gearheads
/
mastodon
Archived
2
0
Fork 0

Fix TLS handshake timeout not being enforced (#9381)

Follow-up to #9329
gh/stable
Eugen Rochko 2018-11-27 19:46:05 +01:00 committed by GitHub
parent 11955600ad
commit c39d7e7b2b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 1 deletions

View File

@ -4,6 +4,16 @@ require 'ipaddr'
require 'socket' require 'socket'
require 'resolv' require 'resolv'
# Monkey-patch the HTTP.rb timeout class to avoid using a timeout block
# around the Socket#open method, since we use our own timeout blocks inside
# that method
class HTTP::Timeout::PerOperation
def connect(socket_class, host, port, nodelay = false)
@socket = socket_class.open(host, port)
@socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) if nodelay
end
end
class Request class Request
REQUEST_TARGET = '(request-target)' REQUEST_TARGET = '(request-target)'
@ -95,7 +105,11 @@ class Request
end end
def timeout def timeout
{ connect: nil, read: 10, write: 10 } # We enforce a 1s timeout on DNS resolving, 10s timeout on socket opening
# and 5s timeout on the TLS handshake, meaning the worst case should take
# about 16s in total
{ connect: 5, read: 10, write: 10 }
end end
def http_client def http_client