Need to increase the TLSHandshakeTimeout

[jh-chrysos]

Is your feature request related to a problem? Please describe.

I am trying to set TLSHandshakeTimeout on the http.Client but it does not seem to be possible.

Describe the solution you'd like

I thought something like this should work:

client := &gosip.SPClient{
    Client: http.Client{
        Transport: &http.Transport{TLSHandshakeTimeout: 25 * time.Second},
    }, 
    AuthCnfg: authCnfg,
}

However it seems (empirically) that the timeout is not respected, I guess the http.Client part of SPClient is recreated at some stage. I have tried tracing it through but I have trouble tracing through all the layers.

Describe alternatives you've considered

I have made this work by replacing http.DefaultTransport but obviously this is a global, and thus poor solution.

[koltyakov]

What auth strategy are you trying it this?

I potentially see only NTLM auth where the transport is reshaped.

[jh-chrysos]

I am using auth/saml

[koltyakov]

I understood why it's happening.

Do you have a quick way to test if a change works for you?

Published a change to the DEV branch. To install go get -u github.com/koltyakov/gosip@dev.

[jh-chrysos]

Hi @koltyakov ,

Thank you very much, I've tested and this works perfectly.

[koltyakov]

Thanks for the feedback. I also run some tests (not only those integration) the change looks good to be pushed to main branch. Doing it now.