From d05d715a006322e6d512f308b4f9543cdf013187 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Tue, 7 May 2024 05:02:12 +0300 Subject: [PATCH] reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301) --- .../caddyhttp/reverseproxy/httptransport.go | 34 +++++++++++-------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go index 895873b9..93ed84ad 100644 --- a/modules/caddyhttp/reverseproxy/httptransport.go +++ b/modules/caddyhttp/reverseproxy/httptransport.go @@ -225,41 +225,47 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e if !ok { return nil, fmt.Errorf("failed to get proxy protocol info from context") } - header := proxyproto.Header{ - SourceAddr: &net.TCPAddr{ - IP: proxyProtocolInfo.AddrPort.Addr().AsSlice(), - Port: int(proxyProtocolInfo.AddrPort.Port()), - Zone: proxyProtocolInfo.AddrPort.Addr().Zone(), - }, + var proxyv byte + switch h.ProxyProtocol { + case "v1": + proxyv = 1 + case "v2": + proxyv = 2 + default: + return nil, fmt.Errorf("unexpected proxy protocol version") } + // The src and dst have to be of the same address family. As we don't know the original // dst address (it's kind of impossible to know) and this address is generally of very // little interest, we just set it to all zeros. + var destAddr net.Addr switch { case proxyProtocolInfo.AddrPort.Addr().Is4(): - header.TransportProtocol = proxyproto.TCPv4 - header.DestinationAddr = &net.TCPAddr{ + destAddr = &net.TCPAddr{ IP: net.IPv4zero, } case proxyProtocolInfo.AddrPort.Addr().Is6(): - header.TransportProtocol = proxyproto.TCPv6 - header.DestinationAddr = &net.TCPAddr{ + destAddr = &net.TCPAddr{ IP: net.IPv6zero, } default: return nil, fmt.Errorf("unexpected remote addr type in proxy protocol info") } + sourceAddr := &net.TCPAddr{ + IP: proxyProtocolInfo.AddrPort.Addr().AsSlice(), + Port: int(proxyProtocolInfo.AddrPort.Port()), + Zone: proxyProtocolInfo.AddrPort.Addr().Zone(), + } + header := proxyproto.HeaderProxyFromAddrs(proxyv, sourceAddr, destAddr) + // retain the log message structure switch h.ProxyProtocol { case "v1": - header.Version = 1 caddyCtx.Logger().Debug("sending proxy protocol header v1", zap.Any("header", header)) case "v2": - header.Version = 2 caddyCtx.Logger().Debug("sending proxy protocol header v2", zap.Any("header", header)) - default: - return nil, fmt.Errorf("unexpected proxy protocol version") } + _, err = header.WriteTo(conn) if err != nil { // identify this error as one that occurred during