prosody
b2331f3dfeea
plugins/mod_proxy65.lua
Software / code / prosody
Comparison
plugins/mod_proxy65.lua @ 11120:b2331f3dfeea
Merge 0.11->trunk
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 30 Sep 2020 09:50:33 +0100 |
| parent | 11012:027af78d8125 |
| child | 11560:3bbb1af92514 |
comparison
equal
deleted
inserted
replaced
| 11119:68df52bf08d5 | 11120:b2331f3dfeea |
|---|---|
| 10 module:set_global(); | 10 module:set_global(); |
| 11 | 11 |
| 12 local jid_compare, jid_prep = require "util.jid".compare, require "util.jid".prep; | 12 local jid_compare, jid_prep = require "util.jid".compare, require "util.jid".prep; |
| 13 local st = require "util.stanza"; | 13 local st = require "util.stanza"; |
| 14 local sha1 = require "util.hashes".sha1; | 14 local sha1 = require "util.hashes".sha1; |
| 15 local b64 = require "util.encodings".base64.encode; | |
| 16 local server = require "net.server"; | 15 local server = require "net.server"; |
| 17 local portmanager = require "core.portmanager"; | 16 local portmanager = require "core.portmanager"; |
| 18 | 17 |
| 19 local sessions = module:shared("sessions"); | 18 local sessions = module:shared("sessions"); |
| 20 local transfers = module:shared("transfers"); | 19 local transfers = module:shared("transfers"); |
| 43 return; | 42 return; |
| 44 end | 43 end |
| 45 end -- else error, unexpected input | 44 end -- else error, unexpected input |
| 46 conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method) | 45 conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method) |
| 47 conn:close(); | 46 conn:close(); |
| 48 module:log("debug", "Invalid SOCKS5 greeting received: '%s'", b64(data)); | 47 module:log("debug", "Invalid SOCKS5 greeting received: %q", data:sub(1, 300)); |
| 49 else -- connection request | 48 else -- connection request |
| 50 --local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size ) | 49 --local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size ) |
| 51 if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then | 50 if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then |
| 52 local sha = data:sub(6, 45); | 51 local sha = data:sub(6, 45); |
| 53 conn:pause(); | 52 conn:pause(); |
| 65 server.link(transfers[sha].target, conn, max_buffer_size); | 64 server.link(transfers[sha].target, conn, max_buffer_size); |
| 66 end | 65 end |
| 67 else -- error, unexpected input | 66 else -- error, unexpected input |
| 68 conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) | 67 conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) |
| 69 conn:close(); | 68 conn:close(); |
| 70 module:log("debug", "Invalid SOCKS5 negotiation received: '%s'", b64(data)); | 69 module:log("debug", "Invalid SOCKS5 negotiation received: %q", data:sub(1, 300)); |
| 71 end | 70 end |
| 72 end | 71 end |
| 73 end | 72 end |
| 74 | 73 |
| 75 function listener.ondisconnect(conn) | 74 function listener.ondisconnect(conn) |
| 115 local allow; | 114 local allow; |
| 116 for _, acl in ipairs(proxy_acl) do | 115 for _, acl in ipairs(proxy_acl) do |
| 117 if jid_compare(jid, acl) then allow = true; break; end | 116 if jid_compare(jid, acl) then allow = true; break; end |
| 118 end | 117 end |
| 119 if allow then break; end | 118 if allow then break; end |
| 120 module:log("warn", "Denying use of proxy for %s", tostring(stanza.attr.from)); | 119 module:log("warn", "Denying use of proxy for %s", stanza.attr.from); |
| 121 origin.send(st.error_reply(stanza, "auth", "forbidden")); | 120 origin.send(st.error_reply(stanza, "auth", "forbidden")); |
| 122 return true; | 121 return true; |
| 123 end | 122 end |
| 124 | 123 |
| 125 local proxy_port = next(portmanager.get_active_services():search("proxy65", nil)[1] or {}); | 124 local proxy_port = next(portmanager.get_active_services():search("proxy65", nil)[1] or {}); |
