X-Git-Url: https://git.r.bdr.sh/rbdr/olden-mail/blobdiff_plain/2fdda21d13ed742bdb52ec3ba74538af83de2bf4..a8a71b1901784f672f6b778464506463c4ecb286:/src/proxy.rs?ds=inline diff --git a/src/proxy.rs b/src/proxy.rs index a2f62e4..befb35b 100644 --- a/src/proxy.rs +++ b/src/proxy.rs @@ -42,6 +42,7 @@ use std::thread::{sleep, spawn, JoinHandle}; use std::time::Duration; use crate::configuration::Proxy; +use crate::middleware::{SERVER_MIDDLEWARE, CLIENT_MIDDLEWARE}; /// A proxy server that listens for plaintext connections and forwards them /// via TLS. @@ -72,7 +73,7 @@ impl Server { let running_clone = Arc::clone(&running); let thread_handle = spawn(move || { - run_proxy(configuration, running_clone); + run_proxy(&configuration, &running_clone); }); Server { @@ -93,7 +94,7 @@ impl Server { /// The main loop that listens for incoming (plaintext) connections on /// `configuration.bind_address:configuration.local_port`. -fn run_proxy(configuration: Arc, running: Arc) { +fn run_proxy(configuration: &Arc, running: &Arc) { let listener = match TcpListener::bind(format!( "{}:{}", configuration.bind_address, configuration.local_port @@ -119,9 +120,9 @@ fn run_proxy(configuration: Arc, running: Arc) { Ok((stream, addr)) => { info!("New {} connection from {}", configuration.protocol, addr); - let configuration_clone = Arc::clone(&configuration); + let configuration_clone = Arc::clone(configuration); let handle = spawn(move || { - handle_client(stream, configuration_clone); + handle_client(stream, &configuration_clone); }); active_threads.push(handle); } @@ -152,7 +153,7 @@ fn run_proxy(configuration: Arc, running: Arc) { } /// Handles a single client connection by bridging it (plaintext) to a TLS connection. -fn handle_client(client_stream: TcpStream, configuration: Arc) { +fn handle_client(client_stream: TcpStream, configuration: &Arc) { if let Err(e) = client_stream.set_nonblocking(true) { error!("Failed to set client stream to nonblocking: {}", e); return; @@ -213,7 +214,6 @@ fn handle_client(client_stream: TcpStream, configuration: Arc) { let mut buffer = [0u8; 8192]; let mut client_reader = client_stream; loop { - debug!(">"); let bytes_read = match client_reader.read(&mut buffer) { Ok(0) => break, Ok(n) => n, @@ -227,7 +227,13 @@ fn handle_client(client_stream: TcpStream, configuration: Arc) { } }; - let debug_str = String::from_utf8_lossy(&buffer[..bytes_read]) + let mut command = buffer[..bytes_read].to_vec(); + + for middleware in CLIENT_MIDDLEWARE { + command = middleware(&command); + } + + let debug_str = String::from_utf8_lossy(&command) .replace('\n', "\\n") .replace('\r', "\\r") .replace('\t', "\\t"); @@ -236,7 +242,7 @@ fn handle_client(client_stream: TcpStream, configuration: Arc) { // Lock the TLS stream and write the data to server match tls_stream_clone.lock() { Ok(mut tls_guard) => { - if let Err(error) = tls_guard.write_all(&buffer[..bytes_read]) { + if let Err(error) = tls_guard.write_all(&command) { debug!(">>> Error writing to server: {error}"); break; } @@ -260,7 +266,6 @@ fn handle_client(client_stream: TcpStream, configuration: Arc) { let mut buffer = [0u8; 8192]; let mut client_writer = client_stream_clone; loop { - debug!("<"); // Lock the TLS stream and read from the server let bytes_read = match tls_stream_clone.lock() { Ok(mut tls_guard) => match tls_guard.read(&mut buffer) { @@ -281,14 +286,20 @@ fn handle_client(client_stream: TcpStream, configuration: Arc) { } }; - let debug_str = String::from_utf8_lossy(&buffer[..bytes_read]) + let mut command = buffer[..bytes_read].to_vec(); + + for middleware in SERVER_MIDDLEWARE { + command = middleware(&command); + } + + let debug_str = String::from_utf8_lossy(&command) .replace('\n', "\\n") .replace('\r', "\\r") .replace('\t', "\\t"); debug!("<<< {}", debug_str); // Write decrypted data to client - if client_writer.write_all(&buffer[..bytes_read]).is_err() { + if client_writer.write_all(&command).is_err() { debug!("<<< ERR"); break; }