prosody-modules
85b8622ccffd
mod_proxy65/mod_proxy65.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Comparison

mod_proxy65/mod_proxy65.lua @ 77:85b8622ccffd

mod_proxy65: close unknown connection with no authentication data, close target if initator hangs up and vica versa
author Thilo Cestonaro <thilo@cestona.ro>
date Sun, 01 Nov 2009 10:38:51 +0100
parent 74:d70813f7d90a
child 79:34f5818c90e9
comparison
equal deleted inserted replaced
76:1fc4e8dc66a6 77:85b8622ccffd
11 local jid_split = require "util.jid".split; 11 local jid_split = require "util.jid".split;
12 local st = require "util.stanza"; 12 local st = require "util.stanza";
13 local componentmanager = require "core.componentmanager"; 13 local componentmanager = require "core.componentmanager";
14 local config_get = require "core.configmanager".get; 14 local config_get = require "core.configmanager".get;
15 local connlisteners = require "net.connlisteners"; 15 local connlisteners = require "net.connlisteners";
16 local adns, dns = require "net.adns", require "net.dns";
17 local add_task = require "util.timer".add_task;
18 local max_dns_depth = config.get("*", "core", "dns_max_depth") or 3;
19 local dns_timeout = config.get("*", "core", "dns_timeout") or 60;
20 local sha1 = require "util.hashes".sha1; 16 local sha1 = require "util.hashes".sha1;
21 17
22 local host, name = module:get_host(), "SOCKS5 Bytestreams Service"; 18 local host, name = module:get_host(), "SOCKS5 Bytestreams Service";
23 local sessions, transfers, component, replies_cache = {}, {}, nil, {}; 19 local sessions, transfers, component, replies_cache = {}, {}, nil, {};
24 20
25 local proxy_port = config_get(host, "core", "proxy65_port") or 5000; 21 local proxy_port = config_get(host, "core", "proxy65_port") or 5000;
26 local proxy_interface = config_get(host, "core", "proxy65_interface") or "*"; 22 local proxy_interface = config_get(host, "core", "proxy65_interface") or "*";
27 local proxy_address = config_get(host, "core", "proxy65_address") or (proxy_interface ~= "*" and proxy_interface) or module.host; 23 local proxy_address = config_get(host, "core", "proxy65_address") or (proxy_interface ~= "*" and proxy_interface) or host;
28 24
29 local connlistener = { default_port = proxy_port, 25 local connlistener = { default_port = proxy_port, default_interface = proxy_interface, default_mode = "*a" };
30 default_interface = proxy_interface,
31 default_mode = "*a" };
32 26
33 function connlistener.listener(conn, data) 27 function connlistener.listener(conn, data)
34 local session = sessions[conn] or {}; 28 local session = sessions[conn] or {};
35 29
36 if session.setup == false and data ~= nil and data:sub(1):byte() == 0x05 and data:len() > 2 then 30 if session.setup == nil and data ~= nil and data:sub(1):byte() == 0x05 and data:len() > 2 then
37 local nmethods = data:sub(2):byte(); 31 local nmethods = data:sub(2):byte();
38 local methods = data:sub(3); 32 local methods = data:sub(3);
39 local supported = false; 33 local supported = false;
40 for i=1, nmethods, 1 do 34 for i=1, nmethods, 1 do
41 if(methods:sub(i):byte() == 0x00) then -- 0x00 == method: NO AUTH 35 if(methods:sub(i):byte() == 0x00) then -- 0x00 == method: NO AUTH
62 if data ~= nil and data:len() == 0x2F and -- 40 == length of SHA1 HASH, and 7 other bytes => 47 => 0x2F 56 if data ~= nil and data:len() == 0x2F and -- 40 == length of SHA1 HASH, and 7 other bytes => 47 => 0x2F
63 data:sub(1):byte() == 0x05 and -- SOCKS5 has 5 in first byte 57 data:sub(1):byte() == 0x05 and -- SOCKS5 has 5 in first byte
64 data:sub(2):byte() == 0x01 and -- CMD must be 1 58 data:sub(2):byte() == 0x01 and -- CMD must be 1
65 data:sub(3):byte() == 0x00 and -- RSV must be 0 59 data:sub(3):byte() == 0x00 and -- RSV must be 0
66 data:sub(4):byte() == 0x03 and -- ATYP must be 3 60 data:sub(4):byte() == 0x03 and -- ATYP must be 3
67 data:sub(5):byte() == 40 and -- SHA1 HASH length must be 64 (0x40) 61 data:sub(5):byte() == 40 and -- SHA1 HASH length must be 40 (0x28)
68 data:sub(-2):byte() == 0x00 and -- PORT must be 0, size 2 byte 62 data:sub(-2):byte() == 0x00 and -- PORT must be 0, size 2 byte
69 data:sub(-1):byte() == 0x00 63 data:sub(-1):byte() == 0x00
70 then 64 then
71 local sha = data:sub(6, 45); -- second param is not count! it's the ending index (included!) 65 local sha = data:sub(6, 45); -- second param is not count! it's the ending index (included!)
72 if transfers[sha] == nil then 66 if transfers[sha] == nil then
80 session.sha = sha; 74 session.sha = sha;
81 module:log("debug", "initiator connected ... "); 75 module:log("debug", "initiator connected ... ");
82 end 76 end
83 conn.write(string.char(5, 0, 0, 3, sha:len()) .. sha .. string.char(0, 0)); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) 77 conn.write(string.char(5, 0, 0, 3, sha:len()) .. sha .. string.char(0, 0)); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte)
84 end 78 end
79 else
80 if data ~= nil then
81 module:log("debug", "unknown connection with no authentication data -> closing it");
82 conn.close();
83 end
85 end 84 end
86 end 85 end
87 86
88 function connlistener.disconnect(conn, err) 87 function connlistener.disconnect(conn, err)
89 if sessions[conn] then 88 local session = sessions[conn];
89 if session then
90 if session.sha and transfers[session.sha] then
91 local initiator, target = transfers[session.sha].initiator, transfers[session.sha].target;
92 if initiator == conn then
93 target.close();
94 elseif target == conn then
95 initiator.close();
96 end
97 end
90 -- Clean up any session-related stuff here 98 -- Clean up any session-related stuff here
91 sessions[conn] = nil; 99 sessions[conn] = nil;
92 end 100 end
93 end 101 end
94 102