Skip to content

Commit

Permalink
Allow setting timeout during TLS Handshake
Browse files Browse the repository at this point in the history
Buggy clients might never respond during the TLS handshake phase. This
change adds a config setting to set a read timeout before calling
handshake. I think the handshake involves multiple reads but this
setting should help with clients who never respond.
  • Loading branch information
munkyboy committed Aug 23, 2021
1 parent 307370c commit e4c383a
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions server.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ type Server struct {
handler Handler
lastError error
readTimeoutMilliseconds int64
tlsHandshakeTimeout time.Duration
tlsPeerNameFunc TlsPeerNameFunc
datagramPool sync.Pool
}
Expand Down Expand Up @@ -66,6 +67,10 @@ func (s *Server) SetTimeout(millseconds int64) {
s.readTimeoutMilliseconds = millseconds
}

func (s *Server) SetTlsHandshakeTimeout(d time.Duration) {
s.tlsHandshakeTimeout = d
}

// Set the function that extracts a TLS peer name from the TLS connection
func (s *Server) SetTlsPeerNameFunc(tlsPeerNameFunc TlsPeerNameFunc) {
s.tlsPeerNameFunc = tlsPeerNameFunc
Expand Down Expand Up @@ -206,6 +211,9 @@ func (s *Server) goScanConnection(connection net.Conn) {
tlsPeer := ""
if tlsConn, ok := connection.(*tls.Conn); ok {
// Handshake now so we get the TLS peer information
if s.tlsHandshakeTimeout > 0 {
tlsConn.SetDeadline(time.Now().Add(s.tlsHandshakeTimeout))
}
if err := tlsConn.Handshake(); err != nil {
connection.Close()
return
Expand Down

0 comments on commit e4c383a

Please sign in to comment.