1// Amazon's application extension to TLVs for NLB VPC endpoint services 2// https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#proxy-protocol 3 4package tlvparse 5 6import ( 7 "regexp" 8 9 "github.com/pires/go-proxyproto" 10) 11 12const ( 13 // Amazon's extension 14 PP2_TYPE_AWS = 0xEA 15 PP2_SUBTYPE_AWS_VPCE_ID = 0x01 16) 17 18var vpceRe = regexp.MustCompile("^[A-Za-z0-9-]*$") 19 20func IsAWSVPCEndpointID(tlv proxyproto.TLV) bool { 21 return tlv.Type == PP2_TYPE_AWS && len(tlv.Value) > 0 && tlv.Value[0] == PP2_SUBTYPE_AWS_VPCE_ID 22} 23 24func AWSVPCEndpointID(tlv proxyproto.TLV) (string, error) { 25 if !IsAWSVPCEndpointID(tlv) { 26 return "", proxyproto.ErrIncompatibleTLV 27 } 28 vpce := string(tlv.Value[1:]) 29 if !vpceRe.MatchString(vpce) { 30 return "", proxyproto.ErrMalformedTLV 31 } 32 return vpce, nil 33} 34 35// FindAWSVPCEndpointID returns the first AWS VPC ID in the TLV if it exists and is well-formed. 36func FindAWSVPCEndpointID(tlvs []proxyproto.TLV) string { 37 for _, tlv := range tlvs { 38 if vpc, err := AWSVPCEndpointID(tlv); err == nil && vpc != "" { 39 return vpc 40 } 41 } 42 return "" 43} 44