fluencelabs/tendermint
1
0
Fork 0
mirror of https://github.com/fluencelabs/tendermint synced 2025-06-24 10:11:48 +00:00
Code Issues Projects Releases Wiki Activity

limit HTTP request body and WS read msg size to 1MB

Browse Source
This commit is contained in:
Anton Kaliaev
2018-06-27 14:15:37 +04:00
parent f760c24ff0
commit 297cd4cfe8
3 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
rpc/lib/server/handlers.go
View File

@ -406,7 +406,13 @@ type wsConnection struct {
// description of how to configure ping period and pong wait time. NOTE: if the // description of how to configure ping period and pong wait time. NOTE: if the
// write buffer is full, pongs may be dropped, which may cause clients to // write buffer is full, pongs may be dropped, which may cause clients to
// disconnect. see https://github.com/gorilla/websocket/issues/97 // disconnect. see https://github.com/gorilla/websocket/issues/97
func NewWSConnection(baseConn *websocket.Conn, funcMap map[string]*RPCFunc, cdc *amino.Codec, options ...func(*wsConnection)) *wsConnection { func NewWSConnection(
baseConn *websocket.Conn,
funcMap map[string]*RPCFunc,
cdc *amino.Codec,
options ...func(*wsConnection),
) *wsConnection {
baseConn.SetReadLimit(maxBodyBytes)
wsc := &wsConnection{ wsc := &wsConnection{
remoteAddr: baseConn.RemoteAddr().String(), remoteAddr: baseConn.RemoteAddr().String(),
baseConn: baseConn, baseConn: baseConn,

20
rpc/lib/server/http_server.go
View File

@ -23,6 +23,12 @@ type Config struct {
MaxOpenConnections int MaxOpenConnections int
} }
const (
// maxBodyBytes controls the maximum number of bytes the
// server will read parsing the request body.
maxBodyBytes = int64(1000000) // 1MB
)
// StartHTTPServer starts an HTTP server on listenAddr with the given handler. // StartHTTPServer starts an HTTP server on listenAddr with the given handler.
// It wraps handler with RecoverAndLogHandler. // It wraps handler with RecoverAndLogHandler.
func StartHTTPServer( func StartHTTPServer(
@ -53,7 +59,7 @@ func StartHTTPServer(
go func() { go func() {
err := http.Serve( err := http.Serve(
listener, listener,
RecoverAndLogHandler(handler, logger), RecoverAndLogHandler(maxBytesHandler{h: handler, n: maxBodyBytes}, logger),
) )
logger.Error("RPC HTTP server stopped", "err", err) logger.Error("RPC HTTP server stopped", "err", err)
}() }()
@ -99,7 +105,7 @@ func StartHTTPAndTLSServer(
go func() { go func() {
err := http.ServeTLS( err := http.ServeTLS(
listener, listener,
RecoverAndLogHandler(handler, logger), RecoverAndLogHandler(maxBytesHandler{h: handler, n: maxBodyBytes}, logger),
certFile, certFile,
keyFile, keyFile,
) )
@ -202,3 +208,13 @@ func (w *ResponseWriterWrapper) WriteHeader(status int) {
func (w *ResponseWriterWrapper) Hijack() (net.Conn, *bufio.ReadWriter, error) { func (w *ResponseWriterWrapper) Hijack() (net.Conn, *bufio.ReadWriter, error) {
return w.ResponseWriter.(http.Hijacker).Hijack() return w.ResponseWriter.(http.Hijacker).Hijack()
} }
type maxBytesHandler struct {
h http.Handler
n int64
}
func (h maxBytesHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, h.n)
h.h.ServeHTTP(w, r)
}

1
types/params.go
View File

@ -7,6 +7,7 @@ import (
) )
const ( const (
// MaxBlockSizeBytes is the maximum permitted size of the blocks.
MaxBlockSizeBytes = 104857600 // 100MB MaxBlockSizeBytes = 104857600 // 100MB
) )