Improve TLS connection tracking to avoid memory or connection leaks

This commit is contained in:
Peter 2020-04-26 01:18:35 +02:00
parent 7c2a41ad25
commit a67b8ed36d
4 changed files with 13 additions and 4 deletions

View file

@ -4,6 +4,7 @@ go 1.14
require (
github.com/baez90/inetmock v0.0.1
github.com/google/uuid v1.1.1
github.com/spf13/viper v1.6.3
go.uber.org/zap v1.15.0
)

View file

@ -41,6 +41,8 @@ github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=

View file

@ -4,6 +4,7 @@ import (
"github.com/baez90/inetmock/internal/plugins"
"github.com/baez90/inetmock/pkg/api"
"github.com/baez90/inetmock/pkg/logging"
"github.com/google/uuid"
"go.uber.org/zap"
"sync"
)
@ -18,6 +19,7 @@ func init() {
return &tlsInterceptor{
logger: logger,
currentConnectionsCount: &sync.WaitGroup{},
currentConnections: make(map[uuid.UUID]*proxyConn),
}
})
}

View file

@ -6,6 +6,7 @@ import (
"github.com/baez90/inetmock/pkg/api"
"github.com/baez90/inetmock/pkg/cert"
"github.com/baez90/inetmock/pkg/logging"
"github.com/google/uuid"
"go.uber.org/zap"
"net"
"sync"
@ -23,7 +24,7 @@ type tlsInterceptor struct {
certStore cert.Store
shutdownRequested bool
currentConnectionsCount *sync.WaitGroup
currentConnections []*proxyConn
currentConnections map[uuid.UUID]*proxyConn
}
func (t *tlsInterceptor) Start(config api.HandlerConfig) (err error) {
@ -98,6 +99,7 @@ func (t *tlsInterceptor) startListener() {
func (t *tlsInterceptor) proxyConn(conn net.Conn) {
defer conn.Close()
defer t.currentConnectionsCount.Done()
rAddr, err := net.ResolveTCPAddr("tcp", t.options.redirectionTarget.address())
if err != nil {
@ -117,14 +119,16 @@ func (t *tlsInterceptor) proxyConn(conn net.Conn) {
}
defer targetConn.Close()
t.currentConnections = append(t.currentConnections, &proxyConn{
proxyCon := &proxyConn{
source: conn,
target: targetConn,
})
}
conUID := uuid.New()
t.currentConnections[conUID] = proxyCon
Pipe(conn, targetConn)
delete(t.currentConnections, conUID)
t.currentConnectionsCount.Done()
t.logger.Info(
"connection closed",
zap.String("remoteAddr", conn.RemoteAddr().String()),