fix: Fixed webstreams which terminate their datastream with a tcp-close

codefionn · codefionn · commit 48d1ecaef00a · 2025-07-21T21:35:14.000+02:00
This behavior was observed on `https://www.wgv.de/hc_scripts/oti.js?cid=[integer]`. A js file is send with `Connection: close`. The connection is terminated, which means that the data has been fully send, no Content-Length or boundries or anything like it.
diff --git a/.gitignore b/.gitignore
@@ -58,3 +58,7 @@ coverage.html
 /GEMINI.md
 
 /result
+
+/log.txt
+/weird_request
+/weird-request
diff --git a/main.go b/main.go
@@ -41,6 +41,7 @@ func parseFlagsAndConfig() (cfg *config.Config, configPaths []string) {
 	flag.Var(&configs, "config", "Path to configuration file (supports .json and .hcl formats). Can be specified multiple times, later configs take precedence")
 	envfile := flag.String("envfile", "", "Path to env file to load environment variables")
 	debugMode := flag.Bool("debug", false, "Enable debug logging")
+	traceMode := flag.Bool("trace", false, "Enable trace logging")
 	flag.Parse()
 
 	if len(configs) == 0 {
@@ -66,6 +67,10 @@ func parseFlagsAndConfig() (cfg *config.Config, configPaths []string) {
 		logger.SetLevel(logger.DEBUG)
 		logger.Debug("Debug logging enabled")
 	}
+	if *traceMode {
+		logger.SetLevel(logger.TRACE)
+		logger.Debug("Trace logging enabled")
+	}
 
 	logger.Info("Starting msgtausch proxy server")
 	logger.Debug("Using configuration files: %s", strings.Join(configs, ", "))
diff --git a/msgtausch-srv/logger/logger.go b/msgtausch-srv/logger/logger.go
@@ -12,7 +12,8 @@ type LogLevel int
 
 const (
 	// DEBUG level for detailed troubleshooting information
-	DEBUG LogLevel = iota
+	TRACE LogLevel = iota
+	DEBUG
 	// INFO level for general operational information
 	INFO
 	// WARN level for non-critical issues
@@ -38,6 +39,8 @@ func SetLevel(level LogLevel) {
 // GetLevelFromString converts a string level to LogLevel
 func GetLevelFromString(level string) LogLevel {
 	switch strings.ToUpper(level) {
+	case "TRACE":
+		return TRACE
 	case "DEBUG":
 		return DEBUG
 	case "INFO":
@@ -56,6 +59,8 @@ func GetLevelFromString(level string) LogLevel {
 // levelToString converts a LogLevel to its string representation
 func levelToString(level LogLevel) string {
 	switch level {
+	case TRACE:
+		return "TRACE"
 	case DEBUG:
 		return "DEBUG"
 	case INFO:
@@ -81,6 +86,12 @@ func logMessage(level LogLevel, format string, v ...any) {
 	stdLogger.Printf("[%s] %s", levelToString(level), msg)
 }
 
+// Debug logs a debug message
+// Arguments are handled in the manner of [fmt.Printf].
+func Trace(format string, v ...any) {
+	logMessage(TRACE, format, v...)
+}
+
 // Debug logs a debug message
 // Arguments are handled in the manner of [fmt.Printf].
 func Debug(format string, v ...any) {
diff --git a/msgtausch-srv/proxy/connection_close_test.go b/msgtausch-srv/proxy/connection_close_test.go
@@ -0,0 +1,244 @@
+package proxy
+
+import (
+	"bufio"
+	"context"
+	"crypto/tls"
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"testing"
+	"time"
+
+	"github.com/codefionn/msgtausch/msgtausch-srv/config"
+)
+
+// TestConnectionCloseHandling tests that the proxy handles "Connection: close" responses quickly
+func TestConnectionCloseHandling(t *testing.T) {
+	// Create a mock HTTPS server that sends Connection: close
+	ln, err := net.Listen("tcp", "127.0.0.1:0")
+	if err != nil {
+		t.Fatalf("Failed to create listener for mock server: %v", err)
+	}
+	defer ln.Close()
+
+	serverAddr := ln.Addr().String()
+	
+	// JavaScript content similar to the problematic wgv.de response
+	jsContent := `/* Dynamically generated content! DON'T COPY IT TO YOUR SERVERS! */
+(function(){var w=window,d=document,t="script";console.log("test")})();`
+
+	// Start mock server that sends Connection: close
+	go func() {
+		for {
+			conn, err := ln.Accept()
+			if err != nil {
+				return // Listener closed
+			}
+			
+			go func(conn net.Conn) {
+				defer conn.Close()
+				
+				// Read the HTTP request
+				reader := bufio.NewReader(conn)
+				_, err := http.ReadRequest(reader)
+				if err != nil {
+					return
+				}
+				
+				// Send response with Connection: close (like wgv.de does)
+				response := fmt.Sprintf("HTTP/1.1 200 OK\r\n"+
+					"Content-Type: text/javascript\r\n"+
+					"Connection: close\r\n"+
+					"Content-Length: %d\r\n"+
+					"Cache-Control: private, no-cache, no-store, must-revalidate\r\n"+
+					"\r\n"+
+					"%s", len(jsContent), jsContent)
+				
+				conn.Write([]byte(response))
+				// Immediately close the connection after sending (like Connection: close should)
+			}(conn)
+		}
+	}()
+
+	// Create proxy configuration
+	cfg := &config.Config{
+		Servers: []config.ServerConfig{
+			{
+				Type:          config.ProxyTypeStandard,
+				ListenAddress: "127.0.0.1:0",
+				Enabled:       true,
+			},
+		},
+		TimeoutSeconds:           30,
+		MaxConcurrentConnections: 100,
+		Classifiers:              make(map[string]config.Classifier),
+	}
+
+	proxy := NewProxy(cfg)
+
+	// Start proxy server
+	proxyListener, err := net.Listen("tcp", cfg.Servers[0].ListenAddress)
+	if err != nil {
+		t.Fatalf("Failed to create proxy listener: %v", err)
+	}
+	proxyAddr := proxyListener.Addr().String()
+
+	go func() {
+		if err := proxy.StartWithListener(proxyListener); err != http.ErrServerClosed && err != nil {
+			t.Errorf("Proxy server error: %v", err)
+		}
+	}()
+	defer proxy.Stop()
+
+	// Wait for proxy to start
+	time.Sleep(100 * time.Millisecond)
+
+	// Test the Connection: close handling
+	t.Run("Connection close handling", func(t *testing.T) {
+		// Create HTTP client that uses our proxy
+		client := &http.Client{
+			Transport: &http.Transport{
+				Proxy: http.ProxyURL(&url.URL{Host: proxyAddr}),
+				TLSClientConfig: &tls.Config{
+					InsecureSkipVerify: true, // For testing
+				},
+			},
+			Timeout: 10 * time.Second, // Should complete much faster
+		}
+
+		// Measure the time it takes to complete the request
+		start := time.Now()
+		
+		// Make request to our mock server through the proxy
+		targetURL := fmt.Sprintf("http://%s/test.js", serverAddr)
+		req, err := http.NewRequestWithContext(context.Background(), "GET", targetURL, nil)
+		if err != nil {
+			t.Fatalf("Failed to create request: %v", err)
+		}
+
+		resp, err := client.Do(req)
+		if err != nil {
+			t.Fatalf("Request through proxy failed: %v", err)
+		}
+		defer resp.Body.Close()
+
+		duration := time.Since(start)
+
+		// Verify response
+		if resp.StatusCode != http.StatusOK {
+			t.Errorf("Expected status code %d, got %d", http.StatusOK, resp.StatusCode)
+		}
+
+		// Read response body
+		body := make([]byte, len(jsContent))
+		n, err := resp.Body.Read(body)
+		if err != nil && err.Error() != "EOF" {
+			t.Fatalf("Failed to read response body: %v", err)
+		}
+
+		if string(body[:n]) != jsContent {
+			t.Errorf("Response body mismatch.\nExpected: %s\nGot: %s", jsContent, string(body[:n]))
+		}
+
+		// Verify that the connection closed quickly (should be under 2 seconds)
+		// Before the fix, this would take 30+ seconds due to timeout
+		if duration > 2*time.Second {
+			t.Errorf("Connection close handling too slow: %v (should be < 2s)", duration)
+		}
+
+		t.Logf("Connection close handling completed in: %v", duration)
+	})
+}
+
+// TestConnectionCloseHTTPS tests Connection: close handling over HTTPS tunnel
+func TestConnectionCloseHTTPS(t *testing.T) {
+	// Create a TLS server that sends Connection: close
+	tlsServer, certPool := setupTLSServer(t)
+	defer tlsServer.Close()
+
+	// Replace the default handler with one that sends Connection: close
+	tlsServer.Config.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Connection", "close")
+		w.Header().Set("Content-Type", "text/javascript")
+		w.Header().Set("Cache-Control", "private, no-cache, no-store, must-revalidate")
+		
+		jsContent := `/* Test JS content with Connection: close */
+(function(){console.log("connection close test")})();`
+		w.Write([]byte(jsContent))
+	})
+
+	// Create proxy configuration
+	cfg := &config.Config{
+		Servers: []config.ServerConfig{
+			{
+				Type:          config.ProxyTypeStandard,
+				ListenAddress: "127.0.0.1:0",
+				Enabled:       true,
+			},
+		},
+		TimeoutSeconds:           30,
+		MaxConcurrentConnections: 100,
+		Classifiers:              make(map[string]config.Classifier),
+	}
+
+	proxy := NewProxy(cfg)
+
+	// Start proxy server
+	proxyListener, err := net.Listen("tcp", cfg.Servers[0].ListenAddress)
+	if err != nil {
+		t.Fatalf("Failed to create proxy listener: %v", err)
+	}
+	proxyAddr := proxyListener.Addr().String()
+
+	go func() {
+		if err := proxy.StartWithListener(proxyListener); err != http.ErrServerClosed && err != nil {
+			t.Errorf("Proxy server error: %v", err)
+		}
+	}()
+	defer proxy.Stop()
+
+	// Wait for proxy to start
+	time.Sleep(100 * time.Millisecond)
+
+	t.Run("HTTPS Connection close handling", func(t *testing.T) {
+		// Create HTTP client that uses our proxy
+		client := &http.Client{
+			Transport: &http.Transport{
+				Proxy: http.ProxyURL(&url.URL{Host: proxyAddr}),
+				TLSClientConfig: &tls.Config{
+					RootCAs: certPool,
+				},
+			},
+			Timeout: 10 * time.Second,
+		}
+
+		// Measure the time it takes to complete the request
+		start := time.Now()
+		
+		resp, err := client.Get(tlsServer.URL + "/test.js")
+		if err != nil {
+			t.Fatalf("HTTPS request through proxy failed: %v", err)
+		}
+		defer resp.Body.Close()
+
+		duration := time.Since(start)
+
+		// Verify response
+		if resp.StatusCode != http.StatusOK {
+			t.Errorf("Expected status code %d, got %d", http.StatusOK, resp.StatusCode)
+		}
+
+		// Note: Connection: close header might not be preserved in HTTP/2 
+		// but the connection handling should still be fast
+		t.Logf("Connection header: %v", resp.Header.Get("Connection"))
+
+		// Verify that the connection closed quickly
+		if duration > 2*time.Second {
+			t.Errorf("HTTPS connection close handling too slow: %v (should be < 2s)", duration)
+		}
+
+		t.Logf("HTTPS connection close handling completed in: %v", duration)
+	})
+}
diff --git a/msgtausch-srv/proxy/proxy.go b/msgtausch-srv/proxy/proxy.go
@@ -1175,8 +1175,13 @@ func (p *Server) handleConnect(w http.ResponseWriter, r *http.Request, connectio
 	var wg sync.WaitGroup
 	wg.Add(2)
 
+	// Create a context to coordinate tunnel shutdown
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
 	go func() {
 		defer wg.Done()
+		defer cancel() // Cancel context when this goroutine exits
 		if clientBuf != nil && clientBuf.Reader != nil && clientBuf.Reader.Buffered() > 0 {
 			if _, err := clientBuf.WriteTo(targetConn); err != nil {
 				if !isClosedConnError(err) {
@@ -1190,15 +1195,32 @@ func (p *Server) handleConnect(w http.ResponseWriter, r *http.Request, connectio
 				logger.Warn("TCP tunnel copy error (client to target): %v", err)
 			}
 		}
+		// Close the target connection to signal completion
+		if tcpConn, ok := targetConn.(*net.TCPConn); ok {
+			tcpConn.CloseWrite()
+		}
 	}()
 
 	go func() {
 		defer wg.Done()
+		defer cancel() // Cancel context when this goroutine exits
 		if _, err := io.Copy(clientConn, targetConn); err != nil {
 			if !isClosedConnError(err) {
 				logger.Warn("TCP tunnel copy error (target to client): %v", err)
 			}
 		}
+		// Close the client connection to signal completion
+		if tcpConn, ok := clientConn.(*net.TCPConn); ok {
+			tcpConn.CloseWrite()
+		}
+	}()
+
+	// Wait for context cancellation or goroutines to complete
+	go func() {
+		<-ctx.Done()
+		// Force close connections when context is cancelled
+		clientConn.Close()
+		targetConn.Close()
 	}()
 
 	wg.Wait()
