- 21 Jun, 2024 15 commits
-
-
Dridi Boukelmoune authored
It reached EOL almost 2 years ago, but the architectures we cover in CI had 2 extra years of long term support that is coming to an end this month.
-
Dridi Boukelmoune authored
With CentOS reaching EOL at the end of the month and CentOS Stream 9 flaky packaging jobs, we don't need to keep them around. For el9 builds we rely on the almalinux:9 image.
-
Dridi Boukelmoune authored
This is an attempt at speeding up this job that usually takes three time as long as other distcheck jobs.
-
Dridi Boukelmoune authored
I don't understand why they didn't maintain the unversioned centos:stream tag as a kind of latest tag after dropping the actual centos:latest tag.
-
Dridi Boukelmoune authored
The plain "stream" image has not been updated for a year, and instead of being the equivalent of a "latest" tag it just appears to be frozen. Since there isn't an automatic centos-stream upgrade path, let's target version 9 explicitly for now.
-
Dridi Boukelmoune authored
Better diff with the --word-diff --word-diff-regex=. options.
-
Simon Stridsberg authored
Ubuntu noble tries to use `fchmodat2` (new syscall) and gets permission denied instead of ENOSYS. This is a small security risk but it's running inside of circleci containers anyway so i think its acceptable.
-
Dridi Boukelmoune authored
There appears to be a race condition with distcheck where test-suite.log is removed and then another attempt at removing it fails: [...] test -z "test-suite.log" || rm -f test-suite.log rm -f libtool config.lt find . '(' -name '*.gcda' -o -name '*.gcda' ')' -exec rm '{}' ';' rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags rm -f cscope.out cscope.in.out cscope.po.out cscope.files find: ./test-suite.log: No such file or directory [...] It is unclear which find command is choking on test-suite.log, there doesn't seem to be a make rule running find and targeting this file. Could it be the find command listed in the output collecting file names like test-suite.log and then failing to test it against the -name filters after it got removed? That would be infortunate for a find implementation. Since alpine is not a platform we officially support, and after failing numerous times to reproduce the link outside of the CI environment, a simple make check is good enough and it will remove a lot of noise.
-
Dridi Boukelmoune authored
In an attempt to avoid EAGAIN failures on pthread creations with ASAN and UBSAN sanitizers enabled.
-
Guillaume Quintard authored
-
Guillaume Quintard authored
The current debian:latest image still ships a 32bit variant, whereas ubuntu:focal, next in line after ubuntu:bionic, no longer does.
-
Guillaume Quintard authored
-
Dridi Boukelmoune authored
Rawhide is not stable and we already have a job for the latest stable branch.
-
Simon Stridsberg authored
-
- 29 Apr, 2024 1 commit
-
-
Dag Haavi Finstad authored
-
- 09 Apr, 2024 1 commit
-
-
Poul-Henning Kamp authored
-
- 04 Apr, 2024 4 commits
-
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
There's no way to probe the current push status or maximum frame size.
-
Dridi Boukelmoune authored
Except that the old default value replaces the maximum one. Aligning with the literal maximum value for the underlying HTTP/2 setting breaks 32bit builds because the byte tweaks take a detour via ssize_t. When it casts to uintmax_t the MSB is propagated all the way, triggering the following error at build time: > 4294967295b is too large for this architecture. Instead of fighting a tweak that is clearly wrong, grant h2 clients a maximum of 2GB of uncompressed headers (instead of 4GB) that will never happen, because h2 is overall much wronger.
-
Dridi Boukelmoune authored
-
- 29 Mar, 2024 16 commits
-
-
Dridi Boukelmoune authored
This parameter has a new role that consists in interrupting connections when decoding an HPACK block leads to a header list so large that the client must be stopped. By default, too large is 150% of http_req_size.
-
Dridi Boukelmoune authored
Since http_req_size was already established for this purpose, and is now enforced for h2 traffic, it should naturally become the basis for the MAX_HEADER_LIST_SIZE setting in the initial SETTINGS frame sent to clients. The h2_max_header_list_size parameter will grow a new purpose.
-
Dridi Boukelmoune authored
With the exception of h2_max_header_list_size that is not advertised as such despite being ent as part of the initial SETTINGS frame. The same parameter also sees its default and maximum values updated to 2^32-1. This is based on this sentence from rfc9113: > The initial value of this setting is unlimited. This aligns the h2_max_header_list_size parameter with the values set in h2_settings.h for MAX_HEADER_LIST_SIZE.
-
Dridi Boukelmoune authored
For the sole purpose of having these limits tested in a single place.
-
Dridi Boukelmoune authored
Fixes #3709 Closes #3892
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
Refs #3709
-
Dridi Boukelmoune authored
It does a first pass on header names and values, and only logs errors, so the signature is updated accordingly and the call site is moved into h2h_addhdr().
-
Dridi Boukelmoune authored
Better diff with the --ignore-all-space option.
-
Dridi Boukelmoune authored
It became explicit in rfc9113: > The same pseudo-header field name MUST NOT appear more than once in a > field block. While at it, the duplicate pseudo-header error can be consolidated in a single location instead of adding one more branch.
-
Dridi Boukelmoune authored
Instead of passing both a decoder and individual decoder fields, the signature for h2h_addhdr() changed to only take the decoder. The order of parameters is destination first, then the source following the calling conventon of functions like memcpy(). Internally the function is reorganized with a bunch of txt variables to keep track of the header being added, its name and value. In addition to clarity, this also helps improve safety and correctness. For example the :authority pseudo-header name is erased in place to turn it into a regular host header, but having a dedicated txt for the header name allows its preservation.
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
The extra space before the colon looked uncanny. The rest is just code indentation improvements. Better diff with the --ignore-all-space --word-diff options.
-
Dridi Boukelmoune authored
There is room for further improvement in the dynamic between HPACK and the HTTP/2 session, but this will serve as the first step. Conflicts: include/tbl/h2_error.h
-
Asad Sajjad Ahmed authored
The :scheme pseudo header is not optional in H/2 except when doing CONNECT. There is also a strict requirement for it appear only once. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com> Conflicts: bin/varnishtest/tests/t02025.vtc
-
- 18 Mar, 2024 3 commits
-
-
Simon Stridsberg authored
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
Before the h2 frame dispatch we only need to check that coming from a HEADERS frame the very next frame is a CONTINUATION, when the HPACK block didn't fit in the former. The CONTINUATION dispatch will then make the stream consistency check.
-