Merge pull request #1320 from fatedier/new

add read timeout for TLS check operation
This commit is contained in:
fatedier 2019-07-14 10:57:22 +08:00 committed by GitHub
commit 8e36e2bb67
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 5 deletions

View File

@ -1,5 +1,7 @@
Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly. Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly.
(为了节约时间,提高处理问题的效率,不按照格式填写的 issue 将会直接关闭。) (为了节约时间,提高处理问题的效率,不按照格式填写的 issue 将会直接关闭。)
(请不要在 issue 评论中出现无意义的 **加1****我也是** 等内容,将会被直接删除。)
(由于个人精力有限,和系统环境,网络环境等相关的求助问题请转至其他论坛或社交平台。)
Use the commands below to provide key information from your environment: Use the commands below to provide key information from your environment:
You do NOT have to include this information if this is a FEATURE REQUEST You do NOT have to include this information if this is a FEATURE REQUEST

View File

@ -259,7 +259,16 @@ func (svr *Service) HandleListener(l frpNet.Listener) {
log.Warn("Listener for incoming connections from client closed") log.Warn("Listener for incoming connections from client closed")
return return
} }
c = frpNet.CheckAndEnableTLSServerConn(c, svr.tlsConfig)
log.Trace("start check TLS connection...")
originConn := c
c, err = frpNet.CheckAndEnableTLSServerConnWithTimeout(c, svr.tlsConfig, connReadTimeout)
if err != nil {
log.Warn("CheckAndEnableTLSServerConnWithTimeout error: %v", err)
originConn.Close()
continue
}
log.Trace("success check TLS connection")
// Start a new goroutine for dealing connections. // Start a new goroutine for dealing connections.
go func(frpConn frpNet.Conn) { go func(frpConn frpNet.Conn) {

View File

@ -17,6 +17,7 @@ package net
import ( import (
"crypto/tls" "crypto/tls"
"net" "net"
"time"
gnet "github.com/fatedier/golib/net" gnet "github.com/fatedier/golib/net"
) )
@ -31,10 +32,17 @@ func WrapTLSClientConn(c net.Conn, tlsConfig *tls.Config) (out Conn) {
return return
} }
func CheckAndEnableTLSServerConn(c net.Conn, tlsConfig *tls.Config) (out Conn) { func CheckAndEnableTLSServerConnWithTimeout(c net.Conn, tlsConfig *tls.Config, timeout time.Duration) (out Conn, err error) {
sc, r := gnet.NewSharedConnSize(c, 1) sc, r := gnet.NewSharedConnSize(c, 2)
buf := make([]byte, 1) buf := make([]byte, 1)
n, _ := r.Read(buf) var n int
c.SetReadDeadline(time.Now().Add(timeout))
n, err = r.Read(buf)
c.SetReadDeadline(time.Time{})
if err != nil {
return
}
if n == 1 && int(buf[0]) == FRP_TLS_HEAD_BYTE { if n == 1 && int(buf[0]) == FRP_TLS_HEAD_BYTE {
out = WrapConn(tls.Server(c, tlsConfig)) out = WrapConn(tls.Server(c, tlsConfig))
} else { } else {

View File

@ -19,7 +19,7 @@ import (
"strings" "strings"
) )
var version string = "0.27.0" var version string = "0.27.1"
func Full() string { func Full() string {
return version return version