Add context arg to sanityCheckServer

As a bonus, the timeout now applies to the whole TLS dial
operation. Before the timeout only applied to the net dial
operation, making it possible for a bad server to stall the request
by making the TLS handshake extremely slow.
This commit is contained in:
Simon Ser 2021-11-17 12:10:40 +01:00
parent 2381e14d6a
commit 47c8ec5238

View File

@ -1030,12 +1030,15 @@ func (dc *downstreamConn) updateRealname() {
}
}
func sanityCheckServer(addr string) error {
dialer := net.Dialer{Timeout: 30 * time.Second}
conn, err := tls.DialWithDialer(&dialer, "tcp", addr, nil)
func sanityCheckServer(ctx context.Context, addr string) error {
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
defer cancel()
conn, err := new(tls.Dialer).DialContext(ctx, "tcp", addr)
if err != nil {
return err
}
return conn.Close()
}
@ -1130,7 +1133,7 @@ func (dc *downstreamConn) loadNetwork() error {
}
dc.logger.Printf("trying to connect to new network %q", addr)
if err := sanityCheckServer(addr); err != nil {
if err := sanityCheckServer(context.TODO(), addr); err != nil {
dc.logger.Printf("failed to connect to %q: %v", addr, err)
return ircError{&irc.Message{
Command: irc.ERR_PASSWDMISMATCH,