fix(ztls): fix hanging handshake by running in goroutine

[alsaibaiclaw]

Fixes #819

Problem

The tlsHandshakeWithTimeout function in pkg/tlsx/ztls/ztls.go was running the handshake synchronously within the select statement. This prevented the context timeout from being checked while the handshake was in progress, causing tlsx to hang indefinitely on certain network conditions.

Solution

Run the handshake in a separate goroutine and select between the error channel and the context timeout. This ensures the timeout is always respected.

Summary by CodeRabbit

• Refactor
  • Improved TLS connection timeout handling with more reliable connection closure during timeout scenarios.
  • Enhanced internal concurrency management for better timeout behavior and error handling.

[coderabbitai]

Walkthrough

The tlsHandshakeWithTimeout function (formerly tlsHandshakeWithCtx) in the TLS handshake logic has been refactored to use a dedicated goroutine for performing the handshake operation, with explicit timeout handling that closes the TLS connection on context cancellation.

Changes

Cohort / File(s)	Summary
TLS Handshake Timeout Refactor pkg/tlsx/ztls/ztls.go	Rewrote tlsHandshakeWithTimeout to spawn a separate goroutine for the handshake, improved timeout handling by explicitly closing the TLS connection on context cancellation, and changed from buffered channel send selection to direct channel read pattern for result handling.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A goroutine now dances with care,
No more shall timeouts leave us in despair,
With channels in sync and connections released,
The handshake completes—our hangs have ceased!
hop hop ✨

🚥 Pre-merge checks | ✅ 6

✅ Passed checks (6 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title directly and specifically describes the main change: fixing a hanging handshake by running it in a goroutine, which is the core solution in the changeset.
Linked Issues check	✅ Passed	The PR directly addresses issue #819 by implementing the core fix: running TLS handshake in a separate goroutine with proper timeout handling via context cancellation.
Out of Scope Changes check	✅ Passed	All changes are focused on fixing the TLS handshake timeout issue in ztls.go, directly addressing the linked issue with no unrelated modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

No actionable comments were generated in the recent review. 🎉

🧹 Recent nitpick comments

pkg/tlsx/ztls/ztls.go (1)

260-260: context.TODO() here means cipher enumeration handshakes have no timeout — same hang risk.

This is pre-existing and out of scope for this PR, but given that the fix targets hanging handshakes, consider passing a timeout-bound context here as well (similar to ConnectWithOptions at lines 118-122) in a follow-up.

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}