From: Frédéric Lécaille Date: Fri, 17 Nov 2023 17:03:20 +0000 (+0100) Subject: MINOR: quic: Rename "handshake" timeout to "client-hs" X-Git-Tag: v2.9-dev10~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=888d1dc3dcfc9e434195f055c1be5d2abe36c443;p=thirdparty%2Fhaproxy.git MINOR: quic: Rename "handshake" timeout to "client-hs" Use a more specific name for this timeout to distinguish it from a possible future one on the server side. Also update the documentation. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index 8c81bd95ab..f8df7d3f18 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -4609,8 +4609,8 @@ tcp-response inspect-delay X (!) - X X timeout check X - X X timeout client X X X - timeout client-fin X X X - +timeout client-hs X X X - timeout connect X - X X -timeout handshake X X X - timeout http-keep-alive X X X X timeout http-request X X X X timeout queue X - X X @@ -14431,6 +14431,20 @@ timeout client-fin See also : "timeout client", "timeout server-fin", and "timeout tunnel". +timeout client-hs + Set the maximum time to wait for a client TLS handshake to complete. This is + usable both for TCP and QUIC connections. + May be used in sections : defaults | frontend | listen | backend + yes | yes | yes | no + Arguments : + is the timeout value specified in milliseconds by default, but + can be in any other unit if the number is suffixed by the unit, + as explained at the top of this document. + + If this handshake timeout is not set, this is the client timeout which is used + in place. + + timeout connect Set the maximum time to wait for a connection attempt to a server to succeed. May be used in sections : defaults | frontend | listen | backend @@ -14457,19 +14471,6 @@ timeout connect See also: "timeout check", "timeout queue", "timeout server", "timeout tarpit". -timeout handshake - Set the maximum time to wait for a client TLS handshake to complete. This is - usable both for TCP and QUIC connections. - May be used in sections : defaults | frontend | listen | backend - yes | yes | yes | no - Arguments : - is the timeout value specified in milliseconds by default, but - can be in any other unit if the number is suffixed by the unit, - as explained at the top of this document. - - If this handshake timeout is not set, this is the client timeout which is used - in place. - timeout http-keep-alive Set the maximum allowed time to wait for a new HTTP request to appear May be used in sections : defaults | frontend | listen | backend diff --git a/include/haproxy/proxy-t.h b/include/haproxy/proxy-t.h index e07ebf03df..a0db8fad9a 100644 --- a/include/haproxy/proxy-t.h +++ b/include/haproxy/proxy-t.h @@ -338,7 +338,7 @@ struct proxy { int queue; /* queue timeout, defaults to connect if unspecified */ int connect; /* connect timeout (in ticks) */ int server; /* server I/O timeout (in ticks) */ - int handshake; /* maximum time for handshake completion */ + int client_hs; /* maximum time for client handshake completion */ int httpreq; /* maximum time for complete HTTP request */ int httpka; /* maximum time for a new HTTP request when using keep-alive */ int check; /* maximum time for complete check */ diff --git a/src/proxy.c b/src/proxy.c index 51823b3781..001fe0344b 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -524,9 +524,9 @@ static int proxy_parse_timeout(char **args, int section, struct proxy *proxy, tv = &proxy->timeout.tarpit; td = &defpx->timeout.tarpit; cap = PR_CAP_FE | PR_CAP_BE; - } else if (strcmp(args[0], "handshake") == 0) { - tv = &proxy->timeout.handshake; - td = &defpx->timeout.handshake; + } else if (strcmp(args[0], "client-hs") == 0) { + tv = &proxy->timeout.client_hs; + td = &defpx->timeout.client_hs; cap = PR_CAP_FE; } else if (strcmp(args[0], "http-keep-alive") == 0) { tv = &proxy->timeout.httpka; @@ -1801,7 +1801,7 @@ static int proxy_defproxy_cpy(struct proxy *curproxy, const struct proxy *defpro if (curproxy->cap & PR_CAP_FE) { curproxy->timeout.client = defproxy->timeout.client; - curproxy->timeout.handshake = defproxy->timeout.handshake; + curproxy->timeout.client_hs = defproxy->timeout.client_hs; curproxy->timeout.clientfin = defproxy->timeout.clientfin; curproxy->timeout.tarpit = defproxy->timeout.tarpit; curproxy->timeout.httpreq = defproxy->timeout.httpreq; diff --git a/src/quic_conn.c b/src/quic_conn.c index 8792310c7b..018221885e 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -1764,7 +1764,7 @@ static int quic_conn_init_idle_timer_task(struct quic_conn *qc, TRACE_ENTER(QUIC_EV_CONN_NEW, qc); - timeout = px->timeout.handshake ? px->timeout.handshake : px->timeout.client; + timeout = px->timeout.client_hs ? px->timeout.client_hs : px->timeout.client; qc->idle_timer_task = task_new_here(); if (!qc->idle_timer_task) { TRACE_ERROR("Idle timer task allocation failed", QUIC_EV_CONN_NEW, qc); diff --git a/src/session.c b/src/session.c index c090c7c040..3d40ead695 100644 --- a/src/session.c +++ b/src/session.c @@ -281,7 +281,7 @@ int session_accept_fd(struct connection *cli_conn) if (cli_conn->flags & (CO_FL_WAIT_XPRT | CO_FL_EARLY_SSL_HS)) { int timeout; int clt_tmt = p->timeout.client; - int hs_tmt = p->timeout.handshake; + int hs_tmt = p->timeout.client_hs; if (unlikely((sess->task = task_new_here()) == NULL)) goto out_free_sess;