lnd: add http header timeout to config

2025-10-10 11:53:24 +02:00 · 2023-10-10 13:21:04 -06:00
parent ad5cd9c8bb
commit 039e9effe7
3 changed files with 15 additions and 6 deletions
--- a/config.go
+++ b/config.go
@@ -226,6 +226,9 @@ const (
 	// client should wait before sending a keepalive ping.
 	defaultGrpcClientPingMinWait = 5 * time.Second

+	// defaultHTTPHeaderTimeout is the default timeout for HTTP requests.
+	defaultHTTPHeaderTimeout = 5 * time.Second
+
 	// BitcoinChainName is a string that represents the Bitcoin blockchain.
 	BitcoinChainName = "bitcoin"

@@ -492,6 +495,10 @@ type Config struct {
 	// Dev specifies configs used for integration tests, which is always
 	// empty if not built with `integration` flag.
 	Dev *lncfg.DevConfig `group:"dev" namespace:"dev"`
+
+	// HTTPHeaderTimeout is the maximum duration that the server will wait
+	// before timing out reading the headers of an HTTP request.
+	HTTPHeaderTimeout time.Duration `long:"http-header-timeout" description:"The maximum duration that the server will wait before timing out reading the headers of an HTTP request."`
 }

 // GRPCConfig holds the configuration options for the gRPC server.
@@ -695,6 +702,7 @@ func DefaultConfig() Config {
 			ClientPingMinWait: defaultGrpcClientPingMinWait,
 		},
 		WtClient:          lncfg.DefaultWtClientCfg(),
+		HTTPHeaderTimeout: defaultHTTPHeaderTimeout,
 	}
 }

--- a/lnd.go
+++ b/lnd.go
@@ -214,7 +214,7 @@ func Main(cfg *Config, lisCfg ListenerCfg, implCfg *ImplementationCfg,
 		pprofServer := &http.Server{
 			Addr:              cfg.Profile,
 			Handler:           pprofMux,
-			ReadHeaderTimeout: 5 * time.Second,
+			ReadHeaderTimeout: cfg.HTTPHeaderTimeout,
 		}

 		// Shut the server down when lnd is shutting down.
@@ -271,6 +271,8 @@ func Main(cfg *Config, lisCfg ListenerCfg, implCfg *ImplementationCfg,
 		LetsEncryptListen: cfg.LetsEncryptListen,

 		DisableRestTLS: cfg.DisableRestTLS,
+
+		HTTPHeaderTimeout: cfg.HTTPHeaderTimeout,
 	}
 	tlsManager := NewTLSManager(tlsManagerCfg)
 	serverOpts, restDialOpts, restListen, cleanUp,
--- a/tls_manager.go
+++ b/tls_manager.go
@@ -39,9 +39,6 @@ var (
 	// - `-----BEGIN PRIVATE KEY-----`    (PKCS8).
 	// - `-----BEGIN EC PRIVATE KEY-----` (SEC1/rfc5915, the legacy format).
 	privateKeyPrefix = []byte("-----BEGIN ")
-
-	// letsEncryptTimeout sets a timeout for the Lets Encrypt server.
-	letsEncryptTimeout = 5 * time.Second
 )

 // TLSManagerCfg houses a set of values and methods that is passed to the
@@ -61,6 +58,8 @@ type TLSManagerCfg struct {
 	LetsEncryptListen string

 	DisableRestTLS bool
+
+	HTTPHeaderTimeout time.Duration
 }

 // TLSManager generates/renews a TLS cert/key pair when needed. When required,
@@ -424,7 +423,7 @@ func (t *TLSManager) setUpLetsEncrypt(certData *tls.Certificate,
 	srv := &http.Server{
 		Addr:              t.cfg.LetsEncryptListen,
 		Handler:           manager.HTTPHandler(nil),
-		ReadHeaderTimeout: letsEncryptTimeout,
+		ReadHeaderTimeout: t.cfg.HTTPHeaderTimeout,
 	}
 	shutdownCompleted := make(chan struct{})
 	cleanUp = func() {