When a new device connection is established, it creates a Device struct and
checks for ID conflicts. If a conflict exists, the new device connection
closes and triggers DelDevice via its defer statement. The original
implementation used LoadAndDelete which removed any device with the given ID,
causing the existing device to be incorrectly removed.
This changes the deletion logic to use CompareAndDelete, which verifies
both the device ID and the specific device instance. Now when a duplicate
connection closes, only the new (unregistered) device is attempted for removal,
preserving the existing device in the registry.
This ensures legitimate devices remain connected when duplicate connection
attempts occur.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
This commit significantly optimizes the HTTP proxy implementation by:
1. Replacing standard http.ReadRequest with manual HTTP header parsing
- Avoids unnecessary allocations from full request parsing
- Adds 3-second timeout for initial header reading
2. Removing HttpProxyWriter abstraction
- Directly construct and send rewritten Host header
- Simplify data forwarding logic
3. Unifying WebSocket and regular HTTP handling
- Use single read loop for both cases
- Always use buffer pool for reads
4. Adding proper timeouts
- Set deadlines for header reading
- Reset timeout after headers are processed
These changes reduce memory allocations, improve performance, and simplify the proxy logic.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Introduce a buffer pool to reduce memory allocations during WebSocket handling.
Previously, each WebSocket connection created a new 4KB buffer for every read operation.
This reduces GC pressure and improves memory efficiency for WebSocket traffic.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Previously the Host header used the destination address verbatim, including
the port even for default ports (80 for HTTPS, 443 for HTTPS). This violates
HTTP specifications which require omitting default ports in Host headers.
This ensures compliant Host headers like "example.com" instead of "example.com:80"
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
These changes provide clearer failure diagnostics and prevent invalid
device registrations from compromising system stability.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
preserve client IP visibility
Previously, TLS termination was moved to nginx for better separation of concerns.
However, this introduced an issue with the new device IP display feature:
- With nginx reverse proxying, all device connections appear to originate from 127.0.0.1
- The actual device IP addresses were masked by the proxy layer
- This prevented accurate IP-based device identification and reporting
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Encapsulate API routes into APIServer methods (api.go)
- Split large handleUserConnection into smaller methods (user.go)
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
The feature that wrote logs to a file when stdout wasn't a terminal is
removed. Systemd services already handle log persistence through journald
and its logging facilities. This duplication is unnecessary and conflicts
with standard systemd logging practices.
View log in systemd:
```
journalctl -u rttys
```
or
```
journalctl -u rttys -f
```
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Add devid, group, destaddr, and https fields to HttpProxySession for better session tracking and logging.
- Refactor doHttpProxy to use only the rtty-http-sid cookie for session lookup, removing dependencies on group, devid, proto, and destaddr cookies.
- In httpProxyRedirect, store all necessary session info in HttpProxySession and set only the rtty-http-sid cookie.
- Unify logging to use the session string for easier debugging.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Add horizontal and vertical split options to context menu
- Support recursive splitting for complex terminal layouts
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Move empty password check from httpLogin to httpAuth
- httpLogin now only validates actual password comparison
- httpAuth handles empty password as authentication bypass
- This ensures consistent authentication behavior across all endpoints
Previously, empty password would always return true in httpLogin,
now it's properly handled at the authentication middleware level.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
- Add viewport boundary detection to prevent menu overflow
- Auto-adjust menu position when near screen edges
- Ensure menu stays within visible area with 15px margin
- Use $nextTick to calculate position after DOM update
This prevents context menu from being cut off when right-clicking
near screen boundaries, especially in bottom-right corner.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
