ZhuningOS/nghttp2
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Initialize for nghttp2

Browse source
This commit is contained in:
zyppe 2024-02-28 21:47:37 +08:00
commit 94bb6b720d
8 changed files with 1851 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
nghttp2-1.40.0.tar.xz

1
.nghttp2.metadata Normal file
View file

@ -0,0 +1 @@
7a0109d0cb21e82383988564cb7ea0c54b50bae7e885c1efc762ef45fb197079 nghttp2-1.40.0.tar.xz

2
baselibs.conf Normal file
View file

@ -0,0 +1,2 @@
libnghttp2-14
libnghttp2_asio1

297
nghttp2-CVE-2020-11080.patch Normal file
View file

@ -0,0 +1,297 @@
Index: nghttp2-1.40.0/doc/CMakeLists.txt
===================================================================
--- nghttp2-1.40.0.orig/doc/CMakeLists.txt 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/doc/CMakeLists.txt 2021-03-12 14:47:49.532888064 +0100
@@ -42,6 +42,7 @@ set(APIDOCS
nghttp2_option_set_no_recv_client_magic.rst
nghttp2_option_set_peer_max_concurrent_streams.rst
nghttp2_option_set_user_recv_extension_type.rst
+ nghttp2_option_set_max_settings.rst
nghttp2_pack_settings_payload.rst
nghttp2_priority_spec_check_default.rst
nghttp2_priority_spec_default_init.rst
Index: nghttp2-1.40.0/doc/Makefile.am
===================================================================
--- nghttp2-1.40.0.orig/doc/Makefile.am 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/doc/Makefile.am 2021-03-12 14:47:49.532888064 +0100
@@ -69,6 +69,7 @@ APIDOCS= \
nghttp2_option_set_peer_max_concurrent_streams.rst \
nghttp2_option_set_user_recv_extension_type.rst \
nghttp2_option_set_max_outbound_ack.rst \
+ nghttp2_option_set_max_settings.rst \
nghttp2_pack_settings_payload.rst \
nghttp2_priority_spec_check_default.rst \
nghttp2_priority_spec_default_init.rst \
Index: nghttp2-1.40.0/lib/includes/nghttp2/nghttp2.h
===================================================================
--- nghttp2-1.40.0.orig/lib/includes/nghttp2/nghttp2.h 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/lib/includes/nghttp2/nghttp2.h 2021-03-12 14:47:49.532888064 +0100
@@ -229,6 +229,13 @@ typedef struct {
#define NGHTTP2_CLIENT_MAGIC_LEN 24
/**
+ * @macro
+ *
+ * The default max number of settings per SETTINGS frame
+ */
+#define NGHTTP2_DEFAULT_MAX_SETTINGS 32
+
+/**
* @enum
*
* Error codes used in this library. The code range is [-999, -500],
@@ -399,6 +406,11 @@ typedef enum {
*/
NGHTTP2_ERR_SETTINGS_EXPECTED = -536,
/**
+ * When a local endpoint receives too many settings entries
+ * in a single SETTINGS frame.
+ */
+ NGHTTP2_ERR_TOO_MANY_SETTINGS = -537,
+ /**
* The errors < :enum:`NGHTTP2_ERR_FATAL` mean that the library is
* under unexpected condition and processing was terminated (e.g.,
* out of memory). If application receives this error code, it must
@@ -2661,6 +2673,17 @@ NGHTTP2_EXTERN void nghttp2_option_set_m
/**
* @function
+ *
+ * This function sets the maximum number of SETTINGS entries per
+ * SETTINGS frame that will be accepted. If more than those entries
+ * are received, the peer is considered to be misbehaving and session
+ * will be closed. The default value is 32.
+ */
+NGHTTP2_EXTERN void nghttp2_option_set_max_settings(nghttp2_option *option,
+ size_t val);
+
+/**
+ * @function
*
* Initializes |*session_ptr| for client use. The all members of
* |callbacks| are copied to |*session_ptr|. Therefore |*session_ptr|
Index: nghttp2-1.40.0/lib/nghttp2_helper.c
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_helper.c 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/lib/nghttp2_helper.c 2021-03-12 14:47:49.532888064 +0100
@@ -334,6 +334,8 @@ const char *nghttp2_strerror(int error_c
case NGHTTP2_ERR_FLOODED:
return "Flooding was detected in this HTTP/2 session, and it must be "
"closed";
+ case NGHTTP2_ERR_TOO_MANY_SETTINGS:
+ return "SETTINGS frame contained more than the maximum allowed entries";
default:
return "Unknown error code";
}
Index: nghttp2-1.40.0/lib/nghttp2_option.c
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_option.c 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/lib/nghttp2_option.c 2021-03-12 14:47:49.532888064 +0100
@@ -121,3 +121,8 @@ void nghttp2_option_set_max_outbound_ack
option->opt_set_mask |= NGHTTP2_OPT_MAX_OUTBOUND_ACK;
option->max_outbound_ack = val;
}
+
+void nghttp2_option_set_max_settings(nghttp2_option *option, size_t val) {
+ option->opt_set_mask |= NGHTTP2_OPT_MAX_SETTINGS;
+ option->max_settings = val;
+}
Index: nghttp2-1.40.0/lib/nghttp2_option.h
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_option.h 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/lib/nghttp2_option.h 2021-03-12 14:47:49.532888064 +0100
@@ -67,6 +67,7 @@ typedef enum {
NGHTTP2_OPT_MAX_DEFLATE_DYNAMIC_TABLE_SIZE = 1 << 9,
NGHTTP2_OPT_NO_CLOSED_STREAMS = 1 << 10,
NGHTTP2_OPT_MAX_OUTBOUND_ACK = 1 << 11,
+ NGHTTP2_OPT_MAX_SETTINGS = 1 << 12,
} nghttp2_option_flag;
/**
@@ -86,6 +87,10 @@ struct nghttp2_option {
*/
size_t max_outbound_ack;
/**
+ * NGHTTP2_OPT_MAX_SETTINGS
+ */
+ size_t max_settings;
+ /**
* Bitwise OR of nghttp2_option_flag to determine that which fields
* are specified.
*/
Index: nghttp2-1.40.0/lib/nghttp2_session.c
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_session.c 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/lib/nghttp2_session.c 2021-03-12 15:01:57.185475791 +0100
@@ -458,6 +458,7 @@ static int session_new(nghttp2_session *
(*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
(*session_ptr)->max_outbound_ack = NGHTTP2_DEFAULT_MAX_OBQ_FLOOD_ITEM;
+ (*session_ptr)->max_settings = NGHTTP2_DEFAULT_MAX_SETTINGS;
if (option) {
if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
@@ -521,6 +522,11 @@ static int session_new(nghttp2_session *
if (option->opt_set_mask & NGHTTP2_OPT_MAX_OUTBOUND_ACK) {
(*session_ptr)->max_outbound_ack = option->max_outbound_ack;
}
+
+ if ((option->opt_set_mask & NGHTTP2_OPT_MAX_SETTINGS) &&
+ option->max_settings) {
+ (*session_ptr)->max_settings = option->max_settings;
+ }
}
rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
@@ -5678,6 +5684,12 @@ ssize_t nghttp2_session_mem_recv(nghttp2
break;
}
+ /* Check the settings flood counter early to be safe */
+ if (session->obq_flood_counter_ >= session->max_outbound_ack &&
+ !(iframe->frame.hd.flags & NGHTTP2_FLAG_ACK)) {
+ return NGHTTP2_ERR_FLOODED;
+ }
+
iframe->state = NGHTTP2_IB_READ_SETTINGS;
if (iframe->payloadleft) {
@@ -5688,6 +5700,16 @@ ssize_t nghttp2_session_mem_recv(nghttp2
iframe->max_niv =
iframe->frame.hd.length / NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH + 1;
+ if (iframe->max_niv - 1 > session->max_settings) {
+ rv = nghttp2_session_terminate_session_with_reason(
+ session, NGHTTP2_ENHANCE_YOUR_CALM,
+ "SETTINGS: too many setting entries");
+ if (nghttp2_is_fatal(rv)) {
+ return rv;
+ }
+ return (ssize_t)inlen;
+ }
+
iframe->iv = nghttp2_mem_malloc(mem, sizeof(nghttp2_settings_entry) *
iframe->max_niv);
@@ -7454,6 +7476,11 @@ static int nghttp2_session_upgrade_inter
if (settings_payloadlen % NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH) {
return NGHTTP2_ERR_INVALID_ARGUMENT;
}
+ /* SETTINGS frame contains too many settings */
+ if (settings_payloadlen / NGHTTP2_FRAME_SETTINGS_ENTRY_LENGTH
+ > session->max_settings) {
+ return NGHTTP2_ERR_TOO_MANY_SETTINGS;
+ }
rv = nghttp2_frame_unpack_settings_payload2(&iv, &niv, settings_payload,
settings_payloadlen, mem);
if (rv != 0) {
Index: nghttp2-1.40.0/lib/nghttp2_session.h
===================================================================
--- nghttp2-1.40.0.orig/lib/nghttp2_session.h 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/lib/nghttp2_session.h 2021-03-12 14:47:49.536888085 +0100
@@ -267,6 +267,8 @@ struct nghttp2_session {
/* The maximum length of header block to send. Calculated by the
same way as nghttp2_hd_deflate_bound() does. */
size_t max_send_header_block_length;
+ /* The maximum number of settings accepted per SETTINGS frame. */
+ size_t max_settings;
/* Next Stream ID. Made unsigned int to detect >= (1 << 31). */
uint32_t next_stream_id;
/* The last stream ID this session initiated. For client session,
Index: nghttp2-1.40.0/tests/main.c
===================================================================
--- nghttp2-1.40.0.orig/tests/main.c 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/tests/main.c 2021-03-12 14:47:49.536888085 +0100
@@ -315,6 +315,8 @@ int main() {
test_nghttp2_session_set_local_window_size) ||
!CU_add_test(pSuite, "session_cancel_from_before_frame_send",
test_nghttp2_session_cancel_from_before_frame_send) ||
+ !CU_add_test(pSuite, "session_too_many_settings",
+ test_nghttp2_session_too_many_settings) ||
!CU_add_test(pSuite, "session_removed_closed_stream",
test_nghttp2_session_removed_closed_stream) ||
!CU_add_test(pSuite, "session_pause_data",
Index: nghttp2-1.40.0/tests/nghttp2_session_test.c
===================================================================
--- nghttp2-1.40.0.orig/tests/nghttp2_session_test.c 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/tests/nghttp2_session_test.c 2021-03-12 14:47:49.536888085 +0100
@@ -10558,6 +10558,67 @@ void test_nghttp2_session_cancel_from_be
nghttp2_session_del(session);
}
+void test_nghttp2_session_too_many_settings(void) {
+ nghttp2_session *session;
+ nghttp2_option *option;
+ nghttp2_session_callbacks callbacks;
+ nghttp2_frame frame;
+ nghttp2_bufs bufs;
+ nghttp2_buf *buf;
+ ssize_t rv;
+ my_user_data ud;
+ nghttp2_settings_entry iv[3];
+ nghttp2_mem *mem;
+ nghttp2_outbound_item *item;
+
+ mem = nghttp2_mem_default();
+ frame_pack_bufs_init(&bufs);
+
+ memset(&callbacks, 0, sizeof(nghttp2_session_callbacks));
+ callbacks.on_frame_recv_callback = on_frame_recv_callback;
+ callbacks.send_callback = null_send_callback;
+
+ nghttp2_option_new(&option);
+ nghttp2_option_set_max_settings(option, 1);
+
+ nghttp2_session_client_new2(&session, &callbacks, &ud, option);
+
+ CU_ASSERT(1 == session->max_settings);
+
+ nghttp2_option_del(option);
+
+ iv[0].settings_id = NGHTTP2_SETTINGS_HEADER_TABLE_SIZE;
+ iv[0].value = 3000;
+
+ iv[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
+ iv[1].value = 16384;
+
+ nghttp2_frame_settings_init(&frame.settings, NGHTTP2_FLAG_NONE, dup_iv(iv, 2),
+ 2);
+
+ rv = nghttp2_frame_pack_settings(&bufs, &frame.settings);
+
+ CU_ASSERT(0 == rv);
+ CU_ASSERT(nghttp2_bufs_len(&bufs) > 0);
+
+ nghttp2_frame_settings_free(&frame.settings, mem);
+
+ buf = &bufs.head->buf;
+ assert(nghttp2_bufs_len(&bufs) == nghttp2_buf_len(buf));
+
+ ud.frame_recv_cb_called = 0;
+
+ rv = nghttp2_session_mem_recv(session, buf->pos, nghttp2_buf_len(buf));
+ CU_ASSERT((ssize_t)nghttp2_buf_len(buf) == rv);
+
+ item = nghttp2_session_get_next_ob_item(session);
+ CU_ASSERT(NGHTTP2_GOAWAY == item->frame.hd.type);
+
+ nghttp2_bufs_reset(&bufs);
+ nghttp2_bufs_free(&bufs);
+ nghttp2_session_del(session);
+}
+
static void
prepare_session_removed_closed_stream(nghttp2_session *session,
nghttp2_hd_deflater *deflater) {
Index: nghttp2-1.40.0/tests/nghttp2_session_test.h
===================================================================
--- nghttp2-1.40.0.orig/tests/nghttp2_session_test.h 2019-11-15 15:19:29.000000000 +0100
+++ nghttp2-1.40.0/tests/nghttp2_session_test.h 2021-03-12 14:47:49.536888085 +0100
@@ -156,6 +156,7 @@ void test_nghttp2_session_repeated_prior
void test_nghttp2_session_repeated_priority_submission(void);
void test_nghttp2_session_set_local_window_size(void);
void test_nghttp2_session_cancel_from_before_frame_send(void);
+void test_nghttp2_session_too_many_settings(void);
void test_nghttp2_session_removed_closed_stream(void);
void test_nghttp2_session_pause_data(void);
void test_nghttp2_session_no_closed_streams(void);

146
nghttp2-CVE-2023-35945.patch Normal file
View file

@ -0,0 +1,146 @@
From ce385d3f55a4b76da976b3bdf71fe2deddf315ba Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Fri, 14 Jul 2023 20:52:03 +0900
Subject: [PATCH] Fix memory leak
This commit fixes memory leak that happens when PUSH_PROMISE or
HEADERS frame cannot be sent, and nghttp2_on_stream_close_callback
fails with a fatal error. For example, if GOAWAY frame has been
received, a HEADERS frame that opens new stream cannot be sent.
This issue has already been made public via CVE-2023-35945 [1] issued
by envoyproxy/envoy project. During embargo period, the patch to fix
this bug was accidentally submitted to nghttp2/nghttp2 repository [2].
And they decided to disclose CVE early. I was notified just 1.5 hours
before disclosure. I had no time to respond.
PoC described in [1] is quite simple, but I think it is not enough to
trigger this bug. While it is true that receiving GOAWAY prevents a
client from opening new stream, and nghttp2 enters error handling
branch, in order to cause the memory leak,
nghttp2_session_close_stream function must return a fatal error.
nghttp2 defines 2 fatal error codes:
- NGHTTP2_ERR_NOMEM
- NGHTTP2_ERR_CALLBACK_FAILURE
NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of memory. It
is unlikely that a process gets short of memory with this simple PoC
scenario unless application does something memory heavy processing.
NGHTTP2_ERR_CALLBACK_FAILURE is returned from application defined
callback function (nghttp2_on_stream_close_callback, in this case),
which indicates something fatal happened inside a callback, and a
connection must be closed immediately without any further action. As
nghttp2_on_stream_close_error_callback documentation says, any error
code other than 0 or NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal
error code. More specifically, it is treated as if
NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that envoy returns
NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is translated
into NGHTTP2_ERR_CALLBACK_FAILURE.
[1] https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r
[2] https://github.com/nghttp2/nghttp2/pull/1929
---
lib/nghttp2_session.c | 10 +++++-----
tests/nghttp2_session_test.c | 34 ++++++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+), 5 deletions(-)
diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
index 7509ceb5..71858a39 100644
--- a/lib/nghttp2_session.c
+++ b/lib/nghttp2_session.c
@@ -3296,6 +3296,7 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session,
if (rv < 0) {
int32_t opened_stream_id = 0;
uint32_t error_code = NGHTTP2_INTERNAL_ERROR;
+ int rv2 = 0;
DEBUGF("send: frame preparation failed with %s\n",
nghttp2_strerror(rv));
@@ -3338,19 +3339,18 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session,
}
if (opened_stream_id) {
/* careful not to override rv */
- int rv2;
rv2 = nghttp2_session_close_stream(session, opened_stream_id,
error_code);
-
- if (nghttp2_is_fatal(rv2)) {
- return rv2;
- }
}
nghttp2_outbound_item_free(item, mem);
nghttp2_mem_free(mem, item);
active_outbound_item_reset(aob, mem);
+ if (nghttp2_is_fatal(rv2)) {
+ return rv2;
+ }
+
if (rv == NGHTTP2_ERR_HEADER_COMP) {
/* If header compression error occurred, should terminiate
connection. */
diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c
index b55ff534..74352426 100644
--- a/tests/nghttp2_session_test.c
+++ b/tests/nghttp2_session_test.c
@@ -584,6 +584,15 @@ static int on_stream_close_callback(nghttp2_session *session, int32_t stream_id,
return 0;
}
+static int fatal_error_on_stream_close_callback(nghttp2_session *session,
+ int32_t stream_id,
+ uint32_t error_code,
+ void *user_data) {
+ on_stream_close_callback(session, stream_id, error_code, user_data);
+
+ return NGHTTP2_ERR_CALLBACK_FAILURE;
+}
+
static ssize_t pack_extension_callback(nghttp2_session *session, uint8_t *buf,
size_t len, const nghttp2_frame *frame,
void *user_data) {
@@ -4296,6 +4305,8 @@ void test_nghttp2_session_on_goaway_received(void) {
nghttp2_frame frame;
int i;
nghttp2_mem *mem;
+ const uint8_t *data;
+ ssize_t datalen;
mem = nghttp2_mem_default();
user_data.frame_recv_cb_called = 0;
@@ -4337,6 +4348,29 @@ void test_nghttp2_session_on_goaway_received(void) {
nghttp2_frame_goaway_free(&frame.goaway, mem);
nghttp2_session_del(session);
+
+ /* Make sure that no memory leak when stream_close callback fails
+ with a fatal error */
+ memset(&callbacks, 0, sizeof(nghttp2_session_callbacks));
+ callbacks.on_stream_close_callback = fatal_error_on_stream_close_callback;
+
+ memset(&user_data, 0, sizeof(user_data));
+
+ nghttp2_session_client_new(&session, &callbacks, &user_data);
+
+ nghttp2_frame_goaway_init(&frame.goaway, 0, NGHTTP2_NO_ERROR, NULL, 0);
+
+ CU_ASSERT(0 == nghttp2_session_on_goaway_received(session, &frame));
+
+ nghttp2_submit_request(session, NULL, reqnv, ARRLEN(reqnv), NULL, NULL);
+
+ datalen = nghttp2_session_mem_send(session, &data);
+
+ CU_ASSERT(NGHTTP2_ERR_CALLBACK_FAILURE == datalen);
+ CU_ASSERT(1 == user_data.stream_close_cb_called);
+
+ nghttp2_frame_goaway_free(&frame.goaway, mem);
+ nghttp2_session_del(session);
}
void test_nghttp2_session_on_window_update_received(void) {
--
2.35.3

21
nghttp2-remove-python-build.patch Normal file
View file

@ -0,0 +1,21 @@
Index: nghttp2-1.39.1/python/Makefile.am
===================================================================
--- nghttp2-1.39.1.orig/python/Makefile.am
+++ nghttp2-1.39.1/python/Makefile.am
@@ -29,16 +29,6 @@ EXTRA_DIST = cnghttp2.pxd nghttp2.pyx CM
if ENABLE_PYTHON_BINDINGS
-all-local: nghttp2.c
- $(PYTHON) setup.py build
-
-install-exec-local:
- $(PYTHON) setup.py install --prefix=$(DESTDIR)$(prefix)
-
-uninstall-local:
- rm -f $(DESTDIR)$(libdir)/python*/site-packages/nghttp2.so
- rm -f $(DESTDIR)$(libdir)/python*/site-packages/python_nghttp2-*.egg
-
clean-local:
$(PYTHON) setup.py clean --all
-rm -f $(builddir)/nghttp2.c

1159
nghttp2.changes Normal file
View file

File diff suppressed because it is too large Load diff

224
nghttp2.spec Normal file
View file

@ -0,0 +1,224 @@
#
# spec file for package nghttp2
#
# Copyright (c) 2022-2023 ZhuningOS
#
%define soname libnghttp2
%define sover 14
%define soname_asio libnghttp2_asio
%define sover_asio 1
%global flavor %{nil}
%if "%{flavor}" == "python"
%define psuffix -python
%bcond_without python
%else
%define psuffix %{nil}
%bcond_with python
%endif
Name: nghttp2%{psuffix}
Version: 1.40.0
Release: 150200.9.1
Summary: Implementation of Hypertext Transfer Protocol version 2 in C
License: MIT
Group: Development/Libraries/C and C++
URL: https://nghttp2.org/
Source: https://github.com/tatsuhiro-t/nghttp2/releases/download/v%{version}/nghttp2-%{version}.tar.xz
Source1: baselibs.conf
# PATCH-FIX-OPENSUSE nghttp2-remove-python-build.patch
Patch0: nghttp2-remove-python-build.patch
# CVE-2020-11080 [bsc#1172442], HTTP/2 Large Settings Frame DoS
Patch1: nghttp2-CVE-2020-11080.patch
# CVE-2023-35945 [bsc#1215713], Fixes leak memory
Patch2: nghttp2-CVE-2023-35945.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gcc-c++
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: python-rpm-macros
BuildRequires: pkgconfig(cunit)
BuildRequires: pkgconfig(jansson)
BuildRequires: pkgconfig(libcares)
BuildRequires: pkgconfig(libev)
BuildRequires: pkgconfig(liblzma)
BuildRequires: pkgconfig(libsystemd)
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(zlib)
%if %{with python}
BuildRequires: pkgconfig(python3)
BuildRequires: python3-Cython
BuildRequires: python3-setuptools
%endif
%ifnarch ppc %{arm}
%if 0%{?sle_version} >= 150000 && 0%{?is_opensuse}
BuildRequires: pkgconfig(jemalloc)
%endif
%endif
%if 0%{?suse_version} > 1325
BuildRequires: libboost_system-devel
BuildRequires: libboost_thread-devel
%else
BuildRequires: boost-devel
%endif
%description
This is an implementation of Hypertext Transfer Protocol version 2.
The framing layer of HTTP/2 is implemented as a form of reusable C library.
On top of that, we have implemented HTTP/2 client, server and proxy. We
have also developed load test and benchmarking tool for HTTP/2.
HPACK encoder and decoder are available as public API.
%package -n %{soname}-%{sover}
Summary: Shared library for nghttp2
Group: System/Libraries
%description -n %{soname}-%{sover}
Shared C libraries for implementation of Hypertext Transfer Protocol
version 2.
%package -n %{soname_asio}%{sover_asio}
Summary: Shared library for nghttp2
Group: System/Libraries
%description -n %{soname_asio}%{sover_asio}
Shared libraries for asynchronous implementation of Hypertext Transfer
Protocol version 2.
%package -n python3-nghttp2
Summary: Python3 bindings for nghttp2
Group: Development/Libraries/Python
%description -n python3-nghttp2
Python bindings for implementation of Hypertext Transfer Protocol version
2.
%package -n %{soname}-devel
Summary: Development files for nghttp2
Group: Development/Languages/C and C++
Requires: %{soname}-%{sover} = %{version}
Provides: %{name}-devel
%description -n %{soname}-devel
Development files for usage with libnghttp2, which implements
Hypertext Transfer Protocol version 2.
%package -n %{soname_asio}-devel
Summary: Development files for nghttp2
Group: Development/Languages/C and C++
Requires: %{soname_asio}%{sover_asio} = %{version}
%description -n %{soname_asio}-devel
Development files for usage with libnghttp2_aio, which implements
asynchronous Hypertext Transfer Protocol version 2.
%package doc
Summary: Documentation for nghttp2
Group: Documentation/HTML
%description doc
Documentation for nghttp2, which includes a shared C library,
HTTP/2 client, server and proxy.
%prep
%setup -q -n nghttp2-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
# fix python shebang
sed -i -e 's:#!%{_bindir}/env python:#!%{_bindir}/python3:g' script/fetch-ocsp-response
%build
%if %{with python}
export PYTHON=%{_bindir}/python3
%else
sed -i -e '/AM_PATH_PYTHON([2.7],, [:]) /d' configure.ac
%endif
autoreconf -fiv
%configure \
--disable-static \
--disable-silent-rules \
--enable-asio-lib \
--enable-app \
%if %{with python}
--enable-python-bindings \
%else
--disable-python-bindings \
%endif
%{nil}
make %{?_smp_mflags} all
%if %{with python}
pushd python
make %{?_smp_mflags} nghttp2.c
%python3_build
popd
%endif
%install
%if %{with python}
pushd python
%python3_install
popd
%else
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
# Do not ship theis
rm -rf %{buildroot}%{_datadir}/doc/nghttp2
# None of applications using these man pages are built.
rm -rf %{buildroot}%{_mandir}/man1/* \
doc/manual/html/.buildinfo
%endif
%check
# One test fails if python-sphinx is not present
make %{?_smp_mflags} check ||:
%if !%{with python}
%post -n %{soname}-%{sover} -p /sbin/ldconfig
%post -n %{soname_asio}%{sover_asio} -p /sbin/ldconfig
%postun -n %{soname}-%{sover} -p /sbin/ldconfig
%postun -n %{soname_asio}%{sover_asio} -p /sbin/ldconfig
%endif
%if %{with python}
%files -n python3-nghttp2
%{python3_sitearch}/nghttp2.*.so
%{python3_sitearch}/python_nghttp2-*
%else
%files
%{_bindir}/deflatehd
%{_bindir}/inflatehd
%{_bindir}/h2load
%{_bindir}/nghttp
%{_bindir}/nghttpd
%{_bindir}/nghttpx
%{_datadir}/%{name}/
%files -n %{soname}-%{sover}
%license COPYING
%{_libdir}/%{soname}.so.%{sover}*
%files -n %{soname_asio}%{sover_asio}
%license COPYING
%{_libdir}/%{soname_asio}.so.%{sover_asio}*
%files -n %{soname}-devel
%dir %{_includedir}/%{name}/
%{_includedir}/%{name}/%{name}*.h
%{_libdir}/%{soname}.so
%{_libdir}/pkgconfig/%{soname}.pc
%files -n %{soname_asio}-devel
%dir %{_includedir}/%{name}/
%{_includedir}/%{name}/asio_http2*.h
%{_libdir}/%{soname_asio}.so
%{_libdir}/pkgconfig/%{soname_asio}.pc
%endif
%changelog