl 2.7.2 (GH-1162)
    • src: Allow building without NPN (Patch from Bernard Spil) (GH-1152)
    • h2load: -r and --duration are mutually exclusive (GH-1171)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.32.0.tar.bz2(1.75 MB)
    nghttp2-1.32.0.tar.gz(2.11 MB)
    nghttp2-1.32.0.tar.xz(1.47 MB)
  • v1.31.1(Apr 12, 2018)

  • v1.31.0(Feb 27, 2018)

    • lib: Add nghttp2_session_set_user_data() public API function (GH-1137)
    • src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro (GH-1128)
    • nghttpx: Close listening socket on graceful shutdown
    • nghttpx: Add an option to accept expired client certificate (GH-1126)
    • nghttpx: Add mruby tls_client_not_before, and tls_client_not_after (GH-1123)
    • nghttpx: Fix potential memory leak
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.31.0.tar.bz2(1.75 MB)
    nghttp2-1.31.0.tar.gz(2.10 MB)
    nghttp2-1.31.0.tar.xz(1.47 MB)
  • v1.30.0(Feb 2, 2018)

    • lib: Allow PING frame to be sent after GOAWAY (GH-1103)
    • nghttpx: Fix bug that h1 backend idle timeout expires sooner
    • nghttpx: Stop overwrite of first header on mruby call to env.req.set_header(..) (Patch from Dylan Plecki) (GH-1119)
    • nghttpx: Add upgrade-scheme parameter to backend option (GH-1099)
    • nghttpx: Fix missing ALPN validation (--npn-list) (GH-1094)
    • nghttpx: Remember which resource is pushed for RFC 8297 (GH-1101)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.30.0.tar.bz2(1.75 MB)
    nghttp2-1.30.0.tar.gz(2.10 MB)
    nghttp2-1.30.0.tar.xz(1.47 MB)
  • v1.29.0(Dec 19, 2017)

    • lib: Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY (GH-1077)
    • build: Remove SPDY (GH-821)
    • build: Fix CMAKE_MODULE_PATH (Patch from Dmitriy Vetutnev) (GH-1084)
    • nghttpx: Revert "nghttpx: Use an existing h2 backend connection as much as possible" (GH-1086)
    • nghttpx: Write API request body in temporary file (GH-1083)
    • nghttpx: Increase api-max-request-body (GH-1082)
    • nghttpx: Faster configuration loading with lots of backends (GH-1081)
    • nghttpx: Fix crash with --backend-http-proxy-uri option (GH-1079)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.29.0.tar.bz2(1.75 MB)
    nghttp2-1.29.0.tar.gz(2.10 MB)
    nghttp2-1.29.0.tar.xz(1.47 MB)
  • v1.28.0(Nov 25, 2017)

    • lib: Add nghttp2_error_callback2 (GH-1062)
    • build: Add deprecation warning when spdylay support is enabled
    • Switch to clang-format-5.0
    • examples: Make client and server work with libevent-2.1.8 (GH-1039)
    • third-party: Update neverbleed
    • integration: Fix issues reported by the go vet tool. (Patch from Piotr Sikora) (GH-1047)
    • nghttpx: Fix affinity retry
    • nghttpx: Fix stalled backend connection on retry
    • nghttpx: Cookie based session affinity (GH-1024, GH-1066)
    • nghttpx: Expose additional TLS related variables to mruby and accesslog (GH-1031, GH-1038, GH-1057)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.28.0.tar.bz2(1.75 MB)
    nghttp2-1.28.0.tar.gz(2.12 MB)
    nghttp2-1.28.0.tar.xz(1.48 MB)
  • v1.27.0(Oct 25, 2017)

    • build: Fixed accidental compiler flags concatenation for MSVC (Patch from LazyHamster) (GH-1029)
    • build: Reduce libxml2 version requirement to 2.6.26 (Patch from Mike Lothian) (GH-1020)
    • asio: Support for Windows / MinGW (Patch from Daniel Evers) (GH-1027)
    • h2load: Print out h2 header fields with --verbose option (GH-1015)
    • nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client only (GH-1016)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.27.0.tar.bz2(1.75 MB)
    nghttp2-1.27.0.tar.gz(2.11 MB)
    nghttp2-1.27.0.tar.xz(1.47 MB)
  • v1.26.0(Sep 20, 2017)

    • docs: Fix some typos in the nghttpx how-to (Patch from Marc Bachmann) (GH-1013)
    • build: Update Dockerfile.android (Patch from Gitai) (GH-1002)
    • build: Refactoring include directories for build as CMake subdirectory (add_subdirectory(nghttp2)) (Patch from Dmitriy Vetutnev) (GH-988)
    • nghttpx: Fix OCSP related error when building with BoringSSL (Patch from Rick Lei) (GH-1001)
    • h2load: Fix bug that timing script stalls with -m1 (GH-997)
    • h2load: Reservoir sampling (GH-984)
    • h2load: Add timing-based load-testing in h2load (Patch from Soham Sinha) (GH-968)
    Source code(tar.gz)
    Source code(zip)
    nghttp2-1.26.0.tar.bz2(1.75 MB)
    nghttp2-1.26.0.tar.gz(2.11 MB)
    nghttp2-1.26.0.tar.xz(1.47 MB)
  • v1.25.0(Aug 18, 2017)

Owner
nghttp2
HTTP/2 C library and tools
nghttp2
Pushpin is a reverse proxy server written in C++ that makes it easy to implement WebSocket, HTTP streaming, and HTTP long-polling services.

Pushpin is a reverse proxy server written in C++ that makes it easy to implement WebSocket, HTTP streaming, and HTTP long-polling services. The project is unique among realtime push solutions in that it is designed to address the needs of API creators. Pushpin is transparent to clients and integrates easily into an API stack.

Fanout 3.1k Aug 4, 2022
Gromox - Groupware server backend with MAPI/HTTP, RPC/HTTP, IMAP, POP3 and PHP-MAPI support for grommunio

Gromox is the central groupware server component of grommunio. It is capable of serving as a replacement for Microsoft Exchange and compatibles. Conne

grommunio 120 Jul 2, 2022
tiny HTTP parser written in C (used in HTTP::Parser::XS et al.)

PicoHTTPParser Copyright (c) 2009-2014 Kazuho Oku, Tokuhiro Matsuno, Daisuke Murase, Shigeo Mitsunari PicoHTTPParser is a tiny, primitive, fast HTTP r

H2O 1.5k Aug 6, 2022
A collection of C++ HTTP libraries including an easy to use HTTP server.

Proxygen: Facebook's C++ HTTP Libraries This project comprises the core C++ HTTP abstractions used at Facebook. Internally, it is used as the basis fo

Facebook 7.6k Aug 8, 2022
cuehttp is a modern c++ middleware framework for http(http/https)/websocket(ws/wss).

cuehttp 简介 cuehttp是一个使用Modern C++(C++17)编写的跨平台、高性能、易用的HTTP/WebSocket框架。基于中间件模式可以方便、高效、优雅的增加功能。cuehttp基于boost.asio开发,使用picohttpparser进行HTTP协议解析。内部依赖了nl

xcyl 26 Jul 21, 2022
Mongoose Embedded Web Server Library - a multi-protocol embedded networking library with TCP/UDP, HTTP, WebSocket, MQTT built-in protocols, async DNS resolver, and non-blocking API.

Mongoose - Embedded Web Server / Embedded Networking Library Mongoose is a networking library for C/C++. It implements event-driven non-blocking APIs

Cesanta Software 8.6k Aug 8, 2022
A very simple, fast, multithreaded, platform independent HTTP and HTTPS server and client library implemented using C++11 and Boost.Asio.

A very simple, fast, multithreaded, platform independent HTTP and HTTPS server and client library implemented using C++11 and Boost.Asio. Created to be an easy way to make REST resources available from C++ applications.

Ole Christian Eidheim 2.3k Aug 2, 2022
Cross-platform, efficient, customizable, and robust asynchronous HTTP/WebSocket server C++14 library with the right balance between performance and ease of use

What Is RESTinio? RESTinio is a header-only C++14 library that gives you an embedded HTTP/Websocket server. It is based on standalone version of ASIO

Stiffstream 871 Aug 9, 2022
Ultra fast and low latency asynchronous socket server & client C++ library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and 10K connections problem solution

CppServer Ultra fast and low latency asynchronous socket server & client C++ library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and

Ivan Shynkarenka 867 Aug 8, 2022
websocket and http client and server library, coming with ws, a command line swiss army knife utility

Hello world IXWebSocket is a C++ library for WebSocket client and server development. It has minimal dependencies (no boost), is very simple to use an

Machine Zone, Inc. 329 Aug 8, 2022
Small and fast cross-platform networking library, with support for messaging, IPv6, HTTP, SSL and WebSocket.

frnetlib Frnetlib, is a cross-platform, small and fast networking library written in C++. There are no library dependencies (unless you want to use SS

Fred Nicolson 22 May 16, 2022
A C++ header-only HTTP/HTTPS server and client library

cpp-httplib A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your c

null 7.5k Aug 5, 2022
C++ library for creating an embedded Rest HTTP server (and more)

The libhttpserver reference manual Tl;dr libhttpserver is a C++ library for building high performance RESTful web servers. libhttpserver is built upon

Sebastiano Merlino 667 Aug 3, 2022
C library to create simple HTTP servers and Web Applications.

Onion http server library Travis status Coverity status Onion is a C library to create simple HTTP servers and Web Applications. master the developmen

David Moreno Montero 1.9k Aug 1, 2022
BingBing 54 Jul 27, 2022
A cross-platform HTTP client library with a focus on usability and speed

EasyHttp A cross-platform HTTP client library with a focus on usability and speed. Under its hood, EasyHttp uses POCO C++ Libraries and derives many o

Sony 145 Aug 9, 2022
Neon - neon - an HTTP/1.1 and WebDAV client library with a C API

neon neon is an HTTP and WebDAV client library, with a C language API. Mailing list: [email protected] || Web site: https://notroj.github.io/n

Joe Orton 74 Jul 25, 2022
XQUIC Library released by Alibaba is a cross-platform implementation of QUIC and HTTP/3 protocol.

XQUIC 简体中文文档 README-zh-CN Introduction XQUIC Library released by Alibaba is … … a client and server implementation of QUIC and HTTP/3 as specified by

Alibaba 1.2k Aug 3, 2022
A library with common code used by libraries and tools around the libimobiledevice project

libimobiledevice-glue Library with common code used by the libraries and tools around the libimobiledevice project. Features The main functionality pr

libimobiledevice 36 Aug 3, 2022