increase default network timeout #2542
Conversation
Signed-off-by: E3E <[email protected]>
Pull Request Test Coverage Report for Build 7529370954
💛 - Coveralls |
|
Hey @jku , can you take a look at this PR when you get a chance? thanks |
There was a problem hiding this comment.
I think this is good, however:
- There is a class docstring a few lines above this that now documents the wrong default value though -- I think that docstring sentence could be removed altogether so that the value isn't specified in two places (alternativelly the default settings could be made optional constructor arguments at which point their default values are documented by sphinx automatically)
- I'd really like it if the git commit message explained why the change is done. e.g.
trying to defend against slow retrieval attacks in a generic library is impossible but too low timeouts mean failures in high latency systems (like tests running on CI).
I'll leave the approval for someone else as this was my suggestion in the first place -- @lukpueh do you have an opinion?
|
Works for me. AFAICS, we already acknowledged the problems with and the resulting lack of slow retrieval protection (#932). So I don't think this patch has any real security implications. @NicholasTanz, can you please address @jku's comments? Happy to then approve. |
…is impossible but too low timeouts mean failures in high latency systems (like tests running on CI). Signed-off-by: E3E <[email protected]>
Signed-off-by: E3E <[email protected]>
yes sounds good, just made the changes @lukpueh |
Please fill in the fields below to submit a pull request. The more information
that is provided, the better.
Fixes #2442
Description of the changes being introduced by the pull request:
increase default network timeout from 4 sec to 30 sec.
Please verify and check that the pull request fulfills the following
requirements: