[WIP] use llhttp as default HTTP parser

[derekargueta]

Description: Uses llhttp to parse HTTP/1.1 traffic. A compile-time switch is provided to use the legacy Node http-parser. Preprocessor macros were selected due to global naming conflicts between the two libraries. The alternative to make it a runtime switch would require #includeing the libraries within separate namespaces (I can backtrack to this option if it's more desirable).
TODO

• resolve lenient_http_headers issue as mentioned on the ticket
• fix BadRequestNoStream test to not open a new stream

There are other places that still use the http-parser, notably the http_inspector network filter and the url parsing utilities.

Risk Level: medium
Testing: existing
Docs Changes:
Release Notes:
Fixes #5155
Deprecated: http-parser

[indutny]

Fantastic work, @derekargueta ! I'm curious if this will bring any noticeable performance improvements to envoyproxy!

[indutny]

There is a new opportunity for detailed errors here. One could potentially use llhttp_get_error_reason to get the detailed reason for the error.

[lizan]

not used?

[lizan]

can we always return HPE_PAUSED and let the calling site call http_parser_pause? i.e. here: https://github.com/envoyproxy/envoy/pull/9033/files#diff-2ba39613a1b78b994ec31ddd03cf42f5R342

same for other places.

[lizan]

we don't always handle upgrade today? don't we need to check handling_upgrade_ here before resume?

[htuch]

@envoyproxy/security-team for review as well.

[mattklein123]

@derekargueta awesome stuff. I put this comment in the issue, but is it possible to compile both in for a period of time so we can feature flag which parser to use?

/wait-any

[alyssawilk]

+1 to what Matt said. I'm super excited for the switch and it'd be even better if we can runtime switch this for a release or two!

[indutny]

FWIW, I've created a PR to introduce lenient parsing to llhttp: nodejs/llhttp#33 .

[derekargueta]

@mattklein123 @alyssawilk yeah I started working on a runtime switch. The catch is that llhttp.h and http_parser.h can't be in the same compilation unit due to conflicting enum definitions (ODR \o/) so the solution I have working so far uses the pimpl pattern to contain those libraries in source files. I'm a bit concerned about introducing pointer-indirection in the hot path, but am planning on writing a few benchmark tests to justify the change. Doesn't seem we have codec benchmark tests yet, and it could also give perf feedback on the difference between the two libraries. If I'm going overboard or there's a better pattern I'd be happy to hear it 🙂

[lizan]

@derekargueta from a quick glance it doesn't seems have conflicting enum between llhttp and http_parser, seems everything in llhttp is prefixed with llhttp_. I don't think pimpl solves the ODR because you still link them together at the end.

[derekargueta]

@lizan sorry I misspoke, it's not the enum's themselves (which you are correct, llhttp is prefixed with llhttp_) but the enum values since they are plain C enums and not C++ class-enums.

When the 2 are included into the same context (directly or transitively):

...
In file included from source/common/http/http1/comparison.cc:7:
external/com_github_nodejs_http_parser/http_parser.h:210:19: error: redefinition of enumerator 'HTTP_REBIND'
  HTTP_METHOD_MAP(XX)
                  ^
external/com_github_nodejs_llhttp/include/llhttp.h:124:3: note: previous definition is here
  HTTP_REBIND = 17,
  ^
In file included from source/common/http/http1/comparison.cc:7:
external/com_github_nodejs_http_parser/http_parser.h:210:19: error: redefinition of enumerator 'HTTP_UNBIND'
  HTTP_METHOD_MAP(XX)
                  ^
external/com_github_nodejs_llhttp/include/llhttp.h:125:3: note: previous definition is here
  HTTP_UNBIND = 18,
  ^

[jmarantz]

Can we change llhttp to prefix it's enum values? I am not sure that is necessary though.

We should have an abstraction layer with its own enum to enable the switch, right?

[lizan]

@derekargueta thanks that makes sense, yeah then you need two classes implement same interface in different compilation unit to make it work.

[stale]

This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[derekargueta]

Still very much a WIP, not yet ready for full review but high-level comments welcome. Wrestling with getting the static-casting right from void* to ParserCallbacks*, then likely debugging a few tests, and cleaning up misc comments & cruft. Also still massaging the abstractions a bit.

This introduces quite a few abstractions with the aim of completely decoupling the HTTP parser from the codec/connectionimpl which is necessary for the 2 libraries to coexist. Main components are

• ParserCallbacks, an interface the {Server|Client}ConnectionImpl classes implement to hook into the parser callbacks
• ParserFactory for constructing the parser
• Parser/LlHttpParserImpl/LegacyHttpParserImpl which is where the PImpl pattern mentioned earlier is being used to encapsulate the libraries in separate compilation units.

Also keeping an eye on #8667 which looks like will have conflicts with this PR

[alyssawilk]

Huzzah for progress!
some high level comments while you're doing clean up :-)

[alyssawilk]

Drive by comment as you clean things up, I wouldn't default this on until we've had some fuzzing aimed at it.
I'd be inclined to land default off, make sure we have comparable fuzzing coverage, encourage folks to smoke test it on, fuzz for a few weeks, and then switch the default.

[derekargueta]

Sure, will flip this off-by-default for now

[alyssawilk]

While you're doing your clean-up, WDYD of landing some of the pure refactor as its own PR?
It'd let us land some of this ASAP, make for easier and smaller reviews, etc.

[derekargueta]

Sure I can break this up a bit (I was admittedly surprised how large the delta was once I got the refactor building)

[alyssawilk]

As long as we're able to link both, why not make this based on runtime?
I could imagine finding an issue where things don't work as expected, and switching all new connections over is safer than changing command line flags and doing fleet-wide restarts

[derekargueta]

Are you suggesting just runtime value and not introducing a flag? Or keeping the flag but allow runtime to override? I'm guessing the former since the latter could be confusing to someone seeing the flag enabled but not knowing the runtime value is overriding it, but just want to clarify.

[alyssawilk]

I definitely think it's worth having runtime. Neutral about flags - last I heard from Matt most non-google companies don't use command line flags heavily so if you folks don't need it I'd lean towards sticking with one configuration method for consistency, as you say.

[mattklein123]

Yeah I would probably just do runtime.

[alyssawilk]

Is this an optimization because we're confident the new parser handles this for us? I'd think we wouldn't want to allow \0 for the new version either.
(calling out because if we make this a runtime switch we can't depend on the previously stable value)

[yanavlasov]

absl::StrCat would be a good think to use here.

[yanavlasov]

Would it make sense to return ParserStatus here? Or would it be too much work to translate from implementation specific status to the ParserStatus?

[yanavlasov]

Would it make sense to make method to be type Method?

[yanavlasov]

Do both parsers need to know about CONNECT?

[yanavlasov]

Is this code common to both http_parser and llhttp? What would http_parser do with 2?

[moderation]

llhttp 2.0.2 was just released - https://github.com/nodejs/llhttp/releases/tag/release%2Fv2.0.2

[moderation]

llhttp 2.0.3 was just released - https://github.com/nodejs/llhttp/releases/tag/release%2Fv2.0.3

[moderation]

llhttp 2.0.4 was just released - https://github.com/nodejs/llhttp/releases/tag/v2.0.4

[moderation]

llhttp 2.0.5 released - https://github.com/nodejs/llhttp/releases/tag/v2.0.5

[moderation]

As @indutny mentioned at #5155 (comment), llhttp 2.1.1 released - https://github.com/nodejs/llhttp/releases/tag/v2.1.1

[moderation]

llhttp 2.2.0 released - https://github.com/nodejs/llhttp/releases/tag/v2.2.0

[moderation]

llhttp 3.0.0 released - https://github.com/nodejs/llhttp/releases/tag/release%2Fv3.0.0

[stale]

This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[stale]

This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[stale]

This pull request has been automatically closed because it has not had activity in the last 14 days. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!