From 48c40c87bc4f4cbb2d3987e579692449d3970826 Mon Sep 17 00:00:00 2001
From: Jakob Borg <jakob@nym.se>
Date: Mon, 13 Oct 2014 11:18:13 +0200
Subject: [PATCH] Set read and write timeouts on HTTPS requests

---
 main.go | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 0fd7076a..01b28251 100644
--- a/main.go
+++ b/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"flag"
 	"fmt"
@@ -51,7 +52,27 @@ func main() {
 	http.HandleFunc("/report", reportHandler)
 	http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("static"))))
 
-	err = http.ListenAndServeTLS(fmt.Sprintf(":%d", *port), *certFile, *keyFile, nil)
+	cert, err := tls.LoadX509KeyPair(*certFile, *keyFile)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	cfg := &tls.Config{
+		Certificates:           []tls.Certificate{cert},
+		SessionTicketsDisabled: true,
+	}
+
+	listener, err := tls.Listen("tcp", fmt.Sprintf(":%d", *port), cfg)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	srv := http.Server{
+		ReadTimeout:  5 * time.Second,
+		WriteTimeout: 5 * time.Second,
+	}
+
+	err = srv.Serve(listener)
 	if err != nil {
 		log.Fatal(err)
 	}