We released nghttp2 v1.9.0.
This release adds new callback functions to libnghttp2 for better debugging, and potential performance enhancements. We refactored nghttpx basic interface, and it gets many powerful features in this release. We fixed several bugs in h2load when it is used against HTTP/1.1 server. We also now have cmake build support.
New callback functions for better debugging and performance
We have added 2 new callback functions. nghttp2_error_callback is a callback that tells application about the detailed error message for human consumption. This is intended for debugging purpose.
The 2nd new callback function is nghttp2_on_header_callback2. This function is similar to existing nghttp2_on_header_callback. The crucial difference between these two is that new callback uses reference counted buffers for header field name/value. Application can increase their reference count by nghttp2_rcbuf_incref, and store its reference without copying the content. When its usage is done, don’t forget to call nghttp2_rcbuf_decref. Previously, the buffer storing header field name/value is owned solely by libnghttp2 library, and application has to copy them out if it wants to retain them for future use.
We also added new API function
This function returns text version of HTTP/2 error code (e.g.,
PROTOCOL_ERROR). This is useful to output debugging information
about error code contained in RST_STREAM or GOAWAY frame.
cmake build, and more
Peter Wu has done a stellar job to add cmake build support for nghttp2. According to the PR documents, cmake build is faster than autotool build. It also supports Windows build at least for libnghttp2.
Jan-E fixed several rough edges in Makefile.msvc.
h2load bug fixes
We fixed 2 bugs in h2load when HTTP/1.1 is used. The first bug is that it did not try to connect to server again. This happens if server shutdowns the connection if it serves certain number of requests. This kind of behaviour is enabled by default for some server software.
The 2nd bug is that initial max concurrent streams was too large, and
it causes undefined behaviour if
-m option is not used.
nghttpx: better configuration for frontend/backend protocol and encryption
In this release, we reworked nghttpx command-line (and thus its
configuration) interface. Previously, it had
--client-proxy options to change its major mode.
But they were quite inflexible, and became obstacles when we are
extending nghttpx features. To ensure the further feature
enhancements, they have been removed. Now nghttpx gets much simpler,
and only has 2 modes: default mode, and HTTP/2 proxy mode (
option). The removed modes can be achieved using other options. Read
Migration from nghttpx v1.8.0 or earlier
to know how to migrate from earlier release.
Now backend connections are not encrypted by default regardless of the used protocol. The exciting new feature is that backend protocol can be specified per routing pattern basis. Also the TLS can be enabled per routing pattern as well:
With above configuration, requests to
/httpbin/ are routed to
unix:/var/unix/httpbinsv via HTTP/1.1 protocol over cleartext TCP.
The other requests are routed to 127.0.0.1:8080 via HTTP/2 protocol
tls keyword in
--backend option enables encryption.
We now allow wildcard in routing pattern in
--backend option. When
All requests which have host (or :authority) header field whose suffix
.nghttp2.org are routed to 127.0.0.1:8080.
Since the previous release, nghttpx has got multiple frontend addresses support. Now its feature has been extended, and TLS can be enabled or disabled per frontend address. This means that single nghttpx instance finally can serve both TLS and non-TLS contents:
With the above configuration, nghttpx listens to port 443 for incoming
TLS connection. It also listens to port 80, but this time for
incoming cleartext connection.
no-tls keyword in
option disables encryption.
--frontend-no-tls options has been
removed in favor of
The encryption for memcached connections has been available since the
previous release. In this release, we changed how to enable TLS. Now
we use similar syntax for
--frontend option. To enable TLS over
memcached connection to get TLS ticket keys, use the following
In the above configuration, the
tls keyword enables encryption.
nghttpx supports server push with Link header field with rel=preload.
Now it recognizes
nopush target attribute (see
There are several deprecated options. If they are used, nghttpx will output warning level logging message. Please be careful for them, and they may contain the idea how to migrate to the new or existing other options.