Vladimir Dubrovin
Vladimir Dubrovin
Plugins development reference is here: http://3proxy.ru/doc/devref.rtf feel free to ask
Most reliable way is ``` struct sockaddr_in6 sa; SASIZETYPE sasize = sizeof(sa); getsockname(param->clisock, &sa, &sasize) ``` or `param->sincl ` (is actually same, but may be unavailable in some pre-authentication filters)
BTW devel version now supports RADIUS, and it's not hard to implement bcrypt in RADIUS. For FreeRADIUS, e.g. bcrypt works out-of-box on FreeBSD if you store it as a crypt()...
Address, including protocol, address and port, is returned as sockaddr structure (sockaddr_in for IPv4, sockaddr_in6 for IPv6). If you need to convert it to string, you can use getnameinfo() function,...
There is a remote code execution bug in you plugin snprintf(cmd, sizeof cmd, "%s %s %s %s %s", (char *) service, param->username, param->password, hoststr, portstr); pthread_mutex_lock(&script_mutex); int status = system(cmd);...
In addition, there is a buffer overflow on sprintf, which can also be exploited to code execution. Use snprintf instead.
pthread_mutex_lock() / unlock() are probably not required, if you can run few scripts simultaneously. Adding a lock here has negative impact for performance. Locking is required to use thread-unsafe function.
it's OK, client first tries to access without username/password. Just do if(!param->username) return 4; it will force 3proxy to request username/password.
Plugin can do anything, but probably you need no plugin here, unless there is another reason to user it. It can be done with``` allow user1 parent 1000 ... proxy1...
Use `parent WEIGHT extip IP 0 ...` this parent type sets external address of outgoing request to IP with probability of WEIGHT/1000. Some examples may be found in https://3proxy.ru/highload.asp