From e0ec961fb1abbe66165945f4f2d900754a65ce60 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= <i@sekai.icu>
Date: Sun, 1 Oct 2023 14:36:31 +0800
Subject: [PATCH] Fix HTTP server leak

---
 protocol/http/handshake.go | 43 +++++++++++++++++++-------------------
 1 file changed, 21 insertions(+), 22 deletions(-)

diff --git a/protocol/http/handshake.go b/protocol/http/handshake.go
index 455de7c..3d4b024 100644
--- a/protocol/http/handshake.go
+++ b/protocol/http/handshake.go
@@ -21,7 +21,6 @@ import (
 type Handler = N.TCPConnectionHandler
 
 func HandleConnection(ctx context.Context, conn net.Conn, reader *std_bufio.Reader, authenticator auth.Authenticator, handler Handler, metadata M.Metadata) error {
-	var httpClient *http.Client
 	for {
 		request, err := ReadRequest(reader)
 		if err != nil {
@@ -95,28 +94,26 @@ func HandleConnection(ctx context.Context, conn net.Conn, reader *std_bufio.Read
 		}
 
 		var innerErr error
-		if httpClient == nil {
-			httpClient = &http.Client{
-				Transport: &http.Transport{
-					DisableCompression: true,
-					DialContext: func(context context.Context, network, address string) (net.Conn, error) {
-						metadata.Destination = M.ParseSocksaddr(address)
-						metadata.Protocol = "http"
-						input, output := net.Pipe()
-						go func() {
-							hErr := handler.NewConnection(ctx, output, metadata)
-							if hErr != nil {
-								innerErr = hErr
-								common.Close(input, output)
-							}
-						}()
-						return input, nil
-					},
+		httpClient := &http.Client{
+			Transport: &http.Transport{
+				DisableCompression: true,
+				DialContext: func(context context.Context, network, address string) (net.Conn, error) {
+					metadata.Destination = M.ParseSocksaddr(address)
+					metadata.Protocol = "http"
+					input, output := net.Pipe()
+					go func() {
+						hErr := handler.NewConnection(ctx, output, metadata)
+						if hErr != nil {
+							innerErr = hErr
+							common.Close(input, output)
+						}
+					}()
+					return input, nil
 				},
-				CheckRedirect: func(req *http.Request, via []*http.Request) error {
-					return http.ErrUseLastResponse
-				},
-			}
+			},
+			CheckRedirect: func(req *http.Request, via []*http.Request) error {
+				return http.ErrUseLastResponse
+			},
 		}
 
 		response, err := httpClient.Do(request)
@@ -139,6 +136,8 @@ func HandleConnection(ctx context.Context, conn net.Conn, reader *std_bufio.Read
 			return E.Errors(innerErr, err)
 		}
 
+		httpClient.CloseIdleConnections()
+
 		if !keepAlive {
 			return conn.Close()
 		}