protected network services

2025-01-31 09:34:45 +00:00 · 2019-04-20 13:48:13 -04:00 · 2019-04-20 13:48:13 -04:00 · 7749e14cad
commit 7749e14cad
parent 62a3bc1360
6 changed files with 83 additions and 54 deletions
--- a/sys/apps/network/proxy.lua
+++ b/sys/apps/network/proxy.lua
@ -14,6 +14,36 @@ local function getProxy(path)
 	return proxy
 end

+local function proxyConnection(socket)
+	local path = socket:read(2)
+	if path then
+		local api = getProxy(path)
+
+		if not api then
+			print('proxy: invalid API')
+			socket:close()
+			return
+		end
+
+		local methods = { }
+		for k,v in pairs(api) do
+			if type(v) == 'function' then
+				table.insert(methods, k)
+			end
+		end
+		socket:write(methods)
+
+		while true do
+			local data = socket:read()
+			if not data then
+				print('proxy: lost connection from ' .. socket.dhost)
+				break
+			end
+			socket:write({ api[data[1]](table.unpack(data, 2)) })
+		end
+	end
+end
+
 Event.addRoutine(function()
 	print('proxy: listening on port 188')
 	while true do
@ -22,39 +52,13 @@ Event.addRoutine(function()
 		print('proxy: connection from ' .. socket.dhost)

 		Event.addRoutine(function()
-			local path = socket:read(2)
-			if path then
-				local api = getProxy(path)
-
-				if not api then
-					print('proxy: invalid API')
-					socket:close()
-					return
-				end
-
-				local methods = { }
-				for k,v in pairs(api) do
-					if type(v) == 'function' then
-						table.insert(methods, k)
-					end
-				end
-				socket:write(methods)
-
-				local s, m = pcall(function()
-					while true do
-						local data = socket:read()
-						if not data then
-							print('proxy: lost connection from ' .. socket.dhost)
-							break
-						end
-						socket:write({ api[data[1]](table.unpack(data, 2)) })
-					end
-				end)
-				if not s and m then
-					_G.printError(m)
-				end
-			end
+			local s, m = pcall(proxyConnection, socket)
+			print('proxy: closing connection to ' .. socket.dhost)
 			socket:close()
+			if not s and m then
+				print('Proxy error')
+				_G.printError(m)
+			end
 		end)
 	end
 end)
--- a/sys/apps/network/samba.lua
+++ b/sys/apps/network/samba.lua
@ -67,8 +67,13 @@ Event.addRoutine(function()

 		Event.addRoutine(function()
 			print('samba: connection from ' .. socket.dhost)
-			sambaConnection(socket)
+			local s, m = pcall(sambaConnection, socket)
 			print('samba: closing connection to ' .. socket.dhost)
+			socket:close()
+			if not s and m then
+				print('Samba error')
+				_G.printError(m)
+			end
 		end)
 	end
 end)
--- a/sys/apps/network/snmp.lua
+++ b/sys/apps/network/snmp.lua
@ -106,8 +106,12 @@ Event.addRoutine(function()

 		Event.addRoutine(function()
 			print('snmp: connection from ' .. socket.dhost)
-			snmpConnection(socket)
+			local s, m = pcall(snmpConnection, socket)
 			print('snmp: closing connection to ' .. socket.dhost)
+			if not s and m then
+				print('snmp error')
+				_G.printError(m)
+			end
 		end)
 	end
 end)
--- a/sys/apps/network/telnet.lua
+++ b/sys/apps/network/telnet.lua
@ -76,7 +76,11 @@ Event.addRoutine(function()
 		print('telnet: connection from ' .. socket.dhost)

 		Event.addRoutine(function()
-			telnetHost(socket)
+			local s, m = pcall(telnetHost, socket)
+			if not s and m then
+				print('Telnet error')
+				_G.printError(m)
+			end
 		end)
 	end
 end)
--- a/sys/apps/network/trust.lua
+++ b/sys/apps/network/trust.lua
@ -4,6 +4,27 @@ local Security = require('security')
 local Socket   = require('socket')
 local Util     = require('util')

+local function trustConnection(socket)
+	local data = socket:read(2)
+	if data then
+		local password = Security.getPassword()
+		if not password then
+			socket:write({ msg = 'No password has been set' })
+		else
+			data = Crypto.decrypt(data, password)
+			if data and data.pk and data.dh == socket.dhost then
+				local trustList = Util.readTable('usr/.known_hosts') or { }
+				trustList[data.dh] = data.pk
+				Util.writeTable('usr/.known_hosts', trustList)
+
+				socket:write({ success = true, msg = 'Trust accepted' })
+			else
+				socket:write({ msg = 'Invalid password' })
+			end
+		end
+	end
+end
+
 Event.addRoutine(function()

 	print('trust: listening on port 19')
@ -12,24 +33,11 @@ Event.addRoutine(function()

 		print('trust: connection from ' .. socket.dhost)

-		local data = socket:read(2)
-		if data then
-			local password = Security.getPassword()
-			if not password then
-				socket:write({ msg = 'No password has been set' })
-			else
-				data = Crypto.decrypt(data, password)
-				if data and data.pk and data.dh == socket.dhost then
-					local trustList = Util.readTable('usr/.known_hosts') or { }
-					trustList[data.dh] = data.pk
-					Util.writeTable('usr/.known_hosts', trustList)
-
-					socket:write({ success = true, msg = 'Trust accepted' })
-				else
-					socket:write({ msg = 'Invalid password' })
-				end
-			end
-		end
+		local s, m = pcall(trustConnection, socket)
 		socket:close()
+		if not s and m then
+			print('Trust error')
+			_G.printError(m)
+		end
 	end
 end)
--- a/sys/apps/network/vnc.lua
+++ b/sys/apps/network/vnc.lua
@ -63,7 +63,11 @@ Event.addRoutine(function()

 		-- no new process - only 1 connection allowed
 		-- due to term size issues
-		vncHost(socket)
+		local s, m = pcall(vncHost, socket)
 		socket:close()
+		if not s and m then
+			print('vnc error')
+			_G.printError(m)
+		end
 	end
 end)