nghttpx: Should postpone early data by default

gennghttpxfun.py

@@ -170,7 +170,7 @@ OPTIONS = [
     "no-verify-ocsp",
     "verify-client-tolerate-expired",
     "ignore-per-pattern-mruby-error",
-    "tls-postpone-early-data",
+    "tls-no-postpone-early-data",
     "tls-max-early-data",
 ]
 

src/shrpx.cc

@@ -2371,12 +2371,13 @@ SSL/TLS:
               HTTP/2.   To  use  those   cipher  suites  with  HTTP/2,
               consider   to  use   --client-no-http2-cipher-black-list
               option.  But be aware its implications.
-  --tls-postpone-early-data
-              Postpone forwarding  HTTP requests  sent in  early data,
-              including  those  sent in  partially  in  it, until  TLS
-              handshake  finishes.   This  option   must  be  used  to
-              mitigate  possible  replay  attack  unless  all  backend
-              servers recognize "Early-Data" header field.
+  --tls-no-postpone-early-data
+              By default,  nghttpx postpones forwarding  HTTP requests
+              sent in early data, including those sent in partially in
+              it, until TLS handshake finishes.  If all backend server
+              recognizes "Early-Data" header  field, using this option
+              makes nghttpx  not postpone  forwarding request  and get
+              full potential of 0-RTT data.
   --tls-max-early-data=<SIZE>
               Sets  the  maximum  amount  of 0-RTT  data  that  server
               accepts.
@@ -3448,7 +3449,7 @@ int main(int argc, char **argv) {
          160},
         {SHRPX_OPT_IGNORE_PER_PATTERN_MRUBY_ERROR.c_str(), no_argument, &flag,
          161},
-        {SHRPX_OPT_TLS_POSTPONE_EARLY_DATA.c_str(), no_argument, &flag, 162},
+        {SHRPX_OPT_TLS_NO_POSTPONE_EARLY_DATA.c_str(), no_argument, &flag, 162},
         {SHRPX_OPT_TLS_MAX_EARLY_DATA.c_str(), required_argument, &flag, 163},
         {nullptr, 0, nullptr, 0}};
 
@@ -4222,8 +4223,8 @@ int main(int argc, char **argv) {
                              StringRef::from_lit("yes"));
         break;
       case 162:
-        // --tls-postpone-early-data
-        cmdcfgs.emplace_back(SHRPX_OPT_TLS_POSTPONE_EARLY_DATA,
+        // --tls-no-postpone-early-data
+        cmdcfgs.emplace_back(SHRPX_OPT_TLS_NO_POSTPONE_EARLY_DATA,
                              StringRef::from_lit("yes"));
         break;
       case 163:

src/shrpx_config.cc

@@ -2045,11 +2045,6 @@ int option_lookup_token(const char *name, size_t namelen) {
     break;
   case 23:
     switch (name[22]) {
-    case 'a':
-      if (util::strieq_l("tls-postpone-early-dat", name, 22)) {
-        return SHRPX_OPTID_TLS_POSTPONE_EARLY_DATA;
-      }
-      break;
     case 'e':
       if (util::strieq_l("client-private-key-fil", name, 22)) {
         return SHRPX_OPTID_CLIENT_PRIVATE_KEY_FILE;
@@ -2124,6 +2119,11 @@ int option_lookup_token(const char *name, size_t namelen) {
     break;
   case 26:
     switch (name[25]) {
+    case 'a':
+      if (util::strieq_l("tls-no-postpone-early-dat", name, 25)) {
+        return SHRPX_OPTID_TLS_NO_POSTPONE_EARLY_DATA;
+      }
+      break;
     case 'e':
       if (util::strieq_l("frontend-http2-window-siz", name, 25)) {
         return SHRPX_OPTID_FRONTEND_HTTP2_WINDOW_SIZE;
@@ -3601,8 +3601,8 @@ int parse_config(Config *config, int optid, const StringRef &opt,
     config->ignore_per_pattern_mruby_error = util::strieq_l("yes", optarg);
 
     return 0;
-  case SHRPX_OPTID_TLS_POSTPONE_EARLY_DATA:
-    config->tls.postpone_early_data = util::strieq_l("yes", optarg);
+  case SHRPX_OPTID_TLS_NO_POSTPONE_EARLY_DATA:
+    config->tls.no_postpone_early_data = util::strieq_l("yes", optarg);
 
     return 0;
   case SHRPX_OPTID_TLS_MAX_EARLY_DATA: {

src/shrpx_config.h

@@ -347,8 +347,8 @@ constexpr auto SHRPX_OPT_VERIFY_CLIENT_TOLERATE_EXPIRED =
     StringRef::from_lit("verify-client-tolerate-expired");
 constexpr auto SHRPX_OPT_IGNORE_PER_PATTERN_MRUBY_ERROR =
     StringRef::from_lit("ignore-per-pattern-mruby-error");
-constexpr auto SHRPX_OPT_TLS_POSTPONE_EARLY_DATA =
-    StringRef::from_lit("tls-postpone-early-data");
+constexpr auto SHRPX_OPT_TLS_NO_POSTPONE_EARLY_DATA =
+    StringRef::from_lit("tls-no-postpone-early-data");
 constexpr auto SHRPX_OPT_TLS_MAX_EARLY_DATA =
     StringRef::from_lit("tls-max-early-data");
 
@@ -662,9 +662,9 @@ struct TLSConfig {
   int max_proto_version;
   bool insecure;
   bool no_http2_cipher_black_list;
-  // true if forwarding requests included in TLS early data should be
-  // postponed until TLS handshake finishes.
-  bool postpone_early_data;
+  // true if forwarding requests included in TLS early data should not
+  // be postponed until TLS handshake finishes.
+  bool no_postpone_early_data;
 };
 
 // custom error page
@@ -1126,7 +1126,7 @@ enum {
   SHRPX_OPTID_TLS_MAX_EARLY_DATA,
   SHRPX_OPTID_TLS_MAX_PROTO_VERSION,
   SHRPX_OPTID_TLS_MIN_PROTO_VERSION,
-  SHRPX_OPTID_TLS_POSTPONE_EARLY_DATA,
+  SHRPX_OPTID_TLS_NO_POSTPONE_EARLY_DATA,
   SHRPX_OPTID_TLS_PROTO_LIST,
   SHRPX_OPTID_TLS_SCT_DIR,
   SHRPX_OPTID_TLS_SESSION_CACHE_MEMCACHED,

src/shrpx_connection.cc

@@ -408,7 +408,7 @@ int Connection::tls_handshake() {
         // server waits for EndOfEarlyData and Finished message from
         // client, which voids the purpose of 0-RTT data.  The left
         // over of handshake is done through write_tls or read_tls.
-        if (!tlsconf.postpone_early_data &&
+        if (tlsconf.no_postpone_early_data &&
             (tls.handshake_state == TLS_CONN_WRITE_STARTED ||
              tls.wbuf.rleft()) &&
             tls.earlybuf.rleft()) {
@@ -431,7 +431,7 @@ int Connection::tls_handshake() {
         }
         tls.early_data_finish = true;
         // The same reason stated above.
-        if (!tlsconf.postpone_early_data &&
+        if (tlsconf.no_postpone_early_data &&
             (tls.handshake_state == TLS_CONN_WRITE_STARTED ||
              tls.wbuf.rleft()) &&
             tls.earlybuf.rleft()) {