From 3bcd4acb48e3efb0fa11b63d35b75346ad7ee7c7 Mon Sep 17 00:00:00 2001
From: Martin Ashby <martin@ashbysoft.com>
Date: Thu, 19 Feb 2026 12:18:28 +0000
Subject: [PATCH] change some default settings inline with what the golang
 default http client settings are

hoping to avoid some odd behaviour around idle connections
---
 build-and-push-images.sh |  2 +-
 main.go                  | 19 +++++++++++--------
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/build-and-push-images.sh b/build-and-push-images.sh
index 5595a68..713279a 100755
--- a/build-and-push-images.sh
+++ b/build-and-push-images.sh
@@ -3,6 +3,6 @@
 ## Pushes to PKB private repository, change the registry if you want to push it elsewhere
 
 ## Increment this number when you push a new image
-VERSION=8
+VERSION=9-MFATEST
 docker build . -t "europe-docker.pkg.dev/infra-240614/eu.gcr.io/regproxy2:$VERSION"
 docker push "europe-docker.pkg.dev/infra-240614/eu.gcr.io/regproxy2:$VERSION"
diff --git a/main.go b/main.go
index 0d9d7d9..326151c 100644
--- a/main.go
+++ b/main.go
@@ -332,10 +332,13 @@ func NewRegProxy(
 	}
 	client := &http.Client{
 		Transport: &http.Transport{
-			Proxy:           http.ProxyFromEnvironment,
-			DialContext:     dc,
-			MaxIdleConns:    int(*clientMaxIdleConnections),
-			IdleConnTimeout: *clientMaxIdleTimeout,
+			Proxy:                 http.ProxyFromEnvironment,
+			DialContext:           dc,
+			ForceAttemptHTTP2:     false,
+			MaxIdleConns:          int(*clientMaxIdleConnections),
+			IdleConnTimeout:       *clientMaxIdleTimeout,
+			TLSHandshakeTimeout:   10 * time.Second,
+			ExpectContinueTimeout: 1 * time.Second,
 		},
 		Timeout: *clientHttpTimeout,
 	}
@@ -359,10 +362,10 @@ func main() {
 	serverReadTimeout := flag.Duration("server-read-timeout", 1*time.Second, "server read timeout")
 	serverWriteTimeout := flag.Duration("server-write-timeout", 40*time.Second, "server write timeout")
 	clientHttpTimeout := flag.Duration("client-http-timeout", 40*time.Second, "client timeout (for upstreams)")
-	clientDialTimeout := flag.Duration("client-dial-timeout", 1*time.Second, "client dialer timeout")
-	clientKeepAliveInterval := flag.Duration("client-keep-alive-interval", -1*time.Second, "client keep-alive interval")
-	clientMaxIdleConnections := flag.Int64("client-max-idle-conns", 1, "client max idle connections (for connection pooling)")
-	clientMaxIdleTimeout := flag.Duration("client-max-idle-timeout", 1*time.Second, "client idle connection timeout (for connection pooling)")
+	clientDialTimeout := flag.Duration("client-dial-timeout", 30*time.Second, "client dialer timeout")
+	clientKeepAliveInterval := flag.Duration("client-keep-alive-interval", 30*time.Second, "client keep-alive interval")
+	clientMaxIdleConnections := flag.Int64("client-max-idle-conns", 100, "client max idle connections (for connection pooling)")
+	clientMaxIdleTimeout := flag.Duration("client-max-idle-timeout", 90*time.Second, "client idle connection timeout (for connection pooling)")
 	useDnsCachePtr := flag.Bool("use-dns-cache", true, "use an internal DNS cache")
 	dnsCacheRefresh := flag.Duration("dns-cache-refresh", 100*time.Hour, "interval for refrshing DNS cache")
 	dnsLookupTimeout := flag.Duration("dns-lookup-timeout", 5*time.Second, "timeout for DNS lookups")