mirror of https://github.com/telemt/telemt.git
Merge pull request #273 from ivulit/fix/proxy-protocol-unix-sock
fix: send PROXY protocol header to mask unix socket
This commit is contained in:
Alexey
GitHub
commit
25ffcf6081
|
|
@ -88,7 +88,29 @@ where
|
||||||
let connect_result = timeout(MASK_TIMEOUT, UnixStream::connect(sock_path)).await;
|
let connect_result = timeout(MASK_TIMEOUT, UnixStream::connect(sock_path)).await;
|
||||||
match connect_result {
|
match connect_result {
|
||||||
Ok(Ok(stream)) => {
|
Ok(Ok(stream)) => {
|
||||||
let (mask_read, mask_write) = stream.into_split();
|
let (mask_read, mut mask_write) = stream.into_split();
|
||||||
|
let proxy_header: Option<Vec<u8>> = match config.censorship.mask_proxy_protocol {
|
||||||
|
0 => None,
|
||||||
|
version => {
|
||||||
|
let header = match version {
|
||||||
|
2 => ProxyProtocolV2Builder::new().with_addrs(peer, local_addr).build(),
|
||||||
|
_ => match (peer, local_addr) {
|
||||||
|
(SocketAddr::V4(src), SocketAddr::V4(dst)) =>
|
||||||
|
ProxyProtocolV1Builder::new().tcp4(src.into(), dst.into()).build(),
|
||||||
|
(SocketAddr::V6(src), SocketAddr::V6(dst)) =>
|
||||||
|
ProxyProtocolV1Builder::new().tcp6(src.into(), dst.into()).build(),
|
||||||
|
_ =>
|
||||||
|
ProxyProtocolV1Builder::new().build(),
|
||||||
|
},
|
||||||
|
};
|
||||||
|
Some(header)
|
||||||
|
}
|
||||||
|
};
|
||||||
|
if let Some(header) = proxy_header {
|
||||||
|
if mask_write.write_all(&header).await.is_err() {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
if timeout(MASK_RELAY_TIMEOUT, relay_to_mask(reader, writer, mask_read, mask_write, initial_data)).await.is_err() {
|
if timeout(MASK_RELAY_TIMEOUT, relay_to_mask(reader, writer, mask_read, mask_write, initial_data)).await.is_err() {
|
||||||
debug!("Mask relay timed out (unix socket)");
|
debug!("Mask relay timed out (unix socket)");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -499,7 +499,7 @@ async fn fetch_via_raw_tls(
|
||||||
sock = %sock_path,
|
sock = %sock_path,
|
||||||
"Raw TLS fetch using mask unix socket"
|
"Raw TLS fetch using mask unix socket"
|
||||||
);
|
);
|
||||||
return fetch_via_raw_tls_stream(stream, sni, connect_timeout, 0).await;
|
return fetch_via_raw_tls_stream(stream, sni, connect_timeout, proxy_protocol).await;
|
||||||
}
|
}
|
||||||
Ok(Err(e)) => {
|
Ok(Err(e)) => {
|
||||||
warn!(
|
warn!(
|
||||||
|
|
@ -631,7 +631,7 @@ async fn fetch_via_rustls(
|
||||||
sock = %sock_path,
|
sock = %sock_path,
|
||||||
"Rustls fetch using mask unix socket"
|
"Rustls fetch using mask unix socket"
|
||||||
);
|
);
|
||||||
return fetch_via_rustls_stream(stream, host, sni, 0).await;
|
return fetch_via_rustls_stream(stream, host, sni, proxy_protocol).await;
|
||||||
}
|
}
|
||||||
Ok(Err(e)) => {
|
Ok(Err(e)) => {
|
||||||
warn!(
|
warn!(
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue