Annotate

plugins/mod_proxy65.lua @ 12884:f5a75aaa8a25

util.poll: Include unistd.h only for epoll This defines close(), which is only used with epoll, hence we don't need to include it when building in poll or select mode.
author Kim Alvefur <zash@zash.se>
date Fri, 10 Feb 2023 00:37:05 +0100
parent 11560:3bbb1af92514
child 12977:74b9e05af71e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
1 -- Prosody IM
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
2 -- Copyright (C) 2008-2011 Matthew Wild
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
3 -- Copyright (C) 2008-2011 Waqas Hussain
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 -- Copyright (C) 2009 Thilo Cestonaro
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
5 --
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 -- This project is MIT/X11 licensed. Please see the
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 -- COPYING file in the source package for more information.
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 --
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
10 module:set_global();
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11
4376
99277a1abe58 mod_proxy65: Apply stringprep to activation target JID.
Waqas Hussain <waqas20@gmail.com>
parents: 4375
diff changeset
12 local jid_compare, jid_prep = require "util.jid".compare, require "util.jid".prep;
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local st = require "util.stanza";
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local sha1 = require "util.hashes".sha1;
3004
c20b9fe1624b mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents: 2729
diff changeset
15 local server = require "net.server";
4917
d1dca1d12d53 mod_proxy65: Add missing import of portmanager
Kim Alvefur <zash@zash.se>
parents: 4916
diff changeset
16 local portmanager = require "core.portmanager";
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17
9146
6bd3602a70e2 mod_proxy65: Split module:shared() into multiple calls, multiple params may be deprecated soon
Matthew Wild <mwild1@gmail.com>
parents: 8728
diff changeset
18 local sessions = module:shared("sessions");
6bd3602a70e2 mod_proxy65: Split module:shared() into multiple calls, multiple params may be deprecated soon
Matthew Wild <mwild1@gmail.com>
parents: 8728
diff changeset
19 local transfers = module:shared("transfers");
3004
c20b9fe1624b mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents: 2729
diff changeset
20 local max_buffer_size = 4096;
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
22 local listener = {};
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
24 function listener.onincoming(conn, data)
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 local session = sessions[conn] or {};
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
26
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
27 local transfer = transfers[session.sha];
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
28 if transfer and transfer.activated then -- copy data between initiator and target
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
29 local initiator, target = transfer.initiator, transfer.target;
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
30 (conn == initiator and target or initiator):write(data);
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
31 return;
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
32 end -- FIXME server.link should be doing this?
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
33
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
34 if not session.greeting_done then
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
35 local nmethods = data:byte(2) or 0;
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
36 if data:byte(1) == 0x05 and nmethods > 0 and #data == 2 + nmethods then -- check if we have all the data
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
37 if data:find("%z") then -- 0x00 = 'No authentication' is supported
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
38 session.greeting_done = true;
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
39 sessions[conn] = session;
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
40 conn:write("\5\0"); -- send (SOCKS version 5, No authentication)
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
41 module:log("debug", "SOCKS5 greeting complete");
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 return;
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 end
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
44 end -- else error, unexpected input
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
45 conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method)
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
46 conn:close();
11012
027af78d8125 mod_proxy65: Limit dump of invalid data to 300 bytes (like mod_c2s)
Kim Alvefur <zash@zash.se>
parents: 11011
diff changeset
47 module:log("debug", "Invalid SOCKS5 greeting received: %q", data:sub(1, 300));
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
48 else -- connection request
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
49 --local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size )
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
50 if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
51 local sha = data:sub(6, 45);
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
52 conn:pause();
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
53 conn:write("\5\0\0\3\40" .. sha .. "\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte)
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
54 if not transfers[sha] then
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 transfers[sha] = {};
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 transfers[sha].target = conn;
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 session.sha = sha;
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
58 module:log("debug", "SOCKS5 target connected for session %s", sha);
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
59 else -- transfers[sha].target ~= nil
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 transfers[sha].initiator = conn;
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 session.sha = sha;
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
62 module:log("debug", "SOCKS5 initiator connected for session %s", sha);
3004
c20b9fe1624b mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents: 2729
diff changeset
63 server.link(conn, transfers[sha].target, max_buffer_size);
c20b9fe1624b mod_proxy65: Use new server.link to link proxied connections, now works with either connection backend
Matthew Wild <mwild1@gmail.com>
parents: 2729
diff changeset
64 server.link(transfers[sha].target, conn, max_buffer_size);
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 end
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
66 else -- error, unexpected input
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
67 conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte)
2729
7e0c35713bf5 mod_proxy65: Fix for old-style closing of connections (another source of tracebacks with libevent enabled)
Matthew Wild <mwild1@gmail.com>
parents: 2320
diff changeset
68 conn:close();
11012
027af78d8125 mod_proxy65: Limit dump of invalid data to 300 bytes (like mod_c2s)
Kim Alvefur <zash@zash.se>
parents: 11011
diff changeset
69 module:log("debug", "Invalid SOCKS5 negotiation received: %q", data:sub(1, 300));
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73
8643
11b6aa30b3e0 mod_proxy65: Fix all warnings from luacheck
Matthew Wild <mwild1@gmail.com>
parents: 8642
diff changeset
74 function listener.ondisconnect(conn)
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 local session = sessions[conn];
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 if session then
4414
aa2e79f20962 mod_proxy65: Major cleanup, better logging, handling of all error cases, less code, and other goodness.
Waqas Hussain <waqas20@gmail.com>
parents: 4376
diff changeset
77 if transfers[session.sha] then
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 local initiator, target = transfers[session.sha].initiator, transfers[session.sha].target;
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 if initiator == conn and target ~= nil then
2729
7e0c35713bf5 mod_proxy65: Fix for old-style closing of connections (another source of tracebacks with libevent enabled)
Matthew Wild <mwild1@gmail.com>
parents: 2320
diff changeset
80 target:close();
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 elseif target == conn and initiator ~= nil then
8643
11b6aa30b3e0 mod_proxy65: Fix all warnings from luacheck
Matthew Wild <mwild1@gmail.com>
parents: 8642
diff changeset
82 initiator:close();
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84 transfers[session.sha] = nil;
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 -- Clean up any session-related stuff here
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 sessions[conn] = nil;
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
91 function module.add_host(module)
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
92 local host, name = module:get_host(), module:get_option_string("name", "SOCKS5 Bytestreams Service");
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
93
6948
e6968e47826d mod_proxy65: Use typed config API (fix issues when options are set to unexpected types)
Kim Alvefur <zash@zash.se>
parents: 6021
diff changeset
94 local proxy_address = module:get_option_string("proxy65_address", host);
e6968e47826d mod_proxy65: Use typed config API (fix issues when options are set to unexpected types)
Kim Alvefur <zash@zash.se>
parents: 6021
diff changeset
95 local proxy_acl = module:get_option_array("proxy65_acl");
11555
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
96 local proxy_open_access = module:get_option_boolean("proxy65_open_access", false);
3694
a7d88f58abbb mod_proxy65: Add service discovery identity and feature, to help out mod_disco when loaded on a normal host.
Waqas Hussain <waqas20@gmail.com>
parents: 3693
diff changeset
97
5375
b31ab26f9997 mod_proxy65: Fix typo in comment
Kim Alvefur <zash@zash.se>
parents: 5336
diff changeset
98 -- COMPAT w/pre-0.9 where proxy65_port was specified in the components section of the config
4916
31496e8227e8 mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents: 4729
diff changeset
99 local legacy_config = module:get_option_number("proxy65_port");
31496e8227e8 mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents: 4729
diff changeset
100 if legacy_config then
31496e8227e8 mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents: 4729
diff changeset
101 module:log("warn", "proxy65_port is deprecated, please put proxy65_ports = { %d } into the global section instead", legacy_config);
31496e8227e8 mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents: 4729
diff changeset
102 end
31496e8227e8 mod_proxy65: Warn about pre-0.9 config style (per host proxy65_port)
Kim Alvefur <zash@zash.se>
parents: 4729
diff changeset
103
6021
f8c17af769d9 mod_proxy65: Use mod_disco
Florian Zeitz <florob@babelmonkeys.de>
parents: 5776
diff changeset
104 module:depends("disco");
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
105 module:add_identity("proxy", "bytestreams", name);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
106 module:add_feature("http://jabber.org/protocol/bytestreams");
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
107
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
108 module:hook("iq-get/host/http://jabber.org/protocol/bytestreams:query", function(event)
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
109 local origin, stanza = event.origin, event.stanza;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
110
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
111 -- check ACL
8643
11b6aa30b3e0 mod_proxy65: Fix all warnings from luacheck
Matthew Wild <mwild1@gmail.com>
parents: 8642
diff changeset
112 -- using 'while' instead of 'if' so we can break out of it
11555
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
113 local allow;
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
114 if proxy_acl and #proxy_acl > 0 then
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
115 local jid = stanza.attr.from;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
116 for _, acl in ipairs(proxy_acl) do
11555
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
117 if jid_compare(jid, acl) then
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
118 allow = true;
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
119 break;
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
120 end
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
121 end
11555
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
122 elseif proxy_open_access or origin.type == "c2s" then
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
123 allow = true;
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
124 end
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
125
65dcc175ef5b mod_proxy65: Restrict access to local c2s connections by default
Matthew Wild <mwild1@gmail.com>
parents: 9645
diff changeset
126 if not allow then
10111
0f335815244f plugins: Remove tostring call from logging
Kim Alvefur <zash@zash.se>
parents: 9645
diff changeset
127 module:log("warn", "Denying use of proxy for %s", stanza.attr.from);
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
128 origin.send(st.error_reply(stanza, "auth", "forbidden"));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
129 return true;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
130 end
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
131
9643
bb8486491b48 mod_proxy65: Check what port is used at the time of the query
Kim Alvefur <zash@zash.se>
parents: 9642
diff changeset
132 local proxy_port = next(portmanager.get_active_services():search("proxy65", nil)[1] or {});
9642
e31053344231 mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents: 6948
diff changeset
133 if not proxy_port then
e31053344231 mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents: 6948
diff changeset
134 module:log("warn", "Not listening on any port");
e31053344231 mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents: 6948
diff changeset
135 origin.send(st.error_reply(stanza, "wait", "item-not-found", "Not listening on any port"));
e31053344231 mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents: 6948
diff changeset
136 return true;
e31053344231 mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents: 6948
diff changeset
137 end
e31053344231 mod_proxy65: Return an error if no port is open (fixes #1240)
Kim Alvefur <zash@zash.se>
parents: 6948
diff changeset
138
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
139 local sid = stanza.tags[1].attr.sid;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
140 origin.send(st.reply(stanza):tag("query", {xmlns="http://jabber.org/protocol/bytestreams", sid=sid})
8642
d2556f237bc2 mod_proxy65: Fix passing number to stanza API (thanks mimi89999)
Matthew Wild <mwild1@gmail.com>
parents: 6948
diff changeset
141 :tag("streamhost", {jid=host, host=proxy_address, port=("%d"):format(proxy_port)}));
4374
c38f20f172b3 mod_proxy65: Cleanup.
Waqas Hussain <waqas20@gmail.com>
parents: 3694
diff changeset
142 return true;
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
143 end);
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
144
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
145 module:hook("iq-set/host/http://jabber.org/protocol/bytestreams:query", function(event)
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
146 local origin, stanza = event.origin, event.stanza;
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
147
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
148 local query = stanza.tags[1];
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
149 local sid = query.attr.sid;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
150 local from = stanza.attr.from;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
151 local to = query:get_child_text("activate");
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
152 local prepped_to = jid_prep(to);
5776
bd0ff8ae98a8 Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 5375
diff changeset
153
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
154 local info = "sid: "..tostring(sid)..", initiator: "..tostring(from)..", target: "..tostring(prepped_to or to);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
155 if prepped_to and sid then
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
156 local sha = sha1(sid .. from .. prepped_to, true);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
157 if not transfers[sha] then
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
158 module:log("debug", "Activation request has unknown session id; activation failed (%s)", info);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
159 origin.send(st.error_reply(stanza, "modify", "item-not-found"));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
160 elseif not transfers[sha].initiator then
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
161 module:log("debug", "The sender was not connected to the proxy; activation failed (%s)", info);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
162 origin.send(st.error_reply(stanza, "cancel", "not-allowed", "The sender (you) is not connected to the proxy"));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
163 --elseif not transfers[sha].target then -- can't happen, as target is set when a transfer object is created
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
164 -- module:log("debug", "The recipient was not connected to the proxy; activation failed (%s)", info);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
165 -- origin.send(st.error_reply(stanza, "cancel", "not-allowed", "The recipient is not connected to the proxy"));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
166 else -- if transfers[sha].initiator ~= nil and transfers[sha].target ~= nil then
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
167 module:log("debug", "Transfer activated (%s)", info);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
168 transfers[sha].activated = true;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
169 transfers[sha].target:resume();
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
170 transfers[sha].initiator:resume();
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
171 origin.send(st.reply(stanza));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
172 end
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
173 elseif to and sid then
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
174 module:log("debug", "Malformed activation jid; activation failed (%s)", info);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
175 origin.send(st.error_reply(stanza, "modify", "jid-malformed"));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
176 else
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
177 module:log("debug", "Bad request; activation failed (%s)", info);
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
178 origin.send(st.error_reply(stanza, "modify", "bad-request"));
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
179 end
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
180 return true;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
181 end);
2137
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
182 end
c5d87a3316f8 mod_proxy65: Import from prosody-modules, thanks Ephraim :)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
183
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
184 module:provides("net", {
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
185 default_port = 5000;
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
186 listener = listener;
4685
3d90264c7b3d mod_proxy65: Add multiplex pattern.
Waqas Hussain <waqas20@gmail.com>
parents: 4679
diff changeset
187 multiplex = {
3d90264c7b3d mod_proxy65: Add multiplex pattern.
Waqas Hussain <waqas20@gmail.com>
parents: 4679
diff changeset
188 pattern = "^\5";
3d90264c7b3d mod_proxy65: Add multiplex pattern.
Waqas Hussain <waqas20@gmail.com>
parents: 4679
diff changeset
189 };
4679
5b52b5eaa03d mod_proxy65: Port to portmanager, make a shared module
Matthew Wild <mwild1@gmail.com>
parents: 4414
diff changeset
190 });