MINOR: checks: Add the via-socks4 option for tcp-check connect rules

With this option, it is possible to establish the connection opened by a
tcp-check connect rule using upstream socks4 proxy. Info from the socks4
parameter on the server are used.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 8aaf912495bc72afdda88869c730a1854b0d4abf..649ded2a3550f93a483e770949a6d7973e2598d6 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9824,6 +9824,8 @@ tcp-check connect [params*]
 
     send-proxy   send a PROXY protocol string
 
+    via-socks4   enables outgoing health checks using upstream socks4 proxy.
+
     ssl          opens a ciphered connection
 
     sni <sni>    specifies the SNI to use to do health checks over SSL.

diff --git a/include/types/checks.h b/include/types/checks.h
index 14513c93e240a82ff4b411a0d1f0c48905588c87..0edc726d948496a148b6d11ee3e196624792ed5e 100644 (file)
--- a/include/types/checks.h
+++ b/include/types/checks.h
@@ -217,6 +217,7 @@ struct analyze_status {
 #define TCPCHK_OPT_SSL             0x0002  /* SSL connection */
 #define TCPCHK_OPT_LINGER          0x0004  /* Do not RST connection, let it linger */
 #define TCPCHK_OPT_DEFAULT_CONNECT 0x0008  /* Do a connect using server params */
+#define TCPCHK_OPT_SOCKS4          0x0010  /* check the connection via socks4 proxy */
 
 struct tcpcheck_connect {
        uint16_t port;    /* port to connect to */

diff --git a/src/checks.c b/src/checks.c
index b2322b2e3448fdf3b244a2785089054145d1f6c5..97f68f1a89e6d5be0f863bb73dae4e7021a0e83e 100644 (file)
--- a/src/checks.c
+++ b/src/checks.c
@@ -2922,7 +2922,10 @@ static enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct
                                ssl_sock_set_servername(conn, connect->sni);
                }
 #endif
-               /* TODO: add support for sock4  option */
+               if ((connect->options & TCPCHK_OPT_SOCKS4) && (s->flags & SRV_F_SOCKS4_PROXY)) {
+                       conn->send_proxy_ofs = 1;
+                       conn->flags |= CO_FL_SOCKS4;
+               }
                if (connect->options & TCPCHK_OPT_SEND_PROXY) {
                        conn->send_proxy_ofs = 1;
                        conn->flags |= CO_FL_SEND_PROXY;
@@ -4118,6 +4121,8 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st
                }
                else if (strcmp(args[cur_arg], "send-proxy") == 0)
                        conn_opts |= TCPCHK_OPT_SEND_PROXY;
+               else if (strcmp(args[cur_arg], "via-socks4") == 0)
+                       conn_opts |= TCPCHK_OPT_SOCKS4;
                else if (strcmp(args[cur_arg], "linger") == 0)
                        conn_opts |= TCPCHK_OPT_LINGER;
 #ifdef USE_OPENSSL
@@ -4145,7 +4150,7 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st
 #ifdef USE_OPENSSL
                                  ", 'ssl', 'sni'"
 #endif /* USE_OPENSSL */
-                                 " or 'linger' but got '%s' as argument.",
+                                 " or 'via-socks4', 'linger' but got '%s' as argument.",
                                  args[cur_arg]);
                        goto error;
                }