[TASK] add temporary blacklist

This commit is contained in:
Martin Geno 2017-05-14 10:04:45 +02:00
parent b190bd43c4
commit 2a5ab5c1f5
No known key found for this signature in database
GPG Key ID: F0D39A37E925E941
1 changed files with 22 additions and 6 deletions

View File

@ -2,7 +2,9 @@ package ssh
import ( import (
"net" "net"
"strings"
"sync" "sync"
"time"
"golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh"
@ -13,6 +15,7 @@ import (
type Manager struct { type Manager struct {
config *ssh.ClientConfig config *ssh.ClientConfig
clients map[string]*ssh.Client clients map[string]*ssh.Client
clientsBlacklist map[string]time.Time
clientsMUX sync.Mutex clientsMUX sync.Mutex
} }
@ -34,12 +37,20 @@ func NewManager(file string) *Manager {
return &Manager{ return &Manager{
config: sshConfig, config: sshConfig,
clients: make(map[string]*ssh.Client), clients: make(map[string]*ssh.Client),
clientsBlacklist: make(map[string]time.Time),
} }
} }
func (m *Manager) ConnectTo(addr net.TCPAddr) *ssh.Client { func (m *Manager) ConnectTo(addr net.TCPAddr) *ssh.Client {
m.clientsMUX.Lock() m.clientsMUX.Lock()
defer m.clientsMUX.Unlock() defer m.clientsMUX.Unlock()
if t, ok := m.clientsBlacklist[addr.IP.String()]; ok {
if time.Now().Add(-time.Hour * 24).After(t) {
return nil
} else {
delete(m.clientsBlacklist, addr.IP.String())
}
}
if client, ok := m.clients[addr.IP.String()]; ok { if client, ok := m.clients[addr.IP.String()]; ok {
return client return client
@ -47,7 +58,12 @@ func (m *Manager) ConnectTo(addr net.TCPAddr) *ssh.Client {
client, err := ssh.Dial("tcp", addr.String(), m.config) client, err := ssh.Dial("tcp", addr.String(), m.config)
if err != nil { if err != nil {
if strings.Contains(err.Error(), "no supported methods remain") {
m.clientsBlacklist[addr.IP.String()] = time.Now()
log.Log.Warnf("node was set on the blacklist: %s", err)
} else {
log.Log.Error(err) log.Log.Error(err)
}
return nil return nil
} }