diff options
author | Kassio Borges <kborges@gitlab.com> | 2022-04-01 10:55:29 +0300 |
---|---|---|
committer | Vladimir Shushlin <vshushlin@gitlab.com> | 2022-04-01 10:55:29 +0300 |
commit | 43e42a8b797732a013f4c01cc0193643bff614e0 (patch) | |
tree | 55efb31ce95f02d6d95d2e742b44605dbfc6bb08 | |
parent | f6ada25223c6f9b531a1e30da576ee042b361c2e (diff) |
Fix weak timeouts
-rw-r--r-- | internal/config/config.go | 14 | ||||
-rw-r--r-- | internal/config/flags.go | 6 | ||||
-rw-r--r-- | server.go | 7 |
3 files changed, 25 insertions, 2 deletions
diff --git a/internal/config/config.go b/internal/config/config.go index 7644e5ad..a1fca236 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -20,6 +20,7 @@ type Config struct { GitLab GitLab Log Log Sentry Sentry + Server Server TLS TLS Zip ZipServing @@ -137,6 +138,13 @@ type ZipServing struct { AllowedPaths []string } +type Server struct { + ReadTimeout time.Duration + ReadHeaderTimeout time.Duration + WriteTimeout time.Duration + ListenKeepAlive time.Duration +} + func internalGitlabServerFromFlags() string { if *internalGitLabServer != "" { return *internalGitLabServer @@ -241,6 +249,12 @@ func loadConfig() (*Config, error) { OpenTimeout: *zipOpenTimeout, AllowedPaths: []string{*pagesRoot}, }, + Server: Server{ + ReadTimeout: *serverReadTimeout, + ReadHeaderTimeout: *serverReadHeaderTimeout, + WriteTimeout: *serverWriteTimeout, + ListenKeepAlive: *serverKeepAlive, + }, // Actual listener pointers will be populated in appMain. We populate the // raw strings here so that they are available in appMain diff --git a/internal/config/flags.go b/internal/config/flags.go index 091e07e3..25a526f6 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -81,6 +81,12 @@ var ( zipCacheRefresh = flag.Duration("zip-cache-refresh", 30*time.Second, "Zip serving archive cache refresh interval") zipOpenTimeout = flag.Duration("zip-open-timeout", 30*time.Second, "Zip archive open timeout") + // HTTP server timeouts + serverReadTimeout = flag.Duration("server-read-timeout", 5*time.Second, "ReadTimeout is the maximum duration for reading the entire request, including the body. A zero or negative value means there will be no timeout.") + serverReadHeaderTimeout = flag.Duration("server-read-header-timeout", time.Second, "ReadHeaderTimeout is the amount of time allowed to read request headers. A zero or negative value means there will be no timeout.") + serverWriteTimeout = flag.Duration("server-write-timeout", 30*time.Second, "WriteTimeout is the maximum duration before timing out writes of the response. A zero or negative value means there will be no timeout.") + serverKeepAlive = flag.Duration("server-keep-alive", 15*time.Second, "KeepAlive specifies the keep-alive period for network connections accepted by this listener. If zero, keep-alives are enabled if supported by the protocol and operating system. If negative, keep-alives are disabled.") + disableCrossOriginRequests = flag.Bool("disable-cross-origin-requests", false, "Disable cross-origin requests") showVersion = flag.Bool("version", false, "Show version") @@ -7,7 +7,6 @@ import ( stdlog "log" "net" "net/http" - "time" "github.com/pires/go-proxyproto" "github.com/sirupsen/logrus" @@ -40,8 +39,12 @@ func (a *theApp) listenAndServe(server *http.Server, addr string, h http.Handler server.TLSConfig.NextProtos = append(server.TLSConfig.NextProtos, "h2") } + server.ReadTimeout = a.config.Server.ReadTimeout + server.ReadHeaderTimeout = a.config.Server.ReadHeaderTimeout + server.WriteTimeout = a.config.Server.WriteTimeout + lc := net.ListenConfig{ - KeepAlive: 3 * time.Minute, + KeepAlive: a.config.Server.ListenKeepAlive, } l, err := lc.Listen(context.Background(), "tcp", addr) |