bagas/tunnel-please
Public Access
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 8 Wiki Activity

fix(port): add atomic ClaimPort() to prevent race condition

Browse Source 
- Replace GetPortStatus/SetPortStatus calls with atomic ClaimPort() operation.
- Fixed a logic error when handling headless tunneling.
This commit is contained in:
bagas
2026-01-12 18:17:20 +07:00
parent fb638636bf
commit ae3ed52d16
3 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
session/handler.go
+1 -6
View File
@@ -183,16 +183,11 @@ func (s *SSHSession) HandleTCPForward(req *ssh.Request, addr string, portToBind
portToBind = unassigned
}
if isUsed, exists := portUtil.Default.GetPortStatus(portToBind); exists && isUsed {
if claimed := portUtil.Default.ClaimPort(portToBind); !claimed {
fail(fmt.Sprintf("Port %d is already in use or restricted", portToBind))
return
}
if err := portUtil.Default.SetPortStatus(portToBind, true); err != nil {
fail(fmt.Sprintf("Failed to set port status: %v", err))
return
}
log.Printf("Requested forwarding on %s:%d", addr, portToBind)
listener, err := net.Listen("tcp", fmt.Sprintf("0.0.0.0:%d", portToBind))
if err != nil {
session/session.go
+1 -1
View File
@@ -122,7 +122,7 @@ func (s *SSHSession) Start() error {
return fmt.Errorf("no forwarding Request")
}
if (s.interaction.GetMode() == types.HEADLESS && config.Getenv("MODE", "standalone") == "standalone") || s.lifecycle.GetUser() == "UNAUTHORIZED" {
if (s.interaction.GetMode() == types.HEADLESS && config.Getenv("MODE", "standalone") == "standalone") && s.lifecycle.GetUser() == "UNAUTHORIZED" {
if err := tcpipReq.Reply(false, nil); err != nil {
log.Printf("cannot reply to tcpip req: %s\n", err)
return err