Skip to main content

HttpsListener

sozu_lib::https

Struct HttpsListener 

Source 
pub struct HttpsListener { /* private fields */ }

Implementations§

Source§

impl HttpsListener

Source

pub fn is_http11_disabled(&self) -> bool

Whether this listener rejects clients that do not negotiate h2 via TLS ALPN (including those that omit ALPN). Reads the disable_http11 knob; defaults to false to preserve the historical behavior where a missing ALPN silently downgrades to HTTP/1.1.

Source

pub fn resolver(&self) -> &Arc<MutexCertificateResolver>

Borrow the listener’s certificate resolver. Used by the TLS handshake path to snapshot the SAN set of the certificate Sōzu serves for a given SNI, so the H2 router can accept connection coalescing (RFC 7540 §9.1.1 / RFC 9113 §9.1.1) on every authority covered by that cert (RFC 6125 §6.4.3 wildcard handling).

Source

pub fn try_new( config: HttpsListenerConfig, token: Token, ) -> Result<HttpsListener, ListenerError>

Source

pub fn activate( &mut self, registry: &Registry, tcp_listener: Option<MioTcpListener>, ) -> Result<Token, ListenerError>

Source

pub fn create_rustls_context( config: &HttpsListenerConfig, resolver: Arc<MutexCertificateResolver>, ) -> Result<RustlsServerConfig, ListenerError>

Source

pub fn update_config( &mut self, patch: &UpdateHttpsListenerConfig, ) -> Result<(), ListenerError>

Apply a partial-update patch to this listener’s live configuration.

Fields absent in the patch (i.e. None) are preserved unchanged. If alpn_protocols is present the rustls ServerConfig is rebuilt — in-flight handshakes keep the old Arc; new ones see the new one. If http_answers is present only the listener-default templates are replaced; per-cluster overrides in cluster_custom_answers are kept.

Source

pub fn add_https_front( &mut self, tls_front: HttpFrontend, ) -> Result<(), ListenerError>

Source

pub fn add_https_front_with_hsts_origin( &mut self, tls_front: HttpFrontend, hsts_origin: HstsOrigin, ) -> Result<(), ListenerError>

Variant of Self::add_https_front that records the origin of tls_front.hsts so listener-default patches can reflow inheriting frontends without disturbing explicit per-frontend overrides. The caller passes [HstsOrigin::InheritedFromListenerDefault] when the value was filled in from self.config.hsts rather than from the operator’s per-frontend configuration.

Source

pub fn remove_https_front( &mut self, tls_front: HttpFrontend, ) -> Result<(), ListenerError>

Trait Implementations§

Source§

impl L7ListenerHandler for HttpsListener

Source§

fn get_sticky_name(&self) -> &str

Source§

fn get_sozu_id_header(&self) -> &str

Name of the correlation header Sozu injects into every request and response body. Default: "Sozu-Id". Operators can rebrand via the sozu_id_header listener config knob.
Source§

fn get_connect_timeout(&self) -> u32

Source§

fn frontend_from_request( &self, host: &str, uri: &str, method: &Method, ) -> Result<RouteResult, FrontendFromRequestError>

retrieve a frontend by parsing a request’s hostname, uri and method
Source§

fn get_answers(&self) -> &Rc<RefCell<HttpAnswers>>

retrieve the listener’s configured HTTP answers (templates)
Source§

fn get_h2_flood_config(&self) -> H2FloodConfig

H2 flood detection thresholds from the listener config. Returns the default config when the listener does not provide custom values.
Source§

fn get_h2_connection_config(&self) -> H2ConnectionConfig

H2 connection tuning from the listener config. Returns the default config when the listener does not provide custom values.
Source§

fn get_strict_sni_binding(&self) -> bool

Whether requests must have their :authority / Host exact-match the TLS SNI negotiated at handshake (CWE-346 / CWE-444). Read more
Source§

fn get_elide_x_real_ip(&self) -> bool

Whether to strip any client-supplied X-Real-IP header from forwarded requests (anti-spoofing). Read more
Source§

fn get_send_x_real_ip(&self) -> bool

Whether to append a proxy-generated X-Real-IP header carrying the connection peer IP (post-PROXY-v2 unwrap, i.e. the original client IP) to every forwarded request. Read more
Source§

fn get_h2_stream_idle_timeout(&self) -> Duration

Per-stream idle timeout for H2 connections. An open stream that makes no forward progress for this duration is cancelled (RST_STREAM / CANCEL). Mitigates slow-multiplex Slowloris where a client keeps connection-level activity high (resetting the connection idle timer on every frame) while pinning streams for the full nominal connection timeout. Read more
Source§

fn get_h2_graceful_shutdown_deadline(&self) -> Option<Duration>

Wall-clock budget granted to in-flight H2 streams after soft-stop sent the initial GOAWAY(NO_ERROR). Once the deadline elapses the mux transitions to a forced close (final GOAWAY + session teardown). Read more
Source§

impl ListenerHandler for HttpsListener

Source§

fn get_addr(&self) -> &StdSocketAddr

Source§

fn get_tags(&self, key: &str) -> Option<&CachedTags>

Source§

fn set_tags(&mut self, key: String, tags: Option<BTreeMap<String, String>>)

Source§

fn protocol(&self) -> Protocol

Source§

fn public_address(&self) -> StdSocketAddr

Source§

fn get_concatenated_tags(&self, key: &str) -> Option<&str>

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more