Mercurial > prosody-modules
comparison mod_proxy65/mod_proxy65.lua @ 77:85b8622ccffd
mod_proxy65: close unknown connection with no authentication data, close target if initator hangs up and vica versa
| author | Thilo Cestonaro <thilo@cestona.ro> |
|---|---|
| date | Sun, 01 Nov 2009 10:38:51 +0100 |
| parents | d70813f7d90a |
| children | 34f5818c90e9 |
comparison
equal
deleted
inserted
replaced
| 76:1fc4e8dc66a6 | 77:85b8622ccffd |
|---|---|
| 11 local jid_split = require "util.jid".split; | 11 local jid_split = require "util.jid".split; |
| 12 local st = require "util.stanza"; | 12 local st = require "util.stanza"; |
| 13 local componentmanager = require "core.componentmanager"; | 13 local componentmanager = require "core.componentmanager"; |
| 14 local config_get = require "core.configmanager".get; | 14 local config_get = require "core.configmanager".get; |
| 15 local connlisteners = require "net.connlisteners"; | 15 local connlisteners = require "net.connlisteners"; |
| 16 local adns, dns = require "net.adns", require "net.dns"; | |
| 17 local add_task = require "util.timer".add_task; | |
| 18 local max_dns_depth = config.get("*", "core", "dns_max_depth") or 3; | |
| 19 local dns_timeout = config.get("*", "core", "dns_timeout") or 60; | |
| 20 local sha1 = require "util.hashes".sha1; | 16 local sha1 = require "util.hashes".sha1; |
| 21 | 17 |
| 22 local host, name = module:get_host(), "SOCKS5 Bytestreams Service"; | 18 local host, name = module:get_host(), "SOCKS5 Bytestreams Service"; |
| 23 local sessions, transfers, component, replies_cache = {}, {}, nil, {}; | 19 local sessions, transfers, component, replies_cache = {}, {}, nil, {}; |
| 24 | 20 |
| 25 local proxy_port = config_get(host, "core", "proxy65_port") or 5000; | 21 local proxy_port = config_get(host, "core", "proxy65_port") or 5000; |
| 26 local proxy_interface = config_get(host, "core", "proxy65_interface") or "*"; | 22 local proxy_interface = config_get(host, "core", "proxy65_interface") or "*"; |
| 27 local proxy_address = config_get(host, "core", "proxy65_address") or (proxy_interface ~= "*" and proxy_interface) or module.host; | 23 local proxy_address = config_get(host, "core", "proxy65_address") or (proxy_interface ~= "*" and proxy_interface) or host; |
| 28 | 24 |
| 29 local connlistener = { default_port = proxy_port, | 25 local connlistener = { default_port = proxy_port, default_interface = proxy_interface, default_mode = "*a" }; |
| 30 default_interface = proxy_interface, | |
| 31 default_mode = "*a" }; | |
| 32 | 26 |
| 33 function connlistener.listener(conn, data) | 27 function connlistener.listener(conn, data) |
| 34 local session = sessions[conn] or {}; | 28 local session = sessions[conn] or {}; |
| 35 | 29 |
| 36 if session.setup == false and data ~= nil and data:sub(1):byte() == 0x05 and data:len() > 2 then | 30 if session.setup == nil and data ~= nil and data:sub(1):byte() == 0x05 and data:len() > 2 then |
| 37 local nmethods = data:sub(2):byte(); | 31 local nmethods = data:sub(2):byte(); |
| 38 local methods = data:sub(3); | 32 local methods = data:sub(3); |
| 39 local supported = false; | 33 local supported = false; |
| 40 for i=1, nmethods, 1 do | 34 for i=1, nmethods, 1 do |
| 41 if(methods:sub(i):byte() == 0x00) then -- 0x00 == method: NO AUTH | 35 if(methods:sub(i):byte() == 0x00) then -- 0x00 == method: NO AUTH |
| 62 if data ~= nil and data:len() == 0x2F and -- 40 == length of SHA1 HASH, and 7 other bytes => 47 => 0x2F | 56 if data ~= nil and data:len() == 0x2F and -- 40 == length of SHA1 HASH, and 7 other bytes => 47 => 0x2F |
| 63 data:sub(1):byte() == 0x05 and -- SOCKS5 has 5 in first byte | 57 data:sub(1):byte() == 0x05 and -- SOCKS5 has 5 in first byte |
| 64 data:sub(2):byte() == 0x01 and -- CMD must be 1 | 58 data:sub(2):byte() == 0x01 and -- CMD must be 1 |
| 65 data:sub(3):byte() == 0x00 and -- RSV must be 0 | 59 data:sub(3):byte() == 0x00 and -- RSV must be 0 |
| 66 data:sub(4):byte() == 0x03 and -- ATYP must be 3 | 60 data:sub(4):byte() == 0x03 and -- ATYP must be 3 |
| 67 data:sub(5):byte() == 40 and -- SHA1 HASH length must be 64 (0x40) | 61 data:sub(5):byte() == 40 and -- SHA1 HASH length must be 40 (0x28) |
| 68 data:sub(-2):byte() == 0x00 and -- PORT must be 0, size 2 byte | 62 data:sub(-2):byte() == 0x00 and -- PORT must be 0, size 2 byte |
| 69 data:sub(-1):byte() == 0x00 | 63 data:sub(-1):byte() == 0x00 |
| 70 then | 64 then |
| 71 local sha = data:sub(6, 45); -- second param is not count! it's the ending index (included!) | 65 local sha = data:sub(6, 45); -- second param is not count! it's the ending index (included!) |
| 72 if transfers[sha] == nil then | 66 if transfers[sha] == nil then |
| 80 session.sha = sha; | 74 session.sha = sha; |
| 81 module:log("debug", "initiator connected ... "); | 75 module:log("debug", "initiator connected ... "); |
| 82 end | 76 end |
| 83 conn.write(string.char(5, 0, 0, 3, sha:len()) .. sha .. string.char(0, 0)); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) | 77 conn.write(string.char(5, 0, 0, 3, sha:len()) .. sha .. string.char(0, 0)); -- VER, REP, RSV, ATYP, BND.ADDR (sha), BND.PORT (2 Byte) |
| 84 end | 78 end |
| 79 else | |
| 80 if data ~= nil then | |
| 81 module:log("debug", "unknown connection with no authentication data -> closing it"); | |
| 82 conn.close(); | |
| 83 end | |
| 85 end | 84 end |
| 86 end | 85 end |
| 87 | 86 |
| 88 function connlistener.disconnect(conn, err) | 87 function connlistener.disconnect(conn, err) |
| 89 if sessions[conn] then | 88 local session = sessions[conn]; |
| 89 if session then | |
| 90 if session.sha and transfers[session.sha] then | |
| 91 local initiator, target = transfers[session.sha].initiator, transfers[session.sha].target; | |
| 92 if initiator == conn then | |
| 93 target.close(); | |
| 94 elseif target == conn then | |
| 95 initiator.close(); | |
| 96 end | |
| 97 end | |
| 90 -- Clean up any session-related stuff here | 98 -- Clean up any session-related stuff here |
| 91 sessions[conn] = nil; | 99 sessions[conn] = nil; |
| 92 end | 100 end |
| 93 end | 101 end |
| 94 | 102 |