Merge pull request #20 from Castaglia/tlv-session-notes-issue18

Issue #18: Store the PROXY protocol V2 TLVs as session notes.
Castaglia · Jun 5, 2021 · 9de87d2 · 9de87d2
2 parents d77db16 + dafcd1e
commit 9de87d2
Showing 1 changed file with 17 additions and 1 deletion.
diff --git a/mod_proxy_protocol.c b/mod_proxy_protocol.c
@@ -30,7 +30,7 @@
 # include <sys/uio.h>
 #endif /* HAVE_SYS_UIO_H */
 
-#define MOD_PROXY_PROTOCOL_VERSION	"mod_proxy_protocol/0.4"
+#define MOD_PROXY_PROTOCOL_VERSION	"mod_proxy_protocol/0.5"
 
 /* Make sure the version of proftpd is as necessary. */
 #if PROFTPD_VERSION_NUMBER < 0x0001030507
@@ -697,32 +697,42 @@ static int read_haproxy_v2_tls_tlv(pool *p, void *tlv_val, size_t tlv_valsz) {
       case 0x21:
         pr_trace_msg(trace_channel, 19,
           "TLS TLV: TLS version: %.*s", (int) tls_valsz, (char *) tls_val);
+        (void) pr_table_add_dup(session.notes, "mod_proxy_protocol.tls-version",
+          tlv_val, (size_t) tlv_valsz);
         break;
 
       /* TLS CN */
       case 0x22:
         pr_trace_msg(trace_channel, 19,
           "TLS TLV: TLS CN: %*.s", (int) tls_valsz, (char *) tls_val);
+        (void) pr_table_add_dup(session.notes,
+          "mod_proxy_protocol.tls-common-name", tlv_val, (size_t) tlv_valsz);
         break;
 
       /* TLS cipher */
       case 0x23:
         pr_trace_msg(trace_channel, 19,
           "TLS TLV: TLS cipher: %.*s", (int) tls_valsz, (char *) tls_val);
+        (void) pr_table_add_dup(session.notes, "mod_proxy_protocol.tls-cipher",
+          tlv_val, (size_t) tlv_valsz);
         break;
 
       /* TLS signature algorithm */
       case 0x24:
         pr_trace_msg(trace_channel, 19,
           "TLS TLV: TLS signature algorithm: %.*s", (int) tls_valsz,
           (char *) tls_val);
+        (void) pr_table_add_dup(session.notes,
+          "mod_proxy_protocol.tls-signature-algo", tlv_val, (size_t) tlv_valsz);
         break;
 
       /* TLS key algorithm */
       case 0x25:
         pr_trace_msg(trace_channel, 19,
           "TLS TLV: TLS key algorithm: %.*s", (int) tls_valsz,
           (char *) tls_val);
+        (void) pr_table_add_dup(session.notes,
+          "mod_proxy_protocol.tls-key-algo", tlv_val, (size_t) tlv_valsz);
         break;
 
       default:
@@ -788,13 +798,17 @@ static int read_haproxy_v2_tlvs(pool *p, conn_t *conn, size_t len) {
         pr_trace_msg(trace_channel, 19,
           "received proxy protocol V2 ALPN: %.*s", (int) tlv_valsz,
           (char *) tlv_val);
+        (void) pr_table_add_dup(session.notes, "mod_proxy_protocol.alpn",
+          tlv_val, (size_t) tlv_valsz);
         break;
 
       /* "Authority" (server name, ala SNI) */
       case 0x02:
         pr_trace_msg(trace_channel, 19,
           "received proxy protocol V2 SNI: %.*s", (int) tlv_valsz,
           (char *) tlv_val);
+        (void) pr_table_add_dup(session.notes, "mod_proxy_protocol.authority",
+          tlv_val, (size_t) tlv_valsz);
         break;
 
       /* CRC32 */
@@ -816,6 +830,8 @@ static int read_haproxy_v2_tlvs(pool *p, conn_t *conn, size_t len) {
         pr_trace_msg(trace_channel, 19,
           "received proxy protocol V2 Unique ID TLV (%lu bytes)",
           (unsigned long) tlv_valsz);
+        (void) pr_table_add_dup(session.notes, "mod_proxy_protocol.unique-id",
+          tlv_val, (size_t) tlv_valsz);
         break;
 
       /* TLS */