From d2678dfdee75b1112a0c55405ac0e6e1842ac45e Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Fri, 16 Jul 2021 17:10:09 +0200 Subject: net.server_epoll: Use only fatal "write" timeout during TLS negotiation Only real difference between the read and write timeouts is that the former has a callback that allows the higher levels to keep the connection alive, while hitting the later is immediately fatal. We want the later behavior for TLS negotiation. --- net/server_epoll.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/server_epoll.lua b/net/server_epoll.lua index b2f49f7c..52a7f4f3 100644 --- a/net/server_epoll.lua +++ b/net/server_epoll.lua @@ -600,7 +600,7 @@ function interface:starttls(tls_ctx) self.onwritable = interface.inittls; self.onreadable = interface.inittls; self:set(true, true); - self:setreadtimeout(cfg.ssl_handshake_timeout); + self:setreadtimeout(false); self:setwritetimeout(cfg.ssl_handshake_timeout); self:debug("Prepared to start TLS"); end @@ -651,7 +651,7 @@ function interface:inittls(tls_ctx, now) if now then return self:tlshandshake() end - self:setreadtimeout(cfg.ssl_handshake_timeout); + self:setreadtimeout(false); self:setwritetimeout(cfg.ssl_handshake_timeout); self:set(true, true); end @@ -677,7 +677,7 @@ function interface:tlshandshake() elseif err == "wantread" then self:noise("TLS handshake to wait until readable"); self:set(true, false); - self:setreadtimeout(cfg.ssl_handshake_timeout); + self:setwritetimeout(cfg.ssl_handshake_timeout); elseif err == "wantwrite" then self:noise("TLS handshake to wait until writable"); self:set(false, true); -- cgit v1.2.3