diff options
Diffstat (limited to 'src/shrpx_config.cc')
-rw-r--r-- | src/shrpx_config.cc | 62 |
1 files changed, 51 insertions, 11 deletions
diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc index 89b3672..d856c95 100644 --- a/src/shrpx_config.cc +++ b/src/shrpx_config.cc @@ -282,9 +282,9 @@ read_quic_secret_file(const StringRef &path) { assert(static_cast<size_t>(p - std::begin(s)) == expectedlen * 2); - qkm.id = qkm.reserved[0] & 0xc0; + qkm.id = qkm.reserved[0] & SHRPX_QUIC_DCID_KM_ID_MASK; - if (kms.size() == 4) { + if (kms.size() == 8) { break; } } @@ -2396,6 +2396,9 @@ int option_lookup_token(const char *name, size_t namelen) { if (util::strieq_l("backend-connect-timeou", name, 22)) { return SHRPX_OPTID_BACKEND_CONNECT_TIMEOUT; } + if (util::strieq_l("frontend-header-timeou", name, 22)) { + return SHRPX_OPTID_FRONTEND_HEADER_TIMEOUT; + } break; } break; @@ -2526,9 +2529,15 @@ int option_lookup_token(const char *name, size_t namelen) { } break; case 't': + if (util::strieq_l("frontend-http2-idle-timeou", name, 26)) { + return SHRPX_OPTID_FRONTEND_HTTP2_IDLE_TIMEOUT; + } if (util::strieq_l("frontend-http2-read-timeou", name, 26)) { return SHRPX_OPTID_FRONTEND_HTTP2_READ_TIMEOUT; } + if (util::strieq_l("frontend-http3-idle-timeou", name, 26)) { + return SHRPX_OPTID_FRONTEND_HTTP3_IDLE_TIMEOUT; + } if (util::strieq_l("frontend-http3-read-timeou", name, 26)) { return SHRPX_OPTID_FRONTEND_HTTP3_READ_TIMEOUT; } @@ -2966,13 +2975,28 @@ int parse_config(Config *config, int optid, const StringRef &opt, return 0; } - case SHRPX_OPTID_WORKERS: + case SHRPX_OPTID_WORKERS: { #ifdef NOTHREADS LOG(WARN) << "Threading disabled at build time, no threads created."; return 0; #else // !NOTHREADS - return parse_uint(&config->num_worker, opt, optarg); + size_t n; + + if (parse_uint(&n, opt, optarg) != 0) { + return -1; + } + + if (n > 65530) { + LOG(ERROR) << opt << ": the number of workers must not exceed 65530"; + + return -1; + } + + config->num_worker = n; + + return 0; #endif // !NOTHREADS + } case SHRPX_OPTID_HTTP2_MAX_CONCURRENT_STREAMS: { LOG(WARN) << opt << ": deprecated. Use " << SHRPX_OPT_FRONTEND_HTTP2_MAX_CONCURRENT_STREAMS << " and " @@ -3028,10 +3052,17 @@ int parse_config(Config *config, int optid, const StringRef &opt, return 0; case SHRPX_OPTID_FRONTEND_HTTP2_READ_TIMEOUT: - return parse_duration(&config->conn.upstream.timeout.http2_read, opt, + LOG(WARN) << opt << ": deprecated. Use frontend-http2-idle-timeout"; + // fall through + case SHRPX_OPTID_FRONTEND_HTTP2_IDLE_TIMEOUT: + return parse_duration(&config->conn.upstream.timeout.http2_idle, opt, optarg); case SHRPX_OPTID_FRONTEND_READ_TIMEOUT: - return parse_duration(&config->conn.upstream.timeout.read, opt, optarg); + LOG(WARN) << opt << ": deprecated. Use frontend-header-timeout"; + + return 0; + case SHRPX_OPTID_FRONTEND_HEADER_TIMEOUT: + return parse_duration(&config->http.timeout.header, opt, optarg); case SHRPX_OPTID_FRONTEND_WRITE_TIMEOUT: return parse_duration(&config->conn.upstream.timeout.write, opt, optarg); case SHRPX_OPTID_BACKEND_READ_TIMEOUT: @@ -3907,8 +3938,7 @@ int parse_config(Config *config, int optid, const StringRef &opt, return 0; } case SHRPX_OPTID_FRONTEND_KEEP_ALIVE_TIMEOUT: - return parse_duration(&config->conn.upstream.timeout.idle_read, opt, - optarg); + return parse_duration(&config->conn.upstream.timeout.idle, opt, optarg); case SHRPX_OPTID_PSK_SECRETS: #ifndef OPENSSL_NO_PSK return parse_psk_secrets(config, optarg); @@ -4032,8 +4062,11 @@ int parse_config(Config *config, int optid, const StringRef &opt, return 0; } case SHRPX_OPTID_FRONTEND_HTTP3_READ_TIMEOUT: + LOG(WARN) << opt << ": deprecated. Use frontend-http3-idle-timeout"; + // fall through + case SHRPX_OPTID_FRONTEND_HTTP3_IDLE_TIMEOUT: #ifdef ENABLE_HTTP3 - return parse_duration(&config->conn.upstream.timeout.http3_read, opt, + return parse_duration(&config->conn.upstream.timeout.http3_idle, opt, optarg); #else // !ENABLE_HTTP3 return 0; @@ -4126,12 +4159,13 @@ int parse_config(Config *config, int optid, const StringRef &opt, return 0; case SHRPX_OPTID_QUIC_SERVER_ID: #ifdef ENABLE_HTTP3 - if (optarg.size() != config->quic.server_id.size() * 2 || + if (optarg.size() != sizeof(config->quic.server_id) * 2 || !util::is_hex_string(optarg)) { LOG(ERROR) << opt << ": must be a hex-string"; return -1; } - util::decode_hex(std::begin(config->quic.server_id), optarg); + util::decode_hex(reinterpret_cast<uint8_t *>(&config->quic.server_id), + optarg); #endif // ENABLE_HTTP3 return 0; @@ -4700,6 +4734,7 @@ int resolve_hostname(Address *addr, const char *hostname, uint16_t port, #ifdef ENABLE_HTTP3 QUICKeyingMaterial::QUICKeyingMaterial(QUICKeyingMaterial &&other) noexcept : cid_encryption_ctx{std::exchange(other.cid_encryption_ctx, nullptr)}, + cid_decryption_ctx{std::exchange(other.cid_decryption_ctx, nullptr)}, reserved{other.reserved}, secret{other.secret}, salt{other.salt}, @@ -4710,11 +4745,16 @@ QUICKeyingMaterial::~QUICKeyingMaterial() noexcept { if (cid_encryption_ctx) { EVP_CIPHER_CTX_free(cid_encryption_ctx); } + + if (cid_decryption_ctx) { + EVP_CIPHER_CTX_free(cid_decryption_ctx); + } } QUICKeyingMaterial & QUICKeyingMaterial::operator=(QUICKeyingMaterial &&other) noexcept { cid_encryption_ctx = std::exchange(other.cid_encryption_ctx, nullptr); + cid_decryption_ctx = std::exchange(other.cid_decryption_ctx, nullptr); reserved = other.reserved; secret = other.secret; salt = other.salt; |