Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

h2: Rapid reset mitigations (7.4) #4009

Merged
merged 18 commits into from
Oct 23, 2023
Merged

Commits on Oct 18, 2023

  1. Configuration menu
    Copy the full SHA
    ce3c6b5 View commit details
    Browse the repository at this point in the history
  2. h2: Add a rate limit facility for h/2 RST handling

    This adds parameters h2_rst_allowance and h2_rst_allowance_period,
    which govern the rate of which we allow clients to reset h/2 streams.
    
    If the limit is exceeded the connection is closed.
    
    Mitigates: varnishcache#3996
    daghf authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    9dda589 View commit details
    Browse the repository at this point in the history
  3. Introduce RAPID_RESET as a sess_close reason

    daghf authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    856e2fd View commit details
    Browse the repository at this point in the history
  4. Add param h2_rapid_reset

    Only RST frames received earlier than this duration will be considered
    rapid.
    daghf authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    5eb4c5c View commit details
    Browse the repository at this point in the history
  5. Polish h2_rapid_reset docs

    nigoroll authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    56eded7 View commit details
    Browse the repository at this point in the history
  6. Flexelinting

    bsdphk authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    cbadf10 View commit details
    Browse the repository at this point in the history
  7. slinkified dridi-polish

    nigoroll authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    0e37f4f View commit details
    Browse the repository at this point in the history
  8. vtc: Avoid cycling the barrier in t02014

    It was particularly hard to follow once we reach client c3.
    dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    727882c View commit details
    Browse the repository at this point in the history
  9. transport: New poll method

    The goal is for top-level transports to report whether the client is
    still present or not.
    dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    a983f4b View commit details
    Browse the repository at this point in the history
  10. vcl_vrt: Skip VCL execution if the client is gone

    Once a client is reportedly gone, processing its VCL task(s) is just a
    waste of resources. The execution of client-facing VCL is intercepted
    and an artificial return(fail) is returned in that scenario.
    
    Thanks to the introduction of the universal return(fail) proper error
    handling and resource tear down is already in place, which makes this
    change safe modulus unknown bugs. This adds a circuit breaker anywhere
    in the client state machine where there is VCL execution.
    
    A new Reset time stamp is logged to convey when a task does not complete
    because the client is gone. This is a good complement to the walk away
    feature and its original circuit breaker for the waiting list, but this
    has not been integrated yet.
    
    While the request is technically failed, it won't increase the vcl_fail
    counter, and a new req_reset counter is incremented. This new behavior
    is guarded by a new vcl_req_reset feature flag, enabled by default.
    
    Refs varnishcache#3835
    Refs 61a15cb
    Refs e5efc2c
    Refs ba54dc9
    Refs 6f50a00
    Refs b881699
    dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    2c5b14a View commit details
    Browse the repository at this point in the history
  11. http2_session: Implement transport polling

    The error check is not performed in a critical section to avoid
    contention, at the risk of not seeing the error until the next
    transport poll.
    dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    6ecc9ec View commit details
    Browse the repository at this point in the history
  12. vtc: Stabilize r3996 and increase coverage

    With varnishcache#3998 we need to ensure streams are not going to skip vcl_recv if
    reset faster than reaching this step for the request task.
    
    The alternative to prevent the vcl_req_reset feature from interfering
    is to simply disable it.
    dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    b27f508 View commit details
    Browse the repository at this point in the history
  13. vtc: Missing synchronization in t02025

    Noticed while porting varnishcache#3998 to the 6.0 branch with a varnishtest more
    sensitive to timing.
    dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    e3847e1 View commit details
    Browse the repository at this point in the history
  14. Copy rapid reset parameters to the h2 session

    This will allow per-session adjustments and also significantly
    lower the risk of inconsistent calculations in the rate limit
    code during parameter changes.
    
    Ref varnishcache#3996
    nigoroll authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    e12a088 View commit details
    Browse the repository at this point in the history
  15. Configuration menu
    Copy the full SHA
    b0301c5 View commit details
    Browse the repository at this point in the history
  16. Start with a reasonable default for h2_rapid_reset_limit

    as agreed on IRC.
    nigoroll authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    498adbd View commit details
    Browse the repository at this point in the history
  17. Adjust test case to previous commit

    (sorry)
    nigoroll authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    f1c044c View commit details
    Browse the repository at this point in the history
  18. Flexelinting

    we can not make the parameter const because API.
    nigoroll authored and dridi committed Oct 18, 2023
    Configuration menu
    Copy the full SHA
    eb8aed1 View commit details
    Browse the repository at this point in the history