perso/syncthing-arm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

lib/connections: TLS handshake must complete in a timely fashion (fixes #3375)

Browse Source 
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3376
This commit is contained in:
Jakob Borg 2016-07-02 20:33:31 +00:00
parent 6d357211b2
commit 672824641b
5 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/connections/relay_dial.go
View File

@ -52,7 +52,7 @@ func (d *relayDialer) Dial(id protocol.DeviceID, uri *url.URL) (IntermediateConn
tc = tls.Client(conn, d.tlsCfg) tc = tls.Client(conn, d.tlsCfg)
} }
err = tc.Handshake() err = tlsTimedHandshake(tc)
if err != nil { if err != nil {
tc.Close() tc.Close()
return IntermediateConnection{}, err return IntermediateConnection{}, err

2
lib/connections/relay_listen.go
View File

@ -85,7 +85,7 @@ func (t *relayListener) Serve() {
tc = tls.Client(conn, t.tlsCfg) tc = tls.Client(conn, t.tlsCfg)
} }
err = tc.Handshake() err = tlsTimedHandshake(tc)
if err != nil { if err != nil {
tc.Close() tc.Close()
l.Infoln("TLS handshake (BEP/relay):", err) l.Infoln("TLS handshake (BEP/relay):", err)

11
lib/connections/service.go
View File

@ -36,7 +36,10 @@ var (
listeners = make(map[string]listenerFactory, 0) listeners = make(map[string]listenerFactory, 0)
) )
const perDeviceWarningRate = 1.0 / (15 * 60) // Once per 15 minutes const (
perDeviceWarningRate = 1.0 / (15 * 60) // Once per 15 minutes
tlsHandshakeTimeout = 10 * time.Second
)
// Service listens and dials all configured unconnected devices, via supported // Service listens and dials all configured unconnected devices, via supported
// dialers. Successful connections are handed to the model. // dialers. Successful connections are handed to the model.
@ -607,3 +610,9 @@ func warningFor(dev protocol.DeviceID, msg string) {
l.Warnln(msg) l.Warnln(msg)
} }
} }
func tlsTimedHandshake(tc *tls.Conn) error {
tc.SetDeadline(time.Now().Add(tlsHandshakeTimeout))
defer tc.SetDeadline(time.Time{})
return tc.Handshake()
}

2
lib/connections/tcp_dial.go
View File

@ -40,7 +40,7 @@ func (d *tcpDialer) Dial(id protocol.DeviceID, uri *url.URL) (IntermediateConnec
} }
tc := tls.Client(conn, d.tlsCfg) tc := tls.Client(conn, d.tlsCfg)
err = tc.Handshake() err = tlsTimedHandshake(tc)
if err != nil { if err != nil {
tc.Close() tc.Close()
return IntermediateConnection{}, err return IntermediateConnection{}, err

2
lib/connections/tcp_listen.go
View File

@ -108,7 +108,7 @@ func (t *tcpListener) Serve() {
} }
tc := tls.Server(conn, t.tlsCfg) tc := tls.Server(conn, t.tlsCfg)
err = tc.Handshake() err = tlsTimedHandshake(tc)
if err != nil { if err != nil {
l.Infoln("TLS handshake (BEP/tcp):", err) l.Infoln("TLS handshake (BEP/tcp):", err)
tc.Close() tc.Close()