From 039e9effe7590ec2e651beba84b8b8ad07165238 Mon Sep 17 00:00:00 2001 From: Amin Bashiri Date: Tue, 10 Oct 2023 13:21:04 -0600 Subject: [PATCH 1/2] lnd: add http header timeout to config --- config.go | 10 +++++++++- lnd.go | 4 +++- tls_manager.go | 7 +++---- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/config.go b/config.go index 844e56158..93e301adc 100644 --- a/config.go +++ b/config.go @@ -226,6 +226,9 @@ const ( // client should wait before sending a keepalive ping. defaultGrpcClientPingMinWait = 5 * time.Second + // defaultHTTPHeaderTimeout is the default timeout for HTTP requests. + defaultHTTPHeaderTimeout = 5 * time.Second + // BitcoinChainName is a string that represents the Bitcoin blockchain. BitcoinChainName = "bitcoin" @@ -492,6 +495,10 @@ type Config struct { // Dev specifies configs used for integration tests, which is always // empty if not built with `integration` flag. Dev *lncfg.DevConfig `group:"dev" namespace:"dev"` + + // HTTPHeaderTimeout is the maximum duration that the server will wait + // before timing out reading the headers of an HTTP request. + HTTPHeaderTimeout time.Duration `long:"http-header-timeout" description:"The maximum duration that the server will wait before timing out reading the headers of an HTTP request."` } // GRPCConfig holds the configuration options for the gRPC server. @@ -694,7 +701,8 @@ func DefaultConfig() Config { ServerPingTimeout: defaultGrpcServerPingTimeout, ClientPingMinWait: defaultGrpcClientPingMinWait, }, - WtClient: lncfg.DefaultWtClientCfg(), + WtClient: lncfg.DefaultWtClientCfg(), + HTTPHeaderTimeout: defaultHTTPHeaderTimeout, } } diff --git a/lnd.go b/lnd.go index c8048dce6..5412360e0 100644 --- a/lnd.go +++ b/lnd.go @@ -214,7 +214,7 @@ func Main(cfg *Config, lisCfg ListenerCfg, implCfg *ImplementationCfg, pprofServer := &http.Server{ Addr: cfg.Profile, Handler: pprofMux, - ReadHeaderTimeout: 5 * time.Second, + ReadHeaderTimeout: cfg.HTTPHeaderTimeout, } // Shut the server down when lnd is shutting down. @@ -271,6 +271,8 @@ func Main(cfg *Config, lisCfg ListenerCfg, implCfg *ImplementationCfg, LetsEncryptListen: cfg.LetsEncryptListen, DisableRestTLS: cfg.DisableRestTLS, + + HTTPHeaderTimeout: cfg.HTTPHeaderTimeout, } tlsManager := NewTLSManager(tlsManagerCfg) serverOpts, restDialOpts, restListen, cleanUp, diff --git a/tls_manager.go b/tls_manager.go index 577d2fc6d..232c33060 100644 --- a/tls_manager.go +++ b/tls_manager.go @@ -39,9 +39,6 @@ var ( // - `-----BEGIN PRIVATE KEY-----` (PKCS8). // - `-----BEGIN EC PRIVATE KEY-----` (SEC1/rfc5915, the legacy format). privateKeyPrefix = []byte("-----BEGIN ") - - // letsEncryptTimeout sets a timeout for the Lets Encrypt server. - letsEncryptTimeout = 5 * time.Second ) // TLSManagerCfg houses a set of values and methods that is passed to the @@ -61,6 +58,8 @@ type TLSManagerCfg struct { LetsEncryptListen string DisableRestTLS bool + + HTTPHeaderTimeout time.Duration } // TLSManager generates/renews a TLS cert/key pair when needed. When required, @@ -424,7 +423,7 @@ func (t *TLSManager) setUpLetsEncrypt(certData *tls.Certificate, srv := &http.Server{ Addr: t.cfg.LetsEncryptListen, Handler: manager.HTTPHandler(nil), - ReadHeaderTimeout: letsEncryptTimeout, + ReadHeaderTimeout: t.cfg.HTTPHeaderTimeout, } shutdownCompleted := make(chan struct{}) cleanUp = func() { From 0c64a183cf583b4399d9fb6f1866b8c28e843734 Mon Sep 17 00:00:00 2001 From: Amin Bashiri Date: Tue, 10 Oct 2023 13:21:11 -0600 Subject: [PATCH 2/2] lntest: add http header timeout to config --- config.go | 4 ++-- docs/release-notes/release-notes-0.18.0.md | 17 +++++++++++------ lntest/fee_service.go | 6 ++++-- sample-lnd.conf | 3 +++ 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/config.go b/config.go index 93e301adc..12cb82e7e 100644 --- a/config.go +++ b/config.go @@ -227,7 +227,7 @@ const ( defaultGrpcClientPingMinWait = 5 * time.Second // defaultHTTPHeaderTimeout is the default timeout for HTTP requests. - defaultHTTPHeaderTimeout = 5 * time.Second + DefaultHTTPHeaderTimeout = 5 * time.Second // BitcoinChainName is a string that represents the Bitcoin blockchain. BitcoinChainName = "bitcoin" @@ -702,7 +702,7 @@ func DefaultConfig() Config { ClientPingMinWait: defaultGrpcClientPingMinWait, }, WtClient: lncfg.DefaultWtClientCfg(), - HTTPHeaderTimeout: defaultHTTPHeaderTimeout, + HTTPHeaderTimeout: DefaultHTTPHeaderTimeout, } } diff --git a/docs/release-notes/release-notes-0.18.0.md b/docs/release-notes/release-notes-0.18.0.md index 2bf472de9..5d029eb4e 100644 --- a/docs/release-notes/release-notes-0.18.0.md +++ b/docs/release-notes/release-notes-0.18.0.md @@ -8,14 +8,16 @@ - [Functional Updates](#functional-updates) - [RPC Updates](#rpc-updates) - [lncli Updates](#lncli-updates) + - [Code Health](#code-health) - [Breaking Changes](#breaking-changes) - [Performance Improvements](#performance-improvements) - - [Technical and Architectural Updates](#technical-and-architectural-updates) - - [BOLT Spec Updates](#bolt-spec-updates) - - [Testing](#testing) - - [Database](#database) - - [Code Health](#code-health) - - [Tooling and Documentation](#tooling-and-documentation) +- [Technical and Architectural Updates](#technical-and-architectural-updates) + - [BOLT Spec Updates](#bolt-spec-updates) + - [Testing](#testing) + - [Database](#database) + - [Code Health](#code-health-1) + - [Tooling and Documentation](#tooling-and-documentation) +- [Contributors (Alphabetical Order)](#contributors-alphabetical-order) # Bug Fixes @@ -36,6 +38,8 @@ and payment to blinded paths has been added via the `QueryRoutes` (and SendToRouteV2) APIs. This functionality is surfaced in `lncli queryroutes` where the required flags are tagged with `(blinded paths)`. +* A new config value, + [http-header-timeout](https://github.com/lightningnetwork/lnd/pull/7715), is added so users can specify the amount of time the http server will wait for a request to complete before closing the connection. The default value is 5 seconds. ## RPC Additions ## lncli Additions @@ -75,6 +79,7 @@ # Contributors (Alphabetical Order) +* Amin Bashiri * Andras Banki-Horvath * Carla Kirk-Cohen * Elle Mouton diff --git a/lntest/fee_service.go b/lntest/fee_service.go index 1c94713ba..592430b8e 100644 --- a/lntest/fee_service.go +++ b/lntest/fee_service.go @@ -9,6 +9,7 @@ import ( "sync" "testing" + "github.com/lightningnetwork/lnd" "github.com/lightningnetwork/lnd/lntest/node" "github.com/lightningnetwork/lnd/lnwallet/chainfee" "github.com/stretchr/testify/require" @@ -81,8 +82,9 @@ func NewFeeService(t *testing.T) *FeeService { mux.HandleFunc("/fee-estimates.json", f.handleRequest) f.srv = &http.Server{ - Addr: listenAddr, - Handler: mux, + Addr: listenAddr, + Handler: mux, + ReadHeaderTimeout: lnd.DefaultHTTPHeaderTimeout, } return &f diff --git a/sample-lnd.conf b/sample-lnd.conf index 3d8a7b292..9bc1a2a84 100644 --- a/sample-lnd.conf +++ b/sample-lnd.conf @@ -519,6 +519,9 @@ ; intelligence services. ; color=#3399FF +; The maximum duration that the server will wait before timing out reading +; the headers of an HTTP request. +; http-header-timeout=5s [prometheus]