Project

General

Profile

Bug #13429

Net::SMTP has no read timeout when connexion over TLS

Added by keysen (Jérémy Carlier) over 3 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Normal
Target version:
-
[ruby-core:80668]

Description

Hello,

When connecting using TLS to an unresponsive SMTP server, Net::SMTP can hang until 10 minutes.

The issue is here, we should have a read timeout:

    def tlsconnect(s)
      verified = false
      s = ssl_socket(s, @ssl_context)
      logging "TLS connection started"
      s.sync_close = true
      s.connect
      if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
        s.post_connection_check(@address)
      end
      verified = true
      s
    ensure
      s.close unless verified
    end

To workaround the issue for the moment I used:

module Net
  class SMTP
    alias :original_tlsconnect :tlsconnect

    def tlsconnect(s)
      Timeout.timeout(@read_timeout, Net::ReadTimeout) { original_tlsconnect(s) }
    end
  end
end

Here the steps to reproduce the bug:

smtp = Net::SMTP.new('mail.example.com', 465)
smtp.read_timeout = 3
smtp.enable_tls
smtp.start('localhost.localdomain', 'medecins@example.com', '********') {}

Sorry for the credentials I can't provide this publicly, after testing with one failing server you will be able to see that the read timeout is ignored.
By failing server I mean an SMTPS server where you are able to open a connection but you can't read on the socket.

Working case:

smtp = Net::SMTP.new('mail.example.com', 465)
smtp.read_timeout = 3
smtp.start('localhost.localdomain', 'medecins@example.com', '********') {}

Without TLS it's ok!

If you have any questions, suggestions just ask, if I can help.


Related issues

Is duplicate of Ruby master - Bug #12678: No way to set a timeout for TLS handshake when using Net::SMTPClosedshugo (Shugo Maeda)Actions
#1

Updated by shugo (Shugo Maeda) about 3 years ago

  • Is duplicate of Bug #12678: No way to set a timeout for TLS handshake when using Net::SMTP added

Updated by shugo (Shugo Maeda) about 3 years ago

  • Assignee set to usa (Usaku NAKAMURA)

keysen (Jérémy Carlier) wrote:

When connecting using TLS to an unresponsive SMTP server, Net::SMTP can hang until 10 minutes.

In Ruby 2.4, open_timeout affects TLS handshake.
I'm not sure whether it should be backported to 2.3.

What do you think, usa-san?

#3

Updated by hsbt (Hiroshi SHIBATA) about 3 years ago

  • Status changed from Open to Assigned

Updated by usa (Usaku NAKAMURA) about 3 years ago

  • Backport changed from 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN to 2.2: UNKNOWN, 2.3: REQUIRED, 2.4: DONE
  • Status changed from Assigned to Closed

Ok, I'll backport this later.

Updated by usa (Usaku NAKAMURA) almost 3 years ago

  • Backport changed from 2.2: UNKNOWN, 2.3: REQUIRED, 2.4: DONE to 2.2: UNKNOWN, 2.3: DONE, 2.4: DONE

ruby_2_3 r59533 merged revision(s) 56576,56623.

Also available in: Atom PDF