mirror of https://github.com/fatedier/frp
add read timeout for TLS check operation
parent
fd336a5503
commit
17cc0735d1
|
@ -259,7 +259,16 @@ func (svr *Service) HandleListener(l frpNet.Listener) {
|
||||||
log.Warn("Listener for incoming connections from client closed")
|
log.Warn("Listener for incoming connections from client closed")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
c = frpNet.CheckAndEnableTLSServerConn(c, svr.tlsConfig)
|
|
||||||
|
log.Trace("start check TLS connection...")
|
||||||
|
originConn := c
|
||||||
|
c, err = frpNet.CheckAndEnableTLSServerConnWithTimeout(c, svr.tlsConfig, connReadTimeout)
|
||||||
|
if err != nil {
|
||||||
|
log.Warn("CheckAndEnableTLSServerConnWithTimeout error: %v", err)
|
||||||
|
originConn.Close()
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
log.Trace("success check TLS connection")
|
||||||
|
|
||||||
// Start a new goroutine for dealing connections.
|
// Start a new goroutine for dealing connections.
|
||||||
go func(frpConn frpNet.Conn) {
|
go func(frpConn frpNet.Conn) {
|
||||||
|
|
|
@ -17,6 +17,7 @@ package net
|
||||||
import (
|
import (
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"net"
|
"net"
|
||||||
|
"time"
|
||||||
|
|
||||||
gnet "github.com/fatedier/golib/net"
|
gnet "github.com/fatedier/golib/net"
|
||||||
)
|
)
|
||||||
|
@ -31,10 +32,17 @@ func WrapTLSClientConn(c net.Conn, tlsConfig *tls.Config) (out Conn) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func CheckAndEnableTLSServerConn(c net.Conn, tlsConfig *tls.Config) (out Conn) {
|
func CheckAndEnableTLSServerConnWithTimeout(c net.Conn, tlsConfig *tls.Config, timeout time.Duration) (out Conn, err error) {
|
||||||
sc, r := gnet.NewSharedConnSize(c, 1)
|
sc, r := gnet.NewSharedConnSize(c, 2)
|
||||||
buf := make([]byte, 1)
|
buf := make([]byte, 1)
|
||||||
n, _ := r.Read(buf)
|
var n int
|
||||||
|
c.SetReadDeadline(time.Now().Add(timeout))
|
||||||
|
n, err = r.Read(buf)
|
||||||
|
c.SetReadDeadline(time.Time{})
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
if n == 1 && int(buf[0]) == FRP_TLS_HEAD_BYTE {
|
if n == 1 && int(buf[0]) == FRP_TLS_HEAD_BYTE {
|
||||||
out = WrapConn(tls.Server(c, tlsConfig))
|
out = WrapConn(tls.Server(c, tlsConfig))
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -19,7 +19,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
var version string = "0.27.0"
|
var version string = "0.27.1"
|
||||||
|
|
||||||
func Full() string {
|
func Full() string {
|
||||||
return version
|
return version
|
||||||
|
|
Loading…
Reference in New Issue