fix: replace copy_bidirectional with select!+copy to prevent TCP conn…#460
Open
cuber wants to merge 1 commit intorathole-org:mainfrom
Open
fix: replace copy_bidirectional with select!+copy to prevent TCP conn…#460cuber wants to merge 1 commit intorathole-org:mainfrom
cuber wants to merge 1 commit intorathole-org:mainfrom
Conversation
cuber
force-pushed
the
fix/tcp-connection-leak
branch
8 times, most recently
from
8edc3fa to
e3bf43e
Compare
…ection leak When using copy_bidirectional, if one side sends FIN, it shuts down the write side of the other stream but waits indefinitely for the reverse direction to finish. If the remote endpoint doesn't close after receiving a half-close, connections remain permanently in CLOSE-WAIT/FIN-WAIT-2. Replace with tokio::select! over two io::copy tasks so both directions are terminated immediately when either side finishes, ensuring full connection cleanup regardless of peer behavior. Also explicitly shutdown unforwarded visitors in the server connection pool. Also bump rust-toolchain to 1.82 and fix clippy lints. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
cuber
force-pushed
the
fix/tcp-connection-leak
branch
from
e3bf43e to
8feb26b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Connection leak
copy_bidirectional uses TCP half-close: when one side sends FIN, it shuts down the write side of the other stream but waits indefinitely for the reverse direction to also finish. If the remote end (e.g. xray SS-2022) never closes its side after receiving a half-close, both the visitor (CLOSE-WAIT) and data channel (FIN-WAIT-2) connections leak permanently.
Replace with tokio::select! over two io::copy tasks. When either direction finishes (EOF or error), both write sides are immediately shut down and the cancelled copy task is dropped, ensuring full connection cleanup regardless of peer behavior.
Also explicitly shutdown unforwarded visitors in the server connection pool when data channels are unavailable.