- 17 May, 2024 3 commits
-
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
-
- 14 May, 2024 1 commit
-
-
Poul-Henning Kamp authored
-
- 13 May, 2024 7 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 07 May, 2024 3 commits
-
-
Dridi Boukelmoune authored
When TMPDIR is much longer than /tmp, it becomes easy to run out of abuf. Since abuf and pbuf are initially used to hold an IP address and a port number, it becomes explicit in their declaration. Likewise the new lbuf may hold a file name and safely be reused for CLI auth and other purposes.
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
-
- 06 May, 2024 1 commit
-
-
Walid Boudebouda authored
The test is racy, we should always perform the backend fetch to reach the "barrier b1 sync" in the server body, otherwise the test will be stuck on the second barrier sync until timeout. Fixes: #4098
-
- 03 May, 2024 4 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 01 May, 2024 4 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 30 Apr, 2024 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 29 Apr, 2024 3 commits
-
-
Dag Haavi Finstad authored
-
Nils Goroll authored
-
Walid Boudebouda authored
-
- 22 Apr, 2024 1 commit
-
-
Dridi Boukelmoune authored
The opposite of 'EXP_Ttl(req, oc) > req->t_req' should not have been 'EXP_Ttl(NULL, oc) < req->t_req'. If we somehow enter the lookup when the two operands are equal, the objcore suffers a phenomenon known as Schrödinger's expiry. The chances of running into this scenario range from epsilon to 100%. Because 't_req' is stable across restarts, a soft purge will reliably trigger this case. Test case by Alve Elde who first demonstrated the problem.
-
- 09 Apr, 2024 1 commit
-
-
Poul-Henning Kamp authored
-
- 08 Apr, 2024 1 commit
-
-
Stephane Cance authored
As both the varnish working directory and the secret file may pre-exist, this ensures permissions remain restrictive on it.
-
- 04 Apr, 2024 4 commits
-
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
There's no way to probe the current push status or maximum frame size.
-
Dridi Boukelmoune authored
Except that the old default value replaces the maximum one. Aligning with the literal maximum value for the underlying HTTP/2 setting breaks 32bit builds because the byte tweaks take a detour via ssize_t. When it casts to uintmax_t the MSB is propagated all the way, triggering the following error at build time: > 4294967295b is too large for this architecture. Instead of fighting a tweak that is clearly wrong, grant h2 clients a maximum of 2GB of uncompressed headers (instead of 4GB) that will never happen, because h2 is overall much wronger.
-
Dridi Boukelmoune authored
-
- 29 Mar, 2024 5 commits
-
-
Dridi Boukelmoune authored
This parameter has a new role that consists in interrupting connections when decoding an HPACK block leads to a header list so large that the client must be stopped. By default, too large is 150% of http_req_size.
-
Dridi Boukelmoune authored
Since http_req_size was already established for this purpose, and is now enforced for h2 traffic, it should naturally become the basis for the MAX_HEADER_LIST_SIZE setting in the initial SETTINGS frame sent to clients. The h2_max_header_list_size parameter will grow a new purpose.
-
Dridi Boukelmoune authored
With the exception of h2_max_header_list_size that is not advertised as such despite being ent as part of the initial SETTINGS frame. The same parameter also sees its default and maximum values updated to 2^32-1. This is based on this sentence from rfc9113: > The initial value of this setting is unlimited. This aligns the h2_max_header_list_size parameter with the values set in h2_settings.h for MAX_HEADER_LIST_SIZE.
-
Dridi Boukelmoune authored
For the sole purpose of having these limits tested in a single place.
-
Dridi Boukelmoune authored
Fixes #3709 Closes #3892
-