byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stunnel: cleanups

Browse Source
This commit is contained in:
Matt Simerson 2014-09-17 23:00:31 -07:00
parent b289d38f53
commit c3aa4c10d2
1 changed files with 34 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
plugins/stunnel
View File

@ -26,58 +26,48 @@ use strict;
use warnings; use warnings;
use Qpsmtpd::Constants; use Qpsmtpd::Constants;
my $proxy_enabled; sub register {
sub init {
my ($self, $qp, %args) = @_; my ($self, $qp, %args) = @_;
return if ( uc $args{proxy} ne 'ON' ); return if uc $args{proxy} ne 'ON';
$self->log(LOGINFO, "proxy protocol enabled"); $self->log(LOGINFO, "proxy protocol enabled");
$proxy_enabled = 1;
$self->register_hook('unrecognized_command', 'stunnel');
} }
sub hook_unrecognized_command { sub stunnel {
my ($self, $transaction, $cmd, @args) = @_; my ($self, $transaction, $cmd, @args) = @_;
return OK if ( uc $cmd ne 'PROXY' ); return OK if uc $cmd ne 'PROXY';
return OK if ( !defined $proxy_enabled ); return DENY_DISCONNECT if $self->connection->remote_ip() ne '127.0.0.1';
return DENY_DISCONNECT if ( $self->connection->remote_ip() ne '127.0.0.1' ); return DENY_DISCONNECT if $self->connection->notes('proxy');
return DENY_DISCONNECT if ( $self->connection->notes('proxy') );
# TCP4 192.168.41.227 10.27.11.106 50060 465 # TCP4 192.168.41.227 10.27.11.106 50060 465
if ( $args[0] =~ m/^(.*?) (.*?) (.*?) (.*?) (.*?)$/ ) { if ($args[0] !~ m/^(.*?) (.*?) (.*?) (.*?) (.*?)$/) {
my $protocol = $1; return DENY_DISCONNECT;
my $remote_ip = $2; }
my $local_ip = $3;
my $remote_port = $4; $self->connection->remote_ip($2);
my $local_port = $5; $self->connection->remote_port($4);
$self->connection->remote_ip( $remote_ip ); $self->connection->remote_info("[$2]");
$self->connection->remote_port( $remote_port );
$self->connection->remote_info( "[$remote_ip]");
$self->connection->notes('proxy', 'YES'); $self->connection->notes('proxy', 'YES');
$self->connection->notes('protocol', $protocol); $self->connection->notes('protocol', $1);
$self->connection->notes('remote_ip', $remote_ip); $self->connection->notes('remote_ip', $2);
$self->connection->notes('remote_port', $remote_port); $self->connection->notes('local_ip', $3);
$self->connection->notes('local_ip', $local_ip); $self->connection->notes('remote_port', $4);
$self->connection->notes('local_port', $local_port); $self->connection->notes('local_port', $5);
$self->log(LOGINFO, "stunnel : $remote_ip:$remote_port"); $self->log(LOGINFO, "stunnel : $2:$4");
# DNS reverse # DNS reverse
my $res = Net::DNS::Resolver->new( dnsrch => 0 ); my $res = $self->init_resolver();
$res->tcp_timeout(3); if (my $query = $res->query($self->connection->remote_ip, 'PTR')) {
$res->udp_timeout(3);
my $query = $res->query( $remote_ip, 'PTR' );
if ($query) {
foreach my $rr ($query->answer) { foreach my $rr ($query->answer) {
next if $rr->type ne 'PTR'; next if $rr->type ne 'PTR';
$self->connection->remote_host( $rr->ptrdname ); $self->connection->remote_host($rr->ptrdname);
} }
} }
}
else {
return DENY_DISCONNECT;
}
return DONE; return DONE;
} }