add default timeout
This commit is contained in:
ginuerzh
parent
89584a3a33
commit
d3b03e4231
8
obfs.go
8
obfs.go
@ -320,6 +320,14 @@ func (tr *obfs4Transporter) Handshake(conn net.Conn, options ...HandshakeOption)
|
|||||||
for _, option := range options {
|
for _, option := range options {
|
||||||
option(opts)
|
option(opts)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
timeout := opts.Timeout
|
||||||
|
if timeout <= 0 {
|
||||||
|
timeout = HandshakeTimeout
|
||||||
|
}
|
||||||
|
conn.SetDeadline(time.Now().Add(timeout))
|
||||||
|
defer conn.SetDeadline(time.Time{})
|
||||||
|
|
||||||
return obfs4ClientConn(opts.Addr, conn)
|
return obfs4ClientConn(opts.Addr, conn)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
21
ssh.go
21
ssh.go
@ -40,10 +40,24 @@ func SSHDirectForwardConnector() Connector {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *sshDirectForwardConnector) Connect(conn net.Conn, raddr string, options ...ConnectOption) (net.Conn, error) {
|
func (c *sshDirectForwardConnector) Connect(conn net.Conn, raddr string, options ...ConnectOption) (net.Conn, error) {
|
||||||
|
opts := &ConnectOptions{}
|
||||||
|
for _, option := range options {
|
||||||
|
option(opts)
|
||||||
|
}
|
||||||
|
|
||||||
cc, ok := conn.(*sshNopConn) // TODO: this is an ugly type assertion, need to find a better solution.
|
cc, ok := conn.(*sshNopConn) // TODO: this is an ugly type assertion, need to find a better solution.
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, errors.New("ssh: wrong connection type")
|
return nil, errors.New("ssh: wrong connection type")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
timeout := opts.Timeout
|
||||||
|
if timeout <= 0 {
|
||||||
|
timeout = ConnectTimeout
|
||||||
|
}
|
||||||
|
|
||||||
|
cc.session.conn.SetDeadline(time.Now().Add(timeout))
|
||||||
|
defer cc.session.conn.SetDeadline(time.Time{})
|
||||||
|
|
||||||
conn, err := cc.session.client.Dial("tcp", raddr)
|
conn, err := cc.session.client.Dial("tcp", raddr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Logf("[ssh-tcp] %s -> %s : %s", cc.session.addr, raddr, err)
|
log.Logf("[ssh-tcp] %s -> %s : %s", cc.session.addr, raddr, err)
|
||||||
@ -177,6 +191,9 @@ func (tr *sshForwardTransporter) Handshake(conn net.Conn, options ...HandshakeOp
|
|||||||
tr.sessionMutex.Lock()
|
tr.sessionMutex.Lock()
|
||||||
defer tr.sessionMutex.Unlock()
|
defer tr.sessionMutex.Unlock()
|
||||||
|
|
||||||
|
conn.SetDeadline(time.Now().Add(timeout))
|
||||||
|
defer conn.SetDeadline(time.Time{})
|
||||||
|
|
||||||
session, ok := tr.sessions[opts.Addr]
|
session, ok := tr.sessions[opts.Addr]
|
||||||
if !ok || session.client == nil {
|
if !ok || session.client == nil {
|
||||||
sshConn, chans, reqs, err := ssh.NewClientConn(conn, opts.Addr, &config)
|
sshConn, chans, reqs, err := ssh.NewClientConn(conn, opts.Addr, &config)
|
||||||
@ -269,7 +286,6 @@ func (tr *sshTunnelTransporter) Handshake(conn net.Conn, options ...HandshakeOpt
|
|||||||
}
|
}
|
||||||
|
|
||||||
config := ssh.ClientConfig{
|
config := ssh.ClientConfig{
|
||||||
Timeout: timeout,
|
|
||||||
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
|
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
|
||||||
}
|
}
|
||||||
// TODO: support pubkey auth.
|
// TODO: support pubkey auth.
|
||||||
@ -284,6 +300,9 @@ func (tr *sshTunnelTransporter) Handshake(conn net.Conn, options ...HandshakeOpt
|
|||||||
tr.sessionMutex.Lock()
|
tr.sessionMutex.Lock()
|
||||||
defer tr.sessionMutex.Unlock()
|
defer tr.sessionMutex.Unlock()
|
||||||
|
|
||||||
|
conn.SetDeadline(time.Now().Add(timeout))
|
||||||
|
defer conn.SetDeadline(time.Time{})
|
||||||
|
|
||||||
session, ok := tr.sessions[opts.Addr]
|
session, ok := tr.sessions[opts.Addr]
|
||||||
if !ok || session.client == nil {
|
if !ok || session.client == nil {
|
||||||
sshConn, chans, reqs, err := ssh.NewClientConn(conn, opts.Addr, &config)
|
sshConn, chans, reqs, err := ssh.NewClientConn(conn, opts.Addr, &config)
|
||||||
|
|||||||
27
tls.go
27
tls.go
@ -271,23 +271,14 @@ func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration)
|
|||||||
var err error
|
var err error
|
||||||
var tlsConn *tls.Conn
|
var tlsConn *tls.Conn
|
||||||
|
|
||||||
tlsConn = tls.Client(conn, tlsConfig)
|
|
||||||
|
|
||||||
// If crypto/tls is doing verification, there's no need to do our own.
|
|
||||||
if tlsConfig.InsecureSkipVerify == false {
|
|
||||||
return tlsConn, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// Similarly if we use host's CA, we can do full handshake
|
|
||||||
if tlsConfig.RootCAs == nil {
|
|
||||||
return tlsConn, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
if timeout <= 0 {
|
if timeout <= 0 {
|
||||||
timeout = HandshakeTimeout // default timeout
|
timeout = HandshakeTimeout // default timeout
|
||||||
}
|
}
|
||||||
|
|
||||||
tlsConn.SetDeadline(time.Now().Add(timeout))
|
conn.SetDeadline(time.Now().Add(timeout))
|
||||||
|
defer conn.SetDeadline(time.Time{})
|
||||||
|
|
||||||
|
tlsConn = tls.Client(conn, tlsConfig)
|
||||||
|
|
||||||
// Otherwise perform handshake, but don't verify the domain
|
// Otherwise perform handshake, but don't verify the domain
|
||||||
//
|
//
|
||||||
@ -298,7 +289,15 @@ func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration)
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
tlsConn.SetDeadline(time.Time{}) // clear timeout
|
// If crypto/tls is doing verification, there's no need to do our own.
|
||||||
|
if tlsConfig.InsecureSkipVerify == false {
|
||||||
|
return tlsConn, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Similarly if we use host's CA, we can do full handshake
|
||||||
|
if tlsConfig.RootCAs == nil {
|
||||||
|
return tlsConn, nil
|
||||||
|
}
|
||||||
|
|
||||||
opts := x509.VerifyOptions{
|
opts := x509.VerifyOptions{
|
||||||
Roots: tlsConfig.RootCAs,
|
Roots: tlsConfig.RootCAs,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user