1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/cmd/dockerd
Sebastiaan van Stijn 997ec12ec8
set ReadHeaderTimeout to address G112: Potential Slowloris Attack (gosec)
After discussing in the maintainers meeting, we concluded that Slowloris attacks
are not a real risk other than potentially having some additional goroutines
lingering around, so setting a long timeout to satisfy the linter, and to at
least have "some" timeout.

    libnetwork/diagnostic/server.go:96:10: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
        srv := &http.Server{
            Addr:    net.JoinHostPort(ip, strconv.Itoa(port)),
            Handler: s,
        }
    api/server/server.go:60:10: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
                srv: &http.Server{
                    Addr: addr,
                },
    daemon/metrics_unix.go:34:13: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
            if err := http.Serve(l, mux); err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
                      ^
    cmd/dockerd/metrics.go:27:13: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
            if err := http.Serve(l, mux); err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
                      ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 55fd77f724)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 12:27:32 +02:00
..
trap gofmt GoDoc comments with go1.19 2022-07-13 22:42:29 +02:00
config.go daemon: complete the "--graph" / "-g" deprecation 2022-08-18 18:44:17 +02:00
config_unix.go daemon/config: New(): set more defaults 2022-06-29 19:59:18 +02:00
config_unix_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
config_windows.go registry: remove dependency on rootlesskit, add SetCertsDir() 2022-03-25 16:21:45 +01:00
daemon.go daemon: complete the "--graph" / "-g" deprecation 2022-08-18 18:44:17 +02:00
daemon_freebsd.go daemon: move check for CPU-realtime daemon options 2022-03-03 19:50:27 +01:00
daemon_linux.go daemon: move check for CPU-realtime daemon options 2022-03-03 19:50:27 +01:00
daemon_test.go cmd/dockerd: loadDaemonCliConfig() safeguard for unparsed flags 2022-06-29 19:55:06 +02:00
daemon_unix.go daemon: improve some errors 2022-06-29 19:54:57 +02:00
daemon_unix_test.go cmd/dockerd: produce error when using discovery options 2022-01-06 18:28:15 +01:00
daemon_windows.go daemon: move check for CPU-realtime daemon options 2022-03-03 19:50:27 +01:00
docker.go cmd/dockerd: un-export config methods, and don't pass flags "twice" 2022-04-27 00:34:17 +02:00
docker_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
docker_windows.go use go-winres for windows build and cleanup autogen and winresources 2022-04-14 19:52:36 +02:00
genwinres_windows.go use go-winres for cross to create Windows resources 2022-04-14 19:52:35 +02:00
metrics.go set ReadHeaderTimeout to address G112: Potential Slowloris Attack (gosec) 2022-09-22 12:27:32 +02:00
options.go cmd/dockerd: un-export config methods, and don't pass flags "twice" 2022-04-27 00:34:17 +02:00
options_test.go cmd/dockerd: un-export config methods, and don't pass flags "twice" 2022-04-27 00:34:17 +02:00
README.md
service_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
service_windows.go Windows: require Windows Server RS5 / ltsc2019 (build 17763) as minimum 2022-02-18 22:58:28 +01:00

docker.go contains Docker daemon's main function.

This file provides first line CLI argument parsing and environment variable setting.