-
Notifications
You must be signed in to change notification settings - Fork 5
/
gateway.c
399 lines (357 loc) · 12.8 KB
/
gateway.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
const char gateway_rcs[] = "$Id: gateway.c,v 1.16 2002/05/12 21:36:29 jongfoster Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/Attic/gateway.c,v $
*
* Purpose : Contains functions to connect to a server, possibly
* using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4
* proxy).
*
* Copyright : Written by and Copyright (C) 2001 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
* by and Copyright (C) 1997 Anonymous Coders and
* Junkbusters Corporation. http://www.junkbusters.com
*
* This program is free software; you can redistribute it
* and/or modify it under the terms of the GNU General
* Public License as published by the Free Software
* Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will
* be useful, but WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE. See the GNU General Public
* License for more details.
*
* The GNU General Public License should be included with
* this file. If not, you can view it at
* http://www.gnu.org/copyleft/gpl.html
* or write to the Free Software Foundation, Inc., 59
* Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* Revisions :
* $Log: gateway.c,v $
* Revision 1.16 2002/05/12 21:36:29 jongfoster
* Correcting function comments
*
* Revision 1.15 2002/03/26 22:29:54 swa
* we have a new homepage!
*
* Revision 1.14 2002/03/24 13:25:43 swa
* name change related issues
*
* Revision 1.13 2002/03/13 00:29:59 jongfoster
* Killing warnings
*
* Revision 1.12 2002/03/09 20:03:52 jongfoster
* - Making various functions return int rather than size_t.
* (Undoing a recent change). Since size_t is unsigned on
* Windows, functions like read_socket that return -1 on
* error cannot return a size_t.
*
* THIS WAS A MAJOR BUG - it caused frequent, unpredictable
* crashes, and also frequently caused JB to jump to 100%
* CPU and stay there. (Because it thought it had just
* read ((unsigned)-1) == 4Gb of data...)
*
* - The signature of write_socket has changed, it now simply
* returns success=0/failure=nonzero.
*
* - Trying to get rid of a few warnings --with-debug on
* Windows, I've introduced a new type "jb_socket". This is
* used for the socket file descriptors. On Windows, this
* is SOCKET (a typedef for unsigned). Everywhere else, it's
* an int. The error value can't be -1 any more, so it's
* now JB_INVALID_SOCKET (which is -1 on UNIX, and in
* Windows it maps to the #define INVALID_SOCKET.)
*
* - The signature of bind_port has changed.
*
* Revision 1.11 2002/03/08 17:46:04 jongfoster
* Fixing int/size_t warnings
*
* Revision 1.10 2002/03/07 03:50:19 oes
* - Improved handling of failed DNS lookups
* - Fixed compiler warnings
*
* Revision 1.9 2001/10/25 03:40:48 david__schmidt
* Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
* threads to call select() simultaneously. So, it's time to do a real, live,
* native OS/2 port. See defines for __EMX__ (the porting layer) vs. __OS2__
* (native). Both versions will work, but using __OS2__ offers multi-threading.
*
* Revision 1.8 2001/09/13 20:10:12 jongfoster
* Fixing missing #include under Windows
*
* Revision 1.7 2001/09/12 17:58:26 steudten
*
* add #include <string.h>
*
* Revision 1.6 2001/09/10 10:41:16 oes
* Added #include in.h
*
* Revision 1.5 2001/07/29 18:47:57 jongfoster
* Adding missing #include project.h
*
* Revision 1.4 2001/07/24 12:47:06 oes
* Applied BeOS support update by Eugenia
*
* Revision 1.3 2001/06/09 10:55:28 jongfoster
* Changing BUFSIZ ==> BUFFER_SIZE
*
* Revision 1.2 2001/06/07 23:11:38 jongfoster
* Removing gateways[] list - no longer used.
* Replacing function pointer in struct gateway with a directly
* called function forwarded_connect(), which can do the common
* task of deciding whether to connect to the web server or HTTP
* proxy.
* Replacing struct gateway with struct forward_spec
* Fixing bug with SOCKS4A and HTTP proxy server in combination.
* It was a bug which led to the connection being made to the web
* server rather than the HTTP proxy, and also a buffer overrun.
*
* Revision 1.1.1.1 2001/05/15 13:58:54 oes
* Initial import of version 2.9.3 source tree
*
*
*********************************************************************/
#include "config.h"
#include <stdio.h>
#include <sys/types.h>
#ifndef _WIN32
#include <netinet/in.h>
#endif
#include <errno.h>
#include <string.h>
#ifdef _WIN32
#include <winsock2.h>
#endif /* def _WIN32 */
#ifdef __BEOS__
#include <netdb.h>
#endif /* def __BEOS__ */
#ifdef __OS2__
#include <utils.h>
#endif /* def __OS2__ */
#include "project.h"
#include "jcc.h"
#include "errlog.h"
#include "jbsockets.h"
#include "gateway.h"
const char gateway_h_rcs[] = GATEWAY_H_VERSION;
static jb_socket socks4_connect(const struct forward_spec * fwd,
const char * target_host,
int target_port,
struct client_state *csp);
#define SOCKS_REQUEST_GRANTED 90
#define SOCKS_REQUEST_REJECT 91
#define SOCKS_REQUEST_IDENT_FAILED 92
#define SOCKS_REQUEST_IDENT_CONFLICT 93
/* structure of a socks client operation */
struct socks_op {
unsigned char vn; /* socks version number */
unsigned char cd; /* command code */
unsigned char dstport[2]; /* destination port */
unsigned char dstip[4]; /* destination address */
unsigned char userid; /* first byte of userid */
/* more bytes of the userid follow, terminated by a NULL */
};
/* structure of a socks server reply */
struct socks_reply {
unsigned char vn; /* socks version number */
unsigned char cd; /* command code */
unsigned char dstport[2]; /* destination port */
unsigned char dstip[4]; /* destination address */
};
static const char socks_userid[] = "anonymous";
/*********************************************************************
*
* Function : forwarded_connect
*
* Description : Connect to a specified web server, possibly via
* a HTTP proxy and/or a SOCKS proxy.
*
* Parameters :
* 1 : fwd = the proxies to use when connecting.
* 2 : http = the http request and apropos headers
* 3 : csp = Current client state (buffers, headers, etc...)
*
* Returns : JB_INVALID_SOCKET => failure, else it is the socket file descriptor.
*
*********************************************************************/
jb_socket forwarded_connect(const struct forward_spec * fwd,
struct http_request *http,
struct client_state *csp)
{
const char * dest_host;
int dest_port;
/* Figure out if we need to connect to the web server or a HTTP proxy. */
if (fwd->forward_host)
{
/* HTTP proxy */
dest_host = fwd->forward_host;
dest_port = fwd->forward_port;
}
else
{
/* Web server */
dest_host = http->host;
dest_port = http->port;
}
/* Connect, maybe using a SOCKS proxy */
switch (fwd->type)
{
case SOCKS_NONE:
return (connect_to(dest_host, dest_port, csp));
case SOCKS_4:
case SOCKS_4A:
return (socks4_connect(fwd, dest_host, dest_port, csp));
default:
/* Should never get here */
log_error(LOG_LEVEL_FATAL, "SOCKS4 impossible internal error - bad SOCKS type.");
errno = EINVAL;
return(JB_INVALID_SOCKET);
}
}
/*********************************************************************
*
* Function : socks4_connect
*
* Description : Connect to the SOCKS server, and connect through
* it to the specified server. This handles
* all the SOCKS negotiation, and returns a file
* descriptor for a socket which can be treated as a
* normal (non-SOCKS) socket.
*
* Parameters :
* 1 : fwd = Specifies the SOCKS proxy to use.
* 2 : target_host = The final server to connect to.
* 3 : target_port = The final port to connect to.
* 4 : csp = Current client state (buffers, headers, etc...)
*
* Returns : JB_INVALID_SOCKET => failure, else a socket file descriptor.
*
*********************************************************************/
static jb_socket socks4_connect(const struct forward_spec * fwd,
const char * target_host,
int target_port,
struct client_state *csp)
{
int web_server_addr;
char cbuf[BUFFER_SIZE];
char sbuf[BUFFER_SIZE];
struct socks_op *c = (struct socks_op *)cbuf;
struct socks_reply *s = (struct socks_reply *)sbuf;
size_t n;
size_t csiz;
jb_socket sfd;
int err = 0;
char *errstr;
if ((fwd->gateway_host == NULL) || (*fwd->gateway_host == '\0'))
{
log_error(LOG_LEVEL_CONNECT, "socks4_connect: NULL gateway host specified");
err = 1;
}
if (fwd->gateway_port <= 0)
{
log_error(LOG_LEVEL_CONNECT, "socks4_connect: invalid gateway port specified");
err = 1;
}
if (err)
{
errno = EINVAL;
return(JB_INVALID_SOCKET);
}
/* build a socks request for connection to the web server */
strcpy((char *)&(c->userid), socks_userid);
csiz = sizeof(*c) + sizeof(socks_userid) - 1;
switch (fwd->type)
{
case SOCKS_4:
web_server_addr = htonl(resolve_hostname_to_ip(target_host));
if (web_server_addr == INADDR_NONE)
{
log_error(LOG_LEVEL_CONNECT, "socks4_connect: could not resolve target host %s", target_host);
return(JB_INVALID_SOCKET);
}
break;
case SOCKS_4A:
web_server_addr = 0x00000001;
n = csiz + strlen(target_host) + 1;
if (n > sizeof(cbuf))
{
errno = EINVAL;
return(JB_INVALID_SOCKET);
}
strcpy(cbuf + csiz, target_host);
csiz = n;
break;
default:
/* Should never get here */
log_error(LOG_LEVEL_FATAL, "SOCKS4 impossible internal error - bad SOCKS type.");
errno = EINVAL;
return(JB_INVALID_SOCKET);
}
c->vn = 4;
c->cd = 1;
c->dstport[0] = (target_port >> 8 ) & 0xff;
c->dstport[1] = (target_port ) & 0xff;
c->dstip[0] = (web_server_addr >> 24 ) & 0xff;
c->dstip[1] = (web_server_addr >> 16 ) & 0xff;
c->dstip[2] = (web_server_addr >> 8 ) & 0xff;
c->dstip[3] = (web_server_addr ) & 0xff;
/* pass the request to the socks server */
sfd = connect_to(fwd->gateway_host, fwd->gateway_port, csp);
if (sfd == JB_INVALID_SOCKET)
{
return(JB_INVALID_SOCKET);
}
if (write_socket(sfd, (char *)c, csiz))
{
log_error(LOG_LEVEL_CONNECT, "SOCKS4 negotiation write failed...");
close_socket(sfd);
return(JB_INVALID_SOCKET);
}
if (read_socket(sfd, sbuf, sizeof(sbuf)) != sizeof(*s))
{
log_error(LOG_LEVEL_CONNECT, "SOCKS4 negotiation read failed...");
close_socket(sfd);
return(JB_INVALID_SOCKET);
}
switch (s->cd)
{
case SOCKS_REQUEST_GRANTED:
return(sfd);
break;
case SOCKS_REQUEST_REJECT:
errstr = "SOCKS request rejected or failed";
errno = EINVAL;
break;
case SOCKS_REQUEST_IDENT_FAILED:
errstr = "SOCKS request rejected because "
"SOCKS server cannot connect to identd on the client";
errno = EACCES;
break;
case SOCKS_REQUEST_IDENT_CONFLICT:
errstr = "SOCKS request rejected because "
"the client program and identd report "
"different user-ids";
errno = EACCES;
break;
default:
errstr = cbuf;
errno = ENOENT;
sprintf(errstr,
"SOCKS request rejected for reason code %d\n", s->cd);
}
log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s ...", errstr);
close_socket(sfd);
return(JB_INVALID_SOCKET);
}
/*
Local Variables:
tab-width: 3
end:
*/