narayana/conversations-classic
3
2
Fork 0
Code Issues 3 Pull requests 2 Actions Packages Projects Releases 4 Wiki Activity

add connect timeout to DoT

Browse source
This commit is contained in:
Daniel Gultsch 2023-10-19 20:51:19 +02:00
parent 71ebca40e8
commit d1f4fbd9de
No known key found for this signature in database
GPG key ID: F43D18AD2A0982C2
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/main/java/de/gultsch/minidns/DNSSocket.java
View file

@ -38,7 +38,6 @@ import javax.net.ssl.SSLSocketFactory;
final class DNSSocket implements Closeable {
private static final int CONNECT_TIMEOUT = 5_000;
public static final int QUERY_TIMEOUT = 5_000;
private final Semaphore semaphore = new Semaphore(1);
@ -111,7 +110,7 @@ final class DNSSocket implements Closeable {
final SocketAddress socketAddress =
new InetSocketAddress(dnsServer.inetAddress, dnsServer.port);
final Socket socket = new Socket();
socket.connect(socketAddress, CONNECT_TIMEOUT);
socket.connect(socketAddress, QUERY_TIMEOUT / 2);
socket.setSoTimeout(QUERY_TIMEOUT);
return DNSSocket.of(socket);
}
@ -119,16 +118,18 @@ final class DNSSocket implements Closeable {
private static DNSSocket connectTlsSocket(final DNSServer dnsServer) throws IOException {
Preconditions.checkArgument(dnsServer.uniqueTransport() == Transport.TLS);
final SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
final SSLSocket sslSocket;
final SSLSocket sslSocket = (SSLSocket) factory.createSocket();
if (Strings.isNullOrEmpty(dnsServer.hostname)) {
final SocketAddress socketAddress =
new InetSocketAddress(dnsServer.inetAddress, dnsServer.port);
sslSocket = (SSLSocket) factory.createSocket(dnsServer.inetAddress, dnsServer.port);
sslSocket.connect(socketAddress, CONNECT_TIMEOUT);
sslSocket.connect(socketAddress, QUERY_TIMEOUT / 2);
sslSocket.setSoTimeout(QUERY_TIMEOUT);
sslSocket.startHandshake();
} else {
sslSocket = (SSLSocket) factory.createSocket(dnsServer.hostname, dnsServer.port);
final SocketAddress socketAddress = new InetSocketAddress(dnsServer.hostname, dnsServer.port);
sslSocket.connect(socketAddress, QUERY_TIMEOUT / 2);
sslSocket.setSoTimeout(QUERY_TIMEOUT);
sslSocket.startHandshake();
final SSLSession session = sslSocket.getSession();
final Certificate[] peerCertificates = session.getPeerCertificates();
if (peerCertificates.length == 0 || !(peerCertificates[0] instanceof X509Certificate)) {