From 8d0d46462b44b0779e879a9c8200ad11a8e5d103 Mon Sep 17 00:00:00 2001 From: James Tucker Date: Fri, 23 Feb 2024 22:51:17 -0800 Subject: [PATCH] net/dns: timeout DOH requests after 10s without response headers If a client socket is remotely lost but the client is not sent an RST in response to the next request, the socket might sit in RTO for extended lengths of time, resulting in "no internet" for users. Instead, timeout after 10s, which will close the underlying socket, recovering from the situation more promptly. Updates #10967 Signed-off-by: James Tucker --- net/dns/resolver/forwarder.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/dns/resolver/forwarder.go b/net/dns/resolver/forwarder.go index 16c08a5ca..26bc6148c 100644 --- a/net/dns/resolver/forwarder.go +++ b/net/dns/resolver/forwarder.go @@ -405,6 +405,9 @@ func (f *forwarder) getKnownDoHClientForProvider(urlBase string) (c *http.Client Transport: &http.Transport{ ForceAttemptHTTP2: true, IdleConnTimeout: dohTransportTimeout, + // On mobile platforms TCP KeepAlive is disabled in the dialer, + // ensure that we timeout if the connection appears to be hung. + ResponseHeaderTimeout: 10 * time.Second, DialContext: func(ctx context.Context, netw, addr string) (net.Conn, error) { if !strings.HasPrefix(netw, "tcp") { return nil, fmt.Errorf("unexpected network %q", netw)