(trafficserver) branch master updated: Add support for getting authority information from Proxy Protocol (#12049)

cmcfarlen Wed, 26 Feb 2025 06:25:21 -0800

This is an automated email from the ASF dual-hosted git repository.

cmcfarlen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git



The following commit(s) were added to refs/heads/master by this push:
     new 87571af1dc Add support for getting authority information from Proxy 
Protocol (#12049)
87571af1dc is described below

commit 87571af1dc244ad062493f9fc71947e0689b68ed
Author: Chris McFarlen <[email protected]>
AuthorDate: Wed Feb 26 08:23:52 2025 -0600

    Add support for getting authority information from Proxy Protocol (#12049)
    
    * Add support for getting authority information from Proxy Protocol
    
    * inline
    
    * include optional for some compilers
    
    ---------
    
    Co-authored-by: Chris McFarlen <[email protected]>
---
 doc/admin-guide/logging/formatting.en.rst |  2 ++
 include/iocore/net/NetVConnection.h       | 15 ++++++++++++++-
 include/iocore/net/ProxyProtocol.h        |  3 +++
 include/proxy/logging/LogAccess.h         |  1 +
 src/iocore/net/ProxyProtocol.cc           | 13 +++++++++++++
 src/proxy/logging/Log.cc                  |  5 +++++
 src/proxy/logging/LogAccess.cc            | 13 +++++++++++++
 7 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/doc/admin-guide/logging/formatting.en.rst 
b/doc/admin-guide/logging/formatting.en.rst
index e687fdbd22..5e06b1ddbe 100644
--- a/doc/admin-guide/logging/formatting.en.rst
+++ b/doc/admin-guide/logging/formatting.en.rst
@@ -519,6 +519,8 @@ pps   Proxy Protocol Source IP received via Proxy Protocol 
context from the LB t
       Source IP      the |TS|
 ppd   Proxy Protocol Destination IP received via Proxy Protocol context from 
the LB
       Dest IP        to the |TS|
+ppa   Proxy Protocol The Authority TLV from Proxy Protocol context from the LB
+      Authority      to the |TS|
 
 ===== ============== ==========================================================
 
diff --git a/include/iocore/net/NetVConnection.h 
b/include/iocore/net/NetVConnection.h
index 02c254acfc..9041e07833 100644
--- a/include/iocore/net/NetVConnection.h
+++ b/include/iocore/net/NetVConnection.h
@@ -458,7 +458,14 @@ public:
     return pp_info.version;
   }
 
-  sockaddr const *get_proxy_protocol_addr(const ProxyProtocolData) const;
+  sockaddr const                 *get_proxy_protocol_addr(const 
ProxyProtocolData) const;
+  std::optional<std::string_view> get_proxy_protocol_tlv(const uint8_t 
tlvCode) const;
+
+  std::optional<std::string_view>
+  get_proxy_protocol_authority() const
+  {
+    return get_proxy_protocol_tlv(PP2_TYPE_AUTHORITY);
+  }
 
   sockaddr const *
   get_proxy_protocol_src_addr() const
@@ -754,6 +761,12 @@ NetVConnection::get_proxy_protocol_addr(const 
ProxyProtocolData src_or_dst) cons
   return nullptr;
 }
 
+inline std::optional<std::string_view>
+NetVConnection::get_proxy_protocol_tlv(const uint8_t tlvCode) const
+{
+  return pp_info.get_tlv(tlvCode);
+}
+
 inline void
 NetVConnection::set_proxy_protocol_info(const ProxyProtocol &src)
 {
diff --git a/include/iocore/net/ProxyProtocol.h 
b/include/iocore/net/ProxyProtocol.h
index 7ff570162a..110584be7e 100644
--- a/include/iocore/net/ProxyProtocol.h
+++ b/include/iocore/net/ProxyProtocol.h
@@ -29,6 +29,7 @@
 #include <swoc/TextView.h>
 #include <unordered_map>
 #include <cstdlib>
+#include <optional>
 
 enum class ProxyProtocolVersion {
   UNDEFINED,
@@ -68,6 +69,8 @@ public:
   void set_ipv4_addrs(in_addr_t src_addr, uint16_t src_port, in_addr_t 
dst_addr, uint16_t dst_port);
   void set_ipv6_addrs(const in6_addr &src_addr, uint16_t src_port, const 
in6_addr &dst_addr, uint16_t dst_port);
 
+  std::optional<std::string_view> get_tlv(const uint8_t tlvCode) const;
+
   ProxyProtocolVersion                          version   = 
ProxyProtocolVersion::UNDEFINED;
   uint16_t                                      ip_family = AF_UNSPEC;
   int                                           type      = 0;
diff --git a/include/proxy/logging/LogAccess.h 
b/include/proxy/logging/LogAccess.h
index 88f1c8203f..4f909e1148 100644
--- a/include/proxy/logging/LogAccess.h
+++ b/include/proxy/logging/LogAccess.h
@@ -262,6 +262,7 @@ public:
   int marshal_proxy_protocol_version(char *);                      // STR
   int marshal_proxy_protocol_src_ip(char *);                       // STR
   int marshal_proxy_protocol_dst_ip(char *);                       // STR
+  int marshal_proxy_protocol_authority(char *);                    // STR
 
   // named fields from within a http header
   //
diff --git a/src/iocore/net/ProxyProtocol.cc b/src/iocore/net/ProxyProtocol.cc
index 76e7a3ddef..9da97f889b 100644
--- a/src/iocore/net/ProxyProtocol.cc
+++ b/src/iocore/net/ProxyProtocol.cc
@@ -28,6 +28,8 @@
 #include "swoc/TextView.h"
 #include "swoc/bwf_base.h"
 #include "tsutil/DbgCtl.h"
+#include <optional>
+#include <string_view>
 
 namespace
 {
@@ -525,6 +527,17 @@ ProxyProtocol::set_ipv6_addrs(const in6_addr &src_addr, 
uint16_t src_port, const
   this->ip_family = AF_INET6;
 }
 
+std::optional<std::string_view>
+ProxyProtocol::get_tlv(const uint8_t tlvCode) const
+{
+  if (version == ProxyProtocolVersion::V2) {
+    if (auto v = tlv.find(tlvCode); v != tlv.end()) {
+      return v->second;
+    }
+  }
+  return std::nullopt;
+}
+
 int
 ProxyProtocol::set_additional_data(std::string_view data)
 {
diff --git a/src/proxy/logging/Log.cc b/src/proxy/logging/Log.cc
index c94a246702..1d62007003 100644
--- a/src/proxy/logging/Log.cc
+++ b/src/proxy/logging/Log.cc
@@ -983,6 +983,11 @@ Log::init_fields()
   global_field_list.add(field, false);
   field_symbol_hash.emplace("ppdip", field);
 
+  field = new LogField("proxy_protocol_authority", "ppa", LogField::IP, 
&LogAccess::marshal_proxy_protocol_authority,
+                       &LogAccess::unmarshal_str);
+  global_field_list.add(field, false);
+  field_symbol_hash.emplace("ppa", field);
+
   field = new LogField("version_build_number", "vbn", LogField::STRING, 
&LogAccess::marshal_version_build_number,
                        &LogAccess::unmarshal_str);
   global_field_list.add(field, false);
diff --git a/src/proxy/logging/LogAccess.cc b/src/proxy/logging/LogAccess.cc
index b8fbd5390a..98c408ef28 100644
--- a/src/proxy/logging/LogAccess.cc
+++ b/src/proxy/logging/LogAccess.cc
@@ -1593,6 +1593,19 @@ LogAccess::marshal_proxy_protocol_dst_ip(char *buf)
   return marshal_ip(buf, ip);
 }
 
+int
+LogAccess::marshal_proxy_protocol_authority(char *buf)
+{
+  if (buf && m_http_sm) {
+    if (auto authority = 
m_http_sm->t_state.pp_info.get_tlv(PP2_TYPE_AUTHORITY)) {
+      int len = static_cast<int>(authority->size());
+      marshal_str(buf, authority->data(), len);
+      return len;
+    }
+  }
+  return 0;
+}
+
 /*-------------------------------------------------------------------------
   -------------------------------------------------------------------------*/
 int

(trafficserver) branch master updated: Add support for getting authority information from Proxy Protocol (#12049)

Reply via email to