[tor-commits] [goptlib/master] Put a timeout on waiting for SOCKS requests.
dcf at torproject.org
dcf at torproject.org
Fri Dec 13 07:12:57 UTC 2013
commit a2caf0477a51840f266f7f026bf3fdf6da81f8b2
Author: David Fifield <david at bamsoftware.com>
Date: Thu Dec 12 22:29:20 2013 -0800
Put a timeout on waiting for SOCKS requests.
This is just to stymie attacks or bugs that have a client keeping a TCP
connectino open forever.
---
socks.go | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/socks.go b/socks.go
index bd57f40..7a2b1c8 100644
--- a/socks.go
+++ b/socks.go
@@ -6,6 +6,7 @@ import (
"fmt"
"io"
"net"
+ "time"
)
const (
@@ -16,6 +17,9 @@ const (
socksRequestRejected = 0x5b
)
+// Put a sanity timeout on how long we wait for a SOCKS request.
+const socksRequestTimeout = 5 * time.Second
+
// SocksRequest describes a SOCKS request.
type SocksRequest struct {
// The endpoint requested by the client as a "host:port" string.
@@ -108,11 +112,19 @@ func (ln *SocksListener) AcceptSocks() (*SocksConn, error) {
}
conn := new(SocksConn)
conn.Conn = c
+ err = conn.SetDeadline(time.Now().Add(socksRequestTimeout))
+ if err != nil {
+ return nil, err
+ }
conn.Req, err = readSocks4aConnect(conn)
if err != nil {
conn.Close()
return nil, err
}
+ err = conn.SetDeadline(time.Time{})
+ if err != nil {
+ return nil, err
+ }
return conn, nil
}
More information about the tor-commits
mailing list