From fed50be57589b785533e22cd5d4d607e2d3e60fd Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Wed, 4 Jan 2023 20:43:10 +0800 Subject: [PATCH] =?UTF-8?q?=E8=BE=B9=E7=BC=98=E8=8A=82=E7=82=B9=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E6=95=B0=E6=8D=AE=E8=AF=BB=E8=B6=85=E6=97=B6=EF=BC=8C?= =?UTF-8?q?=E4=BB=A5=E6=94=B9=E8=BF=9B=E5=AE=A2=E6=88=B7=E7=AB=AF=E4=B8=8A?= =?UTF-8?q?=E4=BC=A0=E6=95=B0=E6=8D=AE=E8=BF=87=E6=85=A2=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/nodes/client_conn.go | 46 +++++++++++++++++++++------- internal/nodes/client_listener.go | 8 ++--- internal/nodes/listener_base_test.go | 2 +- internal/nodes/listener_http.go | 8 ++--- 4 files changed, 44 insertions(+), 20 deletions(-) diff --git a/internal/nodes/client_conn.go b/internal/nodes/client_conn.go index 7fe09cf..6afede6 100644 --- a/internal/nodes/client_conn.go +++ b/internal/nodes/client_conn.go @@ -15,7 +15,6 @@ import ( "github.com/TeaOSLab/EdgeNode/internal/waf" "github.com/iwind/TeaGo/Tea" "github.com/iwind/TeaGo/types" - "io" "net" "os" "strings" @@ -30,6 +29,7 @@ type ClientConn struct { createdAt int64 isTLS bool + isHTTP bool hasRead bool isLO bool // 是否为环路 @@ -40,9 +40,11 @@ type ClientConn struct { lastReadAt int64 lastWriteAt int64 lastErr error + + readDeadlineTime int64 } -func NewClientConn(rawConn net.Conn, isTLS bool, quickClose bool, isInAllowList bool) net.Conn { +func NewClientConn(rawConn net.Conn, isHTTP bool, isTLS bool, isInAllowList bool) net.Conn { // 是否为环路 var remoteAddr = rawConn.RemoteAddr().String() var isLO = strings.HasPrefix(remoteAddr, "127.0.0.1:") || strings.HasPrefix(remoteAddr, "[::1]:") @@ -50,12 +52,13 @@ func NewClientConn(rawConn net.Conn, isTLS bool, quickClose bool, isInAllowList var conn = &ClientConn{ BaseClientConn: BaseClientConn{rawConn: rawConn}, isTLS: isTLS, + isHTTP: isHTTP, isLO: isLO, isInAllowList: isInAllowList, createdAt: time.Now().Unix(), } - if quickClose { + if isHTTP { // TODO 可以在配置中设置此值 _ = conn.SetLinger(nodeconfigs.DefaultTCPLinger) } @@ -88,6 +91,11 @@ func (this *ClientConn) Read(b []byte) (n int, err error) { return } + // 设置读超时时间 + if this.isHTTP { + this.setHTTPReadTimeout() + } + // 开始读取 n, err = this.rawConn.Read(b) if n > 0 { @@ -102,7 +110,7 @@ func (this *ClientConn) Read(b []byte) (n int, err error) { } // 忽略白名单和局域网 - if !this.isInAllowList && !utils.IsLocalIP(this.RawIP()) { + if this.isHTTP && !this.isInAllowList && !utils.IsLocalIP(this.RawIP()) { // SYN Flood检测 if this.serverId == 0 || !this.hasResetSYNFlood { var synFloodConfig = sharedNodeConfig.SYNFloodConfig() @@ -117,11 +125,6 @@ func (this *ClientConn) Read(b []byte) (n int, err error) { } } - // 关闭连接 - if err == io.EOF { - _ = this.Close() - } - return } @@ -138,16 +141,22 @@ func (this *ClientConn) Write(b []byte) (n int, err error) { }() } - // 设置超时时间 + // 设置写超时时间 if globalServerConfig != nil && globalServerConfig.Performance.AutoWriteTimeout { // TODO L2 -> L1 写入时不限制时间 - var timeoutSeconds = len(b) / 4096 + var timeoutSeconds = len(b) / 1024 if timeoutSeconds < 3 { timeoutSeconds = 3 } _ = this.rawConn.SetWriteDeadline(time.Now().Add(time.Duration(timeoutSeconds) * time.Second)) // TODO 时间可以设置 } + // 延长读超时时间 + if this.isHTTP { + this.setHTTPReadTimeout() + } + + // 开始写入 n, err = this.rawConn.Write(b) if n > 0 { // 统计当前服务带宽 @@ -201,6 +210,16 @@ func (this *ClientConn) SetDeadline(t time.Time) error { } func (this *ClientConn) SetReadDeadline(t time.Time) error { + if this.isHTTP { + var unixTime = t.Unix() + if unixTime < 10 { + return nil + } + if unixTime == this.readDeadlineTime { + return nil + } + this.readDeadlineTime = unixTime + } return this.rawConn.SetReadDeadline(t) } @@ -255,3 +274,8 @@ func (this *ClientConn) increaseSYNFlood(synFloodConfig *firewallconfigs.SYNFloo } } } + +// 设置读超时时间 +func (this *ClientConn) setHTTPReadTimeout() { + _ = this.SetReadDeadline(time.Now().Add(HTTPIdleTimeout)) +} diff --git a/internal/nodes/client_listener.go b/internal/nodes/client_listener.go index b4b93a0..de3c4e5 100644 --- a/internal/nodes/client_listener.go +++ b/internal/nodes/client_listener.go @@ -14,14 +14,14 @@ import ( // ClientListener 客户端网络监听 type ClientListener struct { rawListener net.Listener + isHTTP bool isTLS bool - quickClose bool } -func NewClientListener(listener net.Listener, quickClose bool) *ClientListener { +func NewClientListener(listener net.Listener, isHTTP bool) *ClientListener { return &ClientListener{ rawListener: listener, - quickClose: quickClose, + isHTTP: isHTTP, } } @@ -78,7 +78,7 @@ func (this *ClientListener) Accept() (net.Conn, error) { } } - return NewClientConn(conn, this.isTLS, this.quickClose, isInAllowList), nil + return NewClientConn(conn, this.isHTTP, this.isTLS, isInAllowList), nil } func (this *ClientListener) Close() error { diff --git a/internal/nodes/listener_base_test.go b/internal/nodes/listener_base_test.go index d34a9df..4047915 100644 --- a/internal/nodes/listener_base_test.go +++ b/internal/nodes/listener_base_test.go @@ -14,7 +14,7 @@ func TestBaseListener_FindServer(t *testing.T) { sharedNodeConfig = &nodeconfigs.NodeConfig{} var listener = &BaseListener{} - listener.Group = &serverconfigs.ServerAddressGroup{} + listener.Group = serverconfigs.NewServerAddressGroup("https://*:443") for i := 0; i < 1_000_000; i++ { var server = &serverconfigs.ServerConfig{ IsOn: true, diff --git a/internal/nodes/listener_http.go b/internal/nodes/listener_http.go index 93017af..bfa32b2 100644 --- a/internal/nodes/listener_http.go +++ b/internal/nodes/listener_http.go @@ -18,6 +18,8 @@ import ( var httpErrorLogger = log.New(io.Discard, "", 0) +const HTTPIdleTimeout = 75 * time.Second + type contextKey struct { key string } @@ -43,10 +45,8 @@ func (this *HTTPListener) Serve() error { this.httpServer = &http.Server{ Addr: this.addr, Handler: this, - ReadTimeout: 1 * time.Hour, // TODO 改成可以配置 - ReadHeaderTimeout: 3 * time.Second, // TODO 改成可以配置 - WriteTimeout: 2 * time.Hour, // TODO 改成可以配置 - IdleTimeout: 75 * time.Second, // TODO 改成可以配置 + ReadHeaderTimeout: 3 * time.Second, // TODO 改成可以配置 + IdleTimeout: HTTPIdleTimeout, // TODO 改成可以配置 ConnState: func(conn net.Conn, state http.ConnState) { switch state { case http.StateNew: