Struct Context 

pub struct Context<L: ListenerHandler + L7ListenerHandler> {

    pub streams: Vec<Stream>,
    pub pending_links: VecDeque<usize>,
    pub backend_streams: HashMap<Token, Vec<usize>>,
    pub pool: Weak<RefCell<Pool>>,
    pub listener: Rc<RefCell<L>>,
    pub session_ulid: Ulid,
    pub session_address: Option<SocketAddr>,
    pub public_address: SocketAddr,
    pub debug: DebugHistory,
    pub h2_stream_shrink_ratio: usize,
    pub tls_server_name: Option<String>,
    pub tls_cert_names: Option<Arc<Vec<String>>>,
    pub strict_sni_binding: bool,
    pub elide_x_real_ip: bool,
    pub send_x_real_ip: bool,
    pub tls_version: Option<&'static str>,
    pub tls_cipher: Option<&'static str>,
    pub tls_alpn: Option<&'static str>,
}

Fields

streams: Vec<Stream>

pending_links: VecDeque<usize>

Streams whose state is StreamState::Link and need backend connection. Replaces the O(n) scan of streams in the ready loop.

backend_streams: HashMap<Token, Vec<usize>>

Reverse index: backend token -> global stream IDs currently in StreamState::Linked(token). Eliminates O(n) scans of streams when handling backend connect/disconnect/timeout/close events.

pool: Weak<RefCell<Pool>>

listener: Rc<RefCell<L>>

session_ulid: Ulid

Connection/session ULID — mirrors Mux.session_ulid. Stored here so per-stream HttpContext construction in Self::create_stream can stamp the session slot of the log-context bracket without reaching back into the parent Mux.

session_address: Option<SocketAddr>

public_address: SocketAddr

debug: DebugHistory

h2_stream_shrink_ratio: usize

Shrink threshold ratio for recycled stream slots. Vec is shrunk when total_slots > active_streams * ratio.

tls_server_name: Option<String>

TLS SNI value negotiated at handshake, propagated to every per-stream HttpContext so the routing layer can enforce the SNI ↔ :authority binding on every H2 stream (and the single H1 request). None for plaintext listeners or when the client omitted the SNI extension. Stored pre-lowercased and without a port for cheap exact-match comparison.

tls_cert_names: Option<Arc<Vec<String>>>

Snapshot of the SAN set of the certificate Sōzu actually served at the TLS handshake. Captured once in https.rs::upgrade_handshake from the resolver and frozen for the connection lifetime so H2 stream coalescing (RFC 7540 §9.1.1 / RFC 9113 §9.1.1) accepts any :authority covered by the certificate, with RFC 6125 §6.4.3 wildcard handling. None for plaintext listeners or when SNI was absent. Some(empty) when the default cert was served — every :authority is rejected. Arc so the snapshot is shared across every per-stream HttpContext without re-allocation.

strict_sni_binding: bool

Whether the routing layer must reject any request whose authority host does not exact-match tls_server_name (CWE-346 / CWE-444). Mirrors HttpsListenerConfig::strict_sni_binding; captured once at Context::new so routing decisions on each stream avoid a per-stream listener.borrow().

elide_x_real_ip: bool

Whether the request-side block walk must strip any client-supplied X-Real-IP header before forwarding (anti-spoofing). Mirrors HttpListenerConfig::elide_x_real_ip / HttpsListenerConfig::elide_x_real_ip; captured once at Context::new so per-stream HttpContexts do not need to call listener.borrow() again. Independent of send_x_real_ip.

send_x_real_ip: bool

Whether on_request_headers injects a proxy-generated X-Real-IP header carrying the connection peer IP (post-PROXY-v2 unwrap). Mirrors HttpListenerConfig::send_x_real_ip / HttpsListenerConfig::send_x_real_ip; captured once at Context::new. Independent of elide_x_real_ip.

tls_version: Option<&'static str>

Negotiated TLS protocol version short-form (e.g. "TLSv1.3"). Captured once at handshake completion in https.rs and propagated to every per-stream HttpContext so the access log can record it without reaching back into the rustls session per request. None for plaintext listeners.

tls_cipher: Option<&'static str>

Negotiated TLS cipher suite short-form (e.g. "TLS_AES_128_GCM_SHA256"). Captured once at handshake completion and propagated to every per-stream HttpContext. None for plaintext listeners.

tls_alpn: Option<&'static str>

Negotiated ALPN protocol short-form (e.g. "h2", "http/1.1"). Captured once at handshake completion and propagated to every per-stream HttpContext. None for plaintext listeners or when no ALPN was negotiated.

Implementations

impl<L: ListenerHandler + L7ListenerHandler> Context<L>

pub fn new( session_ulid: Ulid, pool: Weak<RefCell<Pool>>, listener: Rc<RefCell<L>>, session_address: Option<SocketAddr>, public_address: SocketAddr, ) -> Self

pub fn active_len(&self) -> usize

pub fn http_context(&self, stream_id: usize) -> &HttpContext

Shared accessor for the HttpContext owned by a stream.

Prefer this over &self.streams[stream_id].context at call sites that only need read access — it keeps the Stream/HttpContext relationship encapsulated and reads the same regardless of whether the caller is inside Router::connect, the H2 mux, or a free helper. Panics on an out-of-bounds stream_id, which is the same behaviour as the raw streams[sid] indexing it replaces.

pub fn http_context_mut(&mut self, stream_id: usize) -> &mut HttpContext

Mutable sibling of Self::http_context. Use when routing decisions need to stamp cluster_id / backend_id on the stream’s HttpContext (e.g. Router::connect at the fill-cluster / fill-backend points).

pub fn link_stream(&mut self, stream_id: usize, token: Token)

Register a stream as linked to a backend token in the reverse index.

pub fn unlink_stream(&mut self, stream_id: usize) -> Option<Token>

Remove a stream from the backend reverse index if it is currently Linked. Returns the backend token if one was removed.

pub fn create_stream(&mut self, request_id: Ulid, window: u32) -> Option<usize>

pub fn shrink_trailing_recycle(&mut self)

Remove consecutive Recycle entries from the end of the streams Vec.

This prevents unbounded growth when H2 streams are created and recycled over time, reclaiming memory from slots that are no longer needed.