diff options
| author | robot-contrib <robot-contrib@yandex-team.com> | 2023-10-25 12:55:51 +0300 |
|---|---|---|
| committer | robot-contrib <robot-contrib@yandex-team.com> | 2023-10-25 13:24:01 +0300 |
| commit | d04e402b33f2eb5a5badb27b5057b482b1b244d3 (patch) | |
| tree | 6d8c2af00ddfb6866e65eef0778a0871e5c76c7d | |
| parent | 8b6a28a37e94c02732126217eb25f0a046aee44a (diff) | |
| download | ydb-d04e402b33f2eb5a5badb27b5057b482b1b244d3.tar.gz | |
Update contrib/libs/nghttp2 to 1.57.0
| -rw-r--r-- | contrib/libs/nghttp2/CMakeLists.darwin-x86_64.txt | 2 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/CMakeLists.linux-aarch64.txt | 2 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/CMakeLists.linux-x86_64.txt | 2 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/README.rst | 6 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/config.h | 15 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2.h | 17 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2ver.h | 4 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_option.c | 7 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_option.h | 6 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_ratelim.c | 75 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_ratelim.h | 57 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_session.c | 34 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_session.h | 12 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_time.c | 62 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/lib/nghttp2_time.h | 38 | ||||
| -rw-r--r-- | contrib/libs/nghttp2/ya.make | 6 |
16 files changed, 333 insertions, 12 deletions
diff --git a/contrib/libs/nghttp2/CMakeLists.darwin-x86_64.txt b/contrib/libs/nghttp2/CMakeLists.darwin-x86_64.txt index 90e3c9ccba..9beefb6078 100644 --- a/contrib/libs/nghttp2/CMakeLists.darwin-x86_64.txt +++ b/contrib/libs/nghttp2/CMakeLists.darwin-x86_64.txt @@ -39,10 +39,12 @@ target_sources(contrib-libs-nghttp2 PRIVATE ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_pq.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_priority_spec.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_queue.c + ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_ratelim.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_rcbuf.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_session.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_stream.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_submit.c + ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_time.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_version.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/sfparse.c ) diff --git a/contrib/libs/nghttp2/CMakeLists.linux-aarch64.txt b/contrib/libs/nghttp2/CMakeLists.linux-aarch64.txt index b62f0bb925..5704eb276c 100644 --- a/contrib/libs/nghttp2/CMakeLists.linux-aarch64.txt +++ b/contrib/libs/nghttp2/CMakeLists.linux-aarch64.txt @@ -42,10 +42,12 @@ target_sources(contrib-libs-nghttp2 PRIVATE ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_pq.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_priority_spec.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_queue.c + ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_ratelim.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_rcbuf.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_session.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_stream.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_submit.c + ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_time.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_version.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/sfparse.c ) diff --git a/contrib/libs/nghttp2/CMakeLists.linux-x86_64.txt b/contrib/libs/nghttp2/CMakeLists.linux-x86_64.txt index b62f0bb925..5704eb276c 100644 --- a/contrib/libs/nghttp2/CMakeLists.linux-x86_64.txt +++ b/contrib/libs/nghttp2/CMakeLists.linux-x86_64.txt @@ -42,10 +42,12 @@ target_sources(contrib-libs-nghttp2 PRIVATE ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_pq.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_priority_spec.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_queue.c + ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_ratelim.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_rcbuf.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_session.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_stream.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_submit.c + ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_time.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/nghttp2_version.c ${CMAKE_SOURCE_DIR}/contrib/libs/nghttp2/lib/sfparse.c ) diff --git a/contrib/libs/nghttp2/README.rst b/contrib/libs/nghttp2/README.rst index 990af829ca..a513759f5d 100644 --- a/contrib/libs/nghttp2/README.rst +++ b/contrib/libs/nghttp2/README.rst @@ -127,7 +127,7 @@ To enable the experimental HTTP/3 support for h2load and nghttpx, the following libraries are required: * `OpenSSL with QUIC support - <https://github.com/quictls/openssl/tree/OpenSSL_1_1_1v+quic>`_; or + <https://github.com/quictls/openssl/tree/OpenSSL_1_1_1w+quic>`_; or `BoringSSL <https://boringssl.googlesource.com/boringssl/>`_ (commit 6ca49385b168f47a50e7172d82a590b218f55e4d) * `ngtcp2 <https://github.com/ngtcp2/ngtcp2>`_ 0.19.x @@ -343,7 +343,7 @@ Build custom OpenSSL: .. code-block:: text - $ git clone --depth 1 -b OpenSSL_1_1_1v+quic https://github.com/quictls/openssl + $ git clone --depth 1 -b OpenSSL_1_1_1w+quic https://github.com/quictls/openssl $ cd openssl $ ./config --prefix=$PWD/build --openssldir=/etc/ssl $ make -j$(nproc) @@ -366,7 +366,7 @@ Build ngtcp2: .. code-block:: text - $ git clone --depth 1 -b v0.19.0 https://github.com/ngtcp2/ngtcp2 + $ git clone --depth 1 -b v0.19.1 https://github.com/ngtcp2/ngtcp2 $ cd ngtcp2 $ autoreconf -i $ ./configure --prefix=$PWD/build --enable-lib-only \ diff --git a/contrib/libs/nghttp2/config.h b/contrib/libs/nghttp2/config.h index 211a5c4891..36f2476a6b 100644 --- a/contrib/libs/nghttp2/config.h +++ b/contrib/libs/nghttp2/config.h @@ -25,6 +25,9 @@ /* Define to 1 if your system has a working `chown' function. */ #define HAVE_CHOWN 1 +/* Define to 1 if you have the `clock_gettime' function. */ +#define HAVE_CLOCK_GETTIME 1 + /* define if the compiler supports basic C++14 syntax */ #define HAVE_CXX14 1 @@ -54,6 +57,9 @@ /* Define to 1 if you have the `getpwnam' function. */ #define HAVE_GETPWNAM 1 +/* Define to 1 if you have `GetTickCount64` function. */ +/* #undef HAVE_GETTICKCOUNT64 */ + /* Define to 1 if you have the <inttypes.h> header file. */ #define HAVE_INTTYPES_H 1 @@ -183,6 +189,9 @@ /* Define to 1 if you have `struct tm.tm_gmtoff` member. */ #define HAVE_STRUCT_TM_TM_GMTOFF 1 +/* Define to 1 if you have the <sysinfoapi.h> header file. */ +/* #undef HAVE_SYSINFOAPI_H */ + /* Define to 1 if you have the <syslog.h> header file. */ #define HAVE_SYSLOG_H 1 @@ -250,7 +259,7 @@ #define PACKAGE_NAME "nghttp2" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "nghttp2 1.56.0" +#define PACKAGE_STRING "nghttp2 1.57.0" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "nghttp2" @@ -259,7 +268,7 @@ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "1.56.0" +#define PACKAGE_VERSION "1.57.0" /* The size of `int *', as computed by sizeof. */ #define SIZEOF_INT_P 8 @@ -364,7 +373,7 @@ /* Version number of package */ -#define VERSION "1.56.0" +#define VERSION "1.57.0" /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most significant byte first (like Motorola and SPARC, unlike Intel). */ diff --git a/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2.h b/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2.h index 65077dd516..fa22081c51 100644 --- a/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2.h +++ b/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2.h @@ -2759,6 +2759,23 @@ nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation( /** * @function * + * This function sets the rate limit for the incoming stream reset + * (RST_STREAM frame). It is server use only. It is a token-bucket + * based rate limiter. |burst| specifies the number of tokens that is + * initially available. The maximum number of tokens is capped to + * this value. |rate| specifies the number of tokens that are + * regenerated per second. An incoming RST_STREAM consumes one token. + * If there is no token available, GOAWAY is sent to tear down the + * connection. |burst| and |rate| default to 1000 and 33 + * respectively. + */ +NGHTTP2_EXTERN void +nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option, + uint64_t burst, uint64_t rate); + +/** + * @function + * * Initializes |*session_ptr| for client use. The all members of * |callbacks| are copied to |*session_ptr|. Therefore |*session_ptr| * does not store |callbacks|. The |user_data| is an arbitrary user diff --git a/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2ver.h b/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2ver.h index 7f5251a624..f56954e7fd 100644 --- a/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2ver.h +++ b/contrib/libs/nghttp2/lib/includes/nghttp2/nghttp2ver.h @@ -29,7 +29,7 @@ * @macro * Version number of the nghttp2 library release */ -#define NGHTTP2_VERSION "1.56.0" +#define NGHTTP2_VERSION "1.57.0" /** * @macro @@ -37,6 +37,6 @@ * release. This is a 24 bit number with 8 bits for major number, 8 bits * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. */ -#define NGHTTP2_VERSION_NUM 0x013800 +#define NGHTTP2_VERSION_NUM 0x013900 #endif /* NGHTTP2VER_H */ diff --git a/contrib/libs/nghttp2/lib/nghttp2_option.c b/contrib/libs/nghttp2/lib/nghttp2_option.c index ee0cd0f022..43d4e95229 100644 --- a/contrib/libs/nghttp2/lib/nghttp2_option.c +++ b/contrib/libs/nghttp2/lib/nghttp2_option.c @@ -143,3 +143,10 @@ void nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation( NGHTTP2_OPT_NO_RFC9113_LEADING_AND_TRAILING_WS_VALIDATION; option->no_rfc9113_leading_and_trailing_ws_validation = val; } + +void nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option, + uint64_t burst, uint64_t rate) { + option->opt_set_mask |= NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT; + option->stream_reset_burst = burst; + option->stream_reset_rate = rate; +} diff --git a/contrib/libs/nghttp2/lib/nghttp2_option.h b/contrib/libs/nghttp2/lib/nghttp2_option.h index b228a0754c..2259e1849d 100644 --- a/contrib/libs/nghttp2/lib/nghttp2_option.h +++ b/contrib/libs/nghttp2/lib/nghttp2_option.h @@ -70,6 +70,7 @@ typedef enum { NGHTTP2_OPT_MAX_SETTINGS = 1 << 12, NGHTTP2_OPT_SERVER_FALLBACK_RFC7540_PRIORITIES = 1 << 13, NGHTTP2_OPT_NO_RFC9113_LEADING_AND_TRAILING_WS_VALIDATION = 1 << 14, + NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT = 1 << 15, } nghttp2_option_flag; /** @@ -77,6 +78,11 @@ typedef enum { */ struct nghttp2_option { /** + * NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT + */ + uint64_t stream_reset_burst; + uint64_t stream_reset_rate; + /** * NGHTTP2_OPT_MAX_SEND_HEADER_BLOCK_LENGTH */ size_t max_send_header_block_length; diff --git a/contrib/libs/nghttp2/lib/nghttp2_ratelim.c b/contrib/libs/nghttp2/lib/nghttp2_ratelim.c new file mode 100644 index 0000000000..7011655b00 --- /dev/null +++ b/contrib/libs/nghttp2/lib/nghttp2_ratelim.c @@ -0,0 +1,75 @@ +/* + * nghttp2 - HTTP/2 C Library + * + * Copyright (c) 2023 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp2_ratelim.h" +#include "nghttp2_helper.h" + +void nghttp2_ratelim_init(nghttp2_ratelim *rl, uint64_t burst, uint64_t rate) { + rl->val = rl->burst = burst; + rl->rate = rate; + rl->tstamp = 0; +} + +void nghttp2_ratelim_update(nghttp2_ratelim *rl, uint64_t tstamp) { + uint64_t d, gain; + + if (tstamp == rl->tstamp) { + return; + } + + if (tstamp > rl->tstamp) { + d = tstamp - rl->tstamp; + } else { + d = 1; + } + + rl->tstamp = tstamp; + + if (UINT64_MAX / d < rl->rate) { + rl->val = rl->burst; + + return; + } + + gain = rl->rate * d; + + if (UINT64_MAX - gain < rl->val) { + rl->val = rl->burst; + + return; + } + + rl->val += gain; + rl->val = nghttp2_min(rl->val, rl->burst); +} + +int nghttp2_ratelim_drain(nghttp2_ratelim *rl, uint64_t n) { + if (rl->val < n) { + return -1; + } + + rl->val -= n; + + return 0; +} diff --git a/contrib/libs/nghttp2/lib/nghttp2_ratelim.h b/contrib/libs/nghttp2/lib/nghttp2_ratelim.h new file mode 100644 index 0000000000..866ed3f00a --- /dev/null +++ b/contrib/libs/nghttp2/lib/nghttp2_ratelim.h @@ -0,0 +1,57 @@ +/* + * nghttp2 - HTTP/2 C Library + * + * Copyright (c) 2023 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP2_RATELIM_H +#define NGHTTP2_RATELIM_H + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif /* HAVE_CONFIG_H */ + +#include <nghttp2/nghttp2.h> + +typedef struct nghttp2_ratelim { + /* burst is the maximum value of val. */ + uint64_t burst; + /* rate is the amount of value that is regenerated per 1 tstamp. */ + uint64_t rate; + /* val is the amount of value available to drain. */ + uint64_t val; + /* tstamp is the last timestamp in second resolution that is known + to this object. */ + uint64_t tstamp; +} nghttp2_ratelim; + +/* nghttp2_ratelim_init initializes |rl| with the given parameters. */ +void nghttp2_ratelim_init(nghttp2_ratelim *rl, uint64_t burst, uint64_t rate); + +/* nghttp2_ratelim_update updates rl->val with the current |tstamp| + given in second resolution. */ +void nghttp2_ratelim_update(nghttp2_ratelim *rl, uint64_t tstamp); + +/* nghttp2_ratelim_drain drains |n| from rl->val. It returns 0 if it + succeeds, or -1. */ +int nghttp2_ratelim_drain(nghttp2_ratelim *rl, uint64_t n); + +#endif /* NGHTTP2_RATELIM_H */ diff --git a/contrib/libs/nghttp2/lib/nghttp2_session.c b/contrib/libs/nghttp2/lib/nghttp2_session.c index a45cbeef67..ec5024d0f2 100644 --- a/contrib/libs/nghttp2/lib/nghttp2_session.c +++ b/contrib/libs/nghttp2/lib/nghttp2_session.c @@ -37,6 +37,7 @@ #include "nghttp2_http.h" #include "nghttp2_pq.h" #include "nghttp2_extpri.h" +#include "nghttp2_time.h" #include "nghttp2_debug.h" /* @@ -475,6 +476,10 @@ static int session_new(nghttp2_session **session_ptr, (*session_ptr)->pending_enable_push = 1; (*session_ptr)->pending_no_rfc7540_priorities = UINT8_MAX; + nghttp2_ratelim_init(&(*session_ptr)->stream_reset_ratelim, + NGHTTP2_DEFAULT_STREAM_RESET_BURST, + NGHTTP2_DEFAULT_STREAM_RESET_RATE); + if (server) { (*session_ptr)->server = 1; } @@ -573,6 +578,12 @@ static int session_new(nghttp2_session **session_ptr, (*session_ptr)->opt_flags |= NGHTTP2_OPTMASK_NO_RFC9113_LEADING_AND_TRAILING_WS_VALIDATION; } + + if (option->opt_set_mask & NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT) { + nghttp2_ratelim_init(&(*session_ptr)->stream_reset_ratelim, + option->stream_reset_burst, + option->stream_reset_rate); + } } rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater, @@ -4449,6 +4460,23 @@ static int session_process_priority_frame(nghttp2_session *session) { return nghttp2_session_on_priority_received(session, frame); } +static int session_update_stream_reset_ratelim(nghttp2_session *session) { + if (!session->server || (session->goaway_flags & NGHTTP2_GOAWAY_SUBMITTED)) { + return 0; + } + + nghttp2_ratelim_update(&session->stream_reset_ratelim, + nghttp2_time_now_sec()); + + if (nghttp2_ratelim_drain(&session->stream_reset_ratelim, 1) == 0) { + return 0; + } + + return nghttp2_session_add_goaway(session, session->last_recv_stream_id, + NGHTTP2_INTERNAL_ERROR, NULL, 0, + NGHTTP2_GOAWAY_AUX_NONE); +} + int nghttp2_session_on_rst_stream_received(nghttp2_session *session, nghttp2_frame *frame) { int rv; @@ -4478,7 +4506,8 @@ int nghttp2_session_on_rst_stream_received(nghttp2_session *session, if (nghttp2_is_fatal(rv)) { return rv; } - return 0; + + return session_update_stream_reset_ratelim(session); } static int session_process_rst_stream_frame(nghttp2_session *session) { @@ -7434,6 +7463,9 @@ int nghttp2_session_add_goaway(nghttp2_session *session, int32_t last_stream_id, nghttp2_mem_free(mem, item); return rv; } + + session->goaway_flags |= NGHTTP2_GOAWAY_SUBMITTED; + return 0; } diff --git a/contrib/libs/nghttp2/lib/nghttp2_session.h b/contrib/libs/nghttp2/lib/nghttp2_session.h index 34d2d58528..b119329a04 100644 --- a/contrib/libs/nghttp2/lib/nghttp2_session.h +++ b/contrib/libs/nghttp2/lib/nghttp2_session.h @@ -39,6 +39,7 @@ #include "nghttp2_buf.h" #include "nghttp2_callbacks.h" #include "nghttp2_mem.h" +#include "nghttp2_ratelim.h" /* The global variable for tests where we want to disable strict preface handling. */ @@ -105,6 +106,10 @@ typedef struct { /* The default value of maximum number of concurrent streams. */ #define NGHTTP2_DEFAULT_MAX_CONCURRENT_STREAMS 0xffffffffu +/* The default values for stream reset rate limiter. */ +#define NGHTTP2_DEFAULT_STREAM_RESET_BURST 1000 +#define NGHTTP2_DEFAULT_STREAM_RESET_RATE 33 + /* Internal state when receiving incoming frame */ typedef enum { /* Receiving frame header */ @@ -178,7 +183,9 @@ typedef enum { /* Flag means GOAWAY was sent */ NGHTTP2_GOAWAY_SENT = 0x4, /* Flag means GOAWAY was received */ - NGHTTP2_GOAWAY_RECV = 0x8 + NGHTTP2_GOAWAY_RECV = 0x8, + /* Flag means GOAWAY has been submitted at least once */ + NGHTTP2_GOAWAY_SUBMITTED = 0x10 } nghttp2_goaway_flag; /* nghttp2_inflight_settings stores the SETTINGS entries which local @@ -235,6 +242,9 @@ struct nghttp2_session { /* Queue of In-flight SETTINGS values. SETTINGS bearing ACK is not considered as in-flight. */ nghttp2_inflight_settings *inflight_settings_head; + /* Stream reset rate limiter. If receiving excessive amount of + stream resets, GOAWAY will be sent. */ + nghttp2_ratelim stream_reset_ratelim; /* Sequential number across all streams to process streams in FIFO. */ uint64_t stream_seq; diff --git a/contrib/libs/nghttp2/lib/nghttp2_time.c b/contrib/libs/nghttp2/lib/nghttp2_time.c new file mode 100644 index 0000000000..2a5f1a6ff5 --- /dev/null +++ b/contrib/libs/nghttp2/lib/nghttp2_time.c @@ -0,0 +1,62 @@ +/* + * nghttp2 - HTTP/2 C Library + * + * Copyright (c) 2023 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp2_time.h" + +#ifdef HAVE_TIME_H +# include <time.h> +#endif /* HAVE_TIME_H */ + +#ifdef HAVE_SYSINFOAPI_H +# include <sysinfoapi.h> +#endif /* HAVE_SYSINFOAPI_H */ + +#ifndef HAVE_GETTICKCOUNT64 +static uint64_t time_now_sec(void) { + time_t t = time(NULL); + + if (t == -1) { + return 0; + } + + return (uint64_t)t; +} +#endif /* HAVE_GETTICKCOUNT64 */ + +#ifdef HAVE_CLOCK_GETTIME +uint64_t nghttp2_time_now_sec(void) { + struct timespec tp; + int rv = clock_gettime(CLOCK_MONOTONIC, &tp); + + if (rv == -1) { + return time_now_sec(); + } + + return (uint64_t)tp.tv_sec; +} +#elif defined(HAVE_GETTICKCOUNT64) +uint64_t nghttp2_time_now_sec(void) { return GetTickCount64() / 1000; } +#else /* !HAVE_CLOCK_GETTIME && !HAVE_GETTICKCOUNT64 */ +uint64_t nghttp2_time_now_sec(void) { return time_now_sec(); } +#endif /* !HAVE_CLOCK_GETTIME && !HAVE_GETTICKCOUNT64 */ diff --git a/contrib/libs/nghttp2/lib/nghttp2_time.h b/contrib/libs/nghttp2/lib/nghttp2_time.h new file mode 100644 index 0000000000..03c0bbe944 --- /dev/null +++ b/contrib/libs/nghttp2/lib/nghttp2_time.h @@ -0,0 +1,38 @@ +/* + * nghttp2 - HTTP/2 C Library + * + * Copyright (c) 2023 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP2_TIME_H +#define NGHTTP2_TIME_H + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif /* HAVE_CONFIG_H */ + +#include <nghttp2/nghttp2.h> + +/* nghttp2_time_now_sec returns seconds from implementation-specific + timepoint. If it is unable to get seconds, it returns 0. */ +uint64_t nghttp2_time_now_sec(void); + +#endif /* NGHTTP2_TIME_H */ diff --git a/contrib/libs/nghttp2/ya.make b/contrib/libs/nghttp2/ya.make index 109e161d30..4790f2f32a 100644 --- a/contrib/libs/nghttp2/ya.make +++ b/contrib/libs/nghttp2/ya.make @@ -9,9 +9,9 @@ LICENSE( LICENSE_TEXTS(.yandex_meta/licenses.list.txt) -VERSION(1.56.0) +VERSION(1.57.0) -ORIGINAL_SOURCE(https://github.com/nghttp2/nghttp2/archive/v1.56.0.tar.gz) +ORIGINAL_SOURCE(https://github.com/nghttp2/nghttp2/archive/v1.57.0.tar.gz) ADDINCL( GLOBAL contrib/libs/nghttp2/lib/includes @@ -47,10 +47,12 @@ SRCS( lib/nghttp2_pq.c lib/nghttp2_priority_spec.c lib/nghttp2_queue.c + lib/nghttp2_ratelim.c lib/nghttp2_rcbuf.c lib/nghttp2_session.c lib/nghttp2_stream.c lib/nghttp2_submit.c + lib/nghttp2_time.c lib/nghttp2_version.c lib/sfparse.c ) |