On 09/11/2017 05:05 AM, Steve Hill wrote: > Connections should have a reasonably short timeout during the TLS > handshake - if a client hasn't completed the handshake and made an HTTP > request over the encrypted connection within a few seconds, something is > broken and Squid should tear down the connection.
"Few seconds" would be too aggressive for a _default_ value IMO, but, with recent Squids, you should be able to tune request_start_timeout to match _your_ environment. If not, file a bug report. > Amos has said he believes the connections should eventually time out > (via the request_timeout option) but I don't think this is the case. Then it is a bug worth reporting IMHO. FWIW, IIRC, there have been some fixes to request_timeout (when request_start_timeout was added?) in recent Squids, but I have not investigated the details or checked whether those fixes (if any) were backported to Squid v3. Alex. _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
