Merge pull request #673 from slingamn/proxytls.18

fix #561, take two

irc/server.go

@@ -304,6 +304,15 @@ func (server *Server) createListener(addr string, conf listenerConfig, bindMode
 				listener.Close()
 				return
 			} else if err == nil {
+				var proxyLine string
+				if conf.ProxyBeforeTLS {
+					proxyLine = readRawProxyLine(conn)
+					if proxyLine == "" {
+						server.logger.Error("internal", "bad TLS-proxy line from", addr)
+						conn.Close()
+						continue
+					}
+				}
 				if conf.TLSConfig != nil {
 					conn = tls.Server(conn, conf.TLSConfig)
 				}
@@ -312,7 +321,7 @@ func (server *Server) createListener(addr string, conf listenerConfig, bindMode
 					Config: conf,
 				}
 				// hand off the connection
-				go server.RunClient(newConn)
+				go server.RunClient(newConn, proxyLine)
 			} else {
 				server.logger.Error("internal", "accept error", addr, err.Error())
 			}
@@ -857,7 +866,7 @@ func (server *Server) loadDatastore(config *Config) error {
 func (server *Server) setupListeners(config *Config) (err error) {
 	logListener := func(addr string, config listenerConfig) {
 		server.logger.Info("listeners",
-			fmt.Sprintf("now listening on %s, tls=%t, tor=%t.", addr, (config.TLSConfig != nil), config.IsTor),
+			fmt.Sprintf("now listening on %s, tls=%t, tlsproxy=%t, tor=%t.", addr, (config.TLSConfig != nil), config.ProxyBeforeTLS, config.Tor),
 		)
 	}
 
@@ -884,7 +893,7 @@ func (server *Server) setupListeners(config *Config) (err error) {
 	publicPlaintextListener := ""
 	// create new listeners that were not previously configured
 	for newAddr, newConfig := range config.Server.trueListeners {
-		if strings.HasPrefix(newAddr, ":") && !newConfig.IsTor && !newConfig.IsSTSOnly && newConfig.TLSConfig == nil {
+		if strings.HasPrefix(newAddr, ":") && !newConfig.Tor && !newConfig.STSOnly && newConfig.TLSConfig == nil {
 			publicPlaintextListener = newAddr
 		}
 		_, exists := server.listeners[newAddr]