Alex-Devera/v2rayN
1
0
Fork 0
mirror of https://github.com/2dust/v2rayN.git synced 2025-11-06 07:22:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add timeout and error handling to certificate fetching
Some checks are pending
release Linux / build (Release) (push) Waiting to run
Details
release Linux / rpm (push) Blocked by required conditions
Details
release macOS / build (Release) (push) Waiting to run
Details
release Windows desktop (Avalonia UI) / build (Release) (push) Waiting to run
Details
release Windows / build (Release) (push) Waiting to run
Details

Browse source
This commit is contained in:
2dust 2025-11-04 20:43:51 +08:00
parent 725b094fb1
commit 753e7b81b6
2 changed files with 40 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
v2rayN/ServiceLib/Manager/CertPemManager.cs
View file

@ -202,14 +202,17 @@ public class CertPemManager
/// <summary>
/// Get certificate in PEM format from a server with CA pinning validation
/// </summary>
public async Task<string?> GetCertPemAsync(string target, string serverName)
public async Task<(string?, string?)> GetCertPemAsync(string target, string serverName, int timeout = 10)
{
try
{
var (domain, _, port, _) = Utils.ParseUrl(target);
using var cts = new CancellationTokenSource();
cts.CancelAfter(TimeSpan.FromSeconds(timeout));
using var client = new TcpClient();
await client.ConnectAsync(domain, port > 0 ? port : 443);
await client.ConnectAsync(domain, port > 0 ? port : 443, cts.Token);
using var ssl = new SslStream(client.GetStream(), false, ValidateServerCertificate);
@ -218,31 +221,39 @@ public class CertPemManager
var remote = ssl.RemoteCertificate;
if (remote == null)
{
return null;
return (null, null);
}
var leaf = new X509Certificate2(remote);
return ExportCertToPem(leaf);
return (ExportCertToPem(leaf), null);
}
catch (OperationCanceledException)
{
Logging.SaveLog(_tag, new TimeoutException($"Connection timeout after {timeout} seconds"));
return (null, $"Connection timeout after {timeout} seconds");
}
catch (Exception ex)
{
Logging.SaveLog(_tag, ex);
return null;
return (null, ex.Message);
}
}
/// <summary>
/// Get certificate chain in PEM format from a server with CA pinning validation
/// </summary>
public async Task<List<string>> GetCertChainPemAsync(string target, string serverName)
{
try
public async Task<(List<string>, string?)> GetCertChainPemAsync(string target, string serverName, int timeout = 10)
{
var pemList = new List<string>();
try
{
var (domain, _, port, _) = Utils.ParseUrl(target);
using var cts = new CancellationTokenSource();
cts.CancelAfter(TimeSpan.FromSeconds(timeout));
using var client = new TcpClient();
await client.ConnectAsync(domain, port > 0 ? port : 443);
await client.ConnectAsync(domain, port > 0 ? port : 443, cts.Token);
using var ssl = new SslStream(client.GetStream(), false, ValidateServerCertificate);
@ -250,7 +261,7 @@ public class CertPemManager
if (ssl.RemoteCertificate is not X509Certificate2 certChain)
{
return pemList;
return (pemList, null);
}
var chain = new X509Chain();
@ -262,12 +273,17 @@ public class CertPemManager
pemList.Add(pem);
}
return pemList;
return (pemList, null);
}
catch (OperationCanceledException)
{
Logging.SaveLog(_tag, new TimeoutException($"Connection timeout after {timeout} seconds"));
return (pemList, $"Connection timeout after {timeout} seconds");
}
catch (Exception ex)
{
Logging.SaveLog(_tag, ex);
return new List<string>();
return (pemList, ex.Message);
}
}

6
v2rayN/ServiceLib/ViewModels/AddServerViewModel.cs
View file

@ -146,7 +146,8 @@ public class AddServerViewModel : MyReactiveObject
{
domain += $":{SelectedSource.Port}";
}
Cert = await CertPemManager.Instance.GetCertPemAsync(domain, serverName);
(Cert, _certError) = await CertPemManager.Instance.GetCertPemAsync(domain, serverName);
UpdateCertTip();
}
private async Task FetchCertChain()
@ -176,7 +177,8 @@ public class AddServerViewModel : MyReactiveObject
{
domain += $":{SelectedSource.Port}";
}
var certs = await CertPemManager.Instance.GetCertChainPemAsync(domain, serverName);
(var certs, _certError) = await CertPemManager.Instance.GetCertChainPemAsync(domain, serverName);
UpdateCertTip();
Cert = string.Join("\n", certs);
}
}