PR changes

Author: gjcairo

Sources/NIOHTTP2/GlitchesMonitor.swift

@@ -12,15 +12,15 @@
 //
 //===----------------------------------------------------------------------===//
 
-package struct GlitchesMonitor {
-    package static var defaultMaximumGlitches: Int { 200 }
+struct GlitchesMonitor {
+    static var defaultMaximumGlitches: Int { 100 }
     private var stateMachine: GlitchesMonitorStateMachine
 
-    package init(maximumGlitches: Int = GlitchesMonitor.defaultMaximumGlitches) {
+    init(maximumGlitches: Int = GlitchesMonitor.defaultMaximumGlitches) {
         self.stateMachine = GlitchesMonitorStateMachine(maxGlitches: maximumGlitches)
     }
 
-    package mutating func processStreamError() throws {
+    mutating func processStreamError() throws {
         switch self.stateMachine.recordEvent() {
         case .belowLimit:
             ()

Sources/NIOHTTP2/HTTP2ChannelHandler.swift

@@ -1445,7 +1445,17 @@ extension NIOHTTP2Handler {
         public var maximumBufferedControlFrames: Int = 10000
         public var maximumSequentialContinuationFrames: Int = NIOHTTP2Handler.defaultMaximumSequentialContinuationFrames
         public var maximumRecentlyResetStreams: Int = NIOHTTP2Handler.defaultMaximumRecentlyResetFrames
+
+        /// The maximum number of glitches that are allowed on a connection before it's forcefully closed.
+        ///
+        /// A glitch is defined as some suspicious event on a connection, i.e., similar to a DoS attack.
+        /// A running count of the number of glitches occurring on each connection will be kept.
+        /// When the number of glitches reaches this threshold, the connection will be closed.
+        ///
+        /// For more information, see the relevant presentation of the 2024 HTTP Workshop:
+        /// https://github.com/HTTPWorkshop/workshop2024/blob/main/talks/1.%20Security/glitches.pdf
         public var maximumConnectionGlitches: Int = GlitchesMonitor.defaultMaximumGlitches
+
         public init() {}
     }
 

Sources/NIOHTTP2/HTTP2Error.swift

@@ -1844,7 +1844,7 @@ public enum NIOHTTP2Errors {
         }
     }
 
-    /// The remote peer has triggered too many stream errors on this connection.
+    /// The remote peer has triggered too many glitches on this connection.
     public struct ExcessiveNumberOfGlitches: NIOHTTP2Error {
         private let file: String
         private let line: UInt

Sources/NIOHTTP2Server/main.swift

@@ -134,9 +134,7 @@ let bootstrap = ServerBootstrap(group: group)
                 try sync.addHandler(HTTP1TestServer())
                 try sync.addHandler(ErrorHandler())
             }
-        }.flatMap { _ in
-            channel.pipeline.addHandler(ErrorHandler())
-        }
+        }.map { _ in }
     }
 
     // Enable TCP_NODELAY and SO_REUSEADDR for the accepted Channels

Tests/NIOHTTP2Tests/GlitchesMonitorTests.swift

@@ -12,7 +12,7 @@
 //
 //===----------------------------------------------------------------------===//
 
-import NIOHTTP2
+@testable import NIOHTTP2
 import XCTest
 
 class GlitchesMonitorTests: XCTestCase {