Non https connectiona on SSL-bump enabled port may stuck

This is can be seen on skype when try to connect to server using an
SSL-bump enabled squid port. Squid try to bump the connection, waiting for ever
the ssl protocol header, and skype client waits for ever  an answer from the
server.

This patch sets the timeout to Config.Timeout.request (request_timeout)

This is a Measurement Factory project

diff --git a/src/client_side.cc b/src/client_side.cc
index a9a5428c7ef4b3cfc4d86489d87136afb53e62c6..c5b9428e42cb98973a442992c67cf4f2ac273b40 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -3923,7 +3923,13 @@ ConnStateData::getSslContextDone(SSL_CTX * sslContext, bool isNew)
     if (!httpsCreate(clientConnection, sslContext))
         return;
 
-    // commSetConnTimeout() was called for this request before we switched.
+    // bumped intercepted conns should already have Config.Timeout.request set
+    // but forwarded connections may only have Config.Timeout.lifetime. [Re]set
+    // to make sure the connection does not get stuck on non-SSL clients.
+    typedef CommCbMemFunT<ConnStateData, CommTimeoutCbParams> TimeoutDialer;
+    AsyncCall::Pointer timeoutCall = JobCallback(33, 5, TimeoutDialer,
+                                                 this, ConnStateData::requestTimeout);
+    commSetConnTimeout(clientConnection, Config.Timeout.request, timeoutCall);
 
     // Disable the client read handler until CachePeer selection is complete
     Comm::SetSelect(clientConnection->fd, COMM_SELECT_READ, NULL, NULL, 0);