ei
/
mtg
zrcadlo https://github.com/9seconds/mtg
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 48 Wiki Aktivita
Procházet zdrojové kódy

Merge pull request #416 from dolonet/fix/domain-fronting-idle-timeout 

fix: apply idle timeout to domain fronting relay
tags/v2.2.5^2^2
Sergei Arkhipov před 1 měsícem
rodič
6b51de8305 46c33f1532
revize
735466b90d
Žádný účet není propojen s e-mailovou adresou tvůrce revize
4 změnil soubory, kde provedl 34 přidání a 2 odebrání
Jednotný pohled Ukázat statistiku rozdílových dat
  1. 2
    0
      internal/cli/run_proxy.go
  2. 19
    0
      mtglib/conns.go
  3. 5
    2
      mtglib/proxy.go
  4. 8
    0
      mtglib/proxy_opts.go

+ 2
- 0
internal/cli/run_proxy.go Zobrazit soubor

5 
 	"fmt"
 5 
 	"fmt"
6 
 	"net"
 6 
 	"net"
7 
 	"os"
 7 
 	"os"
8 
+	"time"
8
9
9 
 	"github.com/9seconds/mtg/v2/antireplay"
 10 
 	"github.com/9seconds/mtg/v2/antireplay"
10 
 	"github.com/9seconds/mtg/v2/events"
 11 
 	"github.com/9seconds/mtg/v2/events"
262
263
263 
 		AllowFallbackOnUnknownDC: conf.AllowFallbackOnUnknownDC.Get(false),
 264 
 		AllowFallbackOnUnknownDC: conf.AllowFallbackOnUnknownDC.Get(false),
264 
 		TolerateTimeSkewness:     conf.TolerateTimeSkewness.Value,
 265 
 		TolerateTimeSkewness:     conf.TolerateTimeSkewness.Value,
266 
+		IdleTimeout:              conf.Network.Timeout.Idle.Get(time.Minute),
265
267
266 
 		DoppelGangerURLs:    doppelGangerURLs,
 268 
 		DoppelGangerURLs:    doppelGangerURLs,
267 
 		DoppelGangerPerRaid: conf.Defense.Doppelganger.Repeats.Get(mtglib.DoppelGangerPerRaid),
 269 
 		DoppelGangerPerRaid: conf.Defense.Doppelganger.Repeats.Get(mtglib.DoppelGangerPerRaid),

+ 19
- 0
mtglib/conns.go Zobrazit soubor

6 
 	"fmt"
 6 
 	"fmt"
7 
 	"io"
 7 
 	"io"
8 
 	"net"
 8 
 	"net"
9 
+	"time"
9
10
10 
 	"github.com/9seconds/mtg/v2/essentials"
 11 
 	"github.com/9seconds/mtg/v2/essentials"
11 
 	"github.com/pires/go-proxyproto"
 12 
 	"github.com/pires/go-proxyproto"
95 
 		sourceAddr: source.RemoteAddr(),
 96 
 		sourceAddr: source.RemoteAddr(),
96 
 	}
 97 
 	}
97 
 }
 98 
 }
99 
+
100 
+type connIdleTimeout struct {
101 
+	essentials.Conn
102 
+
103 
+	timeout time.Duration
104 
+}
105 
+
106 
+func (c connIdleTimeout) Read(b []byte) (int, error) {
107 
+	c.SetReadDeadline(time.Now().Add(c.timeout)) //nolint: errcheck
108 
+
109 
+	return c.Conn.Read(b) //nolint: wrapcheck
110 
+}
111 
+
112 
+func (c connIdleTimeout) Write(b []byte) (int, error) {
113 
+	c.SetWriteDeadline(time.Now().Add(c.timeout)) //nolint: errcheck
114 
+
115 
+	return c.Conn.Write(b) //nolint: wrapcheck
116 
+}

+ 5
- 2
mtglib/proxy.go Zobrazit soubor

27
27
28 
 	allowFallbackOnUnknownDC    bool
 28 
 	allowFallbackOnUnknownDC    bool
29 
 	tolerateTimeSkewness        time.Duration
 29 
 	tolerateTimeSkewness        time.Duration
30 
+	idleTimeout                 time.Duration
30 
 	domainFrontingPort          int
 31 
 	domainFrontingPort          int
31 
 	domainFrontingIP            string
 32 
 	domainFrontingIP            string
32 
 	domainFrontingProxyProtocol bool
 33 
 	domainFrontingProxyProtocol bool
151 
 		case errors.Is(err, ants.ErrPoolClosed):
 152 
 		case errors.Is(err, ants.ErrPoolClosed):
152 
 			return nil
 153 
 			return nil
153 
 		case errors.Is(err, ants.ErrPoolOverload):
 154 
 		case errors.Is(err, ants.ErrPoolOverload):
155 
+			conn.Close() //nolint: errcheck
154 
 			logger.Info("connection was concurrency limited")
 156 
 			logger.Info("connection was concurrency limited")
155 
 			p.eventStream.Send(p.ctx, NewEventConcurrencyLimited())
 157 
 			p.eventStream.Send(p.ctx, NewEventConcurrencyLimited())
156 
 		}
 158 
 		}
306 
 	relay.Relay(
 308 
 	relay.Relay(
307 
 		ctx,
 309 
 		ctx,
308 
 		ctx.logger.Named("domain-fronting"),
 310 
 		ctx.logger.Named("domain-fronting"),
309 
-		frontConn,
310 
-		conn,
311 
+		connIdleTimeout{Conn: frontConn, timeout: p.idleTimeout},
312 
+		connIdleTimeout{Conn: conn, timeout: p.idleTimeout},
311 
 	)
 313 
 	)
312 
 }
 314 
 }
313
315
339 
 		domainFrontingPort:       opts.getDomainFrontingPort(),
 341 
 		domainFrontingPort:       opts.getDomainFrontingPort(),
340 
 		domainFrontingIP:         opts.DomainFrontingIP,
 342 
 		domainFrontingIP:         opts.DomainFrontingIP,
341 
 		tolerateTimeSkewness:     opts.getTolerateTimeSkewness(),
 343 
 		tolerateTimeSkewness:     opts.getTolerateTimeSkewness(),
344 
+		idleTimeout:              opts.getIdleTimeout(),
342 
 		allowFallbackOnUnknownDC: opts.AllowFallbackOnUnknownDC,
 345 
 		allowFallbackOnUnknownDC: opts.AllowFallbackOnUnknownDC,
343 
 		telegram:                 tg,
 346 
 		telegram:                 tg,
344 
 		doppelGanger: doppel.NewGanger(
 347 
 		doppelGanger: doppel.NewGanger(

+ 8
- 0
mtglib/proxy_opts.go Zobrazit soubor

216 
 	return p.PreferIP
 216 
 	return p.PreferIP
217 
 }
 217 
 }
218
218
219 
+func (p ProxyOpts) getIdleTimeout() time.Duration {
220 
+	if p.IdleTimeout == 0 {
221 
+		return time.Minute
222 
+	}
223 
+
224 
+	return p.IdleTimeout
225 
+}
226 
+
219 
 func (p ProxyOpts) getLogger(name string) Logger {
 227 
 func (p ProxyOpts) getLogger(name string) Logger {
220 
 	return p.Logger.Named(name)
 228 
 	return p.Logger.Named(name)
221 
 }
 229 
 }

Zapsat Náhled
Načítá se…
Zrušit
Uložit