Ruby » Ruby master

Hello,

When connecting using TLS to an unresponsive SMTP server, Net::SMTP can hang until 10 minutes.

The issue is here, we should have a read timeout:

    def tlsconnect(s)
      verified = false
      s = ssl_socket(s, @ssl_context)
      logging "TLS connection started"
      s.sync_close = true
      s.connect
      if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
        s.post_connection_check(@address)
      end
      verified = true
      s
    ensure
      s.close unless verified
    end

To workaround the issue for the moment I used:

module Net
  class SMTP
    alias :original_tlsconnect :tlsconnect

    def tlsconnect(s)
      Timeout.timeout(@read_timeout, Net::ReadTimeout) { original_tlsconnect(s) }
    end
  end
end

Here the steps to reproduce the bug:

smtp = Net::SMTP.new('mail.example.com', 465)
smtp.read_timeout = 3
smtp.enable_tls
smtp.start('localhost.localdomain', 'medecins@example.com', '********') {}

Sorry for the credentials I can't provide this publicly, after testing with one failing server you will be able to see that the read timeout is ignored.
By failing server I mean an SMTPS server where you are able to open a connection but you can't read on the socket.

Working case:

smtp = Net::SMTP.new('mail.example.com', 465)
smtp.read_timeout = 3
smtp.start('localhost.localdomain', 'medecins@example.com', '********') {}

Without TLS it's ok!

If you have any questions, suggestions just ask, if I can help.