BUG/MINOR: mux-h2: refuse to allocate a stream with too high an ID One of the reasons for the excessive number of aborted requests when a server sets a limit on the highest stream ID is that we don't check this limit while allocating a new stream. This patch does this at two locations : - when a backend stream is allocated, we verify that there are still IDs left ; - when the ID is assigned, we verify that it's not higher than the advertised limit. This should be backported to 1.9.

commit: a80dca85350bbc14dd450cdb26ebb84733d57e87 [log] [tgz]
author: Willy Tarreau <w@1wt.eu> Thu Jan 24 17:08:28 2019 +0100
committer: Willy Tarreau <w@1wt.eu> Thu Jan 24 19:06:43 2019 +0100
tree: 6782c8ab712c9bfc8ee6c86f18bb77dbc38d43f7
parent: d64a3ebe64eca09a602aa650ced1951867f4ed34 [diff]
diff --git a/src/mux_h2.c b/src/mux_h2.c
index 57bf469..21796c3 100644
--- a/src/mux_h2.c
+++ b/src/mux_h2.c

@@ -547,7 +547,8 @@
 static inline int32_t h2c_get_next_sid(const struct h2c *h2c)
 {
 	int32_t id = (h2c->max_id + 1) | 1;
-	if (id & 0x80000000U)
+
+	if ((id & 0x80000000U) || (h2c->last_sid >= 0 && id > h2c->last_sid))
 		id = -1;
 	return id;
 }
@@ -954,6 +955,9 @@
 	if (h2c->nb_streams >= h2_settings_max_concurrent_streams)
 		goto out;
 
+	if (h2_streams_left(h2c) < 1)
+		goto out;
+
 	/* Defer choosing the ID until we send the first message to create the stream */
 	h2s = h2s_new(h2c, 0);
 	if (!h2s)
commit	a80dca85350bbc14dd450cdb26ebb84733d57e87	[log] [tgz]
author	Willy Tarreau <w@1wt.eu>	Thu Jan 24 17:08:28 2019 +0100
committer	Willy Tarreau <w@1wt.eu>	Thu Jan 24 19:06:43 2019 +0100
tree	6782c8ab712c9bfc8ee6c86f18bb77dbc38d43f7
parent	d64a3ebe64eca09a602aa650ced1951867f4ed34 [diff]