You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/06/15 16:24:29 UTC

[tomcat] branch main updated: Change the starting overhead count from -10 to -10*overheadCountFactor

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new 99ffff7  Change the starting overhead count from -10 to -10*overheadCountFactor
99ffff7 is described below

commit 99ffff7bc16954def53d55c7fbee4d5063e880cb
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Jun 14 21:59:06 2021 +0100

    Change the starting overhead count from -10 to -10*overheadCountFactor
---
 java/org/apache/coyote/http2/Http2UpgradeHandler.java | 10 +++++++++-
 webapps/docs/changelog.xml                            |  7 +++++++
 webapps/docs/config/http2.xml                         | 12 ++++++------
 3 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
index e12daf5..2f9f0da 100644
--- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java
+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
@@ -143,7 +143,7 @@ class Http2UpgradeHandler extends AbstractStream implements InternalHttpUpgradeH
     private Queue<StreamRunnable> queuedRunnable = null;
 
     // Track 'overhead' frames vs 'request/response' frames
-    private final AtomicLong overheadCount = new AtomicLong(-10);
+    private final AtomicLong overheadCount;
     private volatile int lastNonFinalDataPayload;
     private volatile int lastWindowUpdate;
 
@@ -154,6 +154,14 @@ class Http2UpgradeHandler extends AbstractStream implements InternalHttpUpgradeH
         this.adapter = adapter;
         this.connectionId = Integer.toString(connectionIdGenerator.getAndIncrement());
 
+        // Defaults to -10 * the count factor.
+        // i.e. when the connection opens, 10 'overhead' frames in a row will
+        // cause the connection to be closed.
+        // Over time the count should be a slowly decreasing negative number.
+        // Therefore, the longer a connection is 'well-behaved', the greater
+        // tolerance it will have for a period of 'bad' behaviour.
+        overheadCount = new AtomicLong(-10 * protocol.getOverheadCountFactor());
+
         lastNonFinalDataPayload = protocol.getOverheadDataThreshold() * 2;
         lastWindowUpdate = protocol.getOverheadWindowUpdateThreshold() * 2;
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 93af7a2..d013cc5 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -134,6 +134,13 @@
         1. This means that, over time, the overhead count for a well-behaved
         connection will trend downwards. (markt)
       </update>
+      <update>
+        Change the initial HTTP/2 overhead count from <code>-10</code> to
+        <code>-10 * overheadCountFactor</code>. This means that, regardless of
+        the value chosen for <code>overheadCountFactor</code>, when a connection
+        opens 10 overhead frames in a row will be required to trigger the
+        overhead protection. (markt)
+      </update>
     </changelog>
   </subsection>
   <subsection name="Other">
diff --git a/webapps/docs/config/http2.xml b/webapps/docs/config/http2.xml
index 9e5a148..8a4c9c1 100644
--- a/webapps/docs/config/http2.xml
+++ b/webapps/docs/config/http2.xml
@@ -136,12 +136,12 @@
     <attribute name="overheadCountFactor" required="false">
       <p>The factor to apply when counting overhead frames to determine if a
       connection has too high an overhead and should be closed. The overhead
-      count starts at <code>-10</code>. The count is decreased by 2 for each
-      data frame sent or received and each headers frame received. The count is
-      increased by the <code>overheadCountFactor</code>for each setting
-      received, priority frame received and ping received. If the overhead count
-      exceeds zero, the connection is closed. A value of less than
-      <code>1</code> disables this protection. In normal usage a value of
+      count starts at <code>-10 * overheadCountFactor</code>. The count is
+      decreased by 2 for each data frame sent or received and each headers frame
+      received. The count is increased by the <code>overheadCountFactor</code>
+      for each setting received, priority frame received and ping received. If
+      the overhead count exceeds zero, the connection is closed. A value of less
+      than <code>1</code> disables this protection. In normal usage a value of
       <code>3</code> or more will close the connection before any streams can
       complete. If not specified, a default value of <code>1</code> will be
       used.</p>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org