Non https connectiona on SSL-bump enabled port may stuck

This is can be seen on skype when try to connect to server using an
SSL-bump enabled squid port. Squid try to bump the connection, waiting
for ever
the ssl protocol header, and skype client waits for ever  an answer from
the
server.

This patch sets the timeout to Config.Timeout.request (request_timeout)

This is a Measurement Factory project

diff --git a/src/client_side.cc b/src/client_side.cc
index e4fae95f466358a0af340523dc8777dcbe5dfee2..98fa58bc5049fc1414153abc124c30f0f666c54f 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -3988,7 +3988,13 @@ ConnStateData::getSslContextDone(SSL_CTX * sslContext, bool isNew)
     if (!httpsCreate(clientConnection, sslContext))
         return;
 
-    // commSetConnTimeout() was called for this request before we switched.
+    // bumped intercepted conns should already have Config.Timeout.request set
+    // but forwarded connections may only have Config.Timeout.lifetime. [Re]set
+    // to make sure the connection does not get stuck on non-SSL clients.
+    typedef CommCbMemFunT<ConnStateData, CommTimeoutCbParams> TimeoutDialer;
+    AsyncCall::Pointer timeoutCall = JobCallback(33, 5, TimeoutDialer,
+                                     this, ConnStateData::requestTimeout);
+    commSetConnTimeout(clientConnection, Config.Timeout.request, timeoutCall);
 
     // Disable the client read handler until CachePeer selection is complete
     Comm::SetSelect(clientConnection->fd, COMM_SELECT_READ, NULL, NULL, 0);