hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Default timeouts
Date Wed, 13 Jan 2016 09:58:06 GMT
On Tue, 2016-01-12 at 15:36 -0700, Shawn Heisey wrote:
> On 1/12/2016 9:06 AM, Oleg Kalnichevski wrote:
> > As of 4.4 HttpClient uses connect timeout value for SSL handshake by
> > default. I hope this should be enough to address your biggest concern. 
> >
> > I am a bit hesitant to set socket and connect timeouts to a positive
> > value by default as JRE default timeout values are 0 (no timeout).
> An opinion from someone of no consequence on this project:
> I think it would not be a big problem to have a nonzero default connect
> timeout, perhaps something between two and five minutes.  It could
> possibly go as low as one minute.
> A nonzero default socket timeout is more of a *possible* problem.  The
> majority of users would probably never notice, but it might be a very
> surprising and problematic change for some users.
> I'm not completely opposed to the idea, but my opinion about the default
> socket timeout value is that it should be relatively large, not less
> than five minutes, and perhaps 15 or 30.
> These changes would only be appropriate in the next *major* version, and
> it would need to be conspicuously documented, including the website,
> RELEASE_NOTES.txt, and perhaps other places.  Even well-documented, it
> will catch some users by surprise, but this is true of nearly *any* change.
> The values I have mentioned are much larger than the values Gaspard
> mentioned, but I believe it's better to have defaults that are longer
> than might be typical.  Users who don't change the defaults will have a
> safety net to prevent endless hangs, but the larger defaults will be
> less likely to cause problems due to unexpected timeouts.
> The safest option is to not change the defaults, but as already
> mentioned on the thread, this can lead to situations where user programs
> completely hang.

I agree. 

I suggest the following course of action: 

(*) enabled 3 minute connect timeout by default in 5.0. This should also
imply a 3 minute socket timeout for SSL handshakes.  
(*) leave request socket timeout disabled by default for now
(*) ask for feedback in the next 5.0 release announcement.


To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message