lint by golangci-lint (#3080)

pkg/util/log/log.go

@@ -40,19 +40,19 @@ func SetLogFile(logWay string, logFile string, maxdays int64, disableLogColor bo
 	if logWay == "console" {
 		params := ""
 		if disableLogColor {
-			params = fmt.Sprintf(`{"color": false}`)
+			params = `{"color": false}`
 		}
-		Log.SetLogger("console", params)
+		_ = Log.SetLogger("console", params)
 	} else {
 		params := fmt.Sprintf(`{"filename": "%s", "maxdays": %d}`, logFile, maxdays)
-		Log.SetLogger("file", params)
+		_ = Log.SetLogger("file", params)
 	}
 }
 
 // SetLogLevel set log level, default is warning
 // value: error, warning, info, debug, trace
 func SetLogLevel(logLevel string) {
-	level := 4 // warning
+	var level int
 	switch logLevel {
 	case "error":
 		level = 3
@@ -65,7 +65,7 @@ func SetLogLevel(logLevel string) {
 	case "trace":
 		level = 8
 	default:
-		level = 4
+		level = 4 // warning
 	}
 	Log.SetLevel(level)
 }

pkg/util/net/kcp.go

@@ -32,8 +32,8 @@ func ListenKcp(address string) (l *KCPListener, err error) {
 	if err != nil {
 		return l, err
 	}
-	listener.SetReadBuffer(4194304)
-	listener.SetWriteBuffer(4194304)
+	_ = listener.SetReadBuffer(4194304)
+	_ = listener.SetWriteBuffer(4194304)
 
 	l = &KCPListener{
 		listener:  listener,

pkg/util/net/tls.go

@@ -23,32 +23,30 @@ import (
 	gnet "github.com/fatedier/golib/net"
 )
 
-var (
-	FRPTLSHeadByte = 0x17
-)
+var FRPTLSHeadByte = 0x17
 
 func CheckAndEnableTLSServerConnWithTimeout(
 	c net.Conn, tlsConfig *tls.Config, tlsOnly bool, timeout time.Duration,
 ) (out net.Conn, isTLS bool, custom bool, err error) {
-
 	sc, r := gnet.NewSharedConnSize(c, 2)
 	buf := make([]byte, 1)
 	var n int
-	c.SetReadDeadline(time.Now().Add(timeout))
+	_ = c.SetReadDeadline(time.Now().Add(timeout))
 	n, err = r.Read(buf)
-	c.SetReadDeadline(time.Time{})
+	_ = c.SetReadDeadline(time.Time{})
 	if err != nil {
 		return
 	}
 
-	if n == 1 && int(buf[0]) == FRPTLSHeadByte {
+	switch {
+	case n == 1 && int(buf[0]) == FRPTLSHeadByte:
 		out = tls.Server(c, tlsConfig)
 		isTLS = true
 		custom = true
-	} else if n == 1 && int(buf[0]) == 0x16 {
+	case n == 1 && int(buf[0]) == 0x16:
 		out = tls.Server(sc, tlsConfig)
 		isTLS = true
-	} else {
+	default:
 		if tlsOnly {
 			err = fmt.Errorf("non-TLS connection received on a TlsOnly server")
 			return

pkg/util/net/udp.go

@@ -55,7 +55,7 @@ func NewFakeUDPConn(l *UDPListener, laddr, raddr net.Addr) *FakeUDPConn {
 		for {
 			time.Sleep(5 * time.Second)
 			fc.mu.RLock()
-			if time.Now().Sub(fc.lastActive) > 10*time.Second {
+			if time.Since(fc.lastActive) > 10*time.Second {
 				fc.mu.RUnlock()
 				fc.Close()
 				break
@@ -68,8 +68,7 @@ func NewFakeUDPConn(l *UDPListener, laddr, raddr net.Addr) *FakeUDPConn {
 
 func (c *FakeUDPConn) putPacket(content []byte) {
 	defer func() {
-		if err := recover(); err != nil {
-		}
+		_ = recover()
 	}()
 
 	select {
@@ -109,7 +108,7 @@ func (c *FakeUDPConn) Write(b []byte) (n int, err error) {
 		LocalAddr:  c.localAddr,
 		RemoteAddr: c.remoteAddr,
 	}
-	c.l.writeUDPPacket(packet)
+	_ = c.l.writeUDPPacket(packet)
 
 	c.mu.Lock()
 	c.lastActive = time.Now()
@@ -208,7 +207,7 @@ func ListenUDP(bindAddr string, bindPort int) (l *UDPListener, err error) {
 			}
 
 			if addr, ok := packet.RemoteAddr.(*net.UDPAddr); ok {
-				readConn.WriteToUDP(packet.Buf, addr)
+				_, _ = readConn.WriteToUDP(packet.Buf, addr)
 			}
 		}
 	}()

pkg/util/net/websocket.go

@@ -9,9 +9,7 @@ import (
 	"golang.org/x/net/websocket"
 )
 
-var (
-	ErrWebsocketListenerClosed = errors.New("websocket listener closed")
-)
+var ErrWebsocketListenerClosed = errors.New("websocket listener closed")
 
 const (
 	FrpWebsocketPath = "/~!frp"
@@ -21,8 +19,7 @@ type WebsocketListener struct {
 	ln       net.Listener
 	acceptCh chan net.Conn
 
-	server    *http.Server
-	httpMutex *http.ServeMux
+	server *http.Server
 }
 
 // NewWebsocketListener to handle websocket connections
@@ -47,7 +44,9 @@ func NewWebsocketListener(ln net.Listener) (wl *WebsocketListener) {
 		Handler: muxer,
 	}
 
-	go wl.server.Serve(ln)
+	go func() {
+		_ = wl.server.Serve(ln)
+	}()
 	return
 }
 

pkg/util/tcpmux/httpconnect.go

@@ -22,9 +22,10 @@ import (
 	"net/http"
 	"time"
 
+	gnet "github.com/fatedier/golib/net"
+
 	"github.com/fatedier/frp/pkg/util/util"
 	"github.com/fatedier/frp/pkg/util/vhost"
-	gnet "github.com/fatedier/golib/net"
 )
 
 type HTTPConnectTCPMuxer struct {
@@ -66,7 +67,11 @@ func (muxer *HTTPConnectTCPMuxer) sendConnectResponse(c net.Conn, reqInfo map[st
 	if muxer.passthrough {
 		return nil
 	}
-	return util.OkResponse().Write(c)
+	res := util.OkResponse()
+	if res.Body != nil {
+		defer res.Body.Close()
+	}
+	return res.Write(c)
 }
 
 func (muxer *HTTPConnectTCPMuxer) getHostFromHTTPConnect(c net.Conn) (net.Conn, map[string]string, error) {
@@ -82,11 +87,15 @@ func (muxer *HTTPConnectTCPMuxer) getHostFromHTTPConnect(c net.Conn) (net.Conn,
 	reqInfoMap["Scheme"] = "tcp"
 	reqInfoMap["HTTPUser"] = httpUser
 
-	var outConn net.Conn = c
+	outConn := c
 	if muxer.passthrough {
 		outConn = sc
 		if muxer.authRequired && httpUser == "" {
-			util.ProxyUnauthorizedResponse().Write(c)
+			resp := util.ProxyUnauthorizedResponse()
+			if resp.Body != nil {
+				defer resp.Body.Close()
+			}
+			_ = resp.Write(c)
 			outConn = c
 		}
 	}

pkg/util/util/http.go

@@ -60,10 +60,8 @@ func CanonicalHost(host string) (string, error) {
 			return "", err
 		}
 	}
-	if strings.HasSuffix(host, ".") {
-		// Strip trailing dot from fully qualified domain names.
-		host = host[:len(host)-1]
-	}
+	// Strip trailing dot from fully qualified domain names.
+	host = strings.TrimSuffix(host, ".")
 	return host, nil
 }
 

pkg/util/util/util.go

@@ -44,7 +44,7 @@ func RandIDWithLen(idLen int) (id string, err error) {
 }
 
 func GetAuthKey(token string, timestamp int64) (key string) {
-	token = token + fmt.Sprintf("%d", timestamp)
+	token += fmt.Sprintf("%d", timestamp)
 	md5Ctx := md5.New()
 	md5Ctx.Write([]byte(token))
 	data := md5Ctx.Sum(nil)
@@ -70,7 +70,8 @@ func ParseRangeNumbers(rangeStr string) (numbers []int64, err error) {
 		numArray := strings.Split(numRangeStr, "-")
 		// length: only 1 or 2 is correct
 		rangeType := len(numArray)
-		if rangeType == 1 {
+		switch rangeType {
+		case 1:
 			// single number
 			singleNum, errRet := strconv.ParseInt(strings.TrimSpace(numArray[0]), 10, 64)
 			if errRet != nil {
@@ -78,7 +79,7 @@ func ParseRangeNumbers(rangeStr string) (numbers []int64, err error) {
 				return
 			}
 			numbers = append(numbers, singleNum)
-		} else if rangeType == 2 {
+		case 2:
 			// range numbers
 			min, errRet := strconv.ParseInt(strings.TrimSpace(numArray[0]), 10, 64)
 			if errRet != nil {
@@ -97,7 +98,7 @@ func ParseRangeNumbers(rangeStr string) (numbers []int64, err error) {
 			for i := min; i <= max; i++ {
 				numbers = append(numbers, i)
 			}
-		} else {
+		default:
 			err = fmt.Errorf("range number is invalid")
 			return
 		}

pkg/util/version/version.go

@@ -19,7 +19,7 @@ import (
 	"strings"
 )
 
-var version string = "0.44.0"
+var version = "0.44.0"
 
 func Full() string {
 	return version

pkg/util/vhost/http.go

@@ -23,27 +23,26 @@ import (
 	"log"
 	"net"
 	"net/http"
+	"net/http/httputil"
 	"net/url"
 	"strings"
 	"time"
 
+	frpIo "github.com/fatedier/golib/io"
+	"github.com/fatedier/golib/pool"
+
 	frpLog "github.com/fatedier/frp/pkg/util/log"
 	"github.com/fatedier/frp/pkg/util/util"
-	frpIo "github.com/fatedier/golib/io"
-
-	"github.com/fatedier/golib/pool"
 )
 
-var (
-	ErrNoRouteFound = errors.New("no route found")
-)
+var ErrNoRouteFound = errors.New("no route found")
 
 type HTTPReverseProxyOptions struct {
 	ResponseHeaderTimeoutS int64
 }
 
 type HTTPReverseProxy struct {
-	proxy       *ReverseProxy
+	proxy       *httputil.ReverseProxy
 	vhostRouter *Routers
 
 	responseHeaderTimeout time.Duration
@@ -57,7 +56,7 @@ func NewHTTPReverseProxy(option HTTPReverseProxyOptions, vhostRouter *Routers) *
 		responseHeaderTimeout: time.Duration(option.ResponseHeaderTimeoutS) * time.Second,
 		vhostRouter:           vhostRouter,
 	}
-	proxy := &ReverseProxy{
+	proxy := &httputil.ReverseProxy{
 		// Modify incoming requests by route policies.
 		Director: func(req *http.Request) {
 			req.URL.Scheme = "http"
@@ -81,7 +80,6 @@ func NewHTTPReverseProxy(option HTTPReverseProxyOptions, vhostRouter *Routers) *
 			} else {
 				req.URL.Host = req.Host
 			}
-
 		},
 		// Create a connection to one proxy routed by route policy.
 		Transport: &http.Transport{
@@ -114,7 +112,7 @@ func NewHTTPReverseProxy(option HTTPReverseProxyOptions, vhostRouter *Routers) *
 		ErrorHandler: func(rw http.ResponseWriter, req *http.Request, err error) {
 			frpLog.Warn("do http proxy request [host: %s] error: %v", req.Host, err)
 			rw.WriteHeader(http.StatusNotFound)
-			rw.Write(getNotFoundPageContent())
+			_, _ = rw.Write(getNotFoundPageContent())
 		},
 	}
 	rp.proxy = proxy
@@ -257,10 +255,28 @@ func (rp *HTTPReverseProxy) connectHandler(rw http.ResponseWriter, req *http.Req
 		client.Close()
 		return
 	}
-	req.Write(remote)
+	_ = req.Write(remote)
 	go frpIo.Join(remote, client)
 }
 
+func parseBasicAuth(auth string) (username, password string, ok bool) {
+	const prefix = "Basic "
+	// Case insensitive prefix match. See Issue 22736.
+	if len(auth) < len(prefix) || !strings.EqualFold(auth[:len(prefix)], prefix) {
+		return
+	}
+	c, err := base64.StdEncoding.DecodeString(auth[len(prefix):])
+	if err != nil {
+		return
+	}
+	cs := string(c)
+	s := strings.IndexByte(cs, ':')
+	if s < 0 {
+		return
+	}
+	return cs[:s], cs[s+1:], true
+}
+
 func (rp *HTTPReverseProxy) injectRequestInfoToCtx(req *http.Request) *http.Request {
 	newctx := req.Context()
 	newctx = context.WithValue(newctx, RouteInfoURL, req.URL.Path)

pkg/util/vhost/resource.go

@@ -24,9 +24,7 @@ import (
 	"github.com/fatedier/frp/pkg/util/version"
 )
 
-var (
-	NotFoundPagePath = ""
-)
+var NotFoundPagePath = ""
 
 const (
 	NotFound = `<!DOCTYPE html>

pkg/util/vhost/reverseproxy.go

@@ -1,636 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// HTTP reverse proxy handler
-
-package vhost
-
-import (
-	"context"
-	"encoding/base64"
-	"fmt"
-	"io"
-	"log"
-	"net"
-	"net/http"
-	"net/textproto"
-	"net/url"
-	"strings"
-	"sync"
-	"time"
-
-	"golang.org/x/net/http/httpguts"
-)
-
-// ReverseProxy is an HTTP Handler that takes an incoming request and
-// sends it to another server, proxying the response back to the
-// client.
-//
-// ReverseProxy by default sets the client IP as the value of the
-// X-Forwarded-For header.
-//
-// If an X-Forwarded-For header already exists, the client IP is
-// appended to the existing values. As a special case, if the header
-// exists in the Request.Header map but has a nil value (such as when
-// set by the Director func), the X-Forwarded-For header is
-// not modified.
-//
-// To prevent IP spoofing, be sure to delete any pre-existing
-// X-Forwarded-For header coming from the client or
-// an untrusted proxy.
-type ReverseProxy struct {
-	// Director must be a function which modifies
-	// the request into a new request to be sent
-	// using Transport. Its response is then copied
-	// back to the original client unmodified.
-	// Director must not access the provided Request
-	// after returning.
-	Director func(*http.Request)
-
-	// The transport used to perform proxy requests.
-	// If nil, http.DefaultTransport is used.
-	Transport http.RoundTripper
-
-	// FlushInterval specifies the flush interval
-	// to flush to the client while copying the
-	// response body.
-	// If zero, no periodic flushing is done.
-	// A negative value means to flush immediately
-	// after each write to the client.
-	// The FlushInterval is ignored when ReverseProxy
-	// recognizes a response as a streaming response, or
-	// if its ContentLength is -1; for such responses, writes
-	// are flushed to the client immediately.
-	FlushInterval time.Duration
-
-	// ErrorLog specifies an optional logger for errors
-	// that occur when attempting to proxy the request.
-	// If nil, logging is done via the log package's standard logger.
-	ErrorLog *log.Logger
-
-	// BufferPool optionally specifies a buffer pool to
-	// get byte slices for use by io.CopyBuffer when
-	// copying HTTP response bodies.
-	BufferPool BufferPool
-
-	// ModifyResponse is an optional function that modifies the
-	// Response from the backend. It is called if the backend
-	// returns a response at all, with any HTTP status code.
-	// If the backend is unreachable, the optional ErrorHandler is
-	// called without any call to ModifyResponse.
-	//
-	// If ModifyResponse returns an error, ErrorHandler is called
-	// with its error value. If ErrorHandler is nil, its default
-	// implementation is used.
-	ModifyResponse func(*http.Response) error
-
-	// ErrorHandler is an optional function that handles errors
-	// reaching the backend or errors from ModifyResponse.
-	//
-	// If nil, the default is to log the provided error and return
-	// a 502 Status Bad Gateway response.
-	ErrorHandler func(http.ResponseWriter, *http.Request, error)
-}
-
-// A BufferPool is an interface for getting and returning temporary
-// byte slices for use by io.CopyBuffer.
-type BufferPool interface {
-	Get() []byte
-	Put([]byte)
-}
-
-func singleJoiningSlash(a, b string) string {
-	aslash := strings.HasSuffix(a, "/")
-	bslash := strings.HasPrefix(b, "/")
-	switch {
-	case aslash && bslash:
-		return a + b[1:]
-	case !aslash && !bslash:
-		return a + "/" + b
-	}
-	return a + b
-}
-
-func joinURLPath(a, b *url.URL) (path, rawpath string) {
-	if a.RawPath == "" && b.RawPath == "" {
-		return singleJoiningSlash(a.Path, b.Path), ""
-	}
-	// Same as singleJoiningSlash, but uses EscapedPath to determine
-	// whether a slash should be added
-	apath := a.EscapedPath()
-	bpath := b.EscapedPath()
-
-	aslash := strings.HasSuffix(apath, "/")
-	bslash := strings.HasPrefix(bpath, "/")
-
-	switch {
-	case aslash && bslash:
-		return a.Path + b.Path[1:], apath + bpath[1:]
-	case !aslash && !bslash:
-		return a.Path + "/" + b.Path, apath + "/" + bpath
-	}
-	return a.Path + b.Path, apath + bpath
-}
-
-// NewSingleHostReverseProxy returns a new ReverseProxy that routes
-// URLs to the scheme, host, and base path provided in target. If the
-// target's path is "/base" and the incoming request was for "/dir",
-// the target request will be for /base/dir.
-// NewSingleHostReverseProxy does not rewrite the Host header.
-// To rewrite Host headers, use ReverseProxy directly with a custom
-// Director policy.
-func NewSingleHostReverseProxy(target *url.URL) *ReverseProxy {
-	targetQuery := target.RawQuery
-	director := func(req *http.Request) {
-		req.URL.Scheme = target.Scheme
-		req.URL.Host = target.Host
-		req.URL.Path, req.URL.RawPath = joinURLPath(target, req.URL)
-		if targetQuery == "" || req.URL.RawQuery == "" {
-			req.URL.RawQuery = targetQuery + req.URL.RawQuery
-		} else {
-			req.URL.RawQuery = targetQuery + "&" + req.URL.RawQuery
-		}
-		if _, ok := req.Header["User-Agent"]; !ok {
-			// explicitly disable User-Agent so it's not set to default value
-			req.Header.Set("User-Agent", "")
-		}
-	}
-	return &ReverseProxy{Director: director}
-}
-
-func copyHeader(dst, src http.Header) {
-	for k, vv := range src {
-		for _, v := range vv {
-			dst.Add(k, v)
-		}
-	}
-}
-
-// Hop-by-hop headers. These are removed when sent to the backend.
-// As of RFC 7230, hop-by-hop headers are required to appear in the
-// Connection header field. These are the headers defined by the
-// obsoleted RFC 2616 (section 13.5.1) and are used for backward
-// compatibility.
-var hopHeaders = []string{
-	"Connection",
-	"Proxy-Connection", // non-standard but still sent by libcurl and rejected by e.g. google
-	"Keep-Alive",
-	"Proxy-Authenticate",
-	"Proxy-Authorization",
-	"Te",      // canonicalized version of "TE"
-	"Trailer", // not Trailers per URL above; https://www.rfc-editor.org/errata_search.php?eid=4522
-	"Transfer-Encoding",
-	"Upgrade",
-}
-
-func (p *ReverseProxy) defaultErrorHandler(rw http.ResponseWriter, req *http.Request, err error) {
-	p.logf("http: proxy error: %v", err)
-	rw.WriteHeader(http.StatusBadGateway)
-}
-
-func (p *ReverseProxy) getErrorHandler() func(http.ResponseWriter, *http.Request, error) {
-	if p.ErrorHandler != nil {
-		return p.ErrorHandler
-	}
-	return p.defaultErrorHandler
-}
-
-// modifyResponse conditionally runs the optional ModifyResponse hook
-// and reports whether the request should proceed.
-func (p *ReverseProxy) modifyResponse(rw http.ResponseWriter, res *http.Response, req *http.Request) bool {
-	if p.ModifyResponse == nil {
-		return true
-	}
-	if err := p.ModifyResponse(res); err != nil {
-		res.Body.Close()
-		p.getErrorHandler()(rw, req, err)
-		return false
-	}
-	return true
-}
-
-func parseBasicAuth(auth string) (username, password string, ok bool) {
-	const prefix = "Basic "
-	// Case insensitive prefix match. See Issue 22736.
-	if len(auth) < len(prefix) || !strings.EqualFold(auth[:len(prefix)], prefix) {
-		return
-	}
-	c, err := base64.StdEncoding.DecodeString(auth[len(prefix):])
-	if err != nil {
-		return
-	}
-	cs := string(c)
-	s := strings.IndexByte(cs, ':')
-	if s < 0 {
-		return
-	}
-	return cs[:s], cs[s+1:], true
-}
-
-func (p *ReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-	transport := p.Transport
-	if transport == nil {
-		transport = http.DefaultTransport
-	}
-
-	ctx := req.Context()
-	if cn, ok := rw.(http.CloseNotifier); ok {
-		var cancel context.CancelFunc
-		ctx, cancel = context.WithCancel(ctx)
-		defer cancel()
-		notifyChan := cn.CloseNotify()
-		go func() {
-			select {
-			case <-notifyChan:
-				cancel()
-			case <-ctx.Done():
-			}
-		}()
-	}
-
-	outreq := req.Clone(ctx)
-	if req.ContentLength == 0 {
-		outreq.Body = nil // Issue 16036: nil Body for http.Transport retries
-	}
-	if outreq.Header == nil {
-		outreq.Header = make(http.Header) // Issue 33142: historical behavior was to always allocate
-	}
-
-	p.Director(outreq)
-	outreq.Close = false
-
-	reqUpType := upgradeType(outreq.Header)
-	removeConnectionHeaders(outreq.Header)
-
-	// Remove hop-by-hop headers to the backend. Especially
-	// important is "Connection" because we want a persistent
-	// connection, regardless of what the client sent to us.
-	for _, h := range hopHeaders {
-		hv := outreq.Header.Get(h)
-		if hv == "" {
-			continue
-		}
-		if h == "Te" && hv == "trailers" {
-			// Issue 21096: tell backend applications that
-			// care about trailer support that we support
-			// trailers. (We do, but we don't go out of
-			// our way to advertise that unless the
-			// incoming client request thought it was
-			// worth mentioning)
-			continue
-		}
-		outreq.Header.Del(h)
-	}
-
-	// After stripping all the hop-by-hop connection headers above, add back any
-	// necessary for protocol upgrades, such as for websockets.
-	if reqUpType != "" {
-		outreq.Header.Set("Connection", "Upgrade")
-		outreq.Header.Set("Upgrade", reqUpType)
-	}
-
-	if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
-		// If we aren't the first proxy retain prior
-		// X-Forwarded-For information as a comma+space
-		// separated list and fold multiple headers into one.
-		prior, ok := outreq.Header["X-Forwarded-For"]
-		omit := ok && prior == nil // Issue 38079: nil now means don't populate the header
-		if len(prior) > 0 {
-			clientIP = strings.Join(prior, ", ") + ", " + clientIP
-		}
-		if !omit {
-			outreq.Header.Set("X-Forwarded-For", clientIP)
-		}
-	}
-
-	res, err := transport.RoundTrip(outreq)
-	if err != nil {
-		p.getErrorHandler()(rw, outreq, err)
-		return
-	}
-
-	// Deal with 101 Switching Protocols responses: (WebSocket, h2c, etc)
-	if res.StatusCode == http.StatusSwitchingProtocols {
-		if !p.modifyResponse(rw, res, outreq) {
-			return
-		}
-		p.handleUpgradeResponse(rw, outreq, res)
-		return
-	}
-
-	removeConnectionHeaders(res.Header)
-
-	for _, h := range hopHeaders {
-		res.Header.Del(h)
-	}
-
-	if !p.modifyResponse(rw, res, outreq) {
-		return
-	}
-
-	copyHeader(rw.Header(), res.Header)
-
-	// The "Trailer" header isn't included in the Transport's response,
-	// at least for *http.Transport. Build it up from Trailer.
-	announcedTrailers := len(res.Trailer)
-	if announcedTrailers > 0 {
-		trailerKeys := make([]string, 0, len(res.Trailer))
-		for k := range res.Trailer {
-			trailerKeys = append(trailerKeys, k)
-		}
-		rw.Header().Add("Trailer", strings.Join(trailerKeys, ", "))
-	}
-
-	rw.WriteHeader(res.StatusCode)
-
-	err = p.copyResponse(rw, res.Body, p.flushInterval(res))
-	if err != nil {
-		defer res.Body.Close()
-		// Since we're streaming the response, if we run into an error all we can do
-		// is abort the request. Issue 23643: ReverseProxy should use ErrAbortHandler
-		// on read error while copying body.
-		if !shouldPanicOnCopyError(req) {
-			p.logf("suppressing panic for copyResponse error in test; copy error: %v", err)
-			return
-		}
-		panic(http.ErrAbortHandler)
-	}
-	res.Body.Close() // close now, instead of defer, to populate res.Trailer
-
-	if len(res.Trailer) > 0 {
-		// Force chunking if we saw a response trailer.
-		// This prevents net/http from calculating the length for short
-		// bodies and adding a Content-Length.
-		if fl, ok := rw.(http.Flusher); ok {
-			fl.Flush()
-		}
-	}
-
-	if len(res.Trailer) == announcedTrailers {
-		copyHeader(rw.Header(), res.Trailer)
-		return
-	}
-
-	for k, vv := range res.Trailer {
-		k = http.TrailerPrefix + k
-		for _, v := range vv {
-			rw.Header().Add(k, v)
-		}
-	}
-}
-
-var inOurTests bool // whether we're in our own tests
-
-// shouldPanicOnCopyError reports whether the reverse proxy should
-// panic with http.ErrAbortHandler. This is the right thing to do by
-// default, but Go 1.10 and earlier did not, so existing unit tests
-// weren't expecting panics. Only panic in our own tests, or when
-// running under the HTTP server.
-func shouldPanicOnCopyError(req *http.Request) bool {
-	if inOurTests {
-		// Our tests know to handle this panic.
-		return true
-	}
-	if req.Context().Value(http.ServerContextKey) != nil {
-		// We seem to be running under an HTTP server, so
-		// it'll recover the panic.
-		return true
-	}
-	// Otherwise act like Go 1.10 and earlier to not break
-	// existing tests.
-	return false
-}
-
-// removeConnectionHeaders removes hop-by-hop headers listed in the "Connection" header of h.
-// See RFC 7230, section 6.1
-func removeConnectionHeaders(h http.Header) {
-	for _, f := range h["Connection"] {
-		for _, sf := range strings.Split(f, ",") {
-			if sf = textproto.TrimString(sf); sf != "" {
-				h.Del(sf)
-			}
-		}
-	}
-}
-
-// flushInterval returns the p.FlushInterval value, conditionally
-// overriding its value for a specific request/response.
-func (p *ReverseProxy) flushInterval(res *http.Response) time.Duration {
-	resCT := res.Header.Get("Content-Type")
-
-	// For Server-Sent Events responses, flush immediately.
-	// The MIME type is defined in https://www.w3.org/TR/eventsource/#text-event-stream
-	if resCT == "text/event-stream" {
-		return -1 // negative means immediately
-	}
-
-	// We might have the case of streaming for which Content-Length might be unset.
-	if res.ContentLength == -1 {
-		return -1
-	}
-
-	return p.FlushInterval
-}
-
-func (p *ReverseProxy) copyResponse(dst io.Writer, src io.Reader, flushInterval time.Duration) error {
-	if flushInterval != 0 {
-		if wf, ok := dst.(writeFlusher); ok {
-			mlw := &maxLatencyWriter{
-				dst:     wf,
-				latency: flushInterval,
-			}
-			defer mlw.stop()
-
-			// set up initial timer so headers get flushed even if body writes are delayed
-			mlw.flushPending = true
-			mlw.t = time.AfterFunc(flushInterval, mlw.delayedFlush)
-
-			dst = mlw
-		}
-	}
-
-	var buf []byte
-	if p.BufferPool != nil {
-		buf = p.BufferPool.Get()
-		defer p.BufferPool.Put(buf)
-	}
-	_, err := p.copyBuffer(dst, src, buf)
-	return err
-}
-
-// copyBuffer returns any write errors or non-EOF read errors, and the amount
-// of bytes written.
-func (p *ReverseProxy) copyBuffer(dst io.Writer, src io.Reader, buf []byte) (int64, error) {
-	if len(buf) == 0 {
-		buf = make([]byte, 32*1024)
-	}
-	var written int64
-	for {
-		nr, rerr := src.Read(buf)
-		if rerr != nil && rerr != io.EOF && rerr != context.Canceled {
-			p.logf("httputil: ReverseProxy read error during body copy: %v", rerr)
-		}
-		if nr > 0 {
-			nw, werr := dst.Write(buf[:nr])
-			if nw > 0 {
-				written += int64(nw)
-			}
-			if werr != nil {
-				return written, werr
-			}
-			if nr != nw {
-				return written, io.ErrShortWrite
-			}
-		}
-		if rerr != nil {
-			if rerr == io.EOF {
-				rerr = nil
-			}
-			return written, rerr
-		}
-	}
-}
-
-func (p *ReverseProxy) logf(format string, args ...interface{}) {
-	if p.ErrorLog != nil {
-		p.ErrorLog.Printf(format, args...)
-	} else {
-		log.Printf(format, args...)
-	}
-}
-
-type writeFlusher interface {
-	io.Writer
-	http.Flusher
-}
-
-type maxLatencyWriter struct {
-	dst     writeFlusher
-	latency time.Duration // non-zero; negative means to flush immediately
-
-	mu           sync.Mutex // protects t, flushPending, and dst.Flush
-	t            *time.Timer
-	flushPending bool
-}
-
-func (m *maxLatencyWriter) Write(p []byte) (n int, err error) {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	n, err = m.dst.Write(p)
-	if m.latency < 0 {
-		m.dst.Flush()
-		return
-	}
-	if m.flushPending {
-		return
-	}
-	if m.t == nil {
-		m.t = time.AfterFunc(m.latency, m.delayedFlush)
-	} else {
-		m.t.Reset(m.latency)
-	}
-	m.flushPending = true
-	return
-}
-
-func (m *maxLatencyWriter) delayedFlush() {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	if !m.flushPending { // if stop was called but AfterFunc already started this goroutine
-		return
-	}
-	m.dst.Flush()
-	m.flushPending = false
-}
-
-func (m *maxLatencyWriter) stop() {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	m.flushPending = false
-	if m.t != nil {
-		m.t.Stop()
-	}
-}
-
-func upgradeType(h http.Header) string {
-	if !httpguts.HeaderValuesContainsToken(h["Connection"], "Upgrade") {
-		return ""
-	}
-	return strings.ToLower(h.Get("Upgrade"))
-}
-
-func (p *ReverseProxy) handleUpgradeResponse(rw http.ResponseWriter, req *http.Request, res *http.Response) {
-	reqUpType := upgradeType(req.Header)
-	resUpType := upgradeType(res.Header)
-	if reqUpType != resUpType {
-		p.getErrorHandler()(rw, req, fmt.Errorf("backend tried to switch protocol %q when %q was requested", resUpType, reqUpType))
-		return
-	}
-
-	hj, ok := rw.(http.Hijacker)
-	if !ok {
-		p.getErrorHandler()(rw, req, fmt.Errorf("can't switch protocols using non-Hijacker ResponseWriter type %T", rw))
-		return
-	}
-	backConn, ok := res.Body.(io.ReadWriteCloser)
-	if !ok {
-		p.getErrorHandler()(rw, req, fmt.Errorf("internal error: 101 switching protocols response with non-writable body"))
-		return
-	}
-
-	backConnCloseCh := make(chan bool)
-	go func() {
-		// Ensure that the cancelation of a request closes the backend.
-		// See issue https://golang.org/issue/35559.
-		select {
-		case <-req.Context().Done():
-		case <-backConnCloseCh:
-		}
-		backConn.Close()
-	}()
-
-	defer close(backConnCloseCh)
-
-	conn, brw, err := hj.Hijack()
-	if err != nil {
-		p.getErrorHandler()(rw, req, fmt.Errorf("Hijack failed on protocol switch: %v", err))
-		return
-	}
-	defer conn.Close()
-
-	copyHeader(rw.Header(), res.Header)
-
-	res.Header = rw.Header()
-	res.Body = nil // so res.Write only writes the headers; we have res.Body in backConn above
-	if err := res.Write(brw); err != nil {
-		p.getErrorHandler()(rw, req, fmt.Errorf("response write: %v", err))
-		return
-	}
-	if err := brw.Flush(); err != nil {
-		p.getErrorHandler()(rw, req, fmt.Errorf("response flush: %v", err))
-		return
-	}
-	errc := make(chan error, 1)
-	spc := switchProtocolCopier{user: conn, backend: backConn}
-	go spc.copyToBackend(errc)
-	go spc.copyFromBackend(errc)
-	<-errc
-	return
-}
-
-// switchProtocolCopier exists so goroutines proxying data back and
-// forth have nice names in stacks.
-type switchProtocolCopier struct {
-	user, backend io.ReadWriter
-}
-
-func (c switchProtocolCopier) copyFromBackend(errc chan<- error) {
-	_, err := io.Copy(c.user, c.backend)
-	errc <- err
-}
-
-func (c switchProtocolCopier) copyToBackend(errc chan<- error) {
-	_, err := io.Copy(c.backend, c.user)
-	errc <- err
-}

pkg/util/vhost/router.go

@@ -7,9 +7,7 @@ import (
 	"sync"
 )
 
-var (
-	ErrRouterConfigConflict = errors.New("router config conflict")
-)
+var ErrRouterConfigConflict = errors.New("router config conflict")
 
 type routerByHTTPUser map[string][]*Router
 
@@ -133,9 +131,11 @@ type ByLocation []*Router
 func (a ByLocation) Len() int {
 	return len(a)
 }
+
 func (a ByLocation) Swap(i, j int) {
 	a[i], a[j] = a[j], a[i]
 }
+
 func (a ByLocation) Less(i, j int) bool {
 	return strings.Compare(a[i].location, a[j].location) < 0
 }

pkg/util/vhost/vhost.go

@@ -19,11 +19,11 @@ import (
 	"strings"
 	"time"
 
+	"github.com/fatedier/golib/errors"
+
 	"github.com/fatedier/frp/pkg/util/log"
 	frpNet "github.com/fatedier/frp/pkg/util/net"
 	"github.com/fatedier/frp/pkg/util/xlog"
-
-	"github.com/fatedier/golib/errors"
 )
 
 type RouteInfo string
@@ -36,10 +36,12 @@ const (
 	RouteInfoURLHost  RouteInfo = "urlHost"
 )
 
-type muxFunc func(net.Conn) (net.Conn, map[string]string, error)
-type httpAuthFunc func(net.Conn, string, string, string) (bool, error)
-type hostRewriteFunc func(net.Conn, string) (net.Conn, error)
-type successFunc func(net.Conn, map[string]string) error
+type (
+	muxFunc         func(net.Conn) (net.Conn, map[string]string, error)
+	httpAuthFunc    func(net.Conn, string, string, string) (bool, error)
+	hostRewriteFunc func(net.Conn, string) (net.Conn, error)
+	successFunc     func(net.Conn, map[string]string) error
+)
 
 // Muxer is only used for https and tcpmux proxy.
 type Muxer struct {
@@ -60,7 +62,6 @@ func NewMuxer(
 	rewriteFunc hostRewriteFunc,
 	timeout time.Duration,
 ) (mux *Muxer, err error) {
-
 	mux = &Muxer{
 		listener:       listener,
 		timeout:        timeout,
@@ -111,9 +112,8 @@ func (v *Muxer) Listen(ctx context.Context, cfg *RouteConfig) (l *Listener, err
 }
 
 func (v *Muxer) getListener(name, path, httpUser string) (*Listener, bool) {
-
 	findRouter := func(inName, inPath, inHTTPUser string) (*Listener, bool) {
-		vr, ok := v.registryRouter.Get(inName, inPath, httpUser)
+		vr, ok := v.registryRouter.Get(inName, inPath, inHTTPUser)
 		if ok {
 			return vr.payload.(*Listener), true
 		}
@@ -167,14 +167,14 @@ func (v *Muxer) run() {
 
 func (v *Muxer) handle(c net.Conn) {
 	if err := c.SetDeadline(time.Now().Add(v.timeout)); err != nil {
-		c.Close()
+		_ = c.Close()
 		return
 	}
 
 	sConn, reqInfoMap, err := v.vhostFunc(c)
 	if err != nil {
 		log.Debug("get hostname from http/https request error: %v", err)
-		c.Close()
+		_ = c.Close()
 		return
 	}
 
@@ -184,9 +184,12 @@ func (v *Muxer) handle(c net.Conn) {
 	l, ok := v.getListener(name, path, httpUser)
 	if !ok {
 		res := notFoundResponse()
-		res.Write(c)
+		if res.Body != nil {
+			defer res.Body.Close()
+		}
+		_ = res.Write(c)
 		log.Debug("http request for host [%s] path [%s] httpUser [%s] not found", name, path, httpUser)
-		c.Close()
+		_ = c.Close()
 		return
 	}
 
@@ -194,7 +197,7 @@ func (v *Muxer) handle(c net.Conn) {
 	if v.successFunc != nil {
 		if err := v.successFunc(c, reqInfoMap); err != nil {
 			xl.Info("success func failure on vhost connection: %v", err)
-			c.Close()
+			_ = c.Close()
 			return
 		}
 	}
@@ -203,17 +206,20 @@ func (v *Muxer) handle(c net.Conn) {
 	// then verify user access
 	if l.mux.authFunc != nil && l.userName != "" && l.passWord != "" {
 		bAccess, err := l.mux.authFunc(c, l.userName, l.passWord, reqInfoMap["Authorization"])
-		if bAccess == false || err != nil {
+		if !bAccess || err != nil {
 			xl.Debug("check http Authorization failed")
 			res := noAuthResponse()
-			res.Write(c)
-			c.Close()
+			if res.Body != nil {
+				defer res.Body.Close()
+			}
+			_ = res.Write(c)
+			_ = c.Close()
 			return
 		}
 	}
 
 	if err = sConn.SetDeadline(time.Time{}); err != nil {
-		c.Close()
+		_ = c.Close()
 		return
 	}
 	c = sConn