Add configurable connection timeout

RUB-NDS / Terrapin-Scanner

This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

https://terrapin-attack.com

Apache License 2.0

931 stars 62 forks source link

Add configurable connection timeout #20

Closed sollie closed 7 months ago

sollie commented 8 months ago

Quick hack to add configurable connection timeout. Useful in scripts when scanning a ramge of hosts.

TrueSkrillor commented 7 months ago

As tscanner is supposed to be an importable library, I'd like to keep the interface stable. As Golang does not support optional parameters (or default values), I'd suggest that we introduce this feature as another function, ScanWithTimeout; Scan will then call ScanWithTimeout internally. Otherwise, I'm happy to merge these changes.

sollie commented 7 months ago

As Golang does not support optional parameters (or default values)

One could turn Scan() into a variadic function, and only care about the first argument.

Something like

func Scan(address string, scanMode ScanMode, verbose bool, timeout ...int) (*Report, error) {
    if len(timeout) == 1 {
        // set timeout
    } else if len(timeout) > 1 {
        // error out, more parameters than expected
    } else {
        // use default timeout
    }

For simplicity the default timeout could be specified in Scan(). I don't think this would have any downsides?

TrueSkrillor commented 7 months ago

While this would be possible, it seems overly complicated for what this is trying to achieve. I decided to add ScanWithTimeout as a separate function, converting Scan to a placeholder calling ScanWithTimeout instead. Also, I changed the parameter to be of type int, not *int to allow literal values to be passed to the function.