From 6401c3e28a91e29e4be07ec949552748e363c8b2 Mon Sep 17 00:00:00 2001
From: Tanggui Bian <softwarebtg@163.com>
Date: Thu, 17 Aug 2023 10:44:54 +0800
Subject: [PATCH] add http limit for the Slowloris attack

Signed-off-by: Tanggui Bian <softwarebtg@163.com>
---
 cmd/descheduler/app/descheduler.go             | 18 ++++++++++++++++++
 .../app/scheduler-estimator.go                 | 18 ++++++++++++++++++
 cmd/scheduler/app/scheduler.go                 | 18 ++++++++++++++++++
 pkg/sharedcli/profileflag/profileflag.go       | 18 ++++++++++++++++++
 4 files changed, 72 insertions(+)

diff --git a/cmd/descheduler/app/descheduler.go b/cmd/descheduler/app/descheduler.go
index d4525a45a..ed2940942 100644
--- a/cmd/descheduler/app/descheduler.go
+++ b/cmd/descheduler/app/descheduler.go
@@ -43,6 +43,22 @@ const (
 	// References:
 	// - https://en.wikipedia.org/wiki/Slowloris_(computer_security)
 	ReadHeaderTimeout = 32 * time.Second
+	// WriteTimeout is the amount of time allowed to write the
+	// request data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	WriteTimeout = 5 * time.Minute
+	// ReadTimeout is the amount of time allowed to read
+	// response data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	ReadTimeout = 5 * time.Minute
 )
 
 // NewDeschedulerCommand creates a *cobra.Command object with default parameters
@@ -174,6 +190,8 @@ func serveHealthzAndMetrics(address string) {
 		Addr:              address,
 		Handler:           mux,
 		ReadHeaderTimeout: ReadHeaderTimeout,
+		WriteTimeout:      WriteTimeout,
+		ReadTimeout:       ReadTimeout,
 	}
 	if err := httpServer.ListenAndServe(); err != nil {
 		klog.Errorf("Failed to serve healthz and metrics: %v", err)
diff --git a/cmd/scheduler-estimator/app/scheduler-estimator.go b/cmd/scheduler-estimator/app/scheduler-estimator.go
index 5e91a7058..20bbefad6 100644
--- a/cmd/scheduler-estimator/app/scheduler-estimator.go
+++ b/cmd/scheduler-estimator/app/scheduler-estimator.go
@@ -40,6 +40,22 @@ const (
 	// References:
 	// - https://en.wikipedia.org/wiki/Slowloris_(computer_security)
 	ReadHeaderTimeout = 32 * time.Second
+	// WriteTimeout is the amount of time allowed to write the
+	// request data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	WriteTimeout = 5 * time.Minute
+	// ReadTimeout is the amount of time allowed to read
+	// response data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	ReadTimeout = 5 * time.Minute
 )
 
 // NewSchedulerEstimatorCommand creates a *cobra.Command object with default parameters
@@ -121,6 +137,8 @@ func serveHealthzAndMetrics(address string) {
 		Addr:              address,
 		Handler:           mux,
 		ReadHeaderTimeout: ReadHeaderTimeout,
+		WriteTimeout:      WriteTimeout,
+		ReadTimeout:       ReadTimeout,
 	}
 	if err := httpServer.ListenAndServe(); err != nil {
 		klog.Errorf("Failed to serve healthz and metrics: %v", err)
diff --git a/cmd/scheduler/app/scheduler.go b/cmd/scheduler/app/scheduler.go
index ed1c8b58d..c779ee542 100644
--- a/cmd/scheduler/app/scheduler.go
+++ b/cmd/scheduler/app/scheduler.go
@@ -45,6 +45,22 @@ const (
 	// References:
 	// - https://en.wikipedia.org/wiki/Slowloris_(computer_security)
 	ReadHeaderTimeout = 32 * time.Second
+	// WriteTimeout is the amount of time allowed to write the
+	// request data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	WriteTimeout = 5 * time.Minute
+	// ReadTimeout is the amount of time allowed to read
+	// response data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	ReadTimeout = 5 * time.Minute
 )
 
 // Option configures a framework.Registry.
@@ -207,6 +223,8 @@ func serveHealthzAndMetrics(address string) {
 		Addr:              address,
 		Handler:           mux,
 		ReadHeaderTimeout: ReadHeaderTimeout,
+		WriteTimeout:      WriteTimeout,
+		ReadTimeout:       ReadTimeout,
 	}
 	if err := httpServer.ListenAndServe(); err != nil {
 		klog.Errorf("Failed to serve healthz and metrics: %v", err)
diff --git a/pkg/sharedcli/profileflag/profileflag.go b/pkg/sharedcli/profileflag/profileflag.go
index 0a57866b5..2e30a5fc7 100644
--- a/pkg/sharedcli/profileflag/profileflag.go
+++ b/pkg/sharedcli/profileflag/profileflag.go
@@ -21,6 +21,22 @@ const (
 	// References:
 	// - https://en.wikipedia.org/wiki/Slowloris_(computer_security)
 	ReadHeaderTimeout = 32 * time.Second
+	// WriteTimeout is the amount of time allowed to write the
+	// request data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	WriteTimeout = 5 * time.Minute
+	// ReadTimeout is the amount of time allowed to read
+	// response data.
+	// HTTP timeouts are necessary to expire inactive connections
+	// and failing to do so might make the application vulnerable
+	// to attacks like slowloris which work by sending data very slow,
+	// which in case of no timeout will keep the connection active
+	// eventually leading to a denial-of-service (DoS) attack.
+	ReadTimeout = 5 * time.Minute
 )
 
 // Options are options for pprof.
@@ -57,6 +73,8 @@ func ListenAndServe(opts Options) {
 				Addr:              opts.ProfilingBindAddress,
 				Handler:           mux,
 				ReadHeaderTimeout: ReadHeaderTimeout,
+				WriteTimeout:      WriteTimeout,
+				ReadTimeout:       ReadTimeout,
 			}
 			if err := httpServer.ListenAndServe(); err != nil {
 				klog.Errorf("Failed to enable profiling: %v", err)