homelab/traefik
1
0
Fork 0
Code Activity

Use client conn to build the proxy protocol header

Browse source 
Co-authored-by: Simon Delicata <simon.delicata@free.fr>
This commit is contained in:
Romain 2025-09-19 10:36:05 +02:00 committed by GitHub
parent 660acf3b42
commit 5df4c270a7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 77 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

27
pkg/tcp/dialer.go
View file

@ -19,12 +19,20 @@ import (
"github.com/traefik/traefik/v3/pkg/config/dynamic"
traefiktls "github.com/traefik/traefik/v3/pkg/tls"
"github.com/traefik/traefik/v3/pkg/types"
"golang.org/x/net/proxy"
)
type Dialer interface {
proxy.Dialer
// ClientConn is the interface that provides information about the client connection.
type ClientConn interface {
// LocalAddr returns the local network address, if known.
LocalAddr() net.Addr
// RemoteAddr returns the remote network address, if known.
RemoteAddr() net.Addr
}
// Dialer is an interface to dial a network connection, with support for PROXY protocol and termination delay.
type Dialer interface {
Dial(network, addr string, clientConn ClientConn) (c net.Conn, err error)
TerminationDelay() time.Duration
}
@ -34,18 +42,20 @@ type tcpDialer struct {
proxyProtocol *dynamic.ProxyProtocol
}
// TerminationDelay returns the termination delay duration.
func (d tcpDialer) TerminationDelay() time.Duration {
return d.terminationDelay
}
func (d tcpDialer) Dial(network, addr string) (net.Conn, error) {
// Dial dials a network connection and optionally sends a PROXY protocol header.
func (d tcpDialer) Dial(network, addr string, clientConn ClientConn) (net.Conn, error) {
conn, err := d.dialer.Dial(network, addr)
if err != nil {
return nil, err
}
if d.proxyProtocol != nil && d.proxyProtocol.Version > 0 && d.proxyProtocol.Version < 3 {
header := proxyproto.HeaderProxyFromAddrs(byte(d.proxyProtocol.Version), conn.RemoteAddr(), conn.LocalAddr())
if d.proxyProtocol != nil && clientConn != nil && d.proxyProtocol.Version > 0 && d.proxyProtocol.Version < 3 {
header := proxyproto.HeaderProxyFromAddrs(byte(d.proxyProtocol.Version), clientConn.RemoteAddr(), clientConn.LocalAddr())
if _, err := header.WriteTo(conn); err != nil {
_ = conn.Close()
return nil, fmt.Errorf("writing PROXY Protocol header: %w", err)
@ -60,8 +70,9 @@ type tcpTLSDialer struct {
tlsConfig *tls.Config
}
func (d tcpTLSDialer) Dial(network, addr string) (net.Conn, error) {
conn, err := d.tcpDialer.Dial(network, addr)
// Dial dials a network connection with the wrapped tcpDialer and performs a TLS handshake.
func (d tcpTLSDialer) Dial(network, addr string, clientConn ClientConn) (net.Conn, error) {
conn, err := d.tcpDialer.Dial(network, addr, clientConn)
if err != nil {
return nil, err
}