Skip to content

feat(preconf): harden HTTP server limits#3119

Open
fridrik01 wants to merge 1 commit into
tls-preconf-server-hardeningfrom
http-server-hardening
Open

feat(preconf): harden HTTP server limits#3119
fridrik01 wants to merge 1 commit into
tls-preconf-server-hardeningfrom
http-server-hardening

Conversation

@fridrik01

@fridrik01 fridrik01 commented May 29, 2026

Copy link
Copy Markdown
Contributor

This PR hardens the preconf HTTP server and validator client against DoS and OOM, The sequencer is internet-facing, so it previously accepted unbounded request bodies, had no read/write/idle timeouts, and no cap on concurrent connections, leaving it open to OOM, Slowloris, and connection-exhaustion attacks.

More specifically, the main changes are:

  • Request body cap (server): MaxBytesReader (2 KB) -> 413 on oversized bodies.
  • Read/Write/Idle timeouts (server): 15s / 30s / 60s, closes Slowloris and idle keep-alive vectors.
  • Max concurrent connections (server): netutil.LimitListener(256).
  • Response body cap (client): default 16 MiB, configurable via max-response-size, to prevent a malicious sequencer OOMing a validator. Picked 16 MiB which should cover the worst-case valid block, full hex-encoded transactions (~6 MiB) + 6 blobs (~1.5 MiB) with ~2× headroom.

@fridrik01 fridrik01 requested review from bar-bera and calbera May 29, 2026 16:27
@fridrik01 fridrik01 self-assigned this May 29, 2026
@fridrik01 fridrik01 marked this pull request as ready for review May 29, 2026 16:32
@fridrik01 fridrik01 requested a review from a team as a code owner May 29, 2026 16:32
@codecov

codecov Bot commented May 29, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 86.66667% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 60.22%. Comparing base (e23dc05) to head (8684280).

Files with missing lines Patch % Lines
beacon/preconf/config.go 25.00% 2 Missing and 1 partial ⚠️
node-core/components/preconf_client.go 0.00% 1 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@                       Coverage Diff                        @@
##           tls-preconf-server-hardening    #3119      +/-   ##
================================================================
+ Coverage                         60.01%   60.22%   +0.21%     
================================================================
  Files                               384      384              
  Lines                             20055    20079      +24     
================================================================
+ Hits                              12036    12093      +57     
+ Misses                             7028     6986      -42     
- Partials                            991     1000       +9     
Files with missing lines Coverage Δ
beacon/preconf/client.go 52.20% <100.00%> (+30.33%) ⬆️
beacon/preconf/server.go 77.20% <100.00%> (+1.88%) ⬆️
beacon/preconf/server_metrics.go 100.00% <ø> (ø)
node-core/components/preconf_client.go 16.66% <0.00%> (-0.36%) ⬇️
beacon/preconf/config.go 81.25% <25.00%> (-8.04%) ⬇️
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@calbera calbera left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm but can we add e2e tests for the scenarios you mentioned were previously possible (but shouldn't be anymore)?

previously accepted unbounded request bodies, had no read/write/idle timeouts, and no cap on concurrent connections

@bar-bera bar-bera left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree on testing. Also MaxHeaderBytes (DefaultMaxHeaderBytes = 1 << 20 // 1 MB) and MaxResponseHeaderBytes (default at 10 MB), not game changing since connections are already limited but maybe you want to consider them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants