app/vmauth: properly handle LOCAL proxy protocol command (#4373)

It is required for handling health checks from load balancers https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3335 (cherry picked from commit f263031fe9) Signed-off-by: hagen1778 <roman@victoriametrics.com>
2025-01-20 15:16:42 +00:00 · 2023-05-31 15:37:59 +02:00 · 2023-05-31 15:37:59 +02:00 · 278c580055
commit 278c580055
parent 4c1241d336
2 changed files with 10 additions and 3 deletions
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@ -15,6 +15,8 @@ The following tip changes can be tested by building VictoriaMetrics components f

 ## v1.87.x long-time support release (LTS)

+* BUGFIX: [vmauth](https://docs.victoriametrics.com/vmauth.html): Properly handle LOCAL command for proxy protocol. See [this issue](https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3335#issuecomment-1569864108).
+
 ## [v1.87.6](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.87.6)

 Released at 2023-05-18
--- a/lib/netutil/proxyprotocol.go
+++ b/lib/netutil/proxyprotocol.go
@ -71,9 +71,14 @@ func readProxyProto(r io.Reader) (net.Addr, error) {
 	if version != 2 {
 		return nil, fmt.Errorf("unsupported proxy protocol version, only v2 protocol version is supported, got: %d", version)
 	}
-	if proto != 1 {
-		// Only TCP is supported (aka STREAM).
-		return nil, fmt.Errorf("the proxy protocol implementation doesn't support proto %d; expecting 1", proto)
+	// check for supported proto:
+	switch {
+	case proto == 0 && command == 0:
+		// 0 - UNSPEC with LOCAL command 0. Common use case for load balancer health checks.
+	case proto == 1:
+		// 1 - TCP (aka STREAM).
+	default:
+		return nil, fmt.Errorf("the proxy protocol implementation doesn't support proto %d and command: %d; expecting proto 1 or proto 0 with command 0", proto, command)
 	}
 	// The length of the remainder of the header including any TLVs in network byte order
 	// 0, 1, 2