From 535fc627c4a7c172669d6465e55402a3ece5adc9 Mon Sep 17 00:00:00 2001
From: Brian Ollenberger <brian.ollenberger@coinbase.com>
Date: Fri, 4 Apr 2025 10:46:29 -0700
Subject: [PATCH 1/6] Increase read buffer size to capture the full possible
 size of a header.

---
 protocol.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/protocol.go b/protocol.go
index 93cf7c4..5c55bb7 100644
--- a/protocol.go
+++ b/protocol.go
@@ -153,8 +153,8 @@ func (p *Listener) Addr() net.Addr {
 func NewConn(conn net.Conn, opts ...func(*Conn)) *Conn {
 	// For v1 the header length is at most 108 bytes.
 	// For v2 the header length is at most 52 bytes plus the length of the TLVs.
-	// We use 256 bytes to be safe.
-	const bufSize = 256
+	// We use 65535, as it's the maximum length representable by a uint16.
+	const bufSize = 65535
 	br := bufio.NewReaderSize(conn, bufSize)
 
 	pConn := &Conn{

From 1f8e75e429a8ec01a4ab79f310867ba8d399b193 Mon Sep 17 00:00:00 2001
From: Brian Ollenberger <brian.ollenberger@coinbase.com>
Date: Fri, 4 Apr 2025 10:55:00 -0700
Subject: [PATCH 2/6] Change module path for release as
 bollenberger/go-proxyproto.

---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index a844df8..6ba07ff 100644
--- a/go.mod
+++ b/go.mod
@@ -1,4 +1,4 @@
-module github.com/pires/go-proxyproto
+module github.com/bollenberger/go-proxyproto
 
 go 1.24
 

From 284c135c9782720a90d3ca287da297b121a07710 Mon Sep 17 00:00:00 2001
From: Brian Ollenberger <brian.ollenberger@coinbase.com>
Date: Mon, 17 Nov 2025 14:37:40 -0800
Subject: [PATCH 3/6] Log Peek error details

---
 v2.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/v2.go b/v2.go
index 74bf3f0..203e62e 100644
--- a/v2.go
+++ b/v2.go
@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"io"
 	"net"
 )
@@ -108,7 +109,7 @@ func parseVersion2(reader *bufio.Reader) (header *Header, err error) {
 	}
 
 	if _, err := reader.Peek(int(length)); err != nil {
-		return nil, ErrInvalidLength
+		return nil, fmt.Errorf("%w: %w", ErrInvalidLength, err)
 	}
 
 	// Length-limited reader for payload section

From ea0c0f731d7d6333fabd7dc80c5205cf66e439bb Mon Sep 17 00:00:00 2001
From: Brian Ollenberger <brian.ollenberger@coinbase.com>
Date: Mon, 17 Nov 2025 15:39:08 -0800
Subject: [PATCH 4/6] Remove spurious Peek. A partial Peek can ruin the header
 read.

---
 v2.go | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/v2.go b/v2.go
index 203e62e..9c26385 100644
--- a/v2.go
+++ b/v2.go
@@ -5,7 +5,6 @@ import (
 	"bytes"
 	"encoding/binary"
 	"errors"
-	"fmt"
 	"io"
 	"net"
 )
@@ -108,10 +107,6 @@ func parseVersion2(reader *bufio.Reader) (header *Header, err error) {
 		return header, nil
 	}
 
-	if _, err := reader.Peek(int(length)); err != nil {
-		return nil, fmt.Errorf("%w: %w", ErrInvalidLength, err)
-	}
-
 	// Length-limited reader for payload section
 	payloadReader := io.LimitReader(reader, int64(length)).(*io.LimitedReader)
 

From 71ef3404dd79677801e8a9d3475e3895d3ec5c8b Mon Sep 17 00:00:00 2001
From: Brian Ollenberger <brian.ollenberger@coinbase.com>
Date: Mon, 17 Nov 2025 16:05:05 -0800
Subject: [PATCH 5/6] Log invalid length details

---
 v2.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/v2.go b/v2.go
index 9c26385..548badc 100644
--- a/v2.go
+++ b/v2.go
@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"io"
 	"net"
 )
@@ -98,7 +99,7 @@ func parseVersion2(reader *bufio.Reader) (header *Header, err error) {
 		return nil, ErrCantReadLength
 	}
 	if !header.validateLength(length) {
-		return nil, ErrInvalidLength
+		return nil, fmt.Errorf("%w: length == %d, header.TransportProtocol == %d", ErrInvalidLength, length, header.TransportProtocol)
 	}
 
 	// Return early if the length is zero, which means that

From e81a438d199d692a509e6e4b32883d5446928bb6 Mon Sep 17 00:00:00 2001
From: Brian Ollenberger <brian.ollenberger@coinbase.com>
Date: Mon, 17 Nov 2025 18:31:35 -0800
Subject: [PATCH 6/6] Revert "Remove spurious Peek. A partial Peek can ruin the
 header read."

This reverts commit ea0c0f731d7d6333fabd7dc80c5205cf66e439bb.
---
 v2.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/v2.go b/v2.go
index 548badc..6e73d8b 100644
--- a/v2.go
+++ b/v2.go
@@ -108,6 +108,10 @@ func parseVersion2(reader *bufio.Reader) (header *Header, err error) {
 		return header, nil
 	}
 
+	if _, err := reader.Peek(int(length)); err != nil {
+		return nil, fmt.Errorf("%w: %w", ErrInvalidLength, err)
+	}
+
 	// Length-limited reader for payload section
 	payloadReader := io.LimitReader(reader, int64(length)).(*io.LimitedReader)