Page MenuHome GnuPG

Allow non-blocking connect with Tor
Testing, LowPublic

Description

Dirmngr uses a connect with timeout to allow for a shorter timeout than the TCP standard uses. Unfortunately we can't do that over Tor. To fix this we need timeout support in Libassuan's socks5_connect() function.

Related Objects

Event Timeline

werner lowered the priority of this task from Normal to Low.Jul 27 2017, 9:36 AM

assuan_sock_connect_byname may be extended to change the third argument (now int reserved) to unsigned int timeout.
It's a kind of API change, but ABI wise, the impact is minimum.

Then, internally in libassuan, socks5_connect may have timeout argument to support timeout behavior.

Why can't we keep the signed int? Do we ever need such a long timeout. We could for example define -1 as use default timeout.

I see the point of use of int.
For backward compatibility, the semantics of 0 should remain as default timeout (let kernel decide == 120 sec, usually), -1 would be meaning immediately (only success when local).

Actually, it's not 'connect' system call, but 'CONNECT' request which matters. The use of SOCKS in libassuan is that it always connects to SOCKS server at localhost.
So, other than the special case of erroneous configuration of TOR, introducing timeout handling to the initial connection to the SOCKS server makes less sense.

Timeout here should mean client side timeout for asking 'CONNECT' request to SOCKS server.