Merge pull request #723 from smallstep/keep-alive

Use Golang's default keepalive.

ca/tls.go

@@ -279,9 +279,9 @@ func getDefaultTLSConfig(sign *api.SignResponse) *tls.Config {
 
 // getDefaultDialer returns a new dialer with the default configuration.
 func getDefaultDialer() *net.Dialer {
+	// With the KeepAlive parameter set to 0, it will be use Golang's default.
 	return &net.Dialer{
-		Timeout:   30 * time.Second,
-		KeepAlive: 30 * time.Second,
+		Timeout: 30 * time.Second,
 	}
 }
 

examples/basic-client/client.go

@@ -116,7 +116,6 @@ func main() {
 			Proxy: http.ProxyFromEnvironment,
 			DialContext: (&net.Dialer{
 				Timeout:   30 * time.Second,
-				KeepAlive: 30 * time.Second,
 				DualStack: true,
 			}).DialContext,
 			MaxIdleConns:          100,

server/server.go

@@ -72,10 +72,10 @@ func (srv *Server) Serve(ln net.Listener) error {
 		// Start server
 		if srv.TLSConfig == nil || (len(srv.TLSConfig.Certificates) == 0 && srv.TLSConfig.GetCertificate == nil) {
 			log.Printf("Serving HTTP on %s ...", srv.Addr)
-			err = srv.Server.Serve(tcpKeepAliveListener{ln.(*net.TCPListener)})
+			err = srv.Server.Serve(ln)
 		} else {
 			log.Printf("Serving HTTPS on %s ...", srv.Addr)
-			err = srv.Server.ServeTLS(tcpKeepAliveListener{ln.(*net.TCPListener)}, "", "")
+			err = srv.Server.ServeTLS(ln, "", "")
 		}
 
 		// log unexpected errors
@@ -155,21 +155,3 @@ func (srv *Server) Forbidden(w http.ResponseWriter) {
 	w.WriteHeader(http.StatusForbidden)
 	w.Write([]byte("Forbidden.\n"))
 }
-
-// tcpKeepAliveListener sets TCP keep-alive timeouts on accepted
-// connections. It's used by ListenAndServe and ListenAndServeTLS so
-// dead TCP connections (e.g. closing laptop mid-download) eventually
-// go away.
-type tcpKeepAliveListener struct {
-	*net.TCPListener
-}
-
-func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) {
-	tc, err := ln.AcceptTCP()
-	if err != nil {
-		return
-	}
-	tc.SetKeepAlive(true)
-	tc.SetKeepAlivePeriod(3 * time.Minute)
-	return tc, nil
-}