do fake proxy protocol during testReachability

Jyrno42 · Sep 9, 2019 · cdc7735 · cdc7735
1 parent efceb72
commit cdc7735
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/foo.sh b/foo.sh
@@ -0,0 +1 @@
+make images DOCKER_REPO=hub.docker.com/jyrno42 DOCKER_TAG=experimental
diff --git a/pkg/issuer/acme/http/http.go b/pkg/issuer/acme/http/http.go
@@ -21,6 +21,7 @@ import (
 	"crypto/tls"
 	"fmt"
 	"io/ioutil"
+	"net"
 	"net/http"
 	"net/url"
 	"time"
@@ -179,6 +180,17 @@ func (s *Solver) buildChallengeUrl(ch *v1alpha1.Challenge) *url.URL {
 	return url
 }
 
+type ProxyConnWrapper struct {
+    net.Conn
+}
+
+func (w ProxyConnWrapper) Write(p []byte) (n int, err error) {
+	head := []byte("PROXY TCP4 0.0.0.0 0.0.0.0 80 80\r\n")
+	buf := append(head, p...)
+	n, err = w.Conn.Write(buf)
+	return
+}
+
 // testReachability will attempt to connect to the 'domain' with 'path' and
 // check if the returned body equals 'key'
 func testReachability(ctx context.Context, url *url.URL, key string) error {
@@ -205,6 +217,14 @@ func testReachability(ctx context.Context, url *url.URL, key string) error {
 		TLSClientConfig: &tls.Config{
 			InsecureSkipVerify: true,
 		},
+
+        Dial: func(network, a string) (net.Conn, error) {
+            realConn, err := net.Dial(network, a)
+            if err != nil {
+                return nil, err
+            }
+            return &ProxyConnWrapper{Conn: realConn}, nil
+        },
 	}
 	client := http.Client{
 		Transport: transport,