Fijxu
/
nginx-quic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nginx-quic/src/http/v2
History
Ruslan Ermilov 416bbdcff3 HTTP/2: limit the number of idle state switches. 
An attack that continuously switches HTTP/2 connection between
idle and active states can result in excessive CPU usage.
This is because when a connection switches to the idle state,
all of its memory pool caches are freed.

This change limits the maximum allowed number of idle state
switches to 10 * http2_max_requests (i.e., 10000 by default).
This limits possible CPU usage in one connection, and also
imposes a limit on the maximum lifetime of a connection.

Initially reported by Gal Goldshtein from F5 Networks.
 		2018-11-06 16:29:49 +03:00
..
ngx_http_v2.c HTTP/2: limit the number of idle state switches. 2018-11-06 16:29:49 +03:00
ngx_http_v2.h HTTP/2: limit the number of idle state switches. 2018-11-06 16:29:49 +03:00
ngx_http_v2_encode.c HTTP/2: externalized various constants and interfaces. 2018-03-17 23:04:20 +03:00
ngx_http_v2_filter_module.c HTTP/2: improved frame info debugging. 2018-03-19 21:32:15 +03:00
ngx_http_v2_huff_decode.c The HTTP/2 implementation (RFC 7240, 7241). 2015-09-11 20:13:06 +03:00
ngx_http_v2_huff_encode.c HTTP/2: fixed undefined behavior in ngx_http_v2_huff_encode(). 2016-02-12 16:36:20 +03:00
ngx_http_v2_module.c HTTP/2: server push. 2018-02-08 09:55:03 +03:00
ngx_http_v2_module.h HTTP/2: server push. 2018-02-08 09:55:03 +03:00
ngx_http_v2_table.c HTTP/2: externalized various constants and interfaces. 2018-03-17 23:04:20 +03:00