Skip to content

forward proxy socket negotiation for HTTP CONNECT#1845

Open
cliffjansen wants to merge 8 commits intoskupperproject:mainfrom
cliffjansen:proxy_wip
Open

forward proxy socket negotiation for HTTP CONNECT#1845
cliffjansen wants to merge 8 commits intoskupperproject:mainfrom
cliffjansen:proxy_wip

Conversation

@cliffjansen
Copy link
Copy Markdown
Contributor

Trial pull request for making connections through a forward proxy.

This contains a working prototype. Effort was made to make the new code minimally intrusive to existing code and following existing memory/threading conventions.

Todo:

  • confirm requirements
  • create github issue
  • adjust to taste
  • automated tests
  • asan and tsan testing

Of note:

  • docs/notes/fwd-proxy.txt ... start here
  • tests/proxy/r1w4.conf ... sample proxyProfile/connector configuration
  • tests/proxy/note ... instructions to run a manual test

@github-advanced-security
Copy link
Copy Markdown

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

Comment thread src/adaptors/amqp/proxy.c

int err = getaddrinfo(host, port, &(struct addrinfo){.ai_family = AF_UNSPEC, .ai_socktype = SOCK_STREAM}, &ai);
if (err != 0) {
strncpy(errmsg, gai_strerror(err), errmsg_len);

Check warning

Code scanning / GNU C11

'strncpy' specified bound 256 equals destination size Warning

'strncpy' specified bound 256 equals destination size
Comment thread src/adaptors/amqp/proxy.c
}
// Any 2XX code is success
if (response_line[9] != '2') {
snprintf(errmsg, errmsg_len, "proxy request denied %s", &response_line[9]);

Check warning

Code scanning / GNU C11

'%s' directive output may be truncated writing up to 255 bytes into a region of size 235 Warning

'%s' directive output may be truncated writing up to 255 bytes into a region of size 235
Comment thread src/adaptors/amqp/proxy.c
}
// Any 2XX code is success
if (response_line[9] != '2') {
snprintf(errmsg, errmsg_len, "proxy request denied %s", &response_line[9]);

Check notice

Code scanning / GNU C11

'snprintf' output between 22 and 277 bytes into a destination of size 256 Note

'snprintf' output between 22 and 277 bytes into a destination of size 256
@cliffjansen cliffjansen marked this pull request as draft April 2, 2026 16:40
@cliffjansen
Copy link
Copy Markdown
Contributor Author

Actual issue for PR is #1858. Can't find #1845 in title. system test still in progress.

@cliffjansen cliffjansen marked this pull request as ready for review April 14, 2026 17:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants