Commit for v3.0.0

Author: git001

CHANGELOG.md

@@ -5,13 +5,23 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unrelesed]
+## v3.0.0 - 2024-07-11
+
+### Changed
+
+* use the same version as in docker hub
 
 ### Added
 
 * Add maxclients in example
 * Document Health upstream
 * Add OpenShift deployment examples
+* remove jemalloc usage
+* Update sequenceDiagram in README.md
+* add `WouldBlock` in `proxy()`
+* increase buffer for proxy response reading to `8192`
+* Add error log output in `copy` function
+* Add docker hub link
 
 ## v1.0.1 - 2024-06-27
 

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "tls-proxy-tunnel"
-version = "1.0.1"
+version = "3.0.0"
 edition = "2021"
 authors = ["Aleksandar Lazic <[email protected]>"]
 license = "Apache-2.0"

Cargo.toml

@@ -105,6 +105,11 @@ For detailed configuration, check [this example](./config.yaml.example).
 TPT_CONFIG=container-files/etc/tpt/config.yaml cargo run
 ```
 
+## Docker
+
+There is a container Image about this tool.
+[tls-proxy-tunnel](https://hub.docker.com/r/me2digital/tls-proxy-tunnel)
+
 ## Thanks
 
 - [`fourth`](https://crates.io/crates/fourth), of which this is a heavily modified fork.

README.md

@@ -16,7 +16,7 @@ servers:
     sni:
       www.test1.com: proxy-via
     default: echo
-    maxclients: 3
+    maxclients: 10
     via:
       *viaanchor
 

container-files/etc/tpt/config.yaml

@@ -5,7 +5,10 @@ use log::{debug, error, info, warn};
 use std::error::Error;
 use std::sync::atomic::Ordering;
 use std::sync::Arc;
-use tokio::net::{TcpListener, TcpStream};
+use tokio::{
+    io::{self},
+    net::{TcpListener, TcpStream},
+};
 
 pub(crate) async fn proxy(config: Arc<Proxy>) -> Result<(), Box<dyn Error>> {
     let listener = TcpListener::bind(config.listen).await?;
@@ -24,6 +27,9 @@ pub(crate) async fn proxy(config: Arc<Proxy>) -> Result<(), Box<dyn Error>> {
         let permit = config.maxclients.clone().acquire_owned().await.unwrap();
 
         match listener.accept().await {
+            Err(e) if e.kind() == io::ErrorKind::WouldBlock => {
+                continue;
+            }
             Err(err) => {
                 error!("Failed to accept connection: {}", err);
                 return Err(Box::new(err));
@@ -51,9 +57,9 @@ async fn accept(inbound: TcpStream, proxy: Arc<Proxy>) -> Result<(), Box<dyn Err
     } else {
         let old = GLOBAL_THREAD_COUNT.fetch_add(1, Ordering::SeqCst);
         info!(
-            "New connection from {:?} , num :{:?}: Current Connections :{:?}",
+            "New connection from {:?} , old :{:?}: Current Connections :{:?}",
             inbound.peer_addr()?,
-            old + 1,
+            old,
             GLOBAL_THREAD_COUNT
         );
     }
@@ -106,20 +112,18 @@ async fn accept(inbound: TcpStream, proxy: Arc<Proxy>) -> Result<(), Box<dyn Err
             } else {
                 let old = GLOBAL_THREAD_COUNT.fetch_sub(1, Ordering::SeqCst);
                 info!(
-                    "Connection closed for {:?}, num :{:?}: Current Connections :{:?}",
+                    "OKAY: Connection closed for {:?}, old :{:?}: Current Connections :{:?}",
                     upstream_name, old, GLOBAL_THREAD_COUNT
                 );
-                //drop(permit);
                 Ok(())
             }
         }
         Err(e) => {
             let old = GLOBAL_THREAD_COUNT.fetch_sub(1, Ordering::SeqCst);
             info!(
-                "Connection closed for {:?}, num :{:?}: Current Connections :{:?}",
+                "ERROR: Connection closed for {:?}, num :{:?}: Current Connections :{:?}",
                 upstream_name, old, GLOBAL_THREAD_COUNT
             );
-            //drop(permit);
             error!("my error {:?}", e);
             Ok(())
         }

src/servers/protocol/tcp.rs

@@ -7,7 +7,7 @@ use hyper::server::conn::http1;
 use hyper::service::service_fn;
 use hyper::{Request, Response};
 use hyper_util::rt::TokioIo;
-use log::debug;
+use log::{debug, error};
 use serde::Deserialize;
 use std::convert::Infallible;
 use std::error::Error;
@@ -78,7 +78,11 @@ where
             let _ = writer.shutdown().await;
             Ok(u64)
         }
-        Err(_) => Ok(0),
+        Err(e) => {
+            let _ = writer.shutdown().await;
+            error!("Copy issue {:?}", e);
+            Ok(0)
+        }
     }
 }
 

src/upstreams/mod.rs

@@ -162,7 +162,7 @@ impl ProxyToUpstream {
 
             // Creating the buffer **after** the `await` prevents it from
             // being stored in the async task.
-            let mut inbufs = vec![0; 4096];
+            let mut inbufs = vec![0; 8192];
             //let decoder = LinesCodec::new();
             //let proxy_response = String::new();
 

src/upstreams/proxy_to_upstream.rs

@@ -1,7 +1,18 @@
 import http from 'k6/http';
-import { check } from 'k6';
+import { check, sleep} from 'k6';
+import instance from 'k6/execution';
+
 
 export const options = {
+  discardResponseBodies: true,
+  batchPerHost: 10,
+  scenarios: {
+    default: {
+      executor: 'constant-vus',
+      vus: 16,
+      duration: '10s',
+    },
+  },
   tlsCipherSuites: ['TLS_RSA_WITH_RC4_128_SHA', 'TLS_RSA_WITH_AES_128_GCM_SHA256'],
   tlsVersion: {
     min: 'tls1.1',
@@ -13,8 +24,14 @@ export const options = {
 
 export default function () {
   const res = http.get('https://www.test1.com:8080');
-  check(res, {
-    'is TLSv1.2': (r) => r.tls_version === http.TLS_1_2,
-    'is sha256 cipher suite': (r) => r.tls_cipher_suite === 'TLS_RSA_WITH_AES_128_GCM_SHA256',
-  });
+//  check(res, {
+//    'is TLSv1.2': (r) => r.tls_version === http.TLS_1_2,
+//    'is sha256 cipher suite': (r) => r.tls_cipher_suite === 'TLS_RSA_WITH_AES_128_GCM_SHA256',
+//  });
+
+  //console.log(`step1: scenario ran for ${instance.vusActive}`);
+
+  // Injecting sleep
+  // Total iteration time is sleep + time to finish request.
+  sleep(0.5);
 }