From ba45f7cf9f29030155970b3ad002e62e7da0e504 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Wed, 26 Jul 2017 11:49:41 +0800
Subject: [PATCH] ah: allow configurable ah hold timeout

---
 lib/context.c               | 5 +++++
 lib/libwebsockets.h         | 4 ++++
 lib/parsers.c               | 4 ++++
 lib/private-libwebsockets.h | 1 +
 4 files changed, 14 insertions(+)

diff --git a/lib/context.c b/lib/context.c
index 93cef20c..27c82243 100644
--- a/lib/context.c
+++ b/lib/context.c
@@ -470,6 +470,11 @@ lws_create_vhost(struct lws_context *context,
 	else
 		vh->keepalive_timeout = 5;
 
+	if (info->timeout_secs_ah_idle)
+		vh->timeout_secs_ah_idle = info->timeout_secs_ah_idle;
+	else
+		vh->timeout_secs_ah_idle = 10;
+
 	/*
 	 * give the vhost a unified list of protocols including the
 	 * ones that came from plugins
diff --git a/lib/libwebsockets.h b/lib/libwebsockets.h
index 48ef9e2d..ef8efca4 100644
--- a/lib/libwebsockets.h
+++ b/lib/libwebsockets.h
@@ -2115,6 +2115,9 @@ struct lws_context_creation_info {
 	 * the form SSL_CB_ALERT, defined in openssl/ssl.h.  The default of
 	 * 0 means no info events will be reported.
 	 */
+	unsigned int timeout_secs_ah_idle;
+	/**< VHOST: seconds to allow a client to hold an ah without using it.
+	 * 0 defaults to 10s. */
 
 	void *_unused[8]; /**< dummy */
 };
@@ -3670,6 +3673,7 @@ enum pending_timeout {
 	PENDING_TIMEOUT_KILLED_BY_SSL_INFO			= 22,
 	PENDING_TIMEOUT_KILLED_BY_PARENT			= 23,
 	PENDING_TIMEOUT_CLOSE_SEND				= 24,
+	PENDING_TIMEOUT_HOLDING_AH				= 25,
 
 	/****** add new things just above ---^ ******/
 };
diff --git a/lib/parsers.c b/lib/parsers.c
index 172de1df..2f4799e9 100644
--- a/lib/parsers.c
+++ b/lib/parsers.c
@@ -92,6 +92,10 @@ lws_header_table_reset(struct lws *wsi, int autoservice)
 	/* since we will restart the ah, our new headers are not completed */
 	wsi->hdr_parsing_completed = 0;
 
+	/* while we hold the ah, keep a timeout on the wsi */
+	lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH,
+			wsi->vhost->timeout_secs_ah_idle);
+
 	/*
 	 * if we inherited pending rx (from socket adoption deferred
 	 * processing), apply and free it.
diff --git a/lib/private-libwebsockets.h b/lib/private-libwebsockets.h
index a527661b..1fd06b10 100644
--- a/lib/private-libwebsockets.h
+++ b/lib/private-libwebsockets.h
@@ -891,6 +891,7 @@ struct lws_vhost {
 	int ka_probes;
 	int ka_interval;
 	int keepalive_timeout;
+	int timeout_secs_ah_idle;
 	int ssl_info_event_mask;
 #ifdef LWS_WITH_ACCESS_LOG
 	int log_fd;
-- 
GitLab