From 499e251796330ae5a17be6d8187a35835cc7946a Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Fri, 14 Jul 2023 16:37:00 +0200 Subject: [PATCH] security fix: Uncontrolled resource consumption (Slowloris) --- admin/app.go | 8 ++++++-- dashboard/app.go | 8 ++++++-- generator/main.go | 6 +++++- qa/app.go | 8 ++++++-- receiver/main.go | 6 +++++- 5 files changed, 28 insertions(+), 8 deletions(-) diff --git a/admin/app.go b/admin/app.go index b7691dec..1ba1910e 100644 --- a/admin/app.go +++ b/admin/app.go @@ -58,8 +58,12 @@ func NewApp(cfg *settings.Settings, baseURL string, bind string) App { func (app *App) Start() { app.srv = &http.Server{ - Addr: app.bind, - Handler: app.router, + Addr: app.bind, + Handler: app.router, + ReadHeaderTimeout: 15 * time.Second, + ReadTimeout: 15 * time.Second, + WriteTimeout: 10 * time.Second, + IdleTimeout: 30 * time.Second, } log.Printf("Ready, listening on %s\n", app.bind) diff --git a/dashboard/app.go b/dashboard/app.go index af41a65c..6f6ecaaf 100644 --- a/dashboard/app.go +++ b/dashboard/app.go @@ -52,8 +52,12 @@ func NewApp(htpasswd_file *string, restrict_to_ips *string, baseURL string, bind func (app *App) Start() { app.srv = &http.Server{ - Addr: app.bind, - Handler: app.router, + Addr: app.bind, + Handler: app.router, + ReadHeaderTimeout: 15 * time.Second, + ReadTimeout: 15 * time.Second, + WriteTimeout: 10 * time.Second, + IdleTimeout: 30 * time.Second, } log.Printf("Ready, listening on %s\n", app.bind) diff --git a/generator/main.go b/generator/main.go index b457021b..e14b43b1 100644 --- a/generator/main.go +++ b/generator/main.go @@ -104,7 +104,11 @@ func main() { signal.Notify(interrupt, os.Interrupt, syscall.SIGTERM) srv := &http.Server{ - Addr: *bind, + Addr: *bind, + ReadHeaderTimeout: 15 * time.Second, + ReadTimeout: 15 * time.Second, + WriteTimeout: 10 * time.Second, + IdleTimeout: 30 * time.Second, } http.HandleFunc("/enqueue", enqueueHandler) diff --git a/qa/app.go b/qa/app.go index 7958be71..1c6823cf 100644 --- a/qa/app.go +++ b/qa/app.go @@ -50,8 +50,12 @@ func NewApp(baseURL string) App { func (app *App) Start(bind string) { app.srv = &http.Server{ - Addr: bind, - Handler: app.router, + Addr: bind, + Handler: app.router, + ReadHeaderTimeout: 15 * time.Second, + ReadTimeout: 15 * time.Second, + WriteTimeout: 10 * time.Second, + IdleTimeout: 30 * time.Second, } if err := app.srv.ListenAndServe(); err != nil && err != http.ErrServerClosed { diff --git a/receiver/main.go b/receiver/main.go index 2f773dc3..b2b8906c 100644 --- a/receiver/main.go +++ b/receiver/main.go @@ -88,7 +88,11 @@ func main() { signal.Notify(interrupt, os.Interrupt, syscall.SIGTERM) srv := &http.Server{ - Addr: *bind, + Addr: *bind, + ReadHeaderTimeout: 15 * time.Second, + ReadTimeout: 15 * time.Second, + WriteTimeout: 10 * time.Second, + IdleTimeout: 30 * time.Second, } // Serve pages