Add OpenVPN, TrustTunnel, Sudoku, inbound managers. Fixes

protocol/limiter/connection/lock.go

@@ -4,13 +4,14 @@ import (
 	"context"
 	"sync"
 
+	"github.com/sagernet/sing-box/common/onclose"
 	E "github.com/sagernet/sing/common/exceptions"
 )
 
 func NewDefaultLock(max uint32) LockIDGetter {
 	locks := make(map[string]*uint32)
 	mtx := sync.Mutex{}
-	return func(id string) (CloseHandlerFunc, context.Context, error) {
+	return func(id string) (onclose.CloseHandlerFunc, context.Context, error) {
 		mtx.Lock()
 		defer mtx.Unlock()
 		handles, ok := locks[id]
@@ -22,16 +23,13 @@ func NewDefaultLock(max uint32) LockIDGetter {
 			locks[id] = handles
 		}
 		*handles++
-		var once sync.Once
 		return func() {
-			once.Do(func() {
-				mtx.Lock()
-				defer mtx.Unlock()
-				*handles--
-				if *handles == 0 {
-					delete(locks, id)
-				}
-			})
+			mtx.Lock()
+			defer mtx.Unlock()
+			*handles--
+			if *handles == 0 {
+				delete(locks, id)
+			}
 		}, nil, nil
 	}
 }

protocol/limiter/connection/outbound.go

@@ -7,6 +7,7 @@ import (
 	"github.com/sagernet/sing-box/adapter"
 	"github.com/sagernet/sing-box/adapter/outbound"
 	C "github.com/sagernet/sing-box/constant"
+	"github.com/sagernet/sing-box/common/onclose"
 	"github.com/sagernet/sing-box/log"
 	"github.com/sagernet/sing-box/option"
 	"github.com/sagernet/sing-box/route"
@@ -110,7 +111,7 @@ func (h *Outbound) DialContext(ctx context.Context, network string, destination
 		onClose()
 		return nil, err
 	}
-	conn = newConnWithCloseHandlerFunc(conn, onClose)
+	conn = onclose.NewConn(conn, onClose)
 	if lockCtx != nil {
 		go connChecker(lockCtx, conn.Close)
 	}
@@ -127,7 +128,7 @@ func (h *Outbound) ListenPacket(ctx context.Context, destination M.Socksaddr) (n
 		onClose()
 		return nil, err
 	}
-	conn = newPacketConnWithCloseHandlerFunc(conn, onClose)
+	conn = onclose.NewPacketConn(conn, onClose)
 	if lockCtx != nil {
 		go connChecker(lockCtx, conn.Close)
 	}
@@ -141,7 +142,7 @@ func (h *Outbound) NewConnectionEx(ctx context.Context, conn net.Conn, metadata
 		N.CloseOnHandshakeFailure(conn, onClose, err)
 		return
 	}
-	conn = newConnWithCloseHandlerFunc(conn, limiterOnClose)
+	conn = onclose.NewConn(conn, limiterOnClose)
 	if lockCtx != nil {
 		go connChecker(lockCtx, conn.Close)
 	}
@@ -158,7 +159,7 @@ func (h *Outbound) NewPacketConnectionEx(ctx context.Context, conn N.PacketConn,
 		N.CloseOnHandshakeFailure(conn, onClose, err)
 		return
 	}
-	conn = bufio.NewPacketConn(newPacketConnWithCloseHandlerFunc(bufio.NewNetPacketConn(conn), limiterOnClose))
+	conn = bufio.NewPacketConn(onclose.NewPacketConn(bufio.NewNetPacketConn(conn), limiterOnClose))
 	if lockCtx != nil {
 		go connChecker(lockCtx, conn.Close)
 	}
@@ -172,33 +173,7 @@ func (h *Outbound) GetStrategy() ConnectionStrategy {
 	return h.strategy
 }
 
-type connWithCloseHandlerFunc struct {
-	net.Conn
-	onClose CloseHandlerFunc
-}
 
-func newConnWithCloseHandlerFunc(conn net.Conn, onClose CloseHandlerFunc) *connWithCloseHandlerFunc {
-	return &connWithCloseHandlerFunc{conn, onClose}
-}
-
-func (conn *connWithCloseHandlerFunc) Close() error {
-	conn.onClose()
-	return conn.Conn.Close()
-}
-
-type packetConnWithCloseHandlerFunc struct {
-	net.PacketConn
-	onClose CloseHandlerFunc
-}
-
-func newPacketConnWithCloseHandlerFunc(conn net.PacketConn, onClose CloseHandlerFunc) *packetConnWithCloseHandlerFunc {
-	return &packetConnWithCloseHandlerFunc{conn, onClose}
-}
-
-func (conn *packetConnWithCloseHandlerFunc) Close() error {
-	conn.onClose()
-	return conn.PacketConn.Close()
-}
 
 func connChecker(ctx context.Context, closeFunc func() error) {
 	<-ctx.Done()

protocol/limiter/connection/strategy.go

@@ -6,18 +6,17 @@ import (
 	"sync"
 
 	"github.com/sagernet/sing-box/adapter"
+	"github.com/sagernet/sing-box/common/onclose"
 	"github.com/sagernet/sing-box/log"
 	E "github.com/sagernet/sing/common/exceptions"
 )
 
 type (
-	CloseHandlerFunc = func()
-
 	ConnIDGetter = func(context.Context, *adapter.InboundContext) (string, bool)
-	LockIDGetter = func(string) (CloseHandlerFunc, context.Context, error)
+	LockIDGetter = func(string) (onclose.CloseHandlerFunc, context.Context, error)
 
 	ConnectionStrategy interface {
-		request(ctx context.Context, metadata *adapter.InboundContext) (onClose CloseHandlerFunc, lockCtx context.Context, err error)
+		request(ctx context.Context, metadata *adapter.InboundContext) (onClose onclose.CloseHandlerFunc, lockCtx context.Context, err error)
 	}
 )
 
@@ -36,7 +35,7 @@ func NewDefaultConnectionStrategy(connIDGetter ConnIDGetter, lockIDGetter LockID
 	return outbound
 }
 
-func (s *DefaultConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (CloseHandlerFunc, context.Context, error) {
+func (s *DefaultConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (onclose.CloseHandlerFunc, context.Context, error) {
 	s.mtx.Lock()
 	defer s.mtx.Unlock()
 	id, ok := s.connIDGetter(ctx, metadata)
@@ -57,7 +56,7 @@ func NewUsersConnectionStrategy(strategies map[string]ConnectionStrategy) *Users
 	}
 }
 
-func (s *UsersConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (CloseHandlerFunc, context.Context, error) {
+func (s *UsersConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (onclose.CloseHandlerFunc, context.Context, error) {
 	s.mtx.Lock()
 	defer s.mtx.Unlock()
 	var user string
@@ -71,20 +70,78 @@ func (s *UsersConnectionStrategy) request(ctx context.Context, metadata *adapter
 	return nil, nil, E.New("user strategy not found: ", user)
 }
 
+type cancelEntry struct {
+	cancel context.CancelFunc
+}
+
 type ManagerConnectionStrategy struct {
-	*UsersConnectionStrategy
+	strategies map[string]ConnectionStrategy
+	cancels    map[string][]*cancelEntry
+
+	mtx sync.Mutex
 }
 
 func NewManagerConnectionStrategy() *ManagerConnectionStrategy {
 	return &ManagerConnectionStrategy{
-		UsersConnectionStrategy: NewUsersConnectionStrategy(map[string]ConnectionStrategy{}),
+		strategies: make(map[string]ConnectionStrategy),
+		cancels:    make(map[string][]*cancelEntry),
 	}
 }
 
+func (s *ManagerConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (onclose.CloseHandlerFunc, context.Context, error) {
+	s.mtx.Lock()
+	var user string
+	if metadata != nil {
+		user = metadata.User
+	}
+	strategy, ok := s.strategies[user]
+	if !ok {
+		s.mtx.Unlock()
+		return nil, nil, E.New("user strategy not found: ", user)
+	}
+	s.mtx.Unlock()
+	onClose, _, err := strategy.request(ctx, metadata)
+	if err != nil {
+		return nil, nil, err
+	}
+	cancelCtx, cancel := context.WithCancel(context.Background())
+	entry := &cancelEntry{cancel: cancel}
+	s.mtx.Lock()
+	s.cancels[user] = append(s.cancels[user], entry)
+	s.mtx.Unlock()
+	originalOnClose := onClose
+	wrappedOnClose := func() {
+		s.mtx.Lock()
+		entries := s.cancels[user]
+		for i, e := range entries {
+			if e == entry {
+				s.cancels[user] = append(entries[:i], entries[i+1:]...)
+				break
+			}
+		}
+		s.mtx.Unlock()
+		cancel()
+		if originalOnClose != nil {
+			originalOnClose()
+		}
+	}
+	return wrappedOnClose, cancelCtx, nil
+}
+
 func (s *ManagerConnectionStrategy) UpdateStrategies(strategies map[string]ConnectionStrategy) {
 	s.mtx.Lock()
-	defer s.mtx.Unlock()
+	var entries []*cancelEntry
+	for user, cancels := range s.cancels {
+		if _, exists := strategies[user]; !exists {
+			entries = append(entries, cancels...)
+			delete(s.cancels, user)
+		}
+	}
 	s.strategies = strategies
+	s.mtx.Unlock()
+	for _, entry := range entries {
+		entry.cancel()
+	}
 }
 
 type BypassConnectionStrategy struct{}
@@ -93,7 +150,7 @@ func NewBypassConnectionStrategy() *BypassConnectionStrategy {
 	return &BypassConnectionStrategy{}
 }
 
-func (s *BypassConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (CloseHandlerFunc, context.Context, error) {
+func (s *BypassConnectionStrategy) request(ctx context.Context, metadata *adapter.InboundContext) (onclose.CloseHandlerFunc, context.Context, error) {
 	return func() {}, nil, nil
 }