matrix-org · neilalexander · Jun 9, 2021 · Jun 9, 2021 · Jun 9, 2021 · Jun 10, 2021
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,18 @@
+FROM docker.io/golang:1.16-alpine AS base
+
+RUN apk --update --no-cache add bash build-base
+
+WORKDIR /build
+COPY . /build
+
+RUN CGO_ENABLED=0 go build -ldflags="-extldflags=-static" -o proxy ./cmd/proxy
+RUN CGO_ENABLED=0 go build -ldflags="-extldflags=-static" -o coap ./cmd/coap
+RUN CGO_ENABLED=0 go build -ldflags="-extldflags=-static" -o jc ./cmd/jc
+
+FROM alpine:latest
+
+COPY --from=base /build/proxy /usr/bin
+COPY --from=base /build/coap /usr/bin
+COPY --from=base /build/jc /usr/bin
+
+ENTRYPOINT [ "/usr/bin/proxy" ]
diff --git a/cbor_v1.go b/cbor_v1.go
@@ -119,4 +119,50 @@ var cborv1Keys = map[string]int{
 	"errcode":                     102,
 	"error":                       103,
 	"room_alias":                  104,
+	"server":                      105,
+	"version":                     106,
+	"method":                      107,
+	"old_verify_keys":             108,
+	"server_name":                 109,
+	"valid_until_ts":              110,
+	"verify_keys":                 111,
+	"expired_ts":                  112,
+	"key":                         113,
+	"server_keys":                 114,
+	"destination":                 115,
+	"edus":                        116,
+	"pdus":                        117,
+	"edu_type":                    118,
+	"auth_chain":                  119,
+	"earliest_events":             120,
+	"latest_events":               121,
+	"limit":                       122,
+	"min_depth":                   123,
+	"auth_chain_ids":              124,
+	"pdu_ids":                     125,
+	"invite_room_state":           126,
+	"invites":                     127,
+	"mxid":                        128,
+	"signed":                      129,
+	"aliases":                     130,
+	"total_room_count_estimate":   131,
+	"canonical_alias":             132,
+	"guest_can_join":              133,
+	"num_joined_members":          134,
+	"world_readable":              135,
+	"push":                        136,
+	"currently_active":            137,
+	"last_active_ago":             138,
+	"status_msg":                  139,
+	"ts":                          140,
+	"master_key":                  141,
+	"self_signing_keys":           142,
+	"stream_id":                   143,
+	"keys":                        144,
+	"algorithms":                  145,
+	"usage":                       146,
+	"deleted":                     147,
+	"prev_id":                     148,
+	"master_keys":                 149,
+	"self_signing_key":            151,
 }
diff --git a/cmd/proxy/main.go b/cmd/proxy/main.go
@@ -18,17 +18,20 @@ import (
 	"crypto/tls"
 	"flag"
 	"io"
+	"net"
 	"os"
+	"strconv"
 	"strings"
 
 	"github.com/matrix-org/lb"
 	"github.com/sirupsen/logrus"
 )
 
 var (
-	dtlsBindAddr = flag.String("dtls-bind-addr", ":8008", "The DTLS UDP listening port for the server")
-	localAddr    = flag.String("local", "", "The HTTP server to forward inbound CoAP requests to e.g http://localhost:8008")
-	advertise    = flag.String("advertise", "",
+	dtlsBindAddr  = flag.String("dtls-bind-addr", ":8008", "The DTLS UDP listening port for the server")
+	proxyBindAddr = flag.String("proxy-bind-addr", "", "The HTTP server to act as a transparent proxy for outbound requests")
+	localAddr     = flag.String("local", "", "The HTTP server to forward inbound CoAP requests to e.g http://localhost:8008")
+	advertise     = flag.String("advertise", "",
 		"Optional: the public address of this proxy. If set, sniffs logins/registrations for homeserver discovery information and replaces the base_url with this advertising address. "+
 			"This is useful when the local server is not on the same machine as the proxy.")
 	certFile = flag.String("tls-cert", "", "The PEM formatted X509 certificate to use for TLS")
@@ -62,15 +65,26 @@ func main() {
 		}
 	}
 
+	_, outboundStr, err := net.SplitHostPort(*dtlsBindAddr)
+	if err != nil {
+		panic(err)
+	}
+	outboundPort, err := strconv.Atoi(outboundStr)
+	if err != nil {
+		panic(err)
+	}
+
 	err = RunProxyServer(&Config{
-		ListenDTLS:       *dtlsBindAddr,
-		LocalAddr:        *localAddr,
-		Certificates:     certs,
-		KeyLogWriter:     keyLogWriter,
-		Advertise:        *advertise,
-		AdvertiseOnHTTPS: *advertise != "" && strings.HasPrefix(*advertise, "https://"),
-		CBORCodec:        lb.NewCBORCodecV1(false),
-		CoAPHTTP:         lb.NewCoAPHTTP(lb.NewCoAPPathV1()),
+		ListenDTLS:             *dtlsBindAddr,
+		ListenProxy:            *proxyBindAddr,
+		LocalAddr:              *localAddr,
+		OutboundFederationPort: outboundPort,
+		Certificates:           certs,
+		KeyLogWriter:           keyLogWriter,
+		Advertise:              *advertise,
+		AdvertiseOnHTTPS:       *advertise != "" && strings.HasPrefix(*advertise, "https://"),
+		CBORCodec:              lb.NewCBORCodecV1(true),
+		CoAPHTTP:               lb.NewCoAPHTTP(lb.NewCoAPPathV1()),
 	})
 	if err != nil {
 		logrus.Panicf("RunProxyServer: %s", err)