修复根据fd创建stream addr时源目的地址颠倒的问题。修复HTTP业务层IP扫描不命中问题。

common/include/tfe_stream.h

@@ -21,11 +21,6 @@ enum tfe_app_proto
 	APP_PROTO_QUIC       //QUIC is a protocol that cross session layer and application layer.
 };
 
-enum tfe_conn_dir
-{
-	CONN_DIR_DOWNSTREAM = 0,    //From client to proxy, aka client-side.
-	CONN_DIR_UPSTREAM        //From proxy to server, aka server-side.
-};
 
 enum tfe_conn_status
 {

common/include/tfe_types.h

@@ -8,6 +8,11 @@
 #include <netinet/in.h>    //defines struct in_addr
 #include <arpa/inet.h>
 
+enum tfe_conn_dir
+{
+	CONN_DIR_DOWNSTREAM = 0,    //From client to proxy, aka client-side.
+	CONN_DIR_UPSTREAM        //From proxy to server, aka server-side.
+};
 
 /* network-order */
 struct tfe_stream_addr_tuple4_v4
@@ -181,7 +186,7 @@ static inline void tfe_stream_addr_free(struct tfe_stream_addr *addr)
 	free(addr);
 	return;
 }
-static inline struct tfe_stream_addr * tfe_stream_addr_create_by_fd(int fd)
+static inline struct tfe_stream_addr * tfe_stream_addr_create_by_fd(int fd, enum tfe_conn_dir dir)
 {
 	struct tfe_stream_addr * __stream_addr = NULL;
 
@@ -192,17 +197,33 @@ static inline struct tfe_stream_addr * tfe_stream_addr_create_by_fd(int fd)
 	struct sockaddr_storage sk_dst_storage{};
 	struct sockaddr * sk_dst_ptr = (struct sockaddr *) &sk_dst_storage;
 	socklen_t sk_dst_len = sizeof(sk_dst_storage);
-
+	if(dir==CONN_DIR_UPSTREAM)
-	int ret = getsockname(fd, sk_src_ptr, &sk_src_len);
-	if (ret < 0)
 	{
-		goto __errout;
+		int ret = getsockname(fd, sk_src_ptr, &sk_src_len);
+		if (ret < 0)
+		{
+			goto __errout;
+		}
+
+		ret = getpeername(fd, sk_dst_ptr, &sk_dst_len);
+		if (ret < 0)
+		{
+			goto __errout;
+		}
 	}
-
+	else
-	ret = getpeername(fd, sk_dst_ptr, &sk_dst_len);
-	if (ret < 0)
 	{
-		goto __errout;
+		int ret = getsockname(fd, sk_dst_ptr, &sk_dst_len);
+		if (ret < 0)
+		{
+			goto __errout;
+		}
+		
+		ret = getpeername(fd, sk_src_ptr, &sk_src_len);
+		if (ret < 0)
+		{
+			goto __errout;
+		}
 	}
 
 	assert(sk_src_ptr->sa_family == sk_dst_ptr->sa_family);

platform/src/ssl_stream.cpp

@@ -218,7 +218,8 @@ struct ssl_stream * ssl_stream_new(struct ssl_mgr * mgr, evutil_socket_t fd, enu
 			s_stream->ssl = downstream_ssl_create(mgr, kyr);
 			s_stream->keyring = kyr;
 			break;
-		case CONN_DIR_UPSTREAM: s_stream->ssl = upstream_ssl_create(mgr, client_hello, fd);
+		case CONN_DIR_UPSTREAM: 
+			s_stream->ssl = upstream_ssl_create(mgr, client_hello, fd);
 			s_stream->client_hello = client_hello;
 			break;
 		default: assert(0);
@@ -618,16 +619,19 @@ static SSL * upstream_ssl_create(struct ssl_mgr * mgr, const struct ssl_chello *
 	socklen_t addrlen = sizeof(struct sockaddr_storage);
 
 	ret = getpeername(fd, (struct sockaddr *) (&addr), &addrlen);
-	assert(ret == 0);
+	if(ret == 0)
-
-	/* session resuming based on remote endpoint address and port */
-	sess = up_session_get(mgr->up_sess_cache, (struct sockaddr *) &addr, addrlen, chello->sni);    /* new sess insert */
-	if (sess)
 	{
-		SSL_set_session(ssl, sess);                /* increments sess refcount */
+		/* session resuming based on remote endpoint address and port */
-		SSL_SESSION_free(sess);
+		sess = up_session_get(mgr->up_sess_cache, (struct sockaddr *) &addr, addrlen, chello->sni);
+		if (sess)
+		{
+			SSL_set_session(ssl, sess);    /* increments sess refcount */
+			SSL_SESSION_free(sess);
+		}
 	}
 
+
+
 	return ssl;
 }
 
@@ -1275,9 +1279,9 @@ retry:
 
 	if (ctx->retries++ >= MAX_NET_RETRIES)
 	{
-		struct tfe_stream_addr* addr=tfe_stream_addr_create_by_fd(fd);
+		struct tfe_stream_addr* addr=tfe_stream_addr_create_by_fd(fd, ctx->s_stream->dir);
 		char* addr_string=tfe_stream_addr_to_str(addr);
-		TFE_LOG_ERROR(logger, "Failed to shutdown SSL connection cleanly: %s"
+		TFE_LOG_ERROR(logger, "Failed to shutdown SSL connection cleanly: %s "
 							  "Max retries reached. Closing fd %d.", addr_string, fd);
 		tfe_stream_addr_free(addr);
 		free(addr_string);

platform/src/tcp_stream.cpp

@@ -890,7 +890,7 @@ int tfe_stream_init_by_fds(struct tfe_stream * stream, evutil_socket_t fd_downst
 	__stream_fd_option_setup(_stream, fd_downstream);
 	__stream_fd_option_setup(_stream, fd_upstream);
 
-	_stream->head.addr = tfe_stream_addr_create_by_fd(fd_downstream);
+	_stream->head.addr = tfe_stream_addr_create_by_fd(fd_downstream, CONN_DIR_DOWNSTREAM);
 	if (unlikely(_stream->head.addr == NULL))
 	{
 		TFE_LOG_ERROR(_stream->stream_logger, "Failed to create address from fd %d, %d, terminate fds.",

plugin/business/pangu-http/pangu_http.cpp

@@ -285,7 +285,14 @@ static void pangu_http_ctx_free(struct pangu_http_ctx * ctx)
 
 inline void addr_tfe2sapp(const struct tfe_stream_addr * tfe_addr, struct ipaddr * sapp_addr)
 {
-	sapp_addr->addrtype = tfe_addr->addrtype;
+	if(tfe_addr->addrtype==TFE_ADDR_STREAM_TUPLE4_V4||tfe_addr->addrtype==TFE_ADDR_IPV4)
+	{
+		sapp_addr->addrtype = ADDR_TYPE_IPV4;
+	}
+	else
+	{
+		sapp_addr->addrtype=ADDR_TYPE_IPV6;
+	}
 	sapp_addr->paddr = (char *) tfe_addr->paddr;
 	return;
 }