Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[release/v7.4] Ensure that socket timeouts are set only during the token validation #26080

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
adityapatwardhan merged 2 commits into from
Oct 9, 2025
Merged

[release/v7.4] Ensure that socket timeouts are set only during the token validation #26080

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
65ccd22
Ensure that socket timeouts are set only during the token validation …
TravisEz13 Sep 22, 2025
96b2040
Change timeout variable to readonly
TravisEz13 Sep 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 31 additions & 26 deletions src/System.Management.Automation/engine/remoting/common/RemoteSessionHyperVSocket.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -258,30 +258,7 @@ public RemoteSessionHyperVSocketServer(bool LoopbackMode, string token, DateTime
listenSocket.Listen(1);
HyperVSocket = listenSocket.Accept();

TimeSpan timeout = TimeSpan.FromMinutes(MAX_TOKEN_LIFE_MINUTES);
DateTimeOffset timeoutExpiry = tokenCreationTime.Add(timeout);
DateTimeOffset now = DateTimeOffset.UtcNow;

// Calculate remaining time and create cancellation token
TimeSpan remainingTime = timeoutExpiry - now;

// Check if the token has already expired
if (remainingTime <= TimeSpan.Zero)
{
throw new PSDirectException(
PSRemotingErrorInvariants.FormatResourceString(RemotingErrorIdStrings.InvalidCredential, "Token has expired"));
}

// Set socket timeout for receive operations to prevent indefinite blocking
int timeoutMs = (int)remainingTime.TotalMilliseconds;
HyperVSocket.ReceiveTimeout = timeoutMs;
HyperVSocket.SendTimeout = timeoutMs;

// Create a cancellation token that will be cancelled when the timeout expires
using var cancellationTokenSource = new CancellationTokenSource(remainingTime);
CancellationToken cancellationToken = cancellationTokenSource.Token;

ValidateToken(HyperVSocket, token, cancellationToken);
ValidateToken(HyperVSocket, token, tokenCreationTime, MAX_TOKEN_LIFE_MINUTES * 60);

Stream = new NetworkStream(HyperVSocket, true);

Expand Down Expand Up @@ -389,9 +366,33 @@ public void Dispose()
/// </summary>
/// <param name="socket">The connected HyperVSocket.</param>
/// <param name="token">The expected token string.</param>
/// <param name="cancellationToken">Cancellation token for timeout handling.</param>
internal static void ValidateToken(Socket socket, string token, CancellationToken cancellationToken = default)
/// <param name="tokenCreationTime">The creation time of the token.</param>
/// <param name="maxTokenLifeSeconds">The maximum lifetime of the token in seconds.</param>
internal static void ValidateToken(Socket socket, string token, DateTimeOffset tokenCreationTime, int maxTokenLifeSeconds)
{
TimeSpan timeout = TimeSpan.FromSeconds(maxTokenLifeSeconds);
DateTimeOffset timeoutExpiry = tokenCreationTime.Add(timeout);
DateTimeOffset now = DateTimeOffset.UtcNow;

// Calculate remaining time and create cancellation token
TimeSpan remainingTime = timeoutExpiry - now;

// Check if the token has already expired
if (remainingTime <= TimeSpan.Zero)
{
throw new PSDirectException(
PSRemotingErrorInvariants.FormatResourceString(RemotingErrorIdStrings.InvalidCredential, "Token has expired"));
}

// Create a cancellation token that will be cancelled when the timeout expires
using var cancellationTokenSource = new CancellationTokenSource(remainingTime);
CancellationToken cancellationToken = cancellationTokenSource.Token;

// Set socket timeout for receive operations to prevent indefinite blocking
int timeoutMs = (int)remainingTime.TotalMilliseconds;
socket.ReceiveTimeout = timeoutMs;
socket.SendTimeout = timeoutMs;

// Check for cancellation before starting validation
cancellationToken.ThrowIfCancellationRequested();

Expand Down Expand Up @@ -430,6 +431,7 @@ internal static void ValidateToken(Socket socket, string token, CancellationToke
// So we expect a response of length 6 + 100 = 106 characters.
responseString = RemoteSessionHyperVSocketClient.ReceiveResponse(socket, 110);

// Final check if we got the token before the timeout
cancellationToken.ThrowIfCancellationRequested();

if (string.IsNullOrEmpty(responseString) || !responseString.StartsWith("TOKEN ", StringComparison.Ordinal))
Expand All @@ -454,6 +456,9 @@ internal static void ValidateToken(Socket socket, string token, CancellationToke

// Acknowledge the token is valid with "PASS".
socket.Send("PASS"u8);

socket.ReceiveTimeout = 0; // Disable the timeout after successful validation
socket.SendTimeout = 0;
}
}

Expand Down
Loading
Loading