fix(agent/stream) TCP/UDP server now handle stream headers with read deadlines

2026-01-11 22:30:47 +01:00 · 2026-01-09 21:22:51 +08:00
parent 69d04f1b76
commit 2e57ca7743
2 changed files with 6 additions and 0 deletions
--- a/agent/pkg/agent/stream/tcp_server.go
+++ b/agent/pkg/agent/stream/tcp_server.go
@@ -7,6 +7,7 @@ import (
 	"errors"
 	"io"
 	"net"
+	"time"

 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
@@ -147,9 +148,11 @@ func (s *TCPServer) handle(conn net.Conn) {
 func (s *TCPServer) redirect(conn net.Conn) (net.Conn, error) {
 	// Read the stream header once as a handshake.
 	var headerBuf [headerSize]byte
+	_ = conn.SetReadDeadline(time.Now().Add(dialTimeout))
 	if _, err := io.ReadFull(conn, headerBuf[:]); err != nil {
 		return nil, err
 	}
+	_ = conn.SetReadDeadline(time.Time{})

 	header := ToHeader(&headerBuf)
 	if !header.Validate() {
--- a/agent/pkg/agent/stream/udp_server.go
+++ b/agent/pkg/agent/stream/udp_server.go
@@ -102,10 +102,13 @@ func (s *UDPServer) handleDTLSConnection(clientConn net.Conn) {

 	// Read the stream header once as a handshake.
 	var headerBuf [headerSize]byte
+	_ = clientConn.SetReadDeadline(time.Now().Add(dialTimeout))
 	if _, err := io.ReadFull(clientConn, headerBuf[:]); err != nil {
 		s.logger(clientConn).Err(err).Msg("failed to read stream header")
 		return
 	}
+	_ = clientConn.SetReadDeadline(time.Time{})
+
 	header := ToHeader(&headerBuf)
 	if !header.Validate() {
 		s.logger(clientConn).Error().Bytes("header", headerBuf[:]).Msg("invalid stream header received")