Raise link error when SNI supplied on unsupported link type

Closes #1196
yggdrasil-network · Oct 27, 2024 · eef6139 · eef6139
1 parent ff0ef7f
commit eef6139
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 0 deletions.
diff --git a/src/core/link.go b/src/core/link.go
@@ -126,6 +126,7 @@ const ErrLinkPinnedKeyInvalid = linkError("pinned public key is invalid")
 const ErrLinkPasswordInvalid = linkError("invalid password supplied")
 const ErrLinkUnrecognisedSchema = linkError("link schema unknown")
 const ErrLinkMaxBackoffInvalid = linkError("max backoff duration invalid")
+const ErrLinkSNINotSupported = linkError("SNI not supported on this link type")
 
 func (l *links) add(u *url.URL, sintf string, linkType linkType) error {
 	var retErr error

diff --git a/src/core/link_socks.go b/src/core/link_socks.go
@@ -23,6 +23,9 @@ func (l *links) newLinkSOCKS() *linkSOCKS {
 }
 
 func (l *linkSOCKS) dial(_ context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
+	if url.Scheme != "sockstls" && options.tlsSNI != "" {
+		return nil, ErrLinkSNINotSupported
+	}
 	var proxyAuth *proxy.Auth
 	if url.User != nil && url.User.Username() != "" {
 		proxyAuth = &proxy.Auth{

diff --git a/src/core/link_tcp.go b/src/core/link_tcp.go
@@ -67,6 +67,9 @@ func (l *linkTCP) dialersFor(url *url.URL, info linkInfo) ([]*tcpDialer, error)
 }
 
 func (l *linkTCP) dial(ctx context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
+	if options.tlsSNI != "" {
+		return nil, ErrLinkSNINotSupported
+	}
 	dialers, err := l.dialersFor(url, info)
 	if err != nil {
 		return nil, err

diff --git a/src/core/link_unix.go b/src/core/link_unix.go
@@ -31,6 +31,9 @@ func (l *links) newLinkUNIX() *linkUNIX {
 }
 
 func (l *linkUNIX) dial(ctx context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
+	if options.tlsSNI != "" {
+		return nil, ErrLinkSNINotSupported
+	}
 	addr, err := net.ResolveUnixAddr("unix", url.Path)
 	if err != nil {
 		return nil, err

diff --git a/src/core/link_ws.go b/src/core/link_ws.go
@@ -87,6 +87,9 @@ func (l *links) newLinkWS() *linkWS {
 }
 
 func (l *linkWS) dial(ctx context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
+	if options.tlsSNI != "" {
+		return nil, ErrLinkSNINotSupported
+	}
 	wsconn, _, err := websocket.Dial(ctx, url.String(), &websocket.DialOptions{
 		Subprotocols: []string{"ygg-ws"},
 	})

diff --git a/src/core/link_wss.go b/src/core/link_wss.go
@@ -27,6 +27,9 @@ func (l *links) newLinkWSS() *linkWSS {
 }
 
 func (l *linkWSS) dial(ctx context.Context, url *url.URL, info linkInfo, options linkOptions) (net.Conn, error) {
+	if options.tlsSNI != "" {
+		return nil, ErrLinkSNINotSupported
+	}
 	wsconn, _, err := websocket.Dial(ctx, url.String(), &websocket.DialOptions{
 		Subprotocols: []string{"ygg-ws"},
 	})