Merge #954: Disable TimeoutAcceptor when TSL is enabled

222fa42 feat: disable TimeoutAcceptor when TSL is enabled (Jose Celano) Pull request description: The TimeoutAcceptor es a custom acceptor for Axum that sets a timeput for making a request after openning a connection. It does not work when TSL is enabled. This commit disables it, therefore the app does not have any way to avoid a DDos attacks where clients just open connections without making any request. ACKs for top commit: josecelano: ACK 222fa42 Tree-SHA512: 0c9a01757f8683f19553ba332551103598c0d0483e3ec6ba1bae1e703acae84442c765883f7406bdb886bdeb5872780336d75450736350e7ce9d859e9943e0bb
torrust · Aug 7, 2024 · 7ac1556 · 7ac1556
2 parents 0a04dde + 222fa42
commit 7ac1556
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/src/servers/apis/server.rs b/src/servers/apis/server.rs
@@ -239,7 +239,9 @@ impl Launcher {
             match tls {
                 Some(tls) => custom_axum_server::from_tcp_rustls_with_timeouts(socket, tls)
                     .handle(handle)
-                    .acceptor(TimeoutAcceptor)
+                    // The TimeoutAcceptor is commented because TSL does not work with it.
+                    // See: https://github.com/torrust/torrust-index/issues/204#issuecomment-2115529214
+                    //.acceptor(TimeoutAcceptor)
                     .serve(router.into_make_service_with_connect_info::<std::net::SocketAddr>())
                     .await
                     .expect("Axum server for tracker API crashed."),

diff --git a/src/servers/http/server.rs b/src/servers/http/server.rs
@@ -65,7 +65,9 @@ impl Launcher {
             match tls {
                 Some(tls) => custom_axum_server::from_tcp_rustls_with_timeouts(socket, tls)
                     .handle(handle)
-                    .acceptor(TimeoutAcceptor)
+                    // The TimeoutAcceptor is commented because TSL does not work with it.
+                    // See: https://github.com/torrust/torrust-index/issues/204#issuecomment-2115529214
+                    //.acceptor(TimeoutAcceptor)
                     .serve(app.into_make_service_with_connect_info::<std::net::SocketAddr>())
                     .await
                     .expect("Axum server crashed."),