Add restric to for the server

2016-05-16 23:33:00 +02:00 · 2016-05-16 23:33:00 +02:00 · b40e0e677c
commit b40e0e677c
parent 58a313f354
2 changed files with 29 additions and 12 deletions
--- a/app/Main.hs
+++ b/app/Main.hs
@ -5,8 +5,9 @@ module Main where

 import           Lib

-import           ClassyPrelude          (readMay)
+import           ClassyPrelude          (guard, readMay)
 import qualified Data.ByteString.Char8  as BC
+import           Data.Maybe             (fromMaybe)
 import           System.Console.CmdArgs
 import           System.Environment     (getArgs, withArgs)

@ -77,6 +78,17 @@ parseTunnelInfo str = mk $ BC.unpack <$> BC.split ':' (BC.pack str)
    mk _                        = error $  "Invalid tunneling information `" ++ str ++ "`, please use format [BIND:]PORT:HOST:PORT"


+parseRestrictTo :: String -> ((String, Int)-> Bool)
+parseRestrictTo "" = const True
+parseRestrictTo str = let (h, p) = fromMaybe (error "Invalid Parameter restart") parse
+  in (\(hst, port) -> hst == h && port == p)
+  where
+    parse = do
+              let ret = BC.unpack <$> BC.split ':' (BC.pack str)
+              guard (length ret == 2)
+              portNumber <- readMay $ ret !! 1 :: Maybe Int
+              return (head ret, portNumber)
+
 main :: IO ()
 main = do
  args <- getArgs
@ -87,7 +99,7 @@ main = do

  if serverMode cfg
    then putStrLn ("Starting server with opts " ++ show serverInfo )
-         >> runServer (host serverInfo, fromIntegral $ port serverInfo)
+         >> runServer (host serverInfo, fromIntegral $ port serverInfo) (parseRestrictTo $ restrictTo cfg)
    else if not $ null (localToRemote cfg)
               then let (TunnelInfo lHost lPort rHost rPort) = parseTunnelInfo (localToRemote cfg)
                    in runClient (useTls serverInfo) (if udpMode cfg then UDP else TCP) (lHost, (fromIntegral lPort))
--- a/src/Lib.hs
+++ b/src/Lib.hs
@ -128,18 +128,22 @@ runTunnelingClient proto (wsHost, wsPort) (remoteHost, remotePort) app = do
  putStrLn $ "CLOSE connection to " <> tshow remoteHost <> ":" <> tshow remotePort


-runTunnelingServer :: (HostName, PortNumber) -> IO ()
-runTunnelingServer (host, port) = do
+runTunnelingServer :: (HostName, PortNumber) -> ((ByteString, Int) -> Bool) -> IO ()
+runTunnelingServer (host, port) isAllowed = do
  putStrLn $ "WAIT for connection on " <> tshow host <> ":" <> tshow port
  WS.runServer host (fromIntegral port) $ \pendingConn -> do
    let path =  parsePath . WS.requestPath $ WS.pendingRequest pendingConn
    case path of
      Nothing -> putStrLn "Rejecting connection" >> WS.rejectRequest pendingConn "Invalid tunneling information"
-      Just (!proto, !rhost, !rport) -> do
+      Just (!proto, !rhost, !rport) ->
+        if isAllowed (rhost, rport)
+        then do
          conn <- WS.acceptRequest pendingConn
          case proto of
            UDP -> runUDPClient (BC.unpack rhost, fromIntegral rport) (propagateRW conn)
            TCP -> runTCPClient (BC.unpack rhost, fromIntegral rport) (propagateRW conn)
+        else
+          putStrLn "Rejecting tunneling" >> WS.rejectRequest pendingConn "Restriction is on, You cannot request this tunneling"

  putStrLn "CLOSE server"

@ -176,8 +180,9 @@ runClient useTls proto local wsServer remote = do
        TCP -> runTCPServer local (\hOther -> out (`propagateRW` hOther))


-runServer :: (HostName, PortNumber) -> IO ()
-runServer = runTunnelingServer
+runServer :: (HostName, PortNumber) -> ((String, Int) -> Bool) -> IO ()
+runServer wsInfo isAllowed = let isAllowed' (str, port) = isAllowed (BC.unpack str, fromIntegral port)
+                             in runTunnelingServer wsInfo isAllowed'


 runTlsTunnelingClient :: Proto -> (HostName, PortNumber) -> (HostName, PortNumber) -> (WS.Connection -> IO ()) -> IO ()