PR

Summary

Fixes #819 - tlsx hangs indefinitely when scanning large target lists (~25k+ hosts).

Root Cause Analysis

The primary issue was in tlsHandshakeWithTimeout in ztls/ztls.go. The select statement had:

select {

case <-ctx.Done():

    return error

case errChan <- tlsConn.Handshake():  // BLOCKING CALL!

}

This pattern is fundamentally broken because tlsConn.Handshake() is evaluated before the select can choose a case. If the handshake blocks forever (unresponsive server), the context timeout can never fire.

Additional issues:

  • Pool acquire operations used context.Background() with no timeout
  • defer cancel() inside loops leaked contexts
  • No periodic flush in file writer caused data loss on hang

Changes

ztls/ztls.go

  • Critical fix: Run Handshake() in a goroutine so select can properly monitor both the handshake completion AND context timeout
  • Close connection on timeout to unblock the handshake goroutine
  • Add timeout contexts to pool.Acquire() calls
  • Call cancel() immediately instead of defer in loops
  • Add nil checks for handshake log

tls/tls.go

  • Use HandshakeContext() for proper timeout handling (standard library support)
  • Add timeout contexts to pool.Acquire() calls
  • Fix context leak by immediate cancel

openssl/openssl.go

  • Create single timeout context for entire operation
  • Fix context leak in cipher enumeration loop

jarm/jarm.go

  • Add cancellable pool context
  • Add timeout to pool acquire operations

output/file_writer.go

  • Add periodic flush (every 100 writes) to prevent data loss if process hangs

Testing

  • Added pkg/tlsx/ztls/timeout_test.go with tests verifying timeout behavior
  • Tests pass: handshake correctly times out instead of hanging
  • Build passes
=== RUN   TestHandshakeTimeout

    timeout_test.go:85: handshake correctly timed out after 2.001193s

--- PASS: TestHandshakeTimeout (2.00s)

/claim #819

Summary by CodeRabbit

  • Bug Fixes

    • Improved file data flushing at regular intervals to reduce data loss risk.
    • Enhanced timeout handling in TLS operations to prevent indefinite hangs.
    • Better context management for concurrent connection operations.
    • More robust handling of failed connection acquisitions during cipher enumeration.

  • Tests

    • Added timeout validation tests for TLS handshakes and cipher enumeration.

Claim

Total prize pool $1,324
Total paid $0
Status Pending
Submitted February 03, 2026
Last updated February 03, 2026

Contributors

SI

Simplereally

@Simplereally

 100%

Sponsors

YO

youssefosama3820009-commits

@youssefosama3820009-commits

$1,224
PR

ProjectDiscovery

@projectdiscovery

$100