Annotate

mod_s2soutinjection/mod_s2soutinjection.lua @ 5083:4837232474ca

mod_sasl2_fast: Fixes to make channel binding work again tls-endpoint isn't a thing that exists. Also, we needed to copy more channel binding state from the primary sasl_handler. Ideally we'd have a cleaner way to do this, but I think that's part of more substantial changes that the SASL API deserves.
author Matthew Wild <mwild1@gmail.com>
date Mon, 07 Nov 2022 10:21:18 +0000
parent 4931:f4a9e804c457
child 5100:e55d1f7a570a
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 local st = require"util.stanza";
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 local new_ip = require"util.ip".new_ip;
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local new_outgoing = require"core.s2smanager".new_outgoing;
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local bounce_sendq = module:depends"s2s".route_to_new_session.bounce_sendq;
4931
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
5 local initialize_filters = require "util.filters".initialize;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
6 local st = require "util.stanza";
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
7
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
8 local portmanager = require "core.portmanager";
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
9
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
10 local addclient = require "net.server".addclient;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
11
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
12 module:depends("s2s");
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
13
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
14 local sessions = module:shared("sessions");
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 local injected = module:get_option("s2s_connect_overrides");
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17
4931
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
18 -- The proxy_listener handles connection while still connecting to the proxy,
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
19 -- then it hands them over to the normal listener (in mod_s2s)
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
20 local proxy_listener = { default_port = port, default_mode = "*a", default_interface = "*" };
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
21
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
22 function proxy_listener.onconnect(conn)
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
23 local session = sessions[conn];
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
24
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
25 -- Now the real s2s listener can take over the connection.
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
26 local listener = portmanager.get_service("s2s").listener;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
27
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
28 local w, log = conn.send, session.log;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
29
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
30 local filter = initialize_filters(session);
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
31
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
32 session.version = 1;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
33
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
34 session.sends2s = function (t)
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
35 log("debug", "sending (s2s over proxy): %s", (t.top_tag and t:top_tag()) or t:match("^[^>]*>?"));
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
36 if t.name then
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
37 t = filter("stanzas/out", t);
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
38 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
39 if t then
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
40 t = filter("bytes/out", tostring(t));
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
41 if t then
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
42 return conn:write(tostring(t));
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
43 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
44 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
45 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
46
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
47 session.open_stream = function ()
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
48 session.sends2s(st.stanza("stream:stream", {
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
49 xmlns='jabber:server', ["xmlns:db"]='jabber:server:dialback',
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
50 ["xmlns:stream"]='http://etherx.jabber.org/streams',
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
51 from=session.from_host, to=session.to_host, version='1.0', ["xml:lang"]='en'}):top_tag());
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
52 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
53
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
54 conn.setlistener(conn, listener);
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
55
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
56 listener.register_outgoing(conn, session);
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
57
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
58 listener.onconnect(conn);
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
59 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
60
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
61 function proxy_listener.register_outgoing(conn, session)
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
62 session.direction = "outgoing";
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
63 sessions[conn] = session;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
64 end
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
65
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
66 function proxy_listener.ondisconnect(conn, err)
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
67 sessions[conn] = nil;
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 end
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 module:hook("route/remote", function(event)
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
71 local from_host, to_host, stanza = event.from_host, event.to_host, event.stanza;
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 local inject = injected and injected[to_host];
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 if not inject then return end
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74 log("debug", "opening a new outgoing connection for this stanza");
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 local host_session = new_outgoing(from_host, to_host);
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77 -- Store in buffer
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
78 host_session.bounce_sendq = bounce_sendq;
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
79 host_session.sendq = { {tostring(stanza), stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} };
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
80 log("debug", "stanza [%s] queued until connection complete", tostring(stanza.name));
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
81
4931
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
82 local host, port = inject[1] or inject, tonumber(inject[2]) or 5269;
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
83
4931
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
84 local conn = addclient(host, port, proxy_listener, "*a");
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
85
4931
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
86 proxy_listener.register_outgoing(conn, host_session);
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
87
4931
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
88 host_session.conn = conn;
f4a9e804c457 mod_s2soutinjection: Rewrite based on mod_onions for 0.12 compat (thanks Zash)
moparisthebest <admin@moparisthebest.com>
parents: 4557
diff changeset
89 return true;
1089
4057f176be7b mod_s2soutinjection: Initial commit, variant of mod_srvinjection using 0.9+ APIs
Kim Alvefur <zash@zash.se>
parents:
diff changeset
90 end, -2);