From 501e9ad99aa3d18b7711d8cea94e0e9b68883b6b Mon Sep 17 00:00:00 2001
From: Anand Francis Joseph <anjoseph@redhat.com>
Date: Thu, 2 Nov 2023 22:48:52 +0530
Subject: plumbing: transport/ssh, Fix nil pointer dereference caused when an
 unreachable proxy server is set. Fixes #900

Signed-off-by: Anand Francis Joseph <anjoseph@redhat.com>
---
 plumbing/transport/ssh/common.go      | 10 +++++-----
 plumbing/transport/ssh/common_test.go | 22 ++++++++++++++++++++++
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/plumbing/transport/ssh/common.go b/plumbing/transport/ssh/common.go
index 1531603..46fda73 100644
--- a/plumbing/transport/ssh/common.go
+++ b/plumbing/transport/ssh/common.go
@@ -168,7 +168,7 @@ func dial(network, addr string, proxyOpts transport.ProxyOptions, config *ssh.Cl
 	defer cancel()
 
 	var conn net.Conn
-	var err error
+	var dialErr error
 
 	if proxyOpts.URL != "" {
 		proxyUrl, err := proxyOpts.FullURL()
@@ -186,12 +186,12 @@ func dial(network, addr string, proxyOpts transport.ProxyOptions, config *ssh.Cl
 			return nil, fmt.Errorf("expected ssh proxy dialer to be of type %s; got %s",
 				reflect.TypeOf(ctxDialer), reflect.TypeOf(dialer))
 		}
-		conn, err = ctxDialer.DialContext(ctx, "tcp", addr)
+		conn, dialErr = ctxDialer.DialContext(ctx, "tcp", addr)
 	} else {
-		conn, err = proxy.Dial(ctx, network, addr)
+		conn, dialErr = proxy.Dial(ctx, network, addr)
 	}
-	if err != nil {
-		return nil, err
+	if dialErr != nil {
+		return nil, dialErr
 	}
 
 	c, chans, reqs, err := ssh.NewClientConn(conn, addr, config)
diff --git a/plumbing/transport/ssh/common_test.go b/plumbing/transport/ssh/common_test.go
index 496e82d..4cc2a06 100644
--- a/plumbing/transport/ssh/common_test.go
+++ b/plumbing/transport/ssh/common_test.go
@@ -172,6 +172,28 @@ func (s *SuiteCommon) TestIssue70(c *C) {
 	c.Assert(err, IsNil)
 }
 
+/*
+Given, an endpoint to a git server with a socks5 proxy URL,
+When, the socks5 proxy server is not reachable,
+Then, there should not be any panic and an error with appropriate message should be returned.
+Related issue : https://github.com/go-git/go-git/pull/900
+*/
+func (s *SuiteCommon) TestInvalidSocks5Proxy(c *C) {
+	ep, err := transport.NewEndpoint("git@github.com:foo/bar.git")
+	c.Assert(err, IsNil)
+	ep.Proxy.URL = "socks5://127.0.0.1:1080"
+
+	auth, err := NewPublicKeys("foo", testdata.PEMBytes["rsa"], "")
+	c.Assert(err, IsNil)
+	c.Assert(auth, NotNil)
+
+	ps, err := DefaultClient.NewUploadPackSession(ep, auth)
+	//Since the proxy server is not running, we expect an error.
+	c.Assert(ps, IsNil)
+	c.Assert(err, NotNil)
+	c.Assert(err, ErrorMatches, "socks connect .* dial tcp 127.0.0.1:1080: .*")
+}
+
 type mockSSHConfig struct {
 	Values map[string]map[string]string
 }
-- 
cgit