sad/soju
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add context arg to sanityCheckServer

Browse Source 
As a bonus, the timeout now applies to the whole TLS dial
operation. Before the timeout only applied to the net dial
operation, making it possible for a bad server to stall the request
by making the TLS handshake extremely slow.
This commit is contained in:
Simon Ser 2021-11-17 12:10:40 +01:00
parent 2381e14d6a
commit 47c8ec5238
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
downstream.go
View File

@ -1030,12 +1030,15 @@ func (dc *downstreamConn) updateRealname() {
} }
} }
func sanityCheckServer(addr string) error { func sanityCheckServer(ctx context.Context, addr string) error {
dialer := net.Dialer{Timeout: 30 * time.Second} ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
conn, err := tls.DialWithDialer(&dialer, "tcp", addr, nil) defer cancel()
conn, err := new(tls.Dialer).DialContext(ctx, "tcp", addr)
if err != nil { if err != nil {
return err return err
} }
return conn.Close() return conn.Close()
} }
@ -1130,7 +1133,7 @@ func (dc *downstreamConn) loadNetwork() error {
} }
dc.logger.Printf("trying to connect to new network %q", addr) dc.logger.Printf("trying to connect to new network %q", addr)
if err := sanityCheckServer(addr); err != nil { if err := sanityCheckServer(context.TODO(), addr); err != nil {
dc.logger.Printf("failed to connect to %q: %v", addr, err) dc.logger.Printf("failed to connect to %q: %v", addr, err)
return ircError{&irc.Message{ return ircError{&irc.Message{
Command: irc.ERR_PASSWDMISMATCH, Command: irc.ERR_PASSWDMISMATCH,