Closed HappyTobi closed 8 months ago
A third party proxy protocol package could just wrap a net.Listener
and expose itself as a net.Listener
for net/http.Server.Serve
.
Which is what already existing packages do: https://pkg.go.dev/github.com/blacktear23/go-proxyprotocol#NewListener
Why should we add a more complex and less flexible filtering system into net
?
Hi,
I know that kind of implementations and know that writing a "custom" net.Listener
can handle that.
The only problem that I see is, that "default" (for example http server) implementation will fail when you receive a tcp package that includes a proxy protocol. So my idea was to add something that is "issue" is handled by default / configuration.
Thanks, but in the Go standard library filters are implemented by wrapping readers. If HTTP needs a way to filter its reader, then we should add a way to customize the reader that it uses. We should add something inside TCPConn
. I'm going to close this proposal. Please comment if you disagree.
Proposal Details
Abstract
Introduce a filter / interceptor that will be called in the TCPConn Read function, that can be configured on the TCPListener. The TCPConn should be the same as today, so no default filter should be apply.
Background
Whenever we are using an underlying TCP connection, the implementations like http break when a TCP Package contains a ProxyProtocol V1 or V2 header. The problem in the http component is how the TCP package is processed. The important part here is, that http should not have to care about the TCP Package itself, it should only care about the http package. To solve problems like that, we should give the users more flexibility on how a TCP Package is processed. To provide that flexibility, we should introduce a filter or interceptor to the TCPConn.
Proposal
The proposal is to add a filter or interceptor to the TCPListener that is used in the TCPConnection itself and allows that every package that is received can be "filtered". The filter must be called before the TCPConn is doing the syscall receiving the TCP package on which the filter or interceptor should be applied. The filter should be able to modify / change the TCP Package before it is returned to the caller.
The interface that is provided can also be used to implement something like a callback where for example the ProxyProtocol V1 or V2 header can be processed.
To have something that is working out of the box for an http server, for example, we should introduce an implementation that drops the ProxyProtocol header if a user is configuring the server with the filter.
Compatibility
The introduction of the filter / interceptor should not break any existing code. The new introduced filter / interceptor is optional. When a filter / interceptor is required, it can be configured on the TCPListener.
Implementation
The implementation / example is not finished but should show the idea behind the proposal.