Merge pull request #2 from steigr/feature/proxy-protocol
Feature/proxy protocol
This commit is contained in:
commit
a3ce9988ff
@ -25,8 +25,6 @@ import (
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
proxyproto "github.com/Freeaqingme/go-proxyproto"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -39,7 +37,7 @@ var (
|
||||
)
|
||||
|
||||
type Client struct {
|
||||
conn *proxyproto.Conn
|
||||
conn net.Conn
|
||||
registered bool
|
||||
nickname *string
|
||||
username *string
|
||||
@ -73,7 +71,7 @@ func (c *Client) Match(other string) bool {
|
||||
return strings.ToLower(*c.nickname) == strings.ToLower(other)
|
||||
}
|
||||
|
||||
func NewClient(conn *proxyproto.Conn) *Client {
|
||||
func NewClient(conn net.Conn) *Client {
|
||||
nickname := "*"
|
||||
username := ""
|
||||
realname := ""
|
||||
|
@ -1,6 +1,6 @@
|
||||
#!/usr/bin/env bash
|
||||
[[ -f examples/proxy-protocol/haproxy.pid ]] && rm examples/proxy-protocol/haproxy.pid
|
||||
fail() { echjo "$*"; exit 1; }
|
||||
fail() { echo "$*"; exit 1; }
|
||||
|
||||
set -x
|
||||
which haproxy || fail haproxy is missing
|
||||
|
28
goircd.go
28
goircd.go
@ -32,6 +32,10 @@ import (
|
||||
proxyproto "github.com/Freeaqingme/go-proxyproto"
|
||||
)
|
||||
|
||||
const (
|
||||
PROXY_TIMEOUT = 5
|
||||
)
|
||||
|
||||
var (
|
||||
version string
|
||||
hostname = flag.String("hostname", "localhost", "Hostname")
|
||||
@ -42,13 +46,10 @@ var (
|
||||
passwords = flag.String("passwords", "", "Optional path to passwords file")
|
||||
tlsBind = flag.String("tlsbind", "", "TLS address to bind to")
|
||||
tlsPEM = flag.String("tlspem", "", "Path to TLS certificat+key PEM file")
|
||||
proxyTimeout = flag.Uint("proxytimeout", PROXY_TIMEOUT, "Timeout when using proxy protocol")
|
||||
verbose = flag.Bool("v", false, "Enable verbose logging.")
|
||||
)
|
||||
|
||||
const (
|
||||
PROXY_TIMEOUT = 5 * time.Second
|
||||
)
|
||||
|
||||
func listenerLoop(sock net.Listener, events chan ClientEvent) {
|
||||
for {
|
||||
conn, err := sock.Accept()
|
||||
@ -56,8 +57,7 @@ func listenerLoop(sock net.Listener, events chan ClientEvent) {
|
||||
log.Println("Error during accepting connection", err)
|
||||
continue
|
||||
}
|
||||
proxied_conn := proxyproto.NewConn(conn, PROXY_TIMEOUT)
|
||||
client := NewClient(proxied_conn)
|
||||
client := NewClient(conn)
|
||||
go client.Processor(events)
|
||||
}
|
||||
}
|
||||
@ -114,25 +114,39 @@ func Run() {
|
||||
log.Println(*statedir, "statekeeper initialized")
|
||||
}
|
||||
|
||||
proxyTimeout := time.Duration(uint(*proxyTimeout)) * time.Second
|
||||
|
||||
if *bind != "" {
|
||||
listener, err := net.Listen("tcp", *bind)
|
||||
if err != nil {
|
||||
log.Fatalf("Can not listen on %s: %v", *bind, err)
|
||||
}
|
||||
// Add PROXY-Protocol support
|
||||
listener = &proxyproto.Listener{Listener: listener, ProxyHeaderTimeout: proxyTimeout}
|
||||
|
||||
log.Println("Raw listening on", *bind)
|
||||
go listenerLoop(listener, events)
|
||||
}
|
||||
|
||||
if *tlsBind != "" {
|
||||
cert, err := tls.LoadX509KeyPair(*tlsPEM, *tlsPEM)
|
||||
if err != nil {
|
||||
log.Fatalf("Could not load TLS keys from %s: %s", *tlsPEM, err)
|
||||
}
|
||||
config := tls.Config{Certificates: []tls.Certificate{cert}}
|
||||
listenerTLS, err := tls.Listen("tcp", *tlsBind, &config)
|
||||
|
||||
listenerTLS, err := net.Listen("tcp", *tlsBind)
|
||||
if err != nil {
|
||||
log.Fatalf("Can not listen on %s: %v", *tlsBind, err)
|
||||
}
|
||||
log.Println("TLS listening on", *tlsBind)
|
||||
|
||||
// Add PROXY-Protocol support
|
||||
|
||||
listenerTLS = &proxyproto.Listener{Listener: listenerTLS, ProxyHeaderTimeout: proxyTimeout}
|
||||
|
||||
listenerTLS = tls.NewListener(listenerTLS, &config)
|
||||
|
||||
go listenerLoop(listenerTLS, events)
|
||||
}
|
||||
Processor(events, make(chan struct{}))
|
||||
|
Loading…
Reference in New Issue
Block a user