diff --git a/protocol.go b/protocol.go index ff3abb7..16e1f3b 100644 --- a/protocol.go +++ b/protocol.go @@ -627,12 +627,13 @@ func (session *session) handleXCLIENT(cmd command) { } func (session *session) handlePROXY(cmd command) { - + session.logf("Proxy command: %s", cmd.line) + // http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt + // Example: `PROXY TCP4 8.8.8.8 127.0.0.1 443 25` if !session.server.EnableProxyProtocol { session.reply(550, "Proxy Protocol not enabled") return } - if len(cmd.fields) < 6 { session.reply(502, "Couldn't decode the command.") return @@ -643,7 +644,6 @@ func (session *session) handlePROXY(cmd command) { newTCPPort uint64 = 0 err error ) - newAddr = net.ParseIP(cmd.fields[2]) newTCPPort, err = strconv.ParseUint(cmd.fields[4], 10, 16) @@ -665,6 +665,9 @@ func (session *session) handlePROXY(cmd command) { if newTCPPort != 0 { tcpAddr.Port = int(newTCPPort) } + session.logf("Proxy processed: new address - %s:%v", + tcpAddr.IP, tcpAddr.Port, + ) session.welcome() diff --git a/smtpd_test.go b/smtpd_test.go index 09a2121..6b946b0 100644 --- a/smtpd_test.go +++ b/smtpd_test.go @@ -1590,6 +1590,35 @@ func TestMailformedMAILFROM(t *testing.T) { } } +func TestProxyNotEnabled(t *testing.T) { + addr, closer := runserver(t, &smtpd.Server{ + EnableProxyProtocol: false, // important + ProtocolLogger: log.New(os.Stdout, "log: ", log.Lshortfile), + }) + defer closer() + + c, err := smtp.Dial(addr) + if err != nil { + t.Fatalf("Dial failed: %v", err) + } + + where := strings.Split(addr, ":") + err = cmd(c.Text, 550, "PROXY TCP4 8.8.8.8 %s 443 %s", where[0], where[1]) + if err != nil { + t.Fatalf("sending proxy command enabled from the box - %s", err) + } + + err = c.Hello("nobody.example.org") + if err != nil { + t.Fatalf("sending helo command failed with %s", err) + } + + err = c.Quit() + if err != nil { + t.Fatalf("sending quit command failed with %s", err) + } +} + func TestTLSListener(t *testing.T) { cert, err := tls.X509KeyPair(localhostCert, localhostKey)