From 08a9755a067cf6b48dd302e39a59f85b8d2c92c7 Mon Sep 17 00:00:00 2001 From: ACHINTYA KULSHRESTHA Date: Wed, 31 Jul 2024 09:15:23 +0000 Subject: [PATCH 1/2] Upgrading go version mainly for security fixes --- agent/Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/agent/Dockerfile b/agent/Dockerfile index 0080a64..2f2c7a5 100644 --- a/agent/Dockerfile +++ b/agent/Dockerfile @@ -26,15 +26,15 @@ ADD ./ /opt/src/github.com/google/inverting-proxy WORKDIR /opt/src/github.com/google/inverting-proxy -RUN curl -o /opt/go1.21.7.linux-amd64.tar.gz \ - https://storage.googleapis.com/golang/go1.21.7.linux-amd64.tar.gz && \ - tar -C /usr/local -xzf /opt/go1.21.7.linux-amd64.tar.gz && \ +RUN curl -o /opt/go1.21.11.linux-amd64.tar.gz \ + https://storage.googleapis.com/golang/go1.21.11.linux-amd64.tar.gz && \ + tar -C /usr/local -xzf /opt/go1.21.11.linux-amd64.tar.gz && \ export PATH=${PATH}:/usr/local/go/bin/:/opt/bin/ && \ export GOPATH=/opt/ && \ echo "Building Proxy Agent" && \ go build -o ${GOPATH}/bin/proxy-forwarding-agent /opt/src/github.com/google/inverting-proxy/agent/agent.go && \ echo "Clean up go files and preserve License" && \ - rm -rf /opt/go1.21.7.linux-amd64.tar.gz && \ + rm -rf /opt/go1.21.11.linux-amd64.tar.gz && \ find /usr/local/go/ -mindepth 1 ! -name 'LICENSE' -exec rm -rf {} + || true ENV DEBUG "false" From 085f4161439231bb2f414c59381d6beb2898ff2e Mon Sep 17 00:00:00 2001 From: "Hareesh.Veligeti" Date: Wed, 2 Oct 2024 11:30:43 +0530 Subject: [PATCH 2/2] Deleting closed connections from the connections map After extensive testing we found that the connections map hosting correct setup of connections: $ docker logs ba-proxy-agent 2>&1 | grep "attempt to read data from a closed session" | wc 2479 27269 174902 $ docker logs -f ba-proxy-agent --tail 10 2024/09/26 10:57:28 Websocket connection to the server "ws://localhost:8094/websocket-shim/" established for session: 3141 , total sessions: 662 2024/09/26 10:57:28 Websocket connection to the server "ws://localhost:8094/websocket-shim/" established for session: 3143 , total sessions: 663 2024/09/26 10:57:28 Websocket connection to the server "ws://localhost:8094/websocket-shim/" established for session: 3142 , total sessions: 664 2024/09/26 10:57:28 Websocket connection to the server "ws://localhost:8094/websocket-shim/" established for session: 3144 , total sessions: 665 2024/09/26 10:57:28 Websocket connection to the server "ws://localhost:8094/websocket-shim/" established for session: 3145 , total sessions: 666 --- agent/websockets/shim.go | 1 + 1 file changed, 1 insertion(+) diff --git a/agent/websockets/shim.go b/agent/websockets/shim.go index 3f78814..d4542e1 100644 --- a/agent/websockets/shim.go +++ b/agent/websockets/shim.go @@ -488,6 +488,7 @@ func createShimChannel(ctx context.Context, host, shimPath string, rewriteHost b statusCode := http.StatusBadRequest http.Error(w, fmt.Sprintf("attempt to read data from a closed session: %q", msg.ID), statusCode) metricHandler.WriteResponseCodeMetric(statusCode) + connections.Delete(msg.ID) return } else if serverMsgs == nil { statusCode := http.StatusRequestTimeout