Make timeouts configurable

theparanoids · Dec 8, 2020 · 2a8abd7 · 2a8abd7
1 parent ab61c89
commit 2a8abd7
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 6 deletions.
diff --git a/config/config.go b/config/config.go
@@ -27,6 +27,10 @@ const (
 	defaultShutdownOnSigningFailureTimerDurationSecond = 60
 	defaultShutdownOnSigningFailureTimerCount          = 10
 
+	defaultIdleTimeout  = 30
+	defaultReadTimeout  = 10
+	defaultWriteTimeout = 10
+
 	// X509CertEndpoint specifies the endpoint for signing X509 certificate.
 	X509CertEndpoint = "/sig/x509-cert"
 	// SSHUserCertEndpoint specifies the endpoint for signing SSH user certificate.
@@ -104,6 +108,11 @@ type Config struct {
 		TimerDurationSecond   uint
 		TimerCountLimit       uint
 	}
+
+	// timeouts used in initialization of http.Server (in seconds)
+	IdleTimeout  uint
+	ReadTimeout  uint
+	WriteTimeout uint
 }
 
 // Parse loads configuration values from input file and returns config object and CA cert.
@@ -212,4 +221,14 @@ func (c *Config) loadDefaults() {
 	if c.ShutdownOnInternalFailureCriteria.TimerCountLimit == 0 {
 		c.ShutdownOnInternalFailureCriteria.TimerCountLimit = defaultShutdownOnSigningFailureTimerCount
 	}
+
+	if c.IdleTimeout == 0 {
+		c.IdleTimeout = defaultIdleTimeout
+	}
+	if c.ReadTimeout == 0 {
+		c.ReadTimeout = defaultReadTimeout
+	}
+	if c.WriteTimeout == 0 {
+		c.WriteTimeout = defaultWriteTimeout
+	}
 }
diff --git a/config/config_test.go b/config/config_test.go
@@ -41,6 +41,9 @@ func TestParse(t *testing.T) {
 			TimerDurationSecond:   120,
 			TimerCountLimit:       20,
 		},
+		IdleTimeout:  30,
+		ReadTimeout:  10,
+		WriteTimeout: 10,
 	}
 	testcases := map[string]struct {
 		filePath    string

diff --git a/config/testdata/testconf-good.json b/config/testdata/testconf-good.json
@@ -18,5 +18,8 @@
     "ConsecutiveCountLimit": 3,
     "TimerDurationSecond": 120,
     "TimerCountLimit": 20
-  }
+  },
+  "IdleTimeout": 30,
+  "ReadTimeout": 10,
+  "WriteTimeout": 10
 }
diff --git a/server/server.go b/server/server.go
@@ -50,7 +50,9 @@ func grpcHandlerFunc(ctx context.Context, grpcServer *grpc.Server, otherHandler
 }
 
 // initHTTPServer initializes HTTP server with TLS credentials and returns http.Server.
-func initHTTPServer(ctx context.Context, tlsConfig *tls.Config, grpcServer *grpc.Server, gwmux *runtime.ServeMux, addr string) *http.Server {
+func initHTTPServer(ctx context.Context, tlsConfig *tls.Config,
+	grpcServer *grpc.Server, gwmux *runtime.ServeMux, addr string,
+	idleTimeout, readTimeout, writeTimeout uint) *http.Server {
 	mux := http.NewServeMux()
 	// handler to check if service is up
 	mux.HandleFunc("/ruok", func(w http.ResponseWriter, req *http.Request) {
@@ -64,9 +66,9 @@ func initHTTPServer(ctx context.Context, tlsConfig *tls.Config, grpcServer *grpc
 		// "http: TLS handshake error from 1.2.3.4:53651: EOF"
 		ErrorLog:     log.New(ioutil.Discard, "", 0),
 		Handler:      grpcHandlerFunc(ctx, grpcServer, mux),
-		IdleTimeout:  30 * time.Second,
-		ReadTimeout:  10 * time.Second,
-		WriteTimeout: 10 * time.Second,
+		IdleTimeout:  time.Duration(idleTimeout) * time.Second,
+		ReadTimeout:  time.Duration(readTimeout) * time.Second,
+		WriteTimeout: time.Duration(writeTimeout) * time.Second,
 		TLSConfig:    tlsConfig,
 	}
 	return srv
@@ -206,7 +208,8 @@ func Main(keyP crypki.KeyIDProcessor) {
 
 	proto.RegisterSigningServer(grpcServer, ss)
 
-	server = initHTTPServer(ctx, tlsConfig, grpcServer, gwmux, net.JoinHostPort(cfg.TLSHost, cfg.TLSPort))
+	server = initHTTPServer(ctx, tlsConfig, grpcServer, gwmux, net.JoinHostPort(cfg.TLSHost, cfg.TLSPort),
+		cfg.IdleTimeout, cfg.ReadTimeout, cfg.WriteTimeout)
 	listener, err := net.Listen("tcp", server.Addr)
 	if err != nil {
 		log.Fatalf("failed to listen: %v", err)