*) mod_http2: fixes PR65731 and https://github.com/icing/mod_h2/issues/212
trunk patch: na, fixed on 2.4.x source base
backport PR: https://github.com/apache/httpd/pull/281
+1: icing, minfrin, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1895869 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.4.52
+ *) mod_http2: fixes 2 regressions in server limit handling.
+ 1. When reaching server limits, such as MaxRequestsPerChild, the
+ HTTP/2 connection send a GOAWAY frame much too early on new
+ connections, leading to invalid protocol state and a client
+ failing the request. See PR65731.
+ The module now initializes the HTTP/2 protocol correctly and
+ allows the client to submit one request before the shutdown
+ via a GOAWAY frame is being announced.
+ 2. A regression in v1.15.24 was fixed that could lead to httpd
+ child processes not being terminated on a graceful reload or
+ when reaching MaxConnectionsPerChild. When unprocessed h2
+ requests were queued at the time, these could stall.
+ See <https://github.com/icing/mod_h2/issues/212>.
+ [Stefan Eissing]
+
*) mod_ssl: Add build support for OpenSSL v3. [Joe Orton, Stefan Eissing]
*) mod_proxy_connect: Honor the smallest of the backend or client timeout
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_http2: fixes PR65731 and https://github.com/icing/mod_h2/issues/212
- trunk patch: na, fixed on 2.4.x source base
- backport PR: https://github.com/apache/httpd/pull/281
- +1: icing, minfrin, ylavic
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
+++ /dev/null
- *) mod_tls: added mod_tls from abetterinternet, donated
- by ISRG/Prossimo <https://github.com/abetterinternet/mod_tls>.
- - adds font-/backend TLS (v1.2/v1.3) via the Rust rustls crate
- and its rustls-ffi C binding <https://github.com/rustls/rustls-ffi>.
- - documentation at <https://github.com/abetterinternet/mod_tls>
- (adding to Apache's manual TBD)
- - build support for Apache httpd configure on *nix platforms,
- rustls is linked statically into mod_tls.
const nghttp2_frame *frame, void *userp)
{
h2_session *session = (h2_session *)userp;
- h2_stream *s;
+ h2_stream *s = NULL;
/* We may see HEADERs at the start of a stream or after all DATA
* streams to carry trailers. */
if (s) {
/* nop */
}
- else {
+ else if (session->local.accepting) {
s = h2_session_open_stream(userp, frame->hd.stream_id, 0);
}
return s? 0 : NGHTTP2_ERR_START_STREAM_NOT_ALLOWED;
now = apr_time_now();
session->have_read = session->have_written = 0;
- if (session->local.accepting
+ /* PR65731: we may get a new connection to process while the
+ * MPM already is stopping. For example due to having reached
+ * MaxRequestsPerChild limit.
+ * Since this is supposed to handle things gracefully, we need to:
+ * a) fully initialize the session before GOAWAYing
+ * b) give the client the chance to submit at least one request
+ */
+ if (session->state != H2_SESSION_ST_INIT /* no longer intializing */
+ && session->local.accepted_max > 0 /* have gotten at least one stream */
+ && session->local.accepting /* have not already locally shut down */
&& !ap_mpm_query(AP_MPMQ_MPM_STATE, &mpm_state)) {
if (mpm_state == AP_MPMQ_STOPPING) {
dispatch_event(session, H2_SESSION_EV_MPM_STOPPING, 0, NULL);
* @macro
* Version number of the http2 module as c string
*/
-#define MOD_HTTP2_VERSION "1.15.24"
+#define MOD_HTTP2_VERSION "1.15.26"
/**
* @macro
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_HTTP2_VERSION_NUM 0x010f18
+#define MOD_HTTP2_VERSION_NUM 0x010f1a
#endif /* mod_h2_h2_version_h */
void h2_workers_graceful_shutdown(h2_workers *workers)
{
workers->shutdown = 1;
- workers->min_workers = 1;
workers->max_idle_duration = apr_time_from_sec(1);
- h2_fifo_term(workers->mplxs);
wake_non_essential_workers(workers);
}
projects / thirdparty / apache / httpd.git / commitdiff
