Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proxy: fix TLS buffering #19

Merged
merged 11 commits into from
Jul 28, 2022
Merged

proxy: fix TLS buffering #19

merged 11 commits into from
Jul 28, 2022

Conversation

xhebox
Copy link
Collaborator

@xhebox xhebox commented Jul 28, 2022
edited by djshow832
Loading

What problem does this PR solve?

Issue Number: ref #14

Problem Summary: Summarized in commit message.

What is changed and how it works: For reader, it is net.Conn -> bufio -> tls.Conn. For writer, it is net.Conn -> tls.Conn -> bufio. Test included.

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
  • No code

Notable changes

  • Has configuration change
  • Has HTTP API interfaces change (Don't forget to add the declarative for API)
  • Has weirctl change
  • Other user behavior changes

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

None

@xhebox
proxy: manual buffer enable
d01323b 
If we enable buffering before TLS handshake, there is a chance that
handshake messages will be buffered, such that `tls.Handshake()` can not
read correct payloads from connection.

We add a manual API to control when we will enable buffering. Now
buffering is enabled after the completion of TLS handshake.

Signed-off-by: xhe <xw897002528@gmail.com>
@xhebox xhebox requested a review from djshow832 July 28, 2022 05:30
@xhebox
proxy: clone tlsconfig for now
71bbe34 
Signed-off-by: xhe <xw897002528@gmail.com>
@xhebox
proxy: automatic buffering for TLS
d06b582 
Signed-off-by: xhe <xw897002528@gmail.com>
@xhebox xhebox changed the title proxy: manual buffer enable proxy: fix TLS buffering Jul 28, 2022
@xhebox
proxy: remove buffering API
c785858 
Signed-off-by: xhe <xw897002528@gmail.com>
djshow832
djshow832 reviewed Jul 28, 2022
View reviewed changes
pkg/proxy/net/packetio_test.go Outdated Show resolved Hide resolved
pkg/proxy/net/packetio_test.go Outdated Show resolved Hide resolved
@xhebox
proxy: format
ff2646e 
Signed-off-by: xhe <xw897002528@gmail.com>
@xhebox
proxy: add CreateTLSConfigForTest
e7f7a4d 
Signed-off-by: xhe <xw897002528@gmail.com>
@xhebox
proxy: refine TLS tests
20657ca 
Signed-off-by: xhe <xw897002528@gmail.com>
djshow832
djshow832 reviewed Jul 28, 2022
View reviewed changes
pkg/proxy/net/tls.go Show resolved Hide resolved
pkg/util/security/tls.go Show resolved Hide resolved
pkg/proxy/net/packetio.go Outdated Show resolved Hide resolved
djshow832
djshow832 reviewed Jul 28, 2022
View reviewed changes
pkg/proxy/net/tls.go Show resolved Hide resolved
pkg/proxy/net/packetio_test.go Outdated Show resolved Hide resolved
pkg/proxy/net/packetio.go Show resolved Hide resolved
@xhebox
proxy: address comments
61ed3bb 
Signed-off-by: xhe <xw897002528@gmail.com>
@xhebox
proxy: reword
3f11b71 
Signed-off-by: xhe <xw897002528@gmail.com>
djshow832
djshow832 reviewed Jul 28, 2022
View reviewed changes
pkg/proxy/net/packetio.go Outdated Show resolved Hide resolved
pkg/util/security/tls.go Outdated Show resolved Hide resolved
xhebox and others added 2 commits July 28, 2022 17:36
@xhebox @djshow832
proxy: reword pkg/proxy/net/packetio.go
226ae62 
Co-authored-by: djshow832 <zhangming@pingcap.com>
@xhebox
util: remove empty line
f45187e 
Signed-off-by: xhe <xw897002528@gmail.com>
@djshow832 djshow832 merged commit 2270308 into pingcap:main Jul 28, 2022
@xhebox xhebox deleted the proxy_5 branch July 29, 2022 02:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@djshow832 djshow832 djshow832 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xhebox @djshow832