From 8025bf58bab78ae4c019ece3843c3d04efa0ba7a Mon Sep 17 00:00:00 2001 From: James Pickett Date: Fri, 6 Dec 2024 13:32:26 -0800 Subject: [PATCH] add mutext for presence detection --- ee/localserver/server.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ee/localserver/server.go b/ee/localserver/server.go index a606e4df2..ce4f6a917 100644 --- a/ee/localserver/server.go +++ b/ee/localserver/server.go @@ -14,6 +14,7 @@ import ( "net/http" "runtime" "strings" + "sync" "time" "github.com/kolide/krypto" @@ -59,7 +60,8 @@ type localServer struct { serverKey *rsa.PublicKey serverEcKey *ecdsa.PublicKey - presenceDetector presenceDetector + presenceDetector presenceDetector + presenceDetectionMutex sync.Mutex } const ( @@ -416,6 +418,9 @@ func (ls *localServer) rateLimitHandler(next http.Handler) http.Handler { func (ls *localServer) presenceDetectionHandler(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // ensure we only prompt for 1 presence detection at a time + ls.presenceDetectionMutex.Lock() + defer ls.presenceDetectionMutex.Unlock() // can test this by adding an unauthed endpoint to the mux and running, for example: // curl -i -H "X-Kolide-Presence-Detection-Interval: 10s" -H "X-Kolide-Presence-Detection-Reason: my reason" localhost:12519/id