./www/py-h2, HTTP/2 State-Machine based protocol implementation

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.0.1, Package name: py27-h2-3.0.1, Maintainer: pkgsrc-users

Hyper-h2 is a HTTP/2 protocol stack, written entirely in Python. The goal
of Hyper-h2 is to be a common HTTP/2 stack for the Python ecosystem, usable
in all programs regardless of concurrency model or environment.

To achieve this, Hyper-h2 is entirely self-contained: it does no I/O of any
kind, leaving that up to a wrapper library to control. This ensures that it
can seamlessly work in all kinds of environments, from single-threaded code
to Twisted.

Its goal is to be 100% compatible with RFC 7540, implementing a complete
HTTP/2 protocol stack build on a set of finite state machines. Its
secondary goals are to be fast, clear, and efficient.


Required to run:
[devel/py-setuptools] [lang/python27] [net/py-hpack] [www/py-hyperframe]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: cf645989412368f6c925145e9e97f946b4e20ee4
RMD160: 209dbe04edb223e4408f4730cb7e0ef13a21c79e
Filesize: 2157.047 KB

Version history: (Expand)


CVS history: (Expand)


   2017-06-21 11:57:57 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
3.0.1:

Bugfixes
- CONTINUATION frames sent on closed streams previously caused stream errors
  of type STREAM_CLOSED. RFC 7540 § 6.10 requires that these be connection
  errors of type PROTOCOL_ERROR, and so this release changes to match that
  behaviour.
- Remote peers incrementing their inbound connection window beyond the maximum
  allowed value now cause stream-level errors, rather than connection-level
  errors, allowing connections to stay up longer.
- h2 now rejects receiving and sending request header blocks that are missing
  any of the mandatory pseudo-header fields (:path, :scheme, and :method).
- h2 now rejects receiving and sending request header blocks that have an empty
  :path pseudo-header value.
- h2 now rejects receiving and sending request header blocks that contain
  response-only pseudo-headers, and vice versa.
- h2 now correct respects user-initiated changes to the HEADER_TABLE_SIZE
  local setting, and ensures that if users shrink or increase the header
  table size it is policed appropriately.
   2017-04-14 15:10:13 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
Update www/py-h2 to 2.5.2

Changes:
2.5.2 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
  upgrade that was emitted by ``initiate_upgrade_connection`` included the
  *entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
  plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
  than have those settings applied appropriately.

2.4.3 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
  upgrade that was emitted by ``initiate_upgrade_connection`` included the
  *entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
  plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
  than have those settings applied appropriately.

2.3.4 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
  upgrade that was emitted by ``initiate_upgrade_connection`` included the
  *entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
  plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
  than have those settings applied appropriately.

2.5.1 (2016-12-17)
------------------
Bugfixes
~~~~~~~~
- Remote peers are now allowed to send zero or any positive number as a value
  for ``SETTINGS_MAX_HEADER_LIST_SIZE``, where previously sending zero would
  raise a ``InvalidSettingsValueError``.

2.5.0 (2016-10-25)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new ``H2Configuration`` object that allows rich configuration of
  a ``H2Connection``. This object supersedes the prior keyword arguments to the
  ``H2Connection`` object, which are now deprecated and will be removed in 3.0.
- Added support for automated window management via the
  ``acknowledge_received_data`` method. See the documentation for more details.
- Added a ``DenialOfServiceError`` that is raised whenever a behaviour that
  looks like a DoS attempt is encountered: for example, an overly large
  decompressed header list. This is a subclass of ``ProtocolError``.
- Added support for setting and managing ``SETTINGS_MAX_HEADER_LIST_SIZE``.
  This setting is now defaulted to 64kB.
- Added ``h2.errors.ErrorCodes``, an enum that is used to store all the HTTP/2
  error codes. This allows us to use a better printed representation of the
  error code in most places that it is used.
- The ``error_code`` fields on ``ConnectionTerminated`` and ``StreamReset``
  events have been updated to be instances of ``ErrorCodes`` whenever they
  correspond to a known error code. When they are an unknown error code, they
  are instead ``int``. As ``ErrorCodes`` is a subclass of ``int``, this is
  non-breaking.
- Deprecated the other fields in ``h2.errors``. These will be removed in 3.0.0.

Bugfixes
~~~~~~~~
- Correctly reject request header blocks with neither :authority nor Host
  headers, or header blocks which contain mismatched :authority and Host
  headers, per RFC 7540 Section 8.1.2.3.
- Correctly expect that responses to HEAD requests will have no body regardless
  of the value of the Content-Length header, and reject those that do.
- Correctly refuse to send header blocks that contain neither :authority nor
  Host headers, or header blocks which contain mismatched :authority and Host
  headers, per RFC 7540 Section 8.1.2.3.
- Hyper-h2 will now reject header field names and values that contain leading
  or trailing whitespace.
- Correctly strip leading/trailing whitespace from header field names and
  values.
- Correctly refuse to send header blocks with a TE header whose value is not
  ``trailers``, per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks with connection-specific headers,
  per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks that contain duplicate pseudo-header
  fields, or with pseudo-header fields that appear after ordinary header fields,
  per RFC 7540 Section 8.1.2.1.
  This may cause passing a dictionary as the header block to ``send_headers``
  to throw a ``ProtocolError``, because dictionaries are unordered and so they
  may trip this check.  Passing dictionaries here is deprecated, and callers
  should change to using a sequence of 2-tuples as their header blocks.
- Correctly reject trailers that contain HTTP/2 pseudo-header fields, per RFC
  7540 Section 8.1.2.1.
- Correctly refuse to send trailers that contain HTTP/2 pseudo-header fields,
  per RFC 7540 Section 8.1.2.1.
- Correctly reject responses that do not contain the ``:status`` header field,
  per RFC 7540 Section 8.1.2.4.
- Correctly refuse to send responses that do not contain the ``:status`` header
  field, per RFC 7540 Section 8.1.2.4.
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.4.2 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.3.3 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.2.7 (2016-10-25)
------------------
*Final 2.2.X release*

Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.4.1 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
  of the value of the Content-Length header, and reject those that do.

2.3.2 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
  of the value of the Content-Length header, and reject those that do.

2.4.0 (2016-07-01)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Adds ``additional_data`` to ``H2Connection.close_connection``, allowing the
  user to send additional debug data on the GOAWAY frame.
- Adds ``last_stream_id`` to ``H2Connection.close_connection``, allowing the
  user to manually control what the reported last stream ID is.
- Add new method: ``prioritize``.
- Add support for emitting stream priority information when sending headers
  frames using three new keyword arguments: ``priority_weight``,
  ``priority_depends_on``, and ``priority_exclusive``.
- Add support for "related events": events that fire simultaneously on \ 
a single
  frame.

2.3.1 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
  of CONTINUATION frames on a given connection.

2.2.5 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
  of CONTINUATION frames on a given connection.

2.3.0 (2016-04-26)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new flag to the ``H2Connection`` constructor: ``header_encoding``,
  that controls what encoding is used (if any) to decode the headers from bytes
  to unicode. This defaults to UTF-8 for backward compatibility. To disable the
  decode and use bytes exclusively, set the field to False, None, or the empty
  string. This affects all headers, including those pushed by servers.
- Bumped the minimum version of HPACK allowed from 2.0 to 2.2.
- Added support for advertising RFC 7838 Alternative services.
- Allowed users to provide ``hpack.HeaderTuple`` and
  ``hpack.NeverIndexedHeaderTuple`` objects to all methods that send headers.
- Changed all events that carry headers to emit ``hpack.HeaderTuple`` and
  ``hpack.NeverIndexedHeaderTuple`` instead of plain tuples. This allows users
  to maintain header indexing state.
- Added support for plaintext upgrade with the ``initiate_upgrade_connection``
  method.

Bugfixes
~~~~~~~~
- Automatically ensure that all ``Authorization`` and ``Proxy-Authorization``
  headers, as well as short ``Cookie`` headers, are prevented from being added
  to encoding contexts.

2.2.4 (2016-04-25)
------------------
Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.

2.1.5 (2016-04-25)
------------------
*Final 2.1.X release*

Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.
   2016-04-20 18:10:14 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
Update www/py-h2 to 2.2.3

Changes:
2.2.3 (2016-04-13)
------------------
Bugfixes
~~~~~~~~
- Allowed the 4.X series of hyperframe releases as dependencies.

2.1.4 (2016-04-13)
------------------
Bugfixes
~~~~~~~~
- Allowed the 4.X series of hyperframe releases as dependencies.

2.2.2 (2016-04-05)
------------------
Bugfixes
~~~~~~~~
- Fixed issue where informational responses were erroneously not allowed to be
  sent in the ``HALF_CLOSED_REMOTE`` state.
- Fixed issue where informational responses were erroneously not allowed to be
  received in the ``HALF_CLOSED_LOCAL`` state.
- Fixed issue where we allowed information responses to be sent or received
  after final responses.

2.2.1 (2016-03-23)
------------------
Bugfixes
~~~~~~~~
- Fixed issue where users using locales that did not default to UTF-8 were
  unable to install source distributions of the package.

2.2.0 (2016-03-23)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added support for sending informational responses (responses with 1XX status)
  codes as part of the standard flow. HTTP/2 allows zero or more informational
  responses with no upper limit: hyper-h2 does too.
- Added support for receiving informational responses (responses with 1XX
  status) codes as part of the standard flow. HTTP/2 allows zero or more
  informational responses with no upper limit: hyper-h2 does too.
- Added a new event: ``ReceivedInformationalResponse``. This response is fired
  when informational responses (those with 1XX status codes).
- Added an ``additional_data`` field to the ``ConnectionTerminated`` event that
  carries any additional data sent on the GOAWAY frame. May be ``None`` if no
  such data was sent.
- Added the ``initial_values`` optional argument to the ``Settings`` object.

Bugfixes
~~~~~~~~
- Correctly reject all of the connection-specific headers mentioned in RFC 7540
  § 8.1.2.2, not just the ``Connection:`` header.
- Defaulted the value of ``SETTINGS_MAX_CONCURRENT_STREAMS`` to 100, unless
  explicitly overridden. This is a safe defensive initial value for this
  setting.

2.1.3 (2016-03-16)
------------------
Deprecations
~~~~~~~~~~~~
- Passing dictionaries to ``send_headers`` as the header block is deprecated,
  and will be removed in 3.0.

2.1.2 (2016-02-17)
------------------
Bugfixes
~~~~~~~~
- Reject attempts to push streams on streams that were themselves pushed:
  streams can only be pushed on streams that were initiated by the client.
- Correctly allow CONTINUATION frames to extend the header block started by a
  PUSH_PROMISE frame.
- Changed our handling of frames received on streams that were reset by the
  user.
  Previously these would, at best, cause ProtocolErrors to be raised and the
  connection to be torn down (rather defeating the point of resetting streams
  at all) and, at worst, would cause subtle inconsistencies in state between
  hyper-h2 and the remote peer that could lead to header block decoding errors
  or flow control blockages.
  Now when the user resets a stream all further frames received on that stream
  are ignored except where they affect some form of connection-level state,
  where they have their effect and are then ignored.
- Fixed a bug whereby receiving a PUSH_PROMISE frame on a stream that was
  closed would cause a RST_STREAM frame to be emitted on the closed-stream,
  but not the newly-pushed one. Now this causes a ``ProtocolError``.
   2016-02-16 14:49:56 by Leonardo Taccari | Files touched by this commit (5)
Log message:
Import py-h2-2.1.1 as www/py-h2.

Hyper-h2 is a HTTP/2 protocol stack, written entirely in Python. The goal
of Hyper-h2 is to be a common HTTP/2 stack for the Python ecosystem, usable
in all programs regardless of concurrency model or environment.

To achieve this, Hyper-h2 is entirely self-contained: it does no I/O of any
kind, leaving that up to a wrapper library to control. This ensures that it
can seamlessly work in all kinds of environments, from single-threaded code
to Twisted.

Its goal is to be 100% compatible with RFC 7540, implementing a complete
HTTP/2 protocol stack build on a set of finite state machines. Its
secondary goals are to be fast, clear, and efficient.