Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parse proxy protocol #337

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Parse proxy protocol #337

wants to merge 2 commits into from

Conversation

silviucpp
Copy link

In case you want to load balance the servers with an HAPROXY and you need to properly detect the peer ip you need to use the PROXY PROTOCOL: http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt

@mworrell
Copy link
Collaborator

I guess it is a bit tricky to add a test for this?
(Considering you need some proxy to talk to...)

@silviucpp
Copy link
Author

@ mworrell the fix is not proper. I will adjust it in the next days.

@silviucpp
Copy link
Author

I made the implementation much easy by using {packet, line}. Previous one was wrong because I was reading from socket also additional data coming after the proxy protocol.

@silviucpp
Copy link
Author

can be tested with haproxy basic config:

listen smtp-server

        bind :5878
        mode tcp
        option  tcplog
        balance roundrobin

        server smtp_tcp_s01 127.0.0.1:2525 check port 2525 send-proxy inter 4s rise 3 fall 2

Vagabond
Vagabond reviewed Feb 29, 2024
View reviewed changes
src/gen_smtp_server_session.erl
case Data of
<<"PROXY ", _/binary>> ->
case binary:split(Data, <<" ">>, [global]) of
[<<"PROXY">>, InetFamily, SrcIp, _DstIp, _SrcPort, _DstPort] when InetFamily == <<"TCP4">> orelse InetFamily == <<"TCP6">> ->
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You should probably use the right, address specific parser for v4 or v6, so if the proxy sends TCP4 with a v6 address, things fail.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Huh... can you be more explicit ?

src/gen_smtp_server_session.erl
ok = Transport:setopts(Socket, [{packet, line}, binary]),
case Transport:recv(Socket, 0, 5000) of
{ok, Data} ->
case Data of
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's also a binary form of this protocol (version 2), were you planning on supporting this as well?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can support if you think it makes sense. Idea is that you have control in what version you want to use:

send-proxy is v1 (current implementation)
send-proxy-v2 - is v2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vagabond Vagabond Vagabond left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@silviucpp @mworrell @Vagabond