reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301)

This commit is contained in:
Mohammed Al Sahaf 2024-05-07 05:02:12 +03:00 committed by GitHub
parent 8d7ac18402
commit d05d715a00
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -225,41 +225,47 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e
if !ok { if !ok {
return nil, fmt.Errorf("failed to get proxy protocol info from context") return nil, fmt.Errorf("failed to get proxy protocol info from context")
} }
header := proxyproto.Header{ var proxyv byte
SourceAddr: &net.TCPAddr{ switch h.ProxyProtocol {
IP: proxyProtocolInfo.AddrPort.Addr().AsSlice(), case "v1":
Port: int(proxyProtocolInfo.AddrPort.Port()), proxyv = 1
Zone: proxyProtocolInfo.AddrPort.Addr().Zone(), case "v2":
}, proxyv = 2
default:
return nil, fmt.Errorf("unexpected proxy protocol version")
} }
// The src and dst have to be of the same address family. As we don't know the original // The src and dst have to be of the same address family. As we don't know the original
// dst address (it's kind of impossible to know) and this address is generally of very // dst address (it's kind of impossible to know) and this address is generally of very
// little interest, we just set it to all zeros. // little interest, we just set it to all zeros.
var destAddr net.Addr
switch { switch {
case proxyProtocolInfo.AddrPort.Addr().Is4(): case proxyProtocolInfo.AddrPort.Addr().Is4():
header.TransportProtocol = proxyproto.TCPv4 destAddr = &net.TCPAddr{
header.DestinationAddr = &net.TCPAddr{
IP: net.IPv4zero, IP: net.IPv4zero,
} }
case proxyProtocolInfo.AddrPort.Addr().Is6(): case proxyProtocolInfo.AddrPort.Addr().Is6():
header.TransportProtocol = proxyproto.TCPv6 destAddr = &net.TCPAddr{
header.DestinationAddr = &net.TCPAddr{
IP: net.IPv6zero, IP: net.IPv6zero,
} }
default: default:
return nil, fmt.Errorf("unexpected remote addr type in proxy protocol info") return nil, fmt.Errorf("unexpected remote addr type in proxy protocol info")
} }
sourceAddr := &net.TCPAddr{
IP: proxyProtocolInfo.AddrPort.Addr().AsSlice(),
Port: int(proxyProtocolInfo.AddrPort.Port()),
Zone: proxyProtocolInfo.AddrPort.Addr().Zone(),
}
header := proxyproto.HeaderProxyFromAddrs(proxyv, sourceAddr, destAddr)
// retain the log message structure
switch h.ProxyProtocol { switch h.ProxyProtocol {
case "v1": case "v1":
header.Version = 1
caddyCtx.Logger().Debug("sending proxy protocol header v1", zap.Any("header", header)) caddyCtx.Logger().Debug("sending proxy protocol header v1", zap.Any("header", header))
case "v2": case "v2":
header.Version = 2
caddyCtx.Logger().Debug("sending proxy protocol header v2", zap.Any("header", header)) caddyCtx.Logger().Debug("sending proxy protocol header v2", zap.Any("header", header))
default:
return nil, fmt.Errorf("unexpected proxy protocol version")
} }
_, err = header.WriteTo(conn) _, err = header.WriteTo(conn)
if err != nil { if err != nil {
// identify this error as one that occurred during // identify this error as one that occurred during