#include <ServerSocketConfig.h>
Public Member Functions | |
| ServerSocketConfig () | |
| bool | isSSL () const |
| void | setSocketOptions (const folly::AsyncSocket::OptionMap &opts) |
| folly::AsyncSocket::OptionMap & | getSocketOptions () |
| const folly::AsyncSocket::OptionMap & | getSocketOptions () const |
| bool | hasExternalPrivateKey () const |
Public Attributes | |
| std::string | name |
| uint32_t | acceptBacklog {1024} |
| uint32_t | maxNumPendingConnectionsPerWorker {1024} |
| std::chrono::milliseconds | connectionIdleTimeout {600000} |
| std::chrono::milliseconds | sslHandshakeTimeout {60000} |
| folly::SocketAddress | bindAddress |
| SSLCacheOptions | sslCacheOptions {std::chrono::seconds(0), 20480, 200} |
| bool | allowInsecureConnectionsOnSecureServer {false} |
| TLSTicketKeySeeds | initialTicketSeeds |
| std::vector< SSLContextConfig > | sslContextConfigs |
| bool | strictSSL {true} |
| uint32_t | maxConcurrentSSLHandshakes {30720} |
| bool | enableTCPFastOpen {false} |
| uint32_t | fastOpenQueueSize {100} |
| FizzConfig | fizzConfig |
Private Attributes | |
| folly::AsyncSocket::OptionMap | socketOptions_ |
Detailed Description
Configuration for a single Acceptor.
This configures not only accept behavior, but also some types of SSL behavior that may make sense to configure on a per-VIP basis (e.g. which cert(s) we use, etc).
Definition at line 48 of file ServerSocketConfig.h.
Constructor & Destructor Documentation
|
inline |
Definition at line 49 of file ServerSocketConfig.h.
References wangle::TLSTicketKeySeeds::currentSeeds, wangle::SSLUtil::hexlify(), initialTicketSeeds, folly::Random::secureRandom(), seed, string, and uint8_t.
Member Function Documentation
|
inline |
Definition at line 67 of file ServerSocketConfig.h.
References socketOptions_.
|
inline |
Definition at line 71 of file ServerSocketConfig.h.
References socketOptions_.
|
inline |
Definition at line 75 of file ServerSocketConfig.h.
References sslContextConfigs.
|
inline |
Definition at line 57 of file ServerSocketConfig.h.
References sslContextConfigs.
Referenced by wangle::Acceptor::init(), wangle::Acceptor::isSSL(), and wangle::Acceptor::processEstablishedConnection().
|
inline |
Set/get the socket options to apply on all downstream connections.
Definition at line 62 of file ServerSocketConfig.h.
References bindAddress, wangle::filterIPSocketOptions(), folly::SocketAddress::getFamily(), and socketOptions_.
Referenced by proxygen::HTTPServerAcceptor::makeConfig().
Member Data Documentation
| uint32_t wangle::ServerSocketConfig::acceptBacklog {1024} |
The depth of the accept queue backlog.
Definition at line 92 of file ServerSocketConfig.h.
Referenced by wangle::ServerBootstrap< DefaultPipeline >::bind(), wangle::ServerBootstrap< DefaultPipeline >::bindImpl(), proxygen::HTTPServerAcceptor::makeConfig(), and wangle::AsyncServerSocketFactory::newSocket().
| bool wangle::ServerSocketConfig::allowInsecureConnectionsOnSecureServer {false} |
Determines whether or not to allow insecure connections over a secure port. Can be used to multiplex TLS and plaintext on the same port for some services.
Definition at line 124 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::init(), main(), and proxygen::HTTPServerAcceptor::makeConfig().
| folly::SocketAddress wangle::ServerSocketConfig::bindAddress |
The address to bind to.
Definition at line 112 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::addSSLContextConfig(), wangle::Acceptor::init(), proxygen::HTTPServerAcceptor::makeConfig(), proxygen::HTTPSessionAcceptor::onNewConnection(), wangle::Acceptor::resetSSLContextConfigs(), and setSocketOptions().
| std::chrono::milliseconds wangle::ServerSocketConfig::connectionIdleTimeout {600000} |
The number of milliseconds a connection can be idle before we close it.
Definition at line 102 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::getConnTimeout(), wangle::Acceptor::initDownstreamConnectionManager(), and proxygen::HTTPServerAcceptor::makeConfig().
| bool wangle::ServerSocketConfig::enableTCPFastOpen {false} |
Whether to enable TCP fast open. Before turning this option on, for it to work, it must also be enabled on the machine via /proc/sys/net/ipv4/tcp_fastopen, and the keys for TFO should also be set at /proc/sys/net/ipv4/tcp_fastopen_key
Definition at line 153 of file ServerSocketConfig.h.
Referenced by proxygen::HTTPServerAcceptor::makeConfig(), and wangle::AsyncServerSocketFactory::newSocket().
| uint32_t wangle::ServerSocketConfig::fastOpenQueueSize {100} |
Limit on size of queue of TFO requests by clients.
Definition at line 158 of file ServerSocketConfig.h.
Referenced by proxygen::HTTPServerAcceptor::makeConfig(), and wangle::AsyncServerSocketFactory::newSocket().
| FizzConfig wangle::ServerSocketConfig::fizzConfig |
Definition at line 160 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::init(), wangle::Acceptor::resetSSLContextConfigs(), and wangle::Acceptor::setTLSTicketSecrets().
| TLSTicketKeySeeds wangle::ServerSocketConfig::initialTicketSeeds |
The initial TLS ticket seeds.
Definition at line 129 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::addSSLContextConfig(), wangle::Acceptor::init(), main(), proxygen::HTTPServerAcceptor::makeConfig(), and ServerSocketConfig().
| uint32_t wangle::ServerSocketConfig::maxConcurrentSSLHandshakes {30720} |
Maximum number of concurrent pending SSL handshakes
Definition at line 145 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::processEstablishedConnection().
| uint32_t wangle::ServerSocketConfig::maxNumPendingConnectionsPerWorker {1024} |
The maximum number of pending connections each io worker thread can hold.
Definition at line 97 of file ServerSocketConfig.h.
Referenced by wangle::ServerBootstrap< DefaultPipeline >::bind(), and wangle::AsyncServerSocketFactory::newSocket().
| std::string wangle::ServerSocketConfig::name |
The name of this acceptor; used for stats/reporting purposes.
Definition at line 87 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::getName(), and wangle::Acceptor::processEstablishedConnection().
|
private |
Definition at line 163 of file ServerSocketConfig.h.
Referenced by getSocketOptions(), and setSocketOptions().
| SSLCacheOptions wangle::ServerSocketConfig::sslCacheOptions {std::chrono::seconds(0), 20480, 200} |
Options for controlling the SSL cache.
Definition at line 117 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::addSSLContextConfig(), wangle::Acceptor::createFizzTicketCipher(), wangle::Acceptor::init(), and wangle::Acceptor::resetSSLContextConfigs().
| std::vector<SSLContextConfig> wangle::ServerSocketConfig::sslContextConfigs |
The configs for all the SSL_CTX for use by this Acceptor.
Definition at line 134 of file ServerSocketConfig.h.
Referenced by wangle::FizzConfigUtil::createFizzContext(), hasExternalPrivateKey(), wangle::Acceptor::init(), isSSL(), main(), proxygen::HTTPServerAcceptor::makeConfig(), wangle::Acceptor::resetSSLContextConfigs(), and wangle::Acceptor::updateFizzContext().
| std::chrono::milliseconds wangle::ServerSocketConfig::sslHandshakeTimeout {60000} |
The number of milliseconds a ssl handshake can timeout (60s)
Definition at line 107 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::getSSLHandshakeTimeout().
| bool wangle::ServerSocketConfig::strictSSL {true} |
Determines if the Acceptor does strict checking when loading the SSL contexts.
Definition at line 140 of file ServerSocketConfig.h.
Referenced by wangle::Acceptor::init(), and proxygen::HTTPServerAcceptor::makeConfig().
The documentation for this struct was generated from the following file:
- proxygen/wangle/wangle/acceptor/ServerSocketConfig.h
