PROXY: Remove command, I don't think it's that useful

2024-11-10 22:19:31 +01:00 · 2016-10-15 16:29:34 +10:00 · 2016-10-15 16:29:34 +10:00 · 43e28e2fef
commit 43e28e2fef
parent 06028e0117
8 changed files with 10 additions and 55 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -20,6 +20,7 @@ Improved compatibility, more features, etc.

 ### Removed
 * Removed channel persistence with the `+P` mode (not too useful as currently implemented, to be replaced later).
+* Removed the `PROXY` command (breaks our TLS user mode, and our integrated support for TLS should be fine).

 ### Fixed

--- a/README.md
+++ b/README.md
@ -25,14 +25,6 @@ This project adheres to [Semantic Versioning](http://semver.org/). For the purpo
 * client accounts and SASL
 * IRCv3 support

-### What about TLS/SSL?
-
-There is inbuilt TLS support using the Go TLS implementation. However,
-[stunnel](https://www.stunnel.org/index.html) version 4.56 with haproxy's
-[PROXY protocol](http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt)
-may also be used. This will allow the server to get the client's original
-addresses for hostname lookups.
-
 ## Installation

 ```sh
--- a/irc/client.go
+++ b/irc/client.go
@ -126,8 +126,7 @@ func (client *Client) run() {
 	var line string
 	var msg ircmsg.IrcMessage

-	// Set the hostname for this client. The client may later send a PROXY
-	// command from stunnel that sets the hostname to something more accurate.
+	// Set the hostname for this client
 	client.hostname = AddrLookupHostname(client.socket.conn.RemoteAddr())

 	//TODO(dan): Make this a socketreactor from ircbnc
--- a/irc/commands.go
+++ b/irc/commands.go
@ -146,11 +146,6 @@ var Commands = map[string]Command{
 		handler:   privmsgHandler,
 		minParams: 2,
 	},
-	"PROXY": {
-		handler:      proxyHandler,
-		usablePreReg: true,
-		minParams:    5,
-	},
 	"SANICK": {
 		handler:   sanickHandler,
 		minParams: 2,
--- a/irc/config.go
+++ b/irc/config.go
@ -72,15 +72,14 @@ type Config struct {

 	Server struct {
 		PassConfig
-		Password         string
-		Name             string
-		Listen           []string
-		Wslisten         string                      `yaml:"ws-listen"`
-		TLSListeners     map[string]*TLSListenConfig `yaml:"tls-listeners"`
-		CheckIdent       bool                        `yaml:"check-ident"`
-		Log              string
-		MOTD             string
-		ProxyAllowedFrom []string `yaml:"proxy-allowed-from"`
+		Password     string
+		Name         string
+		Listen       []string
+		Wslisten     string                      `yaml:"ws-listen"`
+		TLSListeners map[string]*TLSListenConfig `yaml:"tls-listeners"`
+		CheckIdent   bool                        `yaml:"check-ident"`
+		Log          string
+		MOTD         string
 	}

 	Datastore struct {
--- a/irc/help.go
+++ b/irc/help.go
@ -187,13 +187,6 @@ Replies to a PING. Used to check link connectivity.`,
 		text: `PRIVMSG <target>{,<target>} <text to be sent>
        
 Sends the text to the given targets as a PRIVMSG.`,
-	},
-	"proxy": {
-		oper: true, // not really, but it's restricted anyways
-		text: `PROXY TCP4/6 <sourceip> <destip> <sourceport> <destport>
-        
-Used by haproxy's PROXY protocol, to allow for alternate TLS support:
-http://www.haproxy.org/download/1.7/doc/proxy-protocol.txt`,
 	},
 	"sanick": {
 		oper: true,
--- a/irc/server.go
+++ b/irc/server.go
@ -51,7 +51,6 @@ type Server struct {
 	passwords           *PasswordManager
 	accountRegistration *AccountRegistration
 	signals             chan os.Signal
-	proxyAllowedFrom    []string
 	whoWas              *WhoWasList
 	isupport            *ISupportList
 	checkIdent          bool
@ -97,7 +96,6 @@ func NewServer(config *Config) *Server {
 		newConns:         make(chan clientConn),
 		operators:        config.Operators(),
 		signals:          make(chan os.Signal, len(SERVER_SIGNALS)),
-		proxyAllowedFrom: config.Server.ProxyAllowedFrom,
 		whoWas:           NewWhoWasList(config.Limits.WhowasEntries),
 		checkIdent:       config.Server.CheckIdent,
 	}
@ -416,23 +414,6 @@ func passHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
 	return false
 }

-// PROXY TCP4/6 SOURCEIP DESTIP SOURCEPORT DESTPORT
-// http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt
-func proxyHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
-	clientAddress := IPString(client.socket.conn.RemoteAddr())
-	clientHostname := client.hostname
-
-	for _, address := range server.proxyAllowedFrom {
-		if clientHostname == address || clientAddress == address {
-			client.hostname = LookupHostname(msg.Params[1])
-			return false
-		}
-	}
-
-	client.Quit("PROXY command is not usable from your address")
-	return true
-}
-
 // USER <username> * 0 <realname>
 func userHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
 	if client.registered {
--- a/oragono.yaml
+++ b/oragono.yaml
@ -41,11 +41,6 @@ server:
    # if you change the motd, you should move it to ircd.motd
    motd: oragono.motd

-    # addresses/hostnames the PROXY command can be used from
-    proxy-allowed-from:
-        - "localhost"
-        - "127.0.0.1"
-
 # account/channel registration
 registration:
    # account registration