From 7749e14cadabe6a8e8d2e3db63714262d68ba2f8 Mon Sep 17 00:00:00 2001 From: "kepler155c@gmail.com" Date: Sat, 20 Apr 2019 13:48:13 -0400 Subject: [PATCH] protected network services --- sys/apps/network/proxy.lua | 68 ++++++++++++++++++++----------------- sys/apps/network/samba.lua | 7 +++- sys/apps/network/snmp.lua | 6 +++- sys/apps/network/telnet.lua | 6 +++- sys/apps/network/trust.lua | 44 ++++++++++++++---------- sys/apps/network/vnc.lua | 6 +++- 6 files changed, 83 insertions(+), 54 deletions(-) diff --git a/sys/apps/network/proxy.lua b/sys/apps/network/proxy.lua index 5105103..a90dcef 100644 --- a/sys/apps/network/proxy.lua +++ b/sys/apps/network/proxy.lua @@ -14,6 +14,36 @@ local function getProxy(path) return proxy end +local function proxyConnection(socket) + local path = socket:read(2) + if path then + local api = getProxy(path) + + if not api then + print('proxy: invalid API') + socket:close() + return + end + + local methods = { } + for k,v in pairs(api) do + if type(v) == 'function' then + table.insert(methods, k) + end + end + socket:write(methods) + + while true do + local data = socket:read() + if not data then + print('proxy: lost connection from ' .. socket.dhost) + break + end + socket:write({ api[data[1]](table.unpack(data, 2)) }) + end + end +end + Event.addRoutine(function() print('proxy: listening on port 188') while true do @@ -22,39 +52,13 @@ Event.addRoutine(function() print('proxy: connection from ' .. socket.dhost) Event.addRoutine(function() - local path = socket:read(2) - if path then - local api = getProxy(path) - - if not api then - print('proxy: invalid API') - socket:close() - return - end - - local methods = { } - for k,v in pairs(api) do - if type(v) == 'function' then - table.insert(methods, k) - end - end - socket:write(methods) - - local s, m = pcall(function() - while true do - local data = socket:read() - if not data then - print('proxy: lost connection from ' .. socket.dhost) - break - end - socket:write({ api[data[1]](table.unpack(data, 2)) }) - end - end) - if not s and m then - _G.printError(m) - end - end + local s, m = pcall(proxyConnection, socket) + print('proxy: closing connection to ' .. socket.dhost) socket:close() + if not s and m then + print('Proxy error') + _G.printError(m) + end end) end end) diff --git a/sys/apps/network/samba.lua b/sys/apps/network/samba.lua index c87c1c0..a1d5227 100644 --- a/sys/apps/network/samba.lua +++ b/sys/apps/network/samba.lua @@ -67,8 +67,13 @@ Event.addRoutine(function() Event.addRoutine(function() print('samba: connection from ' .. socket.dhost) - sambaConnection(socket) + local s, m = pcall(sambaConnection, socket) print('samba: closing connection to ' .. socket.dhost) + socket:close() + if not s and m then + print('Samba error') + _G.printError(m) + end end) end end) diff --git a/sys/apps/network/snmp.lua b/sys/apps/network/snmp.lua index ac2e8bf..dcc7bff 100644 --- a/sys/apps/network/snmp.lua +++ b/sys/apps/network/snmp.lua @@ -106,8 +106,12 @@ Event.addRoutine(function() Event.addRoutine(function() print('snmp: connection from ' .. socket.dhost) - snmpConnection(socket) + local s, m = pcall(snmpConnection, socket) print('snmp: closing connection to ' .. socket.dhost) + if not s and m then + print('snmp error') + _G.printError(m) + end end) end end) diff --git a/sys/apps/network/telnet.lua b/sys/apps/network/telnet.lua index e840a6e..a396570 100644 --- a/sys/apps/network/telnet.lua +++ b/sys/apps/network/telnet.lua @@ -76,7 +76,11 @@ Event.addRoutine(function() print('telnet: connection from ' .. socket.dhost) Event.addRoutine(function() - telnetHost(socket) + local s, m = pcall(telnetHost, socket) + if not s and m then + print('Telnet error') + _G.printError(m) + end end) end end) diff --git a/sys/apps/network/trust.lua b/sys/apps/network/trust.lua index 03ed4e8..9d12c3a 100644 --- a/sys/apps/network/trust.lua +++ b/sys/apps/network/trust.lua @@ -4,6 +4,27 @@ local Security = require('security') local Socket = require('socket') local Util = require('util') +local function trustConnection(socket) + local data = socket:read(2) + if data then + local password = Security.getPassword() + if not password then + socket:write({ msg = 'No password has been set' }) + else + data = Crypto.decrypt(data, password) + if data and data.pk and data.dh == socket.dhost then + local trustList = Util.readTable('usr/.known_hosts') or { } + trustList[data.dh] = data.pk + Util.writeTable('usr/.known_hosts', trustList) + + socket:write({ success = true, msg = 'Trust accepted' }) + else + socket:write({ msg = 'Invalid password' }) + end + end + end +end + Event.addRoutine(function() print('trust: listening on port 19') @@ -12,24 +33,11 @@ Event.addRoutine(function() print('trust: connection from ' .. socket.dhost) - local data = socket:read(2) - if data then - local password = Security.getPassword() - if not password then - socket:write({ msg = 'No password has been set' }) - else - data = Crypto.decrypt(data, password) - if data and data.pk and data.dh == socket.dhost then - local trustList = Util.readTable('usr/.known_hosts') or { } - trustList[data.dh] = data.pk - Util.writeTable('usr/.known_hosts', trustList) - - socket:write({ success = true, msg = 'Trust accepted' }) - else - socket:write({ msg = 'Invalid password' }) - end - end - end + local s, m = pcall(trustConnection, socket) socket:close() + if not s and m then + print('Trust error') + _G.printError(m) + end end end) diff --git a/sys/apps/network/vnc.lua b/sys/apps/network/vnc.lua index 7c4febc..779a75d 100644 --- a/sys/apps/network/vnc.lua +++ b/sys/apps/network/vnc.lua @@ -63,7 +63,11 @@ Event.addRoutine(function() -- no new process - only 1 connection allowed -- due to term size issues - vncHost(socket) + local s, m = pcall(vncHost, socket) socket:close() + if not s and m then + print('vnc error') + _G.printError(m) + end end end)