From 43e42a8b797732a013f4c01cc0193643bff614e0 Mon Sep 17 00:00:00 2001 From: Kassio Borges Date: Fri, 1 Apr 2022 07:55:29 +0000 Subject: Fix weak timeouts --- internal/config/config.go | 14 ++++++++++++++ internal/config/flags.go | 6 ++++++ 2 files changed, 20 insertions(+) (limited to 'internal') diff --git a/internal/config/config.go b/internal/config/config.go index 7644e5ad..a1fca236 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -20,6 +20,7 @@ type Config struct { GitLab GitLab Log Log Sentry Sentry + Server Server TLS TLS Zip ZipServing @@ -137,6 +138,13 @@ type ZipServing struct { AllowedPaths []string } +type Server struct { + ReadTimeout time.Duration + ReadHeaderTimeout time.Duration + WriteTimeout time.Duration + ListenKeepAlive time.Duration +} + func internalGitlabServerFromFlags() string { if *internalGitLabServer != "" { return *internalGitLabServer @@ -241,6 +249,12 @@ func loadConfig() (*Config, error) { OpenTimeout: *zipOpenTimeout, AllowedPaths: []string{*pagesRoot}, }, + Server: Server{ + ReadTimeout: *serverReadTimeout, + ReadHeaderTimeout: *serverReadHeaderTimeout, + WriteTimeout: *serverWriteTimeout, + ListenKeepAlive: *serverKeepAlive, + }, // Actual listener pointers will be populated in appMain. We populate the // raw strings here so that they are available in appMain diff --git a/internal/config/flags.go b/internal/config/flags.go index 091e07e3..25a526f6 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -81,6 +81,12 @@ var ( zipCacheRefresh = flag.Duration("zip-cache-refresh", 30*time.Second, "Zip serving archive cache refresh interval") zipOpenTimeout = flag.Duration("zip-open-timeout", 30*time.Second, "Zip archive open timeout") + // HTTP server timeouts + serverReadTimeout = flag.Duration("server-read-timeout", 5*time.Second, "ReadTimeout is the maximum duration for reading the entire request, including the body. A zero or negative value means there will be no timeout.") + serverReadHeaderTimeout = flag.Duration("server-read-header-timeout", time.Second, "ReadHeaderTimeout is the amount of time allowed to read request headers. A zero or negative value means there will be no timeout.") + serverWriteTimeout = flag.Duration("server-write-timeout", 30*time.Second, "WriteTimeout is the maximum duration before timing out writes of the response. A zero or negative value means there will be no timeout.") + serverKeepAlive = flag.Duration("server-keep-alive", 15*time.Second, "KeepAlive specifies the keep-alive period for network connections accepted by this listener. If zero, keep-alives are enabled if supported by the protocol and operating system. If negative, keep-alives are disabled.") + disableCrossOriginRequests = flag.Bool("disable-cross-origin-requests", false, "Disable cross-origin requests") showVersion = flag.Bool("version", false, "Show version") -- cgit v1.2.3