search

programatik29 / axum-server

High level server designed to be used with axum framework.
MIT License
166 stars 54 forks source link

How to set up a timeout for TLS hasdshake #116

Open josecelano opened 3 months ago

josecelano commented 3 months ago

Relates to:

I'm using axum-server ina couple of projects and I would like to add a timeout for the TLS handshake.

I've seen that that feature was added here: https://github.com/programatik29/axum-server/pull/39. However, It seems the AddrIncomingConfig was removed. I don't see any example or documentation to set the tcp_keepalive duration in the latest version. Was that feature removed @programatik29?

Originally posted by @josecelano in https://github.com/programatik29/axum-server/issues/29#issuecomment-1997294299

josecelano commented 2 months ago

It seems it was removed on the migration to Hyper 1.0..

josecelano commented 2 months ago

I'm trying to determine how to set the timeout with the new version. It seems Hyper 1.0 supports adding the timeout.

I have been able to make at least Hyper panic with;

let mut server = axum_server::from_tcp(socket);
server.http_builder().http1().header_read_timeout(Duration::from_secs(5));
server.http_builder().http2().keep_alive_timeout(Duration::from_secs(5));

server
    .handle(handle)
    .serve(router.into_make_service_with_connect_info::<std::net::SocketAddr>())
    .await
    .expect("Axum server crashed.")

The panic message:

thread 'tokio-runtime-worker' panicked at /home/josecelano/.cargo/registry/src/index.crates.io-6f17d22bba15001f/hyper-1.2.0/src/common/time.rs:73:32:
timeout `header_read_timeout` set, but no timer set
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

I guess there is still something missing. I would appreciate an example of how you can set it up. In the meantime, I would keep trying. If I find the solution, I will open a PR with a new example.

cc @programatik29 @abs0luty

josecelano commented 2 months ago

I've managed to remove the panic with the following:

let mut server = axum_server::from_tcp(socket);

server.http_builder().http1().timer(TokioTimer::new());
server.http_builder().http1().header_read_timeout(Duration::from_secs(5));
server.http_builder().http2().keep_alive_timeout(Duration::from_secs(5));

server
    .handle(handle)
    .serve(router.into_make_service_with_connect_info::<std::net::SocketAddr>())
    .await
    .expect("Axum server crashed.")

But it's not working.

josecelano commented 2 months ago

I have created an example here:

https://github.com/josecelano/axum-server-timeout

I've only been able to set a timeout for sending the headers with header_read_timeout. But I want the server to close the connection if the client does not send any requests.

josecelano commented 2 months ago

Related to: https://github.com/torrust/torrust-tracker/issues/324#issuecomment-1548360076

josecelano commented 2 months ago

I've updated the example with the @programatik29's patch. It works partially because it closes the connection, but it does not return a 408 Request Timeout like ActixWeb.

josecelano commented 3 days ago

Relates to: https://github.com/tokio-rs/axum/issues/2741#issuecomment-2211117776

josecelano commented 3 days ago

There is a new hyper version 1.4.0 which changes the header_read_timeout