diff --git a/ipn/ipnlocal/c2n.go b/ipn/ipnlocal/c2n.go
index 9e6af14de..26435570e 100644
--- a/ipn/ipnlocal/c2n.go
+++ b/ipn/ipnlocal/c2n.go
@@ -15,6 +15,7 @@ import (
"net/http"
"os"
"os/exec"
+ "path"
"path/filepath"
"runtime"
"sort"
@@ -48,8 +49,13 @@ var c2nHandlers = map[methodAndPath]c2nHandler{
req("/debug/metrics"): handleC2NDebugMetrics,
req("/debug/component-logging"): handleC2NDebugComponentLogging,
req("/debug/logheap"): handleC2NDebugLogHeap,
- req("POST /logtail/flush"): handleC2NLogtailFlush,
- req("POST /sockstats"): handleC2NSockStats,
+
+ // PPROF - We only expose a subset of typical pprof endpoints for security.
+ req("/debug/pprof/heap"): handleC2NPprof,
+ req("/debug/pprof/allocs"): handleC2NPprof,
+
+ req("POST /logtail/flush"): handleC2NLogtailFlush,
+ req("POST /sockstats"): handleC2NSockStats,
// Check TLS certificate status.
req("GET /tls-cert-status"): handleC2NTLSCertStatus,
@@ -178,6 +184,19 @@ func handleC2NDebugLogHeap(b *LocalBackend, w http.ResponseWriter, r *http.Reque
c2nLogHeap(w, r)
}
+var c2nPprof func(http.ResponseWriter, *http.Request, string) // non-nil on most platforms (c2n_pprof.go)
+
+func handleC2NPprof(b *LocalBackend, w http.ResponseWriter, r *http.Request) {
+ if c2nPprof == nil {
+ // Not implemented on platforms trying to optimize for binary size or
+ // reduced memory usage.
+ http.Error(w, "not implemented", http.StatusNotImplemented)
+ return
+ }
+ _, profile := path.Split(r.URL.Path)
+ c2nPprof(w, r, profile)
+}
+
func handleC2NSSHUsernames(b *LocalBackend, w http.ResponseWriter, r *http.Request) {
var req tailcfg.C2NSSHUsernamesRequest
if r.Method == "POST" {
diff --git a/ipn/ipnlocal/c2n_pprof.go b/ipn/ipnlocal/c2n_pprof.go
index aacdbbc02..b4bc35790 100644
--- a/ipn/ipnlocal/c2n_pprof.go
+++ b/ipn/ipnlocal/c2n_pprof.go
@@ -6,6 +6,7 @@
package ipnlocal
import (
+ "fmt"
"net/http"
"runtime"
"runtime/pprof"
@@ -20,4 +21,25 @@ func init() {
}
pprof.WriteHeapProfile(w)
}
+
+ c2nPprof = func(w http.ResponseWriter, r *http.Request, profile string) {
+ w.Header().Set("X-Content-Type-Options", "nosniff")
+ p := pprof.Lookup(string(profile))
+ if p == nil {
+ http.Error(w, "Unknown profile", http.StatusNotFound)
+ return
+ }
+ gc, _ := strconv.Atoi(r.FormValue("gc"))
+ if profile == "heap" && gc > 0 {
+ runtime.GC()
+ }
+ debug, _ := strconv.Atoi(r.FormValue("debug"))
+ if debug != 0 {
+ w.Header().Set("Content-Type", "text/plain; charset=utf-8")
+ } else {
+ w.Header().Set("Content-Type", "application/octet-stream")
+ w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"`, profile))
+ }
+ p.WriteTo(w, debug)
+ }
}
diff --git a/tempfork/pprof/README.md b/tempfork/pprof/README.md
deleted file mode 100644
index bd1bffd59..000000000
--- a/tempfork/pprof/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-This is a fork of net/http/pprof that doesn't use init side effects
-and doesn't use html/template (which ends up calling
-reflect.Value.MethodByName, which disables some linker deadcode
-optimizations).
diff --git a/tempfork/pprof/pprof.go b/tempfork/pprof/pprof.go
deleted file mode 100644
index b6af2319f..000000000
--- a/tempfork/pprof/pprof.go
+++ /dev/null
@@ -1,302 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package pprof serves via its HTTP server runtime profiling data
-// in the format expected by the pprof visualization tool.
-//
-// See Go's net/http/pprof for docs.
-//
-// This is a fork of net/http/pprof that doesn't use init side effects
-// and doesn't use html/template (which ends up calling
-// reflect.Value.MethodByName, which disables some linker deadcode
-// optimizations).
-package pprof
-
-import (
- "bufio"
- "bytes"
- "fmt"
- "html"
- "io"
- "net/http"
- "os"
- "runtime"
- "runtime/pprof"
- "runtime/trace"
- "sort"
- "strconv"
- "strings"
- "time"
-)
-
-func AddHandlers(mux *http.ServeMux) {
- mux.HandleFunc("/debug/pprof/", Index)
- mux.HandleFunc("/debug/pprof/cmdline", Cmdline)
- mux.HandleFunc("/debug/pprof/profile", Profile)
- mux.HandleFunc("/debug/pprof/symbol", Symbol)
- mux.HandleFunc("/debug/pprof/trace", Trace)
-}
-
-// Cmdline responds with the running program's
-// command line, with arguments separated by NUL bytes.
-// The package initialization registers it as /debug/pprof/cmdline.
-func Cmdline(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("X-Content-Type-Options", "nosniff")
- w.Header().Set("Content-Type", "text/plain; charset=utf-8")
- fmt.Fprint(w, strings.Join(os.Args, "\x00"))
-}
-
-func sleep(w http.ResponseWriter, d time.Duration) {
- var clientGone <-chan bool
- //lint:ignore SA1019 CloseNotifier is deprecated but it functions and this is a temporary fork
- if cn, ok := w.(http.CloseNotifier); ok {
- clientGone = cn.CloseNotify()
- }
- select {
- case <-time.After(d):
- case <-clientGone:
- }
-}
-
-func durationExceedsWriteTimeout(r *http.Request, seconds float64) bool {
- srv, ok := r.Context().Value(http.ServerContextKey).(*http.Server)
- return ok && srv.WriteTimeout != 0 && seconds >= srv.WriteTimeout.Seconds()
-}
-
-func serveError(w http.ResponseWriter, status int, txt string) {
- w.Header().Set("Content-Type", "text/plain; charset=utf-8")
- w.Header().Set("X-Go-Pprof", "1")
- w.Header().Del("Content-Disposition")
- w.WriteHeader(status)
- fmt.Fprintln(w, txt)
-}
-
-// Profile responds with the pprof-formatted cpu profile.
-// Profiling lasts for duration specified in seconds GET parameter, or for 30 seconds if not specified.
-// The package initialization registers it as /debug/pprof/profile.
-func Profile(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("X-Content-Type-Options", "nosniff")
- sec, err := strconv.ParseInt(r.FormValue("seconds"), 10, 64)
- if sec <= 0 || err != nil {
- sec = 30
- }
-
- if durationExceedsWriteTimeout(r, float64(sec)) {
- serveError(w, http.StatusBadRequest, "profile duration exceeds server's WriteTimeout")
- return
- }
-
- // Set Content Type assuming StartCPUProfile will work,
- // because if it does it starts writing.
- w.Header().Set("Content-Type", "application/octet-stream")
- w.Header().Set("Content-Disposition", `attachment; filename="profile"`)
- if err := pprof.StartCPUProfile(w); err != nil {
- // StartCPUProfile failed, so no writes yet.
- serveError(w, http.StatusInternalServerError,
- fmt.Sprintf("Could not enable CPU profiling: %s", err))
- return
- }
- sleep(w, time.Duration(sec)*time.Second)
- pprof.StopCPUProfile()
-}
-
-// Trace responds with the execution trace in binary form.
-// Tracing lasts for duration specified in seconds GET parameter, or for 1 second if not specified.
-// The package initialization registers it as /debug/pprof/trace.
-func Trace(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("X-Content-Type-Options", "nosniff")
- sec, err := strconv.ParseFloat(r.FormValue("seconds"), 64)
- if sec <= 0 || err != nil {
- sec = 1
- }
-
- if durationExceedsWriteTimeout(r, sec) {
- serveError(w, http.StatusBadRequest, "profile duration exceeds server's WriteTimeout")
- return
- }
-
- // Set Content Type assuming trace.Start will work,
- // because if it does it starts writing.
- w.Header().Set("Content-Type", "application/octet-stream")
- w.Header().Set("Content-Disposition", `attachment; filename="trace"`)
- if err := trace.Start(w); err != nil {
- // trace.Start failed, so no writes yet.
- serveError(w, http.StatusInternalServerError,
- fmt.Sprintf("Could not enable tracing: %s", err))
- return
- }
- sleep(w, time.Duration(sec*float64(time.Second)))
- trace.Stop()
-}
-
-// Symbol looks up the program counters listed in the request,
-// responding with a table mapping program counters to function names.
-// The package initialization registers it as /debug/pprof/symbol.
-func Symbol(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("X-Content-Type-Options", "nosniff")
- w.Header().Set("Content-Type", "text/plain; charset=utf-8")
-
- // We have to read the whole POST body before
- // writing any output. Buffer the output here.
- var buf bytes.Buffer
-
- // We don't know how many symbols we have, but we
- // do have symbol information. Pprof only cares whether
- // this number is 0 (no symbols available) or > 0.
- fmt.Fprintf(&buf, "num_symbols: 1\n")
-
- var b *bufio.Reader
- if r.Method == "POST" {
- b = bufio.NewReader(r.Body)
- } else {
- b = bufio.NewReader(strings.NewReader(r.URL.RawQuery))
- }
-
- for {
- word, err := b.ReadSlice('+')
- if err == nil {
- word = word[0 : len(word)-1] // trim +
- }
- pc, _ := strconv.ParseUint(string(word), 0, 64)
- if pc != 0 {
- f := runtime.FuncForPC(uintptr(pc))
- if f != nil {
- fmt.Fprintf(&buf, "%#x %s\n", pc, f.Name())
- }
- }
-
- // Wait until here to check for err; the last
- // symbol will have an err because it doesn't end in +.
- if err != nil {
- if err != io.EOF {
- fmt.Fprintf(&buf, "reading request: %v\n", err)
- }
- break
- }
- }
-
- w.Write(buf.Bytes())
-}
-
-// Handler returns an HTTP handler that serves the named profile.
-func Handler(name string) http.Handler {
- return handler(name)
-}
-
-type handler string
-
-func (name handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("X-Content-Type-Options", "nosniff")
- p := pprof.Lookup(string(name))
- if p == nil {
- serveError(w, http.StatusNotFound, "Unknown profile")
- return
- }
- gc, _ := strconv.Atoi(r.FormValue("gc"))
- if name == "heap" && gc > 0 {
- runtime.GC()
- }
- debug, _ := strconv.Atoi(r.FormValue("debug"))
- if debug != 0 {
- w.Header().Set("Content-Type", "text/plain; charset=utf-8")
- } else {
- w.Header().Set("Content-Type", "application/octet-stream")
- w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"`, name))
- }
- p.WriteTo(w, debug)
-}
-
-var profileDescriptions = map[string]string{
- "allocs": "A sampling of all past memory allocations",
- "block": "Stack traces that led to blocking on synchronization primitives",
- "cmdline": "The command line invocation of the current program",
- "goroutine": "Stack traces of all current goroutines",
- "heap": "A sampling of memory allocations of live objects. You can specify the gc GET parameter to run GC before taking the heap sample.",
- "mutex": "Stack traces of holders of contended mutexes",
- "profile": "CPU profile. You can specify the duration in the seconds GET parameter. After you get the profile file, use the go tool pprof command to investigate the profile.",
- "threadcreate": "Stack traces that led to the creation of new OS threads",
- "trace": "A trace of execution of the current program. You can specify the duration in the seconds GET parameter. After you get the trace file, use the go tool trace command to investigate the trace.",
-}
-
-// Index responds with the pprof-formatted profile named by the request.
-// For example, "/debug/pprof/heap" serves the "heap" profile.
-// Index responds to a request for "/debug/pprof/" with an HTML page
-// listing the available profiles.
-func Index(w http.ResponseWriter, r *http.Request) {
- if strings.HasPrefix(r.URL.Path, "/debug/pprof/") {
- name := strings.TrimPrefix(r.URL.Path, "/debug/pprof/")
- if name != "" {
- handler(name).ServeHTTP(w, r)
- return
- }
- }
-
- type profile struct {
- Name string
- Href string
- Desc string
- Count int
- }
- var profiles []profile
- for _, p := range pprof.Profiles() {
- profiles = append(profiles, profile{
- Name: p.Name(),
- Href: p.Name() + "?debug=1",
- Desc: profileDescriptions[p.Name()],
- Count: p.Count(),
- })
- }
-
- // Adding other profiles exposed from within this package
- for _, p := range []string{"cmdline", "profile", "trace"} {
- profiles = append(profiles, profile{
- Name: p,
- Href: p,
- Desc: profileDescriptions[p],
- })
- }
-
- sort.Slice(profiles, func(i, j int) bool {
- return profiles[i].Name < profiles[j].Name
- })
-
- io.WriteString(w, `
-
-/debug/pprof/
-
-
-
-/debug/pprof/
-
-Types of profiles available:
-
-| Count | Profile |
-`)
- for _, p := range profiles {
- fmt.Fprintf(w, "| %d | %v |
\n",
- p.Count, html.EscapeString(p.Href), html.EscapeString(p.Name))
- }
- io.WriteString(w, `
-full goroutine stack dump
-
-
-Profile Descriptions:
-
-`)
- for _, p := range profiles {
- fmt.Fprintf(w, "%s:
%s
-
-
-
-`)
-}
diff --git a/tempfork/pprof/pprof_test.go b/tempfork/pprof/pprof_test.go
deleted file mode 100644
index e69784b4a..000000000
--- a/tempfork/pprof/pprof_test.go
+++ /dev/null
@@ -1,81 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package pprof
-
-import (
- "bytes"
- "io"
- "net/http"
- "net/http/httptest"
- "runtime/pprof"
- "testing"
-)
-
-// TestDescriptions checks that the profile names under runtime/pprof package
-// have a key in the description map.
-func TestDescriptions(t *testing.T) {
- for _, p := range pprof.Profiles() {
- _, ok := profileDescriptions[p.Name()]
- if ok != true {
- t.Errorf("%s does not exist in profileDescriptions map\n", p.Name())
- }
- }
-}
-
-func TestHandlers(t *testing.T) {
- testCases := []struct {
- path string
- handler http.HandlerFunc
- statusCode int
- contentType string
- contentDisposition string
- resp []byte
- }{
- {"/debug/pprof/