diff --git a/.github/workflows/release_docker.yml b/.github/workflows/release_docker.yml index 391d7cd..076e6f7 100644 --- a/.github/workflows/release_docker.yml +++ b/.github/workflows/release_docker.yml @@ -2,6 +2,7 @@ name: Release - Build and publish docker, and trigger package release on: push: branches: + - "feat/*" - "develop" pull_request: types: [closed] @@ -135,6 +136,23 @@ jobs: # platforms: linux/amd64 # labels: ${{ steps.meta.outputs.labels }} + - name: Unstable build and push from develop branch + if: ${{ (github.ref_name == 'feat/*') && (github.event_name == 'push') }} + uses: docker/build-push-action@v5 + with: + context: . + build-args: ${{ matrix.build-args }} + push: true + tags: | + ${{ env.GHCR }}/${{ env.GHCR_IMAGE_NAME }}:unstable${{ matrix.tags-suffix }} + ${{ env.DH_REGISTRY_NAME }}:unstable${{ matrix.tags-suffix }} + build-contexts: ${{ matrix.build-contexts }} + file: ${{ matrix.dockerfile }} + cache-from: type=gha,scope=rpxy-unstable-${{ matrix.target }} + cache-to: type=gha,mode=max,scope=rpxy-unstable-${{ matrix.target }} + platforms: ${{ matrix.platforms }} + labels: ${{ steps.meta.outputs.labels }} + - name: Nightly build and push from develop branch if: ${{ (github.ref_name == 'develop') && (github.event_name == 'push') }} uses: docker/build-push-action@v5 diff --git a/rpxy-lib/src/constants.rs b/rpxy-lib/src/constants.rs index acc9381..064f5fd 100644 --- a/rpxy-lib/src/constants.rs +++ b/rpxy-lib/src/constants.rs @@ -12,6 +12,8 @@ pub const MAX_CONCURRENT_STREAMS: u32 = 64; pub const CERTS_WATCH_DELAY_SECS: u32 = 60; pub const LOAD_CERTS_ONLY_WHEN_UPDATED: bool = true; +pub const CONNECTION_TIMEOUT_SEC: u64 = 30; // timeout to serve a connection. this might limits the max length of response. + // #[cfg(feature = "http3")] // pub const H3_RESPONSE_BUF_SIZE: usize = 65_536; // 64KB // #[cfg(feature = "http3")] diff --git a/rpxy-lib/src/proxy/proxy_h3.rs b/rpxy-lib/src/proxy/proxy_h3.rs index 7e02f32..90457e3 100644 --- a/rpxy-lib/src/proxy/proxy_h3.rs +++ b/rpxy-lib/src/proxy/proxy_h3.rs @@ -1,5 +1,6 @@ use super::proxy_main::Proxy; use crate::{ + constants::CONNECTION_TIMEOUT_SEC, crypto::CryptoSource, error::*, hyper_ext::body::{IncomingLike, RequestBody}, @@ -10,7 +11,7 @@ use bytes::{Buf, Bytes}; use http::{Request, Response}; use http_body_util::BodyExt; use hyper_util::client::legacy::connect::Connect; -use std::net::SocketAddr; +use std::{net::SocketAddr, time::Duration}; #[cfg(feature = "http3-quinn")] use h3::{quic::BidiStream, quic::Connection as ConnectionQuic, server::RequestStream}; @@ -70,9 +71,11 @@ where let self_inner = self.clone(); let tls_server_name_inner = tls_server_name.clone(); self.globals.runtime_handle.spawn(async move { - if let Err(e) = self_inner - .h3_serve_stream(req, stream, client_addr, tls_server_name_inner) - .await + if let Err(e) = tokio::time::timeout( + Duration::from_secs(CONNECTION_TIMEOUT_SEC + 1), // just in case... + self_inner.h3_serve_stream(req, stream, client_addr, tls_server_name_inner), + ) + .await { warn!("HTTP/3 error on serve stream: {}", e); } diff --git a/rpxy-lib/src/proxy/proxy_main.rs b/rpxy-lib/src/proxy/proxy_main.rs index 4fea840..61176f3 100644 --- a/rpxy-lib/src/proxy/proxy_main.rs +++ b/rpxy-lib/src/proxy/proxy_main.rs @@ -1,6 +1,6 @@ use super::socket::bind_tcp_socket; use crate::{ - constants::TLS_HANDSHAKE_TIMEOUT_SEC, + constants::{CONNECTION_TIMEOUT_SEC, TLS_HANDSHAKE_TIMEOUT_SEC}, crypto::{CryptoSource, ServerCrypto, SniServerCryptoMap}, error::*, globals::Globals, @@ -88,9 +88,11 @@ where let message_handler_clone = self.message_handler.clone(); let tls_enabled = self.tls_enabled; let listening_on = self.listening_on; + let timeout_sec = Duration::from_secs(CONNECTION_TIMEOUT_SEC + 1); // just in case... self.globals.runtime_handle.clone().spawn(async move { - server_clone - .serve_connection_with_upgrades( + timeout( + timeout_sec + Duration::from_secs(1), // just in case... + server_clone.serve_connection_with_upgrades( stream, service_fn(move |req: Request| { serve_request( @@ -102,9 +104,10 @@ where tls_server_name.clone(), ) }), - ) - .await - .ok(); + ), + ) + .await + .ok(); request_count.decrement(); debug!("Request processed: current # {}", request_count.current());