From: Frédéric Lécaille Date: Tue, 14 Nov 2023 17:31:38 +0000 (+0100) Subject: MINOR: proxy: Add "handshake" new timeout (frontend side) X-Git-Tag: v2.9-dev10~37 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b33eacc52360ed7818c1e2927adf478e0a2ce789;p=thirdparty%2Fhaproxy.git MINOR: proxy: Add "handshake" new timeout (frontend side) Add a new timeout for the handshake, on the frontend side only. Such a hanshake will be typically used for TLS hanshakes during client connections to TLS/TCP or QUIC frontends. --- diff --git a/include/haproxy/proxy-t.h b/include/haproxy/proxy-t.h index e8cb7a5eef..e07ebf03df 100644 --- a/include/haproxy/proxy-t.h +++ b/include/haproxy/proxy-t.h @@ -338,6 +338,7 @@ struct proxy { int queue; /* queue timeout, defaults to connect if unspecified */ int connect; /* connect timeout (in ticks) */ int server; /* server I/O timeout (in ticks) */ + int handshake; /* maximum time for handshake completion */ int httpreq; /* maximum time for complete HTTP request */ int httpka; /* maximum time for a new HTTP request when using keep-alive */ int check; /* maximum time for complete check */ diff --git a/src/proxy.c b/src/proxy.c index f1b81f6f8a..51823b3781 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -524,6 +524,10 @@ static int proxy_parse_timeout(char **args, int section, struct proxy *proxy, tv = &proxy->timeout.tarpit; td = &defpx->timeout.tarpit; cap = PR_CAP_FE | PR_CAP_BE; + } else if (strcmp(args[0], "handshake") == 0) { + tv = &proxy->timeout.handshake; + td = &defpx->timeout.handshake; + cap = PR_CAP_FE; } else if (strcmp(args[0], "http-keep-alive") == 0) { tv = &proxy->timeout.httpka; td = &defpx->timeout.httpka; @@ -574,7 +578,7 @@ static int proxy_parse_timeout(char **args, int section, struct proxy *proxy, } else { memprintf(err, "'timeout' supports 'client', 'server', 'connect', 'check', " - "'queue', 'http-keep-alive', 'http-request', 'tunnel', 'tarpit', " + "'queue', 'handshake', 'http-keep-alive', 'http-request', 'tunnel', 'tarpit', " "'client-fin' and 'server-fin' (got '%s')", args[0]); return -1; @@ -1797,6 +1801,7 @@ static int proxy_defproxy_cpy(struct proxy *curproxy, const struct proxy *defpro if (curproxy->cap & PR_CAP_FE) { curproxy->timeout.client = defproxy->timeout.client; + curproxy->timeout.handshake = defproxy->timeout.handshake; curproxy->timeout.clientfin = defproxy->timeout.clientfin; curproxy->timeout.tarpit = defproxy->timeout.tarpit; curproxy->timeout.httpreq = defproxy->timeout.httpreq;