HttpClientBuilder::connect_timeout covers only the TCP connect; DNS resolution and the TLS handshake are unbounded unless the caller sets a per-call timeout. The shared Http2Connection transport has no connect-timeout knob at all: the TCP connect, TLS handshake, and HTTP/2 preface (connectrpc/src/client/http2.rs) all run without a time bound inside the reconnect state machine, so a server that accepts the connection but stalls during the handshake also stalls poll_ready for every other caller sharing that transport.
Proposed work:
- Add a handshake timeout covering TLS and the HTTP/2 preface on both client transports (mirroring the server-side TLS handshake timeout).
- Give
Http2Connection a connect-timeout option.
- Document that
CallOptions::with_timeout remains the end-to-end bound.
HttpClientBuilder::connect_timeoutcovers only the TCP connect; DNS resolution and the TLS handshake are unbounded unless the caller sets a per-call timeout. The sharedHttp2Connectiontransport has no connect-timeout knob at all: the TCP connect, TLS handshake, and HTTP/2 preface (connectrpc/src/client/http2.rs) all run without a time bound inside the reconnect state machine, so a server that accepts the connection but stalls during the handshake also stallspoll_readyfor every other caller sharing that transport.Proposed work:
Http2Connectiona connect-timeout option.CallOptions::with_timeoutremains the end-to-end bound.