Improve TLS connection tracking to avoid memory or connection leaks
This commit is contained in:
parent
7c2a41ad25
commit
a67b8ed36d
4 changed files with 13 additions and 4 deletions
|
@ -4,6 +4,7 @@ go 1.14
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/baez90/inetmock v0.0.1
|
github.com/baez90/inetmock v0.0.1
|
||||||
|
github.com/google/uuid v1.1.1
|
||||||
github.com/spf13/viper v1.6.3
|
github.com/spf13/viper v1.6.3
|
||||||
go.uber.org/zap v1.15.0
|
go.uber.org/zap v1.15.0
|
||||||
)
|
)
|
||||||
|
|
|
@ -41,6 +41,8 @@ github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ
|
||||||
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
||||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
||||||
|
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
|
||||||
|
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
|
||||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||||
github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
|
github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
|
||||||
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"github.com/baez90/inetmock/internal/plugins"
|
"github.com/baez90/inetmock/internal/plugins"
|
||||||
"github.com/baez90/inetmock/pkg/api"
|
"github.com/baez90/inetmock/pkg/api"
|
||||||
"github.com/baez90/inetmock/pkg/logging"
|
"github.com/baez90/inetmock/pkg/logging"
|
||||||
|
"github.com/google/uuid"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
"sync"
|
"sync"
|
||||||
)
|
)
|
||||||
|
@ -18,6 +19,7 @@ func init() {
|
||||||
return &tlsInterceptor{
|
return &tlsInterceptor{
|
||||||
logger: logger,
|
logger: logger,
|
||||||
currentConnectionsCount: &sync.WaitGroup{},
|
currentConnectionsCount: &sync.WaitGroup{},
|
||||||
|
currentConnections: make(map[uuid.UUID]*proxyConn),
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"github.com/baez90/inetmock/pkg/api"
|
"github.com/baez90/inetmock/pkg/api"
|
||||||
"github.com/baez90/inetmock/pkg/cert"
|
"github.com/baez90/inetmock/pkg/cert"
|
||||||
"github.com/baez90/inetmock/pkg/logging"
|
"github.com/baez90/inetmock/pkg/logging"
|
||||||
|
"github.com/google/uuid"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
"net"
|
"net"
|
||||||
"sync"
|
"sync"
|
||||||
|
@ -23,7 +24,7 @@ type tlsInterceptor struct {
|
||||||
certStore cert.Store
|
certStore cert.Store
|
||||||
shutdownRequested bool
|
shutdownRequested bool
|
||||||
currentConnectionsCount *sync.WaitGroup
|
currentConnectionsCount *sync.WaitGroup
|
||||||
currentConnections []*proxyConn
|
currentConnections map[uuid.UUID]*proxyConn
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *tlsInterceptor) Start(config api.HandlerConfig) (err error) {
|
func (t *tlsInterceptor) Start(config api.HandlerConfig) (err error) {
|
||||||
|
@ -98,6 +99,7 @@ func (t *tlsInterceptor) startListener() {
|
||||||
|
|
||||||
func (t *tlsInterceptor) proxyConn(conn net.Conn) {
|
func (t *tlsInterceptor) proxyConn(conn net.Conn) {
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
defer t.currentConnectionsCount.Done()
|
||||||
|
|
||||||
rAddr, err := net.ResolveTCPAddr("tcp", t.options.redirectionTarget.address())
|
rAddr, err := net.ResolveTCPAddr("tcp", t.options.redirectionTarget.address())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -117,14 +119,16 @@ func (t *tlsInterceptor) proxyConn(conn net.Conn) {
|
||||||
}
|
}
|
||||||
defer targetConn.Close()
|
defer targetConn.Close()
|
||||||
|
|
||||||
t.currentConnections = append(t.currentConnections, &proxyConn{
|
proxyCon := &proxyConn{
|
||||||
source: conn,
|
source: conn,
|
||||||
target: targetConn,
|
target: targetConn,
|
||||||
})
|
}
|
||||||
|
|
||||||
|
conUID := uuid.New()
|
||||||
|
t.currentConnections[conUID] = proxyCon
|
||||||
Pipe(conn, targetConn)
|
Pipe(conn, targetConn)
|
||||||
|
delete(t.currentConnections, conUID)
|
||||||
|
|
||||||
t.currentConnectionsCount.Done()
|
|
||||||
t.logger.Info(
|
t.logger.Info(
|
||||||
"connection closed",
|
"connection closed",
|
||||||
zap.String("remoteAddr", conn.RemoteAddr().String()),
|
zap.String("remoteAddr", conn.RemoteAddr().String()),
|
||||||
|
|
Loading…
Reference in a new issue