From 5af617f3b982a64e9dfa722bcbb0a69a63d3c8e2 Mon Sep 17 00:00:00 2001
From: Andrey Petrov <shazow@gmail.com>
Date: Mon, 6 Jan 2020 20:09:34 -0500
Subject: [PATCH] sshd: Apply read deadline to connection handler (#331)

This should prevent connections from stalling out and eating up file descriptors without ever joining the chat.
---
 go.mod      | 2 ++
 sshd/net.go | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/go.mod b/go.mod
index 869a1a7..c86bcd7 100644
--- a/go.mod
+++ b/go.mod
@@ -8,3 +8,5 @@ require (
 	golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576
 	golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54
 )
+
+go 1.13
diff --git a/sshd/net.go b/sshd/net.go
index 8305696..678454b 100644
--- a/sshd/net.go
+++ b/sshd/net.go
@@ -2,6 +2,7 @@ package sshd
 
 import (
 	"net"
+	"time"
 
 	"github.com/shazow/rateio"
 	"golang.org/x/crypto/ssh"
@@ -32,6 +33,12 @@ func (l *SSHListener) handleConn(conn net.Conn) (*Terminal, error) {
 		conn = ReadLimitConn(conn, l.RateLimit())
 	}
 
+	// If the connection doesn't write anything back for too long before we get
+	// a valid session, it should be dropped.
+	var handleTimeout = 20 * time.Second
+	conn.SetReadDeadline(time.Now().Add(handleTimeout))
+	defer conn.SetReadDeadline(time.Time{})
+
 	// Upgrade TCP connection to SSH connection
 	sshConn, channels, requests, err := ssh.NewServerConn(conn, l.config)
 	if err != nil {