diff options
| author | Mohammed Al Sahaf <msaa1990@gmail.com> | 2024-05-07 05:02:12 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-06 20:02:12 -0600 |
| commit | d05d715a006322e6d512f308b4f9543cdf013187 (patch) | |
| tree | dfeddfbff37255feb739944a690f22aba2988a54 | |
| parent | 8d7ac1840221d0b4060448b6f333e6720cfe895f (diff) | |
reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301)
| -rw-r--r-- | modules/caddyhttp/reverseproxy/httptransport.go | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go index 895873b9..93ed84ad 100644 --- a/modules/caddyhttp/reverseproxy/httptransport.go +++ b/modules/caddyhttp/reverseproxy/httptransport.go @@ -225,41 +225,47 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e if !ok { return nil, fmt.Errorf("failed to get proxy protocol info from context") } - header := proxyproto.Header{ - SourceAddr: &net.TCPAddr{ - IP: proxyProtocolInfo.AddrPort.Addr().AsSlice(), - Port: int(proxyProtocolInfo.AddrPort.Port()), - Zone: proxyProtocolInfo.AddrPort.Addr().Zone(), - }, + var proxyv byte + switch h.ProxyProtocol { + case "v1": + proxyv = 1 + case "v2": + proxyv = 2 + default: + return nil, fmt.Errorf("unexpected proxy protocol version") } + // The src and dst have to be of the same address family. As we don't know the original // dst address (it's kind of impossible to know) and this address is generally of very // little interest, we just set it to all zeros. + var destAddr net.Addr switch { case proxyProtocolInfo.AddrPort.Addr().Is4(): - header.TransportProtocol = proxyproto.TCPv4 - header.DestinationAddr = &net.TCPAddr{ + destAddr = &net.TCPAddr{ IP: net.IPv4zero, } case proxyProtocolInfo.AddrPort.Addr().Is6(): - header.TransportProtocol = proxyproto.TCPv6 - header.DestinationAddr = &net.TCPAddr{ + destAddr = &net.TCPAddr{ IP: net.IPv6zero, } default: return nil, fmt.Errorf("unexpected remote addr type in proxy protocol info") } + sourceAddr := &net.TCPAddr{ + IP: proxyProtocolInfo.AddrPort.Addr().AsSlice(), + Port: int(proxyProtocolInfo.AddrPort.Port()), + Zone: proxyProtocolInfo.AddrPort.Addr().Zone(), + } + header := proxyproto.HeaderProxyFromAddrs(proxyv, sourceAddr, destAddr) + // retain the log message structure switch h.ProxyProtocol { case "v1": - header.Version = 1 caddyCtx.Logger().Debug("sending proxy protocol header v1", zap.Any("header", header)) case "v2": - header.Version = 2 caddyCtx.Logger().Debug("sending proxy protocol header v2", zap.Any("header", header)) - default: - return nil, fmt.Errorf("unexpected proxy protocol version") } + _, err = header.WriteTo(conn) if err != nil { // identify this error as one that occurred during |