[7.4] 5eb4c5c6f Add param h2_rapid_reset

Dridi Boukelmoune dridi.boukelmoune at gmail.com
Mon Oct 23 17:18:08 UTC 2023 

commit 5eb4c5c6f9613944b1c896cb71802342c1debbe3
Author: Dag Haavi Finstad <daghf at varnish-software.com>
Date:   Tue Oct 17 11:27:44 2023 +0200

    Add param h2_rapid_reset
    
    Only RST frames received earlier than this duration will be considered
    rapid.

diff --git a/bin/varnishd/http2/cache_http2_proto.c b/bin/varnishd/http2/cache_http2_proto.c
index a464a4508..50504c021 100644
--- a/bin/varnishd/http2/cache_http2_proto.c
+++ b/bin/varnishd/http2/cache_http2_proto.c
@@ -335,6 +335,11 @@ h2_rapid_reset(struct worker *wrk, struct h2_sess *h2, struct h2_req *r2)
 		return (0);
 
 	now = VTIM_real();
+	CHECK_OBJ_NOTNULL(r2->req, REQ_MAGIC);
+	AN(r2->req->t_first);
+	if (now - r2->req->t_first > cache_param->h2_rapid_reset)
+		return (0);
+
 	d = now - h2->last_rst;
 	h2->rst_budget += cache_param->h2_rapid_reset_limit * d /
 	    cache_param->h2_rapid_reset_period;
diff --git a/bin/varnishtest/tests/r03996.vtc b/bin/varnishtest/tests/r03996.vtc
index 6feef4963..3fee3706c 100644
--- a/bin/varnishtest/tests/r03996.vtc
+++ b/bin/varnishtest/tests/r03996.vtc
@@ -10,6 +10,7 @@ server s1 {
 varnish v1 -cliok "param.set feature +http2"
 varnish v1 -cliok "param.set debug +syncvsl"
 varnish v1 -cliok "param.set h2_rapid_reset_limit 3"
+varnish v1 -cliok "param.set h2_rapid_reset 5"
 
 varnish v1 -vcl+backend {
 	import vtc;
diff --git a/include/tbl/params.h b/include/tbl/params.h
index cbea1bc31..530b60c39 100644
--- a/include/tbl/params.h
+++ b/include/tbl/params.h
@@ -1257,6 +1257,20 @@ PARAM_SIMPLE(
 	"HTTP2 maximum size of an uncompressed header list."
 )
 
+PARAM_SIMPLE(
+	/* name */	h2_rapid_reset,
+	/* typ */	timeout,
+	/* min */	"0.000",
+	/* max */	NULL,
+	/* def */	"1.000",
+	/* units */	"seconds",
+	/* descr */
+       "The upper threshold for how rapid an http/2 RST has to come for "
+       "it to be treated as suspect and subjected to the rate limits "
+       "specified by h2_rapid_reset_limit and h2_rapid_reset_period.",
+	/* flags */	EXPERIMENTAL,
+)
+
 PARAM_SIMPLE(
 	/* name */	h2_rapid_reset_limit,
 	/* typ */	uint,
@@ -1284,7 +1298,6 @@ PARAM_SIMPLE(
 	/* flags */	EXPERIMENTAL|WIZARD,
 )
 
-
 /*--------------------------------------------------------------------
  * Memory pool parameters
  */

More information about the varnish-commit mailing list