Skip Menu |

This queue is for tickets about the Net-HTTP CPAN distribution.

Report information
The Basics
Id: 72676
Status: resolved
Priority: 0/
Queue: Net-HTTP
People
Owner: Nobody in particular
Requestors: inguin [...] gmx.de
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed Nov 23 16:14:56 2011 inguin [...] gmx.de - Ticket created
Subject: Timeout still not working for HTTPS connections
Date: Wed, 23 Nov 2011 22:14:44 +0100
To: bug-Net-HTTP [...] rt.cpan.org
From: Ingo van Lil <inguin [...] gmx.de>
Hi, the socket timeout feature is still not fully functional for HTTPS/SSL sockets. Removing the NOP redefinition of sub blocking() improved things a little, but when communicating with a server that completes the SSL handshake but does not respond to the HTTP request the implementation will still block indefinitely. See my description in the Fedora bug tracker (https://bugzilla.redhat.com/show_bug.cgi?id=750793) for instructions how to reproduce the issue. I have tracked down the issue to the Net::HTTP::Methods::my_readline() method which simply retries the read in 100ms second intervals as long as EAGAIN is returned. The reason this is not a problem with HTTP is that LWP::Protocol::http::SocketMethods has a custom sysread() method which implements blocking-with-timeout behavior on a non-blocking socket. For HTTPS the sysread() implementation of the underlying socket class is used. Previously, when using Net::SSL as default socket class, the problem was worked around: The socket was never set to non-blocking and Net::SSL would schedule an alarm before every potentially blocking operation. I'm not sure where this problem should be fixed. Should IO::Socket::SSL implement timeout semantics on all operations? This would only make sense if the socket was used in blocking mode. Should Net::HTTP::Methods regard the socket timeout in all loops? Or should LWP::Protocol::https overwrite sysread() similar to what they do for http? Regards, Ingo
  Mon Jan 30 09:11:45 2012 Steffen_Ullrich [...] genua.de - Correspondence added
Am Mi 23. Nov 2011, 16:14:56, inguin@gmx.de schrieb: Show quoted text
> Hi, > > the socket timeout feature is still not fully functional for HTTPS/SSL > ... > I have tracked down the issue to the Net::HTTP::Methods::my_readline() > method which simply retries the read in 100ms second intervals as long > as EAGAIN is returned. > ... > I'm not sure where this problem should be fixed. Should IO::Socket::SSL > implement timeout semantics on all operations?
this would be contrary to what other IO::Socket classes do, which honor the timeout only for connect and accept. The attacht patch against Net::HTTP::Methods::my_readline fixes the problem for me. Regards, Steffen (IO::Socket::SSL maintainer)
Subject: Methods.pm.patch
--- /usr/share/perl5/Net/HTTP/Methods.pm 2011-03-20 12:36:18.000000000 +0100 +++ Net/HTTP/Methods.pm 2012-01-30 14:50:38.556611428 +0100 @@ -242,6 +242,7 @@ sub my_readline { my $self = shift; my $what = shift; + my $timeout = $self->timeout; for (${*$self}{'http_buf'}) { my $max_line_length = ${*$self}{'http_max_line_length'}; my $pos; @@ -255,6 +256,9 @@ # need to read more data to find a line ending READ: { + if ( my $to = ${*$self}{io_socket_timeout} ) { + die "read timeout" if ! $self->can_read($to); + } my $n = $self->sysread($_, 1024, length); unless (defined $n) { redo READ if $!{EINTR};
  Mon Jan 30 09:11:47 2012 The RT System itself - Status changed from 'new' to 'open'
  Mon Jan 30 09:55:22 2012 inguin [...] gmx.de - Correspondence added
Subject: Re: [rt.cpan.org #72676] Timeout still not working for HTTPS connections
Date: Mon, 30 Jan 2012 15:55:09 +0100
To: bug-Net-HTTP [...] rt.cpan.org
From: Ingo van Lil <inguin [...] gmx.de>
On 30/01/2012 15:11, Steffen Ullrich via RT wrote: Show quoted text
> The attacht patch against Net::HTTP::Methods::my_readline fixes the > problem for me.
Works for me. The first chunk looks useless, though. Thanks, Ingo
  Mon Feb 20 02:08:24 2012 Steffen_Ullrich [...] genua.de - Correspondence added
Subject: Re: Fwd: Re: [rt.cpan.org #72676] Timeout still not working for HTTPS connections
Date: Mon, 20 Feb 2012 08:08:05 +0100
To: bug-Net-HTTP [...] rt.cpan.org
From: Steffen Ullrich <Steffen_Ullrich [...] genua.de>
On 30/01/2012 15:11, Steffen Ullrich via RT wrote: Show quoted text
>
> > The attacht patch against Net::HTTP::Methods::my_readline fixes the > > problem for me.
> > Works for me. The first chunk looks useless, though.
Yes, the first chunk is useless. Regards, Steffen
  Tue Jul 10 11:56:05 2012 abraxxa [...] cpan.org - Correspondence added
I've hit that bug too, will the proposed patch be applied and a new version released to CPAN?
  Thu Nov 08 14:44:27 2012 GAAS [...] cpan.org - Correspondence added
 Applied as https://github.com/gisle/net-http/commit/88ecea4531de4178603a6453fc73e2cf2b53a6e5 and uploaded to CPAN as 6.04.

I copied the can_read method from LWP::Protocol::http in order to be able to actually use it here stand alone.
  Fri Nov 09 00:56:50 2012 GAAS [...] cpan.org - Correspondence added
 Released as 6.04
  Fri Nov 09 00:56:51 2012 GAAS [...] cpan.org - Status changed from 'open' to 'resolved'