Update man pages

Bump up version number to 1.2.1, LT revision to 14:8:0
h2load: Use default Config values to show help
2025-12-08 11:08:52 +08:00 · 2015-08-14 23:59:47 +09:00 · 2015-08-14 23:55:08 +09:00 · 2015-08-14 23:22:26 +09:00 · 2015-08-14 22:44:14 +09:00 · 2015-08-14 22:38:23 +09:00
337 changed files with 46574 additions and 18675 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,14 +1,18 @@
+# emacs backup file
 *~
-*.o
-*.lo
+
+# autotools
 *.la
-depcomp
+*.lo
 *.m4
+*.o
+.deps/
+.libs/
+INSTALL
 Makefile
 Makefile.in
-libtool
-missing
 autom4te.cache/
+compile
 config.guess
 config.h
 config.h.in
@@ -16,34 +20,21 @@ config.log
 config.status
 config.sub
 configure
+depcomp
 install-sh
-.deps/
-.libs
-lib/includes/nghttp2/nghttp2ver.h
-lib/libnghttp2.pc
-src/libnghttp2_asio.pc
+libtool
 ltmain.sh
+missing
 stamp-h1
-.deps/
-INSTALL
-.DS_STORE
-compile
 test-driver
-.dirstamp
-doc/index.rst
-doc/nghttp2.h.rst
-doc/nghttp2ver.h.rst
-doc/package_README.rst
-doc/tutorial-client.rst
-doc/tutorial-server.rst
-doc/nghttpx-howto.rst
-doc/h2load-howto.rst
-doc/tutorial-hpack.rst
-doc/python-apiref.rst
-doc/building-android-binary.rst
-doc/asio_http2.h.rst
-doc/libnghttp2_asio.rst
-doc/contribute.rst
-python/setup.py
-python/dist
-python/MANIFEST
+
+# test logs generated by `make check`
+*.log
+*.trs
+
+lib/MSVC_obj/
+_VC_ROOT/
+.depend.MSVC
+*.pyd
+*.egg-info/
+python/nghttp2.c
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,32 +1,31 @@
 language: cpp
 compiler:
  - clang
-#Disable gcc build for the moment...
-#  - gcc
-python:
- - "3.4" 
+  - gcc
+sudo: false
+addons:
+  apt:
+    sources:
+    - ubuntu-toolchain-r-test
+    packages:
+    - g++-4.9
+    - libstdc++-4.9-dev
+    - autoconf
+    - automake
+    - autotools-dev
+    - libtool
+    - pkg-config
+    - zlib1g-dev
+    - libcunit1-dev
+    - libssl-dev
+    - libxml2-dev
+    - libev-dev
+    - libevent-dev
+    - libjansson-dev
+    - libjemalloc-dev
 before_install:
  - $CC --version
-  - sudo add-apt-repository --yes ppa:ubuntu-toolchain-r/test
-  - sudo apt-get update -qq
-    #Install and use gcc-4.8 (don't build with gcc-4.6)
-    #libstdc++-4.8 is needed by Clang to build too
-  - sudo apt-get -qq install g++-4.8 libstdc++-4.8-dev
-  - >
-      sudo apt-get install --no-install-recommends -qq
-      autoconf
-      automake
-      autotools-dev
-      libtool
-      pkg-config
-      zlib1g-dev
-      libcunit1-dev
-      libssl-dev
-      libxml2-dev
-      libevent-dev
-      libjansson-dev
-      libjemalloc-dev
-  - if [ "$CXX" = "g++" ]; then export CXX="g++-4.8" CC="gcc-4.8"; fi
+  - if [ "$CXX" = "g++" ]; then export CXX="g++-4.9" CC="gcc-4.9"; fi
  - $CC --version
 before_script:
  - autoreconf -i
--- a/18
+++ b/18
@@ -0,0 +1,18 @@
+[The text below was composed based on 1.2. License section of
+curl/libcurl project.]
+
+When contributing with code, you agree to put your changes and new
+code under the same license nghttp2 is already using unless stated and
+agreed otherwise.
+
+When changing existing source code, you do not alter the copyright of
+the original file(s).  The copyright will still be owned by the
+original creator(s) or those who have been assigned copyright by the
+original author(s).
+
+By submitting a patch to the nghttp2 project, you are assumed to have
+the right to the code and to be allowed by your employer or whatever
+to hand over that patch/code to us.  We will credit you for your
+changes as far as possible, to give credit but also to keep a trace
+back to who made what changes.  Please always provide us with your
+full real name when contributing!
--- a/21
+++ b/21
@@ -1,6 +1,6 @@
 The MIT License

-Copyright (c) 2012, 2014 Tatsuhiro Tsujikawa
+Copyright (c) 2012, 2014, 2015 Tatsuhiro Tsujikawa

 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
@@ -20,22 +20,3 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-[The text below was composed based on 1.2. License section of
-curl/libcurl project.]
-
-When contributing with code, you agree to put your changes and new
-code under the same license nghttp2 is already using unless stated and
-agreed otherwise.
-
-When changing existing source code, you do not alter the copyright of
-the original file(s).  The copyright will still be owned by the
-original creator(s) or those who have been assigned copyright by the
-original author(s).
-
-By submitting a patch to the nghttp2 project, you are assumed to have
-the right to the code and to be allowed by your employer or whatever
-to hand over that patch/code to us.  We will credit you for your
-changes as far as possible, to give credit but also to keep a trace
-back to who made what changes.  Please always provide us with your
-full real name when contributing!
--- a/Dockerfile.android
+++ b/Dockerfile.android
@@ -1,3 +1,4 @@
+# vim: ft=dockerfile:
 # Dockerfile to build nghttp2 android binary
 #
 # $ sudo docker build -t nghttp2-android - < Dockerfile.android
@@ -9,7 +10,7 @@
 #
 # $ sudo docker run -v /path/to/dest:/out nghttp2-android cp /root/build/nghttp2/src/nghttpx /out

-FROM ubuntu
+FROM ubuntu:vivid

 MAINTAINER Tatsuhiro Tsujikawa

@@ -29,11 +30,12 @@ RUN apt-get install -y make binutils autoconf automake autotools-dev libtool \
    genisoimage libc6-i386 lib32stdc++6

 WORKDIR /root/build
-RUN curl -L -O http://dl.google.com/android/ndk/android-ndk-r10c-linux-x86_64.bin
-RUN chmod a+x android-ndk-r10c-linux-x86_64.bin
-RUN ./android-ndk-r10c-linux-x86_64.bin
+RUN curl -L -O http://dl.google.com/android/ndk/android-ndk-r10d-linux-x86_64.bin && \
+    chmod a+x android-ndk-r10d-linux-x86_64.bin && \
+    ./android-ndk-r10d-linux-x86_64.bin && \
+    rm android-ndk-r10d-linux-x86_64.bin

-WORKDIR /root/build/android-ndk-r10c
+WORKDIR /root/build/android-ndk-r10d
 RUN /bin/bash build/tools/make-standalone-toolchain.sh \
    --install-dir=$ANDROID_HOME/toolchain \
    --toolchain=arm-linux-androideabi-4.9 --llvm-version=3.5 \
@@ -57,18 +59,24 @@ RUN autoreconf -i && \
    make install

 WORKDIR /root/build
-RUN curl -L -O https://www.openssl.org/source/openssl-1.0.1j.tar.gz
-RUN tar xf openssl-1.0.1j.tar.gz
-WORKDIR /root/build/openssl-1.0.1j
+RUN curl -L -O https://www.openssl.org/source/openssl-1.0.2a.tar.gz && \
+    tar xf openssl-1.0.2a.tar.gz && \
+    rm openssl-1.0.2a.tar.gz
+
+WORKDIR /root/build/openssl-1.0.2a
 RUN export CROSS_COMPILE=$TOOLCHAIN/bin/arm-linux-androideabi- && \
    ./Configure --prefix=$PREFIX android && \
    make && make install_sw

 WORKDIR /root/build
-RUN curl -L -O https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz
-RUN tar xf libevent-2.0.21-stable.tar.gz
-WORKDIR /root/build/libevent-2.0.21-stable
-RUN ./configure \
+RUN curl -L -O http://dist.schmorp.de/libev/libev-4.19.tar.gz && \
+    curl -L -O https://gist.github.com/tatsuhiro-t/48c45f08950f587180ed/raw/80a8f003b5d1091eae497c5995bbaa68096e739b/libev-4.19-android.patch && \
+    tar xf libev-4.19.tar.gz && \
+    rm libev-4.19.tar.gz
+
+WORKDIR /root/build/libev-4.19
+RUN patch -p1 < ../libev-4.19-android.patch && \
+    ./configure \
    --host=arm-linux-androideabi \
    --build=`dpkg-architecture -qDEB_BUILD_GNU_TYPE` \
    --prefix=$PREFIX \
@@ -78,6 +86,25 @@ RUN ./configure \
    LDFLAGS=-L$PREFIX/lib && \
    make install

+WORKDIR /root/build
+RUN curl -L -O http://zlib.net/zlib-1.2.8.tar.gz && \
+    tar xf zlib-1.2.8.tar.gz && \
+    rm zlib-1.2.8.tar.gz
+
+WORKDIR /root/build/zlib-1.2.8
+RUN HOST=arm-linux-androideabi \
+    CC=$HOST-gcc \
+    AR=$HOST-ar \
+    LD=$HOST-ld \
+    RANLIB=$HOST-ranlib \
+    STRIP=$HOST-strip \
+    ./configure \
+    --prefix=$PREFIX \
+    --libdir=$PREFIX/lib \
+    --includedir=$PREFIX/include \
+    --static && \
+    make install
+
 WORKDIR /root/build
 RUN git clone https://github.com/tatsuhiro-t/nghttp2
 WORKDIR /root/build/nghttp2
@@ -93,8 +120,9 @@ RUN autoreconf -i && \
    --disable-threads \
    LIBSPDYLAY_CFLAGS=-I$PREFIX/usr/local/include \
    LIBSPDYLAY_LIBS="-L$PREFIX/usr/local/lib -lspdylay" \
-    CPPFLAGS="-I$PREFIX/include" \
+    CPPFLAGS="-fPIE -I$PREFIX/include" \
+    CXXFLAGS="-fno-strict-aliasing" \
    PKG_CONFIG_LIBDIR="$PREFIX/lib/pkgconfig" \
-    LDFLAGS="-L$PREFIX/lib" && \
+    LDFLAGS="-fPIE -pie -L$PREFIX/lib" && \
    make && \
    arm-linux-androideabi-strip src/nghttpx src/nghttpd src/nghttp
--- a/Makefile.am
+++ b/Makefile.am
@@ -20,7 +20,13 @@
 # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-SUBDIRS = lib third-party src examples python tests doc contrib
+SUBDIRS = lib third-party src examples python tests integration-tests \
+	doc contrib script
+
+# Now with python setuptools, make uninstall will leave many files we
+# cannot easily remove (e.g., easy-install.pth).  Disable it for
+# distcheck rule.
+AM_DISTCHECK_CONFIGURE_FLAGS = --disable-python-bindings

 ACLOCAL_AMFLAGS = -I m4

@@ -29,7 +35,7 @@ dist_doc_DATA = README.rst
 EXTRA_DIST = nghttpx.conf.sample proxy.pac.sample android-config android-make \
 	Dockerfile.android

-.PONY: clang-format
+.PHONY: clang-format

 # Format source files using clang-format.  Don't format source files
 # under third-party directory since we are not responsible for thier
--- a/README.rst
+++ b/README.rst
--- a/8
+++ b/8
@@ -39,7 +39,9 @@ PATH=$TOOLCHAIN/bin:$PATH
    --without-libxml2 \
    --disable-python-bindings \
    --disable-examples \
-    --disable-threads \
-    CPPFLAGS="-I$PREFIX/include" \
+    --enable-werror \
+    CC=clang \
+    CXX=clang++ \
+    CPPFLAGS="-fPIE -I$PREFIX/include" \
    PKG_CONFIG_LIBDIR="$PREFIX/lib/pkgconfig" \
-    LDFLAGS="-L$PREFIX/lib"
+    LDFLAGS="-fPIE -pie -L$PREFIX/lib"
--- a/configure.ac
+++ b/configure.ac
@@ -1,6 +1,6 @@
 dnl nghttp2 - HTTP/2 C Library

-dnl Copyright (c) 2012, 2013 Tatsuhiro Tsujikawa
+dnl Copyright (c) 2012, 2013, 2014, 2015 Tatsuhiro Tsujikawa

 dnl Permission is hereby granted, free of charge, to any person obtaining
 dnl a copy of this software and associated documentation files (the
@@ -20,15 +20,36 @@ dnl NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 dnl LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 dnl OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 dnl WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+dnl Do not change user variables!
+dnl http://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html
+
 AC_PREREQ(2.61)
-AC_INIT([nghttp2], [0.6.7], [t-tujikawa@users.sourceforge.net])
+AC_INIT([nghttp2], [1.2.1], [t-tujikawa@users.sourceforge.net])
+AC_CONFIG_AUX_DIR([.])
+AC_CONFIG_MACRO_DIR([m4])
+AC_CONFIG_HEADERS([config.h])
+AC_USE_SYSTEM_EXTENSIONS
+
 LT_PREREQ([2.2.6])
 LT_INIT()
+
+AC_CANONICAL_BUILD
+AC_CANONICAL_HOST
+AC_CANONICAL_TARGET
+
+AM_INIT_AUTOMAKE([subdir-objects])
+# comment out for now since this requires automake 1.13 or higher and
+# travis has older one.
+# AM_EXTRA_RECURSIVE_TARGETS([it])
+
+m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
+
 dnl See versioning rule:
 dnl  http://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html
-AC_SUBST(LT_CURRENT, 7)
-AC_SUBST(LT_REVISION, 2)
-AC_SUBST(LT_AGE, 2)
+AC_SUBST(LT_CURRENT, 14)
+AC_SUBST(LT_REVISION, 8)
+AC_SUBST(LT_AGE, 0)

 major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"`
 minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"`
@@ -38,18 +59,6 @@ PACKAGE_VERSION_NUM=`printf "0x%02x%02x%02x" "$major" "$minor" "$patch"`

 AC_SUBST(PACKAGE_VERSION_NUM)

-AC_CANONICAL_BUILD
-AC_CANONICAL_HOST
-AC_CANONICAL_TARGET
-
-AC_CONFIG_MACRO_DIR([m4])
-
-AM_INIT_AUTOMAKE([subdir-objects])
-
-m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
-
-AC_CONFIG_HEADERS([config.h])
-
 dnl Checks for command-line options
 AC_ARG_ENABLE([werror],
    [AS_HELP_STRING([--enable-werror],
@@ -92,9 +101,9 @@ AC_ARG_ENABLE([python-bindings],
    [request_python_bindings=$enableval], [request_python_bindings=check])

 AC_ARG_ENABLE([failmalloc],
-    [AS_HELP_STRING([--enable-failmalloc],
-                    [Build failmalloc test program [default=no]])],
-    [request_failmalloc=$enableval], [request_failmalloc=no])
+    [AS_HELP_STRING([--disable-failmalloc],
+                    [Do not build failmalloc test program])],
+    [request_failmalloc=$enableval], [request_failmalloc=yes])

 AC_ARG_WITH([libxml2],
    [AS_HELP_STRING([--with-libxml2],
@@ -122,14 +131,17 @@ AC_ARG_VAR([CYTHON], [the Cython executable])
 dnl Checks for programs
 AC_PROG_CC
 AC_PROG_CXX
+AC_PROG_CPP
 AC_PROG_INSTALL
 AC_PROG_LN_S
 AC_PROG_MAKE_SET
-AM_PROG_CC_C_O
+AC_PROG_MKDIR_P
+
 PKG_PROG_PKG_CONFIG([0.20])

+AM_PATH_PYTHON([2.7],, [:])
+
 if [test "x$request_python_bindings" != "xno"]; then
-  AM_PATH_PYTHON([2.7],, [:])
  AX_PYTHON_DEVEL([>= '2.7'])
 fi

@@ -158,24 +170,6 @@ AX_CXX_COMPILE_STDCXX_11([noext], [optional])

 AC_LANG_PUSH(C++)

-# Check that std::chrono::steady_clock is available. In particular,
-# gcc 4.6 does not have one, but has monotonic_clock which is the old
-# name existed in the pre-standard draft. If steady_clock is not
-# available, don't define HAVE_STEADY_CLOCK and replace steady_clock
-# with monotonic_clock.
-AC_MSG_CHECKING([whether std::chrono::steady_clock is available])
-AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
-[[
-#include <chrono>
-]],
-[[
-auto tp = std::chrono::steady_clock::now();
-]])],
-    [AC_DEFINE([HAVE_STEADY_CLOCK], [1],
-               [Define to 1 if you have the `std::chrono::steady_clock`.])
-     AC_MSG_RESULT([yes])],
-    [AC_MSG_RESULT([no])])
-
 # Check that std::future is available.
 AC_MSG_CHECKING([whether std::future is available])
 AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
@@ -193,53 +187,49 @@ std::vector<std::future<int>> v;
    [have_std_future=no
     AC_MSG_RESULT([no])])

+# Check that std::map::emplace is available for g++-4.7.
+AC_MSG_CHECKING([whether std::map::emplace is available])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
+[[
+#include <map>
+]],
+[[
+std::map<int, int>().emplace(1, 2);
+]])],
+    [AC_DEFINE([HAVE_STD_MAP_EMPLACE], [1],
+               [Define to 1 if you have the `std::map::emplace`.])
+     have_std_map_emplace=yes
+     AC_MSG_RESULT([yes])],
+    [have_std_map_emplace=no
+     AC_MSG_RESULT([no])])
+
 AC_LANG_POP()

 # Checks for libraries.

 # Additional libraries required for tests.
-TESTS_LIBS=
+TESTLDADD=

 # Additional libraries required for programs under src directory.
-SRC_LIBS=
-
-LIBS_OLD=$LIBS
-# Search for dlsym function, which is used in tests. Linux needs -ldl,
-# but netbsd does not need it.
-AC_SEARCH_LIBS([dlsym], [dl])
-TESTS_LIBS="$LIBS $TESTS_LIBS"
-LIBS=$LIBS_OLD
-
-LIBS_OLD=$LIBS
-AC_SEARCH_LIBS([clock_gettime], [rt],
-               [AC_DEFINE([HAVE_CLOCK_GETTIME], [1],
-                          [Define to 1 if you have the `clock_gettime`.])])
-SRC_LIBS="$LIBS $SRC_LIBS"
-LIBS=$LIBS_OLD
+APPLDFLAGS=

 case "$host" in
  *android*)
    android_build=yes
-    # android does not need -pthread, but needs followng 2 libs for C++
-    SRC_LIBS="$SRC_LIBS -lstdc++ -lsupc++"
+    # android does not need -pthread, but needs followng 3 libs for C++
+    APPLDFLAGS="$APPLDFLAGS -lstdc++ -latomic -lsupc++"
    ;;
  *)
    PTHREAD_LDFLAGS="-pthread"
-    SRC_LIBS="$SRC_LIBS $PTHREAD_LDFLAGS"
+    APPLDFLAGS="$APPLDFLAGS $PTHREAD_LDFLAGS"
    ;;
 esac

 # zlib
-if test "x$android_build" = "xyes"; then
-  # Use zlib provided by NDK
-  SRC_LIBS="-lz $SRC_LIBS"
-  have_zlib=yes
-else
-  PKG_CHECK_MODULES([ZLIB], [zlib >= 1.2.3], [have_zlib=yes], [have_zlib=no])
+PKG_CHECK_MODULES([ZLIB], [zlib >= 1.2.3], [have_zlib=yes], [have_zlib=no])

-  if test "x${have_zlib}" = "xno"; then
+if test "x${have_zlib}" = "xno"; then
  AC_MSG_NOTICE($ZLIB_PKG_ERRORS)
-  fi
 fi

 # cunit
@@ -271,6 +261,22 @@ fi

 AM_CONDITIONAL([HAVE_CUNIT], [ test "x${have_cunit}" = "xyes" ])

+# libev (for src)
+# libev does not have pkg-config file.  Check it in an old way.
+LIBS_OLD=$LIBS
+# android requires -lm for floor
+AC_CHECK_LIB([ev], [ev_time], [have_libev=yes], [have_libev=no], [-lm])
+if test "x${have_libev}" = "xyes"; then
+  AC_CHECK_HEADER([ev.h], [have_libev=yes], [have_libev=no])
+  if test "x${have_libev}" = "xyes"; then
+    LIBEV_LIBS=-lev
+    LIBEV_CFLAGS=
+    AC_SUBST([LIBEV_LIBS])
+    AC_SUBST([LIBEV_CFLAGS])
+  fi
+fi
+LIBS=$LIBS_OLD
+
 # openssl (for src)
 PKG_CHECK_MODULES([OPENSSL], [openssl >= 1.0.1],
                  [have_openssl=yes], [have_openssl=no])
@@ -278,7 +284,7 @@ if test "x${have_openssl}" = "xno"; then
  AC_MSG_NOTICE($OPENSSL_PKG_ERRORS)
 fi

-# libevent_openssl (for src)
+# libevent_openssl (for examples)
 # 2.0.8 is required because we use evconnlistener_set_error_cb()
 PKG_CHECK_MODULES([LIBEVENT_OPENSSL], [libevent_openssl >= 2.0.8],
                  [have_libevent_openssl=yes], [have_libevent_openssl=no])
@@ -289,7 +295,7 @@ fi
 # jansson (for src/nghttp, src/deflatehd and src/inflatehd)
 PKG_CHECK_MODULES([JANSSON], [jansson >= 2.5],
                  [have_jansson=yes], [have_jansson=no])
-if test "x${have_jansson}" == "xyes"; then
+if test "x${have_jansson}" = "xyes"; then
  AC_DEFINE([HAVE_JANSSON], [1],
            [Define to 1 if you have `libjansson` library.])
 else
@@ -319,9 +325,23 @@ if test "x${request_jemalloc}" != "xno"; then
  AC_SEARCH_LIBS([malloc_stats_print], [jemalloc], [have_jemalloc=yes], [],
                 [$PTHREAD_LDFLAGS])
  LIBS=$LIBS_OLD
+
+  if test "x${have_jemalloc}" = "xyes"; then
+    jemalloc_libs=${ac_cv_search_malloc_stats_print}
+  else
+    # On Darwin, malloc_stats_print is je_malloc_stats_print
+    AC_SEARCH_LIBS([je_malloc_stats_print], [jemalloc], [have_jemalloc=yes], [],
+                   [$PTHREAD_LDFLAGS])
+    LIBS=$LIBS_OLD
+
+    if test "x${have_jemalloc}" = "xyes"; then
+      jemalloc_libs=${ac_cv_search_je_malloc_stats_print}
+    fi
+  fi
+
  if test "x${have_jemalloc}" = "xyes" &&
-     test "x${ac_cv_search_malloc_stats_print}" != "xnone required"; then
-    JEMALLOC_LIBS=${ac_cv_search_malloc_stats_print}
+     test "x${jemalloc_libs}" != "xnone required"; then
+    JEMALLOC_LIBS=${jemalloc_libs}
    AC_SUBST([JEMALLOC_LIBS])
  fi
 fi
@@ -334,7 +354,7 @@ fi
 # spdylay (for src/nghttpx and src/h2load)
 have_spdylay=no
 if test "x${request_spdylay}" != "xno"; then
-  PKG_CHECK_MODULES([LIBSPDYLAY], [libspdylay >= 1.3.0],
+  PKG_CHECK_MODULES([LIBSPDYLAY], [libspdylay >= 1.3.2],
                    [have_spdylay=yes], [have_spdylay=no])
  if test "x${have_spdylay}" = "xyes"; then
    AC_DEFINE([HAVE_SPDYLAY], [1], [Define to 1 if you have `spdylay` library.])
@@ -371,12 +391,12 @@ if test "x${request_asio_lib}" = "xyes"; then
 fi

 # The nghttp, nghttpd and nghttpx under src depend on zlib, OpenSSL
-# and libevent_openssl
+# and libev
 enable_app=no
 if test "x${request_app}" != "xno" &&
   test "x${have_zlib}" = "xyes" &&
   test "x${have_openssl}" = "xyes" &&
-   test "x${have_libevent_openssl}" = "xyes"; then
+   test "x${have_libev}" = "xyes"; then
  enable_app=yes
 fi

@@ -426,6 +446,17 @@ fi

 AM_CONDITIONAL([ENABLE_EXAMPLES], [ test "x${enable_examples}" = "xyes" ])

+# third-party only be built when needed
+
+enable_third_party=no
+if test "x${enable_examples}" = "xyes" ||
+   test "x${enable_app}" = "xyes" ||
+   test "x${enable_asio_lib}" = "xyes"; then
+  enable_third_party=yes
+fi
+
+AM_CONDITIONAL([ENABLE_THIRD_PARTY], [ test "x${enable_third_party}" = "xyes" ])
+
 # Python bindings
 enable_python_bindings=no
 if test "x${request_python_bindings}" != "xno" &&
@@ -448,29 +479,34 @@ AM_CONDITIONAL([ENABLE_PYTHON_BINDINGS],
 AM_CONDITIONAL([HAVE_CYTHON], [test "x${CYTHON}" != "x"])

 # failmalloc tests
+enable_failmalloc=no
+if test "x${request_failmalloc}" = "xyes"; then
+  enable_failmalloc=yes
+fi
+
 AM_CONDITIONAL([ENABLE_FAILMALLOC], [ test "x${enable_failmalloc}" = "xyes" ])

 # Checks for header files.
 AC_HEADER_ASSERT
 AC_CHECK_HEADERS([ \
  arpa/inet.h \
+  fcntl.h \
+  inttypes.h \
+  limits.h \
+  netdb.h \
  netinet/in.h \
  pwd.h \
  stddef.h \
  stdint.h \
  stdlib.h \
  string.h \
+  sys/socket.h \
+  sys/time.h \
+  syslog.h \
  time.h \
  unistd.h \
 ])

-case "${host}" in
-  *mingw*)
-    # For ntohl, ntohs in Windows
-    AC_CHECK_HEADERS([winsock2.h])
-    ;;
-esac
-
 # Checks for typedefs, structures, and compiler characteristics.
 AC_TYPE_SIZE_T
 AC_TYPE_SSIZE_T
@@ -478,8 +514,16 @@ AC_TYPE_UINT8_T
 AC_TYPE_UINT16_T
 AC_TYPE_UINT32_T
 AC_TYPE_UINT64_T
+AC_TYPE_INT8_T
+AC_TYPE_INT16_T
+AC_TYPE_INT32_T
+AC_TYPE_INT64_T
+AC_TYPE_OFF_T
+AC_TYPE_PID_T
+AC_TYPE_UID_T
 AC_CHECK_TYPES([ptrdiff_t])
 AC_C_BIGENDIAN
+AC_C_INLINE
 AC_SYS_LARGEFILE

 AC_CHECK_MEMBER([struct tm.tm_gmtoff], [have_struct_tm_tm_gmtoff=yes],
@@ -490,15 +534,44 @@ if test "x$have_struct_tm_tm_gmtoff" = "xyes"; then
            [Define to 1 if you have `struct tm.tm_gmtoff` member.])
 fi

+# Check size of pointer to decide we need 8 bytes alignment
+# adjustment.
+AC_CHECK_SIZEOF([int *])
+
+AC_CHECK_SIZEOF([time_t])
+
 # Checks for library functions.
-if test "x$cross_compiling" != "xyes"; then
-  AC_FUNC_MALLOC
-fi
+
+# Don't check malloc, since it does not play nicely with C++ stdlib
+# AC_FUNC_MALLOC
+
+AC_FUNC_CHOWN
+AC_FUNC_ERROR_AT_LINE
+AC_FUNC_FORK
+# Don't check realloc, since LeakSanitizer detects memory leak during check
+# AC_FUNC_REALLOC
+AC_FUNC_STRERROR_R
+AC_FUNC_STRNLEN
+
 AC_CHECK_FUNCS([ \
  _Exit \
+  accept4 \
+  dup2 \
+  getcwd \
  getpwnam \
+  localtime_r \
+  memchr \
  memmove \
  memset \
+  socket \
+  sqrt \
+  strchr \
+  strdup \
+  strerror \
+  strndup \
+  strstr \
+  strtol \
+  strtoul \
  timegm \
 ])

@@ -515,12 +588,8 @@ AM_CONDITIONAL([ENABLE_TINY_NGHTTPD],
               [ test "x${have_epoll}" = "xyes" &&
                 test "x${have_timerfd_create}" = "xyes"])

-dnl Windows library for winsock2
-case "${host}" in
-  *mingw*)
-    LIBS="$LIBS -lws2_32"
-    ;;
-esac
+ac_save_CFLAGS=$CFLAGS
+CFLAGS=

 if test "x$werror" != "xno"; then
    AX_CHECK_COMPILE_FLAG([-Wall], [CFLAGS="$CFLAGS -Wall"])
@@ -554,18 +623,26 @@ if test "x$werror" != "xno"; then
    AX_CHECK_COMPILE_FLAG([-Wheader-guard], [CFLAGS="$CFLAGS -Wheader-guard"])
 fi

+WARNCFLAGS=$CFLAGS
+CFLAGS=$ac_save_CFLAGS
+
+AC_SUBST([WARNCFLAGS])
+
 if test "x$debug" != "xno"; then
    AC_DEFINE([DEBUGBUILD], [1], [Define to 1 to enable debug output.])
 fi

+enable_threads=yes
 # Some platform does not have working std::future.  We disable
-# threading for those platforms to exclude std::future use.
-if test "x$threads" != "xyes" || test "x$have_std_future" != "xyes"; then
+# threading for those platforms.
+if test "x$threads" != "xyes" ||
+   test "x$have_std_future" != "xyes"; then
+    enable_threads=no
    AC_DEFINE([NOTHREADS], [1], [Define to 1 if you want to disable threads.])
 fi

-AC_SUBST([TESTS_LIBS])
-AC_SUBST([SRC_LIBS])
+AC_SUBST([TESTLDADD])
+AC_SUBST([APPLDFLAGS])

 AC_CONFIG_FILES([
  Makefile
@@ -582,6 +659,9 @@ AC_CONFIG_FILES([
  examples/Makefile
  python/Makefile
  python/setup.py
+  integration-tests/Makefile
+  integration-tests/config.go
+  integration-tests/setenv
  doc/Makefile
  doc/conf.py
  doc/index.rst
@@ -597,8 +677,11 @@ AC_CONFIG_FILES([
  doc/nghttp2.h.rst
  doc/nghttp2ver.h.rst
  doc/asio_http2.h.rst
+  doc/asio_http2_server.h.rst
+  doc/asio_http2_client.h.rst
  doc/contribute.rst
  contrib/Makefile
+  script/Makefile
 ])
 AC_OUTPUT

@@ -609,6 +692,7 @@ AC_MSG_NOTICE([summary of build options:
    Install prefix: ${prefix}
    C compiler:     ${CC}
    CFLAGS:         ${CFLAGS}
+    WARNCFLAGS:     ${WARNCFLAGS}
    LDFLAGS:        ${LDFLAGS}
    LIBS:           ${LIBS}
    CPPFLAGS:       ${CPPFLAGS}
@@ -617,6 +701,7 @@ AC_MSG_NOTICE([summary of build options:
    CXXFLAGS:       ${CXXFLAGS}
    CXXCPP:         ${CXXCPP}
    Library types:  Shared=${enable_shared}, Static=${enable_static}
+    Python:
      Python:         ${PYTHON}
      PYTHON_VERSION: ${PYTHON_VERSION}
      pyexecdir:      ${pyexecdir}
@@ -624,22 +709,29 @@ AC_MSG_NOTICE([summary of build options:
      PYTHON_CPPFLAGS:${PYTHON_CPPFLAGS}
      PYTHON_LDFLAGS: ${PYTHON_LDFLAGS}
      Cython:         ${CYTHON}
+    Test:
      CUnit:          ${have_cunit}
+      Failmalloc:     ${enable_failmalloc}
+    Libs:
      OpenSSL:        ${have_openssl}
      Libxml2:        ${have_libxml2}
+      Libev:          ${have_libev}
      Libevent(SSL):  ${have_libevent_openssl}
      Spdylay:        ${have_spdylay}
      Jansson:        ${have_jansson}
      Jemalloc:       ${have_jemalloc}
+      Zlib:           ${have_zlib}
      Boost CPPFLAGS: ${BOOST_CPPFLAGS}
      Boost LDFLAGS:  ${BOOST_LDFLAGS}
      Boost::ASIO:    ${BOOST_ASIO_LIB}
      Boost::System:  ${BOOST_SYSTEM_LIB}
      Boost::Thread:  ${BOOST_THREAD_LIB}
+    Features:
      Applications:   ${enable_app}
      HPACK tools:    ${enable_hpack_tools}
      Libnghttp2_asio:${enable_asio_lib}
      Examples:       ${enable_examples}
      Python bindings:${enable_python_bindings}
-    Failmalloc:     ${request_failmalloc}
+      Threading:      ${enable_threads}
+      Third-party:    ${enable_third_party}
 ])
--- a/contrib/.gitignore
+++ b/contrib/.gitignore
@@ -1 +1,3 @@
 nghttpx-init
+nghttpx.service
+nghttpx-upstart.conf
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@@ -21,19 +21,24 @@
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

-EXTRA_DIST = nghttpx-init.in nghttpx-logrotate
+configfiles = nghttpx-init nghttpx.service nghttpx-upstart.conf
+
+EXTRA_DIST = $(configfiles:%=%.in) nghttpx-logrotate tlsticketupdate.go

 edit = sed -e 's|@bindir[@]|$(bindir)|g'

-nghttpx-init: Makefile
+nghttpx-init: %: $(srcdir)/%.in
 	rm -f $@ $@.tmp
-	$(edit) $(srcdir)/$@.in > $@.tmp
+	$(edit) $< > $@.tmp
 	chmod +x $@.tmp
 	mv $@.tmp $@

-nghttpx-init: $(srcdir)/nghttpx-init.in
+nghttpx.service nghttpx-upstart.conf: %: $(srcdir)/%.in
+	$(edit) $< > $@

-all-local: nghttpx-init
+$(configfiles): Makefile
+
+all-local: $(configfiles)

 clean-local:
-	-rm -f nghttpx-init nghttpx-init.tmp
+	-rm -f nghttpx-init.tmp $(configfiles)
--- a/contrib/nghttpx-logrotate
+++ b/contrib/nghttpx-logrotate
@@ -1,18 +1,11 @@
 /var/log/nghttpx/*.log {
  weekly
-        missingok
  rotate 52
+  missingok
  compress
  delaycompress
  notifempty
-        create 0640 www-data adm
-        sharedscripts
-        prerotate
-                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
-                        run-parts /etc/logrotate.d/httpd-prerotate; \
-                fi \
-        endscript
  postrotate
-                [ -s /run/nghttpx.pid ] && kill -USR1 `cat /run/nghttpx.pid`
+    killall -USR1 nghttpx 2> /dev/null || true
  endscript
 }
--- a/contrib/nghttpx-upstart.conf.in
+++ b/contrib/nghttpx-upstart.conf.in
@@ -0,0 +1,8 @@
+# vim: ft=upstart:
+
+description "HTTP/2 reverse proxy"
+
+start on runlevel [2]
+stop on runlevel [016]
+
+exec @bindir@/nghttpx
--- a/contrib/nghttpx.service.in
+++ b/contrib/nghttpx.service.in
@@ -0,0 +1,10 @@
+[Unit]
+Description=HTTP/2 experimental proxy
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=@bindir@/nghttpx --errorlog-syslog
+
+[Install]
+WantedBy=multi-user.target
--- a/contrib/tlsticketupdate.go
+++ b/contrib/tlsticketupdate.go
@@ -0,0 +1,113 @@
+//
+// nghttp2 - HTTP/2 C Library
+//
+// Copyright (c) 2015 Tatsuhiro Tsujikawa
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+package main
+
+import (
+	"bytes"
+	"crypto/rand"
+	"encoding/binary"
+	"flag"
+	"fmt"
+	"github.com/bradfitz/gomemcache/memcache"
+	"log"
+	"time"
+)
+
+func makeKey(len int) []byte {
+	b := make([]byte, len)
+	if _, err := rand.Read(b); err != nil {
+		log.Fatalf("rand.Read: %v", err)
+	}
+	return b
+}
+
+func main() {
+	var host = flag.String("host", "127.0.0.1", "memcached host")
+	var port = flag.Int("port", 11211, "memcached port")
+	var cipher = flag.String("cipher", "aes-128-cbc", "cipher for TLS ticket encryption")
+	var interval = flag.Int("interval", 3600, "interval to update TLS ticket keys")
+
+	flag.Parse()
+
+	var keylen int
+	switch *cipher {
+	case "aes-128-cbc":
+		keylen = 48
+	case "aes-256-cbc":
+		keylen = 80
+	default:
+		log.Fatalf("cipher: unknown cipher %v", cipher)
+	}
+
+	mc := memcache.New(fmt.Sprintf("%v:%v", *host, *port))
+
+	keys := [][]byte{
+		makeKey(keylen), // current encryption key
+		makeKey(keylen), // next encryption key; now decryption only
+	}
+
+	for {
+		buf := new(bytes.Buffer)
+		if err := binary.Write(buf, binary.BigEndian, uint32(1)); err != nil {
+			log.Fatalf("failed to write version: %v", err)
+		}
+
+		for _, key := range keys {
+			if err := binary.Write(buf, binary.BigEndian, uint16(keylen)); err != nil {
+				log.Fatalf("failed to write length: %v", err)
+			}
+			if _, err := buf.Write(key); err != nil {
+				log.Fatalf("buf.Write: %v", err)
+			}
+		}
+
+		mc.Set(&memcache.Item{
+			Key:        "nghttpx:tls-ticket-key",
+			Value:      buf.Bytes(),
+			Expiration: int32((*interval) + 300),
+		})
+
+		select {
+		case <-time.After(time.Duration(*interval) * time.Second):
+		}
+
+		// rotate keys.  the last key is now encryption key.
+		// generate new key and append it to the last, so that
+		// we can at least decrypt TLS ticket encrypted by new
+		// key on the host which does not get new key yet.
+		// keep at most past 11 keys as decryption only key
+		n := len(keys) + 1
+		if n > 13 {
+			n = 13
+		}
+		newKeys := make([][]byte, n)
+		newKeys[0] = keys[len(keys)-1]
+		copy(newKeys[1:], keys[0:n-2])
+		newKeys[n-1] = makeKey(keylen)
+
+		keys = newKeys
+	}
+
+}
--- a/doc/.gitignore
+++ b/doc/.gitignore
@@ -1,3 +1,24 @@
+# generated files
 apiref.rst
+asio_http2.h.rst
+asio_http2_client.h.rst
+asio_http2_server.h.rst
+building-android-binary.rst
 conf.py
-manual
+contribute.rst
+enums.rst
+h2load-howto.rst
+index.rst
+libnghttp2_asio.rst
+macros.rst
+manual/
+nghttp2.h.rst
+nghttp2_*.rst
+nghttp2ver.h.rst
+nghttpx-howto.rst
+package_README.rst
+python-apiref.rst
+tutorial-client.rst
+tutorial-hpack.rst
+tutorial-server.rst
+types.rst
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -23,10 +23,111 @@

 man_MANS = nghttp.1 nghttpd.1 nghttpx.1 h2load.1

+APIDOCS= \
+	apiref.rst \
+	macros.rst \
+	enums.rst \
+	types.rst \
+	nghttp2_check_header_name.rst \
+	nghttp2_check_header_value.rst \
+	nghttp2_hd_deflate_bound.rst \
+	nghttp2_hd_deflate_change_table_size.rst \
+	nghttp2_hd_deflate_del.rst \
+	nghttp2_hd_deflate_hd.rst \
+	nghttp2_hd_deflate_new.rst \
+	nghttp2_hd_deflate_new2.rst \
+	nghttp2_hd_inflate_change_table_size.rst \
+	nghttp2_hd_inflate_del.rst \
+	nghttp2_hd_inflate_end_headers.rst \
+	nghttp2_hd_inflate_hd.rst \
+	nghttp2_hd_inflate_new.rst \
+	nghttp2_hd_inflate_new2.rst \
+	nghttp2_is_fatal.rst \
+	nghttp2_nv_compare_name.rst \
+	nghttp2_option_del.rst \
+	nghttp2_option_new.rst \
+	nghttp2_option_set_no_auto_window_update.rst \
+	nghttp2_option_set_no_http_messaging.rst \
+	nghttp2_option_set_peer_max_concurrent_streams.rst \
+	nghttp2_option_set_no_recv_client_magic.rst \
+	nghttp2_pack_settings_payload.rst \
+	nghttp2_priority_spec_check_default.rst \
+	nghttp2_priority_spec_default_init.rst \
+	nghttp2_priority_spec_init.rst \
+	nghttp2_select_next_protocol.rst \
+	nghttp2_session_callbacks_del.rst \
+	nghttp2_session_callbacks_new.rst \
+	nghttp2_session_callbacks_set_before_frame_send_callback.rst \
+	nghttp2_session_callbacks_set_data_source_read_length_callback.rst \
+	nghttp2_session_callbacks_set_on_begin_frame_callback.rst \
+	nghttp2_session_callbacks_set_on_begin_headers_callback.rst \
+	nghttp2_session_callbacks_set_on_data_chunk_recv_callback.rst \
+	nghttp2_session_callbacks_set_on_frame_not_send_callback.rst \
+	nghttp2_session_callbacks_set_on_frame_recv_callback.rst \
+	nghttp2_session_callbacks_set_on_frame_send_callback.rst \
+	nghttp2_session_callbacks_set_on_header_callback.rst \
+	nghttp2_session_callbacks_set_on_invalid_frame_recv_callback.rst \
+	nghttp2_session_callbacks_set_on_stream_close_callback.rst \
+	nghttp2_session_callbacks_set_recv_callback.rst \
+	nghttp2_session_callbacks_set_select_padding_callback.rst \
+	nghttp2_session_callbacks_set_send_callback.rst \
+	nghttp2_session_callbacks_set_send_data_callback.rst \
+	nghttp2_session_client_new.rst \
+	nghttp2_session_client_new2.rst \
+	nghttp2_session_client_new3.rst \
+	nghttp2_session_consume.rst \
+	nghttp2_session_consume_connection.rst \
+	nghttp2_session_consume_stream.rst \
+	nghttp2_session_del.rst \
+	nghttp2_session_get_effective_local_window_size.rst \
+	nghttp2_session_get_effective_recv_data_length.rst \
+	nghttp2_session_get_last_proc_stream_id.rst \
+	nghttp2_session_get_next_stream_id.rst \
+	nghttp2_session_get_outbound_queue_size.rst \
+	nghttp2_session_get_remote_settings.rst \
+	nghttp2_session_get_remote_window_size.rst \
+	nghttp2_session_get_stream_effective_local_window_size.rst \
+	nghttp2_session_get_stream_effective_recv_data_length.rst \
+	nghttp2_session_get_stream_local_close.rst \
+	nghttp2_session_get_stream_remote_close.rst \
+	nghttp2_session_get_stream_remote_window_size.rst \
+	nghttp2_session_get_stream_user_data.rst \
+	nghttp2_session_mem_recv.rst \
+	nghttp2_session_mem_send.rst \
+	nghttp2_session_recv.rst \
+	nghttp2_session_resume_data.rst \
+	nghttp2_session_send.rst \
+	nghttp2_session_server_new.rst \
+	nghttp2_session_server_new2.rst \
+	nghttp2_session_server_new3.rst \
+	nghttp2_session_set_next_stream_id.rst \
+	nghttp2_session_set_stream_user_data.rst \
+	nghttp2_session_terminate_session.rst \
+	nghttp2_session_terminate_session2.rst \
+	nghttp2_session_upgrade.rst \
+	nghttp2_session_want_read.rst \
+	nghttp2_session_want_write.rst \
+	nghttp2_strerror.rst \
+	nghttp2_submit_data.rst \
+	nghttp2_submit_goaway.rst \
+	nghttp2_submit_headers.rst \
+	nghttp2_submit_ping.rst \
+	nghttp2_submit_priority.rst \
+	nghttp2_submit_push_promise.rst \
+	nghttp2_submit_request.rst \
+	nghttp2_submit_response.rst \
+	nghttp2_submit_rst_stream.rst \
+	nghttp2_submit_settings.rst \
+	nghttp2_submit_shutdown_notice.rst \
+	nghttp2_submit_trailer.rst \
+	nghttp2_submit_window_update.rst \
+	nghttp2_version.rst
+
 EXTRA_DIST = \
 	mkapiref.py \
 	README.rst \
-	apiref-header.rst \
+	programmers-guide.rst \
+	$(APIDOCS) \
 	nghttp.1.rst \
 	nghttpd.1.rst \
 	nghttpx.1.rst \
@@ -41,24 +142,28 @@ EXTRA_DIST = \
 	sources/python-apiref.rst \
 	sources/building-android-binary.rst \
 	sources/contribute.rst \
-	_themes/sphinx_rtd_theme/footer.html \
-	_themes/sphinx_rtd_theme/theme.conf \
-	_themes/sphinx_rtd_theme/layout_old.html \
 	_themes/sphinx_rtd_theme/__init__.py \
-	_themes/sphinx_rtd_theme/layout.html \
-	_themes/sphinx_rtd_theme/search.html \
 	_themes/sphinx_rtd_theme/breadcrumbs.html \
-	_themes/sphinx_rtd_theme/versions.html \
+	_themes/sphinx_rtd_theme/footer.html \
+	_themes/sphinx_rtd_theme/layout.html \
+	_themes/sphinx_rtd_theme/layout_old.html \
+	_themes/sphinx_rtd_theme/search.html \
 	_themes/sphinx_rtd_theme/searchbox.html \
-	_themes/sphinx_rtd_theme/static/fonts/FontAwesome.otf \
-	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.svg \
-	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.woff \
-	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.eot \
-	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.ttf \
-	_themes/sphinx_rtd_theme/static/js/theme.js \
-	_themes/sphinx_rtd_theme/static/css/theme.css \
 	_themes/sphinx_rtd_theme/static/css/badge_only.css \
-	$(man_MANS)
+	_themes/sphinx_rtd_theme/static/css/theme.css \
+	_themes/sphinx_rtd_theme/static/fonts/FontAwesome.otf \
+	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.eot \
+	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.svg \
+	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.ttf \
+	_themes/sphinx_rtd_theme/static/fonts/fontawesome-webfont.woff \
+	_themes/sphinx_rtd_theme/static/js/theme.js \
+	_themes/sphinx_rtd_theme/theme.conf \
+	_themes/sphinx_rtd_theme/versions.html \
+	$(man_MANS) \
+	bash_completion/nghttp \
+	bash_completion/nghttpd \
+	bash_completion/nghttpx \
+	bash_completion/h2load

 # Makefile for Sphinx documentation
 #
@@ -95,16 +200,33 @@ help:
 	@echo "  linkcheck  to check all external links for integrity"
 	@echo "  doctest    to run all doctests embedded in the documentation (if enabled)"

-apiref.rst: $(top_builddir)/lib/includes/nghttp2/nghttp2ver.h \
+apiref.rst macros.rst enums.rst types.rst: \
+	$(top_builddir)/lib/includes/nghttp2/nghttp2ver.h \
 	$(top_builddir)/lib/includes/nghttp2/nghttp2.h
 	$(PYTHON) $(top_srcdir)/doc/mkapiref.py \
-	--header $(top_srcdir)/doc/apiref-header.rst $^ > $@
+	$@ macros.rst enums.rst types.rst . $^
+
+# Inspired by
+# http://www.gnu.org/savannah-checkouts/gnu/automake/manual/html_node/Multiple-Outputs.html
+apidoc.stamp: $(top_builddir)/lib/includes/nghttp2/nghttp2ver.h \
+	$(top_builddir)/lib/includes/nghttp2/nghttp2.h
+	@rm -f apidoc.tmp
+	@touch apidoc.tmp
+	$(PYTHON) $(top_srcdir)/doc/mkapiref.py \
+	$@ macros.rst enums.rst types.rst . $^
+	@mv -f apidoc.tmp $@
+$(APIDOC): apidoc.stamp
+## Recover from the removal of $@
+	@if test -f $@; then :; else \
+	  rm -f apidoc.stamp; \
+	  $(MAKE) $(AM_MAKEFLAGS) apidoc.stamp; \
+	fi

 clean-local:
-	-rm apiref.rst
+	-rm -f $(APIDOCS)
 	-rm -rf $(BUILDDIR)/*

-html: apiref.rst
+html-local: apiref.rst
 	$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
 	@echo
 	@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
@@ -176,7 +298,7 @@ text:
 	@echo
 	@echo "Build finished. The text files are in $(BUILDDIR)/text."

-man:
+man: apiref.rst
 	$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man
 	@echo
 	@echo "Build finished. The manual pages are in $(BUILDDIR)/man."
--- a/doc/_themes/sphinx_rtd_theme/init.py
+++ b/doc/_themes/sphinx_rtd_theme/init.py
@@ -5,7 +5,7 @@ From https://github.com/ryan-roemer/sphinx-bootstrap-theme.
 """
 import os

-VERSION = (0, 1, 5)
+VERSION = (0, 1, 8)

 __version__ = ".".join(str(v) for v in VERSION)
 __version_full__ = __version__
--- a/doc/_themes/sphinx_rtd_theme/breadcrumbs.html
+++ b/doc/_themes/sphinx_rtd_theme/breadcrumbs.html
@@ -6,13 +6,17 @@
      {% endfor %}
    <li>{{ title }}</li>
      <li class="wy-breadcrumbs-aside">
+        {% if pagename != "search" %}
          {% if display_github %}
-          <a href="https://github.com/{{ github_user }}/{{ github_repo }}/blob/{{ github_version }}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-github"> Edit on GitHub</a>
+            <a href="https://{{ github_host|default("github.com") }}/{{ github_user }}/{{ github_repo }}/blob/{{ github_version }}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-github"> Edit on GitHub</a>
          {% elif display_bitbucket %}
            <a href="https://bitbucket.org/{{ bitbucket_user }}/{{ bitbucket_repo }}/src/{{ bitbucket_version}}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-bitbucket"> Edit on Bitbucket</a>
+          {% elif show_source and source_url_prefix %}
+            <a href="{{ source_url_prefix }}{{ pagename }}{{ source_suffix }}">View page source</a>
          {% elif show_source and has_source and sourcename %}
            <a href="{{ pathto('_sources/' + sourcename, true)|e }}" rel="nofollow"> View page source</a>
          {% endif %}
+        {% endif %}
      </li>
  </ul>
  <hr/>
--- a/doc/_themes/sphinx_rtd_theme/footer.html
+++ b/doc/_themes/sphinx_rtd_theme/footer.html
@@ -2,10 +2,10 @@
  {% if next or prev %}
    <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
      {% if next %}
-        <a href="{{ next.link|e }}" class="btn btn-neutral float-right" title="{{ next.title|striptags|e }}">Next <span class="fa fa-arrow-circle-right"></span></a>
+        <a href="{{ next.link|e }}" class="btn btn-neutral float-right" title="{{ next.title|striptags|e }}" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a>
      {% endif %}
      {% if prev %}
-        <a href="{{ prev.link|e }}" class="btn btn-neutral" title="{{ prev.title|striptags|e }}"><span class="fa fa-arrow-circle-left"></span> Previous</a>
+        <a href="{{ prev.link|e }}" class="btn btn-neutral" title="{{ prev.title|striptags|e }}" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
      {% endif %}
    </div>
  {% endif %}
@@ -28,5 +28,9 @@
    </p>
  </div>

-  {% trans %}<a href="https://github.com/snide/sphinx_rtd_theme">Sphinx theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>{% endtrans %}
+  {%- if show_sphinx %}
+  {% trans %}Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>{% endtrans %}.
+  {%- endif %}
+
 </footer>
+
--- a/doc/_themes/sphinx_rtd_theme/layout.html
+++ b/doc/_themes/sphinx_rtd_theme/layout.html
@@ -12,6 +12,7 @@
 <!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
 <head>
  <meta charset="utf-8">
+  {{ metatags }}
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  {% block htmltitle %}
  <title>{{ title|striptags|e }}{{ titlesuffix }}</title>
@@ -23,7 +24,6 @@
  {% endif %}

  {# CSS #}
-  <link href='https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic|Roboto+Slab:400,700|Inconsolata:400,700' rel='stylesheet' type='text/css'>

  {# OPENSEARCH #}
  {% if not embedded %}
@@ -42,6 +42,10 @@
    <link rel="stylesheet" href="{{ pathto(cssfile, 1) }}" type="text/css" />
  {% endfor %}

+  {% for cssfile in extra_css_files %}
+    <link rel="stylesheet" href="{{ pathto(cssfile, 1) }}" type="text/css" />
+  {% endfor %}
+
  {%- block linktags %}
    {%- if hasdoc('about') %}
        <link rel="author" title="{{ _('About these documents') }}"
@@ -71,7 +75,7 @@
  {%- block extrahead %} {% endblock %}

  {# Keep modernizr in head - http://modernizr.com/docs/#installing #}
-  <script src="https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js"></script>
+  <script src="_static/js/modernizr.min.js"></script>

 </head>

@@ -83,19 +87,34 @@
    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
      <div class="wy-side-nav-search">
        {% block sidebartitle %}
-          <a href="{{ pathto(master_doc) }}" class="fa fa-home"> {{ project }}</a>
-        {% endblock %}
+
+        {% if logo and theme_logo_only %}
+          <a href="{{ pathto(master_doc) }}">
+        {% else %}
+          <a href="{{ pathto(master_doc) }}" class="icon icon-home"> {{ project }}
+        {% endif %}
+
+        {% if logo %}
+          {# Not strictly valid HTML, but it's the only way to display/scale it properly, without weird scripting or heaps of work #}
+          <img src="{{ pathto('_static/' + logo, 1) }}" class="logo" />
+        {% endif %}
+        </a>
+
        {% include "searchbox.html" %}
+
+        {% endblock %}
      </div>

      <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
-        {% set toctree = toctree(maxdepth=2, collapse=False, includehidden=True) %}
+        {% block menu %}
+          {% set toctree = toctree(maxdepth=4, collapse=False, includehidden=True) %}
          {% if toctree %}
              {{ toctree }}
          {% else %}
              <!-- Local TOC -->
              <div class="local-toc">{{ toc }}</div>
          {% endif %}
+        {% endblock %}
      </div>
      &nbsp;
    </nav>
--- a/doc/_themes/sphinx_rtd_theme/searchbox.html
+++ b/doc/_themes/sphinx_rtd_theme/searchbox.html
@@ -1,7 +1,9 @@
+{%- if builder != 'singlehtml' %}
 <div role="search">
-  <form id ="rtd-search-form" class="wy-form" action="{{ pathto('search') }}" method="get">
+  <form id="rtd-search-form" class="wy-form" action="{{ pathto('search') }}" method="get">
    <input type="text" name="q" placeholder="Search docs" />
    <input type="hidden" name="check_keywords" value="yes" />
    <input type="hidden" name="area" value="default" />
  </form>
 </div>
+{%- endif %}
--- a/doc/_themes/sphinx_rtd_theme/static/css/badge_only.css.map
+++ b/doc/_themes/sphinx_rtd_theme/static/css/badge_only.css.map
@@ -0,0 +1,7 @@
+{
+"version": 3,
+"mappings": "CAyDA,SAAY,EACV,qBAAsB,EAAE,UAAW,EAqDrC,QAAS,EARP,IAAK,EAAE,AAAC,EACR,+BAAS,EAEP,MAAO,EAAE,IAAK,EACd,MAAO,EAAE,CAAE,EACb,cAAO,EACL,IAAK,EAAE,GAAI,EC1Gb,SAkBC,EAjBC,UAAW,ECFJ,UAAW,EDGlB,UAAW,EAHqC,KAAM,EAItD,SAAU,EAJsD,KAAM,EAapE,EAAG,EAAE,qCAAwB,EAC7B,EAAG,EAAE,0PAAyE,ECZpF,SAAU,EACR,MAAO,EAAE,WAAY,EACrB,UAAW,EAAE,UAAW,EACxB,SAAU,EAAE,KAAM,EAClB,UAAW,EAAE,KAAM,EACnB,UAAW,EAAE,AAAC,EACd,cAAe,EAAE,MAAO,EAG1B,IAAK,EACH,MAAO,EAAE,WAAY,EACrB,cAAe,EAAE,MAAO,EAIxB,KAAG,EACD,MAAO,EAAE,WAAY,EACvB,sCAAiB,EAGf,IAAK,EAAE,MAAY,EAEvB,KAAM,EACJ,cAAe,EAAE,GAAI,EACrB,UAAW,EAAE,EAAG,EAChB,UAAW,EAAE,KAAM,EAEjB,YAAG,EACD,IAAK,EAAE,IAAI,EACb,oDAAiB,EAGf,aAAc,EAAE,OAAQ,EAG9B,cAAe,EACb,MAAO,EAAE,EAAO,EAElB,gBAAiB,EACf,MAAO,EAAE,EAAO,EAElB,oBAAqB,EACnB,MAAO,EAAE,EAAO,EAElB,sBAAuB,EACrB,MAAO,EAAE,EAAO,EAElB,kBAAmB,EACjB,MAAO,EAAE,EAAO,EAElB,oBAAqB,EACnB,MAAO,EAAE,EAAO,EAElB,oBAAqB,EACnB,MAAO,EAAE,EAAO,EAElB,sBAAuB,EACrB,MAAO,EAAE,EAAO,EAElB,qBAAsB,EACpB,MAAO,EAAE,EAAO,EAElB,uBAAwB,EACtB,MAAO,EAAE,EAAO,ECnElB,YAAa,EACX,OAAQ,EAAE,IAAK,EACf,KAAM,EAAE,AAAC,EACT,GAAI,EAAE,AAAC,EACP,IAAK,EC6E+B,IAAK,ED5EzC,IAAK,ECE+B,MAAyB,EDD7D,SAAU,EAAE,MAAkC,EAC9C,SAAU,EAAE,iBAAiC,EAC7C,UAAW,EEAyB,sDAAM,EFC1C,MAAO,EC+E6B,EAAG,ED9EvC,cAAC,EACC,IAAK,ECqE6B,MAAW,EDpE7C,cAAe,EAAE,GAAI,EACvB,6BAAgB,EACd,MAAO,EAAE,GAAI,EACf,iCAAoB,EAClB,MAAO,EAAE,GAAqB,EAC9B,eAAgB,EAAE,MAAkC,EACpD,MAAO,EAAE,IAAK,EACd,SAAU,EAAE,IAAK,EACjB,QAAS,EAAE,EAAG,EACd,KAAM,EAAE,MAAO,EACf,IAAK,ECiD6B,MAAM,EJgC1C,IAAK,EAAE,AAAC,EACR,iFAAS,EAEP,MAAO,EAAE,IAAK,EACd,MAAO,EAAE,CAAE,EACb,uCAAO,EACL,IAAK,EAAE,GAAI,EGrFX,qCAAG,EACD,IAAK,EClB2B,MAAyB,EDmB3D,0CAAQ,EACN,IAAK,EAAE,GAAI,EACb,4CAAU,EACR,IAAK,EAAE,GAAI,EACb,iDAAiB,EACf,eAAgB,ECQgB,MAAI,EDPpC,IAAK,EC0B2B,GAAM,EDzBxC,wDAAwB,EACtB,eAAgB,ECXgB,MAAO,EDYvC,IAAK,ECzB2B,GAAI,ED0BxC,yCAA8B,EAC5B,MAAO,EAAE,IAAK,EAChB,gCAAmB,EACjB,QAAS,EAAE,EAAG,EACd,MAAO,EAAE,GAAqB,EAC9B,IAAK,ECE6B,GAAwB,EDD1D,MAAO,EAAE,GAAI,EACb,mCAAE,EACA,MAAO,EAAE,IAAK,EACd,KAAM,EAAE,EAAG,EACX,KAAM,EAAE,AAAC,EACT,KAAM,EAAE,KAAM,EACd,MAAO,EAAE,AAAC,EACV,SAAU,EAAE,gBAA6C,EAC3D,mCAAE,EACA,MAAO,EAAE,WAAY,EACrB,KAAM,EAAE,AAAC,EACT,qCAAC,EACC,MAAO,EAAE,WAAY,EACrB,MAAO,EAAE,EAAqB,EAC9B,IAAK,ECjDyB,MAAyB,EDkD7D,sBAAW,EACT,IAAK,EAAE,GAAI,EACX,KAAM,EAAE,GAAI,EACZ,IAAK,EAAE,GAAI,EACX,GAAI,EAAE,GAAI,EACV,KAAM,EAAE,GAAI,EACZ,QAAS,ECkByB,IAAK,EDjBvC,iCAAU,EACR,IAAK,EAAE,GAAI,EACb,+BAAQ,EACN,IAAK,EAAE,GAAI,EACb,oDAA+B,EAC7B,SAAU,EAAE,IAAK,EACjB,6DAAQ,EACN,IAAK,EAAE,GAAI,EACb,+DAAU,EACR,IAAK,EAAE,GAAI,EACf,2CAAoB,EAClB,IAAK,EAAE,GAAI,EACX,KAAM,EAAE,GAAI,EACZ,UAAW,EAAE,GAAI,EACjB,MAAO,EAAE,IAAuB,EAChC,MAAO,EAAE,IAAK,EACd,SAAU,EAAE,KAAM,EGhDpB,mCAAsB,EHmDxB,YAAa,EACX,IAAK,EAAE,EAAG,EACV,MAAO,EAAE,GAAI,EACb,kBAAO,EACL,MAAO,EAAE,IAAK,EAClB,EAAG,EACD,IAAK,EAAE,GAAI,EACX,KAAM,EAAE,GAAI",
+"sources": ["../../../bower_components/wyrm/sass/wyrm_core/_mixin.sass","../../../bower_components/bourbon/dist/css3/_font-face.scss","../../../sass/_theme_badge_fa.sass","../../../sass/_theme_badge.sass","../../../bower_components/wyrm/sass/wyrm_core/_wy_variables.sass","../../../sass/_theme_variables.sass","../../../bower_components/neat/app/assets/stylesheets/grid/_media.scss"],
+"names": [],
+"file": "badge_only.css"
+}
--- a/doc/_themes/sphinx_rtd_theme/static/css/theme.css
+++ b/doc/_themes/sphinx_rtd_theme/static/css/theme.css
--- a/doc/_themes/sphinx_rtd_theme/static/css/theme.css.map
+++ b/doc/_themes/sphinx_rtd_theme/static/css/theme.css.map
--- a/doc/_themes/sphinx_rtd_theme/static/fonts/Inconsolata-Bold.ttf
+++ b/doc/_themes/sphinx_rtd_theme/static/fonts/Inconsolata-Bold.ttf
--- a/doc/_themes/sphinx_rtd_theme/static/fonts/Inconsolata.ttf
+++ b/doc/_themes/sphinx_rtd_theme/static/fonts/Inconsolata.ttf
--- a/doc/_themes/sphinx_rtd_theme/static/fonts/Lato-Bold.ttf
+++ b/doc/_themes/sphinx_rtd_theme/static/fonts/Lato-Bold.ttf
--- a/doc/_themes/sphinx_rtd_theme/static/fonts/Lato-Regular.ttf
+++ b/doc/_themes/sphinx_rtd_theme/static/fonts/Lato-Regular.ttf
--- a/doc/_themes/sphinx_rtd_theme/static/fonts/RobotoSlab-Bold.ttf
+++ b/doc/_themes/sphinx_rtd_theme/static/fonts/RobotoSlab-Bold.ttf
--- a/doc/_themes/sphinx_rtd_theme/static/fonts/RobotoSlab-Regular.ttf
+++ b/doc/_themes/sphinx_rtd_theme/static/fonts/RobotoSlab-Regular.ttf
--- a/doc/_themes/sphinx_rtd_theme/static/js/modernizr.min.js
+++ b/doc/_themes/sphinx_rtd_theme/static/js/modernizr.min.js
--- a/doc/_themes/sphinx_rtd_theme/static/js/theme.js
+++ b/doc/_themes/sphinx_rtd_theme/static/js/theme.js
@@ -1,47 +1,113 @@
-$( document ).ready(function() {
+function toggleCurrent (elem) {
+    var parent_li = elem.closest('li');
+    parent_li.siblings('li.current').removeClass('current');
+    parent_li.siblings().find('li.current').removeClass('current');
+    parent_li.find('> ul li.current').removeClass('current');
+    parent_li.toggleClass('current');
+}
+
+$(document).ready(function() {
    // Shift nav in mobile when clicking the menu.
    $(document).on('click', "[data-toggle='wy-nav-top']", function() {
        $("[data-toggle='wy-nav-shift']").toggleClass("shift");
        $("[data-toggle='rst-versions']").toggleClass("shift");
    });
-    // Close menu when you click a link.
+    // Nav menu link click operations
    $(document).on('click', ".wy-menu-vertical .current ul li a", function() {
+        var target = $(this);
+        // Close menu when you click a link.
        $("[data-toggle='wy-nav-shift']").removeClass("shift");
        $("[data-toggle='rst-versions']").toggleClass("shift");
+        // Handle dynamic display of l3 and l4 nav lists
+        toggleCurrent(target);
+        if (typeof(window.SphinxRtdTheme) != 'undefined') {
+            window.SphinxRtdTheme.StickyNav.hashChange();
+        }
    });
    $(document).on('click', "[data-toggle='rst-current-version']", function() {
        $("[data-toggle='rst-versions']").toggleClass("shift-up");
    });
    // Make tables responsive
    $("table.docutils:not(.field-list)").wrap("<div class='wy-table-responsive'></div>");
+
+    // Add expand links to all parents of nested ul
+    $('.wy-menu-vertical ul').siblings('a').each(function () {
+        var link = $(this);
+            expand = $('<span class="toctree-expand"></span>');
+        expand.on('click', function (ev) {
+            toggleCurrent(link);
+            ev.stopPropagation();
+            return false;
+        });
+        link.prepend(expand);
+    });
 });

+// Sphinx theme state
 window.SphinxRtdTheme = (function (jquery) {
    var stickyNav = (function () {
        var navBar,
            win,
-            stickyNavCssClass = 'stickynav',
-            applyStickNav = function () {
-                if (navBar.height() <= win.height()) {
-                    navBar.addClass(stickyNavCssClass);
-                } else {
-                    navBar.removeClass(stickyNavCssClass);
-                }
-            },
+            winScroll = false,
+            linkScroll = false,
+            winPosition = 0,
            enable = function () {
-                applyStickNav();
-                win.on('resize', applyStickNav);
+                init();
+                reset();
+                win.on('hashchange', reset);
+
+                // Set scrolling
+                win.on('scroll', function () {
+                    if (!linkScroll) {
+                        winScroll = true;
+                    }
+                });
+                setInterval(function () {
+                    if (winScroll) {
+                        winScroll = false;
+                        var newWinPosition = win.scrollTop(),
+                            navPosition = navBar.scrollTop(),
+                            newNavPosition = navPosition + (newWinPosition - winPosition);
+                        navBar.scrollTop(newNavPosition);
+                        winPosition = newWinPosition;
+                    }
+                }, 25);
            },
            init = function () {
                navBar = jquery('nav.wy-nav-side:first');
                win = jquery(window);
+            },
+            reset = function () {
+                // Get anchor from URL and open up nested nav
+                var anchor = encodeURI(window.location.hash);
+                if (anchor) {
+                    try {
+                        var link = $('.wy-menu-vertical')
+                            .find('[href="' + anchor + '"]');
+                        $('.wy-menu-vertical li.toctree-l1 li.current')
+                            .removeClass('current');
+                        link.closest('li.toctree-l2').addClass('current');
+                        link.closest('li.toctree-l3').addClass('current');
+                        link.closest('li.toctree-l4').addClass('current');
+                    }
+                    catch (err) {
+                        console.log("Error expanding nav for anchor", err);
+                    }
+                }
+            },
+            hashChange = function () {
+                linkScroll = true;
+                win.one('hashchange', function () {
+                    linkScroll = false;
+                });
            };
        jquery(init);
        return {
-            enable : enable
+            enable: enable,
+            hashChange: hashChange
        };
    }());
    return {
-        StickyNav : stickyNav
+        StickyNav: stickyNav
    };
 }($));
--- a/doc/_themes/sphinx_rtd_theme/theme.conf
+++ b/doc/_themes/sphinx_rtd_theme/theme.conf
@@ -6,3 +6,4 @@ stylesheet = css/theme.css
 typekit_id = hiw1hhg
 analytics_id = 
 sticky_navigation = False
+logo_only =
--- a/doc/apiref-header.rst
+++ b/doc/apiref-header.rst
@@ -1,33 +0,0 @@
-API Reference
-=============
-
-Includes
--------
-
-To use the public APIs, include ``nghttp2/nghttp2.h``::
-
-    #include <nghttp2/nghttp2.h>
-
-The header files are also available online: :doc:`nghttp2.h` and
-:doc:`nghttp2ver.h`.
-
-Remarks
-------
-
-Do not call `nghttp2_session_send()`, `nghttp2_session_mem_send()`,
-`nghttp2_session_recv()` or `nghttp2_session_mem_recv()` from the
-nghttp2 callback functions directly or indirectly. It will lead to the
-crash.  You can submit requests or frames in the callbacks then call
-these functions outside the callbacks.
-
-Currently, `nghttp2_session_send()` and `nghttp2_session_mem_send()`
-do not send client connection preface
-(:macro:`NGHTTP2_CLIENT_CONNECTION_PREFACE`).  The applications are
-responsible to send it before sending any HTTP/2 frames using these
-functions if :type:`nghttp2_session` is configured as client.
-Similarly, `nghttp2_session_recv()` and `nghttp2_session_mem_recv()`
-do not consume client connection preface unless
-`nghttp2_option_set_recv_client_preface()` is used with nonzero option
-value.  The applications are responsible to receive it before calling
-these functions if :type:`nghttp2_session` is configured as server and
-`nghttp2_option_set_recv_client_preface()` is not used.
--- a/doc/asio_http2_client.h.rst.in
+++ b/doc/asio_http2_client.h.rst.in
@@ -0,0 +1,5 @@
+asio_http2_client.h
+===================
+
+.. literalinclude:: @top_srcdir@/src/includes/nghttp2/asio_http2_client.h
+   :language: cpp
--- a/doc/asio_http2_server.h.rst.in
+++ b/doc/asio_http2_server.h.rst.in
@@ -0,0 +1,5 @@
+asio_http2_server.h
+===================
+
+.. literalinclude:: @top_srcdir@/src/includes/nghttp2/asio_http2_server.h
+   :language: cpp
--- a/doc/bash_completion/h2load
+++ b/doc/bash_completion/h2load
@@ -0,0 +1,19 @@
+_h2load()
+{
+    local cur prev split=false
+    COMPREPLY=()
+    COMP_WORDBREAKS=${COMP_WORDBREAKS//=}
+
+    cmd=${COMP_WORDS[0]}
+    _get_comp_words_by_ref cur prev
+    case $cur in
+        -*)
+            COMPREPLY=( $( compgen -W '--threads --connection-window-bits --input-file --help --requests --num-conns --data --verbose --ciphers --rate --window-bits --clients --no-tls-proto --version --header --max-concurrent-streams ' -- "$cur" ) )
+            ;;
+        *)
+            _filedir
+            return 0
+    esac
+    return 0
+}
+complete -F _h2load h2load
--- a/doc/bash_completion/make_bash_completion.py
+++ b/doc/bash_completion/make_bash_completion.py
@@ -0,0 +1,77 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from __future__ import unicode_literals
+from __future__ import print_function
+import subprocess
+import io
+import re
+import sys
+import os.path
+
+class Option:
+    def __init__(self, long_opt, short_opt):
+        self.long_opt = long_opt
+        self.short_opt = short_opt
+
+def get_all_options(cmd):
+    opt_pattern = re.compile(r'  (?:(-.), )?(--[^\s\[=]+)(\[)?')
+    proc = subprocess.Popen([cmd, "--help"], stdout=subprocess.PIPE)
+    stdoutdata, _ = proc.communicate()
+    cur_option = None
+    opts = {}
+    for line in io.StringIO(stdoutdata.decode('utf-8')):
+        match = opt_pattern.match(line)
+        if not match:
+            continue
+        long_opt = match.group(2)
+        short_opt = match.group(1)
+        opts[long_opt] = Option(long_opt, short_opt)
+
+    return opts
+
+def output_case(out, name, opts):
+    out.write('''\
+_{name}()
+{{
+    local cur prev split=false
+    COMPREPLY=()
+    COMP_WORDBREAKS=${{COMP_WORDBREAKS//=}}
+
+    cmd=${{COMP_WORDS[0]}}
+    _get_comp_words_by_ref cur prev
+'''.format(name=name))
+
+    # Complete option name.
+    out.write('''\
+    case $cur in
+        -*)
+            COMPREPLY=( $( compgen -W '\
+''')
+    for opt in opts.values():
+        out.write(opt.long_opt)
+        out.write(' ')
+
+    out.write('''\
+' -- "$cur" ) )
+            ;;
+''')
+    # If no option found for completion then complete with files.
+    out.write('''\
+        *)
+            _filedir
+            return 0
+    esac
+    return 0
+}}
+complete -F _{name} {name}
+'''.format(name=name))
+
+if __name__ == '__main__':
+    if len(sys.argv) < 2:
+        print("Generates bash_completion using `/path/to/cmd --help'")
+        print("Usage: make_bash_completion.py /path/to/cmd")
+        exit(1)
+    name = os.path.basename(sys.argv[1])
+    opts = get_all_options(sys.argv[1])
+    output_case(sys.stdout, name, opts)
--- a/doc/bash_completion/nghttp
+++ b/doc/bash_completion/nghttp
@@ -0,0 +1,19 @@
+_nghttp()
+{
+    local cur prev split=false
+    COMPREPLY=()
+    COMP_WORDBREAKS=${COMP_WORDBREAKS//=}
+
+    cmd=${COMP_WORDS[0]}
+    _get_comp_words_by_ref cur prev
+    case $cur in
+        -*)
+            COMPREPLY=( $( compgen -W '--no-push --verbose --no-dep --get-assets --har --header-table-size --multiply --padding --hexdump --max-concurrent-streams --continuation --connection-window-bits --peer-max-concurrent-streams --timeout --data --no-content-length --version --color --cert --upgrade --remote-name --trailer --weight --help --key --null-out --window-bits --stat --header ' -- "$cur" ) )
+            ;;
+        *)
+            _filedir
+            return 0
+    esac
+    return 0
+}
+complete -F _nghttp nghttp
--- a/doc/bash_completion/nghttpd
+++ b/doc/bash_completion/nghttpd
@@ -0,0 +1,19 @@
+_nghttpd()
+{
+    local cur prev split=false
+    COMPREPLY=()
+    COMP_WORDBREAKS=${COMP_WORDBREAKS//=}
+
+    cmd=${COMP_WORDS[0]}
+    _get_comp_words_by_ref cur prev
+    case $cur in
+        -*)
+            COMPREPLY=( $( compgen -W '--error-gzip --push --header-table-size --trailer --htdocs --address --padding --verbose --version --help --hexdump --dh-param-file --daemon --verify-client --echo-upload --workers --no-tls --color --early-response --max-concurrent-streams ' -- "$cur" ) )
+            ;;
+        *)
+            _filedir
+            return 0
+    esac
+    return 0
+}
+complete -F _nghttpd nghttpd
--- a/doc/bash_completion/nghttpx
+++ b/doc/bash_completion/nghttpx
@@ -0,0 +1,19 @@
+_nghttpx()
+{
+    local cur prev split=false
+    COMPREPLY=()
+    COMP_WORDBREAKS=${COMP_WORDBREAKS//=}
+
+    cmd=${COMP_WORDS[0]}
+    _get_comp_words_by_ref cur prev
+    case $cur in
+        -*)
+            COMPREPLY=( $( compgen -W '--worker-read-rate --frontend-no-tls --frontend-http2-dump-response-header --backend-http1-connections-per-frontend --tls-ticket-key-file --verify-client-cacert --include --backend-request-buffer --backend-http2-connection-window-bits --conf --worker-write-burst --npn-list --fetch-ocsp-response-file --stream-read-timeout --tls-ticket-key-memcached --accesslog-syslog --frontend-http2-read-timeout --listener-disable-timeout --frontend-http2-connection-window-bits --ciphers --strip-incoming-x-forwarded-for --private-key-passwd-file --backend-keep-alive-timeout --backend-http-proxy-uri --backend-http1-connections-per-host --rlimit-nofile --no-via --ocsp-update-interval --backend-write-timeout --client --tls-ticket-key-memcached-max-retry --http2-no-cookie-crumbling --worker-read-burst --client-proxy --http2-bridge --accesslog-format --errorlog-syslog --errorlog-file --http2-max-concurrent-streams --frontend-write-timeout --tls-ticket-key-cipher --read-burst --backend-ipv4 --backend-ipv6 --backend --insecure --log-level --host-rewrite --tls-proto-list --backend-http2-connections-per-worker --tls-ticket-key-memcached-interval --dh-param-file --worker-frontend-connections --header-field-buffer --no-server-push --no-location-rewrite --tls-session-cache-memcached --no-ocsp --backend-response-buffer --workers --frontend-http2-window-bits --worker-write-rate --add-request-header --backend-tls-sni-field --subcert --help --frontend-frame-debug --pid-file --frontend-http2-dump-request-header --daemon --write-rate --altsvc --user --add-x-forwarded-for --syslog-facility --frontend-read-timeout --tls-ticket-key-memcached-max-fail --backlog --write-burst --backend-http2-window-bits --padding --stream-write-timeout --cacert --version --verify-client --backend-read-timeout --frontend --accesslog-file --http2-proxy --max-header-fields --backend-no-tls --client-private-key-file --client-cert-file --add-response-header --read-rate ' -- "$cur" ) )
+            ;;
+        *)
+            _filedir
+            return 0
+    esac
+    return 0
+}
+complete -F _nghttpx nghttpx
--- a/doc/conf.py.in
+++ b/doc/conf.py.in
@@ -64,7 +64,7 @@ master_doc = 'index'

 # General information about the project.
 project = u'nghttp2'
-copyright = u'2012, 2014, Tatsuhiro Tsujikawa'
+copyright = u'2012, 2015, Tatsuhiro Tsujikawa'

 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
@@ -242,6 +242,12 @@ latex_documents = [
 # One entry per manual page. List of tuples
 # (source start file, name, description, authors, manual section).
 man_pages = [
-    ('index', 'nghttp2', u'nghttp2 Documentation',
+    ('nghttp.1', 'nghttp', u'HTTP/2 experimental client',
+     [u'Tatsuhiro Tsujikawa'], 1),
+    ('nghttpd.1', 'nghttpd', u'HTTP/2 experimental server',
+     [u'Tatsuhiro Tsujikawa'], 1),
+    ('nghttpx.1', 'nghttpx', u'HTTP/2 experimental proxy',
+     [u'Tatsuhiro Tsujikawa'], 1),
+    ('h2load.1', 'h2load', u'HTTP/2 benchmarking tool',
     [u'Tatsuhiro Tsujikawa'], 1)
 ]
--- a/doc/h2load.1
+++ b/doc/h2load.1
@@ -1,75 +1,303 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.46.4.
-.TH H2LOAD "1" "November 2014" "h2load nghttp2/0.6.7" "User Commands"
+.\" Man page generated from reStructuredText.
+.
+.TH "H2LOAD" "1" "August 14, 2015" "1.2.1" "nghttp2"
 .SH NAME
 h2load \- HTTP/2 benchmarking tool
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
 .SH SYNOPSIS
-.B h2load
-[\fI\,OPTIONS\/\fR]... [\fI\,URI\/\fR]...
+.sp
+\fBh2load\fP [OPTIONS]... [URI]...
 .SH DESCRIPTION
+.sp
 benchmarking tool for HTTP/2 and SPDY server
+.INDENT 0.0
 .TP
-<URI>
-Specify  URI to  access.   Multiple  URIs can  be
-specified.  URIs are used  in this order for each
-client.   All URIs  are used,  then first  URI is
-used and  then 2nd URI,  and so on.   The scheme,
-host and port in the subsequent URIs, if present,
-are  ignored.  Those  in the  first URI  are used
-solely.
+.B <URI>
+Specify URI to access.   Multiple URIs can be specified.
+URIs are used  in this order for each  client.  All URIs
+are used, then  first URI is used and then  2nd URI, and
+so  on.  The  scheme, host  and port  in the  subsequent
+URIs, if present,  are ignored.  Those in  the first URI
+are used solely.
+.UNINDENT
 .SH OPTIONS
-.HP
-\fB\-n\fR, \fB\-\-requests=\fR<N> Number of requests. Default: 1
+.INDENT 0.0
 .TP
-\fB\-c\fR, \fB\-\-clients=\fR<N>
-Number of concurrent clients. Default: 1
+.B \-n, \-\-requests=<N>
+Number of requests.
+.sp
+Default: \fB1\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-t\fR, \fB\-\-threads=\fR<N>
-Number of native threads. Default: 1
+.B \-c, \-\-clients=<N>
+Number of concurrent clients.
+.sp
+Default: \fB1\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-i\fR, \fB\-\-input\-file=\fR<FILE>
-Path of  a file with multiple  URIs are seperated
-by EOLs.   This option will disable  URIs getting
-from command\-line.   If '\-'  is given  as <FILE>,
-URIs will be  read from stdin.  URIs  are used in
-this order  for each client.  All  URIs are used,
-then first URI  is used and then 2nd  URI, and so
-on.  The scheme, host  and port in the subsequent
-URIs,  if present,  are  ignored.   Those in  the
-first URI are used solely.
+.B \-t, \-\-threads=<N>
+Number of native threads.
+.sp
+Default: \fB1\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-m\fR, \fB\-\-max\-concurrent\-streams=\fR(auto|<N>)
-Max concurrent streams to  issue per session.  If
-"auto"  is given,  the  number of  given URIs  is
-used.  Default: auto
+.B \-i, \-\-input\-file=<PATH>
+Path of a file with multiple URIs are separated by EOLs.
+This option will disable URIs getting from command\-line.
+If \(aq\-\(aq is given as <PATH>, URIs will be read from stdin.
+URIs are used  in this order for each  client.  All URIs
+are used, then  first URI is used and then  2nd URI, and
+so  on.  The  scheme, host  and port  in the  subsequent
+URIs, if present,  are ignored.  Those in  the first URI
+are used solely.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-w\fR, \fB\-\-window\-bits=\fR<N>
-Sets  the stream  level  initial  window size  to
-(2**<N>)\-1.  For SPDY, 2**<N> is used instead.
+.B \-m, \-\-max\-concurrent\-streams=(auto|<N>)
+Max concurrent streams to  issue per session.  If "auto"
+is given, the number of given URIs is used.
+.sp
+Default: \fBauto\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-W\fR, \fB\-\-connection\-window\-bits=\fR<N>
+.B \-w, \-\-window\-bits=<N>
+Sets the stream level initial window size to (2**<N>)\-1.
+For SPDY, 2**<N> is used instead.
+.sp
+Default: \fB30\fP
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-W, \-\-connection\-window\-bits=<N>
 Sets  the  connection  level   initial  window  size  to
-(2**<N>)\-1.  For  SPDY, if  <N> is  strictly less
-than  16,  this  option  is  ignored.   Otherwise
-2**<N> is used for SPDY.
+(2**<N>)\-1.  For SPDY, if <N>  is strictly less than 16,
+this option  is ignored.   Otherwise 2**<N> is  used for
+SPDY.
+.sp
+Default: \fB30\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-H\fR, \fB\-\-header=\fR<HEADER>
+.B \-H, \-\-header=<HEADER>
 Add/Override a header to the requests.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-p\fR, \fB\-\-no\-tls\-proto=\fR<PROTOID>
-Specify  ALPN identifier  of the  protocol to  be
-used  when accessing  http  URI without  SSL/TLS.
-Available protocols: spdy/2, spdy/3, spdy/3.1 and
-h2c\-14
-Default: h2c\-14
+.B \-\-ciphers=<SUITE>
+Set allowed  cipher list.  The  format of the  string is
+described in OpenSSL ciphers(1).
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-v\fR, \fB\-\-verbose\fR
+.B \-p, \-\-no\-tls\-proto=<PROTOID>
+Specify ALPN identifier of the  protocol to be used when
+accessing http URI without SSL/TLS.
+Available protocols: spdy/2, spdy/3, spdy/3.1 and h2c
+.sp
+Default: \fBh2c\fP
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-d, \-\-data=<PATH>
+Post FILE to  server.  The request method  is changed to
+POST.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-r, \-\-rate=<N>
+Specifies  the  fixed  rate  at  which  connections  are
+created.   The   rate  must   be  a   positive  integer,
+representing the  number of  connections to be  made per
+second.  When the rate is 0,  the program will run as it
+normally does, creating connections at whatever variable
+rate it wants.  The default value for this option is 0.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-C, \-\-num\-conns=<N>
+Specifies  the total  number of  connections to  create.
+The  total  number of  connections  must  be a  positive
+integer.  On each connection, \fI\%\-m\fP requests are made.  The
+test  stops once  as soon  as the  <N> connections  have
+either  completed   or  failed.   When  the   number  of
+connections is  0, the program  will run as  it normally
+does, creating as many connections  as it needs in order
+to make  the \fI\%\-n\fP  requests specified.  The  default value
+for this option is 0.  The  \fI\%\-n\fP option is not required if
+the \fI\%\-C\fP option is being used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-v, \-\-verbose
 Output debug information.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-version\fR
+.B \-\-version
 Display version information and exit.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-h\fR, \fB\-\-help\fR
+.B \-h, \-\-help
 Display this help and exit.
-.SH "SEE ALSO"
-
-nghttp(1), nghttpd(1), nghttpx(1)
+.UNINDENT
+.SH OUTPUT
+.INDENT 0.0
+.TP
+.B requests
+.INDENT 7.0
+.TP
+.B total
+The number of requests h2load was instructed to make.
+.TP
+.B started
+The number of requests h2load has started.
+.TP
+.B done
+The number of requests completed.
+.TP
+.B succeeded
+The number of requests completed successfully.  Only HTTP status
+code 2xx or3xx are considered as success.
+.TP
+.B failed
+The number of requests failed, including HTTP level failures
+(non\-successful HTTP status code).
+.TP
+.B errored
+The number of requests failed, except for HTTP level failures.
+This is the subset of the number reported in \fBfailed\fP and most
+likely the network level failures or stream was reset by
+RST_STREAM.
+.UNINDENT
+.TP
+.B status codes
+The number of status code h2load received.
+.TP
+.B traffic
+.INDENT 7.0
+.TP
+.B total
+The number of bytes received from the server "on the wire".  If
+requests were made via TLS, this value is the number of decrpyted
+bytes.
+.TP
+.B headers
+The number of response header bytes from the server without
+decompression.  For HTTP/2, this is the sum of the payload of
+HEADERS frame.  For SPDY, this is the sum of the payload of
+SYN_REPLY frame.
+.TP
+.B data
+The number of response body bytes received from the server.
+.UNINDENT
+.TP
+.B time for request
+.INDENT 7.0
+.TP
+.B min
+The minimum time taken for request and response.
+.TP
+.B max
+The maximum time taken for request and response.
+.TP
+.B mean
+The mean time taken for request and response.
+.TP
+.B sd
+The standard deviation of the time taken for request and response.
+.TP
+.B +/\- sd
+The fraction of the number of requests within standard deviation
+range (mean +/\- sd) against total number of successful requests.
+.UNINDENT
+.TP
+.B time for connect
+.INDENT 7.0
+.TP
+.B min
+The minimum time taken to connect to a server.
+.TP
+.B max
+The maximum time taken to connect to a server.
+.TP
+.B mean
+The mean time taken to connect to a server.
+.TP
+.B sd
+The standard deviation of the time taken to connect to a server.
+.TP
+.B +/\- sd
+The  fraction  of  the   number  of  connections  within  standard
+deviation range (mean  +/\- sd) against total  number of successful
+connections.
+.UNINDENT
+.TP
+.B time for 1st byte (of (decrypted in case of TLS) application data)
+.INDENT 7.0
+.TP
+.B min
+The minimum time taken to get 1st byte from a server.
+.TP
+.B max
+The maximum time taken to get 1st byte from a server.
+.TP
+.B mean
+The mean time taken to get 1st byte from a server.
+.TP
+.B sd
+The standard deviation of the time taken to get 1st byte from a
+server.
+.TP
+.B +/\- sd
+The fraction of the number of connections within standard
+deviation range (mean +/\- sd) against total number of successful
+connections.
+.UNINDENT
+.UNINDENT
+.SH FLOW CONTROL
+.sp
+h2load sets large flow control window by default, and effectively
+disables flow control to avoid under utilization of server
+performance.  To set smaller flow control window, use \fI\%\-w\fP and
+\fI\%\-W\fP options.  For example, use \fB\-w16 \-W16\fP to set default
+window size described in HTTP/2 and SPDY protocol specification.
+.SH SEE ALSO
+.sp
+\fInghttp(1)\fP, \fInghttpd(1)\fP, \fInghttpx(1)\fP
+.SH AUTHOR
+Tatsuhiro Tsujikawa
+.SH COPYRIGHT
+2012, 2015, Tatsuhiro Tsujikawa
+.\" Generated by docutils manpage writer.
+.
--- a/doc/h2load.1.rst
+++ b/doc/h2load.1.rst
@@ -1,113 +1,231 @@
-.. DO NOT MODIFY THIS FILE!  It was generated by man2rst.py
+
+.. GENERATED by help2rst.py.  DO NOT EDIT DIRECTLY.

 .. program:: h2load

 h2load(1)
 =========

-NAME
----
-h2load - HTTP/2 benchmarking tool
-
 SYNOPSIS
 --------
+
 **h2load** [OPTIONS]... [URI]...

 DESCRIPTION
 -----------
+
 benchmarking tool for HTTP/2 and SPDY server

-.. option:: URI
+.. describe:: <URI>

-    Specify  URI to  access.   Multiple  URIs can  be
-    specified.  URIs are used  in this order for each
-    client.   All URIs  are used,  then first  URI is
-    used and  then 2nd URI,  and so on.   The scheme,
-    host and port in the subsequent URIs, if present,
-    are  ignored.  Those  in the  first URI  are used
-    solely.
+    Specify URI to access.   Multiple URIs can be specified.
+    URIs are used  in this order for each  client.  All URIs
+    are used, then  first URI is used and then  2nd URI, and
+    so  on.  The  scheme, host  and port  in the  subsequent
+    URIs, if present,  are ignored.  Those in  the first URI
+    are used solely.

 OPTIONS
 -------

 .. option:: -n, --requests=<N>

-    Number of requests. Default: 1
+    Number of requests.
+
+    Default: ``1``

 .. option:: -c, --clients=<N>

+    Number of concurrent clients.

-    Number of concurrent clients. Default: 1
+    Default: ``1``

 .. option:: -t, --threads=<N>

+    Number of native threads.

-    Number of native threads. Default: 1
+    Default: ``1``

-.. option:: -i, --input-file=<FILE>
+.. option:: -i, --input-file=<PATH>

-    
-    Path of  a file with multiple  URIs are seperated
-    by EOLs.   This option will disable  URIs getting
-    from command-line.   If '-'  is given  as <FILE>,
-    URIs will be  read from stdin.  URIs  are used in
-    this order  for each client.  All  URIs are used,
-    then first URI  is used and then 2nd  URI, and so
-    on.  The scheme, host  and port in the subsequent
-    URIs,  if present,  are  ignored.   Those in  the
-    first URI are used solely.
+    Path of a file with multiple URIs are separated by EOLs.
+    This option will disable URIs getting from command-line.
+    If '-' is given as <PATH>, URIs will be read from stdin.
+    URIs are used  in this order for each  client.  All URIs
+    are used, then  first URI is used and then  2nd URI, and
+    so  on.  The  scheme, host  and port  in the  subsequent
+    URIs, if present,  are ignored.  Those in  the first URI
+    are used solely.

 .. option:: -m, --max-concurrent-streams=(auto|<N>)

+    Max concurrent streams to  issue per session.  If "auto"
+    is given, the number of given URIs is used.

-    Max concurrent streams to  issue per session.  If
-    "auto"  is given,  the  number of  given URIs  is
-    used.  Default: auto
+    Default: ``auto``

 .. option:: -w, --window-bits=<N>

+    Sets the stream level initial window size to (2\*\*<N>)-1.
+    For SPDY, 2**<N> is used instead.

-    Sets  the stream  level  initial  window size  to
-    (2\*\*<N>)-1.  For SPDY, 2\*\*<N> is used instead.
+    Default: ``30``

 .. option:: -W, --connection-window-bits=<N>

-    
    Sets  the  connection  level   initial  window  size  to
-    (2\*\*<N>)-1.  For  SPDY, if  <N> is  strictly less
-    than  16,  this  option  is  ignored.   Otherwise
-    2\*\*<N> is used for SPDY.
+    (2**<N>)-1.  For SPDY, if <N>  is strictly less than 16,
+    this option  is ignored.   Otherwise 2\*\*<N> is  used for
+    SPDY.
+
+    Default: ``30``

 .. option:: -H, --header=<HEADER>

-    
    Add/Override a header to the requests.

+.. option:: --ciphers=<SUITE>
+
+    Set allowed  cipher list.  The  format of the  string is
+    described in OpenSSL ciphers(1).
+
 .. option:: -p, --no-tls-proto=<PROTOID>

+    Specify ALPN identifier of the  protocol to be used when
+    accessing http URI without SSL/TLS.
+    Available protocols: spdy/2, spdy/3, spdy/3.1 and h2c

-    Specify  ALPN identifier  of the  protocol to  be
-    used  when accessing  http  URI without  SSL/TLS.
-    Available protocols: spdy/2, spdy/3, spdy/3.1 and
-    h2c-14
-    Default: h2c-14
+    Default: ``h2c``
+
+.. option:: -d, --data=<PATH>
+
+    Post FILE to  server.  The request method  is changed to
+    POST.
+
+.. option:: -r, --rate=<N>
+
+    Specifies  the  fixed  rate  at  which  connections  are
+    created.   The   rate  must   be  a   positive  integer,
+    representing the  number of  connections to be  made per
+    second.  When the rate is 0,  the program will run as it
+    normally does, creating connections at whatever variable
+    rate it wants.  The default value for this option is 0.
+
+.. option:: -C, --num-conns=<N>
+
+    Specifies  the total  number of  connections to  create.
+    The  total  number of  connections  must  be a  positive
+    integer.  On each connection, :option:`-m` requests are made.  The
+    test  stops once  as soon  as the  <N> connections  have
+    either  completed   or  failed.   When  the   number  of
+    connections is  0, the program  will run as  it normally
+    does, creating as many connections  as it needs in order
+    to make  the :option:`-n`  requests specified.  The  default value
+    for this option is 0.  The  :option:`-n` option is not required if
+    the :option:`-C` option is being used.

 .. option:: -v, --verbose

-    
    Output debug information.

 .. option:: --version

-    
    Display version information and exit.

 .. option:: -h, --help

-    
    Display this help and exit.

+OUTPUT
+------
+
+requests
+  total
+    The number of requests h2load was instructed to make.
+  started
+    The number of requests h2load has started.
+  done
+    The number of requests completed.
+  succeeded
+    The number of requests completed successfully.  Only HTTP status
+    code 2xx or3xx are considered as success.
+  failed
+    The number of requests failed, including HTTP level failures
+    (non-successful HTTP status code).
+  errored
+    The number of requests failed, except for HTTP level failures.
+    This is the subset of the number reported in ``failed`` and most
+    likely the network level failures or stream was reset by
+    RST_STREAM.
+
+status codes
+  The number of status code h2load received.
+
+traffic
+  total
+    The number of bytes received from the server "on the wire".  If
+    requests were made via TLS, this value is the number of decrpyted
+    bytes.
+  headers
+    The number of response header bytes from the server without
+    decompression.  For HTTP/2, this is the sum of the payload of
+    HEADERS frame.  For SPDY, this is the sum of the payload of
+    SYN_REPLY frame.
+  data
+    The number of response body bytes received from the server.
+
+time for request
+  min
+    The minimum time taken for request and response.
+  max
+    The maximum time taken for request and response.
+  mean
+    The mean time taken for request and response.
+  sd
+    The standard deviation of the time taken for request and response.
+  +/- sd
+    The fraction of the number of requests within standard deviation
+    range (mean +/- sd) against total number of successful requests.
+
+time for connect
+  min
+    The minimum time taken to connect to a server.
+  max
+    The maximum time taken to connect to a server.
+  mean
+    The mean time taken to connect to a server.
+  sd
+    The standard deviation of the time taken to connect to a server.
+  +/- sd
+    The  fraction  of  the   number  of  connections  within  standard
+    deviation range (mean  +/- sd) against total  number of successful
+    connections.
+
+time for 1st byte (of (decrypted in case of TLS) application data)
+  min
+    The minimum time taken to get 1st byte from a server.
+  max
+    The maximum time taken to get 1st byte from a server.
+  mean
+    The mean time taken to get 1st byte from a server.
+  sd
+    The standard deviation of the time taken to get 1st byte from a
+    server.
+  +/- sd
+    The fraction of the number of connections within standard
+    deviation range (mean +/- sd) against total number of successful
+    connections.
+
+FLOW CONTROL
+------------
+
+h2load sets large flow control window by default, and effectively
+disables flow control to avoid under utilization of server
+performance.  To set smaller flow control window, use :option:`-w` and
+:option:`-W` options.  For example, use ``-w16 -W16`` to set default
+window size described in HTTP/2 and SPDY protocol specification.
+
 SEE ALSO
 --------

-nghttp(1), nghttpd(1), nghttpx(1)
+:manpage:`nghttp(1)`, :manpage:`nghttpd(1)`, :manpage:`nghttpx(1)`
--- a/doc/h2load.h2m
+++ b/doc/h2load.h2m
@@ -1,3 +0,0 @@
-[SEE ALSO]
-
-nghttp(1), nghttpd(1), nghttpx(1)
--- a/doc/h2load.h2r
+++ b/doc/h2load.h2r
@@ -0,0 +1,93 @@
+OUTPUT
+------
+
+requests
+  total
+    The number of requests h2load was instructed to make.
+  started
+    The number of requests h2load has started.
+  done
+    The number of requests completed.
+  succeeded
+    The number of requests completed successfully.  Only HTTP status
+    code 2xx or3xx are considered as success.
+  failed
+    The number of requests failed, including HTTP level failures
+    (non-successful HTTP status code).
+  errored
+    The number of requests failed, except for HTTP level failures.
+    This is the subset of the number reported in ``failed`` and most
+    likely the network level failures or stream was reset by
+    RST_STREAM.
+
+status codes
+  The number of status code h2load received.
+
+traffic
+  total
+    The number of bytes received from the server "on the wire".  If
+    requests were made via TLS, this value is the number of decrpyted
+    bytes.
+  headers
+    The number of response header bytes from the server without
+    decompression.  For HTTP/2, this is the sum of the payload of
+    HEADERS frame.  For SPDY, this is the sum of the payload of
+    SYN_REPLY frame.
+  data
+    The number of response body bytes received from the server.
+
+time for request
+  min
+    The minimum time taken for request and response.
+  max
+    The maximum time taken for request and response.
+  mean
+    The mean time taken for request and response.
+  sd
+    The standard deviation of the time taken for request and response.
+  +/- sd
+    The fraction of the number of requests within standard deviation
+    range (mean +/- sd) against total number of successful requests.
+
+time for connect
+  min
+    The minimum time taken to connect to a server.
+  max
+    The maximum time taken to connect to a server.
+  mean
+    The mean time taken to connect to a server.
+  sd
+    The standard deviation of the time taken to connect to a server.
+  +/- sd
+    The  fraction  of  the   number  of  connections  within  standard
+    deviation range (mean  +/- sd) against total  number of successful
+    connections.
+
+time for 1st byte (of (decrypted in case of TLS) application data)
+  min
+    The minimum time taken to get 1st byte from a server.
+  max
+    The maximum time taken to get 1st byte from a server.
+  mean
+    The mean time taken to get 1st byte from a server.
+  sd
+    The standard deviation of the time taken to get 1st byte from a
+    server.
+  +/- sd
+    The fraction of the number of connections within standard
+    deviation range (mean +/- sd) against total number of successful
+    connections.
+
+FLOW CONTROL
+------------
+
+h2load sets large flow control window by default, and effectively
+disables flow control to avoid under utilization of server
+performance.  To set smaller flow control window, use :option:`-w` and
+:option:`-W` options.  For example, use ``-w16 -W16`` to set default
+window size described in HTTP/2 and SPDY protocol specification.
+
+SEE ALSO
+--------
+
+:manpage:`nghttp(1)`, :manpage:`nghttpd(1)`, :manpage:`nghttpx(1)`
--- a/doc/mkapiref.py
+++ b/doc/mkapiref.py
@@ -1,4 +1,5 @@
 #!/usr/bin/env python
+# -*- coding: utf-8 -*-
 # nghttp2 - HTTP/2 C Library

 # Copyright (c) 2012 Tatsuhiro Tsujikawa
@@ -23,20 +24,24 @@
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 # Generates API reference from C source code.
+
+from __future__ import unicode_literals
 from __future__ import print_function # At least python 2.6 is required
-import re, sys, argparse
+import re, sys, argparse, os.path

 class FunctionDoc:
    def __init__(self, name, content, domain):
        self.name = name
        self.content = content
        self.domain = domain
+        if self.domain == 'function':
+            self.funcname = re.search(r'(nghttp2_[^ )]+)\(', self.name).group(1)

    def write(self, out):
-        print('''.. {}:: {}'''.format(self.domain, self.name))
-        print('')
+        out.write('.. {}:: {}\n'.format(self.domain, self.name))
+        out.write('\n')
        for line in self.content:
-            print('    {}'.format(line))
+            out.write('    {}\n'.format(line))

 class StructDoc:
    def __init__(self, name, content, members, member_domain):
@@ -47,17 +52,17 @@ class StructDoc:

    def write(self, out):
        if self.name:
-            print('''.. type:: {}'''.format(self.name))
-            print('')
+            out.write('.. type:: {}\n'.format(self.name))
+            out.write('\n')
            for line in self.content:
-                print('    {}'.format(line))
-            print('')
+                out.write('    {}\n'.format(line))
+            out.write('\n')
            for name, content in self.members:
-                print('''    .. {}:: {}'''.format(self.member_domain, name))
-                print('')
+                out.write('    .. {}:: {}\n'.format(self.member_domain, name))
+                out.write('\n')
                for line in content:
-                    print('''        {}'''.format(line))
-            print('')
+                    out.write('        {}\n'.format(line))
+            out.write('\n')

 class MacroDoc:
    def __init__(self, name, content):
@@ -65,10 +70,10 @@ class MacroDoc:
        self.content = content

    def write(self, out):
-        print('''.. macro:: {}'''.format(self.name))
-        print('')
+        out.write('''.. macro:: {}\n'''.format(self.name))
+        out.write('\n')
        for line in self.content:
-            print('    {}'.format(line))
+            out.write('    {}\n'.format(line))

 def make_api_ref(infiles):
    macros = []
@@ -93,19 +98,65 @@ def make_api_ref(infiles):
                    enums.append(process_enum(infile))
                elif doctype == '@macro':
                    macros.append(process_macro(infile))
+    return macros, enums, types, functions
+
    alldocs = [('Macros', macros),
               ('Enums', enums),
               ('Types (structs, unions and typedefs)', types),
               ('Functions', functions)]
-    for title, docs in alldocs:
-        if not docs:
-            continue
-        print(title)
-        print('-'*len(title))
-        for doc in docs:
-            doc.write(sys.stdout)
-            print('')
-        print('')
+
+def output(
+        indexfile, macrosfile, enumsfile, typesfile, funcsdir,
+        macros, enums, types, functions):
+    indexfile.write('''
+API Reference
+=============
+
+.. toctree::
+   :maxdepth: 1
+
+   macros
+   enums
+   types
+''')
+
+    for doc in functions:
+        indexfile.write('   {}\n'.format(doc.funcname))
+
+    macrosfile.write('''
+Macros
+======
+''')
+    for doc in macros:
+        doc.write(macrosfile)
+
+    enumsfile.write('''
+Enums
+=====
+''')
+    for doc in enums:
+        doc.write(enumsfile)
+
+    typesfile.write('''
+Types (structs, unions and typedefs)
+====================================
+''')
+    for doc in types:
+        doc.write(typesfile)
+
+    for doc in functions:
+        with open(os.path.join(funcsdir, doc.funcname + '.rst'), 'w') as f:
+            f.write('''
+{funcname}
+{secul}
+
+Synopsis
+--------
+
+*#include <nghttp2/nghttp2.h>*
+
+'''.format(funcname=doc.funcname, secul='='*len(doc.funcname)))
+            doc.write(f)

 def process_macro(infile):
    content = read_content(infile)
@@ -174,6 +225,7 @@ def process_function(domain, infile):
    func_proto = ''.join(func_proto)
    func_proto = re.sub(r';\n$', '', func_proto)
    func_proto = re.sub(r'\s+', ' ', func_proto)
+    func_proto = re.sub(r'NGHTTP2_EXTERN ', '', func_proto)
    return FunctionDoc(func_proto, content, domain)

 def read_content(infile):
@@ -199,12 +251,30 @@ def transform_content(content):

 if __name__ == '__main__':
    parser = argparse.ArgumentParser(description="Generate API reference")
-    parser.add_argument('--header', type=argparse.FileType('r'),
-                        help='header inserted at the top of the page')
+    parser.add_argument('index', type=argparse.FileType('w'),
+                        help='index output file')
+    parser.add_argument('macros', type=argparse.FileType('w'),
+                        help='macros section output file.  The filename should be macros.rst')
+    parser.add_argument('enums', type=argparse.FileType('w'),
+                        help='enums section output file.  The filename should be enums.rst')
+    parser.add_argument('types', type=argparse.FileType('w'),
+                        help='types section output file.  The filename should be types.rst')
+    parser.add_argument('funcsdir',
+                        help='functions doc output dir')
    parser.add_argument('files', nargs='+', type=argparse.FileType('r'),
                        help='source file')
    args = parser.parse_args()
-    if args.header:
-        print(args.header.read())
+    macros = []
+    enums = []
+    types = []
+    funcs = []
    for infile in args.files:
-        make_api_ref(args.files)
+        m, e, t, f = make_api_ref(args.files)
+        macros.extend(m)
+        enums.extend(e)
+        types.extend(t)
+        funcs.extend(f)
+    funcs.sort(key=lambda x: x.funcname)
+    output(
+        args.index, args.macros, args.enums, args.types, args.funcsdir,
+        macros, enums, types, funcs)
--- a/doc/nghttp.1
+++ b/doc/nghttp.1
@@ -1,123 +1,295 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.46.4.
-.TH NGHTTP "1" "November 2014" "nghttp nghttp2/0.6.7" "User Commands"
+.\" Man page generated from reStructuredText.
+.
+.TH "NGHTTP" "1" "August 14, 2015" "1.2.1" "nghttp2"
 .SH NAME
 nghttp \- HTTP/2 experimental client
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
 .SH SYNOPSIS
-.B nghttp
-[\fI\,OPTIONS\/\fR]... \fI\,<URI>\/\fR...
+.sp
+\fBnghttp\fP [OPTIONS]... <URI>...
 .SH DESCRIPTION
+.sp
 HTTP/2 experimental client
+.INDENT 0.0
 .TP
-<URI>
+.B <URI>
 Specify URI to access.
+.UNINDENT
 .SH OPTIONS
+.INDENT 0.0
 .TP
-\fB\-v\fR, \fB\-\-verbose\fR
+.B \-v, \-\-verbose
 Print   debug   information   such  as   reception   and
-transmission  of  frames  and  name/value  pairs.
-Specifying this  option multiple  times increases
-verbosity.
+transmission of frames and name/value pairs.  Specifying
+this option multiple times increases verbosity.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-n\fR, \fB\-\-null\-out\fR
+.B \-n, \-\-null\-out
 Discard downloaded data.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-O\fR, \fB\-\-remote\-name\fR
+.B \-O, \-\-remote\-name
 Save  download  data  in  the  current  directory.   The
-filename is dereived from  URI.  If URI ends with
-\&'/',  'index.html' is  used as  a filename.   Not
-implemented yet.
+filename is  dereived from URI.   If URI ends  with \(aq\fI/\fP\(aq,
+\(aqindex.html\(aq  is used  as a  filename.  Not  implemented
+yet.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-t\fR, \fB\-\-timeout=\fR<N>
-Timeout each request after <N> seconds.
+.B \-t, \-\-timeout=<DURATION>
+Timeout each request after <DURATION>.  Set 0 to disable
+timeout.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-w\fR, \fB\-\-window\-bits=\fR<N>
-Sets  the stream  level  initial  window size  to
-2**<N>\-1.
+.B \-w, \-\-window\-bits=<N>
+Sets the stream level initial window size to 2**<N>\-1.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-W\fR, \fB\-\-connection\-window\-bits=\fR<N>
+.B \-W, \-\-connection\-window\-bits=<N>
 Sets  the  connection  level   initial  window  size  to
 2**<N>\-1.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-a\fR, \fB\-\-get\-assets\fR
-Download assets  such as stylesheets,  images and
-script files linked from the downloaded resource.
-Only links  whose origins  are the same  with the
-linking  resource  will  be  downloaded.   nghttp
-prioritizes  resources  using  HTTP/2  dependency
-based priority.  The priority order, from highest
-to lowest,  is html  itself, css,  javascript and
-images.
+.B \-a, \-\-get\-assets
+Download assets  such as stylesheets, images  and script
+files linked  from the downloaded resource.   Only links
+whose  origins are  the same  with the  linking resource
+will be downloaded.   nghttp prioritizes resources using
+HTTP/2 dependency  based priority.  The  priority order,
+from highest to lowest,  is html itself, css, javascript
+and images.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-s\fR, \fB\-\-stat\fR
+.B \-s, \-\-stat
 Print statistics.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-H\fR, \fB\-\-header=\fR<HEADER>
-Add   a  header   to   the  requests.    Example:
-\fB\-H\fR':method: PUT'
+.B \-H, \-\-header=<HEADER>
+Add a header to the requests.  Example: \fI\%\-H\fP\(aq:method: PUT\(aq
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-cert=\fR<CERT>
-Use the  specified client certificate  file.  The
-file must be in PEM format.
+.B \-\-trailer=<HEADER>
+Add a trailer header to the requests.  <HEADER> must not
+include pseudo header field  (header field name starting
+with \(aq:\(aq).  To  send trailer, one must use  \fI\%\-d\fP option to
+send request body.  Example: \fI\%\-\-trailer\fP \(aqfoo: bar\(aq.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-key=\fR<KEY>
-Use the  client private key file.   The file must
-be in PEM format.
+.B \-\-cert=<CERT>
+Use  the specified  client certificate  file.  The  file
+must be in PEM format.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-d\fR, \fB\-\-data=\fR<FILE>
-Post FILE to  server. If '\-' is  given, data will
-be read from stdin.
+.B \-\-key=<KEY>
+Use the  client private key  file.  The file must  be in
+PEM format.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-m\fR, \fB\-\-multiply=\fR<N> Request each URI <N> times.
-By default, same URI
-is not requested twice.   This option disables it
-too.
+.B \-d, \-\-data=<PATH>
+Post FILE to server. If \(aq\-\(aq  is given, data will be read
+from stdin.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-u\fR, \fB\-\-upgrade\fR
-Perform HTTP Upgrade for  HTTP/2.  This option is
-ignored if the request  URI has https scheme.  If
-\fB\-d\fR is used, the HTTP upgrade request is performed
-with OPTIONS method.
+.B \-m, \-\-multiply=<N>
+Request each URI <N> times.  By default, same URI is not
+requested twice.  This option disables it too.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-p\fR, \fB\-\-weight=\fR<WEIGHT>
-Sets  priority  group  weight.  The  valid  value
-range is [1, 256], inclusive.
-Default: 16
+.B \-u, \-\-upgrade
+Perform HTTP Upgrade for HTTP/2.  This option is ignored
+if the request URI has https scheme.  If \fI\%\-d\fP is used, the
+HTTP upgrade request is performed with OPTIONS method.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-M\fR, \fB\-\-peer\-max\-concurrent\-streams=\fR<N>
-Use <N>  as SETTINGS_MAX_CONCURRENT_STREAMS value
-of  remote  endpoint  as  if it  is  received  in
-SETTINGS frame.   The default is large  enough as
-it is seen as unlimited.
+.B \-p, \-\-weight=<WEIGHT>
+Sets priority group weight.  The valid value range is
+[1, 256], inclusive.
+.sp
+Default: \fB16\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-c\fR, \fB\-\-header\-table\-size=\fR<N>
+.B \-M, \-\-peer\-max\-concurrent\-streams=<N>
+Use  <N>  as  SETTINGS_MAX_CONCURRENT_STREAMS  value  of
+remote endpoint as if it  is received in SETTINGS frame.
+The default is large enough as it is seen as unlimited.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-c, \-\-header\-table\-size=<SIZE>
 Specify decoder header table size.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-b\fR, \fB\-\-padding=\fR<N>
-Add  at most  <N>  bytes to  a  frame payload  as
-padding.  Specify 0 to disable padding.
+.B \-b, \-\-padding=<N>
+Add at  most <N>  bytes to a  frame payload  as padding.
+Specify 0 to disable padding.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-r\fR, \fB\-\-har=\fR<FILE>
-Output  HTTP transactions  <FILE> in  HAR format.
-If '\-' is given, data is written to stdout.
+.B \-r, \-\-har=<PATH>
+Output HTTP  transactions <PATH> in HAR  format.  If \(aq\-\(aq
+is given, data is written to stdout.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-color\fR
+.B \-\-color
 Force colored log output.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-continuation\fR
+.B \-\-continuation
 Send large header to test CONTINUATION.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-no\-content\-length\fR
-Don't send content\-length header field.
+.B \-\-no\-content\-length
+Don\(aqt send content\-length header field.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-no\-dep\fR
-Don't  send  dependency  based priority  hint  to
-server.
+.B \-\-no\-dep
+Don\(aqt send dependency based priority hint to server.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-version\fR
+.B \-\-hexdump
+Display the  incoming traffic in  hexadecimal (Canonical
+hex+ASCII display).  If SSL/TLS  is used, decrypted data
+are used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-no\-push
+Disable server push.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-max\-concurrent\-streams=<N>
+The  number of  concurrent  pushed  streams this  client
+accepts.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-version
 Display version information and exit.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-h\fR, \fB\-\-help\fR
+.B \-h, \-\-help
 Display this help and exit.
-.SH "SEE ALSO"
-
-nghttpd(1), nghttpx(1), h2load(1)
+.UNINDENT
+.sp
+The <SIZE> argument is an integer and an optional unit (e.g., 10K is
+10 * 1024).  Units are K, M and G (powers of 1024).
+.sp
+The <DURATION> argument is an integer and an optional unit (e.g., 1s
+is 1 second and 500ms is 500 milliseconds).  Units are h, m, s or ms
+(hours, minutes, seconds and milliseconds, respectively).  If a unit
+is omitted, a second is used as unit.
+.SH DEPENDENCY BASED PRIORITY
+.sp
+nghttp sends priority hints to server by default unless
+\fI\%\-\-no\-dep\fP is used.  nghttp mimics the way Firefox employs to
+manages dependency using idle streams.  We follows the behaviour of
+Firefox Nightly as of April, 2015, and nghttp\(aqs behaviour is very
+static and could be different from Firefox in detail.  But reproducing
+the same behaviour of Firefox is not our goal.  The goal is provide
+the easy way to test out the dependency priority in server
+implementation.
+.sp
+When connection is established, nghttp sends 5 PRIORITY frames to idle
+streams 3, 5, 7, 9 and 11 to create "anchor" nodes in dependency
+tree:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+         +\-\-\-\-\-+
+         |id=0 |
+         +\-\-\-\-\-+
+        ^   ^   ^
+ w=201 /    |    \e w=1
+      /     |     \e
+     / w=101|      \e
+ +\-\-\-\-\-+ +\-\-\-\-\-+ +\-\-\-\-\-+
+ |id=3 | |id=5 | |id=7 |
+ +\-\-\-\-\-+ +\-\-\-\-\-+ +\-\-\-\-\-+
+    ^               ^
+w=1 |           w=1 |
+    |               |
+ +\-\-\-\-\-+         +\-\-\-\-\-+
+ |id=11|         |id=9 |
+ +\-\-\-\-\-+         +\-\-\-\-\-+
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+In the above figure, \fBid\fP means stream ID, and \fBw\fP means weight.
+The stream 0 is non\-existence stream, and forms the root of the tree.
+The stream 7 and 9 are not used for now.
+.sp
+The URIs given in the command\-line depend on stream 11 with the weight
+given in \fI\%\-p\fP option, which defaults to 16.
+.sp
+If \fI\%\-a\fP option is used, nghttp parses the resource pointed by
+URI given in command\-line as html, and extracts resource links from
+it.  When requesting those resources, nghttp uses dependency according
+to its resource type.
+.sp
+For CSS, and Javascript files inside "head" element, they depend on
+stream 3 with the weight 2.  The Javascript files outside "head"
+element depend on stream 5 with the weight 2.  The mages depend on
+stream 11 with the weight 12.  The other resources (e.g., icon) depend
+on stream 11 with the weight 2.
+.SH SEE ALSO
+.sp
+\fInghttpd(1)\fP, \fInghttpx(1)\fP, \fIh2load(1)\fP
+.SH AUTHOR
+Tatsuhiro Tsujikawa
+.SH COPYRIGHT
+2012, 2015, Tatsuhiro Tsujikawa
+.\" Generated by docutils manpage writer.
+.
--- a/doc/nghttp.1.rst
+++ b/doc/nghttp.1.rst
@@ -1,23 +1,22 @@
-.. DO NOT MODIFY THIS FILE!  It was generated by man2rst.py
+
+.. GENERATED by help2rst.py.  DO NOT EDIT DIRECTLY.

 .. program:: nghttp

 nghttp(1)
 =========

-NAME
----
-nghttp - HTTP/2 experimental client
-
 SYNOPSIS
 --------
+
 **nghttp** [OPTIONS]... <URI>...

 DESCRIPTION
 -----------
+
 HTTP/2 experimental client

-.. option:: URI
+.. describe:: <URI>

    Specify URI to access.

@@ -26,162 +25,214 @@ OPTIONS

 .. option:: -v, --verbose

-    
    Print   debug   information   such  as   reception   and
-    transmission  of  frames  and  name/value  pairs.
-    Specifying this  option multiple  times increases
-    verbosity.
+    transmission of frames and name/value pairs.  Specifying
+    this option multiple times increases verbosity.

 .. option:: -n, --null-out

-    
    Discard downloaded data.

 .. option:: -O, --remote-name

-    
    Save  download  data  in  the  current  directory.   The
-    filename is dereived from  URI.  If URI ends with
-    '/',  'index.html' is  used as  a filename.   Not
-    implemented yet.
+    filename is  dereived from URI.   If URI ends  with '*/*',
+    'index.html'  is used  as a  filename.  Not  implemented
+    yet.

-.. option:: -t, --timeout=<N>
+.. option:: -t, --timeout=<DURATION>

-    
-    Timeout each request after <N> seconds.
+    Timeout each request after <DURATION>.  Set 0 to disable
+    timeout.

 .. option:: -w, --window-bits=<N>

-    
-    Sets  the stream  level  initial  window size  to
-    2\*\*<N>-1.
+    Sets the stream level initial window size to 2\*\*<N>-1.

 .. option:: -W, --connection-window-bits=<N>

-    
    Sets  the  connection  level   initial  window  size  to
    2\*\*<N>-1.

 .. option:: -a, --get-assets

-    
-    Download assets  such as stylesheets,  images and
-    script files linked from the downloaded resource.
-    Only links  whose origins  are the same  with the
-    linking  resource  will  be  downloaded.   nghttp
-    prioritizes  resources  using  HTTP/2  dependency
-    based priority.  The priority order, from highest
-    to lowest,  is html  itself, css,  javascript and
-    images.
+    Download assets  such as stylesheets, images  and script
+    files linked  from the downloaded resource.   Only links
+    whose  origins are  the same  with the  linking resource
+    will be downloaded.   nghttp prioritizes resources using
+    HTTP/2 dependency  based priority.  The  priority order,
+    from highest to lowest,  is html itself, css, javascript
+    and images.

 .. option:: -s, --stat

-    
    Print statistics.

 .. option:: -H, --header=<HEADER>

+    Add a header to the requests.  Example: :option:`-H`\':method: PUT'

-    Add   a  header   to   the  requests.    Example:
-    -H':method: PUT'
+.. option:: --trailer=<HEADER>
+
+    Add a trailer header to the requests.  <HEADER> must not
+    include pseudo header field  (header field name starting
+    with ':').  To  send trailer, one must use  :option:`-d` option to
+    send request body.  Example: :option:`--trailer` 'foo: bar'.

 .. option:: --cert=<CERT>

-    
-    Use the  specified client certificate  file.  The
-    file must be in PEM format.
+    Use  the specified  client certificate  file.  The  file
+    must be in PEM format.

 .. option:: --key=<KEY>

+    Use the  client private key  file.  The file must  be in
+    PEM format.

-    Use the  client private key file.   The file must
-    be in PEM format.
+.. option:: -d, --data=<PATH>

-.. option:: -d, --data=<FILE>
-
-    
-    Post FILE to  server. If '-' is  given, data will
-    be read from stdin.
+    Post FILE to server. If '-'  is given, data will be read
+    from stdin.

 .. option:: -m, --multiply=<N>

-    Request each URI <N> times.
-    By default, same URI
-    is not requested twice.   This option disables it
-    too.
+    Request each URI <N> times.  By default, same URI is not
+    requested twice.  This option disables it too.

 .. option:: -u, --upgrade

-    
-    Perform HTTP Upgrade for  HTTP/2.  This option is
-    ignored if the request  URI has https scheme.  If
-    :option:`-d` is used, the HTTP upgrade request is performed
-    with OPTIONS method.
+    Perform HTTP Upgrade for HTTP/2.  This option is ignored
+    if the request URI has https scheme.  If :option:`-d` is used, the
+    HTTP upgrade request is performed with OPTIONS method.

 .. option:: -p, --weight=<WEIGHT>

+    Sets priority group weight.  The valid value range is
+    [1, 256], inclusive.

-    Sets  priority  group  weight.  The  valid  value
-    range is [1, 256], inclusive.
-    Default: 16
+    Default: ``16``

 .. option:: -M, --peer-max-concurrent-streams=<N>

+    Use  <N>  as  SETTINGS_MAX_CONCURRENT_STREAMS  value  of
+    remote endpoint as if it  is received in SETTINGS frame.
+    The default is large enough as it is seen as unlimited.

-    Use <N>  as SETTINGS_MAX_CONCURRENT_STREAMS value
-    of  remote  endpoint  as  if it  is  received  in
-    SETTINGS frame.   The default is large  enough as
-    it is seen as unlimited.
-
-.. option:: -c, --header-table-size=<N>
-
+.. option:: -c, --header-table-size=<SIZE>

    Specify decoder header table size.

 .. option:: -b, --padding=<N>

+    Add at  most <N>  bytes to a  frame payload  as padding.
+    Specify 0 to disable padding.

-    Add  at most  <N>  bytes to  a  frame payload  as
-    padding.  Specify 0 to disable padding.
+.. option:: -r, --har=<PATH>

-.. option:: -r, --har=<FILE>
-
-    
-    Output  HTTP transactions  <FILE> in  HAR format.
-    If '-' is given, data is written to stdout.
+    Output HTTP  transactions <PATH> in HAR  format.  If '-'
+    is given, data is written to stdout.

 .. option:: --color

-    
    Force colored log output.

 .. option:: --continuation

-    
    Send large header to test CONTINUATION.

 .. option:: --no-content-length

-    
    Don't send content-length header field.

 .. option:: --no-dep

+    Don't send dependency based priority hint to server.

-    Don't  send  dependency  based priority  hint  to
-    server.
+.. option:: --hexdump
+
+    Display the  incoming traffic in  hexadecimal (Canonical
+    hex+ASCII display).  If SSL/TLS  is used, decrypted data
+    are used.
+
+.. option:: --no-push
+
+    Disable server push.
+
+.. option:: --max-concurrent-streams=<N>
+
+    The  number of  concurrent  pushed  streams this  client
+    accepts.

 .. option:: --version

-    
    Display version information and exit.

 .. option:: -h, --help

-    
    Display this help and exit.

+
+
+The <SIZE> argument is an integer and an optional unit (e.g., 10K is
+10 * 1024).  Units are K, M and G (powers of 1024).
+
+The <DURATION> argument is an integer and an optional unit (e.g., 1s
+is 1 second and 500ms is 500 milliseconds).  Units are h, m, s or ms
+(hours, minutes, seconds and milliseconds, respectively).  If a unit
+is omitted, a second is used as unit.
+
+DEPENDENCY BASED PRIORITY
+-------------------------
+
+nghttp sends priority hints to server by default unless
+:option:`--no-dep` is used.  nghttp mimics the way Firefox employs to
+manages dependency using idle streams.  We follows the behaviour of
+Firefox Nightly as of April, 2015, and nghttp's behaviour is very
+static and could be different from Firefox in detail.  But reproducing
+the same behaviour of Firefox is not our goal.  The goal is provide
+the easy way to test out the dependency priority in server
+implementation.
+
+When connection is established, nghttp sends 5 PRIORITY frames to idle
+streams 3, 5, 7, 9 and 11 to create "anchor" nodes in dependency
+tree::
+
+                      +-----+
+                      |id=0 |
+                      +-----+
+                     ^   ^   ^
+              w=201 /    |    \ w=1
+                   /     |     \
+                  / w=101|      \
+              +-----+ +-----+ +-----+
+              |id=3 | |id=5 | |id=7 |
+              +-----+ +-----+ +-----+
+                 ^               ^
+             w=1 |           w=1 |
+                 |               |
+              +-----+         +-----+
+              |id=11|         |id=9 |
+              +-----+         +-----+
+
+In the above figure, ``id`` means stream ID, and ``w`` means weight.
+The stream 0 is non-existence stream, and forms the root of the tree.
+The stream 7 and 9 are not used for now.
+
+The URIs given in the command-line depend on stream 11 with the weight
+given in :option:`-p` option, which defaults to 16.
+
+If :option:`-a` option is used, nghttp parses the resource pointed by
+URI given in command-line as html, and extracts resource links from
+it.  When requesting those resources, nghttp uses dependency according
+to its resource type.
+
+For CSS, and Javascript files inside "head" element, they depend on
+stream 3 with the weight 2.  The Javascript files outside "head"
+element depend on stream 5 with the weight 2.  The mages depend on
+stream 11 with the weight 12.  The other resources (e.g., icon) depend
+on stream 11 with the weight 2.
+
 SEE ALSO
 --------

-nghttpd(1), nghttpx(1), h2load(1)
+:manpage:`nghttpd(1)`, :manpage:`nghttpx(1)`, :manpage:`h2load(1)`
--- a/doc/nghttp.h2m
+++ b/doc/nghttp.h2m
@@ -1,3 +0,0 @@
-[SEE ALSO]
-
-nghttpd(1), nghttpx(1), h2load(1)
--- a/doc/nghttp.h2r
+++ b/doc/nghttp.h2r
@@ -0,0 +1,55 @@
+DEPENDENCY BASED PRIORITY
+-------------------------
+
+nghttp sends priority hints to server by default unless
+:option:`--no-dep` is used.  nghttp mimics the way Firefox employs to
+manages dependency using idle streams.  We follows the behaviour of
+Firefox Nightly as of April, 2015, and nghttp's behaviour is very
+static and could be different from Firefox in detail.  But reproducing
+the same behaviour of Firefox is not our goal.  The goal is provide
+the easy way to test out the dependency priority in server
+implementation.
+
+When connection is established, nghttp sends 5 PRIORITY frames to idle
+streams 3, 5, 7, 9 and 11 to create "anchor" nodes in dependency
+tree::
+
+                      +-----+
+                      |id=0 |
+                      +-----+
+                     ^   ^   ^
+              w=201 /    |    \ w=1
+                   /     |     \
+                  / w=101|      \
+              +-----+ +-----+ +-----+
+              |id=3 | |id=5 | |id=7 |
+              +-----+ +-----+ +-----+
+                 ^               ^
+             w=1 |           w=1 |
+                 |               |
+              +-----+         +-----+
+              |id=11|         |id=9 |
+              +-----+         +-----+
+
+In the above figure, ``id`` means stream ID, and ``w`` means weight.
+The stream 0 is non-existence stream, and forms the root of the tree.
+The stream 7 and 9 are not used for now.
+
+The URIs given in the command-line depend on stream 11 with the weight
+given in :option:`-p` option, which defaults to 16.
+
+If :option:`-a` option is used, nghttp parses the resource pointed by
+URI given in command-line as html, and extracts resource links from
+it.  When requesting those resources, nghttp uses dependency according
+to its resource type.
+
+For CSS, and Javascript files inside "head" element, they depend on
+stream 3 with the weight 2.  The Javascript files outside "head"
+element depend on stream 5 with the weight 2.  The mages depend on
+stream 11 with the weight 12.  The other resources (e.g., icon) depend
+on stream 11 with the weight 2.
+
+SEE ALSO
+--------
+
+:manpage:`nghttpd(1)`, :manpage:`nghttpx(1)`, :manpage:`h2load(1)`
--- a/doc/nghttpd.1
+++ b/doc/nghttpd.1
@@ -1,93 +1,194 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.46.4.
-.TH NGHTTPD "1" "November 2014" "nghttpd nghttp2/0.6.7" "User Commands"
+.\" Man page generated from reStructuredText.
+.
+.TH "NGHTTPD" "1" "August 14, 2015" "1.2.1" "nghttp2"
 .SH NAME
 nghttpd \- HTTP/2 experimental server
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
 .SH SYNOPSIS
-.B nghttpd
-[\fI\,OPTION\/\fR]... \fI\,<PORT> <PRIVATE_KEY> <CERT>\/\fR
-.br
-.B nghttpd
-\fI\,--no-tls \/\fR[\fI\,OPTION\/\fR]... \fI\,<PORT>\/\fR
+.sp
+\fBnghttpd\fP [OPTION]... <PORT> [<PRIVATE_KEY> <CERT>]
 .SH DESCRIPTION
+.sp
 HTTP/2 experimental server
+.INDENT 0.0
 .TP
-<PORT>
+.B <PORT>
 Specify listening port number.
+.UNINDENT
+.INDENT 0.0
 .TP
-<PRIVATE_KEY>
-Set  path  to  server's  private  key.   Required
-unless \fB\-\-no\-tls\fR is specified.
+.B <PRIVATE_KEY>
+Set  path  to  server\(aqs private  key.   Required  unless
+\fI\%\-\-no\-tls\fP is specified.
+.UNINDENT
+.INDENT 0.0
 .TP
-<CERT>
-Set  path  to   server's  certificate.   Required
-unless \fB\-\-no\-tls\fR is specified.
+.B <CERT>
+Set  path  to  server\(aqs  certificate.   Required  unless
+\fI\%\-\-no\-tls\fP is specified.
+.UNINDENT
 .SH OPTIONS
+.INDENT 0.0
 .TP
-\fB\-D\fR, \fB\-\-daemon\fR
-Run in a background.  If  \fB\-D\fR is used, the current
-working directory  is changed to  '/'.  Therefore
-if  this  option  is  used,  \fB\-d\fR  option  must  be
-specified.
+.B \-a, \-\-address=<ADDR>
+The address to bind to.  If not specified the default IP
+address determined by getaddrinfo is used.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-V\fR, \fB\-\-verify\-client\fR
-The  server sends  a client  certificate request.
-If the  client did not return  a certificate, the
-handshake is terminated.   Currently, this option
-just requests  a client certificate and  does not
-verify it.
+.B \-D, \-\-daemon
+Run in a background.  If \fI\%\-D\fP is used, the current working
+directory is  changed to \(aq\fI/\fP\(aq.  Therefore  if this option
+is used, \fI\%\-d\fP option must be specified.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-d\fR, \fB\-\-htdocs=\fR<PATH>
-Specify  document root.   If this  option is  not
-specified,  the  document  root  is  the  current
-working directory.
+.B \-V, \-\-verify\-client
+The server  sends a client certificate  request.  If the
+client did  not return  a certificate, the  handshake is
+terminated.   Currently,  this  option just  requests  a
+client certificate and does not verify it.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-v\fR, \fB\-\-verbose\fR
-Print  debug   information  such   as  reception/
-transmission of frames and name/value pairs.
+.B \-d, \-\-htdocs=<PATH>
+Specify document root.  If this option is not specified,
+the document root is the current working directory.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-no\-tls\fR
+.B \-v, \-\-verbose
+Print debug information  such as reception/ transmission
+of frames and name/value pairs.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-no\-tls
 Disable SSL/TLS.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-c\fR, \fB\-\-header\-table\-size=\fR<N>
+.B \-c, \-\-header\-table\-size=<SIZE>
 Specify decoder header table size.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-color\fR
+.B \-\-color
 Force colored log output.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-p\fR, \fB\-\-push=\fR<PATH>=<PUSH_PATH,...>
-Push  resources   <PUSH_PATH>s  when   <PATH>  is
-requested.  This option can be used repeatedly to
-specify multiple push configurations.  <PATH> and
-<PUSH_PATH>s are relative  to document root.  See
-\fB\-\-htdocs\fR    option.      Example:    \fB\-p\fR/=/foo.png
-\fB\-p\fR/doc=/bar.css
+.B \-p, \-\-push=<PATH>=<PUSH_PATH,...>
+Push  resources <PUSH_PATH>s  when <PATH>  is requested.
+This option  can be used repeatedly  to specify multiple
+push  configurations.    <PATH>  and   <PUSH_PATH>s  are
+relative  to   document  root.   See   \fI\%\-\-htdocs\fP  option.
+Example: \fI\%\-p\fP/=/foo.png \fI\%\-p\fP/doc=/bar.css
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-b\fR, \fB\-\-padding=\fR<N>
-Add  at most  <N>  bytes to  a  frame payload  as
-padding.  Specify 0 to disable padding.
+.B \-b, \-\-padding=<N>
+Add at  most <N>  bytes to a  frame payload  as padding.
+Specify 0 to disable padding.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-n\fR, \fB\-\-workers=\fR<CORE>
+.B \-m, \-\-max\-concurrent\-streams=<N>
+Set the maximum number of  the concurrent streams in one
+HTTP/2 session.
+.sp
+Default: \fB100\fP
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-n, \-\-workers=<N>
 Set the number of worker threads.
-Default: 1
+.sp
+Default: \fB1\fP
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-e\fR, \fB\-\-error\-gzip\fR
+.B \-e, \-\-error\-gzip
 Make error response gzipped.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-dh\-param\-file=\fR<PATH>
-Path to  file that contains DH  parameters in PEM
-format.  Without  this option, DHE  cipher suites
-are not available.
+.B \-\-dh\-param\-file=<PATH>
+Path to file that contains  DH parameters in PEM format.
+Without  this   option,  DHE   cipher  suites   are  not
+available.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-early\-response\fR
-Start  sending response  when request  HEADERS is
-received,   rather  than   complete  request   is
-received.
+.B \-\-early\-response
+Start sending response when request HEADERS is received,
+rather than complete request is received.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-\-version\fR
+.B \-\-trailer=<HEADER>
+Add a trailer  header to a response.   <HEADER> must not
+include pseudo header field  (header field name starting
+with \(aq:\(aq).  The  trailer is sent only if  a response has
+body part.  Example: \fI\%\-\-trailer\fP \(aqfoo: bar\(aq.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-hexdump
+Display the  incoming traffic in  hexadecimal (Canonical
+hex+ASCII display).  If SSL/TLS  is used, decrypted data
+are used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-echo\-upload
+Send back uploaded content if method is POST or PUT.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-version
 Display version information and exit.
+.UNINDENT
+.INDENT 0.0
 .TP
-\fB\-h\fR, \fB\-\-help\fR
+.B \-h, \-\-help
 Display this help and exit.
-.SH "SEE ALSO"
-
-nghttp(1), nghttpx(1), h2load(1)
+.UNINDENT
+.sp
+The <SIZE> argument is an integer and an optional unit (e.g., 10K is
+10 * 1024).  Units are K, M and G (powers of 1024).
+.SH SEE ALSO
+.sp
+\fInghttp(1)\fP, \fInghttpx(1)\fP, \fIh2load(1)\fP
+.SH AUTHOR
+Tatsuhiro Tsujikawa
+.SH COPYRIGHT
+2012, 2015, Tatsuhiro Tsujikawa
+.\" Generated by docutils manpage writer.
+.
--- a/doc/nghttpd.1.rst
+++ b/doc/nghttpd.1.rst
@@ -1,138 +1,151 @@
-.. DO NOT MODIFY THIS FILE!  It was generated by man2rst.py
+
+.. GENERATED by help2rst.py.  DO NOT EDIT DIRECTLY.

 .. program:: nghttpd

 nghttpd(1)
 ==========

-NAME
----
-nghttpd - HTTP/2 experimental server
-
 SYNOPSIS
 --------
-**nghttpd** [OPTION]... <PORT> <PRIVATE_KEY> <CERT>

-**nghttpd** --no-tls [OPTION]... <PORT>
+**nghttpd** [OPTION]... <PORT> [<PRIVATE_KEY> <CERT>]

 DESCRIPTION
 -----------
+
 HTTP/2 experimental server

-.. option:: PORT
+.. describe:: <PORT>

    Specify listening port number.

-.. option:: PRIVATE_KEY
+.. describe:: <PRIVATE_KEY>

-    Set  path  to  server's  private  key.   Required
-    unless :option:`--no-tls` is specified.
    
-.. option:: CERT
+    Set  path  to  server's private  key.   Required  unless
+    :option:`--no-tls` is specified.

-    Set  path  to   server's  certificate.   Required
-    unless :option:`--no-tls` is specified.
+.. describe:: <CERT>
+
+    Set  path  to  server's  certificate.   Required  unless
+    :option:`--no-tls` is specified.

 OPTIONS
 -------

+.. option:: -a, --address=<ADDR>
+
+    The address to bind to.  If not specified the default IP
+    address determined by getaddrinfo is used.
+
 .. option:: -D, --daemon

-    
-    Run in a background.  If  :option:`-D` is used, the current
-    working directory  is changed to  '/'.  Therefore
-    if  this  option  is  used,  :option:`-d`  option  must  be
-    specified.
+    Run in a background.  If :option:`-D` is used, the current working
+    directory is  changed to '*/*'.  Therefore  if this option
+    is used, :option:`-d` option must be specified.

 .. option:: -V, --verify-client

-    
-    The  server sends  a client  certificate request.
-    If the  client did not return  a certificate, the
-    handshake is terminated.   Currently, this option
-    just requests  a client certificate and  does not
-    verify it.
+    The server  sends a client certificate  request.  If the
+    client did  not return  a certificate, the  handshake is
+    terminated.   Currently,  this  option just  requests  a
+    client certificate and does not verify it.

 .. option:: -d, --htdocs=<PATH>

-    
-    Specify  document root.   If this  option is  not
-    specified,  the  document  root  is  the  current
-    working directory.
+    Specify document root.  If this option is not specified,
+    the document root is the current working directory.

 .. option:: -v, --verbose

-    
-    Print  debug   information  such   as  reception/
-    transmission of frames and name/value pairs.
+    Print debug information  such as reception/ transmission
+    of frames and name/value pairs.

 .. option:: --no-tls

-    
    Disable SSL/TLS.

-.. option:: -c, --header-table-size=<N>
-
+.. option:: -c, --header-table-size=<SIZE>

    Specify decoder header table size.

 .. option:: --color

-    
    Force colored log output.

 .. option:: -p, --push=<PATH>=<PUSH_PATH,...>

-    
-    Push  resources   <PUSH_PATH>s  when   <PATH>  is
-    requested.  This option can be used repeatedly to
-    specify multiple push configurations.  <PATH> and
-    <PUSH_PATH>s are relative  to document root.  See
-    :option:`--htdocs`    option.      Example:    -p/=/foo.png
-    -p/doc=/bar.css
+    Push  resources <PUSH_PATH>s  when <PATH>  is requested.
+    This option  can be used repeatedly  to specify multiple
+    push  configurations.    <PATH>  and   <PUSH_PATH>s  are
+    relative  to   document  root.   See   :option:`--htdocs`  option.
+    Example: :option:`-p`\/=/foo.png :option:`-p`\/doc=/bar.css

 .. option:: -b, --padding=<N>

+    Add at  most <N>  bytes to a  frame payload  as padding.
+    Specify 0 to disable padding.

-    Add  at most  <N>  bytes to  a  frame payload  as
-    padding.  Specify 0 to disable padding.
+.. option:: -m, --max-concurrent-streams=<N>

-.. option:: -n, --workers=<CORE>
+    Set the maximum number of  the concurrent streams in one
+    HTTP/2 session.

+    Default: ``100``
+
+.. option:: -n, --workers=<N>

    Set the number of worker threads.
-    Default: 1
+
+    Default: ``1``

 .. option:: -e, --error-gzip

-    
    Make error response gzipped.

 .. option:: --dh-param-file=<PATH>

-    
-    Path to  file that contains DH  parameters in PEM
-    format.  Without  this option, DHE  cipher suites
-    are not available.
+    Path to file that contains  DH parameters in PEM format.
+    Without  this   option,  DHE   cipher  suites   are  not
+    available.

 .. option:: --early-response

+    Start sending response when request HEADERS is received,
+    rather than complete request is received.

-    Start  sending response  when request  HEADERS is
-    received,   rather  than   complete  request   is
-    received.
+.. option:: --trailer=<HEADER>
+
+    Add a trailer  header to a response.   <HEADER> must not
+    include pseudo header field  (header field name starting
+    with ':').  The  trailer is sent only if  a response has
+    body part.  Example: :option:`--trailer` 'foo: bar'.
+
+.. option:: --hexdump
+
+    Display the  incoming traffic in  hexadecimal (Canonical
+    hex+ASCII display).  If SSL/TLS  is used, decrypted data
+    are used.
+
+.. option:: --echo-upload
+
+    Send back uploaded content if method is POST or PUT.

 .. option:: --version

-    
    Display version information and exit.

 .. option:: -h, --help

-    
    Display this help and exit.

+
+
+The <SIZE> argument is an integer and an optional unit (e.g., 10K is
+10 * 1024).  Units are K, M and G (powers of 1024).
+
 SEE ALSO
 --------

-nghttp(1), nghttpx(1), h2load(1)
+:manpage:`nghttp(1)`, :manpage:`nghttpx(1)`, :manpage:`h2load(1)`
--- a/doc/nghttpd.h2m
+++ b/doc/nghttpd.h2m
@@ -1,3 +0,0 @@
-[SEE ALSO]
-
-nghttp(1), nghttpx(1), h2load(1)
--- a/doc/nghttpd.h2r
+++ b/doc/nghttpd.h2r
@@ -0,0 +1,4 @@
+SEE ALSO
+--------
+
+:manpage:`nghttp(1)`, :manpage:`nghttpx(1)`, :manpage:`h2load(1)`
--- a/doc/nghttpx.1
+++ b/doc/nghttpx.1
--- a/doc/nghttpx.1.rst
+++ b/doc/nghttpx.1.rst
--- a/doc/nghttpx.h2m
+++ b/doc/nghttpx.h2m
@@ -1,3 +0,0 @@
-[SEE ALSO]
-
-nghttp(1), nghttpd(1), h2load(1)
--- a/doc/nghttpx.h2r
+++ b/doc/nghttpx.h2r
@@ -0,0 +1,164 @@
+FILES
+-----
+
+*/etc/nghttpx/nghttpx.conf*
+  The default configuration file path nghttpx searches at startup.
+  The configuration file path can be changed using :option:`--conf`
+  option.
+
+  Those lines which are staring ``#`` are treated as comment.
+
+  The option name in the configuration file is the long command-line
+  option name with leading ``--`` stripped (e.g., ``frontend``).  Put
+  ``=`` between option name and value.  Don't put extra leading or
+  trailing spaces.
+
+  The options which do not take argument in the command-line *take*
+  argument in the configuration file.  Specify ``yes`` as an argument
+  (e.g., ``http2-proxy=yes``).  If other string is given, it is
+  ignored.
+
+  To specify private key and certificate file which are given as
+  positional arguments in command-line, use ``private-key-file`` and
+  ``certificate-file``.
+
+  :option:`--conf` option cannot be used in the configuration file and
+  will be ignored if specified.
+
+SIGNALS
+-------
+
+SIGQUIT
+  Shutdown gracefully.  First accept pending connections and stop
+  accepting connection.  After all connections are handled, nghttpx
+  exits.
+
+SIGUSR1
+  Reopen log files.
+
+SIGUSR2
+  Fork and execute nghttpx.  It will execute the binary in the same
+  path with same command-line arguments and environment variables.
+  After new process comes up, sending SIGQUIT to the original process
+  to perform hot swapping.
+
+SERVER PUSH
+-----------
+
+nghttpx supports HTTP/2 server push in default mode.  nghttpx looks
+for Link header field (`RFC 5988
+<http://tools.ietf.org/html/rfc5988>`_) in response headers from
+backend server and extracts URI-reference with parameter
+``rel=preload`` (see `preload
+<http://w3c.github.io/preload/#interoperability-with-http-link-header>`_)
+and pushes those URIs to the frontend client. Here is a sample Link
+header field to initiate server push:
+
+.. code-block:: http
+
+  Link: </fonts/font.woff>; rel=preload
+  Link: </css/theme.css>; rel=preload
+
+Currently, the following restrictions are applied for server push:
+
+1. URI-reference must not contain authority.  If it exists, it is not
+   pushed.  ``/fonts/font.woff`` and ``css/theme.css`` are eligible to
+   be pushed.  ``https://example.org/fonts/font.woff`` and
+   ``//example.org/css/theme.css`` are not.
+
+2. The associated stream must have method "GET" or "POST".  The
+   associated stream's status code must be 200.
+
+These limitations may be loosened in the future release.
+
+UNIX DOMAIN SOCKET
+------------------
+
+nghttpx supports UNIX domain socket with a filename for both frontend
+and backend connections.
+
+Please note that current nghttpx implementation does not delete a
+socket with a filename.  And on start up, if nghttpx detects that the
+specified socket already exists in the file system, nghttpx first
+deletes it.  However, if SIGUSR2 is used to execute new binary and
+both old and new configurations use same filename, new binary does not
+delete the socket and continues to use it.
+
+OCSP STAPLING
+-------------
+
+OCSP query is done using external Python script
+``fetch-ocsp-response``, which has been originally developed in Perl
+as part of h2o project (https://github.com/h2o/h2o), and was
+translated into Python.
+
+The script file is usually installed under
+``$(prefix)/share/nghttp2/`` directory.  The actual path to script can
+be customized using :option:`--fetch-ocsp-response-file` option.
+
+If OCSP query is failed, previous OCSP response, if any, is continued
+to be used.
+
+TLS SESSION RESUMPTION
+----------------------
+
+nghttpx supports TLS session resumption through both session ID and
+session ticket.
+
+SESSION ID RESUMPTION
+~~~~~~~~~~~~~~~~~~~~~
+
+By default, session ID is shared by all worker threads.
+
+If :option:`--tls-session-cache-memcached` is given, nghttpx will
+insert serialized session data to memcached with
+``nghttpx:tls-session-cache:`` + lowercased hex string of session ID
+as a memcached entry key, with expiry time 12 hours.  Session timeout
+is set to 12 hours.
+
+TLS SESSION TICKET RESUMPTION
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+By default, session ticket is shared by all worker threads.  The
+automatic key rotation is also enabled by default.  Every an hour, new
+encryption key is generated, and previous encryption key becomes
+decryption only key.  We set session timeout to 12 hours, and thus we
+keep at most 12 keys.
+
+If :option:`--tls-ticket-key-memcached` is given, encryption keys are
+retrieved from memcached.  nghttpx just reads keys from memcached; one
+has to deploy key generator program to update keys frequently (e.g.,
+every 1 hour).  The example key generator tlsticketupdate.go is
+available under contrib directory in nghttp2 archive.  The memcached
+entry key is ``nghttpx:tls-ticket-key``.  The data format stored in
+memcached is the binary format described below::
+
+    +--------------+-------+----------------+
+    | VERSION (4)  |LEN (2)|KEY(48 or 80) ...
+    +--------------+-------+----------------+
+                   ^                        |
+		   |                        |
+		   +------------------------+
+                   (LEN, KEY) pair can be repeated
+
+All numbers in the above figure is bytes.  All integer fields are
+network byte order.
+
+First 4 bytes integer VERSION field, which must be 1.  The 2 bytes
+integer LEN field gives the length of following KEY field, which
+contains key.  If :option:`--tls-ticket-key-cipher`\=aes-128-cbc is
+used, LEN must be 48.  If
+:option:`--tls-ticket-key-cipher`\=aes-256-cbc is used, LEN must be
+80.  LEN and KEY pair can be repeated multiple times to store multiple
+keys.  The key appeared first is used as encryption key.  All the
+remaining keys are used as decryption only.
+
+If :option:`--tls-ticket-key-file` is given, encryption key is read
+from the given file.  In this case, nghttpx does not rotate key
+automatically.  To rotate key, one has to restart nghttpx (see
+SIGNALS).
+
+SEE ALSO
+--------
+
+:manpage:`nghttp(1)`, :manpage:`nghttpd(1)`, :manpage:`h2load(1)`
--- a/doc/programmers-guide.rst
+++ b/doc/programmers-guide.rst
@@ -0,0 +1,105 @@
+Programmers' Guide
+==================
+
+Includes
+--------
+
+To use the public APIs, include ``nghttp2/nghttp2.h``::
+
+    #include <nghttp2/nghttp2.h>
+
+The header files are also available online: :doc:`nghttp2.h` and
+:doc:`nghttp2ver.h`.
+
+Remarks
+-------
+
+Do not call `nghttp2_session_send()`, `nghttp2_session_mem_send()`,
+`nghttp2_session_recv()` or `nghttp2_session_mem_recv()` from the
+nghttp2 callback functions directly or indirectly. It will lead to the
+crash.  You can submit requests or frames in the callbacks then call
+these functions outside the callbacks.
+
+`nghttp2_session_send()` and `nghttp2_session_mem_send()` send first
+24 bytes of client magic string (MAGIC)
+(:macro:`NGHTTP2_CLIENT_MAGIC`) on client configuration.  The
+applications are responsible to send SETTINGS frame as part of
+connection preface using `nghttp2_submit_settings()`.  Similarly,
+`nghttp2_session_recv()` and `nghttp2_session_mem_recv()` consume
+MAGIC on server configuration unless
+`nghttp2_option_set_no_recv_client_magic()` is used with nonzero
+option value.
+
+.. _http-messaging:
+
+HTTP Messaging
+--------------
+
+By default, nghttp2 library checks HTTP messaging rules described in
+`HTTP/2 specification, section 8
+<https://tools.ietf.org/html/draft-ietf-httpbis-http2-17#section-8>`_.
+Everything described in that section is not validated however.  We
+briefly describe what the library does in this area.  In the following
+description, without loss of generality we omit CONTINUATION frame
+since they must follow HEADERS frame and are processed atomically.  In
+other words, they are just one big HEADERS frame.  To disable these
+validations, use `nghttp2_option_set_no_http_messaging()`.
+
+For HTTP request, including those carried by PUSH_PROMISE, HTTP
+message starts with one HEADERS frame containing request headers.  It
+is followed by zero or more DATA frames containing request body, which
+is followed by zero or one HEADERS containing trailer headers.  The
+request headers must include ":scheme", ":method" and ":path" pseudo
+header fields unless ":method" is not "CONNECT".  ":authority" is
+optional, but nghttp2 requires either ":authority" or "Host" header
+field must be present.  If ":method" is "CONNECT", the request headers
+must include ":method" and ":authority" and must omit ":scheme" and
+":path".
+
+For HTTP response, HTTP message starts with zero or more HEADERS
+frames containing non-final response (status code 1xx).  They are
+followed by one HEADERS frame containing final response headers
+(non-1xx).  It is followed by zero or more DATA frames containing
+response body, which is followed by zero or one HEADERS containing
+trailer headers.  The non-final and final response headers must
+contain ":status" pseudo header field containing 3 digits only.
+
+All request and response headers must include exactly one valid value
+for each pseudo header field.  Additionally nghttp2 requires all
+request headers must not include more than one "Host" header field.
+
+HTTP/2 prohibits connection-specific header fields.  The following
+header fields must not appear: "Connection", "Keep-Alive",
+"Proxy-Connection", "Transfer-Encoding" and "Upgrade".  Additionally,
+"TE" header field must not include any value other than "trailers".
+
+Each header field name and value must obey the field-name and
+field-value production rules described in `RFC 7230, section
+3.2. <https://tools.ietf.org/html/rfc7230#section-3.2>`_.
+Additionally, all field name must be lower cased.  While the pseudo
+header fields must satisfy these rules, we just ignore illegal regular
+headers (this means that these header fields are not passed to
+application callback).  This is because these illegal header fields
+are floating around in existing internet and resetting stream just
+because of this may break many web sites.  This is especially true if
+we forward to or translate from HTTP/1 traffic.
+
+For "http" or "https" URIs, ":path" pseudo header fields must start
+with "/".  The only exception is OPTIONS request, in that case, "*" is
+allowed in ":path" pseudo header field to represent system-wide
+OPTIONS request.
+
+With the above validations, nghttp2 library guarantees that header
+field name passed to `nghttp2_on_header_callback()` is not empty.
+Also required pseudo headers are all present and not empty.
+
+nghttp2 enforces "Content-Length" validation as well.  All request or
+response headers must not contain more than one "Content-Length"
+header field.  If "Content-Length" header field is present, it must be
+parsed as 64 bit signed integer.  The sum of data length in the
+following DATA frames must match with the number in "Content-Length"
+header field if it is present (this does not include padding bytes).
+
+Any deviation results in stream error of type PROTOCOL_ERROR.  If
+error is found in PUSH_PROMISE frame, stream error is raised against
+promised stream.
--- a/doc/sources/building-android-binary.rst
+++ b/doc/sources/building-android-binary.rst
@@ -21,7 +21,9 @@ unpacked::

    $ build/tools/make-standalone-toolchain.sh \
      --install-dir=$ANDROID_HOME/toolchain \
-      --toolchain=arm-linux-androideabi-4.8
+      --toolchain=arm-linux-androideabi-4.9 \
+      --llvm-version=3.5 \
+      --platform=android-16

 The additional flag ``--system=linux-x86_64`` may be required if you
 are using x86_64 system.
@@ -29,13 +31,14 @@ are using x86_64 system.
 The platform level is not important here because we don't use Android
 specific C/C++ API.

-The dependent libraries, such as OpenSSL and libevent should be built
+The dependent libraries, such as OpenSSL and libev should be built
 with the toolchain and installed under ``$ANDROID_HOME/usr/local``.
 We recommend to build these libraries as static library to make the
 deployment easier.  libxml2 support is currently disabled.

-We use zlib which comes with Android NDK, so we don't have to build it
-by ourselves.
+Although zlib comes with Android NDK, it seems not to be a part of
+public API, so we have to built it for our own.  That also provides us
+proper .pc file as a bonus.

 If SPDY support is required for nghttpx and h2load, build and install
 spdylay as well.
@@ -46,7 +49,9 @@ correct path.  Also add ``$ANDROID_HOME/toolchain/bin`` to ``PATH``::

    $ export PATH=$PATH:$ANDROID_HOME/toolchain/bin

-To configure OpenSSL, use the following script::
+To configure OpenSSL, use the following script:
+
+.. code-block:: sh

    #!/bin/sh

@@ -63,7 +68,12 @@ To configure OpenSSL, use the following script::

 And run ``make install`` to build and install.

-To configure libevent, use the following script::
+We cannot compile libev without modification.  Apply `this patch
+<https://gist.github.com/tatsuhiro-t/48c45f08950f587180ed>`_ before
+configuring libev.  This patch is for libev-4.19.  After applying the
+patch, to configure libev, use the following script:
+
+.. code-block:: sh

    #!/bin/sh

@@ -86,7 +96,40 @@ To configure libevent, use the following script::

 And run ``make install`` to build and install.

-To configure spdylay, use the following script::
+To configure zlib, use the following script:
+
+.. code-block:: sh
+
+    #!/bin/sh -e
+
+    if [ -z "$ANDROID_HOME" ]; then
+        echo 'No $ANDROID_HOME specified.'
+        exit 1
+    fi
+    PREFIX=$ANDROID_HOME/usr/local
+    TOOLCHAIN=$ANDROID_HOME/toolchain
+    PATH=$TOOLCHAIN/bin:$PATH
+
+    HOST=arm-linux-androideabi
+
+    CC=$HOST-gcc \
+    AR=$HOST-ar \
+    LD=$HOST-ld \
+    RANLIB=$HOST-ranlib \
+    STRIP=$HOST-strip \
+    ./configure \
+        --prefix=$PREFIX \
+        --libdir=$PREFIX/lib \
+        --includedir=$PREFIX/include \
+        --static
+
+And run ``make install`` to build and install.
+
+To configure spdylay, use the following script:
+
+.. code-block:: sh
+
+    #!/bin/sh -e

    if [ -z "$ANDROID_HOME" ]; then
 	echo 'No $ANDROID_HOME specified.'
@@ -108,11 +151,7 @@ To configure spdylay, use the following script::
 	PKG_CONFIG_LIBDIR="$PREFIX/lib/pkgconfig" \
 	LDFLAGS="-L$PREFIX/lib"

-And run ``make install`` to build and install.  After spdylay
-installation, edit $ANDROID_HOME/usr/local/lib/pkgconfig/libspdylay.pc
-and remove the following line::
-
-    Requires.private: zlib
+And run ``make install`` to build and install.

 After prerequisite libraries are prepared, run ``android-config`` and
 then ``android-make`` to compile nghttp2 source files.
--- a/doc/sources/h2load-howto.rst
+++ b/doc/sources/h2load-howto.rst
@@ -50,8 +50,9 @@ Flow Control
 ------------

 HTTP/2 and SPDY/3 or later employ flow control and it may affect
-benchmarking results.  To adjust receiver flow control window size,
-there is following options:
+benchmarking results.  By default, h2load uses large enough flow
+control window, which effectively disables flow control.  To adjust
+receiver flow control window size, there are following options:

 ``-w``
   Sets  the stream  level  initial  window size  to
@@ -86,5 +87,5 @@ If multiple URIs are specified, they are used in round robin manner.

 .. note::

-    Please note that h2load uses sheme, host and port in the first URI
+    Please note that h2load uses scheme, host and port in the first URI
    and ignores those parts in the rest of the URIs.
--- a/doc/sources/index.rst
+++ b/doc/sources/index.rst
@@ -28,14 +28,18 @@ Contents:
   h2load.1
   nghttpx-howto
   h2load-howto
+   programmers-guide
   apiref
   libnghttp2_asio
   python-apiref
   nghttp2.h
   nghttp2ver.h
+   asio_http2_server.h
+   asio_http2_client.h
   asio_http2.h
   Source <https://github.com/tatsuhiro-t/nghttp2>
   Issues <https://github.com/tatsuhiro-t/nghttp2/issues>
+   nghttp2.org <https://nghttp2.org/>

 Released Versions
 =================
@@ -45,6 +49,5 @@ https://github.com/tatsuhiro-t/nghttp2/releases
 Resources
 ---------

-* http://tools.ietf.org/html/draft-ietf-httpbis-http2-14
-* http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09
-* http://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-04
+* HTTP/2 https://tools.ietf.org/html/rfc7540
+* HPACK https://tools.ietf.org/html/rfc7541
--- a/doc/sources/libnghttp2_asio.rst
+++ b/doc/sources/libnghttp2_asio.rst
@@ -4,7 +4,7 @@ libnghttp2_asio: High level HTTP/2 C++ library
 libnghttp2_asio is C++ library built on top of libnghttp2 and provides
 high level abstraction API to build HTTP/2 applications.  It depends
 on Boost::ASIO library and OpenSSL.  Currently libnghttp2_asio
-provides server side API.
+provides server and client side API.

 libnghttp2_asio is not built by default.  Use ``--enable-asio-lib``
 configure flag to build libnghttp2_asio.  The required Boost libraries
@@ -14,42 +14,64 @@ are:
 * Boost::System
 * Boost::Thread

-To use libnghttp2_asio, first include following header file:
+We have 3 header files for this library:

-.. code-block:: cpp
+* :doc:`asio_http2_server.h`
+* :doc:`asio_http2_client.h`
+* :doc:`asio_http2.h`

-    #include <nghttp2/asio_http2.h>
+asio_http2.h is included from the other two files.

-Also take a look at that header file :doc:`asio_http2.h`.
+To build a program with libnghttp2_asio, link to the following
+libraries::
+
+    -lnghttp2_asio -lboost_system
+
+If ``boost::asio::ssl`` is used in application code, OpenSSL is also
+required in link line::
+
+    -lnghttp2_asio -lboost_system -lssl -lcrypto

 Server API
 ----------

+To use server API, first include following header file:
+
+.. code-block:: cpp
+
+    #include <nghttp2/asio_http2_server.h>
+
+Also take a look at that header file :doc:`asio_http2_server.h`.
+
 Server API is designed to build HTTP/2 server very easily to utilize
 C++11 anonymous function and closure.  The bare minimum example of
 HTTP/2 server looks like this:

 .. code-block:: cpp

-    #include <nghttp2/asio_http2.h>
-
    using namespace nghttp2::asio_http2;
    using namespace nghttp2::asio_http2::server;

    int main(int argc, char *argv[]) {
+      boost::system::error_code ec;
      http2 server;

-      server.listen("*", 3000, [](const std::shared_ptr<request> &req,
-                                  const std::shared_ptr<response> &res) {
-        res->write_head(200);
-        res->end("hello, world");
+      server.handle("/", [](const request &req, const response &res) {
+        res.write_head(200);
+        res.end("hello, world\n");
      });
+
+      if (server.listen_and_serve(ec, "localhost", "3000")) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
    }

 First we instantiate ``nghttp2::asio_http2::server::http2`` object.
-Then call ``nghttp2::asio_http2::server::http2::listen`` function with
-address and port to listen to and callback function, namely "request
-callback", invoked when request arrives.
+``nghttp2::asio_http2::server::http2::handle`` function registers
+pattern and its handler function.  In this example, we register "/" as
+pattern, which matches all requests.  Then call
+``nghttp2::asio_http2::server::http2::listen_and_serve`` function with
+address and port to listen to.

 The ``req`` and ``res`` represent HTTP request and response
 respectively.  ``nghttp2::asio_http2_::server::response::write_head``
@@ -58,9 +80,13 @@ status code, in the above example, which is 200.  The second argument,
 which is omitted in the above example, is additional header fields to
 send.

-``nghttp2::asio_http2::server::response::end`` sends responde body.
+``nghttp2::asio_http2::server::response::end`` sends response body.
 In the above example, we send string "hello, world".

+The life time of req and res object ends after the callback set by
+``nghttp2::asio_http2::server::response::on_close`` function.
+Application must not use those objects after this call.
+
 Serving static files and enabling SSL/TLS
 +++++++++++++++++++++++++++++++++++++++++

@@ -69,40 +95,47 @@ SSL/TLS.

 .. code-block:: cpp

-    #include <nghttp2/asio_http2.h>
+    #include <nghttp2/asio_http2_server.h>

    using namespace nghttp2::asio_http2;
    using namespace nghttp2::asio_http2::server;

    int main(int argc, char *argv[]) {
+      boost::system::error_code ec;
+      boost::asio::ssl::context tls(boost::asio::ssl::context::sslv23);
+
+      tls.use_private_key_file("server.key", boost::asio::ssl::context::pem);
+      tls.use_certificate_chain_file("server.crt");
+
+      configure_tls_context_easy(ec, tls);
+
      http2 server;

-      server.tls("server.key", "server.crt");
-
-      server.listen("*", 3000, [](const std::shared_ptr<request> &req,
-                                  const std::shared_ptr<response> &res) {
-        if (req->path() == "/" || req->path() == "/index.html") {
-          res->write_head(200);
-          res->end(file_reader("index.html"));
-        } else {
-          res->write_head(404);
-          res->end("<html><head><title>404</title></head>"
-                   "<body>404 Not Found</body></html>");
-        }
+      server.handle("/index.html", [](const request &req, const response &res) {
+        res.write_head(200);
+        res.end(file_generator("index.html"));
      });
+
+      if (server.listen_and_serve(ec, tls, "localhost", "3000")) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
    }

-Specifying path to private key file and certificate file in
-``nghttp2::asio_http2::server::http2::tls`` will enable SSL/TLS.  Both
-files must be in PEM format.
+We first create ``boost::asio::ssl::context`` object and set path to
+private key file and certificate file.
+``nghttp2::asio_http2::server::configure_tls_context_easy`` function
+configures SSL/TLS context object for HTTP/2 server use, including NPN
+callbacks.

-In the above example, if request path is either "/" or "/index.html",
-we serve index.html file in the current working directory.
+In the above example, if request path is "/index.html", we serve
+index.html file in the current working directory.
 ``nghttp2::asio_http2::server::response::end`` has overload to take
-function of type ``nghttp2::asio_http2::read_cb`` and application pass
-its implementation to generate response body.  For the convenience,
-libnghttp2_asio library provides ``nghttp2::asio_http2::file_reader``
-function to generate function to server static file.
+function of type ``nghttp2::asio_http2::generator_cb`` and application
+pass its implementation to generate response body.  For the
+convenience, libnghttp2_asio library provides
+``nghttp2::asio_http2::file_generator`` function to generate function
+to server static file.  If other resource is requested, server
+automatically responds with 404 status code.

 Server push
 +++++++++++
@@ -111,44 +144,56 @@ Server push is also supported.

 .. code-block:: cpp

-    #include <nghttp2/asio_http2.h>
+    #include <nghttp2/asio_http2_server.h>

    using namespace nghttp2::asio_http2;
    using namespace nghttp2::asio_http2::server;

    int main(int argc, char *argv[]) {
+      boost::system::error_code ec;
+      boost::asio::ssl::context tls(boost::asio::ssl::context::sslv23);
+
+      tls.use_private_key_file("server.key", boost::asio::ssl::context::pem);
+      tls.use_certificate_chain_file("server.crt");
+
+      configure_tls_context_easy(ec, tls);
+
      http2 server;

-      server.tls("server.key", "server.crt");
+      std::string style_css = "h1 { color: green; }";

-      server.listen("*", 3000, [](const std::shared_ptr<request> &req,
-                                  const std::shared_ptr<response> &res) {
-        if (req->path() == "/") {
-          req->push("GET", "/my.css");
+      server.handle("/", [&style_css](const request &req, const response &res) {
+        boost::system::error_code ec;
+        auto push = res.push(ec, "GET", "/style.css");
+        push->write_head(200);
+        push->end(style_css);

-          res->write_head(200);
-          res->end(file_reader("index.html"));
-
-          return;
-        }
-
-        if (req->path() == "/my.css") {
-          res->write_head(200);
-          res->end(file_reader("my.css"));
-
-          return;
-        }
-
-        res->write_head(404);
-        res->end("<html><head><title>404</title></head>"
-                 "<body>404 Not Found</body></html>");
+        res.write_head(200);
+        res.end(R"(
+    <!DOCTYPE html><html lang="en">
+    <title>HTTP/2 FTW</title><body>
+    <link href="/style.css" rel="stylesheet" type="text/css">
+    <h1>This should be green</h1>
+    </body></html>
+    )");
      });
+
+      server.handle("/style.css",
+                    [&style_css](const request &req, const response &res) {
+        res.write_head(200);
+        res.end(style_css);
+      });
+
+      if (server.listen_and_serve(ec, tls, "localhost", "3000")) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
    }

-When client requested "/", we push "/my.css".  To push resource, call
-``nghttp2::asio_http2::server::request::push`` function with desired
-method and path.  Later, the callback will be called with the pushed
-resource "/my.css".
+When client requested any resource other than "/style.css", we push
+"/style.css".  To push resource, call
+``nghttp2::asio_http2::server::response::push`` function with desired
+method and path.  It returns another response object and use its
+functions to send push response.

 Enable multi-threading
 ++++++++++++++++++++++
@@ -164,65 +209,225 @@ desired number of threads:
    // Use 4 native threads
    server.num_threads(4);

-Run blocking tasks in background thread
-+++++++++++++++++++++++++++++++++++++++
+Client API
+----------

-The request callback is called in the same thread where HTTP request
-is handled.  And many connections shares the same thread, we cannot
-directly run blocking tasks in request callback.
-
-To run blocking tasks, use
-``nghttp2::asio_http2::server::request::run_task``.  The passed
-callback will be executed in the different thread from the thread
-where request callback was executed.  So application can perform
-blocking task there.  The example follows:
+To use client API, first include following header file:

 .. code-block:: cpp

-    #include <unistd.h>
-    #include <nghttp2/asio_http2.h>
+    #include <nghttp2/asio_http2_client.h>
+
+Also take a look at that header file :doc:`asio_http2_client.h`.
+
+Here is the sample client code to access HTTP/2 server and print out
+response header fields and response body to the console screen:
+
+.. code-block:: cpp
+
+    #include <iostream>
+
+    #include <nghttp2/asio_http2_client.h>
+
+    using boost::asio::ip::tcp;

    using namespace nghttp2::asio_http2;
-    using namespace nghttp2::asio_http2::server;
+    using namespace nghttp2::asio_http2::client;

    int main(int argc, char *argv[]) {
-      http2 server;
+      boost::system::error_code ec;
+      boost::asio::io_service io_service;

-      server.num_concurrent_tasks(16);
+      // connect to localhost:3000
+      session sess(io_service, "localhost", "3000");

-      server.listen("*", 3000, [](const std::shared_ptr<request> &req,
-                                  const std::shared_ptr<response> &res) {
-        req->run_task([res](channel &channel) {
-          // executed in different thread than the thread where
-          // request callback was executed.
+      sess.on_connect([&sess](tcp::resolver::iterator endpoint_it) {
+	boost::system::error_code ec;

-          // using res directly here is not safe.  Capturing it by
-          // value is safe because it is std::shared_ptr.
+	auto req = sess.submit(ec, "GET", "http://localhost:3000/");

-          sleep(1);
+	req->on_response([](const response &res) {
+	  // print status code and response header fields.
+	  std::cerr << "HTTP/2 " << res.status_code() << std::endl;
+	  for (auto &kv : res.header()) {
+	    std::cerr << kv.first << ": " << kv.second.value << "\n";
+	  }
+	  std::cerr << std::endl;

-          channel.post([res]() {
-            // executed in the same thread where request callback
-            // was executed.
-            res->write_head(200);
-            res->end("hello, world");
+	  res.on_data([](const uint8_t *data, std::size_t len) {
+	    std::cerr.write(reinterpret_cast<const char *>(data), len);
+	    std::cerr << std::endl;
 	  });
 	});
+
+	req->on_close([&sess](uint32_t error_code) {
+	  // shutdown session after first request was done.
+	  sess.shutdown();
 	});
+      });
+
+      sess.on_error([](const boost::system::error_code &ec) {
+	std::cerr << "error: " << ec.message() << std::endl;
+      });
+
+      io_service.run();
    }

-First we set the number of background threads which run tasks.  By
-default it is set to 1.  In this example, we set it to 16, so at most
-16 tasks can be executed concurrently without blocking handling new
-requests.
+``nghttp2::asio_http2::client::session`` object takes
+``boost::asio::io_service`` object and remote server address.  When
+connection is made, the callback function passed to
+``nghttp2::asio_http2::client::on_connect`` is invoked with connected
+address as its parameter.  After this callback call, use
+``nghttp2::asio_http2::session::submit`` to send request to the
+server.  You can submit multiple requests at once without waiting for
+the completion of previous request.

-We call ``req->run_task()`` to execute task in background thread.  In
-the passed callback, we just simply sleeps 1 second.  After sleep is
-over, we schedule another callback to send response to the client.
-Since the callback passed to ``req->run_task()`` is executed in the
-different thread from the thread where request callback is called,
-using ``req`` or ``res`` object directly there may cause undefined
-behaviour.  To avoid this issue, we can use
-``nghttp2::asio_http2::channel::post`` by supplying a callback which
-in turn get called in the same thread where request callback was
-called.
+The life time of req and res object ends after the callback set by
+``nghttp2::asio_http2::server::request::on_close`` function.
+Application must not use those objects after this call.
+
+Normally, client does not stop even after all requests are done unless
+connection is lost.  To stop client, call
+``nghttp2::asio_http2::server::session::shutdown()``.
+
+Recieve server push and enable SSL/TLS
++++++++++++++++++++++++++++++++++++++
+
+.. code-block:: cpp
+
+    #include <iostream>
+
+    #include <nghttp2/asio_http2_client.h>
+
+    using boost::asio::ip::tcp;
+
+    using namespace nghttp2::asio_http2;
+    using namespace nghttp2::asio_http2::client;
+
+    int main(int argc, char *argv[]) {
+      boost::system::error_code ec;
+      boost::asio::io_service io_service;
+
+      boost::asio::ssl::context tls(boost::asio::ssl::context::sslv23);
+      tls.set_default_verify_paths();
+      // disabled to make development easier...
+      // tls_ctx.set_verify_mode(boost::asio::ssl::verify_peer);
+      configure_tls_context(ec, tls);
+
+      // connect to localhost:3000
+      session sess(io_service, tls, "localhost", "3000");
+
+      sess.on_connect([&sess](tcp::resolver::iterator endpoint_it) {
+	boost::system::error_code ec;
+
+	auto req = sess.submit(ec, "GET", "http://localhost:3000/");
+
+	req->on_response([&sess](const response &res) {
+	  std::cerr << "response received!" << std::endl;
+	  res.on_data([&sess](const uint8_t *data, std::size_t len) {
+	    std::cerr.write(reinterpret_cast<const char *>(data), len);
+	    std::cerr << std::endl;
+	  });
+	});
+
+	req->on_push([](const request &push) {
+	  std::cerr << "push request received!" << std::endl;
+	  push.on_response([](const response &res) {
+	    std::cerr << "push response received!" << std::endl;
+	    res.on_data([](const uint8_t *data, std::size_t len) {
+	      std::cerr.write(reinterpret_cast<const char *>(data), len);
+	      std::cerr << std::endl;
+	    });
+	  });
+	});
+      });
+
+      sess.on_error([](const boost::system::error_code &ec) {
+	std::cerr << "error: " << ec.message() << std::endl;
+      });
+
+      io_service.run();
+    }
+
+The above sample code demonstrates how to enable SSL/TLS and receive
+server push.  Currently,
+``nghttp2::asio_http2::client::configure_tls_context`` function setups
+NPN callbacks for SSL/TLS context for HTTP/2 use.
+
+To receive server push, use
+``nghttp2::asio_http2::client::request::on_push`` function to set
+callback function which is invoked when server push request is
+arrived.  The callback function takes
+``nghttp2::asio_http2::client::request`` object, which contains the
+pushed request.  To get server push response, set callback using
+``nghttp2::asio_http2::client::request::on_response``.
+
+As stated in the previous section, client does not stop automatically
+as long as HTTP/2 session is fine and connection is alive.  We don't
+call ``nghttp2::asio_http2::client::session::shutdown`` in this
+example, so the program does not terminate after all responses are
+received.  Hit Ctrl-C to terminate the program.
+
+Multiple concurrent requests
++++++++++++++++++++++++++++
+
+.. code-block:: cpp
+
+    #include <iostream>
+
+    #include <nghttp2/asio_http2_client.h>
+
+    using boost::asio::ip::tcp;
+
+    using namespace nghttp2::asio_http2;
+    using namespace nghttp2::asio_http2::client;
+
+    int main(int argc, char *argv[]) {
+      boost::system::error_code ec;
+      boost::asio::io_service io_service;
+
+      // connect to localhost:3000
+      session sess(io_service, "localhost", "3000");
+
+      sess.on_connect([&sess](tcp::resolver::iterator endpoint_it) {
+	boost::system::error_code ec;
+
+	auto printer = [](const response &res) {
+	  res.on_data([](const uint8_t *data, std::size_t len) {
+	    std::cerr.write(reinterpret_cast<const char *>(data), len);
+	    std::cerr << std::endl;
+	  });
+	};
+
+	std::size_t num = 3;
+	auto count = std::make_shared<int>(num);
+
+	for (std::size_t i = 0; i < num; ++i) {
+	  auto req = sess.submit(ec, "GET",
+				 "http://localhost:3000/" + std::to_string(i + 1));
+
+	  req->on_response(printer);
+	  req->on_close([&sess, count](uint32_t error_code) {
+	    if (--*count == 0) {
+	      // shutdown session after |num| requests were done.
+	      sess.shutdown();
+	    }
+	  });
+	}
+      });
+
+      sess.on_error([](const boost::system::error_code &ec) {
+	std::cerr << "error: " << ec.message() << std::endl;
+      });
+
+      io_service.run();
+    }
+
+Here is the sample to send 3 requests at once.  Depending on the
+server settings, these requests are processed out-of-order.  In this
+example, we have a trick to shutdown session after all requests were
+done.  We made ``count`` object which is shared pointer to int and is
+initialized to 3.  On each request closure (the invocation of the
+callback set by ``nghttp2::asio_http2::client::request::on_close``),
+we decrement the count.  If count becomes 0, we are sure that all
+requests have been done and initiate shutdown.
--- a/doc/sources/nghttpx-howto.rst
+++ b/doc/sources/nghttpx-howto.rst
@@ -21,7 +21,7 @@ SSL/TLS, the frontend also supports SPDY protocol.
 By default, this mode's frontend connection is encrypted using
 SSL/TLS.  So server's private key and certificate must be supplied to
 the command line (or through configuration file).  In this case, the
-fontend protocol selection will is done via ALPN or NPN.
+frontend protocol selection will be done via ALPN or NPN.

 With ``--frontend-no-tls`` option, user can turn off SSL/TLS in
 frontend connection.  In this case, SPDY protocol is not available
@@ -52,15 +52,15 @@ like forward proxy and assumes the backend is HTTP/1 proxy server
 (e.g., squid, traffic server).  So HTTP/1 request must include
 absolute URI in request line.

-By default, frontend connection is encrypted, this mode is also called
-secure proxy.  If nghttpx is linked with spdylay, it supports SPDY
-protocols and it works as so called SPDY proxy.
+By default, frontend connection is encrypted.  So this mode is also
+called secure proxy.  If nghttpx is linked with spdylay, it supports
+SPDY protocols and it works as so called SPDY proxy.

 With ``--frontend-no-tls`` option, SSL/TLS is turned off in frontend
 connection, so the connection gets insecure.

-The backend must be HTTP/1 proxy server.  nghttpx only supports 1
-backend server address.  It translates incoming requests to HTTP/1
+The backend must be HTTP/1 proxy server.  nghttpx supports multiple
+backend server addresses.  It translates incoming requests to HTTP/1
 request to backend server.  The backend server performs real proxy
 work for each request, for example, dispatching requests to the origin
 server and caching contents.
@@ -87,7 +87,7 @@ proxy, user has to create proxy.pac script file like this:

 ``SERVERADDR`` and ``PORT`` is the hostname/address and port of the
 machine nghttpx is running.  Please note that both Firefox nightly and
-Chromium requires valid certificate for secure proxy.
+Chromium require valid certificate for secure proxy.

 For Firefox nightly, open Preference window and select Advanced then
 click Network tab.  Clicking Connection Settings button will show the
@@ -100,9 +100,9 @@ For Chromium, use following command-line::

    $ google-chrome --proxy-pac-url=file:///path/to/proxy.pac --use-npn

-Squid may work as out-of-box.  Traffic server requires to be
-configured as forward proxy.  Here is the minimum configuration items
-to edit::
+As HTTP/1 proxy server, Squid may work as out-of-box.  Traffic server
+requires to be configured as forward proxy.  Here is the minimum
+configuration items to edit::

    CONFIG proxy.config.reverse_proxy.enabled INT 0
    CONFIG proxy.config.url_remap.remap_required INT 0
@@ -124,7 +124,9 @@ HTTP/1 frontend connection can be upgraded to HTTP/2 using HTTP
 Upgrade.  To disable SSL/TLS in backend connection, use
 ``--backend-no-tls`` option.

-The backend connection is created one per worker (thread).
+By default, the number of backend HTTP/2 connections per worker
+(thread) is determined by number of ``-b`` option.  To adjust this
+value, use ``--backend-http2-connections-per-worker`` option.

 The backend server is supporsed to be a HTTP/2 web server (e.g.,
 nghttpd).  The one use-case of this mode is utilize existing HTTP/1
@@ -156,7 +158,9 @@ HTTP/1 frontend connection can be upgraded to HTTP/2 using HTTP
 Upgrade.  To disable SSL/TLS in backend connection, use
 ``--backend-no-tls`` option.

-The backend connection is created one per worker (thread).
+By default, the number of backend HTTP/2 connections per worker
+(thread) is determined by number of ``-b`` option.  To adjust this
+value, use ``--backend-http2-connections-per-worker`` option.

 The backend server must be a HTTP/2 proxy.  You can use nghttpx in
 `HTTP/2 proxy mode`_ as backend server.  The one use-case of this mode
@@ -196,10 +200,14 @@ With ``--frontend-no-tls`` option, SSL/TLS is turned off in frontend
 connection, so the connection gets insecure.  To disable SSL/TLS in
 backend connection, use ``--backend-no-tls`` option.

+By default, the number of backend HTTP/2 connections per worker
+(thread) is determined by number of ``-b`` option.  To adjust this
+value, use ``--backend-http2-connections-per-worker`` option.
+
 The backend server is supporsed to be a HTTP/2 web server or HTTP/2
 proxy.  If backend server is HTTP/2 proxy, use
-``--no-location-rewrite`` option to disable rewriting location header
-field.
+``--no-location-rewrite`` and ``--no-host-rewrite`` options to disable
+rewriting location, host and :authority header field.

 The use-case of this mode is aggregate the incoming connections to one
 HTTP/2 connection.  One backend HTTP/2 connection is created per
@@ -235,12 +243,12 @@ Read/write rate limit
 ---------------------

 nghttpx supports transfer rate limiting on frontend connections.  You
-can do rate limit per worker (thread) for reading and writeing
+can do rate limit per frontend connection for reading and writing
 individually.

-To rate limit per worker (thread), use ``--worker-read-rate`` and
-``--worker-read-burst`` options.  For writing, use
-``--worker-write-rate`` and ``--worker-write-burst``.
+To perform rate limit for reading, use ``--read-rate`` and
+``--read-burst`` options.  For writing, use ``--write-rate`` and
+``--write-burst``.

 Please note that rate limit is performed on top of TCP and nothing to
 do with HTTP/2 flow control.
@@ -263,10 +271,10 @@ precedence.  If the above conditions are not met with the host value
 in :authority header field, rewrite is retried with the value in host
 header field.

-Hot deploy
----------
+Hot swapping
+------------

-nghttpx supports hot deploy feature using signals.  The hot deploy in
+nghttpx supports hot swapping using signals.  The hot swapping in
 nghttpx is multi step process.  First send USR2 signal to nghttpx
 process.  It will do fork and execute new executable, using same
 command-line arguments and environment variables.  At this point, both
@@ -284,3 +292,12 @@ log rotation daemon renamed existing log files.  To tell nghttpx to
 re-open log files, send USR1 signal to nghttpx process.  It will
 re-open files specified by ``--accesslog-file`` and
 ``--errorlog-file`` options.
+
+Multiple backend addresses
+--------------------------
+
+nghttpx supports multiple backend addresses.  To specify them, just
+use ``-b`` option repeatedly.  For example, to use backend1:8080 and
+backend2:8080, use command-line like this: ``-bbackend1,8080
+-bbackend2,8080``.  For HTTP/2 backend, see also
+``--backend-http2-connections-per-worker`` option.
--- a/doc/sources/python-apiref.rst
+++ b/doc/sources/python-apiref.rst
@@ -220,6 +220,10 @@ HTTP/2 servers

      This is a value of ``:path`` header field.

+   .. py:attribute:: headers
+
+      Request header fields.
+
   A :py:class:`BaseRequestHandler` has the following methods:

   .. py:method:: on_headers()
@@ -250,9 +254,27 @@ HTTP/2 servers
      is additional response headers.  The *:status* header field will
      be appended by the library.  The *body* is the response body.
      It could be ``None`` if response body is empty.  Or it must be
-      instance of either ``str``, ``bytes`` or :py:class:`io.IOBase`.
-      If instance of ``str`` is specified, it will be encoded using
-      UTF-8.
+      instance of either ``str``, ``bytes``, :py:class:`io.IOBase` or
+      callable, called body generator, which takes one parameter,
+      size.  The body generator generates response body.  It can pause
+      generation of response so that it can wait for slow backend data
+      generation.  When invoked, it should return tuple, byte string
+      at most size length and flag.  The flag is either
+      :py:data:`DATA_OK`, :py:data:`DATA_EOF` or
+      :py:data:`DATA_DEFERRED`.  For non-empty byte string and it is
+      not the last chunk of response, :py:data:`DATA_OK` must be
+      returned as flag.  If this is the last chunk of the response
+      (byte string could be ``None``), :py:data:`DATA_EOF` must be
+      returned as flag.  If there is no data available right now, but
+      additional data are anticipated, return tuple (``None``,
+      :py:data:`DATA_DEFERRED`).  When data arrived, call
+      :py:meth:`resume()` and restart response body transmission.
+
+      Only the body generator can pause response body generation;
+      instance of :py:class:`io.IOBase` must not block.
+
+      If instance of ``str`` is specified as *body*, it will be
+      encoded using UTF-8.

      The *headers* is a list of tuple of the form ``(name,
      value)``. The ``name`` and ``value`` can be either byte string
@@ -273,10 +295,8 @@ HTTP/2 servers

      The *status* is HTTP status code.  The *headers* is additional
      response headers.  The ``:status`` header field is appended by
-      the library.  The *body* is the response body.  It could be
-      ``None`` if response body is empty.  Or it must be instance of
-      either ``str``, ``bytes`` or ``io.IOBase``.  If instance of
-      ``str`` is specified, it is encoded using UTF-8.
+      the library.  The *body* is the response body.  It has the same
+      semantics of *body* parameter of :py:meth:`send_response()`.

      The headers and request_headers are a list of tuple of the form
      ``(name, value)``. The ``name`` and ``value`` can be either byte
@@ -288,6 +308,27 @@ HTTP/2 servers

      Raises the exception if any error occurs.

+   .. py:method:: resume()
+
+      Signals the restarting of response body transmission paused by
+      ``DATA_DEFERRED`` from the body generator (see
+      :py:meth:`send_response()` about the body generator).  It is not
+      an error calling this method while response body transmission is
+      not paused.
+
+.. py:data:: DATA_OK
+
+   ``DATA_OK`` indicates non empty data is generated from body generator.
+
+.. py:data:: DATA_EOF
+
+   ``DATA_EOF`` indicates the end of response body.
+
+.. py:data:: DATA_DEFERRED
+
+   ``DATA_DEFERRED`` indicates that data are not available right now
+   and response should be paused.
+
 The following example illustrates :py:class:`HTTP2Server` and
 :py:class:`BaseRequestHandler` usage:

@@ -296,6 +337,7 @@ The following example illustrates :py:class:`HTTP2Server` and
    #!/usr/bin/env python

    import io, ssl
+
    import nghttp2

    class Handler(nghttp2.BaseRequestHandler):
@@ -311,9 +353,85 @@ The following example illustrates :py:class:`HTTP2Server` and
                               body=io.BytesIO(b'nghttp2-python FTW'))

    ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
-    ctx.options = ssl.OP_ALL | ssl.OP_NO_SSLv2
+    ctx.options = ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
    ctx.load_cert_chain('server.crt', 'server.key')

    # give None to ssl to make the server non-SSL/TLS
    server = nghttp2.HTTP2Server(('127.0.0.1', 8443), Handler, ssl=ctx)
    server.serve_forever()
+
+The following example illustrates HTTP/2 server using asynchronous
+response body generation.  This is simplified reverse proxy:
+
+.. code-block:: python
+
+    #!/usr/bin/env python
+
+    import ssl
+    import os
+    import urllib
+    import asyncio
+    import io
+
+    import nghttp2
+
+    @asyncio.coroutine
+    def get_http_header(handler, url):
+        url = urllib.parse.urlsplit(url)
+        ssl = url.scheme == 'https'
+        if url.port == None:
+            if url.scheme == 'https':
+                port = 443
+            else:
+                port = 80
+        else:
+            port = url.port
+
+        connect = asyncio.open_connection(url.hostname, port, ssl=ssl)
+        reader, writer = yield from connect
+        req = 'GET {path} HTTP/1.0\r\n\r\n'.format(path=url.path or '/')
+        writer.write(req.encode('utf-8'))
+        # skip response header fields
+        while True:
+            line = yield from reader.readline()
+            line = line.rstrip()
+            if not line:
+                break
+        # read body
+        while True:
+            b = yield from reader.read(4096)
+            if not b:
+                break
+            handler.buf.write(b)
+        writer.close()
+        handler.buf.seek(0)
+        handler.eof = True
+        handler.resume()
+
+    class Body:
+        def __init__(self, handler):
+            self.handler = handler
+            self.handler.eof = False
+            self.handler.buf = io.BytesIO()
+
+        def generate(self, n):
+            buf = self.handler.buf
+            data = buf.read1(n)
+            if not data and not self.handler.eof:
+                return None, nghttp2.DATA_DEFERRED
+            return data, nghttp2.DATA_EOF if self.handler.eof else nghttp2.DATA_OK
+
+    class Handler(nghttp2.BaseRequestHandler):
+
+        def on_headers(self):
+            body = Body(self)
+            asyncio.async(get_http_header(
+                self, 'http://localhost' + self.path.decode('utf-8')))
+            self.send_response(status=200, body=body.generate)
+
+    ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+    ctx.options = ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
+    ctx.load_cert_chain('server.crt', 'server.key')
+
+    server = nghttp2.HTTP2Server(('127.0.0.1', 8443), Handler, ssl=ctx)
+    server.serve_forever()
--- a/doc/sources/tutorial-client.rst
+++ b/doc/sources/tutorial-client.rst
@@ -1,25 +1,25 @@
 Tutorial: HTTP/2 client
 =========================

-In this tutorial, we are going to write very primitive HTTP/2
+In this tutorial, we are going to write a very primitive HTTP/2
 client. The complete source code, `libevent-client.c`_, is attached at
-the end of this page.  It also resides in examples directory in the
-archive or repository.
+the end of this page.  It also resides in the examples directory in
+the archive or repository.

-This simple client takes 1 argument, HTTPS URI, and retrieves the
-resource denoted by the URI. Its synopsis is like this::
+This simple client takes a single HTTPS URI and retrieves the resource
+at the URI. The synopsis is::

    $ libevent-client HTTPS_URI

 We use libevent in this tutorial to handle networking I/O.  Please
 note that nghttp2 itself does not depend on libevent.

-First we do some setup routine for libevent and OpenSSL library in
-function ``main()`` and ``run()``, which is not so relevant to nghttp2
-library use. The one thing you should look at is setup NPN callback.
-The NPN callback is used for the client to select the next application
-protocol over the SSL/TLS transport. In this tutorial, we use
-`nghttp2_select_next_protocol()` function to select the HTTP/2
+The client starts with some libevent and OpenSSL setup in the
+``main()`` and ``run()`` functions. This setup isn't specific to
+nghttp2, but one thing you should look at is setup of the NPN
+callback.  The NPN callback is used by the client to select the next
+application protocol over TLS. In this tutorial, we use the
+`nghttp2_select_next_protocol()` helper function to select the HTTP/2
 protocol the library supports::

    static int select_next_proto_cb(SSL *ssl _U_, unsigned char **out,
@@ -31,8 +31,8 @@ protocol the library supports::
      return SSL_TLSEXT_ERR_OK;
    }

-The callback is set to the SSL_CTX object using
-``SSL_CTX_set_next_proto_select_cb()`` function::
+The callback is added to the SSL_CTX object using
+``SSL_CTX_set_next_proto_select_cb()``::

    static SSL_CTX *create_ssl_ctx(void) {
      SSL_CTX *ssl_ctx;
@@ -49,8 +49,10 @@ The callback is set to the SSL_CTX object using
      return ssl_ctx;
    }

-We use ``http2_session_data`` structure to store the data related to
-the HTTP/2 session::
+The example client defines a couple of structs:
+
+We define and use a ``http2_session_data`` structure to store data
+related to the HTTP/2 session::

    typedef struct {
      nghttp2_session *session;
@@ -59,17 +61,17 @@ the HTTP/2 session::
      http2_stream_data *stream_data;
    } http2_session_data;

-Since this program only handles 1 URI, it uses only 1 stream. We store
-its stream specific data in ``http2_stream_data`` structure and the
-``stream_data`` points to it. The ``struct http2_stream_data`` is
-defined as follows::
+Since this program only handles one URI, it uses only one stream. We
+store the single stream's data in a ``http2_stream_data`` structure
+and the ``stream_data`` points to it. The ``http2_stream_data``
+structure is defined as follows::

    typedef struct {
-      /* The NULL-terminated URI string to retreive. */
+      /* The NULL-terminated URI string to retrieve. */
      const char *uri;
      /* Parsed result of the |uri| */
      struct http_parser_url *u;
-      /* The authroity portion of the |uri|, not NULL-terminated */
+      /* The authority portion of the |uri|, not NULL-terminated */
      char *authority;
      /* The path portion of the |uri|, including query, not
         NULL-terminated */
@@ -82,12 +84,12 @@ defined as follows::
      int32_t stream_id;
    } http2_stream_data;

-We creates and initializes these structures in
+We create and initialize these structures in
 ``create_http2_session_data()`` and ``create_http2_stream_data()``
 respectively.

-Then we call function ``initiate_connection()`` to start connecting to
-the remote server::
+``initiate_connection()`` is called to start the connection to the
+remote server. It's defined as::

    static void initiate_connection(struct event_base *evbase, SSL_CTX *ssl_ctx,
                                    const char *host, uint16_t port,
@@ -110,11 +112,11 @@ the remote server::
      session_data->bev = bev;
    }

-We set 3 callbacks for the bufferevent: ``reacb``, ``writecb`` and
-``eventcb``.
+``initiate_connection()`` creates a bufferevent for the connection and
+sets up three callbacks: ``readcb``, ``writecb``, and ``eventcb``.

-The ``eventcb()`` is invoked by libevent event loop when an event
-(e.g., connection has been established, timeout, etc) happens on the
+The ``eventcb()`` is invoked by the libevent event loop when an event
+(e.g. connection has been established, timeout, etc.) occurs on the
 underlying network socket::

    static void eventcb(struct bufferevent *bev, short events, void *ptr) {
@@ -142,11 +144,15 @@ underlying network socket::
      delete_http2_session_data(session_data);
    }

-For ``BEV_EVENT_EOF``, ``BEV_EVENT_ERROR`` and ``BEV_EVENT_TIMEOUT``
-event, we just simply tear down the connection. The
-``BEV_EVENT_CONNECTED`` event is invoked when SSL/TLS handshake is
-finished successfully. We first initialize nghttp2 session object in
-``initialize_nghttp2_session()`` function::
+For ``BEV_EVENT_EOF``, ``BEV_EVENT_ERROR``, and ``BEV_EVENT_TIMEOUT``
+events, we just simply tear down the connection.
+
+The ``BEV_EVENT_CONNECTED`` event is invoked when the SSL/TLS
+handshake has completed successfully. After this we're ready to begin
+communicating via HTTP/2.
+
+The ``initialize_nghttp2_session()`` function initializes the nghttp2
+session object and several callbacks::

    static void initialize_nghttp2_session(http2_session_data *session_data) {
      nghttp2_session_callbacks *callbacks;
@@ -175,18 +181,19 @@ finished successfully. We first initialize nghttp2 session object in
      nghttp2_session_callbacks_del(callbacks);
    }

-Since we are creating client, we use `nghttp2_session_client_new()` to
-initialize nghttp2 session object.  We setup 7 callbacks for the
-nghttp2 session. We'll explain these callbacks later.
+Since we are creating a client, we use `nghttp2_session_client_new()`
+to initialize the nghttp2 session object.  The callbacks setup are
+explained later.

-The `delete_http2_session_data()` destroys ``session_data`` and frees
-its bufferevent, so it closes underlying connection as well. It also
-calls `nghttp2_session_del()` to delete nghttp2 session object.
+The `delete_http2_session_data()` function destroys ``session_data``
+and frees its bufferevent, so the underlying connection is closed. It
+also calls `nghttp2_session_del()` to delete the nghttp2 session
+object.

-We begin HTTP/2 communication by sending client connection preface,
-which is 24 bytes magic byte sequence
-(:macro:`NGHTTP2_CLIENT_CONNECTION_PREFACE`) and SETTINGS frame.  The
-transmission of client connection header is done in
+A HTTP/2 connection begins by sending the client connection preface,
+which is a 24 byte magic byte string (:macro:`NGHTTP2_CLIENT_MAGIC`),
+followed by a SETTINGS frame. The 24 byte magic string is sent
+automatically by nghttp2. We send the SETTINGS frame in
 ``send_client_connection_header()``::

    static void send_client_connection_header(http2_session_data *session_data) {
@@ -194,8 +201,7 @@ transmission of client connection header is done in
          {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 100}};
      int rv;

-      bufferevent_write(session_data->bev, NGHTTP2_CLIENT_CONNECTION_PREFACE,
-                        NGHTTP2_CLIENT_CONNECTION_PREFACE_LEN);
+      /* client 24 bytes magic string will be sent by nghttp2 library */
      rv = nghttp2_submit_settings(session_data->session, NGHTTP2_FLAG_NONE, iv,
                                   ARRLEN(iv));
      if (rv != 0) {
@@ -203,17 +209,17 @@ transmission of client connection header is done in
      }
    }

-Here we specify SETTINGS_MAX_CONCURRENT_STREAMS to 100, which is
-really not needed for this tiny example progoram, but we are
-demonstrating the use of SETTINGS frame. To queue the SETTINGS frame
-for the transmission, we use `nghttp2_submit_settings()`. Note that
-`nghttp2_submit_settings()` function only queues the frame and not
-actually send it. All ``nghttp2_submit_*()`` family functions have
-this property. To actually send the frame, `nghttp2_session_send()` is
-used, which is described about later.
+Here we specify SETTINGS_MAX_CONCURRENT_STREAMS as 100. This is not
+needed for this tiny example program, it just demonstrates use of the
+SETTINGS frame. To queue the SETTINGS frame for transmission, we call
+`nghttp2_submit_settings()`. Note that `nghttp2_submit_settings()`
+only queues the frame for transmission, and doesn't actually send it.
+All ``nghttp2_submit_*()`` family functions have this property. To
+actually send the frame, `nghttp2_session_send()` has to be called,
+which is described (and called) later.

-After the transmission of client connection header, we enqueue HTTP
-request in ``submit_request()`` function::
+After the transmission of the client connection header, we enqueue the
+HTTP request in the ``submit_request()`` function::

    static void submit_request(http2_session_data *session_data) {
      int32_t stream_id;
@@ -237,17 +243,18 @@ request in ``submit_request()`` function::
      stream_data->stream_id = stream_id;
    }

-We build HTTP request header fields in ``hdrs`` which is an array of
-:type:`nghttp2_nv`. There are 4 header fields to be sent: ``:method``,
-``:scheme``, ``:authority`` and ``:path``. To queue this HTTP request,
-we use `nghttp2_submit_request()` function. The `stream_data` is
-passed in *stream_user_data* parameter. It is used in nghttp2
-callbacks which we'll describe about later.
+We build the HTTP request header fields in ``hdrs``, which is an array
+of :type:`nghttp2_nv`. There are four header fields to be sent:
+``:method``, ``:scheme``, ``:authority``, and ``:path``. To queue the
+HTTP request, we call `nghttp2_submit_request()`. The ``stream_data``
+is passed via the *stream_user_data* parameter, which is helpfully
+later passed back to callback functions.
+
 `nghttp2_submit_request()` returns the newly assigned stream ID for
-this request.
+the request.

 The next bufferevent callback is ``readcb()``, which is invoked when
-data is available to read in the bufferevent input buffer::
+data is available to read from the bufferevent input buffer::

    static void readcb(struct bufferevent *bev, void *ptr) {
      http2_session_data *session_data = (http2_session_data *)ptr;
@@ -273,12 +280,13 @@ data is available to read in the bufferevent input buffer::
      }
    }

-In this function, we feed all unprocessed, received data to nghttp2
-session object using `nghttp2_session_mem_recv()` function. The
+In this function we feed all unprocessed, received data to the nghttp2
+session object using the `nghttp2_session_mem_recv()` function.
 `nghttp2_session_mem_recv()` processes the received data and may
-invoke nghttp2 callbacks and also queue frames. Since there may be
-pending frames, we call ``session_send()`` function to send those
-frames. The ``session_send()`` function is defined as follows::
+invoke nghttp2 callbacks and queue frames for transmission.  Since
+there may be pending frames for transmission, we call immediately
+``session_send()`` to send them.  ``session_send()`` is defined as
+follows::

    static int session_send(http2_session_data *session_data) {
      int rv;
@@ -291,10 +299,10 @@ frames. The ``session_send()`` function is defined as follows::
      return 0;
    }

-The `nghttp2_session_send()` function serializes the frame into wire
-format and call ``send_callback()`` function of type
-:type:`nghttp2_send_callback`.  The ``send_callback()`` is defined as
-follows::
+The `nghttp2_session_send()` function serializes pending frames into
+wire format and calls the ``send_callback()`` function to send them.
+``send_callback()`` has type :type:`nghttp2_send_callback` and is
+defined as::

    static ssize_t send_callback(nghttp2_session *session _U_, const uint8_t *data,
                                 size_t length, int flags _U_, void *user_data) {
@@ -307,18 +315,18 @@ follows::
 Since we use bufferevent to abstract network I/O, we just write the
 data to the bufferevent object. Note that `nghttp2_session_send()`
 continues to write all frames queued so far. If we were writing the
-data to the non-blocking socket directly using ``write()`` system call
-in the ``send_callback()``, we will surely get ``EAGAIN`` or
-``EWOULDBLOCK`` since the socket has limited send buffer. If that
-happens, we can return :macro:`NGHTTP2_ERR_WOULDBLOCK` to signal the
-nghttp2 library to stop sending further data. But writing to the
-bufferevent, we have to regulate the amount data to be buffered by
-ourselves to avoid possible huge memory consumption. In this example
-client, we do not limit anything. To see how to regulate the amount of
-buffered data, see the ``send_callback()`` in the server tutorial.
+data to the non-blocking socket directly using the ``write()`` system
+call, we'd soon receive an ``EAGAIN`` or ``EWOULDBLOCK`` error, since
+sockets have a limited send buffer. If that happens, it's possible to
+return :macro:`NGHTTP2_ERR_WOULDBLOCK` to signal the nghttp2 library
+to stop sending further data. When writing to a bufferevent, you
+should regulate the amount of data written, to avoid possible huge
+memory consumption. In this example client however we don't implement
+a limit. To see how to regulate the amount of buffered data, see the
+``send_callback()`` in the server tutorial.

 The third bufferevent callback is ``writecb()``, which is invoked when
-all data written in the bufferevent output buffer have been sent::
+all data written in the bufferevent output buffer has been sent::

    static void writecb(struct bufferevent *bev _U_, void *ptr) {
      http2_session_data *session_data = (http2_session_data *)ptr;
@@ -330,25 +338,25 @@ all data written in the bufferevent output buffer have been sent::
    }

 As described earlier, we just write off all data in `send_callback()`,
-we have no data to write in this function. All we have to do is check
-we have to drop connection or not. The nghttp2 session object keeps
-track of reception and transmission of GOAWAY frame and other error
-conditions as well. Using these information, nghttp2 session object
-will tell whether the connection should be dropped or not. More
-specifically, both `nghttp2_session_want_read()` and
-`nghttp2_session_want_write()` return 0, we have no business in the
-connection. But since we are using bufferevent and its deferred
-callback option, the bufferevent output buffer may contain the pending
-data when the ``writecb()`` is called. To handle this situation, we
-also check whether the output buffer is empty or not. If these
-conditions are met, we drop connection.
+so there is no data to write in this function. All we have to do is
+check if the connection should be dropped or not. The nghttp2 session
+object keeps track of reception and transmission of GOAWAY frames and
+other error conditions. Using this information, the nghttp2 session
+object can state whether the connection should be dropped or not.
+More specifically, when both `nghttp2_session_want_read()` and
+`nghttp2_session_want_write()` return 0, the connection is no-longer
+required and can be closed. Since we're using bufferevent and its
+deferred callback option, the bufferevent output buffer may still
+contain pending data when the ``writecb()`` is called. To handle this
+situation, we also check whether the output buffer is empty or not. If
+all of these conditions are met, then we drop the connection.

-We have already described about nghttp2 callback ``send_callback()``.
-Let's describe remaining nghttp2 callbacks we setup in
+Now let's look at the remaining nghttp2 callbacks setup in the
 ``initialize_nghttp2_setup()`` function.

-Each request header name/value pair is emitted via
-``on_header_callback`` function::
+A server responds to the request by first sending a HEADERS frame.
+The HEADERS frame consists of response header name/value pairs, and
+the ``on_header_callback()`` is called for each name/value pair::

    static int on_header_callback(nghttp2_session *session _U_,
                                  const nghttp2_frame *frame, const uint8_t *name,
@@ -368,10 +376,11 @@ Each request header name/value pair is emitted via
      return 0;
    }

-In this tutorial, we just print the name/value pair.
+In this tutorial, we just print the name/value pairs on stdout.

-After all name/value pairs are emitted for a frame,
-``on_frame_recv_callback`` function is called::
+After the HEADERS frame has been fully received (and thus all response
+header name/value pairs have been received), the
+``on_frame_recv_callback()`` function is called::

    static int on_frame_recv_callback(nghttp2_session *session _U_,
                                      const nghttp2_frame *frame, void *user_data) {
@@ -387,13 +396,16 @@ After all name/value pairs are emitted for a frame,
      return 0;
    }

-In this tutorial, we are just interested in the HTTP response
-HEADERS. We check te frame type and its category (it should be
-:macro:`NGHTTP2_HCAT_RESPONSE` for HTTP response HEADERS). Also check
-its stream ID.
+``on_frame_recv_callback()`` is called for other frame types too.

-The ``on_data_chunk_recv_callback()`` function is invoked when a chunk
-of data is received from the remote peer::
+In this tutorial, we are just interested in the HTTP response HEADERS
+frame. We check the frame type and its category (it should be
+:macro:`NGHTTP2_HCAT_RESPONSE` for HTTP response HEADERS). We also
+check its stream ID.
+
+Next, zero or more DATA frames can be received. The
+``on_data_chunk_recv_callback()`` function is invoked when a chunk of
+data is received from the remote peer::

    static int on_data_chunk_recv_callback(nghttp2_session *session _U_,
                                           uint8_t flags _U_, int32_t stream_id,
@@ -406,10 +418,10 @@ of data is received from the remote peer::
      return 0;
    }

-In our case, a chunk of data is response body. After checking stream
-ID, we just write the recieved data to the stdout. Note that the
-output in the terminal may be corrupted if the response body contains
-some binary data.
+In our case, a chunk of data is HTTP response body. After checking the
+stream ID, we just write the received data to stdout. Note the output
+in the terminal may be corrupted if the response body contains some
+binary data.

 The ``on_stream_close_callback()`` function is invoked when the stream
 is about to close::
@@ -432,9 +444,9 @@ is about to close::
    }

 If the stream ID matches the one we initiated, it means that its
-stream is going to be closed. Since we have finished to get the
-resource we want (or the stream was reset by RST_STREAM from the
+stream is going to be closed. Since we have finished receiving
+resource we wanted (or the stream was reset by RST_STREAM from the
 remote peer), we call `nghttp2_session_terminate_session()` to
-commencing the closure of the HTTP/2 session gracefully. If you have
+commence closure of the HTTP/2 session gracefully. If you have
 some data associated for the stream to be closed, you may delete it
 here.
--- a/doc/sources/tutorial-hpack.rst
+++ b/doc/sources/tutorial-hpack.rst
@@ -1,118 +1,129 @@
 Tutorial: HPACK API
 ===================

-In this tutorial, we describe basic use of HPACK API in nghttp2
-library.  We briefly describe APIs for deflating and inflating header
-fields.  The example of using these APIs are presented as complete
-source code `deflate.c`_.
+In this tutorial, we describe basic use of nghttp2's HPACK API.  We
+briefly describe the APIs for deflating and inflating header fields.
+The full example of using these APIs, `deflate.c`_, is attached at the
+end of this page. It also resides in the examples directory in the
+archive or repository.

 Deflating (encoding) headers
 ----------------------------

-First we need to initialize :type:`nghttp2_hd_deflater` object using
-`nghttp2_hd_deflate_new()` function::
+First we need to initialize a :type:`nghttp2_hd_deflater` object using
+the `nghttp2_hd_deflate_new()` function::

    int nghttp2_hd_deflate_new(nghttp2_hd_deflater **deflater_ptr,
                               size_t deflate_hd_table_bufsize_max);

-This function allocates :type:`nghttp2_hd_deflater` object and
-initializes it and assigns its pointer to ``*deflater_ptr`` passed by
-parameter.  The *deflate_hd_table_bufsize_max* is the upper bound of
-header table size the deflater will use.  This will limit the memory
-usage in deflater object for dynamic header table.  If you doubt, just
+This function allocates a :type:`nghttp2_hd_deflater` object,
+initializes it, and assigns its pointer to ``*deflater_ptr``. The
+*deflate_hd_table_bufsize_max* is the upper bound of header table size
+the deflater will use.  This will limit the memory usage by the
+deflater object for the dynamic header table.  If in doubt, just
 specify 4096 here, which is the default upper bound of dynamic header
 table buffer size.

-To encode header fields, `nghttp2_hd_deflate_hd()` function::
+To encode header fields, use the `nghttp2_hd_deflate_hd()` function::

    ssize_t nghttp2_hd_deflate_hd(nghttp2_hd_deflater *deflater,
                                  uint8_t *buf, size_t buflen,
                                  const nghttp2_nv *nva, size_t nvlen);

 The *deflater* is the deflater object initialized by
-`nghttp2_hd_deflate_new()` function described above.  The *buf* is a
-pointer to buffer to store encoded byte string.  The *buflen* is
-capacity of *buf*.  The *nva* is a pointer to :type:`nghttp2_nv`,
-which is an array of header fields to deflate.  The *nvlen* is the
-number of header fields which *nva* contains.
+`nghttp2_hd_deflate_new()` described above. The encoded byte string is
+written to the buffer *buf*, which has length *buflen*.  The *nva* is
+a pointer to an array of headers fields, each of type
+:type:`nghttp2_nv`.  *nvlen* is the number of header fields which
+*nva* contains.

 It is important to initialize and assign all members of
-:type:`nghttp2_nv`.  If a header field should not be inserted in
-dynamic header table for a security reason, set
-:macro:`NGHTTP2_NV_FLAG_NO_INDEX` flag in :member:`nghttp2_nv.flags`.
+:type:`nghttp2_nv`. For security sensitive header fields (such as
+cookies), set the :macro:`NGHTTP2_NV_FLAG_NO_INDEX` flag in
+:member:`nghttp2_nv.flags`.  Setting this flag prevents recovery of
+sensitive header fields by compression based attacks: This is achieved
+by not inserting the header field into the dynamic header table.

 `nghttp2_hd_deflate_hd()` processes all headers given in *nva*.  The
 *nva* must include all request or response header fields to be sent in
 one HEADERS (or optionally following (multiple) CONTINUATION
 frame(s)).  The *buf* must have enough space to store the encoded
-result.  Otherwise, the function will fail.  To estimate the upper
-bound of encoded result, use `nghttp2_hd_deflate_bound()` function::
+result, otherwise the function will fail.  To estimate the upper bound
+of the encoded result length, use `nghttp2_hd_deflate_bound()`::

    size_t nghttp2_hd_deflate_bound(nghttp2_hd_deflater *deflater,
                                    const nghttp2_nv *nva, size_t nvlen);

-Pass this function with the same paramters *deflater*, *nva* and
-*nvlen* which will be passed to `nghttp2_hd_deflate_hd()`.
+Pass this function the same parameters (*deflater*, *nva*, and
+*nvlen*) which will be passed to `nghttp2_hd_deflate_hd()`.

-The subsequent call of `nghttp2_hd_deflate_hd()` will use current
-encoder state and perform differential encoding which is the
-fundamental compression gain for HPACK.
+Subsequent calls to `nghttp2_hd_deflate_hd()` will use the current
+encoder state and perform differential encoding, which yields HPAC's
+fundamental compression gain.

-Once `nghttp2_hd_deflate_hd()` fails, it cannot be undone and its
-further call with the same deflater object shall fail.  So it is very
-important to use `nghttp2_hd_deflate_bound()` to know the required
-size of buffer.
+If `nghttp2_hd_deflate_hd()` fails, the failure is fatal and any
+further calls with the same deflater object will fail.  Thus it's very
+important to use `nghttp2_hd_deflate_bound()` to determine the
+required size of the output buffer.

-To delete :type:`nghttp2_hd_deflater` object, use `nghttp2_hd_deflate_del()`
-function.
+To delete a :type:`nghttp2_hd_deflater` object, use the
+`nghttp2_hd_deflate_del()` function.

 Inflating (decoding) headers
 ----------------------------

-We use :type:`nghttp2_hd_inflater` object to inflate compressed header
-data.  To initialize the object, use `nghttp2_hd_inflate_new()`::
+A :type:`nghttp2_hd_inflater` object is used to inflate compressed
+header data.  To initialize the object, use
+`nghttp2_hd_inflate_new()`::

    int nghttp2_hd_inflate_new(nghttp2_hd_inflater **inflater_ptr);

-To inflate header data, use `nghttp2_hd_inflate_hd()` function::
+To inflate header data, use `nghttp2_hd_inflate_hd()`::

    ssize_t nghttp2_hd_inflate_hd(nghttp2_hd_inflater *inflater,
                                  nghttp2_nv *nv_out, int *inflate_flags,
                                  uint8_t *in, size_t inlen, int in_final);

+`nghttp2_hd_inflate_hd()` reads a stream of bytes and outputs a single
+header field at a time. Multiple calls are normally required to read a
+full stream of bytes and output all of the header fields.
+
 The *inflater* is the inflater object initialized above.  The *nv_out*
-is a pointer to :type:`nghttp2_nv` to store the result.  The *in* is a
-pointer to input data and *inlen* is its length.  The caller is not
-required to specify whole deflated header data to *in* at once.  It
-can call this function multiple times for portion of the data in
-streaming way.  If *in_final* is nonzero, it tells the function that
-the passed data is the final sequence of deflated header data.  The
-*inflate_flags* is output parameter and successful call of this
-function stores a set of flags in it.  It will be described later.
+is a pointer to a :type:`nghttp2_nv` into which one header field may
+be stored.  The *in* is a pointer to input data, and *inlen* is its
+length.  The caller is not required to specify the whole deflated
+header data via *in* at once: Instead it can call this function
+multiple times as additional data bytes become available.  If
+*in_final* is nonzero, it tells the function that the passed data is
+the final sequence of deflated header data.
+
+The *inflate_flags* is an output parameter; on success the function
+sets it to a bitset of flags.  It will be described later.

 This function returns when each header field is inflated.  When this
-happens, the function sets :macro:`NGHTTP2_HD_INFLATE_EMIT` flag to
-*inflate_flag* parameter and header field is stored in *nv_out*.  The
-return value indicates the number of data read from *in* to processed
-so far.  It may be less than *inlen*.  The caller should call the
-function repeatedly until all data are processed by adjusting *in* and
-*inlen* with the processed bytes.
+happens, the function sets the :macro:`NGHTTP2_HD_INFLATE_EMIT` flag
+in *inflate_flags*, and a header field is stored in *nv_out*.  The
+return value indicates the number of bytes read from *in* processed so
+far, which may be less than *inlen*.  The caller should call the
+function repeatedly until all bytes are processed. Processed bytes
+should be removed from *in*, and *inlen* should be adjusted
+appropriately.

 If *in_final* is nonzero and all given data was processed, the
-function sets :macro:`NGHTTP2_HD_INFLATE_FINAL` flag to
-*inflate_flag*.  If the caller sees this flag set, call
+function sets the :macro:`NGHTTP2_HD_INFLATE_FINAL` flag in
+*inflate_flags*.  When you see this flag set, call the
 `nghttp2_hd_inflate_end_headers()` function.

-If *in_final* is zero and :macro:`NGHTTP2_HD_INFLATE_EMIT` flag is not
-set, it indicates that all given data was processed.  The caller is
-required to pass subsequent data.
+If *in_final* is zero and the :macro:`NGHTTP2_HD_INFLATE_EMIT` flag is
+not set, it indicates that all given data was processed.  The caller
+is required to pass additional data.

 It is important to note that the function may produce one or more
 header fields even if *inlen* is 0 when *in_final* is nonzero, due to
 differential encoding.

-The example use of `nghttp2_hd_inflate_hd()` is shown in
+Example usage of `nghttp2_hd_inflate_hd()` is shown in the
 `inflate_header_block()` function in `deflate.c`_.

-To delete :type:`nghttp2_hd_inflater` object, use `nghttp2_hd_inflate_del()`
-function.
+Finally, to delete a :type:`nghttp2_hd_inflater` object, use
+`nghttp2_hd_inflate_del()`.
--- a/doc/sources/tutorial-server.rst
+++ b/doc/sources/tutorial-server.rst
@@ -1,30 +1,31 @@
 Tutorial: HTTP/2 server
 =========================

-In this tutorial, we are going to write single-threaded, event-based
-HTTP/2 web server, which supports HTTPS only. It can handle
-concurrent multiple requests, but only the GET method is supported. The
-complete source code, `libevent-server.c`_, is attached at the end of
-this page.  It also resides in examples directory in the archive or
-repository.
+In this tutorial, we are going to write a single-threaded, event-based
+HTTP/2 web server, which supports HTTPS only. It can handle concurrent
+multiple requests, but only the GET method is supported. The complete
+source code, `libevent-server.c`_, is attached at the end of this
+page.  The source also resides in the examples directory in the
+archive or repository.

-This simple server takes 3 arguments, a port number to listen to, a path to
-your SSL/TLS private key file and a path to your certificate file.  Its
-synopsis is like this::
+This simple server takes 3 arguments: The port number to listen on,
+the path to your SSL/TLS private key file, and the path to your
+certificate file.  The synopsis is::

    $ libevent-server PORT /path/to/server.key /path/to/server.crt

 We use libevent in this tutorial to handle networking I/O.  Please
 note that nghttp2 itself does not depend on libevent.

-First we create a setup routine for libevent and OpenSSL in the functions
-``main()`` and ``run()``. One thing in there you should look at, is the setup
-of the NPN callback.  The NPN callback is used for the server to advertise
-which application protocols the server supports to a client.  In this example
-program, when creating ``SSL_CTX`` object, we store the application protocol
-name in the wire format of NPN in a statically allocated buffer. This is safe
-because we only create one ``SSL_CTX`` object in the program's entire life
-time::
+The server starts with some libevent and OpenSSL setup in the
+``main()`` and ``run()`` functions. This setup isn't specific to
+nghttp2, but one thing you should look at is setup of the NPN
+callback. The NPN callback is used by the server to advertise which
+application protocols the server supports to a client.  In this
+example program, when creating the ``SSL_CTX`` object, we store the
+application protocol name in the wire format of NPN in a statically
+allocated buffer. This is safe because we only create one ``SSL_CTX``
+object in the program's entire lifetime::

    static unsigned char next_proto_list[256];
    static size_t next_proto_list_len;
@@ -53,17 +54,20 @@ time::
      return ssl_ctx;
    }

-The wire format of NPN is a sequence of length prefixed string. Exactly one
-byte is used to specify the length of each protocol identifier.  In this
-tutorial, we advertise the specific HTTP/2 protocol version the current
-nghttp2 library supports. The nghttp2 library exports its identifier in
-:macro:`NGHTTP2_PROTO_VERSION_ID`. The ``next_proto_cb()`` function is the
-server-side NPN callback. In the OpenSSL implementation, we just assign the
-pointer to the NPN buffers we filled in earlier. The NPN callback function is
-set to the ``SSL_CTX`` object using
-``SSL_CTX_set_next_protos_advertised_cb()``.
+The wire format of NPN is a sequence of length prefixed strings, with
+exactly one byte used to specify the length of each protocol
+identifier.  In this tutorial, we advertise the specific HTTP/2
+protocol version the current nghttp2 library supports, which is
+exported in the identifier :macro:`NGHTTP2_PROTO_VERSION_ID`. The
+``next_proto_cb()`` function is the server-side NPN callback. In the
+OpenSSL implementation, we just assign the pointer to the NPN buffers
+we filled in earlier. The NPN callback function is set to the
+``SSL_CTX`` object using ``SSL_CTX_set_next_protos_advertised_cb()``.

-We use the ``app_content`` structure to store application-wide data::
+Next, let's take a look at the main structures used by the example
+application:
+
+We use the ``app_context`` structure to store application-wide data::

    struct app_context {
      SSL_CTX *ssl_ctx;
@@ -90,18 +94,21 @@ We use the ``http2_stream_data`` structure to store stream-level data::
      int fd;
    } http2_stream_data;

-A single HTTP/2 session can have multiple streams.  We manage these
-multiple streams with a doubly linked list.  The first element of this
-list is pointed to by the ``root->next`` in ``http2_session_data``.
-Initially, ``root->next`` is ``NULL``.  We use libevent's bufferevent
-structure to perform network I/O.  Note that the bufferevent object is
-kept in ``http2_session_data`` and not in ``http2_stream_data``.  This
-is because ``http2_stream_data`` is just a logical stream multiplexed
-over the single connection managed by bufferevent in
+A single HTTP/2 session can have multiple streams.  To manage them, we
+use a doubly linked list:  The first element of this list is pointed
+to by the ``root->next`` in ``http2_session_data``.  Initially,
+``root->next`` is ``NULL``.
+
+libevent's bufferevent structure is used to perform network I/O, with
+the pointer to the bufferevent stored in the ``http2_session_data``
+structure.  Note that the bufferevent object is kept in
+``http2_session_data`` and not in ``http2_stream_data``. This is
+because ``http2_stream_data`` is just a logical stream multiplexed
+over the single connection managed by the bufferevent in
 ``http2_session_data``.

-We first create a listener object to accept incoming connections.  We use
-libevent's ``struct evconnlistener`` for this purpose::
+We first create a listener object to accept incoming connections.
+libevent's ``struct evconnlistener`` is used for this purpose::

    static void start_listen(struct event_base *evbase, const char *service,
                             app_context *app_ctx) {
@@ -135,7 +142,7 @@ libevent's ``struct evconnlistener`` for this purpose::
      errx(1, "Could not start listener");
    }

-We specify the ``acceptcb`` callback which is called when a new connection is
+We specify the ``acceptcb`` callback, which is called when a new connection is
 accepted::

    static void acceptcb(struct evconnlistener *listener _U_, int fd,
@@ -148,13 +155,13 @@ accepted::
      bufferevent_setcb(session_data->bev, readcb, writecb, eventcb, session_data);
    }

-Here we create the ``http2_session_data`` object. The bufferevent for
-this connection is also initialized at this time. We specify three
-callbacks for the bufferevent: ``readcb``, ``writecb`` and
+Here we create the ``http2_session_data`` object. The connection's
+bufferevent is initialized at the same time. We specify three
+callbacks for the bufferevent: ``readcb``, ``writecb``, and
 ``eventcb``.

 The ``eventcb()`` callback is invoked by the libevent event loop when an event
-(e.g., connection has been established, timeout, etc) happens on the
+(e.g. connection has been established, timeout, etc.) occurs on the
 underlying network socket::

    static void eventcb(struct bufferevent *bev _U_, short events, void *ptr) {
@@ -181,28 +188,23 @@ underlying network socket::
      delete_http2_session_data(session_data);
    }

-For the ``BEV_EVENT_EOF``, ``BEV_EVENT_ERROR`` and
+For the ``BEV_EVENT_EOF``, ``BEV_EVENT_ERROR``, and
 ``BEV_EVENT_TIMEOUT`` events, we just simply tear down the connection.
 The ``delete_http2_session_data()`` function destroys the
-``http2_session_data`` object and thus also its bufferevent member.
-As a result, the underlying connection is closed.  The
-``BEV_EVENT_CONNECTED`` event is invoked when SSL/TLS handshake is
-finished successfully.  Now we are ready to start the HTTP/2
-communication.
+``http2_session_data`` object and its associated bufferevent member.
+As a result, the underlying connection is closed.

-We initialize a nghttp2 session object which is done in
-``initialize_nghttp2_session()``::
+The
+``BEV_EVENT_CONNECTED`` event is invoked when SSL/TLS handshake has
+completed successfully. After this we are ready to begin communicating
+via HTTP/2.
+
+The ``initialize_nghttp2_session()`` function initializes the nghttp2
+session object and several callbacks::

    static void initialize_nghttp2_session(http2_session_data *session_data) {
-      nghttp2_option *option;
      nghttp2_session_callbacks *callbacks;

-      nghttp2_option_new(&option);
-
-      /* Tells nghttp2_session object that it handles client connection
-         preface */
-      nghttp2_option_set_recv_client_preface(option, 1);
-
      nghttp2_session_callbacks_new(&callbacks);

      nghttp2_session_callbacks_set_send_callback(callbacks, send_callback);
@@ -219,23 +221,18 @@ We initialize a nghttp2 session object which is done in
      nghttp2_session_callbacks_set_on_begin_headers_callback(
          callbacks, on_begin_headers_callback);

-      nghttp2_session_server_new2(&session_data->session, callbacks, session_data,
-                                  option);
+      nghttp2_session_server_new(&session_data->session, callbacks, session_data);

      nghttp2_session_callbacks_del(callbacks);
-      nghttp2_option_del(option);
    }

-Since we are creating a server and uses options, the nghttp2 session
-object is created using `nghttp2_session_server_new2()` function.  We
-registers five callbacks for nghttp2 session object.  We'll talk about
-these callbacks later.  Our server only speaks HTTP/2.  In this case,
-we use `nghttp2_option_set_recv_client_preface()` to make
-:type:`nghttp2_session` object handle client connection preface, which
-saves some lines of application code.
+Since we are creating a server, we use `nghttp2_session_server_new()`
+to initialize the nghttp2 session object.  We also setup 5 callbacks
+for the nghttp2 session, these are explained later.

-After initialization of the nghttp2 session object, we are going to send
-a server connection header in ``send_server_connection_header()``::
+The server now begins by sending the server connection preface, which
+always consists of a SETTINGS frame.
+``send_server_connection_header()`` configures and submits it::

    static int send_server_connection_header(http2_session_data *session_data) {
      nghttp2_settings_entry iv[1] = {
@@ -251,11 +248,10 @@ a server connection header in ``send_server_connection_header()``::
      return 0;
    }

-The server connection header is a SETTINGS frame. We specify
-SETTINGS_MAX_CONCURRENT_STREAMS to 100 in the SETTINGS frame.  To queue
-the SETTINGS frame for the transmission, we use
-`nghttp2_submit_settings()`. Note that `nghttp2_submit_settings()`
-function only queues the frame and it does not actually send it. All
+In the example SETTINGS frame we've set
+SETTINGS_MAX_CONCURRENT_STREAMS to 100. `nghttp2_submit_settings()`
+is used to queue the frame for transmission, but note it only queues
+the frame for transmission, and doesn't actually send it. All
 functions in the ``nghttp2_submit_*()`` family have this property. To
 actually send the frame, `nghttp2_session_send()` should be used, as
 described later.
@@ -286,12 +282,14 @@ this pending data. To process the received data, we call the
      return 0;
    }

-In this function, we feed all unprocessed but already received data to the
-nghttp2 session object using the `nghttp2_session_mem_recv()` function. The
-`nghttp2_session_mem_recv()` function processes the data and may invoke the
-nghttp2 callbacks and also queue outgoing frames. Since there may be pending
-outgoing frames, we call ``session_send()`` function to send off those
-frames. The ``session_send()`` function is defined as follows::
+In this function, we feed all unprocessed but already received data to
+the nghttp2 session object using the `nghttp2_session_mem_recv()`
+function. The `nghttp2_session_mem_recv()` function processes the data
+and may both invoke the previously setup callbacks and also queue
+outgoing frames. To send any pending outgoing frames, we immediately
+call ``session_send()``.
+
+The ``session_send()`` function is defined as follows::

    static int session_send(http2_session_data *session_data) {
      int rv;
@@ -304,7 +302,7 @@ frames. The ``session_send()`` function is defined as follows::
    }

 The `nghttp2_session_send()` function serializes the frame into wire
-format and calls ``send_callback()`` of type
+format and calls the ``send_callback()``, which is of type
 :type:`nghttp2_send_callback`.  The ``send_callback()`` is defined as
 follows::

@@ -324,17 +322,16 @@ follows::
 Since we use bufferevent to abstract network I/O, we just write the
 data to the bufferevent object. Note that `nghttp2_session_send()`
 continues to write all frames queued so far. If we were writing the
-data to a non-blocking socket directly using ``write()`` system call
-in the ``send_callback()``, we would surely get ``EAGAIN`` or
-``EWOULDBLOCK`` back since the socket has limited send buffer. If that
-happens, we can return :macro:`NGHTTP2_ERR_WOULDBLOCK` to signal the
-nghttp2 library to stop sending further data. But when writing to the
-bufferevent, we have to regulate the amount data to get buffered
-ourselves to avoid using huge amounts of memory. To achieve this, we
-check the size of the output buffer and if it reaches more than or
-equal to ``OUTPUT_WOULDBLOCK_THRESHOLD`` bytes, we stop writing data
-and return :macro:`NGHTTP2_ERR_WOULDBLOCK` to tell the library to stop
-calling send_callback.
+data to a non-blocking socket directly using the ``write()`` system
+call in the ``send_callback()``, we'd soon receive an  ``EAGAIN`` or
+``EWOULDBLOCK`` error since sockets have a limited send buffer. If
+that happens, it's possible to return :macro:`NGHTTP2_ERR_WOULDBLOCK`
+to signal the nghttp2 library to stop sending further data. But here,
+when writing to the bufferevent, we have to regulate the amount data
+to buffered ourselves to avoid using huge amounts of memory. To
+achieve this, we check the size of the output buffer and if it reaches
+more than or equal to ``OUTPUT_WOULDBLOCK_THRESHOLD`` bytes, we stop
+writing data and return :macro:`NGHTTP2_ERR_WOULDBLOCK`.

 The next bufferevent callback is ``readcb()``, which is invoked when
 data is available to read in the bufferevent input buffer::
@@ -369,16 +366,18 @@ data in the bufferevent output buffer has been sent::
      }
    }

-First we check whether we should drop the connection or not. The nghttp2
-session object keeps track of reception and transmission of GOAWAY frames and
-other error conditions as well. Using this information, the nghttp2 session
-object will tell whether the connection should be dropped or not. More
-specifically, if both `nghttp2_session_want_read()` and
-`nghttp2_session_want_write()` return 0, we have no business left in the
-connection. But since we are using bufferevent and its deferred callback
-option, the bufferevent output buffer may contain pending data when the
-``writecb()`` is called. To handle this, we check whether the output buffer is
-empty or not. If all these conditions are met, we drop connection.
+First we check whether we should drop the connection or not. The
+nghttp2 session object keeps track of reception and transmission of
+GOAWAY frames and other error conditions as well. Using this
+information, the nghttp2 session object can state whether the
+connection should be dropped or not. More specifically, if both
+`nghttp2_session_want_read()` and `nghttp2_session_want_write()`
+return 0, the connection is no-longer required and can be closed.
+Since we are using bufferevent and its deferred callback option, the
+bufferevent output buffer may still contain pending data when the
+``writecb()`` is called. To handle this, we check whether the output
+buffer is empty or not. If all of these conditions are met, we drop
+connection.

 Otherwise, we call ``session_send()`` to process the pending output
 data. Remember that in ``send_callback()``, we must not write all data to
@@ -386,7 +385,7 @@ bufferevent to avoid excessive buffering. We continue processing pending data
 when the output buffer becomes empty.

 We have already described the nghttp2 callback ``send_callback()``.  Let's
-learn about the remaining nghttp2 callbacks we setup in
+learn about the remaining nghttp2 callbacks setup in
 ``initialize_nghttp2_setup()`` function.

 The ``on_begin_headers_callback()`` function is invoked when the reception of
@@ -408,13 +407,15 @@ a header block in HEADERS or PUSH_PROMISE frame is started::
      return 0;
    }

-We are only interested in the HEADERS frame in this function. Since the
-HEADERS frame has several roles in the HTTP/2 protocol, we check that it is a
-request HEADERS, which opens new stream. If the frame is a request HEADERS, we
-create a ``http2_stream_data`` object to store the stream related data. We
-associate the created ``http2_stream_data`` object with the stream in the
-nghttp2 session object using `nghttp2_set_stream_user_data()` to get the
-object without searching through the doubly linked list.
+We are only interested in the HEADERS frame in this function. Since
+the HEADERS frame has several roles in the HTTP/2 protocol, we check
+that it is a request HEADERS, which opens new stream. If the frame is
+a request HEADERS, we create a ``http2_stream_data`` object to store
+the stream related data. We associate the created
+``http2_stream_data`` object with the stream in the nghttp2 session
+object using `nghttp2_set_stream_user_data()`. The
+``http2_stream_data`` object can later be easily retrieved from the
+stream, without searching through the doubly linked list.

 In this example server, we want to serve files relative to the current working
 directory in which the program was invoked. Each header name/value pair is
@@ -449,10 +450,10 @@ emitted via ``on_header_callback`` function, which is called after
      return 0;
    }

-We search for the ``:path`` header field among the request headers and store
-the requested path in the ``http2_stream_data`` object. In this example
-program, we ignore ``:method`` header field and always treat the request as a
-GET request.
+We search for the ``:path`` header field among the request headers and
+store the requested path in the ``http2_stream_data`` object. In this
+example program, we ignore the ``:method`` header field and always
+treat the request as a GET request.

 The ``on_frame_recv_callback()`` function is invoked when a frame is
 fully received::
@@ -482,15 +483,15 @@ fully received::
      return 0;
    }

-First we retrieve the ``http2_stream_data`` object associated with the stream
-in ``on_begin_headers_callback()``. It is done using
-`nghttp2_session_get_stream_user_data()`. If the requested path cannot be
-served for some reason (e.g., file is not found), we send a 404 response,
-which is done in ``error_reply()``.  Otherwise, we open the requested file and
-send its content. We send the header field ``:status`` as a single response
-header.
+First we retrieve the ``http2_stream_data`` object associated with the
+stream in ``on_begin_headers_callback()`` using
+`nghttp2_session_get_stream_user_data()`. If the requested path
+cannot be served for some reason (e.g. file is not found), we send a
+404 response using ``error_reply()``.  Otherwise, we open
+the requested file and send its content. We send the header field
+``:status`` as a single response header.

-Sending the content of the file is done in ``send_response()`` function::
+Sending the file content is performed by the ``send_response()`` function::

    static int send_response(nghttp2_session *session, int32_t stream_id,
                             nghttp2_nv *nva, size_t nvlen, int fd) {
@@ -507,12 +508,13 @@ Sending the content of the file is done in ``send_response()`` function::
      return 0;
    }

-The nghttp2 library uses the :type:`nghttp2_data_provider` structure to
-send entity body to the remote peer. The ``source`` member of this
-structure is a union and it can be either void pointer or int which is
-intended to be used as file descriptor. In this example server, we use
-the file descriptor. We also set the ``file_read_callback()`` callback
-function to read the contents of the file::
+nghttp2 uses the :type:`nghttp2_data_provider` structure to send the
+entity body to the remote peer. The ``source`` member of this
+structure is a union, which can be either a void pointer or an int
+(which is intended to be used as file descriptor). In this example
+server, we use it as a file descriptor. We also set the
+``file_read_callback()`` callback function to read the contents of the
+file::

    static ssize_t file_read_callback(nghttp2_session *session _U_,
                                      int32_t stream_id _U_, uint8_t *buf,
@@ -532,11 +534,11 @@ function to read the contents of the file::
      return r;
    }

-If an error happens while reading the file, we return
+If an error occurs while reading the file, we return
 :macro:`NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE`.  This tells the
-library to send RST_STREAM to the stream.  When all data has been read, set
-the :macro:`NGHTTP2_DATA_FLAG_EOF` flag to ``*data_flags`` to tell the
-nghttp2 library that we have finished reading the file.
+library to send RST_STREAM to the stream.  When all data has been
+read, the :macro:`NGHTTP2_DATA_FLAG_EOF` flag is set to signal nghttp2
+that we have finished reading the file.

 The `nghttp2_submit_response()` function is used to send the response to the
 remote peer.
@@ -558,5 +560,5 @@ is about to close::
      return 0;
    }

-We destroy the ``http2_stream_data`` object in this function since the stream
-is about to close and we no longer use that object.
+Lastly, we destroy the ``http2_stream_data`` object in this function,
+since the stream is about to close and we no longer need the object.
--- a/examples/.gitignore
+++ b/examples/.gitignore
@@ -2,7 +2,8 @@ client
 libevent-client
 libevent-server
 deflate
-asio-sv
 tiny-nghttpd
+asio-sv
 asio-sv2
-asio-sv3
+asio-cl
+asio-cl2
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@@ -23,6 +23,7 @@

 if ENABLE_EXAMPLES

+AM_CFLAGS = $(WARNCFLAGS)
 AM_CPPFLAGS = \
 	-Wall \
 	-I$(top_srcdir)/lib/includes \
@@ -32,12 +33,10 @@ AM_CPPFLAGS = \
 	@LIBEVENT_OPENSSL_CFLAGS@ \
 	@OPENSSL_CFLAGS@ \
 	@DEFS@
-AM_LDFLAGS = \
+LDADD = $(top_builddir)/lib/libnghttp2.la \
+	$(top_builddir)/third-party/libhttp-parser.la \
 	@LIBEVENT_OPENSSL_LIBS@ \
 	@OPENSSL_LIBS@
-LDADD = \
-	$(top_builddir)/lib/libnghttp2.la \
-	$(top_builddir)/third-party/libhttp-parser.la

 noinst_PROGRAMS = client libevent-client libevent-server deflate

@@ -59,26 +58,37 @@ endif # ENABLE_TINY_NGHTTPD

 if ENABLE_ASIO_LIB

-noinst_PROGRAMS += asio-sv asio-sv2 asio-sv3
+noinst_PROGRAMS += asio-sv asio-sv2 asio-cl asio-cl2

-ASIOCPPFLAGS = ${BOOST_CPPFLAGS} ${AM_CPPFLAGS}
-ASIOLDFLAGS = @JEMALLOC_LIBS@
-ASIOLDADD = $(top_builddir)/src/libnghttp2_asio.la
+# AM_CPPFLAGS must be placed first, so that header file (e.g.,
+# nghttp2/nghttp2.h) in this package is used rather than installed
+# one.
+ASIOCPPFLAGS = ${AM_CPPFLAGS} ${BOOST_CPPFLAGS}
+ASIOLDADD = $(top_builddir)/lib/libnghttp2.la \
+	$(top_builddir)/src/libnghttp2_asio.la @JEMALLOC_LIBS@ \
+	$(top_builddir)/third-party/libhttp-parser.la \
+	${BOOST_LDFLAGS} \
+	${BOOST_ASIO_LIB} \
+	${BOOST_THREAD_LIB} \
+	${BOOST_SYSTEM_LIB} \
+	@OPENSSL_LIBS@ \
+	@APPLDFLAGS@

 asio_sv_SOURCES = asio-sv.cc
 asio_sv_CPPFLAGS = ${ASIOCPPFLAGS}
-asio_sv_LDFLAGS = ${ASIOLDFLAGS}
 asio_sv_LDADD = ${ASIOLDADD}

 asio_sv2_SOURCES = asio-sv2.cc
 asio_sv2_CPPFLAGS = ${ASIOCPPFLAGS}
-asio_sv2_LDFLAGS = ${ASIOLDFLAGS}
 asio_sv2_LDADD = ${ASIOLDADD}

-asio_sv3_SOURCES = asio-sv3.cc
-asio_sv3_CPPFLAGS = ${ASIOCPPFLAGS}
-asio_sv3_LDFLAGS = ${ASIOLDFLAGS}
-asio_sv3_LDADD = ${ASIOLDADD}
+asio_cl_SOURCES = asio-cl.cc
+asio_cl_CPPFLAGS = ${ASIOCPPFLAGS}
+asio_cl_LDADD = ${ASIOLDADD}
+
+asio_cl2_SOURCES = asio-cl2.cc
+asio_cl2_CPPFLAGS = ${ASIOCPPFLAGS}
+asio_cl2_LDADD = ${ASIOLDADD}

 endif # ENABLE_ASIO_LIB

--- a/examples/asio-cl.cc
+++ b/examples/asio-cl.cc
@@ -0,0 +1,96 @@
+/*
+ * nghttp2 - HTTP/2 C Library
+ *
+ * Copyright (c) 2015 Tatsuhiro Tsujikawa
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#include <iostream>
+
+#include <nghttp2/asio_http2_client.h>
+
+using boost::asio::ip::tcp;
+
+using namespace nghttp2::asio_http2;
+using namespace nghttp2::asio_http2::client;
+
+int main(int argc, char *argv[]) {
+  try {
+    if (argc < 2) {
+      std::cerr << "Usage: asio-cl URI" << std::endl;
+      return 1;
+    }
+    boost::system::error_code ec;
+    boost::asio::io_service io_service;
+
+    std::string uri = argv[1];
+    std::string scheme, host, service;
+
+    if (host_service_from_uri(ec, scheme, host, service, uri)) {
+      std::cerr << "error: bad URI: " << ec.message() << std::endl;
+      return 1;
+    }
+
+    boost::asio::ssl::context tls_ctx(boost::asio::ssl::context::sslv23);
+    tls_ctx.set_default_verify_paths();
+    // disabled to make development easier...
+    // tls_ctx.set_verify_mode(boost::asio::ssl::verify_peer);
+    configure_tls_context(ec, tls_ctx);
+
+    auto sess = scheme == "https" ? session(io_service, tls_ctx, host, service)
+                                  : session(io_service, host, service);
+
+    sess.on_connect([&sess, &uri](tcp::resolver::iterator endpoint_it) {
+      boost::system::error_code ec;
+      auto req = sess.submit(ec, "GET", uri);
+
+      if (ec) {
+        std::cerr << "error: " << ec.message() << std::endl;
+        return;
+      }
+
+      req->on_response([&sess](const response &res) {
+        std::cerr << "HTTP/2 " << res.status_code() << std::endl;
+        for (auto &kv : res.header()) {
+          std::cerr << kv.first << ": " << kv.second.value << "\n";
+        }
+        std::cerr << std::endl;
+
+        res.on_data([&sess](const uint8_t *data, std::size_t len) {
+          std::cerr.write(reinterpret_cast<const char *>(data), len);
+          std::cerr << std::endl;
+        });
+      });
+
+      req->on_close([&sess](uint32_t error_code) { sess.shutdown(); });
+    });
+
+    sess.on_error([](const boost::system::error_code &ec) {
+      std::cerr << "error: " << ec.message() << std::endl;
+    });
+
+    io_service.run();
+  } catch (std::exception &e) {
+    std::cerr << "exception: " << e.what() << "\n";
+  }
+
+  return 0;
+}
--- a/examples/asio-cl2.cc
+++ b/examples/asio-cl2.cc
@@ -0,0 +1,134 @@
+/*
+ * nghttp2 - HTTP/2 C Library
+ *
+ * Copyright (c) 2015 Tatsuhiro Tsujikawa
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#include <iostream>
+#include <string>
+
+#include <nghttp2/asio_http2_client.h>
+
+using boost::asio::ip::tcp;
+
+using namespace nghttp2::asio_http2;
+using namespace nghttp2::asio_http2::client;
+
+void print_header(const header_map &h) {
+  for (auto &kv : h) {
+    std::cerr << kv.first << ": " << kv.second.value << "\n";
+  }
+  std::cerr << std::endl;
+}
+
+void print_header(const response &res) {
+  std::cerr << "HTTP/2 " << res.status_code() << "\n";
+  print_header(res.header());
+}
+
+void print_header(const request &req) {
+  auto &uri = req.uri();
+  std::cerr << req.method() << " " << uri.scheme << "://" << uri.host
+            << uri.path;
+  if (!uri.raw_query.empty()) {
+    std::cerr << "?" << uri.raw_query;
+  }
+  std::cerr << " HTTP/2\n";
+  print_header(req.header());
+}
+
+int main(int argc, char *argv[]) {
+  try {
+    if (argc < 2) {
+      std::cerr << "Usage: asio-cl URI" << std::endl;
+      return 1;
+    }
+    boost::system::error_code ec;
+    boost::asio::io_service io_service;
+
+    std::string uri = argv[1];
+    std::string scheme, host, service;
+
+    if (host_service_from_uri(ec, scheme, host, service, uri)) {
+      std::cerr << "error: bad URI: " << ec.message() << std::endl;
+      return 1;
+    }
+
+    boost::asio::ssl::context tls_ctx(boost::asio::ssl::context::sslv23);
+    tls_ctx.set_default_verify_paths();
+    // disabled to make development easier...
+    // tls_ctx.set_verify_mode(boost::asio::ssl::verify_peer);
+    configure_tls_context(ec, tls_ctx);
+
+    auto sess = scheme == "https" ? session(io_service, tls_ctx, host, service)
+                                  : session(io_service, host, service);
+
+    sess.on_connect([&sess, &uri](tcp::resolver::iterator endpoint_it) {
+      std::cerr << "connected to " << (*endpoint_it).endpoint() << std::endl;
+      boost::system::error_code ec;
+      auto req = sess.submit(ec, "GET", uri, {{"cookie", {"foo=bar", true}}});
+      if (ec) {
+        std::cerr << "error: " << ec.message() << std::endl;
+        return;
+      }
+
+      req->on_response([&sess, req](const response &res) {
+        std::cerr << "response header was received" << std::endl;
+        print_header(res);
+
+        res.on_data([&sess](const uint8_t *data, std::size_t len) {
+          std::cerr.write(reinterpret_cast<const char *>(data), len);
+          std::cerr << std::endl;
+        });
+      });
+
+      req->on_close([&sess](uint32_t error_code) {
+        std::cerr << "request done with error_code=" << error_code << std::endl;
+      });
+
+      req->on_push([](const request &push_req) {
+        std::cerr << "push request was received" << std::endl;
+
+        print_header(push_req);
+
+        push_req.on_response([](const response &res) {
+          std::cerr << "push response header was received" << std::endl;
+
+          res.on_data([](const uint8_t *data, std::size_t len) {
+            std::cerr.write(reinterpret_cast<const char *>(data), len);
+            std::cerr << std::endl;
+          });
+        });
+      });
+    });
+
+    sess.on_error([](const boost::system::error_code &ec) {
+      std::cerr << "error: " << ec.message() << std::endl;
+    });
+
+    io_service.run();
+  } catch (std::exception &e) {
+    std::cerr << "exception: " << e.what() << "\n";
+  }
+
+  return 0;
+}
--- a/examples/asio-sv.cc
+++ b/examples/asio-sv.cc
@@ -37,7 +37,7 @@
 #include <iostream>
 #include <string>

-#include <nghttp2/asio_http2.h>
+#include <nghttp2/asio_http2_server.h>

 using namespace nghttp2::asio_http2;
 using namespace nghttp2::asio_http2::server;
@@ -45,28 +45,102 @@ using namespace nghttp2::asio_http2::server;
 int main(int argc, char *argv[]) {
  try {
    // Check command line arguments.
-    if (argc < 3) {
-      std::cerr << "Usage: asio-sv <port> <threads> <private-key-file> "
-                << "<cert-file>\n";
+    if (argc < 4) {
+      std::cerr
+          << "Usage: asio-sv <address> <port> <threads> [<private-key-file> "
+          << "<cert-file>]\n";
      return 1;
    }

-    uint16_t port = std::stoi(argv[1]);
-    std::size_t num_threads = std::stoi(argv[2]);
+    boost::system::error_code ec;
+
+    std::string addr = argv[1];
+    std::string port = argv[2];
+    std::size_t num_threads = std::stoi(argv[3]);

    http2 server;

    server.num_threads(num_threads);

-    if (argc >= 5) {
-      server.tls(argv[3], argv[4]);
+    server.handle("/", [](const request &req, const response &res) {
+      res.write_head(200, {{"foo", {"bar"}}});
+      res.end("hello, world\n");
+    });
+    server.handle("/secret/", [](const request &req, const response &res) {
+      res.write_head(200);
+      res.end("under construction!\n");
+    });
+    server.handle("/push", [](const request &req, const response &res) {
+      boost::system::error_code ec;
+      auto push = res.push(ec, "GET", "/push/1");
+      if (!ec) {
+        push->write_head(200);
+        push->end("server push FTW!\n");
      }

-    server.listen("*", port, [](const std::shared_ptr<request> &req,
-                                const std::shared_ptr<response> &res) {
-      res->write_head(200, {header{"foo", "bar"}});
-      res->end("hello, world");
+      res.write_head(200);
+      res.end("you'll receive server push!\n");
    });
+    server.handle("/delay", [](const request &req, const response &res) {
+      res.write_head(200);
+
+      auto timer = std::make_shared<boost::asio::deadline_timer>(
+          res.io_service(), boost::posix_time::seconds(3));
+      auto closed = std::make_shared<bool>();
+
+      res.on_close([timer, closed](uint32_t error_code) {
+        timer->cancel();
+        *closed = true;
+      });
+
+      timer->async_wait([&res, closed](const boost::system::error_code &ec) {
+        if (ec || *closed) {
+          return;
+        }
+
+        res.end("finally!\n");
+      });
+    });
+    server.handle("/trailer", [](const request &req, const response &res) {
+      // send trailer part.
+      res.write_head(200, {{"trailers", {"digest"}}});
+
+      std::string body = "nghttp2 FTW!\n";
+      auto left = std::make_shared<size_t>(body.size());
+
+      res.end([&res, body, left](uint8_t *dst, std::size_t len,
+                                 uint32_t *data_flags) {
+        auto n = std::min(len, *left);
+        std::copy_n(body.c_str() + (body.size() - *left), n, dst);
+        *left -= n;
+        if (*left == 0) {
+          *data_flags |=
+              NGHTTP2_DATA_FLAG_EOF | NGHTTP2_DATA_FLAG_NO_END_STREAM;
+          // RFC 3230 Instance Digests in HTTP.  The digest value is
+          // SHA-256 message digest of body.
+          res.write_trailer(
+              {{"digest",
+                {"SHA-256=qqXqskW7F3ueBSvmZRCiSwl2ym4HRO0M/pvQCBlSDis="}}});
+        }
+        return n;
+      });
+    });
+
+    if (argc >= 6) {
+      boost::asio::ssl::context tls(boost::asio::ssl::context::sslv23);
+      tls.use_private_key_file(argv[4], boost::asio::ssl::context::pem);
+      tls.use_certificate_chain_file(argv[5]);
+
+      configure_tls_context_easy(ec, tls);
+
+      if (server.listen_and_serve(ec, tls, addr, port)) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
+    } else {
+      if (server.listen_and_serve(ec, addr, port)) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
+    }
  } catch (std::exception &e) {
    std::cerr << "exception: " << e.what() << "\n";
  }
--- a/examples/asio-sv2.cc
+++ b/examples/asio-sv2.cc
@@ -35,12 +35,16 @@
 //
 #include <sys/types.h>
 #include <sys/stat.h>
+#ifdef HAVE_UNISTD_H
 #include <unistd.h>
+#endif // HAVE_UNISTD_H
+#ifdef HAVE_FCNTL_H
 #include <fcntl.h>
+#endif // HAVE_FCNTL_H
 #include <iostream>
 #include <string>

-#include <nghttp2/asio_http2.h>
+#include <nghttp2/asio_http2_server.h>

 using namespace nghttp2::asio_http2;
 using namespace nghttp2::asio_http2::server;
@@ -48,30 +52,28 @@ using namespace nghttp2::asio_http2::server;
 int main(int argc, char *argv[]) {
  try {
    // Check command line arguments.
-    if (argc < 4) {
-      std::cerr << "Usage: asio-sv2 <port> <threads> <doc-root> "
-                << "<private-key-file> <cert-file>\n";
+    if (argc < 5) {
+      std::cerr << "Usage: asio-sv2 <address> <port> <threads> <doc-root> "
+                << "[<private-key-file> <cert-file>]\n";
      return 1;
    }

-    uint16_t port = std::stoi(argv[1]);
-    std::size_t num_threads = std::stoi(argv[2]);
-    std::string docroot = argv[3];
+    boost::system::error_code ec;
+
+    std::string addr = argv[1];
+    std::string port = argv[2];
+    std::size_t num_threads = std::stoi(argv[3]);
+    std::string docroot = argv[4];

    http2 server;

    server.num_threads(num_threads);

-    if (argc >= 6) {
-      server.tls(argv[4], argv[5]);
-    }
-
-    server.listen("*", port, [&docroot](const std::shared_ptr<request> &req,
-                                        const std::shared_ptr<response> &res) {
-      auto path = percent_decode(req->path());
+    server.handle("/", [&docroot](const request &req, const response &res) {
+      auto path = percent_decode(req.uri().path);
      if (!check_path(path)) {
-        res->write_head(404);
-        res->end();
+        res.write_head(404);
+        res.end();
        return;
      }

@@ -82,23 +84,39 @@ int main(int argc, char *argv[]) {
      path = docroot + path;
      auto fd = open(path.c_str(), O_RDONLY);
      if (fd == -1) {
-        res->write_head(404);
-        res->end();
+        res.write_head(404);
+        res.end();
        return;
      }

-      auto headers = std::vector<header>();
+      auto header = header_map();

      struct stat stbuf;
      if (stat(path.c_str(), &stbuf) == 0) {
-        headers.push_back(
-            header{"content-length", std::to_string(stbuf.st_size)});
-        headers.push_back(
-            header{"last-modified", http_date(stbuf.st_mtim.tv_sec)});
+        header.emplace("content-length",
+                       header_value{std::to_string(stbuf.st_size)});
+        header.emplace("last-modified",
+                       header_value{http_date(stbuf.st_mtime)});
      }
-      res->write_head(200, std::move(headers));
-      res->end(file_reader_from_fd(fd));
+      res.write_head(200, std::move(header));
+      res.end(file_generator_from_fd(fd));
    });
+
+    if (argc >= 7) {
+      boost::asio::ssl::context tls(boost::asio::ssl::context::sslv23);
+      tls.use_private_key_file(argv[5], boost::asio::ssl::context::pem);
+      tls.use_certificate_chain_file(argv[6]);
+
+      configure_tls_context_easy(ec, tls);
+
+      if (server.listen_and_serve(ec, tls, addr, port)) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
+    } else {
+      if (server.listen_and_serve(ec, addr, port)) {
+        std::cerr << "error: " << ec.message() << std::endl;
+      }
+    }
  } catch (std::exception &e) {
    std::cerr << "exception: " << e.what() << "\n";
  }
--- a/examples/asio-sv3.cc
+++ b/examples/asio-sv3.cc
@@ -1,142 +0,0 @@
-/*
- * nghttp2 - HTTP/2 C Library
- *
- * Copyright (c) 2014 Tatsuhiro Tsujikawa
- *
- * Permission is hereby granted, free of charge, to any person obtaining
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
- * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
- * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
- * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- */
-// We wrote this code based on the original code which has the
-// following license:
-//
-// main.cpp
-// ~~~~~~~~
-//
-// Copyright (c) 2003-2013 Christopher M. Kohlhoff (chris at kohlhoff dot com)
-//
-// Distributed under the Boost Software License, Version 1.0. (See accompanying
-// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
-//
-#include <unistd.h>
-#include <iostream>
-#include <string>
-#include <deque>
-
-#include <nghttp2/asio_http2.h>
-
-using namespace nghttp2::asio_http2;
-using namespace nghttp2::asio_http2::server;
-
-int main(int argc, char *argv[]) {
-  try {
-    // Check command line arguments.
-    if (argc < 4) {
-      std::cerr << "Usage: asio-sv3 <port> <threads> <tasks> "
-                << " <private-key-file> <cert-file>\n";
-      return 1;
-    }
-
-    uint16_t port = std::stoi(argv[1]);
-    std::size_t num_threads = std::stoi(argv[2]);
-    std::size_t num_concurrent_tasks = std::stoi(argv[3]);
-
-    http2 server;
-
-    server.num_threads(num_threads);
-
-    if (argc >= 5) {
-      server.tls(argv[4], argv[5]);
-    }
-
-    server.num_concurrent_tasks(num_concurrent_tasks);
-
-    server.listen("*", port, [](const std::shared_ptr<request> &req,
-                                const std::shared_ptr<response> &res) {
-      res->write_head(200);
-
-      auto msgq = std::make_shared<std::deque<std::string>>();
-
-      res->end([msgq](uint8_t * buf, std::size_t len)
-                   -> std::pair<ssize_t, bool> {
-        if (msgq->empty()) {
-          // if msgq is empty, tells the library that don't call
-          // this callback until we call res->resume().  This is
-          // done by returing std::make_pair(0, false).
-          return std::make_pair(0, false);
-        }
-        auto msg = std::move(msgq->front());
-        msgq->pop_front();
-
-        if (msg.empty()) {
-          // The empty message signals the end of response in
-          // this simple protocol.
-          return std::make_pair(0, true);
-        }
-
-        auto nwrite = std::min(len, msg.size());
-        std::copy(std::begin(msg), std::begin(msg) + nwrite, buf);
-        if (msg.size() > nwrite) {
-          msgq->push_front(msg.substr(nwrite));
-        }
-        return std::make_pair(nwrite, false);
-      });
-
-      req->run_task([res, msgq](channel &channel) {
-        // executed in different thread from request callback
-        // was called.
-
-        // Using res and msgq is not safe inside this callback.
-        // But using them in callback passed to channel::post is
-        // safe.
-
-        // We just emit simple message "message N\n" in every 1
-        // second and 3 times in total.
-        for (std::size_t i = 0; i < 3; ++i) {
-          msgq->push_back("message " + std::to_string(i + 1) + "\n");
-
-          channel.post([res]() {
-            // executed in same thread where
-            // request callback was called.
-
-            // Tells library we have new message.
-            res->resume();
-          });
-
-          sleep(1);
-        }
-
-        // Send empty message to signal the end of response
-        // body.
-        msgq->push_back("");
-
-        channel.post([res]() {
-          // executed in same thread where request
-          // callback was called.
-          res->resume();
-        });
-
-      });
-
-    });
-  } catch (std::exception &e) {
-    std::cerr << "exception: " << e.what() << "\n";
-  }
-
-  return 0;
-}
--- a/examples/client.c
+++ b/examples/client.c
@@ -28,16 +28,26 @@
 */
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif /* !HAVE_CONFIG_H */
+#endif /* HAVE_CONFIG_H */

-#include <stdint.h>
+#include <inttypes.h>
 #include <stdlib.h>
+#ifdef HAVE_UNISTD_H
 #include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_FCNTL_H
 #include <fcntl.h>
+#endif /* HAVE_FCNTL_H */
 #include <sys/types.h>
+#ifdef HAVE_SYS_SOCKET_H
 #include <sys/socket.h>
+#endif /* HAVE_SYS_SOCKET_H */
+#ifdef HAVE_NETDB_H
 #include <netdb.h>
+#endif /* HAVE_NETDB_H */
+#ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h>
+#endif /* HAVE_NETINET_IN_H */
 #include <netinet/tcp.h>
 #include <poll.h>
 #include <signal.h>
@@ -152,7 +162,7 @@ static ssize_t send_callback(nghttp2_session *session _U_, const uint8_t *data,
  connection->want_io = IO_NONE;
  ERR_clear_error();
  rv = SSL_write(connection->ssl, data, (int)length);
-  if (rv < 0) {
+  if (rv <= 0) {
    int err = SSL_get_error(connection->ssl, rv);
    if (err == SSL_ERROR_WANT_WRITE || err == SSL_ERROR_WANT_READ) {
      connection->want_io =
@@ -528,10 +538,6 @@ static void fetch_uri(const struct URI *uri) {
  connection.ssl = ssl;
  connection.want_io = IO_NONE;

-  /* Send connection header in blocking I/O mode */
-  SSL_write(ssl, NGHTTP2_CLIENT_CONNECTION_PREFACE,
-            NGHTTP2_CLIENT_CONNECTION_PREFACE_LEN);
-
  /* Here make file descriptor non-block */
  make_non_block(fd);
  set_tcp_nodelay(fd);
@@ -554,6 +560,8 @@ static void fetch_uri(const struct URI *uri) {
    diec("nghttp2_session_client_new", rv);
  }

+  nghttp2_submit_settings(connection.session, NGHTTP2_FLAG_NONE, NULL, 0);
+
  /* Submit the HTTP request to the outbound queue. */
  submit_request(&connection, &req);

@@ -681,10 +689,10 @@ int main(int argc, char **argv) {
  act.sa_handler = SIG_IGN;
  sigaction(SIGPIPE, &act, 0);

-  OPENSSL_config(NULL);
-  OpenSSL_add_all_algorithms();
  SSL_load_error_strings();
  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(NULL);

  rv = parse_uri(&uri, argv[1]);
  if (rv != 0) {
--- a/examples/libevent-client.c
+++ b/examples/libevent-client.c
@@ -22,16 +22,35 @@
 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
+#ifdef __sgi
+#include <string.h>
+#define errx(exitcode, format, args...)                                        \
+  {                                                                            \
+    warnx(format, ##args);                                                     \
+    exit(exitcode);                                                            \
+  }
+#define warnx(format, args...) fprintf(stderr, format "\n", ##args)
+char *strndup(const char *s, size_t size);
+#endif
+
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif /* !HAVE_CONFIG_H */
+#endif /* HAVE_CONFIG_H */

 #include <sys/types.h>
+#ifdef HAVE_UNISTD_H
 #include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_SYS_SOCKET_H
 #include <sys/socket.h>
+#endif /* HAVE_SYS_SOCKET_H */
+#ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h>
+#endif /* HAVE_NETINET_IN_H */
 #include <netinet/tcp.h>
+#ifndef __sgi
 #include <err.h>
+#endif
 #include <signal.h>

 #include <openssl/ssl.h>
@@ -50,11 +69,11 @@
 #define ARRLEN(x) (sizeof(x) / sizeof(x[0]))

 typedef struct {
-  /* The NULL-terminated URI string to retreive. */
+  /* The NULL-terminated URI string to retrieve. */
  const char *uri;
  /* Parsed result of the |uri| */
  struct http_parser_url *u;
-  /* The authroity portion of the |uri|, not NULL-terminated */
+  /* The authority portion of the |uri|, not NULL-terminated */
  char *authority;
  /* The path portion of the |uri|, including query, not
     NULL-terminated */
@@ -94,7 +113,8 @@ static http2_stream_data *create_http2_stream_data(const char *uri,
                 ":%u", u->port);
  }

-  stream_data->pathlen = 0;
+  /* If we don't have path in URI, we use "/" as path. */
+  stream_data->pathlen = 1;
  if (u->field_set & (1 << UF_PATH)) {
    stream_data->pathlen = u->field_data[UF_PATH].len;
  }
@@ -102,19 +122,22 @@ static http2_stream_data *create_http2_stream_data(const char *uri,
    /* +1 for '?' character */
    stream_data->pathlen += u->field_data[UF_QUERY].len + 1;
  }
-  if (stream_data->pathlen > 0) {
+
  stream_data->path = malloc(stream_data->pathlen);
  if (u->field_set & (1 << UF_PATH)) {
    memcpy(stream_data->path, &uri[u->field_data[UF_PATH].off],
           u->field_data[UF_PATH].len);
+  } else {
+    stream_data->path[0] = '/';
  }
  if (u->field_set & (1 << UF_QUERY)) {
-      memcpy(stream_data->path + u->field_data[UF_PATH].len + 1,
+    stream_data->path[stream_data->pathlen - u->field_data[UF_QUERY].len - 1] =
+        '?';
+    memcpy(stream_data->path + stream_data->pathlen -
+               u->field_data[UF_QUERY].len,
           &uri[u->field_data[UF_QUERY].off], u->field_data[UF_QUERY].len);
  }
-  } else {
-    stream_data->path = NULL;
-  }
+
  return stream_data;
 }

@@ -258,8 +281,7 @@ static int on_data_chunk_recv_callback(nghttp2_session *session _U_,
   stream), if it is closed, we send GOAWAY and tear down the
   session */
 static int on_stream_close_callback(nghttp2_session *session, int32_t stream_id,
-                                    nghttp2_error_code error_code,
-                                    void *user_data) {
+                                    uint32_t error_code, void *user_data) {
  http2_session_data *session_data = (http2_session_data *)user_data;
  int rv;

@@ -345,8 +367,7 @@ static void send_client_connection_header(http2_session_data *session_data) {
      {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 100}};
  int rv;

-  bufferevent_write(session_data->bev, NGHTTP2_CLIENT_CONNECTION_PREFACE,
-                    NGHTTP2_CLIENT_CONNECTION_PREFACE_LEN);
+  /* client 24 bytes magic string will be sent by nghttp2 library */
  rv = nghttp2_submit_settings(session_data->session, NGHTTP2_FLAG_NONE, iv,
                               ARRLEN(iv));
  if (rv != 0) {
@@ -547,10 +568,10 @@ int main(int argc, char **argv) {
  act.sa_handler = SIG_IGN;
  sigaction(SIGPIPE, &act, NULL);

-  OPENSSL_config(NULL);
-  OpenSSL_add_all_algorithms();
  SSL_load_error_strings();
  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(NULL);

  run(argv[1]);
  return 0;
--- a/examples/libevent-server.c
+++ b/examples/libevent-server.c
@@ -22,21 +22,43 @@
 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
+#ifdef __sgi
+#define errx(exitcode, format, args...)                                        \
+  {                                                                            \
+    warnx(format, ##args);                                                     \
+    exit(exitcode);                                                            \
+  }
+#define warn(format, args...) warnx(format ": %s", ##args, strerror(errno))
+#define warnx(format, args...) fprintf(stderr, format "\n", ##args)
+#endif
+
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif /* !HAVE_CONFIG_H */
+#endif /* HAVE_CONFIG_H */

 #include <sys/types.h>
+#ifdef HAVE_SYS_SOCKET_H
 #include <sys/socket.h>
+#endif /* HAVE_SYS_SOCKET_H */
+#ifdef HAVE_NETDB_H
 #include <netdb.h>
+#endif /* HAVE_NETDB_H */
 #include <signal.h>
+#ifdef HAVE_UNISTD_H
 #include <unistd.h>
+#endif /* HAVE_UNISTD_H */
 #include <sys/stat.h>
+#ifdef HAVE_FCNTL_H
 #include <fcntl.h>
+#endif /* HAVE_FCNTL_H */
 #include <ctype.h>
+#ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h>
+#endif /* HAVE_NETINET_IN_H */
 #include <netinet/tcp.h>
+#ifndef __sgi
 #include <err.h>
+#endif

 #include <openssl/ssl.h>
 #include <openssl/err.h>
@@ -537,15 +559,8 @@ static int on_stream_close_callback(nghttp2_session *session, int32_t stream_id,
 }

 static void initialize_nghttp2_session(http2_session_data *session_data) {
-  nghttp2_option *option;
  nghttp2_session_callbacks *callbacks;

-  nghttp2_option_new(&option);
-
-  /* Tells nghttp2_session object that it handles client connection
-     preface */
-  nghttp2_option_set_recv_client_preface(option, 1);
-
  nghttp2_session_callbacks_new(&callbacks);

  nghttp2_session_callbacks_set_send_callback(callbacks, send_callback);
@@ -562,11 +577,9 @@ static void initialize_nghttp2_session(http2_session_data *session_data) {
  nghttp2_session_callbacks_set_on_begin_headers_callback(
      callbacks, on_begin_headers_callback);

-  nghttp2_session_server_new2(&session_data->session, callbacks, session_data,
-                              option);
+  nghttp2_session_server_new(&session_data->session, callbacks, session_data);

  nghttp2_session_callbacks_del(callbacks);
-  nghttp2_option_del(option);
 }

 /* Send HTTP/2 client connection header, which includes 24 bytes
@@ -671,7 +684,7 @@ static void start_listen(struct event_base *evbase, const char *service,

  rv = getaddrinfo(NULL, service, &hints, &res);
  if (rv != 0) {
-    errx(1, NULL);
+    errx(1, "Could not resolve server address");
  }
  for (rp = res; rp; rp = rp->ai_next) {
    struct evconnlistener *listener;
@@ -723,10 +736,10 @@ int main(int argc, char **argv) {
  act.sa_handler = SIG_IGN;
  sigaction(SIGPIPE, &act, NULL);

-  OPENSSL_config(NULL);
-  OpenSSL_add_all_algorithms();
  SSL_load_error_strings();
  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(NULL);

  run(argv[1], argv[2], argv[3]);
  return 0;
--- a/examples/tiny-nghttpd.c
+++ b/examples/tiny-nghttpd.c
@@ -30,18 +30,30 @@

 #ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif /* !HAVE_CONFIG_H */
+#endif /* HAVE_CONFIG_H */

 #include <sys/types.h>
+#ifdef HAVE_SYS_SOCKET_H
 #include <sys/socket.h>
+#endif /* HAVE_SYS_SOCKET_H */
 #include <sys/stat.h>
+#ifdef HAVE_FCNTL_H
 #include <fcntl.h>
+#endif /* HAVE_FCNTL_H */
+#ifdef HAVE_NETDB_H
 #include <netdb.h>
+#endif /* HAVE_NETDB_H */
+#ifdef HAVE_NETINET_IN_H
 #include <netinet/in.h>
+#endif /* HAVE_NETINET_IN_H */
 #include <netinet/tcp.h>
+#ifdef HAVE_UNISTD_H
 #include <unistd.h>
+#endif /* HAVE_UNISTD_H */
 #include <stdlib.h>
+#ifdef HAVE_TIME_H
 #include <time.h>
+#endif /* HAVE_TIME_H */
 #include <string.h>
 #include <stdio.h>
 #include <errno.h>
@@ -153,7 +165,6 @@ const char *docroot;
 size_t docrootlen;

 nghttp2_session_callbacks *shared_callbacks;
-nghttp2_option *shared_option;

 static int handle_accept(io_loop *loop, uint32_t events, void *ptr);
 static int handle_connection(io_loop *loop, uint32_t events, void *ptr);
@@ -179,13 +190,57 @@ static char *io_buf_add_str(io_buf *buf, const void *src, size_t len) {
  return (char *)start;
 }

-static int memseq(const uint8_t *a, size_t alen, const char *b) {
-  const uint8_t *last = a + alen;
+static int memeq(const void *a, const void *b, size_t n) {
+  return memcmp(a, b, n) == 0;
+}

-  for (; a != last && *b && *a == *b; ++a, ++b)
-    ;
+#define streq(A, B, N) ((sizeof((A)) - 1) == (N) && memeq((A), (B), (N)))

-  return a == last && *b == 0;
+typedef enum {
+  NGHTTP2_TOKEN__AUTHORITY,
+  NGHTTP2_TOKEN__METHOD,
+  NGHTTP2_TOKEN__PATH,
+  NGHTTP2_TOKEN__SCHEME,
+  NGHTTP2_TOKEN_HOST
+} nghttp2_token;
+
+/* Inspired by h2o header lookup.  https://github.com/h2o/h2o */
+static int lookup_token(const uint8_t *name, size_t namelen) {
+  switch (namelen) {
+  case 5:
+    switch (name[namelen - 1]) {
+    case 'h':
+      if (streq(":pat", name, 4)) {
+        return NGHTTP2_TOKEN__PATH;
+      }
+      break;
+    }
+    break;
+  case 7:
+    switch (name[namelen - 1]) {
+    case 'd':
+      if (streq(":metho", name, 6)) {
+        return NGHTTP2_TOKEN__METHOD;
+      }
+      break;
+    case 'e':
+      if (streq(":schem", name, 6)) {
+        return NGHTTP2_TOKEN__SCHEME;
+      }
+      break;
+    }
+    break;
+  case 10:
+    switch (name[namelen - 1]) {
+    case 'y':
+      if (streq(":authorit", name, 9)) {
+        return NGHTTP2_TOKEN__AUTHORITY;
+      }
+      break;
+    }
+    break;
+  }
+  return -1;
 }

 static char *cpydig(char *buf, int n, size_t len) {
@@ -344,8 +399,7 @@ static connection *connection_new(int fd) {

  conn = malloc(sizeof(connection));

-  rv = nghttp2_session_server_new2(&conn->session, shared_callbacks, conn,
-                                   shared_option);
+  rv = nghttp2_session_server_new(&conn->session, shared_callbacks, conn);

  if (rv != 0) {
    goto cleanup;
@@ -614,19 +668,52 @@ static void stream_error(connection *conn, int32_t stream_id,
                            error_code);
 }

-static ssize_t fd_read_callback(nghttp2_session *session _U_,
-                                int32_t stream_id _U_, uint8_t *buf,
-                                size_t length, uint32_t *data_flags,
-                                nghttp2_data_source *source,
-                                void *user_data _U_) {
+static int send_data_callback(nghttp2_session *session _U_,
+                              nghttp2_frame *frame, const uint8_t *framehd,
+                              size_t length, nghttp2_data_source *source,
+                              void *user_data) {
+  connection *conn = user_data;
+  uint8_t *p = conn->buf.last;
  stream *strm = source->ptr;
-  ssize_t nread;

-  while ((nread = read(strm->filefd, buf, length)) == -1 && errno == EINTR)
+  /* We never use padding in this program */
+  assert(frame->data.padlen == 0);
+
+  if ((size_t)io_buf_left(&conn->buf) < 9 + frame->hd.length) {
+    return NGHTTP2_ERR_WOULDBLOCK;
+  }
+
+  memcpy(p, framehd, 9);
+  p += 9;
+
+  while (length) {
+    ssize_t nread;
+    while ((nread = read(strm->filefd, p, length)) == -1 && errno == EINTR)
      ;
    if (nread == -1) {
      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
    }
+
+    length -= nread;
+    p += nread;
+  }
+
+  conn->buf.last = p;
+
+  return 0;
+}
+
+static ssize_t fd_read_callback(nghttp2_session *session _U_,
+                                int32_t stream_id _U_, uint8_t *buf _U_,
+                                size_t length, uint32_t *data_flags,
+                                nghttp2_data_source *source,
+                                void *user_data _U_) {
+  stream *strm = source->ptr;
+  ssize_t nread =
+      (int64_t)length < strm->fileleft ? (int64_t)length : strm->fileleft;
+
+  *data_flags |= NGHTTP2_DATA_FLAG_NO_COPY;
+
  strm->fileleft -= nread;
  if (nread == 0 || strm->fileleft == 0) {
    if (strm->fileleft != 0) {
@@ -925,8 +1012,7 @@ static int on_header_callback(nghttp2_session *session,
                              const nghttp2_frame *frame, const uint8_t *name,
                              size_t namelen, const uint8_t *value,
                              size_t valuelen, uint8_t flags _U_,
-                              void *user_data) {
-  connection *conn = user_data;
+                              void *user_data _U_) {
  stream *strm;

  if (frame->hd.type != NGHTTP2_HEADERS ||
@@ -940,74 +1026,42 @@ static int on_header_callback(nghttp2_session *session,
    return 0;
  }

-  if (!nghttp2_check_header_name(name, namelen) ||
-      !nghttp2_check_header_value(value, valuelen)) {
-    return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
-  }
-
-  if (memseq(name, namelen, ":method")) {
-    if (strm->method) {
-      stream_error(conn, strm->stream_id, NGHTTP2_PROTOCOL_ERROR);
-      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
-    }
+  switch (lookup_token(name, namelen)) {
+  case NGHTTP2_TOKEN__METHOD:
    strm->method = io_buf_add_str(&strm->scrbuf, value, valuelen);
    if (!strm->method) {
      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
    }
    strm->methodlen = valuelen;
-    return 0;
-  }
-
-  if (memseq(name, namelen, ":scheme")) {
-    if (strm->scheme) {
-      stream_error(conn, strm->stream_id, NGHTTP2_PROTOCOL_ERROR);
-      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
-    }
+    break;
+  case NGHTTP2_TOKEN__SCHEME:
    strm->scheme = io_buf_add_str(&strm->scrbuf, value, valuelen);
    if (!strm->scheme) {
      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
    }
    strm->schemelen = valuelen;
-    return 0;
-  }
-
-  if (memseq(name, namelen, ":authority")) {
-    if (strm->authority) {
-      stream_error(conn, strm->stream_id, NGHTTP2_PROTOCOL_ERROR);
-      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
-    }
+    break;
+  case NGHTTP2_TOKEN__AUTHORITY:
    strm->authority = io_buf_add_str(&strm->scrbuf, value, valuelen);
    if (!strm->authority) {
      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
    }
    strm->authoritylen = valuelen;
-    return 0;
-  }
-
-  if (memseq(name, namelen, ":path")) {
-    if (strm->path) {
-      stream_error(conn, strm->stream_id, NGHTTP2_PROTOCOL_ERROR);
-      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
-    }
+    break;
+  case NGHTTP2_TOKEN__PATH:
    strm->path = io_buf_add_str(&strm->scrbuf, value, valuelen);
    if (!strm->path) {
      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
    }
    strm->pathlen = valuelen;
-    return 0;
-  }
-
-  if (name[0] == ':') {
-    stream_error(conn, strm->stream_id, NGHTTP2_PROTOCOL_ERROR);
-    return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
-  }
-
-  if (memseq(name, namelen, "host") && !strm->host) {
+    break;
+  case NGHTTP2_TOKEN_HOST:
    strm->host = io_buf_add_str(&strm->scrbuf, value, valuelen);
    if (!strm->host) {
      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
    }
    strm->hostlen = valuelen;
+    break;
  }

  return 0;
@@ -1029,12 +1083,6 @@ static int on_frame_recv_callback(nghttp2_session *session,
    return 0;
  }

-  if (!strm->method || !strm->scheme || !strm->path ||
-      (!strm->authority && !strm->host)) {
-    stream_error(conn, strm->stream_id, NGHTTP2_PROTOCOL_ERROR);
-    return 0;
-  }
-
  if (!strm->host) {
    strm->host = strm->authority;
    strm->hostlen = strm->authoritylen;
@@ -1269,14 +1317,8 @@ int main(int argc, char **argv) {
      shared_callbacks, on_stream_close_callback);
  nghttp2_session_callbacks_set_on_frame_not_send_callback(
      shared_callbacks, on_frame_not_send_callback);
-
-  rv = nghttp2_option_new(&shared_option);
-  if (rv != 0) {
-    fprintf(stderr, "nghttp2_option_new: %s", nghttp2_strerror(rv));
-    exit(EXIT_FAILURE);
-  }
-
-  nghttp2_option_set_recv_client_preface(shared_option, 1);
+  nghttp2_session_callbacks_set_send_data_callback(shared_callbacks,
+                                                   send_data_callback);

  rv = io_loop_add(&loop, serv.fd, EPOLLIN, &serv);

@@ -1294,7 +1336,6 @@ int main(int argc, char **argv) {

  io_loop_run(&loop, &serv);

-  nghttp2_option_del(shared_option);
  nghttp2_session_callbacks_del(shared_callbacks);

  return 0;
--- a/genheaderfunc.py
+++ b/genheaderfunc.py
@@ -0,0 +1,40 @@
+#!/usr/bin/env python
+
+from gentokenlookup import gentokenlookup
+
+HEADERS = [
+    ':authority',
+    ':method',
+    ':path',
+    ':scheme',
+    ':status',
+    ':host', # for spdy
+    'expect',
+    'host',
+    'if-modified-since',
+    "te",
+    "cookie",
+    "http2-settings",
+    "server",
+    "via",
+    "x-forwarded-for",
+    "x-forwarded-proto",
+    "alt-svc",
+    "content-length",
+    "location",
+    "trailer",
+    "link",
+    "accept-encoding",
+    "accept-language",
+    "cache-control",
+    "user-agent",
+    # disallowed h1 headers
+    'connection',
+    'keep-alive',
+    'proxy-connection',
+    'transfer-encoding',
+    'upgrade'
+]
+
+if __name__ == '__main__':
+    gentokenlookup(HEADERS, 'HD')
--- a/genlibtokenlookup.py
+++ b/genlibtokenlookup.py
@@ -0,0 +1,140 @@
+#!/usr/bin/env python
+
+HEADERS = [
+    (':authority', 0),
+    (':method', 1),
+    (':method', 2),
+    (':path', 3),
+    (':path', 4),
+    (':scheme', 5),
+    (':scheme', 6),
+    (':status', 7),
+    (':status', 8),
+    (':status', 9),
+    (':status', 10),
+    (':status', 11),
+    (':status', 12),
+    (':status', 13),
+    ('accept-charset', 14),
+    ('accept-encoding', 15),
+    ('accept-language', 16),
+    ('accept-ranges', 17),
+    ('accept', 18),
+    ('access-control-allow-origin', 19),
+    ('age', 20),
+    ('allow', 21),
+    ('authorization', 22),
+    ('cache-control', 23),
+    ('content-disposition', 24),
+    ('content-encoding', 25),
+    ('content-language', 26),
+    ('content-length', 27),
+    ('content-location', 28),
+    ('content-range', 29),
+    ('content-type', 30),
+    ('cookie', 31),
+    ('date', 32),
+    ('etag', 33),
+    ('expect', 34),
+    ('expires', 35),
+    ('from', 36),
+    ('host', 37),
+    ('if-match', 38),
+    ('if-modified-since', 39),
+    ('if-none-match', 40),
+    ('if-range', 41),
+    ('if-unmodified-since', 42),
+    ('last-modified', 43),
+    ('link', 44),
+    ('location', 45),
+    ('max-forwards', 46),
+    ('proxy-authenticate', 47),
+    ('proxy-authorization', 48),
+    ('range', 49),
+    ('referer', 50),
+    ('refresh', 51),
+    ('retry-after', 52),
+    ('server', 53),
+    ('set-cookie', 54),
+    ('strict-transport-security', 55),
+    ('transfer-encoding', 56),
+    ('user-agent', 57),
+    ('vary', 58),
+    ('via', 59),
+    ('www-authenticate', 60),
+    ('te', None),
+    ('connection', None),
+    ('keep-alive',None),
+    ('proxy-connection', None),
+    ('upgrade', None),
+]
+
+def to_enum_hd(k):
+    res = 'NGHTTP2_TOKEN_'
+    for c in k.upper():
+        if c == ':' or c == '-':
+            res += '_'
+            continue
+        res += c
+    return res
+
+def build_header(headers):
+    res = {}
+    for k, _ in headers:
+        size = len(k)
+        if size not in res:
+            res[size] = {}
+        ent = res[size]
+        c = k[-1]
+        if c not in ent:
+            ent[c] = []
+        ent[c].append(k)
+
+    return res
+
+def gen_enum():
+    name = ''
+    print 'typedef enum {'
+    for k, token in HEADERS:
+        if token is None:
+            print '  {},'.format(to_enum_hd(k))
+        else:
+            if name != k:
+                name = k
+                print '  {} = {},'.format(to_enum_hd(k), token)
+    print '} nghttp2_token;'
+
+def gen_index_header():
+    print '''\
+static inline int lookup_token(const uint8_t *name, size_t namelen) {
+  switch (namelen) {'''
+    b = build_header(HEADERS)
+    for size in sorted(b.keys()):
+        ents = b[size]
+        print '''\
+  case {}:'''.format(size)
+        print '''\
+    switch (name[{}]) {{'''.format(size - 1)
+        for c in sorted(ents.keys()):
+            headers = sorted(ents[c])
+            print '''\
+    case '{}':'''.format(c)
+            for k in headers:
+                print '''\
+      if (lstreq("{}", name, {})) {{
+        return {};
+      }}'''.format(k[:-1], size - 1, to_enum_hd(k))
+            print '''\
+      break;'''
+        print '''\
+    }
+    break;'''
+    print '''\
+  }
+  return -1;
+}'''
+
+if __name__ == '__main__':
+    gen_enum()
+    print ''
+    gen_index_header()
--- a/genmethodfunc.py
+++ b/genmethodfunc.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python
+from __future__ import unicode_literals
+from io import StringIO
+
+from gentokenlookup import gentokenlookup
+
+# copied from http-parser/http_parser.h, and stripped trailing spaces
+# and backslashes.
+SRC = '''
+  XX(0,  DELETE,      DELETE)
+  XX(1,  GET,         GET)
+  XX(2,  HEAD,        HEAD)
+  XX(3,  POST,        POST)
+  XX(4,  PUT,         PUT)
+  /* pathological */
+  XX(5,  CONNECT,     CONNECT)
+  XX(6,  OPTIONS,     OPTIONS)
+  XX(7,  TRACE,       TRACE)
+  /* webdav */
+  XX(8,  COPY,        COPY)
+  XX(9,  LOCK,        LOCK)
+  XX(10, MKCOL,       MKCOL)
+  XX(11, MOVE,        MOVE)
+  XX(12, PROPFIND,    PROPFIND)
+  XX(13, PROPPATCH,   PROPPATCH)
+  XX(14, SEARCH,      SEARCH)
+  XX(15, UNLOCK,      UNLOCK)
+  /* subversion */
+  XX(16, REPORT,      REPORT)
+  XX(17, MKACTIVITY,  MKACTIVITY)
+  XX(18, CHECKOUT,    CHECKOUT)
+  XX(19, MERGE,       MERGE)
+  /* upnp */
+  XX(20, MSEARCH,     M-SEARCH)
+  XX(21, NOTIFY,      NOTIFY)
+  XX(22, SUBSCRIBE,   SUBSCRIBE)
+  XX(23, UNSUBSCRIBE, UNSUBSCRIBE)
+  /* RFC-5789 */
+  XX(24, PATCH,       PATCH)
+  XX(25, PURGE,       PURGE)
+  /* CalDAV */
+  XX(26, MKCALENDAR,  MKCALENDAR)
+'''
+
+if __name__ == '__main__':
+    methods = []
+    for line in StringIO(SRC):
+        line = line.strip()
+        if not line.startswith('XX'):
+            continue
+        _, m, _ = line.split(',', 2)
+        methods.append(m.strip())
+    gentokenlookup(methods, 'HTTP')
--- a/gennghttpxfun.py
+++ b/gennghttpxfun.py
@@ -0,0 +1,124 @@
+#!/usr/bin/env python
+
+from gentokenlookup import gentokenlookup
+
+OPTIONS = [
+    "private-key-file",
+    "private-key-passwd-file",
+    "certificate-file",
+    "dh-param-file",
+    "subcert",
+    "backend",
+    "frontend",
+    "workers",
+    "http2-max-concurrent-streams",
+    "log-level",
+    "daemon",
+    "http2-proxy",
+    "http2-bridge",
+    "client-proxy",
+    "add-x-forwarded-for",
+    "strip-incoming-x-forwarded-for",
+    "no-via",
+    "frontend-http2-read-timeout",
+    "frontend-read-timeout",
+    "frontend-write-timeout",
+    "backend-read-timeout",
+    "backend-write-timeout",
+    "stream-read-timeout",
+    "stream-write-timeout",
+    "accesslog-file",
+    "accesslog-syslog",
+    "accesslog-format",
+    "errorlog-file",
+    "errorlog-syslog",
+    "backend-keep-alive-timeout",
+    "frontend-http2-window-bits",
+    "backend-http2-window-bits",
+    "frontend-http2-connection-window-bits",
+    "backend-http2-connection-window-bits",
+    "frontend-no-tls",
+    "backend-no-tls",
+    "backend-tls-sni-field",
+    "pid-file",
+    "user",
+    "syslog-facility",
+    "backlog",
+    "ciphers",
+    "client",
+    "insecure",
+    "cacert",
+    "backend-ipv4",
+    "backend-ipv6",
+    "backend-http-proxy-uri",
+    "read-rate",
+    "read-burst",
+    "write-rate",
+    "write-burst",
+    "worker-read-rate",
+    "worker-read-burst",
+    "worker-write-rate",
+    "worker-write-burst",
+    "npn-list",
+    "tls-proto-list",
+    "verify-client",
+    "verify-client-cacert",
+    "client-private-key-file",
+    "client-cert-file",
+    "frontend-http2-dump-request-header",
+    "frontend-http2-dump-response-header",
+    "http2-no-cookie-crumbling",
+    "frontend-frame-debug",
+    "padding",
+    "altsvc",
+    "add-request-header",
+    "add-response-header",
+    "worker-frontend-connections",
+    "no-location-rewrite",
+    "no-host-rewrite",
+    "backend-http1-connections-per-host",
+    "backend-http1-connections-per-frontend",
+    "listener-disable-timeout",
+    "tls-ticket-key-file",
+    "rlimit-nofile",
+    "backend-request-buffer",
+    "backend-response-buffer",
+    "no-server-push",
+    "backend-http2-connections-per-worker",
+    "fetch-ocsp-response-file",
+    "ocsp-update-interval",
+    "no-ocsp",
+    "header-field-buffer",
+    "max-header-fields",
+    "include",
+    "tls-ticket-key-cipher",
+    "host-rewrite",
+    "tls-session-cache-memcached",
+    "tls-ticket-key-memcached",
+    "tls-ticket-key-memcached-interval",
+    "tls-ticket-key-memcached-max-retry",
+    "tls-ticket-key-memcached-max-fail",
+    "conf",
+]
+
+LOGVARS = [
+    "remote_addr",
+    "time_local",
+    "time_iso8601",
+    "request",
+    "status",
+    "body_bytes_sent",
+    "remote_port",
+    "server_port",
+    "request_time",
+    "pid",
+    "alpn",
+    "ssl_cipher",
+    "ssl_protocol",
+    "ssl_session_id",
+    "ssl_session_reused",
+]
+
+if __name__ == '__main__':
+    gentokenlookup(OPTIONS, 'SHRPX_OPTID', value_type='char', comp_fun='util::strieq_l')
+    gentokenlookup(LOGVARS, 'SHRPX_LOGF', value_type='char', comp_fun='util::strieq_l', return_type='LogFragmentType', fail_value='SHRPX_LOGF_NONE')
--- a/gentokenlookup.py
+++ b/gentokenlookup.py
@@ -0,0 +1,69 @@
+#!/usr/bin/env python
+
+def to_enum_hd(k, prefix):
+    res = prefix + '_'
+    for c in k.upper():
+        if c == ':' or c == '-':
+            res += '_'
+            continue
+        res += c
+    return res
+
+def build_header(headers):
+    res = {}
+    for k in headers:
+        size = len(k)
+        if size not in res:
+            res[size] = {}
+        ent = res[size]
+        c = k[-1]
+        if c not in ent:
+            ent[c] = []
+        ent[c].append(k)
+
+    return res
+
+def gen_enum(tokens, prefix):
+    print '''\
+enum {'''
+    for k in sorted(tokens):
+        print '''\
+  {},'''.format(to_enum_hd(k, prefix))
+    print '''\
+  {}_MAXIDX,
+}};'''.format(prefix)
+
+def gen_index_header(tokens, prefix, value_type, comp_fun, return_type, fail_value):
+    print '''\
+{} lookup_token(const {} *name, size_t namelen) {{
+  switch (namelen) {{'''.format(return_type, value_type)
+    b = build_header(tokens)
+    for size in sorted(b.keys()):
+        ents = b[size]
+        print '''\
+  case {}:'''.format(size)
+        print '''\
+    switch (name[{}]) {{'''.format(size - 1)
+        for c in sorted(ents.keys()):
+            headers = sorted(ents[c])
+            print '''\
+    case '{}':'''.format(c)
+            for k in headers:
+                print '''\
+      if ({}("{}", name, {})) {{
+        return {};
+      }}'''.format(comp_fun, k[:-1], size - 1, to_enum_hd(k, prefix))
+            print '''\
+      break;'''
+        print '''\
+    }
+    break;'''
+    print '''\
+  }}
+  return {};
+}}'''.format(fail_value)
+
+def gentokenlookup(tokens, prefix, value_type='uint8_t', comp_fun='util::streq_l', return_type='int', fail_value='-1'):
+    gen_enum(tokens, prefix)
+    print ''
+    gen_index_header(tokens, prefix, value_type, comp_fun, return_type, fail_value)
--- a/help2rst.py
+++ b/help2rst.py
@@ -0,0 +1,192 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+# script to produce rst file from program's help output.
+
+from __future__ import unicode_literals
+from __future__ import print_function
+import sys
+import re
+import argparse
+
+arg_indent = ' ' * 14
+
+def help2man(infile):
+    # We assume that first line is usage line like this:
+    #
+    # Usage: nghttp [OPTIONS]... URI...
+    #
+    # The second line is description of the command.  Multiple lines
+    # are permitted.  The blank line signals the end of this section.
+    # After that, we parses positional and optional arguments.
+    #
+    # The positional argument is enclosed with < and >:
+    #
+    # <PRIVATE_KEY>
+    #
+    # We may describe default behavior without any options by encoding
+    # ( and ):
+    #
+    # (default mode)
+    #
+    # "Options:" is treated specially and produces "OPTIONS" section.
+    # We allow subsection under OPTIONS.  Lines not starting with (, <
+    # and Options: are treated as subsection name and produces section
+    # one level down:
+    #
+    # TLS/SSL:
+    #
+    # The above is an example of subsection.
+    #
+    # The description of arguments must be indented by len(arg_indent)
+    # characters.  The default value should be placed in separate line
+    # and should be start with "Default: " after indentation.
+
+    line = infile.readline().strip()
+    m = re.match(r'^Usage: (.*)', line)
+    if not m:
+        print('usage line is invalid.  Expected following lines:')
+        print('Usage: cmdname ...')
+        sys.exit(1)
+    synopsis = m.group(1).split(' ', 1)
+    if len(synopsis) == 2:
+        cmdname, args = synopsis
+    else:
+        cmdname, args = synopsis[0], ''
+
+    description = []
+    for line in infile:
+        line = line.strip()
+        if not line:
+            break
+        description.append(line)
+
+    print('''
+.. GENERATED by help2rst.py.  DO NOT EDIT DIRECTLY.
+
+.. program:: {cmdname}
+
+{cmdname}(1)
+{cmdnameunderline}
+
+SYNOPSIS
+--------
+
+**{cmdname}** {args}
+
+DESCRIPTION
+-----------
+
+{description}
+'''.format(cmdname=cmdname, args=args,
+           cmdnameunderline='=' * (len(cmdname) + 3),
+           synopsis=synopsis, description=format_text('\n'.join(description))))
+
+    in_arg = False
+    in_footer = False
+
+    for line in infile:
+        line = line.rstrip()
+
+        if not line.strip() and in_arg:
+            print()
+            continue
+        if line.startswith('   ') and in_arg:
+            if not line.startswith(arg_indent):
+                sys.stderr.write('warning: argument description is not indented correctly.  We need {} spaces as indentation.\n'.format(len(arg_indent)))
+            print('{}'.format(format_arg_text(line[len(arg_indent):])))
+            continue
+
+        if in_arg:
+            print()
+            in_arg = False
+
+        if line == '--':
+            in_footer = True
+            continue
+
+        if in_footer:
+            print(line.strip())
+            continue
+
+        if line == 'Options:':
+            print('OPTIONS')
+            print('-------')
+            print()
+            continue
+
+        if line.startswith('  <'):
+            # positional argument
+            m = re.match(r'^(?:\s+)([a-zA-Z0-9-_<>]+)(.*)', line)
+            argname, rest = m.group(1), m.group(2)
+            print('.. describe:: {}'.format(argname))
+            print()
+            print('{}'.format(format_arg_text(rest.strip())))
+            in_arg = True
+            continue
+
+        if line.startswith('  ('):
+            # positional argument
+            m = re.match(r'^(?:\s+)(\([a-zA-Z0-9-_<> ]+\))(.*)', line)
+            argname, rest = m.group(1), m.group(2)
+            print('.. describe:: {}'.format(argname))
+            print()
+            print('{}'.format(format_arg_text(rest.strip())))
+            in_arg = True
+            continue
+
+        if line.startswith('  -'):
+            # optional argument
+            m = re.match(
+                r'^(?:\s+)(-\S+?(?:, -\S+?)*)($| .*)',
+                line)
+            argname, rest = m.group(1), m.group(2)
+            print('.. option:: {}'.format(argname))
+            print()
+            rest = rest.strip()
+            if len(rest):
+                print('{}'.format(format_arg_text(rest)))
+            in_arg = True
+            continue
+
+        if not line.startswith(' ') and line.endswith(':'):
+            # subsection
+            subsec = line.strip()[:-1]
+            print('{}'.format(subsec))
+            print('{}'.format('~' * len(subsec)))
+            print()
+            continue
+
+        print(line.strip())
+
+def format_text(text):
+    # escape *
+    if len(text) > len(arg_indent):
+        text = text[:len(arg_indent) + 1] + re.sub(r'\*', r'\*', text[len(arg_indent) + 1:])
+    else:
+        text = re.sub(r'\*', r'\*', text)
+    # markup option reference
+    text = re.sub(r'(^|\s)(-[a-zA-Z0-9-]+)', r'\1:option:`\2`', text)
+    # sphinx does not like markup like ':option:`-f`='.  We need
+    # backslash between ` and =.
+    text = re.sub(r'(:option:`.*?`)(\S)', r'\1\\\2', text)
+    # file path should be italic
+    text = re.sub(r'(^|\s|\'|")(/[^\s\'"]*)', r'\1*\2*', text)
+    return text
+
+def format_arg_text(text):
+    if text.strip().startswith('Default: '):
+        return '\n    ' + re.sub(r'^(\s*Default: )(.*)$', r'\1``\2``', text)
+    return '    {}'.format(format_text(text))
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(
+        description='Produces rst document from help output.')
+    parser.add_argument('-i', '--include', metavar='FILE',
+                        help='include content of <FILE> as verbatim.  It should be ReST formatted text.')
+    args = parser.parse_args()
+    help2man(sys.stdin)
+    if args.include:
+        print()
+        with open(args.include) as f:
+            sys.stdout.write(f.read())
--- a/integration-tests/.gitignore
+++ b/integration-tests/.gitignore
@@ -0,0 +1,2 @@
+# generated files
+config.go
--- a/integration-tests/Makefile.am
+++ b/integration-tests/Makefile.am
@@ -0,0 +1,44 @@
+# nghttp2 - HTTP/2 C Library
+
+# Copyright (c) 2015 Tatsuhiro Tsujikawa
+
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+EXTRA_DIST = \
+	nghttpx_http1_test.go \
+	nghttpx_http2_test.go \
+	nghttpx_spdy_test.go \
+	server_tester.go \
+	server.key \
+	server.crt \
+	alt-server.key \
+	alt-server.crt \
+	setenv
+
+.PHONY: itprep it
+
+itprep:
+	go get -d -v github.com/bradfitz/http2
+	go get -d -v github.com/tatsuhiro-t/go-nghttp2
+	go get -d -v github.com/tatsuhiro-t/spdy
+	go get -d -v golang.org/x/net/websocket
+
+it:
+	sh setenv go test -v
--- a/integration-tests/alt-server.crt
+++ b/integration-tests/alt-server.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDhzCCAm+gAwIBAgIJANfuEldiquMNMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMMCmFsdC1kb21haW4wHhcNMTUwMTI1MDYy
+NTQxWhcNMjUwMTIyMDYyNTQxWjBaMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29t
+ZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
+VQQDDAphbHQtZG9tYWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+0IwhDOGDipGrJQ9IoRSzPdkU/Ii4aJgGKHlXminym42X0VI3IW61RLvOHRlHVmVH
+JQjFuDo2x+y81t9NlDg3HGUbSpzOzpm6StiutB7c4hreT5G4r0YKya1ugiemN0+p
+qjIPJWm2jVnf448eZvUKRKEQ9W0MLZjiNjVGKrKlwo7fIlXg4N3+YixLYffAT1NV
+d1T6V5jzlbruj15gK2nGjMQ9D1h1t9vTbTxY+mtk72aX0Y64IE6pPBWLFSSH8ozU
+idDoL3AZwz2Jker+ALKK8CM4uho/RPpyW1C06HH+HLdH2MqEjDOROde/Nzxm668O
+gK/JWGIEyUqYiUXx0yhFxwIDAQABo1AwTjAdBgNVHQ4EFgQU/Y0GDN2uPjbyePcu
+95ZvYEK/gHIwHwYDVR0jBBgwFoAU/Y0GDN2uPjbyePcu95ZvYEK/gHIwDAYDVR0T
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAodD6LVCzL3wfsZ6TxTzf9TfgIdbj
+ilL3SEMT/xnfTXT3SLYScTRqQIAI29Y7dOLMq89p4hY2wmeUEhBUAz+y9G2JVr8o
+6EbxXrQpWgNJogELqoNnMdrDxB5RsmDDKEJ/rLjDfSkjWbK7B2PZsqVTDgjekCFw
+u6FqTIjn/O1O/L5tjwxwxjHmQod/maFCvXoDOVBuwdHnkp298tqlvsHfHO8m++Wj
+XYB8plMIjpeTh9v4w9Jc4QZ59lK/3Tt4qaENeQrMEubKSY/Zen7L2bzhk+cChWT
+GSGz9uNXieoZaH79D0wnyZaSZ5Ds4ActMevnGg3iYXuzuFqx8Pungn74Vg==
+-----END CERTIFICATE-----
--- a/integration-tests/alt-server.key
+++ b/integration-tests/alt-server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDQjCEM4YOKkasl
+D0ihFLM92RT8iLhomAYoeVeaKfKbjZfRUjchbrVEu84dGUdWZUclCMW4OjbH7LzW
+302UODccZRtKnM7OmbpK2K60HtziGt5PkbivRgrJrW6CJ6Y3T6mqMg8labaNWd/j
+jx5m9QpEoRD1bQwtmOI2NUYqsqXCjt8iVeDg3f5iLEth98BPU1V3VPpXmPOVuu6P
+XmAracaMxD0PWHW329NtPFj6a2TvZpfRjrggTqk8FYsVJIfyjNSJ0OgvcBnDPYmR
+6v4AsorwIzi6Gj9E+nJbULTocf4ct0fYyoSMM5E51783PGbrrw6Ar8lYYgTJSpiJ
+RfHTKEXHAgMBAAECggEBALTrjFSXY72YB+h7rN+JjMIwDIPUvF6I3HbKZhQpJf6K
+xNVkRM2tNHavku0tm/S4ohLf3F+pqRKiL2Udjjjy1+S7VgTRqpwTQ0lhV5aNW8SP
+2KMg4R61XfB+k+s4KHu9kYxEJ12mqydPe+r3o0FgfYryTDsOYk1AX6b1aqzqFOGF
+7GaqLALSbKU59tcJJ1SZNBbpIKFUrAT9nZt9dW02/foqP5bzUk43Yjw48xmLwegc
+bMXXcpZhNZSktltvwRw7Q4Foc9kuRlMdTAnAD9PnMCcZwicS/YeVVF6Rz4fGviKv
+7/kPHQ7g4YpFktVDzuZ5xw6GDVFeJ6uGMVUX8+EePvkCgYEA+/nrcn82nFHCxm8Q
+0iiUhi/AoXjZg+O5Ytaje9O/YNoX+c4ywe13h0+TXKH79O0KfTwXeJyDgPZbAIFV
+9oURellRYUzKDafnBHis2f+Ywn6GqHL5e2X30ZxIp1GK46pcvne1YuvJhgGmiVay
+vd7sRx09OKU124dG22rIFCis6asCgYEA0+CsA6LrEwQ/aPJYASY3VHNO/WoAOnPg
+Cwsg+02XWsPEwP//lNmpanz8TUm2URS063ZK8bx7t3ejvDgBdsRwwjiMlDp7XTUU
+3Zk+mhCV2qkMi02aKemvz29bDhmh5JoH7W3IwsXtJYO0yZDYrDR3ioiKRccioPoE
+b/Nq781sEFUCgYEA4xqx9xRpaCLY5nicNI6WrwrDF8YQZisNn+PMnYKP7v8itOgA
+H4GkRbSXINpueKZc2dsbXH3UmJtyEdaAYBw3UIrIKmZHhl9afFE3mZQhXssjGxfl
+fC6/WZD+eq+n+uJFjPXf6jSSAdHjA828dB1D4CSeVTuyexZF6uUnR+QRVNkCgYEA
+i+pb7XLSpZYygY03zFp+Q0h6KyKqz+7hTqmkuA8/GfMZpRHop1UtaWLsAeXhfZ2c
+87kEOKptUHSzLYIWhWWnyLorK1+LQ7vf8Y5XJso5C1KDNCKk4XSuYt94U9FddWa6
+QXI0F1s5BYL6Cfma++0R2+va08Vy+rbf40XtojoXWJkCgYEA0hMQSCvok7is27nQ
+G80KXfmghU2eEB7zif3T00/fwJycxEbmnNeof+SKmhdY4ZgqTscfOxlQPflV/eqB
+xs4GnFDDeM0F8KH0BimOXxr7sJPFCg22PCCQQcRtM/KoU+ip/kNmTfwrsC0xMFPU
+HD8M1JCZF2eLMekXXP3cB0U4sUs=
+-----END PRIVATE KEY-----
--- a/integration-tests/config.go.in
+++ b/integration-tests/config.go.in
@@ -0,0 +1,5 @@
+package nghttp2
+
+const (
+	buildDir = "@top_builddir@"
+)
--- a/integration-tests/nghttpx_http1_test.go
+++ b/integration-tests/nghttpx_http1_test.go
@@ -0,0 +1,549 @@
+package nghttp2
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"github.com/bradfitz/http2/hpack"
+	"golang.org/x/net/websocket"
+	"io"
+	"net/http"
+	"syscall"
+	"testing"
+)
+
+// TestH1H1PlainGET tests whether simple HTTP/1 GET request works.
+func TestH1H1PlainGET(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1PlainGET",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+
+	want := 200
+	if got := res.status; got != want {
+		t.Errorf("status = %v; want %v", got, want)
+	}
+}
+
+// TestH1H1PlainGETClose tests whether simple HTTP/1 GET request with
+// Connetion: close request header field works.
+func TestH1H1PlainGETClose(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1PlainGETClose",
+		header: []hpack.HeaderField{
+			pair("Connection", "close"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+
+	want := 200
+	if got := res.status; got != want {
+		t.Errorf("status = %v; want %v", got, want)
+	}
+}
+
+// TestH1H1InvalidMethod tests that server rejects invalid method with
+// 501 status code
+func TestH1H1InvalidMethod(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward this request")
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name:   "TestH1H1InvalidMethod",
+		method: "get",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+
+	if got, want := res.status, 501; got != want {
+		t.Errorf("status = %v; want %v", got, want)
+	}
+}
+
+// TestH1H1MultipleRequestCL tests that server rejects request which
+// contains multiple Content-Length header fields.
+func TestH1H1MultipleRequestCL(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward bad request")
+	})
+	defer st.Close()
+
+	if _, err := io.WriteString(st.conn, fmt.Sprintf(`GET / HTTP/1.1
+Host: %v
+Test-Case: TestH1H1MultipleRequestCL
+Content-Length: 0
+Content-Length: 0
+
+`, st.authority)); err != nil {
+		t.Fatalf("Error io.WriteString() = %v", err)
+	}
+
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), nil)
+	if err != nil {
+		t.Fatalf("Error http.ReadResponse() = %v", err)
+	}
+
+	want := 400
+	if got := resp.StatusCode; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1ConnectFailure tests that server handles the situation that
+// connection attempt to HTTP/1 backend failed.
+func TestH1H1ConnectFailure(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	// shutdown backend server to simulate backend connect failure
+	st.ts.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1ConnectFailure",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	want := 503
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1GracefulShutdown tests graceful shutdown.
+func TestH1H1GracefulShutdown(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1GracefulShutdown-1",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+
+	st.cmd.Process.Signal(syscall.SIGQUIT)
+
+	res, err = st.http1(requestParam{
+		name: "TestH1H1GracefulShutdown-2",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+
+	if got, want := res.connClose, true; got != want {
+		t.Errorf("res.connClose: %v; want %v", got, want)
+	}
+
+	want := io.EOF
+	if _, err := st.conn.Read(nil); err == nil || err != want {
+		t.Errorf("st.conn.Read(): %v; want %v", err, want)
+	}
+}
+
+// TestH1H1HostRewrite tests that server rewrites Host header field
+func TestH1H1HostRewrite(t *testing.T) {
+	st := newServerTester([]string{"--host-rewrite"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1HostRewrite",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := res.header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1HTTP10 tests that server can accept HTTP/1.0 request
+// without Host header field
+func TestH1H1HTTP10(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	if _, err := io.WriteString(st.conn, "GET / HTTP/1.0\r\nTest-Case: TestH1H1HTTP10\r\n\r\n"); err != nil {
+		t.Fatalf("Error io.WriteString() = %v", err)
+	}
+
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), nil)
+	if err != nil {
+		t.Fatalf("Error http.ReadResponse() = %v", err)
+	}
+
+	if got, want := resp.StatusCode, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := resp.Header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1HTTP10NoHostRewrite tests that server generates host header
+// field using actual backend server even if --no-http-rewrite is
+// used.
+func TestH1H1HTTP10NoHostRewrite(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	if _, err := io.WriteString(st.conn, "GET / HTTP/1.0\r\nTest-Case: TestH1H1HTTP10NoHostRewrite\r\n\r\n"); err != nil {
+		t.Fatalf("Error io.WriteString() = %v", err)
+	}
+
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), nil)
+	if err != nil {
+		t.Fatalf("Error http.ReadResponse() = %v", err)
+	}
+
+	if got, want := resp.StatusCode, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := resp.Header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1RequestTrailer tests request trailer part is forwarded to
+// backend.
+func TestH1H1RequestTrailer(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		buf := make([]byte, 4096)
+		for {
+			_, err := r.Body.Read(buf)
+			if err == io.EOF {
+				break
+			}
+			if err != nil {
+				t.Fatalf("r.Body.Read() = %v", err)
+			}
+		}
+		if got, want := r.Trailer.Get("foo"), "bar"; got != want {
+			t.Errorf("r.Trailer.Get(foo): %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1RequestTrailer",
+		body: []byte("1"),
+		trailer: []hpack.HeaderField{
+			pair("foo", "bar"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1HeaderFieldBufferPath tests that request with request path
+// larger than configured buffer size is rejected.
+func TestH1H1HeaderFieldBufferPath(t *testing.T) {
+	// The value 100 is chosen so that sum of header fields bytes
+	// does not exceed it.  We use > 100 bytes URI to exceed this
+	// limit.
+	st := newServerTester([]string{"--header-field-buffer=100"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1HeaderFieldBufferPath",
+		path: "/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.status, 431; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1HeaderFieldBuffer tests that request with header fields
+// larger than configured buffer size is rejected.
+func TestH1H1HeaderFieldBuffer(t *testing.T) {
+	st := newServerTester([]string{"--header-field-buffer=10"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1HeaderFieldBuffer",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.status, 431; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1HeaderFields tests that request with header fields more
+// than configured number is rejected.
+func TestH1H1HeaderFields(t *testing.T) {
+	st := newServerTester([]string{"--max-header-fields=1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H1HeaderFields",
+		header: []hpack.HeaderField{
+			// Add extra header field to ensure that
+			// header field limit exceeds
+			pair("Connection", "close"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.status, 431; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H1Websocket tests that HTTP Upgrade to WebSocket works.
+func TestH1H1Websocket(t *testing.T) {
+	st := newServerTesterHandler(nil, t, websocket.Handler(func(ws *websocket.Conn) {
+		io.Copy(ws, ws)
+	}))
+	defer st.Close()
+
+	content := []byte("hello world")
+	res, err := st.websocket(requestParam{
+		name: "TestH1H1Websocket",
+		body: content,
+	})
+	if err != nil {
+		t.Fatalf("Error st.websocket() = %v", err)
+	}
+	if got, want := res.body, content; !bytes.Equal(got, want) {
+		t.Errorf("echo: %q; want %q", got, want)
+	}
+}
+
+// TestH1H2ConnectFailure tests that server handles the situation that
+// connection attempt to HTTP/2 backend failed.
+func TestH1H2ConnectFailure(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, noopHandler)
+	defer st.Close()
+
+	// simulate backend connect attempt failure
+	st.ts.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H2ConnectFailure",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	want := 503
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2NoHost tests that server rejects request without Host
+// header field for HTTP/2 backend.
+func TestH1H2NoHost(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward bad request")
+	})
+	defer st.Close()
+
+	// without Host header field, we expect 400 response
+	if _, err := io.WriteString(st.conn, "GET / HTTP/1.1\r\nTest-Case: TestH1H2NoHost\r\n\r\n"); err != nil {
+		t.Fatalf("Error io.WriteString() = %v", err)
+	}
+
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), nil)
+	if err != nil {
+		t.Fatalf("Error http.ReadResponse() = %v", err)
+	}
+
+	want := 400
+	if got := resp.StatusCode; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2HTTP10 tests that server can accept HTTP/1.0 request
+// without Host header field
+func TestH1H2HTTP10(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	if _, err := io.WriteString(st.conn, "GET / HTTP/1.0\r\nTest-Case: TestH1H2HTTP10\r\n\r\n"); err != nil {
+		t.Fatalf("Error io.WriteString() = %v", err)
+	}
+
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), nil)
+	if err != nil {
+		t.Fatalf("Error http.ReadResponse() = %v", err)
+	}
+
+	if got, want := resp.StatusCode, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := resp.Header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2HTTP10NoHostRewrite tests that server generates host header
+// field using actual backend server even if --no-http-rewrite is
+// used.
+func TestH1H2HTTP10NoHostRewrite(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	if _, err := io.WriteString(st.conn, "GET / HTTP/1.0\r\nTest-Case: TestH1H2HTTP10NoHostRewrite\r\n\r\n"); err != nil {
+		t.Fatalf("Error io.WriteString() = %v", err)
+	}
+
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), nil)
+	if err != nil {
+		t.Fatalf("Error http.ReadResponse() = %v", err)
+	}
+
+	if got, want := resp.StatusCode, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := resp.Header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2CrumbleCookie tests that Cookies are crumbled and assembled
+// when forwarding to HTTP/2 backend link.  go-nghttp2 server
+// concatenates crumbled Cookies automatically, so this test is not
+// much effective now.
+func TestH1H2CrumbleCookie(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Cookie"), "alpha; bravo; charlie"; got != want {
+			t.Errorf("Cookie: %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H2CrumbleCookie",
+		header: []hpack.HeaderField{
+			pair("Cookie", "alpha; bravo; charlie"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2GenerateVia tests that server generates Via header field to and
+// from backend server.
+func TestH1H2GenerateVia(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "1.1 nghttpx"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H2GenerateVia",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "2 nghttpx"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2AppendVia tests that server adds value to existing Via
+// header field to and from backend server.
+func TestH1H2AppendVia(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "foo, 1.1 nghttpx"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+		w.Header().Add("Via", "bar")
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H2AppendVia",
+		header: []hpack.HeaderField{
+			pair("via", "foo"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "bar, 2 nghttpx"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestH1H2NoVia tests that server does not add value to existing Via
+// header field to and from backend server.
+func TestH1H2NoVia(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge", "--no-via"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "foo"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+		w.Header().Add("Via", "bar")
+	})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH1H2NoVia",
+		header: []hpack.HeaderField{
+			pair("via", "foo"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "bar"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
--- a/integration-tests/nghttpx_http2_test.go
+++ b/integration-tests/nghttpx_http2_test.go
@@ -0,0 +1,877 @@
+package nghttp2
+
+import (
+	"crypto/tls"
+	"fmt"
+	"github.com/bradfitz/http2"
+	"github.com/bradfitz/http2/hpack"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"strings"
+	"syscall"
+	"testing"
+)
+
+// TestH2H1PlainGET tests whether simple HTTP/2 GET request works.
+func TestH2H1PlainGET(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1PlainGET",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+
+	want := 200
+	if res.status != want {
+		t.Errorf("status = %v; want %v", res.status, want)
+	}
+}
+
+// TestH2H1AddXff tests that server generates X-Forwarded-For header
+// field when forwarding request to backend.
+func TestH2H1AddXff(t *testing.T) {
+	st := newServerTester([]string{"--add-x-forwarded-for"}, t, func(w http.ResponseWriter, r *http.Request) {
+		xff := r.Header.Get("X-Forwarded-For")
+		want := "127.0.0.1"
+		if xff != want {
+			t.Errorf("X-Forwarded-For = %v; want %v", xff, want)
+		}
+	})
+	defer st.Close()
+
+	_, err := st.http2(requestParam{
+		name: "TestH2H1AddXff",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+}
+
+// TestH2H1AddXff2 tests that server appends X-Forwarded-For header
+// field to existing one when forwarding request to backend.
+func TestH2H1AddXff2(t *testing.T) {
+	st := newServerTester([]string{"--add-x-forwarded-for"}, t, func(w http.ResponseWriter, r *http.Request) {
+		xff := r.Header.Get("X-Forwarded-For")
+		want := "host, 127.0.0.1"
+		if xff != want {
+			t.Errorf("X-Forwarded-For = %v; want %v", xff, want)
+		}
+	})
+	defer st.Close()
+
+	_, err := st.http2(requestParam{
+		name: "TestH2H1AddXff2",
+		header: []hpack.HeaderField{
+			pair("x-forwarded-for", "host"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+}
+
+// TestH2H1StripXff tests that --strip-incoming-x-forwarded-for
+// option.
+func TestH2H1StripXff(t *testing.T) {
+	st := newServerTester([]string{"--strip-incoming-x-forwarded-for"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if xff, found := r.Header["X-Forwarded-For"]; found {
+			t.Errorf("X-Forwarded-For = %v; want nothing", xff)
+		}
+	})
+	defer st.Close()
+
+	_, err := st.http2(requestParam{
+		name: "TestH2H1StripXff1",
+		header: []hpack.HeaderField{
+			pair("x-forwarded-for", "host"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+}
+
+// TestH2H1StripAddXff tests that --strip-incoming-x-forwarded-for and
+// --add-x-forwarded-for options.
+func TestH2H1StripAddXff(t *testing.T) {
+	args := []string{
+		"--strip-incoming-x-forwarded-for",
+		"--add-x-forwarded-for",
+	}
+	st := newServerTester(args, t, func(w http.ResponseWriter, r *http.Request) {
+		xff := r.Header.Get("X-Forwarded-For")
+		want := "127.0.0.1"
+		if xff != want {
+			t.Errorf("X-Forwarded-For = %v; want %v", xff, want)
+		}
+	})
+	defer st.Close()
+
+	_, err := st.http2(requestParam{
+		name: "TestH2H1StripAddXff",
+		header: []hpack.HeaderField{
+			pair("x-forwarded-for", "host"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+}
+
+// TestH2H1GenerateVia tests that server generates Via header field to and
+// from backend server.
+func TestH2H1GenerateVia(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "2 nghttpx"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1GenerateVia",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "1.1 nghttpx"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1AppendVia tests that server adds value to existing Via
+// header field to and from backend server.
+func TestH2H1AppendVia(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "foo, 2 nghttpx"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+		w.Header().Add("Via", "bar")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1AppendVia",
+		header: []hpack.HeaderField{
+			pair("via", "foo"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "bar, 1.1 nghttpx"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1NoVia tests that server does not add value to existing Via
+// header field to and from backend server.
+func TestH2H1NoVia(t *testing.T) {
+	st := newServerTester([]string{"--no-via"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "foo"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+		w.Header().Add("Via", "bar")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1NoVia",
+		header: []hpack.HeaderField{
+			pair("via", "foo"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "bar"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1HostRewrite tests that server rewrites host header field
+func TestH2H1HostRewrite(t *testing.T) {
+	st := newServerTester([]string{"--host-rewrite"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1HostRewrite",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := res.header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1NoHostRewrite tests that server does not rewrite host
+// header field
+func TestH2H1NoHostRewrite(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1NoHostRewrite",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := res.header.Get("request-host"), st.frontendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1BadRequestCL tests that server rejects request whose
+// content-length header field value does not match its request body
+// size.
+func TestH2H1BadRequestCL(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	// we set content-length: 1024, but the actual request body is
+	// 3 bytes.
+	res, err := st.http2(requestParam{
+		name:   "TestH2H1BadRequestCL",
+		method: "POST",
+		header: []hpack.HeaderField{
+			pair("content-length", "1024"),
+		},
+		body: []byte("foo"),
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+
+	want := http2.ErrCodeProtocol
+	if res.errCode != want {
+		t.Errorf("res.errCode = %v; want %v", res.errCode, want)
+	}
+}
+
+// TestH2H1BadResponseCL tests that server returns error when
+// content-length response header field value does not match its
+// response body size.
+func TestH2H1BadResponseCL(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		// we set content-length: 1024, but only send 3 bytes.
+		w.Header().Add("Content-Length", "1024")
+		w.Write([]byte("foo"))
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1BadResponseCL",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+
+	want := http2.ErrCodeProtocol
+	if res.errCode != want {
+		t.Errorf("res.errCode = %v; want %v", res.errCode, want)
+	}
+}
+
+// TestH2H1LocationRewrite tests location header field rewriting
+// works.
+func TestH2H1LocationRewrite(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		// TODO we cannot get st.ts's port number here.. 8443
+		// is just a place holder.  We ignore it on rewrite.
+		w.Header().Add("Location", "http://127.0.0.1:8443/p/q?a=b#fragment")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1LocationRewrite",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+
+	want := fmt.Sprintf("http://127.0.0.1:%v/p/q?a=b#fragment", serverPort)
+	if got := res.header.Get("Location"); got != want {
+		t.Errorf("Location: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1ChunkedRequestBody tests that chunked request body works.
+func TestH2H1ChunkedRequestBody(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		want := "[chunked]"
+		if got := fmt.Sprint(r.TransferEncoding); got != want {
+			t.Errorf("Transfer-Encoding: %v; want %v", got, want)
+		}
+		body, err := ioutil.ReadAll(r.Body)
+		if err != nil {
+			t.Fatalf("Error reading r.body: %v", err)
+		}
+		want = "foo"
+		if got := string(body); got != want {
+			t.Errorf("body: %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	_, err := st.http2(requestParam{
+		name:   "TestH2H1ChunkedRequestBody",
+		method: "POST",
+		body:   []byte("foo"),
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+}
+
+// TestH2H1MultipleRequestCL tests that server rejects request with
+// multiple Content-Length request header fields.
+func TestH2H1MultipleRequestCL(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward bad request")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1MultipleRequestCL",
+		header: []hpack.HeaderField{
+			pair("content-length", "1"),
+			pair("content-length", "1"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.errCode, http2.ErrCodeProtocol; got != want {
+		t.Errorf("res.errCode: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1InvalidRequestCL tests that server rejects request with
+// Content-Length which cannot be parsed as a number.
+func TestH2H1InvalidRequestCL(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward bad request")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1InvalidRequestCL",
+		header: []hpack.HeaderField{
+			pair("content-length", ""),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.errCode, http2.ErrCodeProtocol; got != want {
+		t.Errorf("res.errCode: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1ConnectFailure tests that server handles the situation that
+// connection attempt to HTTP/1 backend failed.
+func TestH2H1ConnectFailure(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	// shutdown backend server to simulate backend connect failure
+	st.ts.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1ConnectFailure",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	want := 503
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1InvalidMethod tests that server rejects invalid method with
+// 501.
+func TestH2H1InvalidMethod(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward this request")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name:   "TestH2H1InvalidMethod",
+		method: "get",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 501; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1AssembleCookies tests that crumbled cookies in HTTP/2
+// request is assembled into 1 when forwarding to HTTP/1 backend link.
+func TestH2H1AssembleCookies(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Cookie"), "alpha; bravo; charlie"; got != want {
+			t.Errorf("Cookie: %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1AssembleCookies",
+		header: []hpack.HeaderField{
+			pair("cookie", "alpha"),
+			pair("cookie", "bravo"),
+			pair("cookie", "charlie"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1TETrailers tests that server accepts TE request header
+// field if it has trailers only.
+func TestH2H1TETrailers(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1TETrailers",
+		header: []hpack.HeaderField{
+			pair("te", "trailers"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1TEGzip tests that server resets stream if TE request header
+// field contains gzip.
+func TestH2H1TEGzip(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Error("server should not forward bad request")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1TEGzip",
+		header: []hpack.HeaderField{
+			pair("te", "gzip"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.errCode, http2.ErrCodeProtocol; got != want {
+		t.Errorf("res.errCode = %v; want %v", res.errCode, want)
+	}
+}
+
+// TestH2H1SNI tests server's TLS SNI extension feature.  It must
+// choose appropriate certificate depending on the indicated
+// server_name from client.
+func TestH2H1SNI(t *testing.T) {
+	st := newServerTesterTLSConfig([]string{"--subcert=" + testDir + "/alt-server.key:" + testDir + "/alt-server.crt"}, t, noopHandler, &tls.Config{
+		ServerName: "alt-domain",
+	})
+	defer st.Close()
+
+	tlsConn := st.conn.(*tls.Conn)
+	connState := tlsConn.ConnectionState()
+	cert := connState.PeerCertificates[0]
+
+	if got, want := cert.Subject.CommonName, "alt-domain"; got != want {
+		t.Errorf("CommonName: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1TLSXfp tests nghttpx sends x-forwarded-proto header field
+// with http value since :scheme is http, even if the frontend
+// connection is encrypted.
+func TestH2H1TLSXfp(t *testing.T) {
+	st := newServerTesterTLS(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("x-forwarded-proto"), "http"; got != want {
+			t.Errorf("x-forwarded-proto: want %v; got %v", want, got)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1TLSXfp",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1ServerPush tests server push using Link header field from
+// backend server.
+func TestH2H1ServerPush(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		// only resources marked as rel=preload are pushed
+		if !strings.HasPrefix(r.URL.Path, "/css/") {
+			w.Header().Add("Link", "</css/main.css>; rel=preload, </foo>, </css/theme.css>; rel=preload")
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1ServerPush",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+	if got, want := len(res.pushResponse), 2; got != want {
+		t.Fatalf("len(res.pushResponse): %v; want %v", got, want)
+	}
+	mainCSS := res.pushResponse[0]
+	if got, want := mainCSS.status, 200; got != want {
+		t.Errorf("mainCSS.status: %v; want %v", got, want)
+	}
+	themeCSS := res.pushResponse[1]
+	if got, want := themeCSS.status, 200; got != want {
+		t.Errorf("themeCSS.status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1RequestTrailer tests request trailer part is forwarded to
+// backend.
+func TestH2H1RequestTrailer(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {
+		buf := make([]byte, 4096)
+		for {
+			_, err := r.Body.Read(buf)
+			if err == io.EOF {
+				break
+			}
+			if err != nil {
+				t.Fatalf("r.Body.Read() = %v", err)
+			}
+		}
+		if got, want := r.Trailer.Get("foo"), "bar"; got != want {
+			t.Errorf("r.Trailer.Get(foo): %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1RequestTrailer",
+		body: []byte("1"),
+		trailer: []hpack.HeaderField{
+			pair("foo", "bar"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1HeaderFieldBuffer tests that request with header fields
+// larger than configured buffer size is rejected.
+func TestH2H1HeaderFieldBuffer(t *testing.T) {
+	st := newServerTester([]string{"--header-field-buffer=10"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1HeaderFieldBuffer",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 431; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1HeaderFields tests that request with header fields more
+// than configured number is rejected.
+func TestH2H1HeaderFields(t *testing.T) {
+	st := newServerTester([]string{"--max-header-fields=1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H1HeaderFields",
+		// we have at least 4 pseudo-header fields sent, and
+		// that ensures that buffer limit exceeds.
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 431; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1Upgrade tests HTTP Upgrade to HTTP/2
+func TestH2H1Upgrade(t *testing.T) {
+	st := newServerTester(nil, t, func(w http.ResponseWriter, r *http.Request) {})
+	defer st.Close()
+
+	res, err := st.http1(requestParam{
+		name: "TestH2H1Upgrade",
+		header: []hpack.HeaderField{
+			pair("Connection", "Upgrade, HTTP2-Settings"),
+			pair("Upgrade", "h2c"),
+			pair("HTTP2-Settings", "AAMAAABkAAQAAP__"),
+		},
+	})
+
+	if err != nil {
+		t.Fatalf("Error st.http1() = %v", err)
+	}
+
+	if got, want := res.status, 101; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+
+	res, err = st.http2(requestParam{
+		httpUpgrade: true,
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H1GracefulShutdown tests graceful shutdown.
+func TestH2H1GracefulShutdown(t *testing.T) {
+	st := newServerTester(nil, t, noopHandler)
+	defer st.Close()
+
+	fmt.Fprint(st.conn, "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n")
+	if err := st.fr.WriteSettings(); err != nil {
+		t.Fatalf("st.fr.WriteSettings(): %v", err)
+	}
+
+	header := []hpack.HeaderField{
+		pair(":method", "GET"),
+		pair(":scheme", "http"),
+		pair(":authority", st.authority),
+		pair(":path", "/"),
+	}
+
+	for _, h := range header {
+		_ = st.enc.WriteField(h)
+	}
+
+	if err := st.fr.WriteHeaders(http2.HeadersFrameParam{
+		StreamID:      1,
+		EndStream:     false,
+		EndHeaders:    true,
+		BlockFragment: st.headerBlkBuf.Bytes(),
+	}); err != nil {
+		t.Fatalf("st.fr.WriteHeaders(): %v", err)
+	}
+
+	// send SIGQUIT signal to nghttpx to perform graceful shutdown
+	st.cmd.Process.Signal(syscall.SIGQUIT)
+
+	// after signal, finish request body
+	if err := st.fr.WriteData(1, true, nil); err != nil {
+		t.Fatalf("st.fr.WriteData(): %v", err)
+	}
+
+	numGoAway := 0
+
+	for {
+		fr, err := st.readFrame()
+		if err != nil {
+			if err == io.EOF {
+				want := 2
+				if got := numGoAway; got != want {
+					t.Fatalf("numGoAway: %v; want %v", got, want)
+				}
+				return
+			}
+			t.Fatalf("st.readFrame(): %v", err)
+		}
+		switch f := fr.(type) {
+		case *http2.GoAwayFrame:
+			numGoAway += 1
+			want := http2.ErrCodeNo
+			if got := f.ErrCode; got != want {
+				t.Fatalf("f.ErrCode(%v): %v; want %v", numGoAway, got, want)
+			}
+			switch numGoAway {
+			case 1:
+				want := (uint32(1) << 31) - 1
+				if got := f.LastStreamID; got != want {
+					t.Fatalf("f.LastStreamID(%v): %v; want %v", numGoAway, got, want)
+				}
+			case 2:
+				want := uint32(1)
+				if got := f.LastStreamID; got != want {
+					t.Fatalf("f.LastStreamID(%v): %v; want %v", numGoAway, got, want)
+				}
+			case 3:
+				t.Fatalf("too many GOAWAYs received")
+			}
+		}
+	}
+}
+
+// TestH2H2MultipleResponseCL tests that server returns error if
+// multiple Content-Length response header fields are received.
+func TestH2H2MultipleResponseCL(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("content-length", "1")
+		w.Header().Add("content-length", "1")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H2MultipleResponseCL",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.errCode, http2.ErrCodeInternal; got != want {
+		t.Errorf("res.errCode: %v; want %v", got, want)
+	}
+}
+
+// TestH2H2InvalidResponseCL tests that server returns error if
+// Content-Length response header field value cannot be parsed as a
+// number.
+func TestH2H2InvalidResponseCL(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("content-length", "")
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H2InvalidResponseCL",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.errCode, http2.ErrCodeInternal; got != want {
+		t.Errorf("res.errCode: %v; want %v", got, want)
+	}
+}
+
+// TestH2H2ConnectFailure tests that server handles the situation that
+// connection attempt to HTTP/2 backend failed.
+func TestH2H2ConnectFailure(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, noopHandler)
+	defer st.Close()
+
+	// simulate backend connect attempt failure
+	st.ts.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H2ConnectFailure",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	want := 503
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestH2H2HostRewrite tests that server rewrites host header field
+func TestH2H2HostRewrite(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge", "--host-rewrite"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H2HostRewrite",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := res.header.Get("request-host"), st.backendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH2H2NoHostRewrite tests that server does not rewrite host
+// header field
+func TestH2H2NoHostRewrite(t *testing.T) {
+	st := newServerTester([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("request-host", r.Host)
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H2NoHostRewrite",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+	if got, want := res.header.Get("request-host"), st.frontendHost; got != want {
+		t.Errorf("request-host: %v; want %v", got, want)
+	}
+}
+
+// TestH2H2TLSXfp tests nghttpx sends x-forwarded-proto header field
+// with http value since :scheme is http, even if the frontend
+// connection is encrypted.
+func TestH2H2TLSXfp(t *testing.T) {
+	st := newServerTesterTLS([]string{"--http2-bridge"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("x-forwarded-proto"), "http"; got != want {
+			t.Errorf("x-forwarded-proto: want %v; got %v", want, got)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.http2(requestParam{
+		name: "TestH2H2TLSXfp",
+	})
+	if err != nil {
+		t.Fatalf("Error st.http2() = %v", err)
+	}
+	if got, want := res.status, 200; got != want {
+		t.Errorf("res.status: %v; want %v", got, want)
+	}
+}
--- a/integration-tests/nghttpx_spdy_test.go
+++ b/integration-tests/nghttpx_spdy_test.go
@@ -0,0 +1,252 @@
+package nghttp2
+
+import (
+	"github.com/bradfitz/http2/hpack"
+	"github.com/tatsuhiro-t/spdy"
+	"net/http"
+	"testing"
+)
+
+// TestS3H1PlainGET tests whether simple SPDY GET request works.
+func TestS3H1PlainGET(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, noopHandler)
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1PlainGET",
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+
+	want := 200
+	if got := res.status; got != want {
+		t.Errorf("status = %v; want %v", got, want)
+	}
+}
+
+// TestS3H1BadRequestCL tests that server rejects request whose
+// content-length header field value does not match its request body
+// size.
+func TestS3H1BadRequestCL(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, noopHandler)
+	defer st.Close()
+
+	// we set content-length: 1024, but the actual request body is
+	// 3 bytes.
+	res, err := st.spdy(requestParam{
+		name:   "TestS3H1BadRequestCL",
+		method: "POST",
+		header: []hpack.HeaderField{
+			pair("content-length", "1024"),
+		},
+		body: []byte("foo"),
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+
+	want := spdy.ProtocolError
+	if got := res.spdyRstErrCode; got != want {
+		t.Errorf("res.spdyRstErrCode = %v; want %v", got, want)
+	}
+}
+
+// TestS3H1MultipleRequestCL tests that server rejects request with
+// multiple Content-Length request header fields.
+func TestS3H1MultipleRequestCL(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward bad request")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1MultipleRequestCL",
+		header: []hpack.HeaderField{
+			pair("content-length", "1"),
+			pair("content-length", "1"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	want := 400
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1InvalidRequestCL tests that server rejects request with
+// Content-Length which cannot be parsed as a number.
+func TestS3H1InvalidRequestCL(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward bad request")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1InvalidRequestCL",
+		header: []hpack.HeaderField{
+			pair("content-length", ""),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	want := 400
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1GenerateVia tests that server generates Via header field to and
+// from backend server.
+func TestS3H1GenerateVia(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "1.1 nghttpx"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1GenerateVia",
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "1.1 nghttpx"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1AppendVia tests that server adds value to existing Via
+// header field to and from backend server.
+func TestS3H1AppendVia(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "foo, 1.1 nghttpx"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+		w.Header().Add("Via", "bar")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1AppendVia",
+		header: []hpack.HeaderField{
+			pair("via", "foo"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "bar, 1.1 nghttpx"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1NoVia tests that server does not add value to existing Via
+// header field to and from backend server.
+func TestS3H1NoVia(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1", "--no-via"}, t, func(w http.ResponseWriter, r *http.Request) {
+		if got, want := r.Header.Get("Via"), "foo"; got != want {
+			t.Errorf("Via: %v; want %v", got, want)
+		}
+		w.Header().Add("Via", "bar")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1NoVia",
+		header: []hpack.HeaderField{
+			pair("via", "foo"),
+		},
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	if got, want := res.header.Get("Via"), "bar"; got != want {
+		t.Errorf("Via: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1HeaderFieldBuffer tests that request with header fields
+// larger than configured buffer size is rejected.
+func TestS3H1HeaderFieldBuffer(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1", "--header-field-buffer=10"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1HeaderFieldBuffer",
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	if got, want := res.spdyRstErrCode, spdy.InternalError; got != want {
+		t.Errorf("res.spdyRstErrCode: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1HeaderFields tests that request with header fields more
+// than configured number is rejected.
+func TestS3H1HeaderFields(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1", "--max-header-fields=1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Fatal("execution path should not be here")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H1HeaderFields",
+		// we have at least 5 pseudo-header fields sent, and
+		// that ensures that buffer limit exceeds.
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	if got, want := res.spdyRstErrCode, spdy.InternalError; got != want {
+		t.Errorf("res.spdyRstErrCode: %v; want %v", got, want)
+	}
+}
+
+// TestS3H1InvalidMethod tests that server rejects invalid method with
+// 501.
+func TestS3H1InvalidMethod(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1"}, t, func(w http.ResponseWriter, r *http.Request) {
+		t.Errorf("server should not forward this request")
+	})
+	defer st.Close()
+
+	res, err := st.spdy(requestParam{
+		name:   "TestS3H1InvalidMethod",
+		method: "get",
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	if got, want := res.status, 501; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
+
+// TestS3H2ConnectFailure tests that server handles the situation that
+// connection attempt to HTTP/2 backend failed.
+func TestS3H2ConnectFailure(t *testing.T) {
+	st := newServerTesterTLS([]string{"--npn-list=spdy/3.1", "--http2-bridge"}, t, noopHandler)
+	defer st.Close()
+
+	// simulate backend connect attempt failure
+	st.ts.Close()
+
+	res, err := st.spdy(requestParam{
+		name: "TestS3H2ConnectFailure",
+	})
+	if err != nil {
+		t.Fatalf("Error st.spdy() = %v", err)
+	}
+	want := 503
+	if got := res.status; got != want {
+		t.Errorf("status: %v; want %v", got, want)
+	}
+}
--- a/integration-tests/server.crt
+++ b/integration-tests/server.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAm2gAwIBAgIJAOvIx8xIxgyOMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCTEyNy4wLjAuMTAeFw0xNTAxMjMxMjI0
+MjdaFw0yNTAxMjAxMjI0MjdaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l
+LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV
+BAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMuI
+QZRI/iBaxPTjTWGemt8tCEfzZWxuIW3hY/gIhwJDfH2SbourBh1s9vqcqhBq5vmo
+kdfVQXAnNLjIG1uhWmcHuNnKrE5hU82N6i9RsmuM5TQRvhsamHri4G+EXJMu9GqF
+Mso8g7MWpRSGKf+8gfjAVNwfCHFiu8oBcMmy3l54MFHgRLSveAMhiPB0e3Xlnpr5
+2bS/oGTx5ynwPgBpEn2FrpT4Z/aLCLzJ/ysgNH8BXEh7n/v7xM3vd5grqB039rd5
+JoxlWvp+4XpzKp5upaqmOcVUq4pDSFUQ3w6C+v33Z3OK6Qaon7GMxLv3Us3b7PZ3
+1CLoWJR2o3OSnUfO/gUCAwEAAaNQME4wHQYDVR0OBBYEFLc5JWPUUVx4GJesogMV
+w2Rz0L3yMB8GA1UdIwQYMBaAFLc5JWPUUVx4GJesogMVw2Rz0L3yMAwGA1UdEwQF
+MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAP/cJWpM+GEjmVYHFacKTdbXBMox2Xn
+QY2NLm00WPOGvKnO7czMFfX/pEmiq71kD45rLLfbaJP205QpxqiAIvhFhuq50Co7
+sTDtwcDTPLX9H7Ugjt4sTMPiwC14uVXFfoT/J46zMjXwP00qKyfszc2tkIgHfrTl
+h4M1hkdfmMximir/Ii7TdYYJ3oGS8tdcYb6D4DZwAljKmxF6iUOwFCUgpTmqDBT5
+irXY8D27DzuNN5Pg07rwAlwXLCzrJE10UtO4MmRVXwpzmoaRQD4/tna6bZzdetvs
+gPdGP6W1o0q85gullieMJWeKyQA/wasoE7fypn4pHAdTZm/vH+v7GHg=
+-----END CERTIFICATE-----
--- a/integration-tests/server.key
+++ b/integration-tests/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDLiEGUSP4gWsT0
+401hnprfLQhH82VsbiFt4WP4CIcCQ3x9km6LqwYdbPb6nKoQaub5qJHX1UFwJzS4
+yBtboVpnB7jZyqxOYVPNjeovUbJrjOU0Eb4bGph64uBvhFyTLvRqhTLKPIOzFqUU
+hin/vIH4wFTcHwhxYrvKAXDJst5eeDBR4ES0r3gDIYjwdHt15Z6a+dm0v6Bk8ecp
+8D4AaRJ9ha6U+Gf2iwi8yf8rIDR/AVxIe5/7+8TN73eYK6gdN/a3eSaMZVr6fuF6
+cyqebqWqpjnFVKuKQ0hVEN8Ogvr992dziukGqJ+xjMS791LN2+z2d9Qi6FiUdqNz
+kp1Hzv4FAgMBAAECggEACG26GYP0Ui6wHVwUZkiFLVzWDPS9bIIbDEvbMfhYbvWQ
+gDrCLTKF7E4I5FP8jvV+XzRl5cRFE3nsKwLObzr9XWrqcsp73DsXl1mbKx58/ws0
+qrVZZBHz4pLmrHeUxduZ75dYhRuAcLgtWe48awTJdR2x5fO7C8cE89afbxrjLpJE
+tVyiw6vVB0GfWTZodxtAFMTX1KVm4bTngXfg0NF1FBNHAX3Cm6t4YCE41hKSc0IQ
+Jr3C4e9uj8poze1B17k79bGB8HNMbbc8Ws0sdbxi5xnY+HUA/mYQrmGXo8sdqiYC
+EYCMqPm3iJrCmmpHukGf2Vt9k1aLlJ+lxOclSwFO+QKBgQDoRmoprfdmU20LyxYH
+eVeVqggqmhNohwnuhIvOAyrWGUkbDsssqx2Vv82z0WHAAkwEvQ984UzaYWCCL3m3
+JzpF2dz6aKhXIaYnXBlk3STMGUCDT5ysPvsin9z/unzkffh3vrbDBARGFYWG18x
+eUyTDOVVeTZNHUJXGjRyiftCkwKBgQDgUkR6dHU4ciSt7Y0UkyAgtZ7POR41T05L
+bcxbjJeqm6qlj+oP9WUk7JxeSEFUbrMiROABLPPqTwmGo4xrDRx/e7WrqN6QBKC+
+Y8CfalrKRb0np60x7Mxx0kbmHp5cwv9QDKznKViOYSgKxFrOFZyMAEXQdZ3FvjXF
+OQWrw86kBwKBgQDXuxa9MWO3uUJtkqkaNfw/+FVvY/0kt09lJdxHci+l/IQmyl2w
+Vhm7TRK7sXvtfvSl7gblgMgFiC2/nGKbmR/7ag5e3R98aVhlhMywuvyp/GfEORLI
+KVNChfwMezVFUUx+j8BEFHcTuZuzGqcWZ0fUyER0V4k0pDlKdv9BZqBkWwKBgCdP
+o3qGQCilMDJex/OMGPxCd9M+4kFbZZAobMC6cbXPU+dxwgYL7i67XGfVZ8WBJNlj
+kpICK7irIzM6JBh6krzwlBTCIkbA2N6kopQNUl3SPOTfKKXwJp/nxs77HKuK7K09
+m2tjPoatFhRU9sjY1rdeMN3oTr7hp5CpfonsZaEvAoGAEPsZcDd4N9ap5bgaeDy9
+NOfLsIyaxT5k6moRIiy83QPihvCuECP16+r6M5tiSfgt/PtCimdjhRiqXzIHNRhh
+Nfsv13vUtZgt8cYXuTdI4a8feKI7Q4876ME8Qp3WM5/UNZWq6/sWCuZFqbXUhqM0
+mwNEi5Zddzf8VsSL2gCraQg=
+-----END PRIVATE KEY-----
--- a/integration-tests/server_tester.go
+++ b/integration-tests/server_tester.go
@@ -0,0 +1,723 @@
+package nghttp2
+
+import (
+	"bufio"
+	"bytes"
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"github.com/bradfitz/http2"
+	"github.com/bradfitz/http2/hpack"
+	"github.com/tatsuhiro-t/go-nghttp2"
+	"github.com/tatsuhiro-t/spdy"
+	"golang.org/x/net/websocket"
+	"io"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os/exec"
+	"sort"
+	"strconv"
+	"strings"
+	"testing"
+	"time"
+)
+
+const (
+	serverBin  = buildDir + "/src/nghttpx"
+	serverPort = 3009
+	testDir    = buildDir + "/integration-tests"
+)
+
+func pair(name, value string) hpack.HeaderField {
+	return hpack.HeaderField{
+		Name:  name,
+		Value: value,
+	}
+}
+
+type serverTester struct {
+	args          []string  // command-line arguments
+	cmd           *exec.Cmd // test frontend server process, which is test subject
+	url           string    // test frontend server URL
+	t             *testing.T
+	ts            *httptest.Server // backend server
+	frontendHost  string           // frontend server host
+	backendHost   string           // backend server host
+	conn          net.Conn         // connection to frontend server
+	h2PrefaceSent bool             // HTTP/2 preface was sent in conn
+	nextStreamID  uint32           // next stream ID
+	fr            *http2.Framer    // HTTP/2 framer
+	spdyFr        *spdy.Framer     // SPDY/3.1 framer
+	headerBlkBuf  bytes.Buffer     // buffer to store encoded header block
+	enc           *hpack.Encoder   // HTTP/2 HPACK encoder
+	header        http.Header      // received header fields
+	dec           *hpack.Decoder   // HTTP/2 HPACK decoder
+	authority     string           // server's host:port
+	frCh          chan http2.Frame // used for incoming HTTP/2 frame
+	spdyFrCh      chan spdy.Frame  // used for incoming SPDY frame
+	errCh         chan error
+}
+
+// newServerTester creates test context for plain TCP frontend
+// connection.
+func newServerTester(args []string, t *testing.T, handler http.HandlerFunc) *serverTester {
+	return newServerTesterInternal(args, t, handler, false, nil)
+}
+
+func newServerTesterHandler(args []string, t *testing.T, handler http.Handler) *serverTester {
+	return newServerTesterInternal(args, t, handler, false, nil)
+}
+
+// newServerTester creates test context for TLS frontend connection.
+func newServerTesterTLS(args []string, t *testing.T, handler http.HandlerFunc) *serverTester {
+	return newServerTesterInternal(args, t, handler, true, nil)
+}
+
+// newServerTester creates test context for TLS frontend connection
+// with given clientConfig
+func newServerTesterTLSConfig(args []string, t *testing.T, handler http.HandlerFunc, clientConfig *tls.Config) *serverTester {
+	return newServerTesterInternal(args, t, handler, true, clientConfig)
+}
+
+// newServerTesterInternal creates test context.  If frontendTLS is
+// true, set up TLS frontend connection.
+func newServerTesterInternal(args []string, t *testing.T, handler http.Handler, frontendTLS bool, clientConfig *tls.Config) *serverTester {
+	ts := httptest.NewUnstartedServer(handler)
+
+	backendTLS := false
+	for _, k := range args {
+		switch k {
+		case "--http2-bridge":
+			backendTLS = true
+		}
+	}
+	if backendTLS {
+		nghttp2.ConfigureServer(ts.Config, &nghttp2.Server{})
+		// According to httptest/server.go, we have to set
+		// NextProtos separately for ts.TLS.  NextProtos set
+		// in nghttp2.ConfigureServer is effectively ignored.
+		ts.TLS = new(tls.Config)
+		ts.TLS.NextProtos = append(ts.TLS.NextProtos, "h2-14")
+		ts.StartTLS()
+		args = append(args, "-k")
+	} else {
+		ts.Start()
+	}
+	scheme := "http"
+	if frontendTLS {
+		scheme = "https"
+		args = append(args, testDir+"/server.key", testDir+"/server.crt")
+	} else {
+		args = append(args, "--frontend-no-tls")
+	}
+
+	backendURL, err := url.Parse(ts.URL)
+	if err != nil {
+		t.Fatalf("Error parsing URL from httptest.Server: %v", err)
+	}
+
+	// URL.Host looks like "127.0.0.1:8080", but we want
+	// "127.0.0.1,8080"
+	b := "-b" + strings.Replace(backendURL.Host, ":", ",", -1)
+	args = append(args, fmt.Sprintf("-f127.0.0.1,%v", serverPort), b,
+		"--errorlog-file="+testDir+"/log.txt", "-LINFO")
+
+	authority := fmt.Sprintf("127.0.0.1:%v", serverPort)
+
+	st := &serverTester{
+		cmd:          exec.Command(serverBin, args...),
+		t:            t,
+		ts:           ts,
+		url:          fmt.Sprintf("%v://%v", scheme, authority),
+		frontendHost: fmt.Sprintf("127.0.0.1:%v", serverPort),
+		backendHost:  backendURL.Host,
+		nextStreamID: 1,
+		authority:    authority,
+		frCh:         make(chan http2.Frame),
+		spdyFrCh:     make(chan spdy.Frame),
+		errCh:        make(chan error),
+	}
+
+	if err := st.cmd.Start(); err != nil {
+		st.t.Fatalf("Error starting %v: %v", serverBin, err)
+	}
+
+	retry := 0
+	for {
+		var conn net.Conn
+		var err error
+		if frontendTLS {
+			var tlsConfig *tls.Config
+			if clientConfig == nil {
+				tlsConfig = new(tls.Config)
+			} else {
+				tlsConfig = clientConfig
+			}
+			tlsConfig.InsecureSkipVerify = true
+			tlsConfig.NextProtos = []string{"h2-14", "spdy/3.1"}
+			conn, err = tls.Dial("tcp", authority, tlsConfig)
+		} else {
+			conn, err = net.Dial("tcp", authority)
+		}
+		if err != nil {
+			retry += 1
+			if retry >= 100 {
+				st.Close()
+				st.t.Fatalf("Error server is not responding too long; server command-line arguments may be invalid")
+			}
+			time.Sleep(150 * time.Millisecond)
+			continue
+		}
+		if frontendTLS {
+			tlsConn := conn.(*tls.Conn)
+			cs := tlsConn.ConnectionState()
+			if !cs.NegotiatedProtocolIsMutual {
+				st.Close()
+				st.t.Fatalf("Error negotiated next protocol is not mutual")
+			}
+		}
+		st.conn = conn
+		break
+	}
+
+	st.fr = http2.NewFramer(st.conn, st.conn)
+	spdyFr, err := spdy.NewFramer(st.conn, st.conn)
+	if err != nil {
+		st.Close()
+		st.t.Fatalf("Error spdy.NewFramer: %v", err)
+	}
+	st.spdyFr = spdyFr
+	st.enc = hpack.NewEncoder(&st.headerBlkBuf)
+	st.dec = hpack.NewDecoder(4096, func(f hpack.HeaderField) {
+		st.header.Add(f.Name, f.Value)
+	})
+
+	return st
+}
+
+func (st *serverTester) Close() {
+	if st.conn != nil {
+		st.conn.Close()
+	}
+	if st.cmd != nil {
+		st.cmd.Process.Kill()
+		st.cmd.Wait()
+	}
+	if st.ts != nil {
+		st.ts.Close()
+	}
+}
+
+func (st *serverTester) readFrame() (http2.Frame, error) {
+	go func() {
+		f, err := st.fr.ReadFrame()
+		if err != nil {
+			st.errCh <- err
+			return
+		}
+		st.frCh <- f
+	}()
+
+	select {
+	case f := <-st.frCh:
+		return f, nil
+	case err := <-st.errCh:
+		return nil, err
+	case <-time.After(5 * time.Second):
+		return nil, errors.New("timeout waiting for frame")
+	}
+}
+
+func (st *serverTester) readSpdyFrame() (spdy.Frame, error) {
+	go func() {
+		f, err := st.spdyFr.ReadFrame()
+		if err != nil {
+			st.errCh <- err
+			return
+		}
+		st.spdyFrCh <- f
+	}()
+
+	select {
+	case f := <-st.spdyFrCh:
+		return f, nil
+	case err := <-st.errCh:
+		return nil, err
+	case <-time.After(2 * time.Second):
+		return nil, errors.New("timeout waiting for frame")
+	}
+}
+
+type requestParam struct {
+	name        string              // name for this request to identify the request in log easily
+	streamID    uint32              // stream ID, automatically assigned if 0
+	method      string              // method, defaults to GET
+	scheme      string              // scheme, defaults to http
+	authority   string              // authority, defaults to backend server address
+	path        string              // path, defaults to /
+	header      []hpack.HeaderField // additional request header fields
+	body        []byte              // request body
+	trailer     []hpack.HeaderField // trailer part
+	httpUpgrade bool                // true if upgraded to HTTP/2 through HTTP Upgrade
+}
+
+// wrapper for request body to set trailer part
+type chunkedBodyReader struct {
+	trailer        []hpack.HeaderField
+	trailerWritten bool
+	body           io.Reader
+	req            *http.Request
+}
+
+func (cbr *chunkedBodyReader) Read(p []byte) (n int, err error) {
+	// document says that we have to set http.Request.Trailer
+	// after request was sent and before body returns EOF.
+	if !cbr.trailerWritten {
+		cbr.trailerWritten = true
+		for _, h := range cbr.trailer {
+			cbr.req.Trailer.Set(h.Name, h.Value)
+		}
+	}
+	return cbr.body.Read(p)
+}
+
+func (st *serverTester) websocket(rp requestParam) (*serverResponse, error) {
+	urlstring := st.url + "/echo"
+
+	config, err := websocket.NewConfig(urlstring, st.url)
+	if err != nil {
+		st.t.Fatalf("websocket.NewConfig(%q, %q) returned error: %v", urlstring, st.url, err)
+	}
+
+	config.Header.Add("Test-Case", rp.name)
+	for _, h := range rp.header {
+		config.Header.Add(h.Name, h.Value)
+	}
+
+	ws, err := websocket.NewClient(config, st.conn)
+	if err != nil {
+		st.t.Fatalf("Error creating websocket client: %v", err)
+	}
+
+	if _, err := ws.Write(rp.body); err != nil {
+		st.t.Fatalf("ws.Write() returned error: %v", err)
+	}
+
+	msg := make([]byte, 1024)
+	var n int
+	if n, err = ws.Read(msg); err != nil {
+		st.t.Fatalf("ws.Read() returned error: %v", err)
+	}
+
+	res := &serverResponse{
+		body: msg[:n],
+	}
+
+	return res, nil
+}
+
+func (st *serverTester) http1(rp requestParam) (*serverResponse, error) {
+	method := "GET"
+	if rp.method != "" {
+		method = rp.method
+	}
+
+	var body io.Reader
+	var cbr *chunkedBodyReader
+	if rp.body != nil {
+		body = bytes.NewBuffer(rp.body)
+		if len(rp.trailer) != 0 {
+			cbr = &chunkedBodyReader{
+				trailer: rp.trailer,
+				body:    body,
+			}
+			body = cbr
+		}
+	}
+
+	reqURL := st.url
+
+	if rp.path != "" {
+		u, err := url.Parse(st.url)
+		if err != nil {
+			st.t.Fatalf("Error parsing URL from st.url %v: %v", st.url, err)
+		}
+		u.Path = rp.path
+		reqURL = u.String()
+	}
+
+	req, err := http.NewRequest(method, reqURL, body)
+	if err != nil {
+		return nil, err
+	}
+	for _, h := range rp.header {
+		req.Header.Add(h.Name, h.Value)
+	}
+	req.Header.Add("Test-Case", rp.name)
+	if cbr != nil {
+		cbr.req = req
+		// this makes request use chunked encoding
+		req.ContentLength = -1
+		req.Trailer = make(http.Header)
+		for _, h := range cbr.trailer {
+			req.Trailer.Set(h.Name, "")
+		}
+	}
+	if err := req.Write(st.conn); err != nil {
+		return nil, err
+	}
+	resp, err := http.ReadResponse(bufio.NewReader(st.conn), req)
+	if err != nil {
+		return nil, err
+	}
+	respBody, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+	resp.Body.Close()
+
+	res := &serverResponse{
+		status:    resp.StatusCode,
+		header:    resp.Header,
+		body:      respBody,
+		connClose: resp.Close,
+	}
+
+	return res, nil
+}
+
+func (st *serverTester) spdy(rp requestParam) (*serverResponse, error) {
+	res := &serverResponse{}
+
+	var id spdy.StreamId
+	if rp.streamID != 0 {
+		id = spdy.StreamId(rp.streamID)
+		if id >= spdy.StreamId(st.nextStreamID) && id%2 == 1 {
+			st.nextStreamID = uint32(id) + 2
+		}
+	} else {
+		id = spdy.StreamId(st.nextStreamID)
+		st.nextStreamID += 2
+	}
+
+	method := "GET"
+	if rp.method != "" {
+		method = rp.method
+	}
+
+	scheme := "http"
+	if rp.scheme != "" {
+		scheme = rp.scheme
+	}
+
+	host := st.authority
+	if rp.authority != "" {
+		host = rp.authority
+	}
+
+	path := "/"
+	if rp.path != "" {
+		path = rp.path
+	}
+
+	header := make(http.Header)
+	header.Add(":method", method)
+	header.Add(":scheme", scheme)
+	header.Add(":host", host)
+	header.Add(":path", path)
+	header.Add(":version", "HTTP/1.1")
+	header.Add("test-case", rp.name)
+	for _, h := range rp.header {
+		header.Add(h.Name, h.Value)
+	}
+
+	var synStreamFlags spdy.ControlFlags
+	if len(rp.body) == 0 {
+		synStreamFlags = spdy.ControlFlagFin
+	}
+	if err := st.spdyFr.WriteFrame(&spdy.SynStreamFrame{
+		CFHeader: spdy.ControlFrameHeader{
+			Flags: synStreamFlags,
+		},
+		StreamId: id,
+		Headers:  header,
+	}); err != nil {
+		return nil, err
+	}
+
+	if len(rp.body) != 0 {
+		if err := st.spdyFr.WriteFrame(&spdy.DataFrame{
+			StreamId: id,
+			Flags:    spdy.DataFlagFin,
+			Data:     rp.body,
+		}); err != nil {
+			return nil, err
+		}
+	}
+
+loop:
+	for {
+		fr, err := st.readSpdyFrame()
+		if err != nil {
+			return res, err
+		}
+		switch f := fr.(type) {
+		case *spdy.SynReplyFrame:
+			if f.StreamId != id {
+				break
+			}
+			res.header = cloneHeader(f.Headers)
+			if _, err := fmt.Sscan(res.header.Get(":status"), &res.status); err != nil {
+				return res, fmt.Errorf("Error parsing status code: %v", err)
+			}
+			if f.CFHeader.Flags&spdy.ControlFlagFin != 0 {
+				break loop
+			}
+		case *spdy.DataFrame:
+			if f.StreamId != id {
+				break
+			}
+			res.body = append(res.body, f.Data...)
+			if f.Flags&spdy.DataFlagFin != 0 {
+				break loop
+			}
+		case *spdy.RstStreamFrame:
+			if f.StreamId != id {
+				break
+			}
+			res.spdyRstErrCode = f.Status
+			break loop
+		case *spdy.GoAwayFrame:
+			if f.Status == spdy.GoAwayOK {
+				break
+			}
+			res.spdyGoAwayErrCode = f.Status
+			break loop
+		}
+	}
+	return res, nil
+}
+
+func (st *serverTester) http2(rp requestParam) (*serverResponse, error) {
+	st.headerBlkBuf.Reset()
+	st.header = make(http.Header)
+
+	var id uint32
+	if rp.streamID != 0 {
+		id = rp.streamID
+		if id >= st.nextStreamID && id%2 == 1 {
+			st.nextStreamID = id + 2
+		}
+	} else {
+		id = st.nextStreamID
+		st.nextStreamID += 2
+	}
+
+	if !st.h2PrefaceSent {
+		st.h2PrefaceSent = true
+		fmt.Fprint(st.conn, "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n")
+		if err := st.fr.WriteSettings(); err != nil {
+			return nil, err
+		}
+	}
+
+	res := &serverResponse{
+		streamID: id,
+	}
+
+	streams := make(map[uint32]*serverResponse)
+	streams[id] = res
+
+	if !rp.httpUpgrade {
+		method := "GET"
+		if rp.method != "" {
+			method = rp.method
+		}
+		_ = st.enc.WriteField(pair(":method", method))
+
+		scheme := "http"
+		if rp.scheme != "" {
+			scheme = rp.scheme
+		}
+		_ = st.enc.WriteField(pair(":scheme", scheme))
+
+		authority := st.authority
+		if rp.authority != "" {
+			authority = rp.authority
+		}
+		_ = st.enc.WriteField(pair(":authority", authority))
+
+		path := "/"
+		if rp.path != "" {
+			path = rp.path
+		}
+		_ = st.enc.WriteField(pair(":path", path))
+
+		_ = st.enc.WriteField(pair("test-case", rp.name))
+
+		for _, h := range rp.header {
+			_ = st.enc.WriteField(h)
+		}
+
+		err := st.fr.WriteHeaders(http2.HeadersFrameParam{
+			StreamID:      id,
+			EndStream:     len(rp.body) == 0 && len(rp.trailer) == 0,
+			EndHeaders:    true,
+			BlockFragment: st.headerBlkBuf.Bytes(),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		if len(rp.body) != 0 {
+			// TODO we assume rp.body fits in 1 frame
+			if err := st.fr.WriteData(id, len(rp.trailer) == 0, rp.body); err != nil {
+				return nil, err
+			}
+		}
+
+		if len(rp.trailer) != 0 {
+			st.headerBlkBuf.Reset()
+			for _, h := range rp.trailer {
+				_ = st.enc.WriteField(h)
+			}
+			err := st.fr.WriteHeaders(http2.HeadersFrameParam{
+				StreamID:      id,
+				EndStream:     true,
+				EndHeaders:    true,
+				BlockFragment: st.headerBlkBuf.Bytes(),
+			})
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+loop:
+	for {
+		fr, err := st.readFrame()
+		if err != nil {
+			return res, err
+		}
+		switch f := fr.(type) {
+		case *http2.HeadersFrame:
+			_, err := st.dec.Write(f.HeaderBlockFragment())
+			if err != nil {
+				return res, err
+			}
+			sr, ok := streams[f.FrameHeader.StreamID]
+			if !ok {
+				st.header = make(http.Header)
+				break
+			}
+			sr.header = cloneHeader(st.header)
+			var status int
+			status, err = strconv.Atoi(sr.header.Get(":status"))
+			if err != nil {
+				return res, fmt.Errorf("Error parsing status code: %v", err)
+			}
+			sr.status = status
+			if f.StreamEnded() {
+				if streamEnded(res, streams, sr) {
+					break loop
+				}
+			}
+		case *http2.PushPromiseFrame:
+			_, err := st.dec.Write(f.HeaderBlockFragment())
+			if err != nil {
+				return res, err
+			}
+			sr := &serverResponse{
+				streamID:  f.PromiseID,
+				reqHeader: cloneHeader(st.header),
+			}
+			streams[sr.streamID] = sr
+		case *http2.DataFrame:
+			sr, ok := streams[f.FrameHeader.StreamID]
+			if !ok {
+				break
+			}
+			sr.body = append(sr.body, f.Data()...)
+			if f.StreamEnded() {
+				if streamEnded(res, streams, sr) {
+					break loop
+				}
+			}
+		case *http2.RSTStreamFrame:
+			sr, ok := streams[f.FrameHeader.StreamID]
+			if !ok {
+				break
+			}
+			sr.errCode = f.ErrCode
+			if streamEnded(res, streams, sr) {
+				break loop
+			}
+		case *http2.GoAwayFrame:
+			if f.ErrCode == http2.ErrCodeNo {
+				break
+			}
+			res.errCode = f.ErrCode
+			res.connErr = true
+			break loop
+		case *http2.SettingsFrame:
+			if f.IsAck() {
+				break
+			}
+			if err := st.fr.WriteSettingsAck(); err != nil {
+				return res, err
+			}
+		}
+	}
+	sort.Sort(ByStreamID(res.pushResponse))
+	return res, nil
+}
+
+func streamEnded(mainSr *serverResponse, streams map[uint32]*serverResponse, sr *serverResponse) bool {
+	delete(streams, sr.streamID)
+	if mainSr.streamID != sr.streamID {
+		mainSr.pushResponse = append(mainSr.pushResponse, sr)
+	}
+	return len(streams) == 0
+}
+
+type serverResponse struct {
+	status            int                  // HTTP status code
+	header            http.Header          // response header fields
+	body              []byte               // response body
+	streamID          uint32               // stream ID in HTTP/2
+	errCode           http2.ErrCode        // error code received in HTTP/2 RST_STREAM or GOAWAY
+	connErr           bool                 // true if HTTP/2 connection error
+	spdyGoAwayErrCode spdy.GoAwayStatus    // status code received in SPDY RST_STREAM
+	spdyRstErrCode    spdy.RstStreamStatus // status code received in SPDY GOAWAY
+	connClose         bool                 // Conection: close is included in response header in HTTP/1 test
+	reqHeader         http.Header          // http request header, currently only sotres pushed request header
+	pushResponse      []*serverResponse    // pushed response
+}
+
+type ByStreamID []*serverResponse
+
+func (b ByStreamID) Len() int {
+	return len(b)
+}
+
+func (b ByStreamID) Swap(i, j int) {
+	b[i], b[j] = b[j], b[i]
+}
+
+func (b ByStreamID) Less(i, j int) bool {
+	return b[i].streamID < b[j].streamID
+}
+
+func cloneHeader(h http.Header) http.Header {
+	h2 := make(http.Header, len(h))
+	for k, vv := range h {
+		vv2 := make([]string, len(vv))
+		copy(vv2, vv)
+		h2[k] = vv2
+	}
+	return h2
+}
+
+func noopHandler(w http.ResponseWriter, r *http.Request) {}
--- a/integration-tests/setenv.in
+++ b/integration-tests/setenv.in
@@ -0,0 +1,6 @@
+#!/bin/sh -e
+
+export CGO_CFLAGS="-I@abs_top_srcdir@/lib/includes -I@abs_top_builddir@/lib/includes"
+export CGO_LDFLAGS="-L@abs_top_builddir@/lib/.libs"
+export LD_LIBRARY_PATH="@abs_top_builddir@/lib/.libs"
+"$@"
--- a/lib/.gitignore
+++ b/lib/.gitignore
@@ -0,0 +1,3 @@
+# generated files
+includes/nghttp2/nghttp2ver.h
+libnghttp2.pc
--- a/Show More
+++ b/Show More