Mercurial > prosody-modules
annotate mod_onions/mod_onions.lua @ 3503:882180b459a0
mod_pubsub_post: Restructure authentication and authorization (BC)
This deprecates the default "superuser" actor model and makes the
default equivalent to the previous "request.id".
A single actor and secret per node is supported because HTTP and
WebHooks don't normally include any authorization identity.
Allowing authentication bypass when no secret is given should be
relatively safe when the actor is unprivileged, as will be unless
explicitly configured otherwise.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 30 Mar 2019 21:16:13 +0100 |
parents | 824b0d7fa883 |
children | 44be2c6087f3 |
rev | line source |
---|---|
1780
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
1 local prosody = prosody; |
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
2 local core_process_stanza = prosody.core_process_stanza; |
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
3 |
2880
05ebe377fc90
mod_onions: Use net.server API for creating a new connection instead of duplicating socket creation
Kim Alvefur <zash@zash.se>
parents:
2873
diff
changeset
|
4 local addclient = require "net.server".addclient; |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
5 local s2s_new_outgoing = require "core.s2smanager".new_outgoing; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
6 local initialize_filters = require "util.filters".initialize; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
7 local st = require "util.stanza"; |
1071
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
8 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
9 local portmanager = require "core.portmanager"; |
1071
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
10 |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
11 local softreq = require "util.dependencies".softreq; |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
12 |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
13 local bit; |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
14 pcall(function() bit = require"bit"; end); |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
15 bit = bit or softreq"bit32" |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
16 if not bit then module:log("error", "No bit module found. Either LuaJIT 2, lua-bitop or Lua 5.2 is required"); end |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
17 |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
18 local band = bit.band; |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
19 local rshift = bit.rshift; |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
20 local lshift = bit.lshift; |
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
21 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
22 local byte = string.byte; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
23 local c = string.char; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
24 |
1617
e0d8caffa209
mod_onions: Depend on mod_s2s to avoid a traceback when loaded before mod_s2s
Matthew Wild <mwild1@gmail.com>
parents:
1468
diff
changeset
|
25 module:depends("s2s"); |
e0d8caffa209
mod_onions: Depend on mod_s2s to avoid a traceback when loaded before mod_s2s
Matthew Wild <mwild1@gmail.com>
parents:
1468
diff
changeset
|
26 |
2344
c928b7ac75b7
mod_onions: Use typed config API
Kim Alvefur <zash@zash.se>
parents:
2306
diff
changeset
|
27 local proxy_ip = module:get_option_string("onions_socks5_host", "127.0.0.1"); |
c928b7ac75b7
mod_onions: Use typed config API
Kim Alvefur <zash@zash.se>
parents:
2306
diff
changeset
|
28 local proxy_port = module:get_option_number("onions_socks5_port", 9050); |
c928b7ac75b7
mod_onions: Use typed config API
Kim Alvefur <zash@zash.se>
parents:
2306
diff
changeset
|
29 local forbid_else = module:get_option_boolean("onions_only", false); |
c928b7ac75b7
mod_onions: Use typed config API
Kim Alvefur <zash@zash.se>
parents:
2306
diff
changeset
|
30 local torify_all = module:get_option_boolean("onions_tor_all", false); |
c928b7ac75b7
mod_onions: Use typed config API
Kim Alvefur <zash@zash.se>
parents:
2306
diff
changeset
|
31 local onions_map = module:get_option("onions_map", {}); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
32 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
33 local sessions = module:shared("sessions"); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
34 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
35 -- The socks5listener handles connection while still connecting to the proxy, |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
36 -- then it hands them over to the normal listener (in mod_s2s) |
1061
f4031e7ccec1
mod_onions: The SOCKS5 port is now a string, as it should be. Added a boolean option onions_tor_all to pass all s2s traffic through Tor.
Thijs Alkemade <me@thijsalkema.de>
parents:
1060
diff
changeset
|
37 local socks5listener = { default_port = proxy_port, default_mode = "*a", default_interface = "*" }; |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
38 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
39 local function socks5_connect_sent(conn, data) |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1299
diff
changeset
|
40 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
41 local session = sessions[conn]; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
42 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
43 if #data < 5 then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
44 session.socks5_buffer = data; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
45 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
46 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
47 |
2704
5ab27d3741b4
mod_onions: Make variable local
Kim Alvefur <zash@zash.se>
parents:
2703
diff
changeset
|
48 local request_status = byte(data, 2); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
49 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
50 if not request_status == 0x00 then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
51 module:log("debug", "Failed to connect to the SOCKS5 proxy. :("); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
52 session:close(false); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
53 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
54 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
55 |
2873
9e693d433a41
mod_onions: Fix typo [codespell]
Kim Alvefur <zash@zash.se>
parents:
2704
diff
changeset
|
56 module:log("debug", "Successfully connected to SOCKS5 proxy."); |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1299
diff
changeset
|
57 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
58 local response = byte(data, 4); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
59 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
60 if response == 0x01 then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
61 if #data < 10 then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
62 -- let's try again when we have enough |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
63 session.socks5_buffer = data; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
64 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
65 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
66 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
67 -- this means the server tells us to connect on an IPv4 address |
2345
2df32ac11b31
mod_onions: Reduce line count for redirect check
Kim Alvefur <zash@zash.se>
parents:
2344
diff
changeset
|
68 local ip = string.format("%d.%d.%d.%d", byte(data, 5,8)); |
1071
8f59b45fe6a7
mod_onions: Copy the code to find the bit module from mod_websockets.
Thijs Alkemade <me@thijsalkema.de>
parents:
1061
diff
changeset
|
69 local port = band(byte(data, 9), lshift(byte(data, 10), 8)); |
2345
2df32ac11b31
mod_onions: Reduce line count for redirect check
Kim Alvefur <zash@zash.se>
parents:
2344
diff
changeset
|
70 module:log("debug", "Should connect to: %s:%d", ip, port); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
71 |
2345
2df32ac11b31
mod_onions: Reduce line count for redirect check
Kim Alvefur <zash@zash.se>
parents:
2344
diff
changeset
|
72 if not (ip == "0.0.0.0" and port == 0) then |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
73 module:log("debug", "The SOCKS5 proxy tells us to connect to a different IP, don't know how. :("); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
74 session:close(false); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
75 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
76 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
77 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
78 -- Now the real s2s listener can take over the connection. |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
79 local listener = portmanager.get_service("s2s").listener; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
80 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
81 module:log("debug", "SOCKS5 done, handing over listening to "..tostring(listener)); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
82 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
83 session.socks5_handler = nil; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
84 session.socks5_buffer = nil; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
85 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
86 local w, log = conn.send, session.log; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
87 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
88 local filter = initialize_filters(session); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
89 |
1467
f10a3a5ba28f
mod_onions: Set the stream version to 1.0 on onionized streams, so TLS is offered.
Thijs Alkemade <me@thijsalkema.de>
parents:
1343
diff
changeset
|
90 session.version = 1; |
f10a3a5ba28f
mod_onions: Set the stream version to 1.0 on onionized streams, so TLS is offered.
Thijs Alkemade <me@thijsalkema.de>
parents:
1343
diff
changeset
|
91 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
92 session.sends2s = function (t) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
93 log("debug", "sending (s2s over socks5): %s", (t.top_tag and t:top_tag()) or t:match("^[^>]*>?")); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
94 if t.name then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
95 t = filter("stanzas/out", t); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
96 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
97 if t then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
98 t = filter("bytes/out", tostring(t)); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
99 if t then |
1299
a7d6c6d2c7b5
mod_onions: Accepted patch that should fix problems when using libevent.
Thijs Alkemade <me@thijsalkema.de>
parents:
1071
diff
changeset
|
100 return conn:write(tostring(t)); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
101 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
102 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
103 end |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1299
diff
changeset
|
104 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
105 session.open_stream = function () |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
106 session.sends2s(st.stanza("stream:stream", { |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
107 xmlns='jabber:server', ["xmlns:db"]='jabber:server:dialback', |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
108 ["xmlns:stream"]='http://etherx.jabber.org/streams', |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
109 from=session.from_host, to=session.to_host, version='1.0', ["xml:lang"]='en'}):top_tag()); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
110 end |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1299
diff
changeset
|
111 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
112 conn.setlistener(conn, listener); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
113 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
114 listener.register_outgoing(conn, session); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
115 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
116 listener.onconnect(conn); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
117 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
118 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
119 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
120 local function socks5_handshake_sent(conn, data) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
121 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
122 local session = sessions[conn]; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
123 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
124 if #data < 2 then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
125 session.socks5_buffer = data; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
126 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
127 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
128 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
129 -- version, method |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
130 local request_status = byte(data, 2); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
131 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
132 module:log("debug", "SOCKS version: "..byte(data, 1)); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
133 module:log("debug", "Response: "..request_status); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
134 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
135 if not request_status == 0x00 then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
136 module:log("debug", "Failed to connect to the SOCKS5 proxy. :( It seems to require authentication."); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
137 session:close(false); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
138 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
139 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
140 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
141 module:log("debug", "Sending connect message."); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
142 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
143 -- version 5, connect, (reserved), type: domainname, (length, hostname), port |
1299
a7d6c6d2c7b5
mod_onions: Accepted patch that should fix problems when using libevent.
Thijs Alkemade <me@thijsalkema.de>
parents:
1071
diff
changeset
|
144 conn:write(c(5) .. c(1) .. c(0) .. c(3) .. c(#session.socks5_to) .. session.socks5_to); |
a7d6c6d2c7b5
mod_onions: Accepted patch that should fix problems when using libevent.
Thijs Alkemade <me@thijsalkema.de>
parents:
1071
diff
changeset
|
145 conn:write(c(rshift(session.socks5_port, 8)) .. c(band(session.socks5_port, 0xff))); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
146 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
147 session.socks5_handler = socks5_connect_sent; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
148 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
149 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
150 function socks5listener.onconnect(conn) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
151 module:log("debug", "Connected to SOCKS5 proxy, sending SOCKS5 handshake."); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
152 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
153 -- Socks version 5, 1 method, no auth |
1299
a7d6c6d2c7b5
mod_onions: Accepted patch that should fix problems when using libevent.
Thijs Alkemade <me@thijsalkema.de>
parents:
1071
diff
changeset
|
154 conn:write(c(5) .. c(1) .. c(0)); |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1299
diff
changeset
|
155 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
156 sessions[conn].socks5_handler = socks5_handshake_sent; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
157 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
158 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
159 function socks5listener.register_outgoing(conn, session) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
160 session.direction = "outgoing"; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
161 sessions[conn] = session; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
162 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
163 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
164 function socks5listener.ondisconnect(conn, err) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
165 sessions[conn] = nil; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
166 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
167 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
168 function socks5listener.onincoming(conn, data) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
169 local session = sessions[conn]; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
170 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
171 if session.socks5_buffer then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
172 data = session.socks5_buffer .. data; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
173 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
174 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
175 if session.socks5_handler then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
176 session.socks5_handler(conn, data); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
177 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
178 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
179 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
180 local function connect_socks5(host_session, connect_host, connect_port) |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1299
diff
changeset
|
181 |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
182 module:log("debug", "Connecting to " .. connect_host .. ":" .. connect_port); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
183 |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
184 -- this is not necessarily the same as .to_host (it can be that this is from the onions_map) |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
185 host_session.socks5_to = connect_host; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
186 host_session.socks5_port = connect_port; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
187 |
2880
05ebe377fc90
mod_onions: Use net.server API for creating a new connection instead of duplicating socket creation
Kim Alvefur <zash@zash.se>
parents:
2873
diff
changeset
|
188 local conn = addclient(proxy_ip, proxy_port, socks5listener, "*a"); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
189 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
190 socks5listener.register_outgoing(conn, host_session); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
191 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
192 host_session.conn = conn; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
193 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
194 |
1780
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
195 local bouncy_stanzas = { message = true, presence = true, iq = true }; |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
196 local function bounce_sendq(session, reason) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
197 local sendq = session.sendq; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
198 if not sendq then return; end |
1780
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
199 session.log("info", "Sending error replies for "..#sendq.." queued stanzas because of failed outgoing connection to "..tostring(session.to_host)); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
200 local dummy = { |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
201 type = "s2sin"; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
202 send = function(s) |
2881
824b0d7fa883
mod_onions: Fix unqualified use of debug.traceback
Kim Alvefur <zash@zash.se>
parents:
2880
diff
changeset
|
203 (session.log or log)("error", "Replying to to an s2s error reply, please report this! Traceback: %s", debug.traceback()); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
204 end; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
205 dummy = true; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
206 }; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
207 for i, data in ipairs(sendq) do |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
208 local reply = data[2]; |
1780
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
209 if reply and not(reply.attr.xmlns) and bouncy_stanzas[reply.name] then |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
210 reply.attr.type = "error"; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
211 reply:tag("error", {type = "cancel"}) |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
212 :tag("remote-server-not-found", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}):up(); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
213 if reason then |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
214 reply:tag("text", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"}) |
1780
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
215 :text("Server-to-server connection failed: "..reason):up(); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
216 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
217 core_process_stanza(dummy, reply); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
218 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
219 sendq[i] = nil; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
220 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
221 session.sendq = nil; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
222 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
223 -- Try to intercept anything to *.onion |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
224 local function route_to_onion(event) |
1468
cf32265eb4c7
mod_onions: Actually define the variable "stanza" to contain "event.stanza", fixing problems of stanzas being dropped for outgoing connections.
Thijs Alkemade <me@thijsalkema.de>
parents:
1467
diff
changeset
|
225 local stanza = event.stanza; |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
226 local to_host = event.to_host; |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
227 local onion_host = nil; |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
228 local onion_port = nil; |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
229 |
2304
a881494238af
mod_onions: Remove capture of final period (stripped by util.jid)
Kim Alvefur <zash@zash.se>
parents:
2303
diff
changeset
|
230 if not to_host:find("%.onion$") then |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
231 if onions_map[to_host] then |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
232 if type(onions_map[to_host]) == "string" then |
1910
720b291cb340
mod_onions: Patch from David Goulet: Fix onions_map when the target is a string.
Thijs Alkemade <me@thijsalkema.de>
parents:
1781
diff
changeset
|
233 onion_host = onions_map[to_host]; |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
234 else |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
235 onion_host = onions_map[to_host].host; |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
236 onion_port = onions_map[to_host].port; |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
237 end |
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
238 elseif forbid_else then |
1780
b3e3ad35391a
mod_onions: Small fixes making bounce_sendq match mod_s2s again.
Thijs Alkemade <me@thijsalkema.de>
parents:
1617
diff
changeset
|
239 module:log("debug", event.to_host .. " is not an onion. Blocking it."); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
240 return false; |
1061
f4031e7ccec1
mod_onions: The SOCKS5 port is now a string, as it should be. Added a boolean option onions_tor_all to pass all s2s traffic through Tor.
Thijs Alkemade <me@thijsalkema.de>
parents:
1060
diff
changeset
|
241 elseif not torify_all then |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
242 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
243 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
244 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
245 |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
246 module:log("debug", "Onion routing something to ".. to_host); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
247 |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
248 if hosts[event.from_host].s2sout[to_host] then |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
249 return; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
250 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
251 |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
252 local host_session = s2s_new_outgoing(event.from_host, to_host); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
253 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
254 host_session.bounce_sendq = bounce_sendq; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
255 host_session.sendq = { {tostring(stanza), stanza.attr and stanza.attr.type ~= "error" and stanza.attr.type ~= "result" and st.reply(stanza)} }; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
256 |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
257 hosts[event.from_host].s2sout[to_host] = host_session; |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
258 |
1781
12ac88940fe3
mod_onions: Now allows configuration of an "onions_map", allowing administrator to manually specify alternate hidden services for clearnet addresses.
Thijs Alkemade <me@thijsalkema.de>
parents:
1780
diff
changeset
|
259 connect_socks5(host_session, onion_host or to_host, onion_port or 5269); |
1060
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
260 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
261 return true; |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
262 end |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
263 |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
264 module:log("debug", "Onions ready and loaded"); |
25b83ed7838a
mod_onions: Added mod_onions. This module allows Prosody to make s2s connections to Tor hidden services.
Thijs Alkemade <me@thijsalkema.de>
parents:
diff
changeset
|
265 |
2305
7db4d3f5fb73
mod_onions: Hook event using moduleapi
Kim Alvefur <zash@zash.se>
parents:
2304
diff
changeset
|
266 module:hook("route/remote", route_to_onion, 200); |
2306
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
267 |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
268 module:hook_global("s2s-check-certificate", function (event) |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
269 local host = event.host; |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
270 if host and host:find("%.onion$") then |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
271 return true; |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
272 end |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
273 end); |
ad40c094e7d7
mod_onions: Prevent s2s_secure_auth policy enforcement from rejecting .onion connections
Kim Alvefur <zash@zash.se>
parents:
2305
diff
changeset
|
274 |