From 8081bf2d53f70747e2c54986163665802eec3b7f Mon Sep 17 00:00:00 2001 From: evilsocket Date: Thu, 25 Jan 2018 12:11:25 +0100 Subject: [PATCH] fix: using proper timeouts in http and https proxies (fixes #26) --- modules/http_proxy_base.go | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/modules/http_proxy_base.go b/modules/http_proxy_base.go index 6a22a2d5..3deaca39 100644 --- a/modules/http_proxy_base.go +++ b/modules/http_proxy_base.go @@ -25,6 +25,11 @@ import ( "github.com/inconshreveable/go-vhost" ) +const ( + httpReadTimeout = 5 * time.Second + httpWriteTimeout = 10 * time.Second +) + type HTTPProxy struct { Name string Address string @@ -144,8 +149,10 @@ func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scrip } p.Server = http.Server{ - Addr: fmt.Sprintf("%s:%d", p.Address, proxyPort), - Handler: p.Proxy, + Addr: fmt.Sprintf("%s:%d", p.Address, proxyPort), + Handler: p.Proxy, + ReadTimeout: httpReadTimeout, + WriteTimeout: httpWriteTimeout, } if p.sess.Firewall.IsForwardingEnabled() == false { @@ -279,6 +286,10 @@ func (p *HTTPProxy) httpsWorker() error { } go func(c net.Conn) { + now := time.Now() + c.SetReadDeadline(now.Add(httpReadTimeout)) + c.SetWriteDeadline(now.Add(httpWriteTimeout)) + tlsConn, err := vhost.TLS(c) if err != nil { log.Warning("Error reading SNI: %s.", err)