mirror of
https://github.com/alexbers/mtprotoproxy.git
synced 2026-03-14 07:13:09 +00:00
f51a4bfe34
* add proxy protocol v1/v2 support With fake-tls enabled, it was still quite hard to use mtprotoproxy as backend behing some reverse https/tls proxy (nginx, haproxy, etc) because it still need client address & port info. With nginx already configured to use stream proxy with proxy protocol, it was impossibe to connect due additional proxy header transmission before real hadshake. Adding general support of proxy protocol fixed both issues. New config option PROXY_PROTOCOL = True enables transparent support, unproxied incoming connections will still be accepted. Since reverse proxy needs to be trusted, option disabled by default. References: * https://www.haproxy.com/blog/haproxy/proxy-protocol/ * http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt * slightly optimize proxy v1 error path * rework proxy handler * deny direct connection with enabled PROXY_PROTOCOl per specs * simplify proxy header checking * use textual form of proxy v1 header * drop useless find() call * fix client address logging
58 KiB
Executable File
58 KiB
Executable File