Merge branch 'master' into feat/tlcp-tongsuo

bytedance · Aug 11, 2023 · fe42ae2 · fe42ae2
2 parents 0ed15a8 + 9d05417
commit fe42ae2
Show file tree

Hide file tree

Showing 24 changed files with 79 additions and 156 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/README.md b/README.md
@@ -48,7 +48,7 @@ A simple implementation of Cloudflare keyless server.
 
 ## Target Platform
 
-Only Linux is fully supported yet. The code will compile on FreeBSD / NetBSD / MacOS, but we haven't tested it there.
+Only Linux is fully supported yet. The code will compile on FreeBSD / NetBSD / macOS, but we haven't tested it there.
 
 Feel free to open PRs to add support to other platforms.
 

diff --git a/README.zh_CN.md b/README.zh_CN.md
@@ -46,7 +46,7 @@ Cloudflare Keyless Server的简单实现。
 
 ## 支持平台
 
-目前仅提供对Linux系统的完整支持，其他系统如FreeBSD、NetBSd、MacOS可以编译，但是未测试过功能。
+目前仅提供对Linux系统的完整支持，其他系统如FreeBSD、NetBSD、macOS可以编译，但是未测试过功能。
 
 如果需要支持其他系统，欢迎提交PR。
 

diff --git a/g3bench/src/target/keyless/mod.rs b/g3bench/src/target/keyless/mod.rs
@@ -14,9 +14,9 @@
  * limitations under the License.
  */
 
-use anyhow::anyhow;
 use std::sync::Arc;
 
+use anyhow::anyhow;
 use clap::{ArgMatches, Command};
 
 use super::{BenchTarget, BenchTaskContext, ProcArgs};

diff --git a/g3keymess/CHANGELOG b/g3keymess/CHANGELOG
@@ -1,3 +1,10 @@
 
+v0.3.0:
+ - Feature: allow to register service before running
+ - Feature: always restart after service success quit
+ - Feature: add the following global rpc methods:
+     - add_metrics_tag to add metrics tag to all metrics
+     - list_keys to list SKI of all stored keys
+
 v0.2.0:
  - Initial release
diff --git a/g3keymess/Cargo.toml b/g3keymess/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "g3keymess"
-version = "0.2.0"
+version = "0.3.0"
 license.workspace = true
 edition.workspace = true
 description = "G3 Keyless Server"

diff --git a/g3keymess/debian/changelog b/g3keymess/debian/changelog
@@ -1,5 +1,5 @@
-g3keymess (0.2.0-1) UNRELEASED; urgency=medium
+g3keymess (0.3.0-1) UNRELEASED; urgency=medium
 
   * New upstream release.
 
- -- G3keymess Maintainers <[email protected]>  Fri, 21 Jul 2023 17:30:02 +0800
+ -- G3keymess Maintainers <[email protected]>  Thu, 10 Aug 2023 15:44:13 +0800
diff --git a/g3keymess/g3keymess.spec b/g3keymess/g3keymess.spec
@@ -11,7 +11,7 @@
 %define build_profile release-lto
 
 Name:           g3keymess
-Version:        0.2.0
+Version:        0.3.0
 Release:        1%{?dist}
 Summary:        Keyless server for G3 Project
 
@@ -56,5 +56,5 @@ install -m 644 -D %{name}/service/[email protected] %{buildroot}/lib/systemd/sy
 
 
 %changelog
-* Fri Jul 21 2023 G3keymess Maintainers <[email protected]> - 0.2.0-1
+* Thu Aug 10 2023 G3keymess Maintainers <[email protected]> - 0.3.0-1
 - New upstream release
diff --git a/g3keymess/service/[email protected] b/g3keymess/service/[email protected]
@@ -13,9 +13,8 @@ ExecStart=/usr/bin/g3keymess -c /etc/g3keymess/%i/main.yml --control-dir $RUNTIM
 ExecReload=/bin/kill -HUP $MAINPID
 ExecStop=/usr/bin/g3keymess-ctl --control-dir $RUNTIME_DIRECTORY -G %i -p $MAINPID offline
 KillMode=none
-Restart=on-failure
+Restart=on-success
 SuccessExitStatus=SIGQUIT
-RestartPreventExitStatus=255
 TimeoutStartSec=10
 LimitNOFILE=10485760
 

diff --git a/g3keymess/service/[email protected] b/g3keymess/service/[email protected]
@@ -13,9 +13,8 @@ ExecStart=/usr/bin/g3keymess -c /etc/g3keymess/%i/main.yml --control-dir $RUNTIM
 ExecReload=/bin/kill -HUP $MAINPID
 ExecStop=/usr/bin/g3keymess-ctl --control-dir $RUNTIME_DIRECTORY -G %i -p $MAINPID offline
 KillMode=none
-Restart=on-failure
+Restart=on-success
 SuccessExitStatus=SIGQUIT
-RestartPreventExitStatus=255
 TimeoutStartSec=10
 LimitNOFILE=10485760
 

diff --git a/g3mkcert/src/main.rs b/g3mkcert/src/main.rs
@@ -14,10 +14,10 @@
  * limitations under the License.
  */
 
-use anyhow::{anyhow, Context};
 use std::io::Write;
 use std::path::{Path, PathBuf};
 
+use anyhow::{anyhow, Context};
 use clap::builder::ArgPredicate;
 use clap::{value_parser, Arg, ArgAction, ArgGroup, ArgMatches, Command, ValueHint};
 use clap_complete::Shell;

diff --git a/g3proxy/src/auth/user.rs b/g3proxy/src/auth/user.rs
@@ -640,6 +640,16 @@ impl UserContext {
         &self.forbid_stats
     }
 
+    pub(crate) fn foreach_req_stats<F>(&self, update: F)
+    where
+        F: Fn(&Arc<UserRequestStats>),
+    {
+        update(&self.req_stats);
+        if let Some(s) = &self.site_req_stats {
+            update(s);
+        }
+    }
+
     #[inline]
     pub(crate) fn req_stats(&self) -> &Arc<UserRequestStats> {
         &self.req_stats

diff --git a/g3proxy/src/serve/http_proxy/task/connect/task.rs b/g3proxy/src/serve/http_proxy/task/connect/task.rs
@@ -358,25 +358,20 @@ impl HttpProxyConnectTask {
         self.ctx.server_stats.task_http_connect.inc_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx.req_stats().req_total.add_http_connect();
-            user_ctx.req_stats().req_alive.add_http_connect();
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_total.add_http_connect();
-                site_req_stats.req_alive.add_http_connect();
-            }
+            user_ctx.foreach_req_stats(|s| {
+                s.req_total.add_http_connect();
+                s.req_alive.add_http_connect();
+            });
         }
     }
 
     fn pre_stop(&mut self) {
         self.ctx.server_stats.task_http_connect.dec_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx.req_stats().req_alive.del_http_connect();
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_alive.del_http_connect();
-            }
+            user_ctx.foreach_req_stats(|s| {
+                s.req_alive.del_http_connect();
+            });
 
             if let Some(user_req_alive_permit) = self.task_notes.user_req_alive_permit.take() {
                 drop(user_req_alive_permit);
@@ -439,10 +434,9 @@ impl HttpProxyConnectTask {
 
         self.task_notes.mark_relaying();
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx.req_stats().req_ready.add_http_connect();
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_ready.add_http_connect();
-            }
+            user_ctx.foreach_req_stats(|s| {
+                s.req_ready.add_http_connect();
+            });
         }
         let clt_w = clt_w.into_inner();
         self.relay(clt_r, clt_w, ups_r, ups_w).await

diff --git a/g3proxy/src/serve/http_proxy/task/forward/task.rs b/g3proxy/src/serve/http_proxy/task/forward/task.rs
@@ -258,34 +258,18 @@ impl<'a> HttpProxyForwardTask<'a> {
         self.ctx.server_stats.task_http_forward.inc_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx
-                .req_stats()
-                .req_total
-                .add_http_forward(self.is_https);
-            user_ctx
-                .req_stats()
-                .req_alive
-                .add_http_forward(self.is_https);
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_total.add_http_forward(self.is_https);
-                site_req_stats.req_alive.add_http_forward(self.is_https);
-            }
+            user_ctx.foreach_req_stats(|s| {
+                s.req_total.add_http_forward(self.is_https);
+                s.req_alive.add_http_forward(self.is_https);
+            });
         }
     }
 
     fn pre_stop(&mut self) {
         self.ctx.server_stats.task_http_forward.dec_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx
-                .req_stats()
-                .req_alive
-                .del_http_forward(self.is_https);
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_alive.del_http_forward(self.is_https);
-            }
+            user_ctx.foreach_req_stats(|s| s.req_alive.del_http_forward(self.is_https));
 
             if let Some(user_req_alive_permit) = self.task_notes.user_req_alive_permit.take() {
                 drop(user_req_alive_permit);
@@ -629,13 +613,7 @@ impl<'a> HttpProxyForwardTask<'a> {
             fwd_ctx.fetch_tcp_notes(&mut self.tcp_notes);
             self.http_notes.retry_new_connection = true;
             if let Some(user_ctx) = self.task_notes.user_ctx() {
-                user_ctx
-                    .req_stats()
-                    .req_reuse
-                    .add_http_forward(self.is_https);
-                if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                    site_req_stats.req_reuse.add_http_forward(self.is_https);
-                }
+                user_ctx.foreach_req_stats(|s| s.req_reuse.add_http_forward(self.is_https));
             }
 
             let r = self
@@ -653,12 +631,7 @@ impl<'a> HttpProxyForwardTask<'a> {
                         // continue to make new connection
                         if let Some(user_ctx) = self.task_notes.user_ctx() {
                             user_ctx
-                                .req_stats()
-                                .req_renew
-                                .add_http_forward(self.is_https);
-                            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                                site_req_stats.req_renew.add_http_forward(self.is_https);
-                            }
+                                .foreach_req_stats(|s| s.req_renew.add_http_forward(self.is_https));
                         }
                     } else {
                         self.should_close = true;
@@ -737,13 +710,7 @@ impl<'a> HttpProxyForwardTask<'a> {
     fn mark_relaying(&mut self) {
         self.task_notes.mark_relaying();
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx
-                .req_stats()
-                .req_ready
-                .add_http_forward(self.is_https);
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_ready.add_http_forward(self.is_https);
-            }
+            user_ctx.foreach_req_stats(|s| s.req_ready.add_http_forward(self.is_https));
         }
     }
 

diff --git a/g3proxy/src/serve/http_proxy/task/ftp/task.rs b/g3proxy/src/serve/http_proxy/task/ftp/task.rs
@@ -143,25 +143,18 @@ impl<'a> FtpOverHttpTask<'a> {
         self.ctx.server_stats.task_ftp_over_http.inc_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx.req_stats().req_total.add_ftp_over_http();
-            user_ctx.req_stats().req_alive.add_ftp_over_http();
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_total.add_ftp_over_http();
-                site_req_stats.req_alive.add_ftp_over_http();
-            }
+            user_ctx.foreach_req_stats(|s| {
+                s.req_total.add_ftp_over_http();
+                s.req_alive.add_ftp_over_http();
+            });
         }
     }
 
     fn pre_stop(&mut self) {
         self.ctx.server_stats.task_ftp_over_http.dec_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx.req_stats().req_alive.del_ftp_over_http();
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_alive.del_ftp_over_http();
-            }
+            user_ctx.foreach_req_stats(|s| s.req_alive.del_ftp_over_http());
 
             if let Some(user_req_alive_permit) = self.task_notes.user_req_alive_permit.take() {
                 drop(user_req_alive_permit);

diff --git a/g3proxy/src/serve/http_rproxy/task/forward/task.rs b/g3proxy/src/serve/http_rproxy/task/forward/task.rs
@@ -233,34 +233,18 @@ impl<'a> HttpRProxyForwardTask<'a> {
         self.ctx.server_stats.task_http_forward.inc_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx
-                .req_stats()
-                .req_total
-                .add_http_forward(self.is_https);
-            user_ctx
-                .req_stats()
-                .req_alive
-                .add_http_forward(self.is_https);
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_total.add_http_forward(self.is_https);
-                site_req_stats.req_alive.add_http_forward(self.is_https);
-            }
+            user_ctx.foreach_req_stats(|s| {
+                s.req_total.add_http_forward(self.is_https);
+                s.req_alive.add_http_forward(self.is_https);
+            });
         }
     }
 
     fn pre_stop(&mut self) {
         self.ctx.server_stats.task_http_forward.dec_alive_task();
 
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx
-                .req_stats()
-                .req_alive
-                .del_http_forward(self.is_https);
-
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_alive.del_http_forward(self.is_https);
-            }
+            user_ctx.foreach_req_stats(|s| s.req_alive.del_http_forward(self.is_https));
 
             if let Some(user_req_alive_permit) = self.task_notes.user_req_alive_permit.take() {
                 drop(user_req_alive_permit);
@@ -525,13 +509,7 @@ impl<'a> HttpRProxyForwardTask<'a> {
             fwd_ctx.fetch_tcp_notes(&mut self.tcp_notes);
             self.retry_new_connection = true;
             if let Some(user_ctx) = self.task_notes.user_ctx() {
-                user_ctx
-                    .req_stats()
-                    .req_reuse
-                    .add_http_forward(self.is_https);
-                if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                    site_req_stats.req_reuse.add_http_forward(self.is_https);
-                }
+                user_ctx.foreach_req_stats(|s| s.req_reuse.add_http_forward(self.is_https));
             }
 
             let r = self
@@ -549,12 +527,7 @@ impl<'a> HttpRProxyForwardTask<'a> {
                         // continue to make new connection
                         if let Some(user_ctx) = self.task_notes.user_ctx() {
                             user_ctx
-                                .req_stats()
-                                .req_renew
-                                .add_http_forward(self.is_https);
-                            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                                site_req_stats.req_renew.add_http_forward(self.is_https);
-                            }
+                                .foreach_req_stats(|s| s.req_renew.add_http_forward(self.is_https));
                         }
                     } else {
                         self.should_close = true;
@@ -626,13 +599,7 @@ impl<'a> HttpRProxyForwardTask<'a> {
     fn mark_relaying(&mut self) {
         self.task_notes.mark_relaying();
         if let Some(user_ctx) = self.task_notes.user_ctx() {
-            user_ctx
-                .req_stats()
-                .req_ready
-                .add_http_forward(self.is_https);
-            if let Some(site_req_stats) = user_ctx.site_req_stats() {
-                site_req_stats.req_ready.add_http_forward(self.is_https);
-            }
+            user_ctx.foreach_req_stats(|s| s.req_ready.add_http_forward(self.is_https));
         }
     }