When a TLS channel is active, it is possible to block all further TLS connections by opening a TCP connection that never completes the TLS handshake.
This is because the TLS channel would handle incoming connections sequentially and wait indefinitely on the sslStream.AuthenticateAsServer(m_serverCertificate) until the client also calls the corresponding AuthenticateAsClient() which will never happen.
My PR fixes this by handling all connection atttempts concurrently, and also adds a timeout to close the ssl stream to prevent the incomplete connection from clogging resources
To reproduce the issue, open a TCP client and target the TLS channel's ip:port.
While the TCP client is active, try to establish a TLS connection (such as sending a REGISTER request over TLS)
The TLS connection would not be establish until the TCP client's connection was closed by the client.
When a TLS channel is active, it is possible to block all further TLS connections by opening a TCP connection that never completes the TLS handshake. This is because the TLS channel would handle incoming connections sequentially and wait indefinitely on the
sslStream.AuthenticateAsServer(m_serverCertificate)until the client also calls the correspondingAuthenticateAsClient()which will never happen.My PR fixes this by handling all connection atttempts concurrently, and also adds a timeout to close the ssl stream to prevent the incomplete connection from clogging resources
To reproduce the issue, open a TCP client and target the TLS channel's ip:port. While the TCP client is active, try to establish a TLS connection (such as sending a REGISTER request over TLS) The TLS connection would not be establish until the TCP client's connection was closed by the client.