Groups | Search | Server Info | Login | Register

Groups > fr.comp.lang.perl > #1831

Re: STARTSSL

From Marc SCHAEFER <schaefer@alphanet.ch>
Newsgroups fr.comp.usenet.lecteurs-de-news, fr.comp.lang.perl
Subject Re: STARTSSL
Followup-To fr.comp.lang.perl
Date 2022-04-30 14:27 +0000
Organization Posted through ALPHANET
Message-ID <t4jh0n$j2s$1@shakotay.alphanet.ch> (permalink)
References <t4g2cm$mh9$1@shakotay.alphanet.ch> <t4g2pp$pjs$1@shakotay.alphanet.ch>

Cross-posted to 2 groups.

Followups directed to: fr.comp.lang.perl

Show all headers | View raw

[ Followup-To: fr.comp.lang.perl ]

Marc SCHAEFER <schaefer@alphanet.ch> wrote:
> Hmm, en fait, si ce n'est pas le cas, je pourrais évt. utiliser de la
> redirection de port Linux et alors je pourrais déterminer le port
> destination original avec l'option SO_ORIGINAL_DST de getsockopt(2), si
> la redirection se fait sur la même machine.

Voici le code correspondant, pour l'instant avec pas mal de bricolage,
mais il semble fonctionner. Des recommandations pour faire mieux?

Merci.

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 42563 --j REDIRECT --to-port 42119

ensuite:

use strict;
use warnings;

use Socket qw(:all);

# hack (from egrep -r 'SOL_IP|SO_ORIGINAL' /usr/include/)
use constant SOL_IP => 0;
use constant SO_ORIGINAL_DST => 80;

use IO::Socket::INET;

# creating a listening socket
my $socket = new IO::Socket::INET(LocalHost => '0.0.0.0',
                                  LocalPort => '42119',
                                  Proto => 'tcp',
                                  Listen => 5,
                                  Reuse => 1) or
   die "cannot create socket " . $! . "\n";

while (1) {
   # waiting for a new client connection
   my $client_socket = $socket->accept();

   # get information about a newly connected client
   my $client_address = $client_socket->peerhost();
   my $client_port = $client_socket->peerport();
   print "connection from ", $client_address, ":", $client_port, " OPEN.\n";

   my $packed_addr = getsockopt($client_socket, SOL_IP, SO_ORIGINAL_DST)
                     or die("getsockopt");
   #my ($port, $ip_address) = unpack_sockaddr_in($packed_addr);

   # hack
   my $port = ord(substr($packed_addr, 2, 1)) * 256 +  ord(substr($packed_addr, 3, 1));

   print "the actual server port (before redirection) is: ", $port, "\n";
   # if 42563, then activate SSL!

   print "connection from ", $client_address, ":", $client_port,
            " CLOSED.\n";
   $client_socket->close();
   exit(0);
}

$socket->close();
exit(0);

Back to fr.comp.lang.perl | Previous | Next | Find similar

Thread

Re: STARTSSL Marc SCHAEFER <schaefer@alphanet.ch> - 2022-04-30 14:27 +0000

csiph-web