bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2026-01-10 15:12:26 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed: allow ssl server and client on the same service

Browse Source
This commit is contained in:
Vladimir Dubrovin 2025-12-30 15:40:03 +03:00
parent b5ab5b8906
commit 730fd96fb0
1 changed files with 51 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
src/plugins/SSLPlugin/ssl_plugin.c
View File

@ -99,10 +99,14 @@ static void addSSL(
SOCKET srv_s, SSL_CONN srv_conn, SOCKET srv_s, SSL_CONN srv_conn,
struct clientparam* param){ struct clientparam* param){
if(!param->sostate) return; if(!param->sostate) return;
if (cli_s != INVALID_SOCKET){
SOSTATE->cli.s = cli_s; SOSTATE->cli.s = cli_s;
SOSTATE->cli.conn = cli_conn; SOSTATE->cli.conn = cli_conn;
}
if (srv_s != INVALID_SOCKET){
SOSTATE->srv.s = srv_s; SOSTATE->srv.s = srv_s;
SOSTATE->srv.conn = srv_conn; SOSTATE->srv.conn = srv_conn;
}
} }
void delSSL(void *state, SOCKET s){ void delSSL(void *state, SOCKET s){
@ -271,7 +275,6 @@ SSL_CONN dosrvcon(struct clientparam* param, SSL_CERT* cert){
SSL_set_mode((SSL *)((ssl_conn *)ServerConn)->ssl, SSL_MODE_ENABLE_PARTIAL_WRITE|SSL_MODE_AUTO_RETRY); SSL_set_mode((SSL *)((ssl_conn *)ServerConn)->ssl, SSL_MODE_ENABLE_PARTIAL_WRITE|SSL_MODE_AUTO_RETRY);
SSL_set_read_ahead((SSL *)((ssl_conn *)ServerConn)->ssl, 0); SSL_set_read_ahead((SSL *)((ssl_conn *)ServerConn)->ssl, 0);
return ServerConn; return ServerConn;
} }
@ -648,10 +651,10 @@ static void ssl_filter_close(void *fo){
free(fo); free(fo);
} }
static struct filter ssl_filter_mitm = { static struct filter ssl_filter = {
NULL, NULL,
"ssl filter", "ssl filter",
"mitm", "ssl_filter",
ssl_filter_open, ssl_filter_open,
ssl_filter_client, ssl_filter_client,
NULL, NULL, NULL, ssl_filter_predata, NULL, NULL, NULL, NULL, NULL, ssl_filter_predata, NULL, NULL,
@ -659,100 +662,73 @@ static struct filter ssl_filter_mitm = {
ssl_filter_close ssl_filter_close
}; };
int filterset = 0;
static void setfilters(){
filterset++;
if(filterset > 1) return;
ssl_filter.next = pl->conf->filters;
pl->conf->filters = &ssl_filter;
sso = *pl->so;
}
static void unsetfilters(){
struct filter * sf;
if(!filterset) return;
filterset--;
if(filterset > 0) return;
if(pl->conf->filters == &ssl_filter) pl->conf->filters = ssl_filter.next;
else for(sf = pl->conf->filters; sf && sf->next; sf=sf->next){
if(sf->next == &ssl_filter) {
sf->next = ssl_filter.next;
break;
}
}
}
static int h_mitm(int argc, unsigned char **argv){ static int h_mitm(int argc, unsigned char **argv){
if(mitm) return 1; if(mitm) return 0;
if(serv) return 2; if(serv) return 2;
ssl_filter_mitm.next = pl->conf->filters;
pl->conf->filters = &ssl_filter_mitm;
sso = *pl->so;
mitm = 1; mitm = 1;
setfilters();
return 0; return 0;
} }
static int h_nomitm(int argc, unsigned char **argv){ static int h_nomitm(int argc, unsigned char **argv){
struct filter * sf; if(!mitm) return 0;
if(!mitm) return 1;
if(pl->conf->filters == &ssl_filter_mitm) pl->conf->filters = ssl_filter_mitm.next;
else for(sf = pl->conf->filters; sf && sf->next; sf=sf->next){
if(sf->next == &ssl_filter_mitm) {
sf->next = ssl_filter_mitm.next;
break;
}
}
mitm = 0; mitm = 0;
unsetfilters();
return 0; return 0;
} }
static struct filter ssl_filter_serv = {
NULL,
"ssl filter",
"serv",
ssl_filter_open,
ssl_filter_client,
NULL, NULL, NULL, NULL, NULL, NULL,
ssl_filter_clear,
ssl_filter_close
};
static int h_serv(int argc, unsigned char **argv){ static int h_serv(int argc, unsigned char **argv){
if(serv) return 1; if(serv) return 0;
if(mitm) return 2; if(mitm) return 2;
ssl_filter_serv.next = pl->conf->filters;
pl->conf->filters = &ssl_filter_serv;
sso = *pl->so;
serv = 1; serv = 1;
setfilters();
return 0; return 0;
} }
static int h_noserv(int argc, unsigned char **argv){ static int h_noserv(int argc, unsigned char **argv){
struct filter * sf; if(!serv) return 0;
if(!serv) return 1;
serv = 0; serv = 0;
if(pl->conf->filters == &ssl_filter_serv) pl->conf->filters = ssl_filter_serv.next; unsetfilters();
else for(sf = pl->conf->filters; sf && sf->next; sf=sf->next){
if(sf->next == &ssl_filter_serv) {
sf->next = ssl_filter_serv.next;
break;
}
}
return 0; return 0;
} }
static struct filter ssl_filter_cli = {
NULL,
"ssl filter",
"cli",
ssl_filter_open,
ssl_filter_client,
NULL, NULL, NULL, ssl_filter_predata, NULL, NULL,
ssl_filter_clear,
ssl_filter_close
};
static int h_cli(int argc, unsigned char **argv){ static int h_cli(int argc, unsigned char **argv){
if(mitm) return 1; if(cli) return 0;
if(cli) return 2; if(mitm) return 2;
ssl_filter_cli.next = pl->conf->filters;
pl->conf->filters = &ssl_filter_cli;
sso = *pl->so;
cli = 1; cli = 1;
setfilters();
return 0; return 0;
} }
static int h_nocli(int argc, unsigned char **argv){ static int h_nocli(int argc, unsigned char **argv){
struct filter * sf; if(!cli) return 0;
if(!cli) return 1;
cli = 0; cli = 0;
if(pl->conf->filters == &ssl_filter_cli) pl->conf->filters = ssl_filter_cli.next; unsetfilters();
else for(sf = pl->conf->filters; sf && sf->next; sf=sf->next){
if(sf->next == &ssl_filter_cli) {
sf->next = ssl_filter_cli.next;
break;
}
}
return 0; return 0;
} }
@ -993,9 +969,10 @@ static struct commands ssl_commandhandlers[] = {
PLUGINAPI int PLUGINCALL ssl_plugin (struct pluginlink * pluginlink, PLUGINAPI int PLUGINCALL ssl_plugin (struct pluginlink * pluginlink,
int argc, char** argv){ int argc, char** argv){
mitm = 0;
serv = 0; h_nomitm(0, NULL);
cli = 0; h_noserv(0, NULL);
h_nocli(0, NULL);
pl = pluginlink; pl = pluginlink;