Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to set up a timeout for TLS hasdshake #116

Open
josecelano opened this issue Apr 8, 2024 · 10 comments
Open

How to set up a timeout for TLS hasdshake #116

josecelano opened this issue Apr 8, 2024 · 10 comments

Comments

@josecelano
Copy link

josecelano commented Apr 8, 2024

Relates to:

I'm using axum-server ina couple of projects and I would like to add a timeout for the TLS handshake.

I've seen that that feature was added here: #39. However, It seems the AddrIncomingConfig was removed. I don't see any example or documentation to set the tcp_keepalive duration in the latest version. Was that feature removed @programatik29?

Originally posted by @josecelano in #29 (comment)

@josecelano
Copy link
Author

It seems it was removed on the migration to Hyper 1.0..

@josecelano
Copy link
Author

josecelano commented Apr 16, 2024

I'm trying to determine how to set the timeout with the new version. It seems Hyper 1.0 supports adding the timeout.

I have been able to make at least Hyper panic with;

let mut server = axum_server::from_tcp(socket);
server.http_builder().http1().header_read_timeout(Duration::from_secs(5));
server.http_builder().http2().keep_alive_timeout(Duration::from_secs(5));

server
    .handle(handle)
    .serve(router.into_make_service_with_connect_info::<std::net::SocketAddr>())
    .await
    .expect("Axum server crashed.")

The panic message:

thread 'tokio-runtime-worker' panicked at /home/josecelano/.cargo/registry/src/index.crates.io-6f17d22bba15001f/hyper-1.2.0/src/common/time.rs:73:32:
timeout `header_read_timeout` set, but no timer set
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

I guess there is still something missing. I would appreciate an example of how you can set it up. In the meantime, I would keep trying. If I find the solution, I will open a PR with a new example.

cc @programatik29 @abs0luty

@josecelano
Copy link
Author

I've managed to remove the panic with the following:

let mut server = axum_server::from_tcp(socket);

server.http_builder().http1().timer(TokioTimer::new());
server.http_builder().http1().header_read_timeout(Duration::from_secs(5));
server.http_builder().http2().keep_alive_timeout(Duration::from_secs(5));

server
    .handle(handle)
    .serve(router.into_make_service_with_connect_info::<std::net::SocketAddr>())
    .await
    .expect("Axum server crashed.")

But it's not working.

@josecelano
Copy link
Author

josecelano commented Apr 17, 2024

I have created an example here:

https://github.com/josecelano/axum-server-timeout

I've only been able to set a timeout for sending the headers with header_read_timeout. But I want the server to close the connection if the client does not send any requests.

@josecelano
Copy link
Author

Related to: torrust/torrust-tracker#324 (comment)

@josecelano
Copy link
Author

I've updated the example with the @programatik29's patch. It works partially because it closes the connection, but it does not return a 408 Request Timeout like ActixWeb.

@josecelano
Copy link
Author

Relates to: tokio-rs/axum#2741 (comment)

@josecelano
Copy link
Author

There is a new hyper version 1.4.0 which changes the header_read_timeout

@finnbear
Copy link
Contributor

The TLS handshake timeout for bind_rustls still exists but is always 10s:

#[cfg(not(test))]
let handshake_timeout = Duration::from_secs(10);

AddrIncomingConfig, now removed, was a completely separate PR

@josecelano
Copy link
Author

The TLS handshake timeout for bind_rustls still exists but is always 10s:

#[cfg(not(test))]
let handshake_timeout = Duration::from_secs(10);

AddrIncomingConfig, now removed, was a completely separate PR

Hi @finnbear thank your feedback. In the end, it was not precisely the handshake timeout that I was trying to find. I want to set a timeout for the time the server waits after opening a connection for the first request to come. I implemented this example to reproduce what I wan to achieve:

https://github.com/josecelano/axum-server-timeout

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants