pub trait L7ListenerHandler {
// Required methods
fn get_sticky_name(&self) -> &str;
fn get_connect_timeout(&self) -> u32;
fn frontend_from_request(
&self,
host: &str,
uri: &str,
method: &Method,
) -> Result<RouteResult, FrontendFromRequestError>;
fn get_answers(&self) -> &Rc<RefCell<HttpAnswers>>;
// Provided methods
fn get_sozu_id_header(&self) -> &str { ... }
fn get_h2_flood_config(&self) -> H2FloodConfig { ... }
fn get_h2_connection_config(&self) -> H2ConnectionConfig { ... }
fn get_strict_sni_binding(&self) -> bool { ... }
fn get_elide_x_real_ip(&self) -> bool { ... }
fn get_send_x_real_ip(&self) -> bool { ... }
fn get_h2_stream_idle_timeout(&self) -> Duration { ... }
fn get_h2_graceful_shutdown_deadline(&self) -> Option<Duration> { ... }
}Required Methods§
fn get_sticky_name(&self) -> &str
fn get_connect_timeout(&self) -> u32
Sourcefn frontend_from_request(
&self,
host: &str,
uri: &str,
method: &Method,
) -> Result<RouteResult, FrontendFromRequestError>
fn frontend_from_request( &self, host: &str, uri: &str, method: &Method, ) -> Result<RouteResult, FrontendFromRequestError>
retrieve a frontend by parsing a request’s hostname, uri and method
Sourcefn get_answers(&self) -> &Rc<RefCell<HttpAnswers>>
fn get_answers(&self) -> &Rc<RefCell<HttpAnswers>>
retrieve the listener’s configured HTTP answers (templates)
Provided Methods§
Sourcefn get_sozu_id_header(&self) -> &str
fn get_sozu_id_header(&self) -> &str
Name of the correlation header Sozu injects into every request and
response body. Default: "Sozu-Id". Operators can rebrand via the
sozu_id_header listener config knob.
Sourcefn get_h2_flood_config(&self) -> H2FloodConfig
fn get_h2_flood_config(&self) -> H2FloodConfig
H2 flood detection thresholds from the listener config. Returns the default config when the listener does not provide custom values.
Sourcefn get_h2_connection_config(&self) -> H2ConnectionConfig
fn get_h2_connection_config(&self) -> H2ConnectionConfig
H2 connection tuning from the listener config. Returns the default config when the listener does not provide custom values.
Sourcefn get_strict_sni_binding(&self) -> bool
fn get_strict_sni_binding(&self) -> bool
Whether requests must have their :authority / Host exact-match
the TLS SNI negotiated at handshake (CWE-346 / CWE-444).
Defaults to true — the safe setting that closes the
CWE-346 / CWE-444 cross-SNI smuggling vector. Operators can opt
out per-listener via HttpsListenerConfig::strict_sni_binding = false when cross-SNI routing is explicitly required. Plaintext
HTTP listeners return the default value; they never have an SNI
to compare against, so the routing-layer check short-circuits on
tls_server_name: None.
Sourcefn get_elide_x_real_ip(&self) -> bool
fn get_elide_x_real_ip(&self) -> bool
Whether to strip any client-supplied X-Real-IP header from
forwarded requests (anti-spoofing).
Defaults to false — preserves the historical pass-through
behaviour. Operators opt in via
HttpListenerConfig::elide_x_real_ip = true (and the equivalent on
HTTPS listeners). Independent of Self::get_send_x_real_ip: the
two flags can be combined freely (anti-spoof only, send only, both,
or neither). The elision branch lives in
HttpContext::on_request_headers, so it covers H1 and H2 alike.
Sourcefn get_send_x_real_ip(&self) -> bool
fn get_send_x_real_ip(&self) -> bool
Whether to append a proxy-generated X-Real-IP header carrying the
connection peer IP (post-PROXY-v2 unwrap, i.e. the original client
IP) to every forwarded request.
Defaults to false — preserves the historical no-injection
behaviour. Operators opt in via
HttpListenerConfig::send_x_real_ip = true (and the equivalent on
HTTPS listeners). Independent of Self::get_elide_x_real_ip: the
two flags can be combined freely. The injection branch lives next
to the existing X-Forwarded-For / Forwarded synthesis in
HttpContext::on_request_headers.
Sourcefn get_h2_stream_idle_timeout(&self) -> Duration
fn get_h2_stream_idle_timeout(&self) -> Duration
Per-stream idle timeout for H2 connections. An open stream that makes no forward progress for this duration is cancelled (RST_STREAM / CANCEL). Mitigates slow-multiplex Slowloris where a client keeps connection-level activity high (resetting the connection idle timer on every frame) while pinning streams for the full nominal connection timeout.
Listeners inherit max(30s, back_timeout) when h2_stream_idle_timeout_seconds
is absent so operators who raised the socket-level backend budget do not
have to duplicate the value here; the 30 s floor preserves the baseline
slow-multiplex mitigation when back_timeout is shorter. Set the knob
explicitly to cap the per-stream deadline below back_timeout (useful
when under a slow-multiplex attack).
Sourcefn get_h2_graceful_shutdown_deadline(&self) -> Option<Duration>
fn get_h2_graceful_shutdown_deadline(&self) -> Option<Duration>
Wall-clock budget granted to in-flight H2 streams after soft-stop sent
the initial GOAWAY(NO_ERROR). Once the deadline elapses the mux
transitions to a forced close (final GOAWAY + session teardown).
Returning None disables the forced close entirely — shutdown waits
for every stream to drain naturally. Returning Some(d) enforces the
budget. Default: Some(Duration::from_secs(5)) (matches the historic
hard-coded 5 s deadline). Listeners expose the
h2_graceful_shutdown_deadline_seconds knob; value 0 maps to None.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".