prosody
c079103c9172
plugins/mod_proxy65.lua
Software / code / prosody
Comparison
plugins/mod_proxy65.lua @ 11011:c079103c9172
mod_proxy65: Log invalid greetings escaped instead of as base64
Makes it easier to see human-readable parts and thus identifying the
garbage. Also consistent with mod_c2s and others.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 16 Jul 2020 10:26:36 +0200 |
| parent | 10111:0f335815244f |
| child | 11012:027af78d8125 |
comparison
equal
deleted
inserted
replaced
| 11010:6b27cb706b89 | 11011:c079103c9172 |
|---|---|
| 10 module:set_global(); | 10 module:set_global(); |
| 11 | 11 |
| 12 local jid_compare, jid_prep = require "util.jid".compare, require "util.jid".prep; | 12 local jid_compare, jid_prep = require "util.jid".compare, require "util.jid".prep; |
| 13 local st = require "util.stanza"; | 13 local st = require "util.stanza"; |
| 14 local sha1 = require "util.hashes".sha1; | 14 local sha1 = require "util.hashes".sha1; |
| 15 local b64 = require "util.encodings".base64.encode; | |
| 16 local server = require "net.server"; | 15 local server = require "net.server"; |
| 17 local portmanager = require "core.portmanager"; | 16 local portmanager = require "core.portmanager"; |
| 18 | 17 |
| 19 local sessions = module:shared("sessions"); | 18 local sessions = module:shared("sessions"); |
| 20 local transfers = module:shared("transfers"); | 19 local transfers = module:shared("transfers"); |
| 43 return; | 42 return; |
| 44 end | 43 end |
| 45 end -- else error, unexpected input | 44 end -- else error, unexpected input |
| 46 conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method) | 45 conn:write("\5\255"); -- send (SOCKS version 5, no acceptable method) |
| 47 conn:close(); | 46 conn:close(); |
| 48 module:log("debug", "Invalid SOCKS5 greeting received: '%s'", b64(data)); | 47 module:log("debug", "Invalid SOCKS5 greeting received: %q", data); |
| 49 else -- connection request | 48 else -- connection request |
| 50 --local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size ) | 49 --local head = string.char( 0x05, 0x01, 0x00, 0x03, 40 ); -- ( VER=5=SOCKS5, CMD=1=CONNECT, RSV=0=RESERVED, ATYP=3=DOMAIMNAME, SHA-1 size ) |
| 51 if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then | 50 if #data == 47 and data:sub(1,5) == "\5\1\0\3\40" and data:sub(-2) == "\0\0" then |
| 52 local sha = data:sub(6, 45); | 51 local sha = data:sub(6, 45); |
| 53 conn:pause(); | 52 conn:pause(); |
| 65 server.link(transfers[sha].target, conn, max_buffer_size); | 64 server.link(transfers[sha].target, conn, max_buffer_size); |
| 66 end | 65 end |
| 67 else -- error, unexpected input | 66 else -- error, unexpected input |
| 68 conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) | 67 conn:write("\5\1\0\3\0\0\0"); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) |
| 69 conn:close(); | 68 conn:close(); |
| 70 module:log("debug", "Invalid SOCKS5 negotiation received: '%s'", b64(data)); | 69 module:log("debug", "Invalid SOCKS5 negotiation received: %q", data); |
| 71 end | 70 end |
| 72 end | 71 end |
| 73 end | 72 end |
| 74 | 73 |
| 75 function listener.ondisconnect(conn) | 74 function listener.ondisconnect(conn) |
