New 'timeouts' directive to configure timeouts; default timeouts enabled (#1368)

2025-06-06 04:34:37 +08:00 · 2017-01-24 08:15:25 -07:00
parent 205aee6662
commit d8d339740b
8 changed files with 457 additions and 11 deletions
--- a/caddyhttp/httpserver/plugin.go
+++ b/caddyhttp/httpserver/plugin.go
@ -415,7 +415,8 @@ var directives = []string{
 	// primitive actions that set up the fundamental vitals of each config
 	"root",
 	"bind",
-	"maxrequestbody",
+	"maxrequestbody", // TODO: 'limits'
+	"timeouts",
 	"tls",

 	// services/utilities, or other directives that don't necessarily inject handlers
--- a/caddyhttp/httpserver/server.go
+++ b/caddyhttp/httpserver/server.go
@ -40,13 +40,7 @@ var _ caddy.GracefulServer = new(Server)
 // and will serve the sites configured in group.
 func NewServer(addr string, group []*SiteConfig) (*Server, error) {
 	s := &Server{
-		Server: &http.Server{
-			Addr: addr,
-			// TODO: Make these values configurable?
-			// ReadTimeout:    2 * time.Minute,
-			// WriteTimeout:   2 * time.Minute,
-			// MaxHeaderBytes: 1 << 16,
-		},
+		Server:      makeHTTPServer(addr, group),
 		vhosts:      newVHostTrie(),
 		sites:       group,
 		connTimeout: GracefulTimeout,
@ -84,10 +78,10 @@ func NewServer(addr string, group []*SiteConfig) (*Server, error) {

 	// Set up TLS configuration
 	var tlsConfigs []*caddytls.Config
-	var err error
 	for _, site := range group {
 		tlsConfigs = append(tlsConfigs, site.TLS)
 	}
+	var err error
 	s.Server.TLSConfig, err = caddytls.MakeTLSConfig(tlsConfigs)
 	if err != nil {
 		return nil, err
@ -380,6 +374,74 @@ func (s *Server) OnStartupComplete() {
 	}
 }

+// defaultTimeouts stores the default timeout values to use
+// if left unset by user configuration. Default timeouts,
+// especially for ReadTimeout, are important for mitigating
+// slowloris attacks.
+var defaultTimeouts = Timeouts{
+	ReadTimeout:       10 * time.Second,
+	ReadHeaderTimeout: 10 * time.Second,
+	WriteTimeout:      20 * time.Second,
+	IdleTimeout:       2 * time.Minute,
+}
+
+// makeHTTPServer makes an http.Server from the group of configs
+// in a way that configures timeouts (or, if not set, it uses the
+// default timeouts) and other http.Server properties by combining
+// the configuration of each SiteConfig in the group. (Timeouts
+// are important for mitigating slowloris attacks.)
+func makeHTTPServer(addr string, group []*SiteConfig) *http.Server {
+	s := &http.Server{Addr: addr}
+
+	// find the minimum duration configured for each timeout
+	var min Timeouts
+	for _, cfg := range group {
+		if cfg.Timeouts.ReadTimeoutSet &&
+			(!min.ReadTimeoutSet || cfg.Timeouts.ReadTimeout < min.ReadTimeout) {
+			min.ReadTimeoutSet = true
+			min.ReadTimeout = cfg.Timeouts.ReadTimeout
+		}
+		if cfg.Timeouts.ReadHeaderTimeoutSet &&
+			(!min.ReadHeaderTimeoutSet || cfg.Timeouts.ReadHeaderTimeout < min.ReadHeaderTimeout) {
+			min.ReadHeaderTimeoutSet = true
+			min.ReadHeaderTimeout = cfg.Timeouts.ReadHeaderTimeout
+		}
+		if cfg.Timeouts.WriteTimeoutSet &&
+			(!min.WriteTimeoutSet || cfg.Timeouts.WriteTimeout < min.WriteTimeout) {
+			min.WriteTimeoutSet = true
+			min.WriteTimeout = cfg.Timeouts.WriteTimeout
+		}
+		if cfg.Timeouts.IdleTimeoutSet &&
+			(!min.IdleTimeoutSet || cfg.Timeouts.IdleTimeout < min.IdleTimeout) {
+			min.IdleTimeoutSet = true
+			min.IdleTimeout = cfg.Timeouts.IdleTimeout
+		}
+	}
+
+	// for the values that were not set, use defaults
+	if !min.ReadTimeoutSet {
+		min.ReadTimeout = defaultTimeouts.ReadTimeout
+	}
+	if !min.ReadHeaderTimeoutSet {
+		min.ReadHeaderTimeout = defaultTimeouts.ReadHeaderTimeout
+	}
+	if !min.WriteTimeoutSet {
+		min.WriteTimeout = defaultTimeouts.WriteTimeout
+	}
+	if !min.IdleTimeoutSet {
+		min.IdleTimeout = defaultTimeouts.IdleTimeout
+	}
+
+	// set the final values on the server
+	// TODO: ReadHeaderTimeout and IdleTimeout require Go 1.8
+	s.ReadTimeout = min.ReadTimeout
+	// s.ReadHeaderTimeout = min.ReadHeaderTimeout
+	s.WriteTimeout = min.WriteTimeout
+	// s.IdleTimeout = min.IdleTimeout
+
+	return s
+}
+
 // tcpKeepAliveListener sets TCP keep-alive timeouts on accepted
 // connections. It's used by ListenAndServe and ListenAndServeTLS so
 // dead TCP connections (e.g. closing laptop mid-download) eventually
--- a/caddyhttp/httpserver/server_test.go
+++ b/caddyhttp/httpserver/server_test.go
@ -3,6 +3,7 @@ package httpserver
 import (
 	"net/http"
 	"testing"
+	"time"
 )

 func TestAddress(t *testing.T) {
@ -13,3 +14,101 @@ func TestAddress(t *testing.T) {
 		t.Errorf("Expected '%s' but got '%s'", want, got)
 	}
 }
+
+func TestMakeHTTPServer(t *testing.T) {
+	for i, tc := range []struct {
+		group    []*SiteConfig
+		expected Timeouts
+	}{
+		{
+			group: []*SiteConfig{{Timeouts: Timeouts{}}},
+			expected: Timeouts{
+				ReadTimeout:       defaultTimeouts.ReadTimeout,
+				ReadHeaderTimeout: defaultTimeouts.ReadHeaderTimeout,
+				WriteTimeout:      defaultTimeouts.WriteTimeout,
+				IdleTimeout:       defaultTimeouts.IdleTimeout,
+			},
+		},
+		{
+			group: []*SiteConfig{{Timeouts: Timeouts{
+				ReadTimeout:          1 * time.Second,
+				ReadTimeoutSet:       true,
+				ReadHeaderTimeout:    2 * time.Second,
+				ReadHeaderTimeoutSet: true,
+			}}},
+			expected: Timeouts{
+				ReadTimeout:       1 * time.Second,
+				ReadHeaderTimeout: 2 * time.Second,
+				WriteTimeout:      defaultTimeouts.WriteTimeout,
+				IdleTimeout:       defaultTimeouts.IdleTimeout,
+			},
+		},
+		{
+			group: []*SiteConfig{{Timeouts: Timeouts{
+				ReadTimeoutSet:  true,
+				WriteTimeoutSet: true,
+			}}},
+			expected: Timeouts{
+				ReadTimeout:       0,
+				ReadHeaderTimeout: defaultTimeouts.ReadHeaderTimeout,
+				WriteTimeout:      0,
+				IdleTimeout:       defaultTimeouts.IdleTimeout,
+			},
+		},
+		{
+			group: []*SiteConfig{
+				{Timeouts: Timeouts{
+					ReadTimeout:     2 * time.Second,
+					ReadTimeoutSet:  true,
+					WriteTimeout:    2 * time.Second,
+					WriteTimeoutSet: true,
+				}},
+				{Timeouts: Timeouts{
+					ReadTimeout:     1 * time.Second,
+					ReadTimeoutSet:  true,
+					WriteTimeout:    1 * time.Second,
+					WriteTimeoutSet: true,
+				}},
+			},
+			expected: Timeouts{
+				ReadTimeout:       1 * time.Second,
+				ReadHeaderTimeout: defaultTimeouts.ReadHeaderTimeout,
+				WriteTimeout:      1 * time.Second,
+				IdleTimeout:       defaultTimeouts.IdleTimeout,
+			},
+		},
+		{
+			group: []*SiteConfig{{Timeouts: Timeouts{
+				ReadHeaderTimeout:    5 * time.Second,
+				ReadHeaderTimeoutSet: true,
+				IdleTimeout:          10 * time.Second,
+				IdleTimeoutSet:       true,
+			}}},
+			expected: Timeouts{
+				ReadTimeout:       defaultTimeouts.ReadTimeout,
+				ReadHeaderTimeout: 5 * time.Second,
+				WriteTimeout:      defaultTimeouts.WriteTimeout,
+				IdleTimeout:       10 * time.Second,
+			},
+		},
+	} {
+		actual := makeHTTPServer("127.0.0.1:9005", tc.group)
+
+		if got, want := actual.Addr, "127.0.0.1:9005"; got != want {
+			t.Errorf("Test %d: Expected Addr=%s, but was %s", i, want, got)
+		}
+		if got, want := actual.ReadTimeout, tc.expected.ReadTimeout; got != want {
+			t.Errorf("Test %d: Expected ReadTimeout=%v, but was %v", i, want, got)
+		}
+		// TODO: ReadHeaderTimeout and IdleTimeout require Go 1.8
+		// if got, want := actual.ReadHeaderTimeout, tc.expected.ReadHeaderTimeout; got != want {
+		// 	t.Errorf("Test %d: Expected ReadHeaderTimeout=%v, but was %v", i, want, got)
+		// }
+		if got, want := actual.WriteTimeout, tc.expected.WriteTimeout; got != want {
+			t.Errorf("Test %d: Expected WriteTimeout=%v, but was %v", i, want, got)
+		}
+		// if got, want := actual.IdleTimeout, tc.expected.IdleTimeout; got != want {
+		// 	t.Errorf("Test %d: Expected IdleTimeout=%v, but was %v", i, want, got)
+		// }
+	}
+}
--- a/caddyhttp/httpserver/siteconfig.go
+++ b/caddyhttp/httpserver/siteconfig.go
@ -1,6 +1,10 @@
 package httpserver

-import "github.com/mholt/caddy/caddytls"
+import (
+	"time"
+
+	"github.com/mholt/caddy/caddytls"
+)

 // SiteConfig contains information about a site
 // (also known as a virtual host).
@ -36,6 +40,32 @@ type SiteConfig struct {

 	// The path to the Caddyfile used to generate this site config
 	originCaddyfile string
+
+	// These timeout values are used, in conjunction with other
+	// site configs on the same server instance, to set the
+	// respective timeout values on the http.Server that
+	// is created. Sensible values will mitigate slowloris
+	// attacks and overcome faulty networks, while still
+	// preserving functionality needed for proxying,
+	// websockets, etc.
+	Timeouts Timeouts
+}
+
+// Timeouts specify various timeouts for a server to use.
+// If the assocated bool field is true, then the duration
+// value should be treated literally (i.e. a zero-value
+// duration would mean "no timeout"). If false, the duration
+// was left unset, so a zero-value duration would mean to
+// use a default value (even if default is non-zero).
+type Timeouts struct {
+	ReadTimeout          time.Duration
+	ReadTimeoutSet       bool
+	ReadHeaderTimeout    time.Duration
+	ReadHeaderTimeoutSet bool
+	WriteTimeout         time.Duration
+	WriteTimeoutSet      bool
+	IdleTimeout          time.Duration
+	IdleTimeoutSet       bool
 }

 // PathLimit is a mapping from a site's path to its corresponding