From 58f020f72fbbe938e6b34a731590b0986f638ffd Mon Sep 17 00:00:00 2001
From: Balazs Scheidler <balazs.scheidler@axoflow.com>
Date: Sat, 2 Nov 2024 21:36:09 +0100
Subject: [PATCH] transport-haproxy: use the normal $SOURCEIP, $DESTIP,
 $DESTPORT macros

Instead of using proxy protocol specific name value pairs, set the
addresses in the message's saddr/daddr members.

This should be a lot faster and a lot easier to use.

Signed-off-by: Balazs Scheidler <balazs.scheidler@axoflow.com>
---
 lib/transport/tests/test_transport_haproxy.c | 40 ++++++++------
 lib/transport/transport-haproxy.c            | 56 +++++++++++++-------
 2 files changed, 61 insertions(+), 35 deletions(-)

diff --git a/lib/transport/tests/test_transport_haproxy.c b/lib/transport/tests/test_transport_haproxy.c
index 0af071d30..ee6f3a166 100644
--- a/lib/transport/tests/test_transport_haproxy.c
+++ b/lib/transport/tests/test_transport_haproxy.c
@@ -45,11 +45,20 @@ teardown(void)
   app_shutdown();
 }
 
-static void
-concat_nv(const gchar *name, const gchar *value, gsize value_len, gpointer user_data)
+void
+_format_addresses(GString *value, LogTransportAuxData *aux)
 {
-  GString *aux_nv_concated = user_data;
-  g_string_append_printf(aux_nv_concated, "%s=%s ", name, value);
+  gchar buf[1024];
+  if (aux->peer_addr)
+    {
+      g_sockaddr_format(aux->peer_addr, buf, sizeof(buf), GSA_FULL);
+      g_string_append_printf(value, "source=%s ", buf);
+    }
+  if (aux->local_addr)
+    {
+      g_sockaddr_format(aux->local_addr, buf, sizeof(buf), GSA_FULL);
+      g_string_append_printf(value, "destination=%s", buf);
+    }
 }
 
 TestSuite(log_transport_proxy, .init = setup, .fini = teardown);
@@ -58,7 +67,7 @@ typedef struct
 {
   const gchar *proxy_header;
   gboolean valid;
-  const gchar *aux_values;
+  const gchar *addresses;
   gint proxy_header_len;
 } ProtocolHeaderTestParams;
 
@@ -71,15 +80,11 @@ ParameterizedTestParameters(log_transport_proxy, test_proxy_protocol_parse_heade
     { "PROXY UNKNOWN extra ignored parameters\r\n",           TRUE, "" },
     {
       "PROXY TCP4 1.1.1.1 2.2.2.2 3333 4444\r\n",             TRUE,
-      .aux_values = "PROXIED_SRCIP=1.1.1.1 PROXIED_DSTIP=2.2.2.2 "
-      "PROXIED_SRCPORT=3333 PROXIED_DSTPORT=4444 "
-      "PROXIED_IP_VERSION=4 "
+      .addresses = "source=AF_INET(1.1.1.1:3333) destination=AF_INET(2.2.2.2:4444)"
     },
     {
       "PROXY TCP6 ::1 ::2 3333 4444\r\n",                     TRUE,
-      .aux_values = "PROXIED_SRCIP=::1 PROXIED_DSTIP=::2 "
-      "PROXIED_SRCPORT=3333 PROXIED_DSTPORT=4444 "
-      "PROXIED_IP_VERSION=6 "
+      .addresses = "source=AF_INET6([::1]:3333) destination=AF_INET6([::2]:4444)"
     },
 
     /* INVALID PROTO */
@@ -128,7 +133,7 @@ ParameterizedTestParameters(log_transport_proxy, test_proxy_protocol_parse_heade
     /* proxy v2 */
     {
       "\r\n\r\n\0\r\nQUIT\n!\21\0\f\1\1\1\1\2\2\2\2\2025\255\234", TRUE,
-      .aux_values = "PROXIED_SRCIP=1.1.1.1 PROXIED_DSTIP=2.2.2.2 PROXIED_SRCPORT=33333 PROXIED_DSTPORT=44444 PROXIED_IP_VERSION=4 ",
+      .addresses = "source=AF_INET(1.1.1.1:33333) destination=AF_INET(2.2.2.2:44444)",
       .proxy_header_len = 28
     },
   };
@@ -160,12 +165,13 @@ ParameterizedTest(ProtocolHeaderTestParams *params, log_transport_proxy, test_pr
                "This should be %s: \n>>%.*s<<\n (rc=%d, errno=%d)", params->valid ? "valid" : "invalid", proxy_header_len,
                params->proxy_header, (gint) rc, errno);
 
-  if (rc == 0 && params->aux_values)
+  if (rc == 0 && params->addresses)
     {
-      GString *aux_nv_concated = g_string_new(NULL);
-      log_transport_aux_data_foreach(&aux, concat_nv, aux_nv_concated);
-      cr_assert_str_eq(aux_nv_concated->str, params->aux_values);
-      g_string_free(aux_nv_concated, TRUE);
+      GString *addresses = g_string_new(NULL);
+
+      _format_addresses(addresses, &aux);
+      cr_assert_str_eq(addresses->str, params->addresses);
+      g_string_free(addresses, TRUE);
     }
 
 
diff --git a/lib/transport/transport-haproxy.c b/lib/transport/transport-haproxy.c
index 23141a059..38978f973 100644
--- a/lib/transport/transport-haproxy.c
+++ b/lib/transport/transport-haproxy.c
@@ -60,6 +60,8 @@ struct _LogTransportHAProxy
     int src_port;
     int dst_port;
   } info;
+  GSockAddr *src_addr;
+  GSockAddr *dst_addr;
 
   /* Flag to only process proxy header once */
   gboolean proxy_header_processed;
@@ -507,6 +509,26 @@ _fetch_into_proxy_buffer(LogTransportHAProxy *self)
     }
 }
 
+static void
+_save_addresses(LogTransportHAProxy *self)
+{
+  if (self->info.unknown)
+    return;
+
+  if (self->info.ip_version == 4)
+    {
+      self->src_addr = g_sockaddr_inet_new(self->info.src_ip, self->info.src_port);
+      self->dst_addr = g_sockaddr_inet_new(self->info.dst_ip, self->info.dst_port);
+    }
+  else if (self->info.ip_version == 6)
+    {
+      self->src_addr = g_sockaddr_inet6_new(self->info.src_ip, self->info.src_port);
+      self->dst_addr = g_sockaddr_inet6_new(self->info.dst_ip, self->info.dst_port);
+    }
+  else
+    g_assert_not_reached();
+}
+
 static Status
 _proccess_proxy_header(LogTransportHAProxy *self)
 {
@@ -527,6 +549,7 @@ _proccess_proxy_header(LogTransportHAProxy *self)
   if (parsable)
     {
       msg_trace("PROXY protocol header parsed successfully");
+      _save_addresses(self);
 
       return STATUS_SUCCESS;
     }
@@ -540,24 +563,11 @@ _proccess_proxy_header(LogTransportHAProxy *self)
 static void
 _augment_aux_data(LogTransportHAProxy *self, LogTransportAuxData *aux)
 {
-  gchar buf1[8];
-  gchar buf2[8];
-  gchar buf3[8];
-
-  if (self->info.unknown)
-    return;
-
-  snprintf(buf1, 8, "%i", self->info.src_port);
-  snprintf(buf2, 8, "%i", self->info.dst_port);
-  snprintf(buf3, 8, "%i", self->info.ip_version);
-
-  log_transport_aux_data_add_nv_pair(aux, "PROXIED_SRCIP", self->info.src_ip);
-  log_transport_aux_data_add_nv_pair(aux, "PROXIED_DSTIP", self->info.dst_ip);
-  log_transport_aux_data_add_nv_pair(aux, "PROXIED_SRCPORT", buf1);
-  log_transport_aux_data_add_nv_pair(aux, "PROXIED_DSTPORT", buf2);
-  log_transport_aux_data_add_nv_pair(aux, "PROXIED_IP_VERSION", buf3);
-
-  return;
+  if (aux)
+    {
+      log_transport_aux_data_set_peer_addr_ref(aux, g_sockaddr_ref(self->src_addr));
+      log_transport_aux_data_set_local_addr_ref(aux, g_sockaddr_ref(self->dst_addr));
+    }
 }
 
 static gssize
@@ -584,6 +594,15 @@ _haproxy_read(LogTransport *s, gpointer buf, gsize buflen, LogTransportAuxData *
   return log_transport_adapter_read_method(s, buf, buflen, aux);
 }
 
+static void
+_haproxy_free(LogTransport *s)
+{
+  LogTransportHAProxy *self = (LogTransportHAProxy *) s;
+  g_sockaddr_unref(self->src_addr);
+  g_sockaddr_unref(self->dst_addr);
+  log_transport_free_method(s);
+}
+
 LogTransport *
 log_transport_haproxy_new(LogTransportIndex base, LogTransportIndex switch_to)
 {
@@ -591,6 +610,7 @@ log_transport_haproxy_new(LogTransportIndex base, LogTransportIndex switch_to)
 
   log_transport_adapter_init_instance(&self->super, "haproxy", base);
   self->super.super.read = _haproxy_read;
+  self->super.super.free_fn = _haproxy_free;
   self->switch_to = switch_to;
 
   return &self->super.super;