Changelog
---------
v2.1.1
======
commit e2fcf47f0350a7f7beba64e96191b02acb754406
Author: Silas Parker <skyhisi@user.github.invalid.com>
Date: Tue Feb 14 23:25:15 2017 +0800
fix close packet index coding
https://github.com/warmcat/libwebsockets/issues/792
commit b95e7fe4666105d474c87a7114cfefac4338bbbb
Author: Andy Green <andy@warmcat.com>
Date: Sun Feb 5 22:46:39 2017 +0800
gcc format strings: http2
commit 0b7ca30ed154861558065797e7562a30a340daa7
Author: Andy Green <andy@warmcat.com>
Date: Sun Feb 5 22:13:16 2017 +0800
gcc- format strings: debug and extra plugins
commit b03b17fd0ba2c967be213cf465301b57acf03f43
Author: Martin Milata <martin@martinmilata.cz>
Date: Sun Feb 5 22:12:57 2017 +0800
Subject: gcc format strings: Make GCC check format strings, fix found problems
commit a238984d1b6e3422ff8dada49d45c4a130bbd48e
Author: Sven Hoffmann <sven@fredda.eu>
Date: Sun Feb 5 22:12:33 2017 +0800
post processing: fix problem where hex cant straddle block correctly
commit 109d66c365a39b3ecdca1a5bccd722820e7bdd6a
Author: Tobias <tobias@codeatelier.com>
Date: Tue Jan 17 06:28:27 2017 +0800
ignore leading spaces when checking for a suitable subprotocol
My Browsers send as Subprotocols e.g. chat, superchat, mySubprotocol (with spaces after the ,). Libwebsockets now checked if ' mySubprotocol' was equal to 'mySubprotocol' which failed. With this fix the leading space is ignored and uses 'mySubprotocol' for comparision.
commit da6f03b423d33f8f95fe939d8d5150ceddb43b8a
Author: Andy Green <andy@warmcat.com>
Date: Tue Jan 10 09:16:49 2017 +0800
ssl: wolfssl doesn't have clear options
https://github.com/warmcat/libwebsockets/issues/741
commit c9d165bbcc8cf91f0170f16b6ec2e16b208432c7
Author: Hai Vu <twoask@github.invalid.com>
Date: Tue Jan 10 09:16:41 2017 +0800
ssl-correct-option-clear-availability-version
https://github.com/warmcat/libwebsockets/issues/744
commit 82836590471c3949fe3a36fbcd1c52ceaf82fd0f
Author: Andy Green <andy@warmcat.com>
Date: Sat Jan 7 10:24:50 2017 +0800
polarssl: turn off missing tlsext
commit c447e1f9f3b39fadc1822aa2c7100c02934a5844
Author: Andy Green <andy@warmcat.com>
Date: Sat Jan 7 10:24:42 2017 +0800
openssl: deal with missing OPENSSL_NO_TLSEXT on ancient versions
commit 9706dd23a232c715a6077059dbe83caff390f5a9
Author: Denis Osvald <denis.osvald@sartura.hr>
Date: Mon Jan 2 17:33:26 2017 +0100
server: check listen(2) return value
The `listen` call can fail with EADDRINUSE after bind() succeeds, for
example because another process called listen on that port in the
meantime, or under some circumstances with IPv6-mapped-IPv4. This was
causing EINVAL on accept, with an infinite loop in case of libuv.
A reproducible example was to run nc -l -p 5555 ( OpenBSD netcat (Debian
patchlevel 1)) before starting test-server
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
commit 837e7fdd1422438d7232ee0bb829b98aba0229c3
Author: namowen <namowen@github.invalid.com>
Date: Sat Dec 24 08:03:04 2016 +0800
lws_plat_service_tsi: accessing context before checking for NULL
https://github.com/warmcat/libwebsockets/issues/730
commit d2cb05f1f6807d120e3b9098096ad23862137a27
Author: Namowen <namowen@github.invalid.com>
Date: Fri Dec 16 07:05:29 2016 +0800
echo: fix debug build
https://github.com/warmcat/libwebsockets/issues/716#issuecomment-267377856
commit d170ed06234a7ad055c2a8c82497a13dd1706685
Author: Andy Green <andy@warmcat.com>
Date: Thu Dec 15 13:28:48 2016 +0800
test-client: fix broken protocol names
commit 39807c1d10a6358af7628207021d0d93207d706e
Author: Andy Green <andy@warmcat.com>
Date: Thu Dec 15 13:27:13 2016 +0800
client ssl hostname check: trim any port on host header
commit 6dce477aef000041b9ad2a6b5e1716cfa3ef298a
Author: Andy Green <andy@warmcat.com>
Date: Thu Dec 15 10:09:55 2016 +0800
ipv6-allow-binding-to-ipv6-address-in-iface
ipv4 and ipv6 binding to a named interface works OK. ipv4 binding to an IP also
works, but we need some extra ipv6 magic to identify the ipv6 interface from an
ipv6 address.
This patch based on code from "user3546716" at
http://stackoverflow.com/questions/13504934/binding-sockets-to-ipv6-addresses
adds the necessary magic.
https://github.com/warmcat/libwebsockets/issues/717
commit cf8b922df52730efadfbc794239ca214f2c9afba
Author: Andy Green <andy@warmcat.com>
Date: Thu Dec 15 08:38:35 2016 +0800
client: if NULL protocol vhost same linked list entry
Lws maintains a linked-list of wsi that are on the same vhost protocol...
it walks it to perform ..._all_protocol() type apis.
Client connections also participate in this list, but in the case the
selected protocol is not given during negotation (a legal case where
the server default protocol is selected) we missed adding the new
ws negotiated client wsi to the list.
This patch makes sure we add the wsi to the vhost protocols[0] list
in that case.
https://github.com/warmcat/libwebsockets/issues/716
commit 266819a1f5fe031ce4448279fb4c497c8e1b55aa
Author: Andy Green <andy@warmcat.com>
Date: Mon Dec 12 20:38:32 2016 +0800
client: avoid possible NULL deref on error path
https://github.com/warmcat/libwebsockets/issues/672
commit e618359d4fc6587221f96ce284c872928d38056c
Author: daren-qterics <daren-qterics@github.invalid.com>
Date: Sat Dec 10 08:55:18 2016 +0800
ssl destroy: change ordering of ssl destroy to later than vhost destroy
https://github.com/warmcat/libwebsockets/issues/711
commit 04fee5f75f423664cdee64ba7a75615a9fd2b6e4
Author: Andy Green <andy@warmcat.com>
Date: Fri Dec 9 07:07:32 2016 +0800
clean: usused accidental global wsi
https://github.com/warmcat/libwebsockets/issues/708
commit 384ee53a36f95696a8a457b8160da05ca203f425
Author: Andy Green <andy@warmcat.com>
Date: Thu Dec 8 17:36:51 2016 +0800
lwsgt: fix check against forgot password flow defeating existing pw check
https://github.com/warmcat/libwebsockets/issues/706
This fixes a problem where the check for the existing pw was
skipped when a logged-in user is changing his password.
It's not good but because the user has to be logged in, it only affected
the situation someone changes his password on his logged in session.
commit c01bbb2bbcd7b00d14440b7f66cd5058dd811f75
Author: Bablooos <beetle@gambler.ru>
Date: Tue Nov 29 20:45:14 2016 +0800
Update CMakeLists.txt for BSD + libdl
Fixing build failure of libwebsockets-test-fraggle on FreeBSD when LWS_WITH_PLUGINS.
Solution: FreeBSD has no libdl
commit d104d624ec9f7619660838f86ae8a58ba453bc42
Author: Andy Green <andy@warmcat.com>
Date: Sat Dec 10 09:13:04 2016 +0800
ws-server: restrict returned Sec-Websocket-Protocol to the chosen name only
https://libwebsockets.org/pipermail/libwebsockets/2016-November/002948.html
Updated to fix a problem with no protocol
https://github.com/warmcat/libwebsockets/issues/705
commit 60b3a027d9cae0fa15e15547fb0a5539c48997a1
Author: Andy Green <andy@warmcat.com>
Date: Sat Nov 26 20:47:34 2016 +0800
generic-sessions: move auth level check to after mount protocol selection
commit c8bb24cf57954e0b1cedd65ecc575dfde53c5742
Author: Iblis Lin <iblis@hs.ntnu.edu.tw>
Date: Wed Nov 23 23:02:13 2016 +0800
server: portable option for setsockopt
From linux ipv6(7) manual (section `Note`):
SOL_IP, SOL_IPV6, SOL_ICMPV6 and other SOL_* socket options are
nonportable variants of IPPROTO_*. See also ip(7).
Ref: http://man7.org/linux/man-pages/man7/ipv6.7.html
commit 0bef3a8b01e401b6a6051d07c8f162a3dc148bb3
Author: sjames1958gm <sajames1958@gmail.com>
Date: Mon Nov 21 09:23:17 2016 -0600
client stash: update path variable to larger size
commit c2cd260311b2123a29bae17e151575457e8599b8
Author: Andy Green <andy@warmcat.com>
Date: Wed Nov 16 09:00:45 2016 +0800
lws_socket_bind: use lws_sockfd_type
commit 386bd4550bbcbb3e271113c2b69e1f116d0f2c25
Author: Andy Green <andy@warmcat.com>
Date: Tue Nov 15 17:00:55 2016 +0800
client: protect againt losing ah by lws_client_connect_2
commit 56826dbfd75c304f5466045646aaba1010539086
Author: Andy Green <andy@warmcat.com>
Date: Mon Nov 14 18:16:36 2016 +0800
post file upload: dont lose sight of end of upload just because we hit end of incoming post data
commit 9d061e1efd0af1f943bf6a848231bd4d1a2b5566
Author: Rainer Poisel <rainer.poisel@logicals.com>
Date: Wed Nov 9 08:34:27 2016 +0800
Better support for MINW32
commit 1e2e150ec4957f58dfbb8202725ba4e24fc19556
Author: Yannick Kiekens <yannickkiekens@gmail.com>
Date: Thu Nov 3 10:03:18 2016 +0100
From 7f84bc3e864b52eb13c670362a4b53bc3505393e Mon Sep 17 00:00:00 2001
Subject: [PATCH] Fix typo in lws_create_context documentation
commit 5fb327754ab4d202fca903dd5bd6b546b340eecb
Author: Andy Green <andy@warmcat.com>
Date: Mon Oct 10 23:21:48 2016 +0800
adjust_timeout: with default lws_plat_service_tsi allow beings passed 0 timeout
Some people are calling service with zero timeout, taking care of
not busywaiting by some other external arrangements.
Adapt the forced service signalling to survive this.
commit e2fcb9414785162d5affbf0aa87ab2fc06e64ded
Author: Joerg Pommnitz <pommnitz@yahoo.com>
Date: Mon Oct 10 20:06:06 2016 +0800
some compilers need void param explicitly
commit 5df8bf9d83299b1ec94e13aa9fa7ea5566750e66
Author: Yuchen Xie <yuchen.xie@live.com>
Date: Mon Oct 10 19:04:46 2016 +0800
Correct the library name of LIBHUBBUB_LIBRARIES
It should be `hubbub` in `find_library` to make the function work.
commit 6670c6f953288379d008ac9d6ba2bd1475ccf106
Author: Andy Green <andy@warmcat.com>
Date: Sat Oct 8 18:09:18 2016 +0800
docs: explain lws_write handling of truncated sends better
commit 549b7ad02321e6e0db2df2fd33125ecd0dd7e692
Author: Denis Osvald <denis.osvald@sartura.hr>
Date: Fri Oct 7 11:27:46 2016 +0200
publicly document lws_service_fd timeout servicing
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
commit af8692e36f49b02725eeaa025988cb168c78e93b
Author: Denis Osvald <denis.osvald@sartura.hr>
Date: Thu Oct 6 15:45:25 2016 +0200
test-server-extpoll: add 1-per-second timeout servicing
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
Adapt the forced service signalling to survive this.
commit e2fcb9414785162d5affbf0aa87ab2fc06e64ded
Author: Joerg Pommnitz <pommnitz@yahoo.com>
Date: Mon Oct 10 20:06:06 2016 +0800
some compilers need void param explicitly
commit 5df8bf9d83299b1ec94e13aa9fa7ea5566750e66
Author: Yuchen Xie <yuchen.xie@live.com>
Date: Mon Oct 10 19:04:46 2016 +0800
Correct the library name of LIBHUBBUB_LIBRARIES
It should be `hubbub` in `find_library` to make the function work.
commit 6670c6f953288379d008ac9d6ba2bd1475ccf106
Author: Andy Green <andy@warmcat.com>
Date: Sat Oct 8 18:09:18 2016 +0800
docs: explain lws_write handling of truncated sends better
commit 549b7ad02321e6e0db2df2fd33125ecd0dd7e692
Author: Denis Osvald <denis.osvald@sartura.hr>
Date: Fri Oct 7 11:27:46 2016 +0200
publicly document lws_service_fd timeout servicing
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
commit af8692e36f49b02725eeaa025988cb168c78e93b
Author: Denis Osvald <denis.osvald@sartura.hr>
Date: Thu Oct 6 15:45:25 2016 +0200
test-server-extpoll: add 1-per-second timeout servicing
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
v2.1.0
======
Major new features
- Support POST arguments, including multipart and file attachment
- Move most of lwsws into lws, make the stub CC0
- Add loopback test plugin to confirm client ws / http coexistence
- Integrate lwsws testing on Appveyor (ie, windows)
- Introduce helpers for sql, urlencode and urldecode sanitation
- Introduce LWS_CALLBACK_HTTP_BIND_PROTOCOL / DROP_PROTOCOL that
are compatible with http:/1.1 pipelining and different plugins
owning different parts of the URL space
- lwsgs - Generic Sessions plugin supports serverside sessions,
cookies, hashed logins, forgot password etc
- Added APIs for sending email to SMTP servers
- Messageboard example plugin for lwsgs
- Automatic PING sending at fixed intervals and close if no response
- Change default header limit in ah to 4096 (from 1024)
- Add SNI matching for wildcards if no specific wildcard vhost name match
- Convert docs to Doxygen
- ESP8266 support ^^
Fixes
-----
See git log v2.0.0..
v2.0.0
======
Summary
-------
- There are only api additions, the api is compatible with v1.7.x. But
there is necessarily an soname bump to 8.
- If you are using lws client, you mainly need to be aware the option
LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT is needed at context-creation time
if you will use SSL.
- If you are using lws for serving, the above is also true but there are
many new features to simplify your code (and life). There is a
summany online here
https://libwebsockets.org/lws-2.0-new-features.html
but basically the keywords are vhosts, mounts and plugins. You can now
do the web serving part from lws without any user callback code at all.
See ./test-server/test-server-v2.0.c for an example, it has no user
code for ws either since it uses the protocol plugins... that one C file
is all that is needed to do the whole test server function.
You now have the option to use a small generic ws-capable webserver
"lwsws" and write your ws part as a plugin. That eliminates even
cut-and-pasting the test server code and offers more configurable
features like control over http cacheability in JSON.
Fixes
-----
These are already in 1.7.x series
1) MAJOR (Windows-only) fix assert firing
2) MAJOR http:/1.1 connections handled by lws_return_http_status() did not
get sent a content-length resulting in the link hanging until the peer closed
it. attack.sh updated to add a test for this.
3) MINOR An error about hdr struct in _lws_ws_related is corrected, it's not
known to affect anything until after it was fixed
4) MINOR During the close shutdown wait state introduced at v1.7, if something
requests callback on writeable for the socket it will busywait until the
socket closes
5) MAJOR Although the test server has done it for a few versions already, it
is now required for the user code to explicitly call
if (lws_http_transaction_completed(wsi))
return -1;
when it finishes replying to a transaction in http. Previously the library
did it for you, but that disallowed large, long transfers with multiple
trips around the event loop (and cgi...).
6) MAJOR connections on ah waiting list that closed did not get removed from
the waiting list...
7) MAJOR since we added the ability to hold an ah across http keepalive
transactions where more headers had already arrived, we broke the ability
to tell if more headers had arrived. Result was if the browser didn't
close the keepalive, we retained ah for the lifetime of the keepalive,
using up the pool.
8) MAJOR windows-only-POLLHUP was not coming
9) Client should not send ext hdr if no exts
Changes
-------
1) MINOR test-server gained some new switches
-C <file> use external SSL cert file
-K <file> use external SSL key file
-A <file> use external SSL CA cert file
-u <uid> set effective uid
-g <gid> set effective gid
together you can use them like this to have the test-server work with the
usual purchased SSL certs from an official CA.
--ssl -C your.crt -K your.key -A your.cer -u 99 -g 99
2) MINOR the OpenSSL magic to setup ECDH cipher usage is implemented in the
library, and the ciphers restricted to use ECDH only.
Using this, the lws test server can score an A at SSLLABS test
3) MINOR STS (SSL always) header is added to the test server if you use --ssl. With
that, we score A+ at SSLLABS test
4) MINOR daemonize function (disabled at cmake by default) is updated to work
with systemd
5) MINOR example systemd .service file now provided for test server
(not installed by default)
6) test server html is updated with tabs and a new live server monitoring
feature. Input sanitization added to the js.
7) client connections attempted when no ah is free no longer fail, they are
just deferred until an ah becomes available.
8) The test client pays attention to if you give it an http:/ or https://
protocol string to its argument in URL format. If so, it stays in http[s]
client mode and doesn't upgrade to ws[s], allowing you to do generic http client
operations. Receiving transfer-encoding: chunked is supported.
9) If you enable -DLWS_WITH_HTTP_PROXY=1 at cmake, the test server has a
new URI path http://localhost:7681/proxytest If you visit here, a client
connection to http://example.com:80 is spawned, and the results piped on
to your original connection.
10) Also with LWS_WITH_HTTP_PROXY enabled at cmake, lws wants to link to an
additional library, "libhubbub". This allows lws to do html rewriting on the
fly, adjusting proxied urls in a lightweight and fast way.
11) There's a new context creation flag LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT,
this is included automatically if you give any other SSL-related option flag.
If you give no SSL-related option flag, nor this one directly, then even
though SSL support may be compiled in, it is never initialized nor used for the
whole lifetime of the lws context.
Conversely in order to prepare the context to use SSL, even though, eg, you
are not listening on SSL but will use SSL client connections later, you must
give this flag explicitly to make sure SSL is initialized.
User API additions
------------------
1) MINOR APIBREAK There's a new member in struct lws_context_creation_info, ecdh_curve,
which lets you set the name of the ECDH curve OpenSSL should use. By
default (if you leave ecdh_curve NULL) it will use "prime256v1"
2) MINOR NEWAPI It was already possible to adopt a foreign socket that had not
been read from using lws_adopt_socket() since v1.7. Now you can adopt a
partially-used socket if you don't need SSL, by passing it what you read
so it can drain that before reading from the socket.
LWS_VISIBLE LWS_EXTERN struct lws *
lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd,
const char *readbuf, size_t len);
3) MINOR NEWAPI CGI type "network io" subprocess execution is now possible from
a simple api.
LWS_VISIBLE LWS_EXTERN int
lws_cgi(struct lws *wsi, char * const *exec_array, int script_uri_path_len,
int timeout_secs);
LWS_VISIBLE LWS_EXTERN int
lws_cgi_kill(struct lws *wsi);
To use it, you must first set the cmake option
$ cmake .. -DLWS_WITH_CGI=1
See test-server-http.c and test server path
http://localhost:7681/cgitest
stdin gets http body, you can test it with wget
$ echo hello > hello.txt
$ wget http://localhost:7681/cgitest --post-file=hello.txt -O- --quiet
lwstest script
read="hello"
The test script returns text/html table showing /proc/meminfo. But the cgi
support is complete enough to run cgit cgi.
4) There is a helper api for forming logging timestamps
LWS_VISIBLE int
lwsl_timestamp(int level, char *p, int len)
this generates this kind of timestamp for use as logging preamble
lwsts[13116]: [2016/01/25 14:52:52:8386] NOTICE: Initial logging level 7
5) struct lws_client_connect_info has a new member
const char *method
If it's NULL, then everything happens as before, lws_client_connect_via_info()
makes a ws or wss connection to the address given.
If you set method to a valid http method like "GET", though, then this method
is used and the connection remains in http[s], it's not upgraded to ws[s].
So with this, you can perform http[s] client operations as well as ws[s] ones.
There are 4 new related callbacks
LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44,
LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45,
LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46,
LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47,
6) struct lws_client_connect_info has a new member
const char *parent_wsi
if non-NULL, the client wsi is set to be a child of parent_wsi. This ensures
if parent_wsi closes, then the client child is closed just before.
7) If you're using SSL, there's a new context creation-time option flag
LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS. If you give this, non-ssl
connections to the server listen port are accepted and receive a 301
redirect to / on the same host and port using https://
8) User code may set per-connection extension options now, using a new api
"lws_set_extension_option()".
This should be called from the ESTABLISHED callback like this
lws_set_extension_option(wsi, "permessage-deflate",
"rx_buf_size", "12"); /* 1 << 12 */
If the extension is not active (missing or not negotiated for the
connection, or extensions are disabled on the library) the call is
just returns -1. Otherwise the connection's extension has its
named option changed.
The extension may decide to alter or disallow the change, in the
example above permessage-deflate restricts the size of his rx
output buffer also considering the protocol's rx_buf_size member.
New application lwsws
---------------------
A libwebsockets-based general webserver is built by default now, lwsws.
It's configured by JSON, by default in
/etc/lwsws/conf
which contains global lws context settings like this
{
"global": {
"uid": "99",
"gid": "99",
"interface": "eth0",
"count-threads": "1"
}
}
/etc/lwsws/conf.d/*
which contains zero or more files describing vhosts, like this
{
"vhosts": [
{ "name": "warmcat.com",
"port": "443",
"host-ssl-key": "/etc/pki/tls/private/warmcat.com.key",
"host-ssl-cert": "/etc/pki/tls/certs/warmcat.com.crt",
"host-ssl-ca": "/etc/pki/tls/certs/warmcat.com.cer",
"mounts": [
{ "/": [
{ "home": "file:///var/www/warmcat.com" },
{ "default": "index.html" }
]
}
]
}
]
}
v1.7.0
======
Extension Changes
-----------------
1) There is now a "permessage-deflate" / RFC7692 implementation. It's very
similar to "deflate-frame" we have offered for a long while; deflate-frame is
now provided as an alias of permessage-deflate.
The main differences are that the new permessage-deflate implementation:
- properly performs streaming respecting input and output buffer limits. The
old deflate-frame implementation could only work on complete deflate input
and produce complete inflate output for each frame. The new implementation
only mallocs buffers at initialization.
- goes around the event loop after each input package is processed allowing
interleaved output processing. The RX flow control api can be used to
force compressed input processing to match the rate of compressed output
processing (test--echo shows an example of how to do this).
- when being "deflate-frame" for compatibility he uses the same default zlib
settings as the old "deflate-frame", but instead of exponentially increasing
malloc allocations until the whole output will fit, he observes the default
input and output chunking buffer sizes of "permessage-deflate", that's
1024 in and 1024 out at a time.
2) deflate-stream has been disabled for many versions (for over a year) and is
now removed. Browsers are now standardizing on "permessage-deflate" / RFC7692
3) struct lws_extension is simplified, and lws extensions now have a public
api (their callback) for use in user code to compose extensions and options
the user code wants. lws_get_internal_exts() is deprecated but kept around
as a NOP. The changes allow one extension implementation to go by different
names and allows the user client code to control option offers per-ext.
The test client and server are updated to use the new way. If you use
the old way it should still work, but extensions will be disabled until you
update your code.
Extensions are now responsible for allocating and per-instance private struct
at instance construction time and freeing it when the instance is destroyed.
Not needing to know the size means the extension's struct can be opaque
to user code.
User api additions
------------------
1) The info struct gained three new members
- max_http_header_data: 0 for default (1024) or set the maximum amount of known
http header payload that lws can deal with. Payload in unknown http
headers is dropped silently. If for some reason you need to send huge
cookies or other HTTP-level headers, you can now increase this at context-
creation time.
- max_http_header_pool: 0 for default (16) or set the maximum amount of http
header
...