Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

lib/connections: TLS handshake must complete in a timely fashion (fixes #3375) 

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3376
This commit is contained in:
Jakob Borg 2016-07-02 20:33:31 +00:00
parent 6d357211b2
commit 672824641b
5 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/connections/relay_dial.go
View File

@ -52,7 +52,7 @@ func (d *relayDialer) Dial(id protocol.DeviceID, uri *url.URL) (IntermediateConn
tc = tls.Client(conn, d.tlsCfg)
}
err = tc.Handshake()
err = tlsTimedHandshake(tc)
if err != nil {
tc.Close()
return IntermediateConnection{}, err

2
lib/connections/relay_listen.go
View File

@ -85,7 +85,7 @@ func (t *relayListener) Serve() {
tc = tls.Client(conn, t.tlsCfg)
}
err = tc.Handshake()
err = tlsTimedHandshake(tc)
if err != nil {
tc.Close()
l.Infoln("TLS handshake (BEP/relay):", err)

11
lib/connections/service.go
View File

@ -36,7 +36,10 @@ var (
listeners = make(map[string]listenerFactory, 0)
)
const perDeviceWarningRate = 1.0 / (15 * 60) // Once per 15 minutes
const (
perDeviceWarningRate = 1.0 / (15 * 60) // Once per 15 minutes
tlsHandshakeTimeout = 10 * time.Second
)
// Service listens and dials all configured unconnected devices, via supported
// dialers. Successful connections are handed to the model.
@ -607,3 +610,9 @@ func warningFor(dev protocol.DeviceID, msg string) {
l.Warnln(msg)
}
}
func tlsTimedHandshake(tc *tls.Conn) error {
tc.SetDeadline(time.Now().Add(tlsHandshakeTimeout))
defer tc.SetDeadline(time.Time{})
return tc.Handshake()
}

2
lib/connections/tcp_dial.go
View File

@ -40,7 +40,7 @@ func (d *tcpDialer) Dial(id protocol.DeviceID, uri *url.URL) (IntermediateConnec
}
tc := tls.Client(conn, d.tlsCfg)
err = tc.Handshake()
err = tlsTimedHandshake(tc)
if err != nil {
tc.Close()
return IntermediateConnection{}, err

2
lib/connections/tcp_listen.go
View File

@ -108,7 +108,7 @@ func (t *tcpListener) Serve() {
}
tc := tls.Server(conn, t.tlsCfg)
err = tc.Handshake()
err = tlsTimedHandshake(tc)
if err != nil {
l.Infoln("TLS handshake (BEP/tcp):", err)
tc.Close()