WebSocket client handshaker to support "force close" after timeout

[kachayev]

Motivation:

RFC 6455 defines that, generally, a WebSocket client should not close a TCP
connection as far as a server is the one who's responsible for doing that.
In practice tho', it's not always possible to control the server. Server's
misbehavior may lead to connections being leaked (if the server does not
comply with the RFC).

RFC 6455 #7.1.1 says

In abnormal cases (such as not having received a TCP Close from the server
after a reasonable amount of time) a client MAY initiate the TCP Close.

Modifications:

• WebSocket client handshaker additional param forceCloseAfterMillis

• Switched off by default to keep backward compatibility

Result:

WebSocket client handshaker to comply with RFC. Fixes #8883.

---

Open questions/comments:

• I've implemented this as a WebSocketClientHandshaker functionality, not in handlers, as far as it's responsible for close.

• Nothing prevents you to call handshaker.close twice, in such a case only first timeout would be applied.

• Do we need to keep this feature switched OFF by default to ensure backward compatibility? I mean... it's hard to justify current implementation and I think 10 seconds default timeout should be enough to cover potential drawbacks. @normanmaurer WDYT?

• Testing is kind of clumsy... It's impossible to detect if the channel was closed because of timeout or because of the server or... whatever. Maybe I'm missing any better approach to test this?

[netty-bot]

Can one of the admins verify this patch?

[normanmaurer]

@kachayev its RFC6455 ;)

[kachayev]

@kachayev its RFC6455 ;)

@normanmaurer Copy-paste error ;)

[kachayev]

@normanmaurer Updated. I still think if need to cover this use case:

handshaker.setForceCloseTimeoutMillis(1_000).close(ch, new CloseWebsocketFrame());

It might be useful if the timeout depends on what happened during the communication (then I have no chance to setup it properly before the upgrade)... I just don't know how often you might need this in practice.

[normanmaurer]

@kachayev another alternative would be to allow to overload the method with a timeout.

[kachayev]

@normanmaurer Added setter to cover more use cases. Changed test to use an internal flag that indicated that the timeout was actually fired.

[normanmaurer]

/cc @vietj

[normanmaurer]

@netty-bot test this please

[normanmaurer]

@netty-bot test this please

[normanmaurer]

LGTM... just one nit

[normanmaurer]

@netty-bot test this please

[normanmaurer]

@trustin can you have a look as well please ?

[normanmaurer]

@netty-bot test this please

[trustin]

Switched off by default to keep backward compatibility

Probably better enabling by default with reasonable default? Leaky connection for backward compatibility doesn't sound right to me.

[normanmaurer]

@trustin sounds fine to me... maybe 3 seconds (which is also the default we use for SSL close notify) is ok ? Or do we want to use 10 seconds as we use for handshake timeout in SSL by default ?

[trustin]

Mostly nits.

[trustin]

Not a WebSocket expert. 😅 Leaving it up to @kachayev 😆

[normanmaurer]

@slandelle can you have a look as well ?

[kachayev]

@trustin

enabling by default

Absolutely, 100% for it. I will put 10 seconds to stay consistent with SSL handshake timeouts.

[slandelle]

2 small nits. LGTM otherwise!

[kachayev]

@trustin @slandelle Pushed changes, thanks for the review!

[normanmaurer]

@trustin PTAL again

[normanmaurer]

@netty-bot test this please

[normanmaurer]

@kachayev thanks a lot!