[master] a89603149 Add param h2_rapid_reset
Dag Haavi Finstad
daghf at varnish-software.com
Tue Oct 17 13:59:06 UTC 2023
commit a8960314928904b6f84665095361371551c1201f
Author: Dag Haavi Finstad <daghf at varnish-software.com>
Date: Tue Oct 17 11:27:44 2023 +0200
Add param h2_rapid_reset
Only RST frames received earlier than this duration will be considered
rapid.
diff --git a/bin/varnishd/http2/cache_http2_proto.c b/bin/varnishd/http2/cache_http2_proto.c
index a464a4508..50504c021 100644
--- a/bin/varnishd/http2/cache_http2_proto.c
+++ b/bin/varnishd/http2/cache_http2_proto.c
@@ -335,6 +335,11 @@ h2_rapid_reset(struct worker *wrk, struct h2_sess *h2, struct h2_req *r2)
return (0);
now = VTIM_real();
+ CHECK_OBJ_NOTNULL(r2->req, REQ_MAGIC);
+ AN(r2->req->t_first);
+ if (now - r2->req->t_first > cache_param->h2_rapid_reset)
+ return (0);
+
d = now - h2->last_rst;
h2->rst_budget += cache_param->h2_rapid_reset_limit * d /
cache_param->h2_rapid_reset_period;
diff --git a/bin/varnishtest/tests/r03996.vtc b/bin/varnishtest/tests/r03996.vtc
index 6feef4963..3fee3706c 100644
--- a/bin/varnishtest/tests/r03996.vtc
+++ b/bin/varnishtest/tests/r03996.vtc
@@ -10,6 +10,7 @@ server s1 {
varnish v1 -cliok "param.set feature +http2"
varnish v1 -cliok "param.set debug +syncvsl"
varnish v1 -cliok "param.set h2_rapid_reset_limit 3"
+varnish v1 -cliok "param.set h2_rapid_reset 5"
varnish v1 -vcl+backend {
import vtc;
diff --git a/include/tbl/params.h b/include/tbl/params.h
index cbea1bc31..530b60c39 100644
--- a/include/tbl/params.h
+++ b/include/tbl/params.h
@@ -1257,6 +1257,20 @@ PARAM_SIMPLE(
"HTTP2 maximum size of an uncompressed header list."
)
+PARAM_SIMPLE(
+ /* name */ h2_rapid_reset,
+ /* typ */ timeout,
+ /* min */ "0.000",
+ /* max */ NULL,
+ /* def */ "1.000",
+ /* units */ "seconds",
+ /* descr */
+ "The upper threshold for how rapid an http/2 RST has to come for "
+ "it to be treated as suspect and subjected to the rate limits "
+ "specified by h2_rapid_reset_limit and h2_rapid_reset_period.",
+ /* flags */ EXPERIMENTAL,
+)
+
PARAM_SIMPLE(
/* name */ h2_rapid_reset_limit,
/* typ */ uint,
@@ -1284,7 +1298,6 @@ PARAM_SIMPLE(
/* flags */ EXPERIMENTAL|WIZARD,
)
-
/*--------------------------------------------------------------------
* Memory pool parameters
*/
More information about the varnish-commit
mailing list