third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-14 08:07:14 +03:00
Code Issues Packages Projects Releases Wiki Activity

add wireguard probe

Browse Source 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This commit is contained in:
Toni Uhlig 2022-08-26 12:21:11 +02:00
parent fb8fe57bd8
commit b971f3edcd
No known key found for this signature in database
GPG Key ID: 22C5333D922537D2
2 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
probe.c
View File

@ -33,6 +33,7 @@
static int is_ssh_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*); static int is_ssh_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
static int is_openvpn_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*); static int is_openvpn_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
static int is_wireguard_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
static int is_tinc_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*); static int is_tinc_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
static int is_xmpp_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*); static int is_xmpp_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
static int is_http_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*); static int is_http_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
@ -49,6 +50,7 @@ static struct protocol_probe_desc builtins[] = {
/* description probe */ /* description probe */
{ "ssh", is_ssh_protocol}, { "ssh", is_ssh_protocol},
{ "openvpn", is_openvpn_protocol }, { "openvpn", is_openvpn_protocol },
{ "wireguard", is_wireguard_protocol },
{ "tinc", is_tinc_protocol }, { "tinc", is_tinc_protocol },
{ "xmpp", is_xmpp_protocol }, { "xmpp", is_xmpp_protocol },
{ "http", is_http_protocol }, { "http", is_http_protocol },
@ -185,6 +187,22 @@ static int is_openvpn_protocol (const char*p,ssize_t len, struct sslhcfg_protoco
} }
} }
static int is_wireguard_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)
{
if (proto->is_udp == 0)
return PROBE_NEXT;
// Handshake Init: 148 bytes
if (len != 148)
return PROBE_NEXT;
// Handshake Init: p[0] = 0x01, p[1..3] = 0x000000 (reserved)
if (ntohl(*(uint32_t*)p) != 0x01000000)
return PROBE_NEXT;
return PROBE_MATCH;
}
/* Is the buffer the beginning of a tinc connections? /* Is the buffer the beginning of a tinc connections?
* Protocol is documented here: http://www.tinc-vpn.org/documentation/tinc.pdf * Protocol is documented here: http://www.tinc-vpn.org/documentation/tinc.pdf
* First connection starts with "0 " in 1.0.15) * First connection starts with "0 " in 1.0.15)

5
sslh-main.c
View File

@ -202,6 +202,11 @@ void config_sanity_check(struct sslhcfg_item* cfg)
cfg->protocols[i].name, cfg->protocols[i].host, cfg->protocols[i].port); cfg->protocols[i].name, cfg->protocols[i].host, cfg->protocols[i].port);
exit(1); exit(1);
} }
} else {
if (!strcmp(cfg->protocols[i].name, "wireguard")) {
print_message(msg_config_error, "Wireguard works only with UDP\n");
exit(1);
}
} }
} }
} }