Browse code
Implement server_poll_timeout for socks
So far --server-poll-timeout was only applied
for HTTP proxies, apply it also to SOCKS proxies.
This removes the default 5 second socks connect timeout
which can be too small depending on network setup and
replaces it with the configurable overall connect timeout
(default 120 seconds).
Trac: #328
Github: fixes OpenVPN/openvpn#267
Change-Id: I2b109f8c551c23045a1be355778b08f0fd4d309f
Signed-off-by: 5andr0 <sandro.trianni@gmail.com>
Tested-By: ValdikSS <valdikss@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20240315162011.1661139-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28408.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit b3a68b85a729628ca8b97f9f0c2813f795289cfc)
5andr0 authored on 2024/03/16 01:20:11Showing 3 changed files
| ... | ... |
@@ -2078,6 +2078,7 @@ phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info) |
| 2078 | 2078 |
sock->sd, |
| 2079 | 2079 |
sock->proxy_dest_host, |
| 2080 | 2080 |
sock->proxy_dest_port, |
| 2081 |
+ sock->server_poll_timeout, |
|
| 2081 | 2082 |
sig_info); |
| 2082 | 2083 |
} |
| 2083 | 2084 |
if (proxy_retry) |
| ... | ... |
@@ -2107,6 +2108,7 @@ phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info) |
| 2107 | 2107 |
sock->ctrl_sd, |
| 2108 | 2108 |
sock->sd, |
| 2109 | 2109 |
&sock->socks_relay.dest, |
| 2110 |
+ sock->server_poll_timeout, |
|
| 2110 | 2111 |
sig_info); |
| 2111 | 2112 |
|
| 2112 | 2113 |
if (sig_info->signal_received) |
| ... | ... |
@@ -42,6 +42,7 @@ |
| 42 | 42 |
#include "fdmisc.h" |
| 43 | 43 |
#include "misc.h" |
| 44 | 44 |
#include "proxy.h" |
| 45 |
+#include "forward.h" |
|
| 45 | 46 |
|
| 46 | 47 |
#include "memdbg.h" |
| 47 | 48 |
|
| ... | ... |
@@ -85,12 +86,12 @@ socks_proxy_close(struct socks_proxy_info *sp) |
| 85 | 85 |
static bool |
| 86 | 86 |
socks_username_password_auth(struct socks_proxy_info *p, |
| 87 | 87 |
socket_descriptor_t sd, |
| 88 |
+ struct event_timeout *server_poll_timeout, |
|
| 88 | 89 |
volatile int *signal_received) |
| 89 | 90 |
{
|
| 90 | 91 |
char to_send[516]; |
| 91 | 92 |
char buf[2]; |
| 92 | 93 |
int len = 0; |
| 93 |
- const int timeout_sec = 5; |
|
| 94 | 94 |
struct user_pass creds; |
| 95 | 95 |
ssize_t size; |
| 96 | 96 |
bool ret = false; |
| ... | ... |
@@ -129,7 +130,7 @@ socks_username_password_auth(struct socks_proxy_info *p, |
| 129 | 129 |
|
| 130 | 130 |
FD_ZERO(&reads); |
| 131 | 131 |
openvpn_fd_set(sd, &reads); |
| 132 |
- tv.tv_sec = timeout_sec; |
|
| 132 |
+ tv.tv_sec = get_server_poll_remaining_time(server_poll_timeout); |
|
| 133 | 133 |
tv.tv_usec = 0; |
| 134 | 134 |
|
| 135 | 135 |
status = select(sd + 1, &reads, NULL, NULL, &tv); |
| ... | ... |
@@ -185,11 +186,11 @@ cleanup: |
| 185 | 185 |
static bool |
| 186 | 186 |
socks_handshake(struct socks_proxy_info *p, |
| 187 | 187 |
socket_descriptor_t sd, |
| 188 |
+ struct event_timeout *server_poll_timeout, |
|
| 188 | 189 |
volatile int *signal_received) |
| 189 | 190 |
{
|
| 190 | 191 |
char buf[2]; |
| 191 | 192 |
int len = 0; |
| 192 |
- const int timeout_sec = 5; |
|
| 193 | 193 |
ssize_t size; |
| 194 | 194 |
|
| 195 | 195 |
/* VER = 5, NMETHODS = 1, METHODS = [0 (no auth)] */ |
| ... | ... |
@@ -216,7 +217,7 @@ socks_handshake(struct socks_proxy_info *p, |
| 216 | 216 |
|
| 217 | 217 |
FD_ZERO(&reads); |
| 218 | 218 |
openvpn_fd_set(sd, &reads); |
| 219 |
- tv.tv_sec = timeout_sec; |
|
| 219 |
+ tv.tv_sec = get_server_poll_remaining_time(server_poll_timeout); |
|
| 220 | 220 |
tv.tv_usec = 0; |
| 221 | 221 |
|
| 222 | 222 |
status = select(sd + 1, &reads, NULL, NULL, &tv); |
| ... | ... |
@@ -283,7 +284,7 @@ socks_handshake(struct socks_proxy_info *p, |
| 283 | 283 |
return false; |
| 284 | 284 |
} |
| 285 | 285 |
|
| 286 |
- if (!socks_username_password_auth(p, sd, signal_received)) |
|
| 286 |
+ if (!socks_username_password_auth(p, sd, server_poll_timeout, signal_received)) |
|
| 287 | 287 |
{
|
| 288 | 288 |
return false; |
| 289 | 289 |
} |
| ... | ... |
@@ -301,13 +302,13 @@ socks_handshake(struct socks_proxy_info *p, |
| 301 | 301 |
static bool |
| 302 | 302 |
recv_socks_reply(socket_descriptor_t sd, |
| 303 | 303 |
struct openvpn_sockaddr *addr, |
| 304 |
+ struct event_timeout *server_poll_timeout, |
|
| 304 | 305 |
volatile int *signal_received) |
| 305 | 306 |
{
|
| 306 | 307 |
char atyp = '\0'; |
| 307 | 308 |
int alen = 0; |
| 308 | 309 |
int len = 0; |
| 309 | 310 |
char buf[270]; /* 4 + alen(max 256) + 2 */ |
| 310 |
- const int timeout_sec = 5; |
|
| 311 | 311 |
|
| 312 | 312 |
if (addr != NULL) |
| 313 | 313 |
{
|
| ... | ... |
@@ -326,7 +327,7 @@ recv_socks_reply(socket_descriptor_t sd, |
| 326 | 326 |
|
| 327 | 327 |
FD_ZERO(&reads); |
| 328 | 328 |
openvpn_fd_set(sd, &reads); |
| 329 |
- tv.tv_sec = timeout_sec; |
|
| 329 |
+ tv.tv_sec = get_server_poll_remaining_time(server_poll_timeout); |
|
| 330 | 330 |
tv.tv_usec = 0; |
| 331 | 331 |
|
| 332 | 332 |
status = select(sd + 1, &reads, NULL, NULL, &tv); |
| ... | ... |
@@ -451,12 +452,13 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, |
| 451 | 451 |
socket_descriptor_t sd, /* already open to proxy */ |
| 452 | 452 |
const char *host, /* openvpn server remote */ |
| 453 | 453 |
const char *servname, /* openvpn server port */ |
| 454 |
+ struct event_timeout *server_poll_timeout, |
|
| 454 | 455 |
struct signal_info *sig_info) |
| 455 | 456 |
{
|
| 456 | 457 |
char buf[270]; |
| 457 | 458 |
size_t len; |
| 458 | 459 |
|
| 459 |
- if (!socks_handshake(p, sd, &sig_info->signal_received)) |
|
| 460 |
+ if (!socks_handshake(p, sd, server_poll_timeout, &sig_info->signal_received)) |
|
| 460 | 461 |
{
|
| 461 | 462 |
goto error; |
| 462 | 463 |
} |
| ... | ... |
@@ -494,7 +496,7 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, |
| 494 | 494 |
|
| 495 | 495 |
|
| 496 | 496 |
/* receive reply from Socks proxy and discard */ |
| 497 |
- if (!recv_socks_reply(sd, NULL, &sig_info->signal_received)) |
|
| 497 |
+ if (!recv_socks_reply(sd, NULL, server_poll_timeout, &sig_info->signal_received)) |
|
| 498 | 498 |
{
|
| 499 | 499 |
goto error; |
| 500 | 500 |
} |
| ... | ... |
@@ -512,9 +514,10 @@ establish_socks_proxy_udpassoc(struct socks_proxy_info *p, |
| 512 | 512 |
socket_descriptor_t ctrl_sd, /* already open to proxy */ |
| 513 | 513 |
socket_descriptor_t udp_sd, |
| 514 | 514 |
struct openvpn_sockaddr *relay_addr, |
| 515 |
+ struct event_timeout *server_poll_timeout, |
|
| 515 | 516 |
struct signal_info *sig_info) |
| 516 | 517 |
{
|
| 517 |
- if (!socks_handshake(p, ctrl_sd, &sig_info->signal_received)) |
|
| 518 |
+ if (!socks_handshake(p, ctrl_sd, server_poll_timeout, &sig_info->signal_received)) |
|
| 518 | 519 |
{
|
| 519 | 520 |
goto error; |
| 520 | 521 |
} |
| ... | ... |
@@ -535,7 +538,7 @@ establish_socks_proxy_udpassoc(struct socks_proxy_info *p, |
| 535 | 535 |
|
| 536 | 536 |
/* receive reply from Socks proxy */ |
| 537 | 537 |
CLEAR(*relay_addr); |
| 538 |
- if (!recv_socks_reply(ctrl_sd, relay_addr, &sig_info->signal_received)) |
|
| 538 |
+ if (!recv_socks_reply(ctrl_sd, relay_addr, server_poll_timeout, &sig_info->signal_received)) |
|
| 539 | 539 |
{
|
| 540 | 540 |
goto error; |
| 541 | 541 |
} |
| ... | ... |
@@ -52,12 +52,14 @@ void establish_socks_proxy_passthru(struct socks_proxy_info *p, |
| 52 | 52 |
socket_descriptor_t sd, /* already open to proxy */ |
| 53 | 53 |
const char *host, /* openvpn server remote */ |
| 54 | 54 |
const char *servname, /* openvpn server port */ |
| 55 |
+ struct event_timeout *server_poll_timeout, |
|
| 55 | 56 |
struct signal_info *sig_info); |
| 56 | 57 |
|
| 57 | 58 |
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, |
| 58 | 59 |
socket_descriptor_t ctrl_sd, /* already open to proxy */ |
| 59 | 60 |
socket_descriptor_t udp_sd, |
| 60 | 61 |
struct openvpn_sockaddr *relay_addr, |
| 62 |
+ struct event_timeout *server_poll_timeout, |
|
| 61 | 63 |
struct signal_info *sig_info); |
| 62 | 64 |
|
| 63 | 65 |
void socks_process_incoming_udp(struct buffer *buf, |