hoelee/cloudflared
1
0
Fork 0
mirror of https://github.com/cloudflare/cloudflared.git synced 2025-07-27 19:29:57 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

TUN-8236: Add write timeout to quic and tcp connections

Browse Source 
## Summary
To prevent bad eyeballs and severs to be able to exhaust the quic
control flows we are adding the possibility of having a timeout
for a write operation to be acknowledged. This will prevent hanging
connections from exhausting the quic control flows, creating a DDoS.
This commit is contained in:
João "Pisco" Fernandes
2024-02-12 18:58:55 +00:00
parent 56aeb6be65
commit 76badfa01b
18 changed files with 146 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
supervisor/tunnel.go
View File

@@ -66,6 +66,7 @@ type TunnelConfig struct {
PacketConfig *ingress.GlobalRouterConfig
UDPUnregisterSessionTimeout time.Duration
WriteStreamTimeout time.Duration
DisableQUICPathMTUDiscovery bool
@@ -614,6 +615,7 @@ func (e *EdgeTunnelServer) serveQUIC(
connLogger.Logger(),
e.config.PacketConfig,
e.config.UDPUnregisterSessionTimeout,
e.config.WriteStreamTimeout,
)
if err != nil {
connLogger.ConnAwareLogger().Err(err).Msgf("Failed to create new quic connection")