Software /
code /
prosody
Annotate
plugins/mod_proxy65.lua @ 11710:26a8cc9d9eb7
net.resolvers.service: Only do DANE with secure SRV records
If this seems backwards, that' because it is but the API isn't really
designed to easily pass along details from each resolution step onto the
next.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 18 Jul 2021 23:25:45 +0200 |
parent | 11560:3bbb1af92514 |
child | 12977:74b9e05af71e |
rev | line source |
---|---|
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
1 -- Prosody IM |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
2 -- Copyright (C) 2008-2011 Matthew Wild |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
3 -- Copyright (C) 2008-2011 Waqas Hussain |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 -- Copyright (C) 2009 Thilo Cestonaro |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
5 -- |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 -- This project is MIT/X11 licensed. Please see the |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 -- COPYING file in the source package for more information. |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 -- |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
10 module:set_global(); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
4376
99277a1abe58
mod_proxy65: Apply stringprep to activation target JID.
Waqas Hussain <waqas20@gmail.com>
parents:
4375
diff
changeset
|
12 local jid_compare, jid_prep = require "util.jid".compare, require "util.jid".prep; |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 local st = require "util.stanza"; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 local sha1 = require "util.hashes".sha1; |
3004
c20b9fe1624b
mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents:
2729
diff
changeset
|
15 local server = require "net.server"; |
4917
d1dca1d12d53
mod_proxy65: Add missing import of portmanager
Kim Alvefur <zash@zash.se>
parents:
4916
diff
changeset
|
16 local portmanager = require "core.portmanager"; |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
9146
6bd3602a70e2
mod_proxy65: Split module:shared() into multiple calls, multiple params may be deprecated soon
Matthew Wild <mwild1@gmail.com>
parents:
8728
diff
changeset
|
18 local sessions = module:shared("sessions"); |
6bd3602a70e2
mod_proxy65: Split module:shared() into multiple calls, multiple params may be deprecated soon
Matthew Wild <mwild1@gmail.com>
parents:
8728
diff
changeset
|
19 local transfers = module:shared("transfers"); |
3004
c20b9fe1624b
mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents:
2729
diff
changeset
|
20 local max_buffer_size = 4096; |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
22 local listener = {}; |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
24 function listener.onincoming(conn, data) |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 local session = sessions[conn] or {}; |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
26 |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
27 local transfer = transfers[session.sha]; |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
28 if transfer and transfer.activated then -- copy data between initiator and target |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
29 local initiator, target = transfer.initiator, transfer.target; |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
30 (conn == initiator and target or initiator):write(data); |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
31 return; |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
32 end -- FIXME server.link should be doing this? |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
33 |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
34 if not session.greeting_done then |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
35 local nmethods = data:byte(2) or 0; |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
36 if data:byte(1) == 0x05 and nmethods > 0 and #data == 2 + nmethods then -- check if we have all the data |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
37 if data:find("%z") then -- 0x00 = 'No authentication' is supported |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
38 session.greeting_done = true; |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
39 sessions[conn] = session; |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
40 conn:write("\5\0"); -- send (SOCKS version 5, No authentication) |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
41 module:log("debug", "SOCKS5 greeting complete"); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 return; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 end |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
44 end -- else error, unexpected input |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
45 conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method) |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
46 conn:close(); |
11012
027af78d8125
mod_proxy65: Limit dump of invalid data to 300 bytes (like mod_c2s)
Kim Alvefur <zash@zash.se>
parents:
11011
diff
changeset
|
47 module:log("debug", "Invalid SOCKS5 greeting received: %q", data:sub(1, 300)); |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
48 else -- connection request |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
49 --local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size ) |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
50 if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
51 local sha = data:sub(6, 45); |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
52 conn:pause(); |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
53 conn:write("\5\0\0\3\40" .. sha .. "\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
54 if not transfers[sha] then |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 transfers[sha] = {}; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 transfers[sha].target = conn; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 session.sha = sha; |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
58 module:log("debug", "SOCKS5 target connected for session %s", sha); |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
59 else -- transfers[sha].target ~= nil |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 transfers[sha].initiator = conn; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 session.sha = sha; |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
62 module:log("debug", "SOCKS5 initiator connected for session %s", sha); |
3004
c20b9fe1624b
mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents:
2729
diff
changeset
|
63 server.link(conn, transfers[sha].target, max_buffer_size); |
c20b9fe1624b
mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents:
2729
diff
changeset
|
64 server.link(transfers[sha].target, conn, max_buffer_size); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 end |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
66 else -- error, unexpected input |
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
67 conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) |
2729
7e0c35713bf5
mod_proxy65: Fix for old-style closing of connections (another source of tracebacks with libevent enabled)
Matthew Wild <mwild1@gmail.com>
parents:
2320
diff
changeset
|
68 conn:close(); |
11012
027af78d8125
mod_proxy65: Limit dump of invalid data to 300 bytes (like mod_c2s)
Kim Alvefur <zash@zash.se>
parents:
11011
diff
changeset
|
69 module:log("debug", "Invalid SOCKS5 negotiation received: %q", data:sub(1, 300)); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 |
8643
11b6aa30b3e0
mod_proxy65: Fix all warnings from luacheck
Matthew Wild <mwild1@gmail.com>
parents:
8642
diff
changeset
|
74 function listener.ondisconnect(conn) |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 local session = sessions[conn]; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 if session then |
4414
aa2e79f20962
mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents:
4376
diff
changeset
|
77 if transfers[session.sha] then |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 local initiator, target = transfers[session.sha].initiator, transfers[session.sha].target; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 if initiator == conn and target ~= nil then |
2729
7e0c35713bf5
mod_proxy65: Fix for old-style closing of connections (another source of tracebacks with libevent enabled)
Matthew Wild <mwild1@gmail.com>
parents:
2320
diff
changeset
|
80 target:close(); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 elseif target == conn and initiator ~= nil then |
8643
11b6aa30b3e0
mod_proxy65: Fix all warnings from luacheck
Matthew Wild <mwild1@gmail.com>
parents:
8642
diff
changeset
|
82 initiator:close(); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 transfers[session.sha] = nil; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 -- Clean up any session-related stuff here |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 sessions[conn] = nil; |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
91 function module.add_host(module) |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
92 local host, name = module:get_host(), module:get_option_string("name", "SOCKS5 Bytestreams Service"); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
93 |
6948
e6968e47826d
mod_proxy65: Use typed config API (fix issues when options are set to unexpected types)
Kim Alvefur <zash@zash.se>
parents:
6021
diff
changeset
|
94 local proxy_address = module:get_option_string("proxy65_address", host); |
e6968e47826d
mod_proxy65: Use typed config API (fix issues when options are set to unexpected types)
Kim Alvefur <zash@zash.se>
parents:
6021
diff
changeset
|
95 local proxy_acl = module:get_option_array("proxy65_acl"); |
11555
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
96 local proxy_open_access = module:get_option_boolean("proxy65_open_access", false); |
3694
a7d88f58abbb
mod_proxy65: Add service discovery identity and feature, to help out mod_disco when loaded on a normal host.
Waqas Hussain <waqas20@gmail.com>
parents:
3693
diff
changeset
|
97 |
5375
b31ab26f9997
mod_proxy65: Fix typo in comment
Kim Alvefur <zash@zash.se>
parents:
5336
diff
changeset
|
98 -- COMPAT w/pre-0.9 where proxy65_port was specified in the components section of the config |
4916
31496e8227e8
mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents:
4729
diff
changeset
|
99 local legacy_config = module:get_option_number("proxy65_port"); |
31496e8227e8
mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents:
4729
diff
changeset
|
100 if legacy_config then |
31496e8227e8
mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents:
4729
diff
changeset
|
101 module:log("warn", "proxy65_port is deprecated, please put proxy65_ports = { %d } into the global section instead", legacy_config); |
31496e8227e8
mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents:
4729
diff
changeset
|
102 end |
31496e8227e8
mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents:
4729
diff
changeset
|
103 |
6021
f8c17af769d9
mod_proxy65: Use mod_disco
Florian Zeitz <florob@babelmonkeys.de>
parents:
5776
diff
changeset
|
104 module:depends("disco"); |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
105 module:add_identity("proxy", "bytestreams", name); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
106 module:add_feature("http://jabber.org/protocol/bytestreams"); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
107 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
108 module:hook("iq-get/host/http://jabber.org/protocol/bytestreams:query", function(event) |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
109 local origin, stanza = event.origin, event.stanza; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
110 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
111 -- check ACL |
8643
11b6aa30b3e0
mod_proxy65: Fix all warnings from luacheck
Matthew Wild <mwild1@gmail.com>
parents:
8642
diff
changeset
|
112 -- using 'while' instead of 'if' so we can break out of it |
11555
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
113 local allow; |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
114 if proxy_acl and #proxy_acl > 0 then |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
115 local jid = stanza.attr.from; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
116 for _, acl in ipairs(proxy_acl) do |
11555
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
117 if jid_compare(jid, acl) then |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
118 allow = true; |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
119 break; |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
120 end |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
121 end |
11555
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
122 elseif proxy_open_access or origin.type == "c2s" then |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
123 allow = true; |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
124 end |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
125 |
65dcc175ef5b
mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents:
9645
diff
changeset
|
126 if not allow then |
10111
0f335815244f
plugins: Remove tostring call from logging
Kim Alvefur <zash@zash.se>
parents:
9645
diff
changeset
|
127 module:log("warn", "Denying use of proxy for %s", stanza.attr.from); |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
128 origin.send(st.error_reply(stanza, "auth", "forbidden")); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
129 return true; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
130 end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
131 |
9643
bb8486491b48
mod_proxy65: Check what port is used at the time of the query
Kim Alvefur <zash@zash.se>
parents:
9642
diff
changeset
|
132 local proxy_port = next(portmanager.get_active_services():search("proxy65", nil)[1] or {}); |
9642
e31053344231
mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents:
6948
diff
changeset
|
133 if not proxy_port then |
e31053344231
mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents:
6948
diff
changeset
|
134 module:log("warn", "Not listening on any port"); |
e31053344231
mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents:
6948
diff
changeset
|
135 origin.send(st.error_reply(stanza, "wait", "item-not-found", "Not listening on any port")); |
e31053344231
mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents:
6948
diff
changeset
|
136 return true; |
e31053344231
mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents:
6948
diff
changeset
|
137 end |
e31053344231
mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents:
6948
diff
changeset
|
138 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
139 local sid = stanza.tags[1].attr.sid; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
140 origin.send(st.reply(stanza):tag("query", {xmlns="http://jabber.org/protocol/bytestreams", sid=sid}) |
8642
d2556f237bc2
mod_proxy65: Fix passing number to stanza API (thanks mimi89999)
Matthew Wild <mwild1@gmail.com>
parents:
6948
diff
changeset
|
141 :tag("streamhost", {jid=host, host=proxy_address, port=("%d"):format(proxy_port)})); |
4374 | 142 return true; |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
143 end); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
144 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
145 module:hook("iq-set/host/http://jabber.org/protocol/bytestreams:query", function(event) |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
146 local origin, stanza = event.origin, event.stanza; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
147 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
148 local query = stanza.tags[1]; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
149 local sid = query.attr.sid; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
150 local from = stanza.attr.from; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
151 local to = query:get_child_text("activate"); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
152 local prepped_to = jid_prep(to); |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5375
diff
changeset
|
153 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
154 local info = "sid: "..tostring(sid)..", initiator: "..tostring(from)..", target: "..tostring(prepped_to or to); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
155 if prepped_to and sid then |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
156 local sha = sha1(sid .. from .. prepped_to, true); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
157 if not transfers[sha] then |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
158 module:log("debug", "Activation request has unknown session id; activation failed (%s)", info); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
159 origin.send(st.error_reply(stanza, "modify", "item-not-found")); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
160 elseif not transfers[sha].initiator then |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
161 module:log("debug", "The sender was not connected to the proxy; activation failed (%s)", info); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
162 origin.send(st.error_reply(stanza, "cancel", "not-allowed", "The sender (you) is not connected to the proxy")); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
163 --elseif not transfers[sha].target then -- can't happen, as target is set when a transfer object is created |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
164 -- module:log("debug", "The recipient was not connected to the proxy; activation failed (%s)", info); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
165 -- origin.send(st.error_reply(stanza, "cancel", "not-allowed", "The recipient is not connected to the proxy")); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
166 else -- if transfers[sha].initiator ~= nil and transfers[sha].target ~= nil then |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
167 module:log("debug", "Transfer activated (%s)", info); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
168 transfers[sha].activated = true; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
169 transfers[sha].target:resume(); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
170 transfers[sha].initiator:resume(); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
171 origin.send(st.reply(stanza)); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
172 end |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
173 elseif to and sid then |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
174 module:log("debug", "Malformed activation jid; activation failed (%s)", info); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
175 origin.send(st.error_reply(stanza, "modify", "jid-malformed")); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
176 else |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
177 module:log("debug", "Bad request; activation failed (%s)", info); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
178 origin.send(st.error_reply(stanza, "modify", "bad-request")); |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
179 end |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
180 return true; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
181 end); |
2137
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
182 end |
c5d87a3316f8
mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
183 |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
184 module:provides("net", { |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
185 default_port = 5000; |
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
186 listener = listener; |
4685
3d90264c7b3d
mod_proxy65: Add multiplex pattern.
Waqas Hussain <waqas20@gmail.com>
parents:
4679
diff
changeset
|
187 multiplex = { |
3d90264c7b3d
mod_proxy65: Add multiplex pattern.
Waqas Hussain <waqas20@gmail.com>
parents:
4679
diff
changeset
|
188 pattern = "^\5"; |
3d90264c7b3d
mod_proxy65: Add multiplex pattern.
Waqas Hussain <waqas20@gmail.com>
parents:
4679
diff
changeset
|
189 }; |
4679
5b52b5eaa03d
mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents:
4414
diff
changeset
|
190 }); |