Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Rustls 0.22 & 0.23 are limited to 256 handshakes per second. #3408

Merged
merged 1 commit into from
Jun 19, 2024
Merged

Fix Rustls 0.22 & 0.23 are limited to 256 handshakes per second. #3408

merged 1 commit into from
Jun 19, 2024

Conversation

mstyura
Copy link
Contributor

@mstyura mstyura commented Jun 19, 2024
edited by robjtede
Loading

PR Type

Bug Fix

PR Checklist

  • Tests for the changes have been added / updated.
  • Documentation comments have been added / updated.
  • A changelog entry has been made for the appropriate packages.
  • Format code with the latest stable rustfmt.
  • (Team) Label with affected crates and semver status.

Overview

Currently due to possibly accidentally missed features with rustls 0.22 and 0.23 above configuration statement the server does not allow configuration of TLS handshakes limit per seconds.
The proposed approach is to define internal feature __tls and rely on it when writing feature conditions where it is expected to work on any tls implementation. Similar approach is already used by __compress feature. Such approach will make addition of new version of rustls less error prone.

The breaking change proposed is to make HttpServer::method.max_connection_rate conditionally defined based on __tls feature. This will make it obvious that this method take effect only for TLS connections rate.
This breaking change is completely avoidable just by moving feature condition inside method as it was before.

Closes #3407

@robjtede robjtede added A-http project: actix-http B-semver-patch A-web project: actix-web labels Jun 19, 2024
robjtede
robjtede reviewed Jun 19, 2024
View reviewed changes
actix-web/src/server.rs Outdated Show resolved Hide resolved
@mstyura
Copy link
Contributor Author

mstyura commented Jun 19, 2024

Not sure if first two items in checklist are relevant. So will mark as ready for review and wait for a feedback.

@mstyura mstyura marked this pull request as ready for review June 19, 2024 22:19
@robjtede robjtede enabled auto-merge June 19, 2024 22:23
auto-merge was automatically disabled June 19, 2024 22:23

Head branch was pushed to by a user without write access

@robjtede robjtede enabled auto-merge June 19, 2024 22:24
@robjtede robjtede added this pull request to the merge queue Jun 19, 2024
Merged via the queue into actix:master with commit 643d645 Jun 19, 2024
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robjtede robjtede robjtede approved these changes

Assignees
No one assigned
Labels
A-http project: actix-http A-web project: actix-web B-semver-patch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

TLS handshake rate limit adjustment does not work for rustls 0.22 & 0.23
2 participants
@mstyura @robjtede