From d5ae7562ac65f07d1c2e4137534217644f391612 Mon Sep 17 00:00:00 2001
From: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu, 30 Jul 2020 16:34:34 -0400
Subject: [PATCH] Add response header timeouts to broker transports

The client and proxy use the net/http default transport to make round
trip connecitons to the broker. These by default don't time out and can
wait indefinitely for the broker to respond if the broker hangs and
doesn't terminate the connection.
---
 client/lib/rendezvous.go | 2 ++
 proxy/snowflake.go       | 1 +
 2 files changed, 3 insertions(+)

diff --git a/client/lib/rendezvous.go b/client/lib/rendezvous.go
index 2702d4e..37ade35 100644
--- a/client/lib/rendezvous.go
+++ b/client/lib/rendezvous.go
@@ -17,6 +17,7 @@ import (
 	"net/http"
 	"net/url"
 	"sync"
+	"time"
 
 	"git.torproject.org/pluggable-transports/snowflake.git/common/nat"
 	"git.torproject.org/pluggable-transports/snowflake.git/common/util"
@@ -48,6 +49,7 @@ type BrokerChannel struct {
 func CreateBrokerTransport() http.RoundTripper {
 	transport := http.DefaultTransport.(*http.Transport)
 	transport.Proxy = nil
+	transport.ResponseHeaderTimeout = 15 * time.Second
 	return transport
 }
 
diff --git a/proxy/snowflake.go b/proxy/snowflake.go
index 464fbb0..b880b36 100644
--- a/proxy/snowflake.go
+++ b/proxy/snowflake.go
@@ -481,6 +481,7 @@ func main() {
 	}
 
 	broker.transport = http.DefaultTransport.(*http.Transport)
+	broker.transport.(*http.Transport).ResponseHeaderTimeout = 15 * time.Second
 	config = webrtc.Configuration{
 		ICEServers: []webrtc.ICEServer{
 			{
-- 
GitLab