There's no way to probe the current push status or maximum frame size.

Except that the old default value replaces the maximum one. Aligning
with the literal maximum value for the underlying HTTP/2 setting breaks
32bit builds because the byte tweaks take a detour via ssize_t. When it
casts to uintmax_t the MSB is propagated all the way, triggering the
following error at build time:

> 4294967295b is too large for this architecture.

Instead of fighting a tweak that is clearly wrong, grant h2 clients a
maximum of 2GB of uncompressed headers (instead of 4GB) that will never
happen, because h2 is overall much wronger.

This parameter has a new role that consists in interrupting connections
when decoding an HPACK block leads to a header list so large that the
client must be stopped.

By default, too large is 150% of http_req_size.

Since http_req_size was already established for this purpose, and is
now enforced for h2 traffic, it should naturally become the basis for
the MAX_HEADER_LIST_SIZE setting in the initial SETTINGS frame sent
to clients.

The h2_max_header_list_size parameter will grow a new purpose.

With the exception of h2_max_header_list_size that is not advertised as
such despite being ent as part of the initial SETTINGS frame. The same
parameter also sees its default and maximum values updated to 2^32-1.

This is based on this sentence from rfc9113:

> The initial value of this setting is unlimited.

This aligns the h2_max_header_list_size parameter with the values set in
h2_settings.h for MAX_HEADER_LIST_SIZE.

For the sole purpose of having these limits tested in a single place.

Fixes #3709
Closes #3892

Refs #3709

It does a first pass on header names and values, and only logs errors,
so the signature is updated accordingly and the call site is moved into
h2h_addhdr().

Better diff with the --ignore-all-space option.

It became explicit in rfc9113:

> The same pseudo-header field name MUST NOT appear more than once in a
> field block.

While at it, the duplicate pseudo-header error can be consolidated in a
single location instead of adding one more branch.

Instead of passing both a decoder and individual decoder fields, the
signature for h2h_addhdr() changed to only take the decoder. The order
of parameters is destination first, then the source following the
calling conventon of functions like memcpy().

Internally the function is reorganized with a bunch of txt variables to
keep track of the header being added, its name and value. In addition to
clarity, this also helps improve safety and correctness.

For example the :authority pseudo-header name is erased in place to turn
it into a regular host header, but having a dedicated txt for the header
name allows its preservation.

The extra space before the colon looked uncanny. The rest is just code
indentation improvements.

Better diff with the --ignore-all-space --word-diff options.

There is room for further improvement in the dynamic between HPACK and
the HTTP/2 session, but this will serve as the first step.

Conflicts:
	include/tbl/h2_error.h

The :scheme pseudo header is not optional in H/2 except when doing CONNECT.
There is also a strict requirement for it appear only once.
Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>

Conflicts:
	bin/varnishtest/tests/t02025.vtc

Before the h2 frame dispatch we only need to check that coming from a
HEADERS frame the very next frame is a CONTINUATION, when the HPACK
block didn't fit in the former.

The CONTINUATION dispatch will then make the stream consistency check.

When a stream times out waiting for window credits, and all the other
streams are broke, declare the whole connection bankrupt.

It replaces idle_send_timeout when the stream is waiting for window
credits before sending more DATA frames. The idle_send_timeout will
still apply to individual writes to the socket, but triggering it is
considered a failure condition (this was already the case).

The two loops are merged into a single one to better deal with the
lack of ordering guarantees of request vs connection stream control
flow window crediting.

Refs #2980

This parameter needs to be somewhat high because web browsers may for
example only credit streams for image resources just enough to parse
metadata like width and height of a picture in order to perform layout
computations and fetch resources more sensitive to latency before the
effective image payloads.

Conflicts:
	include/tbl/h2_error.h

The new meaning for h2->sess->t_idle is now the time since the last
complete frame, except before the first frame where it corresponds to
the creation of the session.

And after issuing or receiving a goaway, stop processing frames when
there are no streams left.

Initially submitted as part of listen sockets management.

Refs #3959