initial commit

mastercactapus · mastercactapus · commit 3939c241328d · 2017-01-29T11:45:53.000-06:00
diff --git a/README.md b/README.md
@@ -0,0 +1,30 @@
+# Add PROXY protocol support to caddy
+
+## Syntax
+
+```
+proxyprotocol *cidr* ... {
+    timeout *val*
+}
+```
+
+- **cidr** CIDR ranges to process PROXY headers from
+- **val** duration value (e.g. 5s, 1m)
+
+The default timeout is `5s`. Set to `0` or `none` to disable the timeout.
+
+## Examples
+
+```
+# Enable from any source (probably don't want this in prod)
+proxyprotocol
+
+# Enable from local subnet and fixed IP
+proxyprotocol 10.22.0.0/16 10.23.0.1/32
+
+# Set header timeout
+proxyprotocol 10.22.0.0/16 10.23.0.1/32 {
+    timeout 5s
+}
+
+```
diff --git a/listeners.go b/listeners.go
@@ -0,0 +1,57 @@
+package proxyprotocol
+
+import (
+	"net"
+	"os"
+
+	proxyproto "github.com/armon/go-proxyproto"
+	"github.com/mholt/caddy"
+)
+
+type Configs []Config
+
+type Listener struct {
+	net.Listener
+	Configs []Config
+}
+type CaddyListener struct {
+	*Listener
+}
+
+func (c *CaddyListener) File() (*os.File, error) {
+	return c.Listener.Listener.(caddy.Listener).File()
+}
+
+func (c Configs) NewListener(l net.Listener) net.Listener {
+	ln := &Listener{
+		Listener: l,
+		Configs:  []Config(c),
+	}
+	if _, ok := l.(caddy.Listener); ok {
+		return &CaddyListener{Listener: ln}
+	}
+	return ln
+}
+
+func (l *Listener) Accept() (net.Conn, error) {
+	c, err := l.Listener.Accept()
+	if err != nil {
+		return nil, err
+	}
+
+	addr, ok := c.RemoteAddr().(*net.TCPAddr)
+	if !ok {
+		return c, nil
+	}
+	for _, cfg := range l.Configs {
+		if cfg.Subnets == nil {
+			return proxyproto.NewConn(c, cfg.Timeout), nil
+		}
+		for _, s := range cfg.Subnets {
+			if s.Contains(addr.IP) {
+				return proxyproto.NewConn(c, cfg.Timeout), nil
+			}
+		}
+	}
+	return c, nil
+}
diff --git a/setup.go b/setup.go
@@ -0,0 +1,61 @@
+package proxyprotocol
+
+import (
+	"net"
+	"time"
+
+	"github.com/mholt/caddy"
+	"github.com/mholt/caddy/caddyhttp/httpserver"
+)
+
+type Config struct {
+	Timeout time.Duration
+	Subnets []*net.IPNet
+}
+
+func init() {
+	caddy.RegisterPlugin("proxyprotocol", caddy.Plugin{
+		ServerType: "http",
+		Action:     setup,
+	})
+}
+
+func setup(c *caddy.Controller) error {
+	var configs []Config
+	var err error
+
+	for c.Next() {
+		var cfg Config
+		for c.NextArg() {
+			_, n, err := net.ParseCIDR(c.Val())
+			if err != nil {
+				return err
+			}
+			cfg.Subnets = append(cfg.Subnets, n)
+		}
+
+		if c.NextBlock() {
+			switch c.Val() {
+			case "timeout":
+				if !c.NextArg() {
+					return c.ArgErr()
+				}
+				cfg.Timeout, err = time.ParseDuration(c.Val())
+				if err != nil {
+					return err
+				}
+			default:
+				return c.ArgErr()
+			}
+		}
+		configs = append(configs, cfg)
+		if c.NextBlock() {
+			return c.ArgErr()
+		}
+	}
+	if configs != nil {
+		httpserver.GetConfig(c).AddListenerMiddleware(Configs(configs).NewListener)
+	}
+
+	return nil
+}
