Conflicts:
	bin/varnishd/storage/storage_simple.c

This is an API for getting an arbitrary buffer through the
stevedores. The stevedore in question may then deploy LRU nuking or other
measures to control resource usage.

This change increases the initial size and reduces the low watermark.

RFC7540 says this:

> Flow-controlled frames from the sender and WINDOW_UPDATE frames from
> the receiver are completely asynchronous with respect to each other.
> This property allows a receiver to aggressively update the window
> size kept by the sender to prevent streams from stalling.

The default parameters are very much on the low-latency aggressive
updates end of the spectrum, which increases asynchronicity at the
expense of determinism in test cases.

The tweaks made by varnishtest allows basic tests to send a few request
bodies before being bothered by window update race conditions. Test
cases that cover h2 flow control or anything else related to window
updates may reset parameters or pick other specific values. This frees
us from a bunch of barriers where the purpose of mitigating this race
was rarely even documented.

This successfully passed the following test locally:

    git grep -Fl +http2 -- '*.vtc' |
    xargs bin/varnishtest/varnishtest -i -n100 -j32

We can hope that h2 test cases will be overall more stable from now on.

Refs #3442

    Avoid VSB_printf for static strings

    Done with the following semantic patch for Coccinelle:

        @@
        expression vsb, fmt;
        @@

        - VSB_printf(vsb, fmt);
        + VSB_cat(vsb, fmt);

    This patch is available in the Varnish source tree.

The name implies that this is not for production usage.

When running really massive runs, "-j180 -n10000" kind of things,
the "rm -rf" of the tmpdir becomes the limiting factor.

The new -C option sends that int nice(1)'ed child process.

seen in vtest:

**** v1   vsl|       1004 Begin           b bereq 1003 fetch
**** v1   vsl|       1004 VCL_use         b vcl1
**** v1   vsl|       1004 Timestamp       b Start: 1602334643.946723 0.000000 0.000000
**** v1   vsl|       1004 BereqMethod     b PUT
**** v1   vsl|       1004 BereqURL        b /2
**** v1   vsl|       1004 BereqProtocol   b HTTP/1.1
**** v1   vsl|       1004 BereqHeader     b Host: 127.0.0.1
**** v1   vsl|       1004 BereqHeader     b Content-Length: 250000
**** v1   vsl|       1004 BereqHeader     b X-Forwarded-For: 127.0.0.1
**** v1   vsl|       1004 BereqMethod     b GET
**** v1   vsl|       1004 BereqHeader     b Accept-Encoding: gzip
**** v1   vsl|       1004 BereqHeader     b X-Varnish: 1004
**** v1   vsl|       1004 VCL_call        b BACKEND_FETCH
**** v1   vsl|       1004 VCL_return      b fetch
**** v1   vsl|       1004 BackendOpen     b 26 s1 127.0.0.1 36579 127.0.0.1 60878 connect
**** v1   vsl|       1004 Timestamp       b Bereq: 1602334643.956883 0.010159 0.010159
**** v1   vsl|       1004 FetchError      b HTC eof (-1)

Ref #3433

Trying to fix the build for clang 15 actually broke the build for GCC.

The -Werror that was initially set after saving CFLAGS was meant to be
part of NO_VIZ test. We turn warnings into errors later in the configure
script so at this point we shouldn't care about it. If we really do, we
can move this check below the line where -Werror is set.

GCC chokes on -Wno-error=deprecated-non-prototype so instead we add it
conditionally.

To match the naming convention everywhere else, libvgz_extra_cflags was
renamed to VGZ_CFLAGS.

Refs 118fd10c

Conflicts:
	configure.ac
	lib/libvgz/Makefile.am

There are two warnings that we enforce for our own code that zlib does
not. There's also the visibility attribute that we check at configure
time. And regarding the visibility attribute, zlib no longer relies on
a NO_VIZ macro and aligned with the autoconf naming convention and wants
HAVE_HIDDEN instead.

Conflicts:
	configure.ac
	lib/libvgz/Makefile.am

Varnish is not subject to CVE 2022 37434, we never use "extra" data.

FreeBSD's code is undergoing some compatibility adaptations
so we go directly to the source from here.

PS: Please keep cochinelle out of libvgz.

Fixes #3491

Check for correct handling of missing pseudo-headers, and invalid
characters.
Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>

The :scheme pseudo header is not optional in H/2 except when doing CONNECT.
There is also a strict requirement for it appear only once.
Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>

We should apply the same restrictions on the list of allowed characters inside
H/2 pseudo-headers as we do for H/1. This error is translated into the
headers we send to a backend over H/1.

Failure to do so could permit various exploits against a backend not handling
malformed H/1 requests.
Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>

I find ":path: /foo" more descriptive than "/foo", even though I could
infer which one it was...

Now that http_DoConnection() is used without respecting the SC_RX_BAD
return value it should not return early when encountering a well-known
header.

Some browsers are strict about this and simply drop responses containing
such headers. Since this is not filtering a context switch between a
client and a backend transaction (or cache hit) a new filtering flag is
added to the HTTP headers table for connection-specific headers. This
new flag cannot be compounded as HTTPH_R_FETCH|HTTPH_A_INS because the
TE header is an exception and left alone, even though trailers aren't
supported.

Better diff with the --ignore-all-space option.

We could go further and consider any client request containing one as
malformed as mandated by RFC 7540.

Closes #3416