diff --git a/docs/CONFIG_PARAMS.en.md b/docs/CONFIG_PARAMS.en.md
index 7d708a0..504b0f8 100644
--- a/docs/CONFIG_PARAMS.en.md
+++ b/docs/CONFIG_PARAMS.en.md
@@ -2466,8 +2466,8 @@ Note: This section also accepts the legacy alias `[server.admin_api]` (same sche
| [`mask_shape_above_cap_blur`](#cfg-censorship-mask_shape_above_cap_blur) | `bool` | `false` |
| [`mask_shape_above_cap_blur_max_bytes`](#cfg-censorship-mask_shape_above_cap_blur_max_bytes) | `usize` | `512` |
| [`mask_relay_max_bytes`](#cfg-censorship-mask_relay_max_bytes) | `usize` | `5242880` |
-| [`mask_relay_timeout_secs`](#cfg-censorship-mask_relay_timeout_secs) | `u64` | `60` |
-| [`mask_relay_idle_timeout_secs`](#cfg-censorship-mask_relay_idle_timeout_secs) | `u64` | `5` |
+| [`mask_relay_timeout_ms`](#cfg-censorship-mask_relay_timeout_ms) | `u64` | `60_000` |
+| [`mask_relay_idle_timeout_ms`](#cfg-censorship-mask_relay_idle_timeout_ms) | `u64` | `5_000` |
| [`mask_classifier_prefetch_timeout_ms`](#cfg-censorship-mask_classifier_prefetch_timeout_ms) | `u64` | `5` |
| [`mask_timing_normalization_enabled`](#cfg-censorship-mask_timing_normalization_enabled) | `bool` | `false` |
| [`mask_timing_normalization_floor_ms`](#cfg-censorship-mask_timing_normalization_floor_ms) | `u64` | `0` |
@@ -2738,25 +2738,25 @@ Note: This section also accepts the legacy alias `[server.admin_api]` (same sche
[censorship]
mask_relay_max_bytes = 5242880
```
-
-- `mask_relay_timeout_secs`
- - **Constraints / validation**: Should be `>= mask_relay_idle_timeout_secs`.
- - **Description**: Wall-clock cap (seconds) for the full masking relay on non-MTProto fallback paths. Raise when the mask target is a long-lived service (e.g. WebSocket).
+
+- `mask_relay_timeout_ms`
+ - **Constraints / validation**: Should be `>= mask_relay_idle_timeout_ms`.
+ - **Description**: Wall-clock cap (ms) for the full masking relay on non-MTProto fallback paths. Raise when the mask target is a long-lived service (e.g. WebSocket). Default: 60 000 ms (60 s).
- **Example**:
```toml
[censorship]
- mask_relay_timeout_secs = 60
+ mask_relay_timeout_ms = 60000
```
-
-- `mask_relay_idle_timeout_secs`
- - **Constraints / validation**: Should be `<= mask_relay_timeout_secs`.
- - **Description**: Per-read idle timeout (seconds) on masking relay and drain paths. Limits resource consumption by slow-loris attacks and port scanners. A read call stalling beyond this value is treated as an abandoned connection.
+
+- `mask_relay_idle_timeout_ms`
+ - **Constraints / validation**: Should be `<= mask_relay_timeout_ms`.
+ - **Description**: Per-read idle timeout (ms) on masking relay and drain paths. Limits resource consumption by slow-loris attacks and port scanners. A read call stalling beyond this value is treated as an abandoned connection. Default: 5 000 ms (5 s).
- **Example**:
```toml
[censorship]
- mask_relay_idle_timeout_secs = 5
+ mask_relay_idle_timeout_ms = 5000
```
- `mask_classifier_prefetch_timeout_ms`
diff --git a/src/config/defaults.rs b/src/config/defaults.rs
index 847731e..8eebe6c 100644
--- a/src/config/defaults.rs
+++ b/src/config/defaults.rs
@@ -616,23 +616,23 @@ pub(crate) fn default_mask_relay_max_bytes() -> usize {
}
#[cfg(not(test))]
-pub(crate) fn default_mask_relay_timeout_secs() -> u64 {
- 60
+pub(crate) fn default_mask_relay_timeout_ms() -> u64 {
+ 60_000
}
#[cfg(test)]
-pub(crate) fn default_mask_relay_timeout_secs() -> u64 {
- 10
+pub(crate) fn default_mask_relay_timeout_ms() -> u64 {
+ 200
}
#[cfg(not(test))]
-pub(crate) fn default_mask_relay_idle_timeout_secs() -> u64 {
- 5
+pub(crate) fn default_mask_relay_idle_timeout_ms() -> u64 {
+ 5_000
}
#[cfg(test)]
-pub(crate) fn default_mask_relay_idle_timeout_secs() -> u64 {
- 1
+pub(crate) fn default_mask_relay_idle_timeout_ms() -> u64 {
+ 100
}
pub(crate) fn default_mask_classifier_prefetch_timeout_ms() -> u64 {
diff --git a/src/config/hot_reload.rs b/src/config/hot_reload.rs
index cb8d47e..61c36eb 100644
--- a/src/config/hot_reload.rs
+++ b/src/config/hot_reload.rs
@@ -611,9 +611,8 @@ fn warn_non_hot_changes(old: &ProxyConfig, new: &ProxyConfig, non_hot_changed: b
|| old.censorship.mask_shape_above_cap_blur_max_bytes
!= new.censorship.mask_shape_above_cap_blur_max_bytes
|| old.censorship.mask_relay_max_bytes != new.censorship.mask_relay_max_bytes
- || old.censorship.mask_relay_timeout_secs != new.censorship.mask_relay_timeout_secs
- || old.censorship.mask_relay_idle_timeout_secs
- != new.censorship.mask_relay_idle_timeout_secs
+ || old.censorship.mask_relay_timeout_ms != new.censorship.mask_relay_timeout_ms
+ || old.censorship.mask_relay_idle_timeout_ms != new.censorship.mask_relay_idle_timeout_ms
|| old.censorship.mask_classifier_prefetch_timeout_ms
!= new.censorship.mask_classifier_prefetch_timeout_ms
|| old.censorship.mask_timing_normalization_enabled
diff --git a/src/config/types.rs b/src/config/types.rs
index 273512d..302d8ee 100644
--- a/src/config/types.rs
+++ b/src/config/types.rs
@@ -1688,14 +1688,16 @@ pub struct AntiCensorshipConfig {
/// Wall-clock cap for the full masking relay on non-MTProto fallback paths.
/// Raise when the mask target is a long-lived service (e.g. WebSocket).
- #[serde(default = "default_mask_relay_timeout_secs")]
- pub mask_relay_timeout_secs: u64,
+ /// Default: 60 000 ms (60 s).
+ #[serde(default = "default_mask_relay_timeout_ms")]
+ pub mask_relay_timeout_ms: u64,
/// Per-read idle timeout on masking relay and drain paths.
/// Limits resource consumption by slow-loris attacks and port scanners.
/// A read call stalling beyond this is treated as an abandoned connection.
- #[serde(default = "default_mask_relay_idle_timeout_secs")]
- pub mask_relay_idle_timeout_secs: u64,
+ /// Default: 5 000 ms (5 s).
+ #[serde(default = "default_mask_relay_idle_timeout_ms")]
+ pub mask_relay_idle_timeout_ms: u64,
/// Prefetch timeout (ms) for extending fragmented masking classifier window.
#[serde(default = "default_mask_classifier_prefetch_timeout_ms")]
@@ -1742,8 +1744,8 @@ impl Default for AntiCensorshipConfig {
mask_shape_above_cap_blur: default_mask_shape_above_cap_blur(),
mask_shape_above_cap_blur_max_bytes: default_mask_shape_above_cap_blur_max_bytes(),
mask_relay_max_bytes: default_mask_relay_max_bytes(),
- mask_relay_timeout_secs: default_mask_relay_timeout_secs(),
- mask_relay_idle_timeout_secs: default_mask_relay_idle_timeout_secs(),
+ mask_relay_timeout_ms: default_mask_relay_timeout_ms(),
+ mask_relay_idle_timeout_ms: default_mask_relay_idle_timeout_ms(),
mask_classifier_prefetch_timeout_ms: default_mask_classifier_prefetch_timeout_ms(),
mask_timing_normalization_enabled: default_mask_timing_normalization_enabled(),
mask_timing_normalization_floor_ms: default_mask_timing_normalization_floor_ms(),
diff --git a/src/proxy/masking.rs b/src/proxy/masking.rs
index c346b88..d49e4c3 100644
--- a/src/proxy/masking.rs
+++ b/src/proxy/masking.rs
@@ -643,8 +643,8 @@ pub async fn handle_bad_client(
beobachten.record(client_type, peer.ip(), ttl);
}
- let relay_timeout = Duration::from_secs(config.censorship.mask_relay_timeout_secs);
- let idle_timeout = Duration::from_secs(config.censorship.mask_relay_idle_timeout_secs);
+ let relay_timeout = Duration::from_millis(config.censorship.mask_relay_timeout_ms);
+ let idle_timeout = Duration::from_millis(config.censorship.mask_relay_idle_timeout_ms);
if !config.censorship.mask {
// Masking disabled, just consume data