aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Johansson <ampley[email protected]>2020-11-02 11:12:21 +0100
committerLoïc Hoguin <[email protected]>2020-11-27 15:51:09 +0100
commitf6049b85a3f55da7edd47a84ec1919a62a881aec (patch)
treef5833ebedfabc7af94087529d23fd3f1e046076a
parent059d58d39fb12765fa6e42c8d95c861ac85c23e2 (diff)
downloadcowboy-f6049b85a3f55da7edd47a84ec1919a62a881aec.tar.gz
cowboy-f6049b85a3f55da7edd47a84ec1919a62a881aec.tar.bz2
cowboy-f6049b85a3f55da7edd47a84ec1919a62a881aec.zip
Use functions for inititalizing rate limiting
... to ensure that the same values are used in all places.
-rw-r--r--src/cowboy_http2.erl23
1 files changed, 14 insertions, 9 deletions
diff --git a/src/cowboy_http2.erl b/src/cowboy_http2.erl
index ad9fa7a..ed2623c 100644
--- a/src/cowboy_http2.erl
+++ b/src/cowboy_http2.erl
@@ -173,12 +173,19 @@ init(Parent, Ref, Socket, Transport, ProxyHeader, Opts, Peer, Sock, Cert, Buffer
_ -> parse(State, Buffer)
end.
-init_rate_limiting(State=#state{opts=Opts}) ->
+init_rate_limiting(State) ->
+ CurrentTime = erlang:monotonic_time(millisecond),
+ init_reset_rate_limiting(init_frame_rate_limiting(State, CurrentTime), CurrentTime).
+
+init_frame_rate_limiting(State=#state{opts=Opts}, CurrentTime) ->
{FrameRateNum, FrameRatePeriod} = maps:get(max_received_frame_rate, Opts, {10000, 10000}),
+ State#state{
+ frame_rate_num=FrameRateNum, frame_rate_time=add_period(CurrentTime, FrameRatePeriod)
+ }.
+
+init_reset_rate_limiting(State=#state{opts=Opts}, CurrentTime) ->
{ResetRateNum, ResetRatePeriod} = maps:get(max_reset_stream_rate, Opts, {10, 10000}),
- CurrentTime = erlang:monotonic_time(millisecond),
State#state{
- frame_rate_num=FrameRateNum, frame_rate_time=add_period(CurrentTime, FrameRatePeriod),
reset_rate_num=ResetRateNum, reset_rate_time=add_period(CurrentTime, ResetRatePeriod)
}.
@@ -331,7 +338,7 @@ parse(State=#state{http2_status=Status, http2_machine=HTTP2Machine, streams=Stre
%% Frame rate flood protection.
-frame_rate(State0=#state{opts=Opts, frame_rate_num=Num0, frame_rate_time=Time}, Frame) ->
+frame_rate(State0=#state{frame_rate_num=Num0, frame_rate_time=Time}, Frame) ->
{Result, State} = case Num0 - 1 of
0 ->
CurrentTime = erlang:monotonic_time(millisecond),
@@ -340,8 +347,7 @@ frame_rate(State0=#state{opts=Opts, frame_rate_num=Num0, frame_rate_time=Time},
{error, State0};
true ->
%% When the option has a period of infinity we cannot reach this clause.
- {Num, Period} = maps:get(max_received_frame_rate, Opts, {1000, 10000}),
- {ok, State0#state{frame_rate_num=Num, frame_rate_time=CurrentTime + Period}}
+ {ok, init_frame_rate_limiting(State0, CurrentTime)}
end;
Num ->
{ok, State0#state{frame_rate_num=Num}}
@@ -1111,7 +1117,7 @@ reset_stream(State0=#state{socket=Socket, transport=Transport,
'Stream reset rate larger than configuration allows. Flood? (CVE-2019-9514)'})
end.
-reset_rate(State0=#state{opts=Opts, reset_rate_num=Num0, reset_rate_time=Time}) ->
+reset_rate(State0=#state{reset_rate_num=Num0, reset_rate_time=Time}) ->
case Num0 - 1 of
0 ->
CurrentTime = erlang:monotonic_time(millisecond),
@@ -1120,8 +1126,7 @@ reset_rate(State0=#state{opts=Opts, reset_rate_num=Num0, reset_rate_time=Time})
error;
true ->
%% When the option has a period of infinity we cannot reach this clause.
- {Num, Period} = maps:get(max_reset_stream_rate, Opts, {10, 10000}),
- {ok, State0#state{reset_rate_num=Num, reset_rate_time=CurrentTime + Period}}
+ {ok, init_reset_rate_limiting(State0, CurrentTime)}
end;
Num ->
{ok, State0#state{reset_rate_num=Num}}