fn: agent MaxRequestSize limit (#998)

* fn: agent MaxRequestSize limit Currently, LimitRequestBody() exists to install a http request body size in http/gin server. For production enviroments, this is expected to be used. However, in agents we may need to verify/enforce these size limits and to be able to assert in case of missing limits is valuable. With this change, operators can define an agent env variable to limit this in addition to installing Gin/Http handler. http.MaxBytesReader is superior in some cases as it sets http headers (Connection: close) to guard against subsequent requests. However, NewClampReadCloser() is superior in other cases, where it can cleanly return an API error for this case alone (http.MaxBytesReader() does not return a clean error type for overflow case, which makes it difficult to use it without peeking into its implementation.) For lb agent, upcoming changes rely on such limits enabled and using gin/http handler (http.MaxBytesReader) makes such checks/safety validations difficult. * fn: read/write clamp code adjustment In case of overflows, opt for simple implementation of a partial write followed by return error.
2022-10-28 21:29:17 +03:00 · 2018-05-16 11:45:57 -07:00
parent 7a64ec9db5
commit eab85dfab0
6 changed files with 96 additions and 3 deletions
--- a/api/agent/config.go
+++ b/api/agent/config.go
@@ -19,6 +19,7 @@ type AgentConfig struct {
 	CallEndTimeout          time.Duration `json:"call_end_timeout"`
 	MaxCallEndStacking      uint64        `json:"max_call_end_stacking"`
 	MaxResponseSize         uint64        `json:"max_response_size_bytes"`
+	MaxRequestSize          uint64        `json:"max_request_size_bytes"`
 	MaxLogSize              uint64        `json:"max_log_size_bytes"`
 	MaxTotalCPU             uint64        `json:"max_total_cpu_mcpus"`
 	MaxTotalMemory          uint64        `json:"max_total_memory_bytes"`
@@ -41,6 +42,7 @@ const (
 	EnvCallEndTimeout          = "FN_CALL_END_TIMEOUT_MSECS"
 	EnvMaxCallEndStacking      = "FN_MAX_CALL_END_STACKING"
 	EnvMaxResponseSize         = "FN_MAX_RESPONSE_SIZE"
+	EnvMaxRequestSize          = "FN_MAX_REQUEST_SIZE"
 	EnvMaxLogSize              = "FN_MAX_LOG_SIZE_BYTES"
 	EnvMaxTotalCPU             = "FN_MAX_TOTAL_CPU_MCPUS"
 	EnvMaxTotalMemory          = "FN_MAX_TOTAL_MEMORY_BYTES"
@@ -74,6 +76,7 @@ func NewAgentConfig() (*AgentConfig, error) {
 	err = setEnvMsecs(err, EnvAsyncChewPoll, &cfg.AsyncChewPoll, time.Duration(60)*time.Second)
 	err = setEnvMsecs(err, EnvCallEndTimeout, &cfg.CallEndTimeout, time.Duration(10)*time.Minute)
 	err = setEnvUint(err, EnvMaxResponseSize, &cfg.MaxResponseSize)
+	err = setEnvUint(err, EnvMaxRequestSize, &cfg.MaxRequestSize)
 	err = setEnvUint(err, EnvMaxLogSize, &cfg.MaxLogSize)
 	err = setEnvUint(err, EnvMaxTotalCPU, &cfg.MaxTotalCPU)
 	err = setEnvUint(err, EnvMaxTotalMemory, &cfg.MaxTotalMemory)