Skip to content

feat(spoe): Migrate implementation to dropmorepackets/haproxy-go #138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
LaurenceJJones merged 17 commits into from
Jan 12, 2026
Merged

feat(spoe): Migrate implementation to dropmorepackets/haproxy-go #138

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
c43c867
Migrate SPOE implementation to dropmorepackets/haproxy-go
LaurenceJJones Dec 4, 2025
024eb70
Fix linter issues
LaurenceJJones Dec 4, 2025
3917cd1
fix(spoe): address Copilot PR review comments
LaurenceJJones Dec 4, 2025
8cb3212
fix(spoe): remove unused error variables
LaurenceJJones Dec 4, 2025
1426965
refactor(spoe): add reset() method to IPMessageData for consistency
LaurenceJJones Dec 4, 2025
fcb7dc4
perf(spoe): optimize readHeaders to avoid full byte slice to string c…
LaurenceJJones Dec 4, 2025
c40999c
perf(spoe): use bytes.SplitSeq for more efficient header parsing
LaurenceJJones Dec 4, 2025
c5aae82
fix(spoe): address memory safety and code quality issues
LaurenceJJones Dec 4, 2025
c58ae76
refactor(SPOE): use message groups (#141)
LaurenceJJones Dec 16, 2025
37012a2
Merge main into feat/migrate-to-dropmorepackets-haproxy-go
LaurenceJJones Dec 16, 2025
280ed7a
refactor(spoa): clean up and simplify SPOA functions
LaurenceJJones Dec 16, 2025
5421eb9
perf(spoa): remove redundant reset() calls after pool Get()
LaurenceJJones Dec 16, 2025
0dcb763
refactor: use ptr.Of and extract host/cookie from headers
LaurenceJJones Dec 16, 2025
374fde2
config: increase buffer size and timeouts for WAF body inspection
LaurenceJJones Dec 16, 2025
c17be62
feat: improve HAProxy buffer config and add debug tooling
LaurenceJJones Dec 17, 2025
225a912
perf: remove unnecessary body copy for AppSec requests
LaurenceJJones Dec 17, 2025
3e955ab
refactor: simplify AppSec config logic and fix metrics counting
LaurenceJJones Dec 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ require (
github.com/crowdsecurity/crowdsec v1.7.3
github.com/crowdsecurity/go-cs-bouncer v0.0.19
github.com/crowdsecurity/go-cs-lib v0.0.23
github.com/dropmorepackets/haproxy-go v0.0.7
github.com/gaissmai/bart v0.25.0
github.com/google/uuid v1.6.0
github.com/negasus/haproxy-spoe-go v1.0.7
github.com/oschwald/geoip2-golang/v2 v2.0.0
github.com/prometheus/client_golang v1.23.2
github.com/prometheus/client_model v0.6.2
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dropmorepackets/haproxy-go v0.0.7 h1:atXkB0MSRBZrAgpq+Vj/E4KysQ4CiI0O5QGUr+HvfTw=
github.com/dropmorepackets/haproxy-go v0.0.7/go.mod h1:4a2AmmVjvg2zPNdizGZrMN8ZSUpj90U43VlcdbOIBnU=
github.com/ebitengine/purego v0.8.4 h1:CF7LEKg5FFOsASUj0+QwaXf8Ht6TlFxg09+S9wz0omw=
github.com/ebitengine/purego v0.8.4/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
github.com/expr-lang/expr v1.17.5 h1:i1WrMvcdLF249nSNlpQZN1S6NXuW9WaOfF5tPi3aw3k=
Expand Down Expand Up @@ -79,8 +81,6 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/negasus/haproxy-spoe-go v1.0.7 h1:OhRY0zapeHudrRqoblI9DjIolJjWI0s/TO6kT/va0ao=
github.com/negasus/haproxy-spoe-go v1.0.7/go.mod h1:ZrBizxtx2EeLN37Jkg9w9g32a1AFCJizA8vg46PaAp4=
github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4=
github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
github.com/oschwald/geoip2-golang/v2 v2.0.0 h1:1GZ7MsQsbIKeOXMDV2MqBVfV8NuCIqWatomkS67LwQo=
Expand Down
6 changes: 3 additions & 3 deletions internal/remediation/ban/root.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
package ban

import (
"github.com/negasus/haproxy-spoe-go/action"
"github.com/dropmorepackets/haproxy-go/pkg/encoding"
log "github.com/sirupsen/logrus"
)

Expand All @@ -19,6 +19,6 @@ func (b *Ban) InitLogger(logger *log.Entry) {
b.logger = logger.WithField("module", "ban")
}

func (b *Ban) InjectKeyValues(actions *action.Actions) {
actions.SetVar(action.ScopeTransaction, "contact_us_url", b.ContactUsURL)
func (b *Ban) InjectKeyValues(writer *encoding.ActionWriter) {
_ = writer.SetString(encoding.VarScopeTransaction, "contact_us_url", b.ContactUsURL)
}
10 changes: 5 additions & 5 deletions internal/remediation/captcha/root.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ import (

"github.com/crowdsecurity/crowdsec-spoa/internal/cookie"
"github.com/crowdsecurity/crowdsec-spoa/internal/remediation"
"github.com/negasus/haproxy-spoe-go/action"
"github.com/dropmorepackets/haproxy-go/pkg/encoding"
log "github.com/sirupsen/logrus"
)

Expand Down Expand Up @@ -94,16 +94,16 @@ func (c *Captcha) getTimeout() int {
}

// Inject key values injects the captcha provider key values into the HAProxy transaction
func (c *Captcha) InjectKeyValues(actions *action.Actions) error {
func (c *Captcha) InjectKeyValues(writer *encoding.ActionWriter) error {

// We check if the captcha configuration is valid for the front-end
if err := c.IsFrontEndValid(); err != nil {
return err
}

actions.SetVar(action.ScopeTransaction, "captcha_site_key", c.SiteKey)
actions.SetVar(action.ScopeTransaction, "captcha_frontend_key", providers[c.Provider].key)
actions.SetVar(action.ScopeTransaction, "captcha_frontend_js", providers[c.Provider].js)
_ = writer.SetString(encoding.VarScopeTransaction, "captcha_site_key", c.SiteKey)
_ = writer.SetString(encoding.VarScopeTransaction, "captcha_frontend_key", providers[c.Provider].key)
_ = writer.SetString(encoding.VarScopeTransaction, "captcha_frontend_js", providers[c.Provider].js)

return nil
}
Expand Down
Loading