Annotation of src/usr.bin/nc/socks.c, Revision 1.10
1.10 ! otto 1: /* $OpenBSD: socks.c,v 1.9 2004/10/17 03:13:55 djm Exp $ */
1.1 jakob 2:
3: /*
4: * Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions
8: * are met:
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: * 2. Redistributions in binary form must reproduce the above copyright
12: * notice, this list of conditions and the following disclaimer in the
13: * documentation and/or other materials provided with the distribution.
14: *
15: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25: */
26:
27: #include <sys/types.h>
28: #include <sys/socket.h>
29: #include <netinet/in.h>
30: #include <arpa/inet.h>
31:
32: #include <err.h>
1.9 djm 33: #include <errno.h>
1.1 jakob 34: #include <netdb.h>
35: #include <stdio.h>
36: #include <stdlib.h>
37: #include <string.h>
38: #include <unistd.h>
39:
40: #define SOCKS_PORT "1080"
1.9 djm 41: #define HTTP_PROXY_PORT "3128"
42: #define HTTP_MAXHDRS 64
1.5 markus 43: #define SOCKS_V5 5
44: #define SOCKS_V4 4
1.1 jakob 45: #define SOCKS_NOAUTH 0
46: #define SOCKS_NOMETHOD 0xff
47: #define SOCKS_CONNECT 1
48: #define SOCKS_IPV4 1
1.9 djm 49:
1.4 ericj 50:
1.10 ! otto 51: int remote_connect(const char *, const char *, struct addrinfo);
! 52: int socks_connect(const char *host, const char *port, struct addrinfo hints,
! 53: const char *proxyhost, const char *proxyport, struct addrinfo proxyhints,
1.8 deraadt 54: int socksv);
1.1 jakob 55:
56: static in_addr_t
1.8 deraadt 57: decode_addr(const char *s)
1.1 jakob 58: {
59: struct hostent *hp = gethostbyname (s);
60: struct in_addr retval;
61:
62: if (hp)
63: return *(in_addr_t *)hp->h_addr_list[0];
64: if (inet_aton (s, &retval))
65: return retval.s_addr;
66: errx (1, "cannot decode address \"%s\"", s);
67: }
68:
69: static in_port_t
1.8 deraadt 70: decode_port(const char *s)
1.1 jakob 71: {
72: struct servent *sp;
73: in_port_t port;
74: char *p;
75:
76: port = strtol (s, &p, 10);
77: if (s == p) {
78: sp = getservbyname (s, "tcp");
79: if (sp)
80: return sp->s_port;
81: }
82: if (*s != '\0' && *p == '\0')
83: return htons (port);
84: errx (1, "cannot decode port \"%s\"", s);
85: }
86:
1.9 djm 87: static int
88: proxy_read_line(int fd, char *buf, int bufsz)
89: {
90: int r, off;
91:
92: for(off = 0;;) {
93: if (off >= bufsz)
94: errx(1, "proxy read too long");
95: if ((r = read(fd, buf + off, 1)) <= 0) {
96: if (r == -1 && errno == EINTR)
97: continue;
98: err(1, "proxy read");
99: }
100: /* Skip CR */
101: if (buf[off] == '\r')
102: continue;
103: if (buf[off] == '\n') {
104: buf[off] = '\0';
105: break;
106: }
107: off++;
108: }
109: return (off);
110: }
111:
1.1 jakob 112: int
1.10 ! otto 113: socks_connect(const char *host, const char *port,
! 114: struct addrinfo hints __attribute__ ((__unused__)),
! 115: const char *proxyhost, const char *proxyport, struct addrinfo proxyhints,
1.5 markus 116: int socksv)
1.1 jakob 117: {
1.9 djm 118: int proxyfd, r;
119: unsigned char buf[1024];
1.1 jakob 120: ssize_t cnt;
121: in_addr_t serveraddr;
122: in_port_t serverport;
123:
1.9 djm 124: if (proxyport == NULL)
125: proxyport = (socksv == -1) ? HTTP_PROXY_PORT : SOCKS_PORT;
126:
127: proxyfd = remote_connect(proxyhost, proxyport, proxyhints);
1.1 jakob 128:
1.6 stevesk 129: if (proxyfd < 0)
1.1 jakob 130: return -1;
131:
132: serveraddr = decode_addr (host);
133: serverport = decode_port (port);
134:
1.5 markus 135: if (socksv == 5) {
136: /* Version 5, one method: no authentication */
137: buf[0] = SOCKS_V5;
138: buf[1] = 1;
139: buf[2] = SOCKS_NOAUTH;
140: cnt = write (proxyfd, buf, 3);
141: if (cnt == -1)
142: err (1, "write failed");
143: if (cnt != 3)
144: errx (1, "short write, %d (expected 3)", cnt);
145:
146: read (proxyfd, buf, 2);
147: if (buf[1] == SOCKS_NOMETHOD)
148: errx (1, "authentication method negotiation failed");
149:
150: /* Version 5, connect: IPv4 address */
151: buf[0] = SOCKS_V5;
152: buf[1] = SOCKS_CONNECT;
153: buf[2] = 0;
154: buf[3] = SOCKS_IPV4;
155: memcpy (buf + 4, &serveraddr, sizeof serveraddr);
156: memcpy (buf + 8, &serverport, sizeof serverport);
157:
158: /* XXX Handle short writes better */
159: cnt = write (proxyfd, buf, 10);
160: if (cnt == -1)
161: err (1, "write failed");
162: if (cnt != 10)
163: errx (1, "short write, %d (expected 10)", cnt);
164:
165: /* XXX Handle short reads better */
166: cnt = read (proxyfd, buf, sizeof buf);
167: if (cnt == -1)
168: err (1, "read failed");
169: if (cnt != 10)
170: errx (1, "unexpected reply size %d (expected 10)", cnt);
171: if (buf[1] != 0)
172: errx (1, "connection failed, SOCKS error %d", buf[1]);
1.9 djm 173: } else if (socksv == 4) {
1.5 markus 174: /* Version 4 */
175: buf[0] = SOCKS_V4;
176: buf[1] = SOCKS_CONNECT; /* connect */
177: memcpy (buf + 2, &serverport, sizeof serverport);
178: memcpy (buf + 4, &serveraddr, sizeof serveraddr);
179: buf[8] = 0; /* empty username */
180:
181: cnt = write (proxyfd, buf, 9);
182: if (cnt == -1)
183: err (1, "write failed");
184: if (cnt != 9)
185: errx (1, "short write, %d (expected 9)", cnt);
186:
187: /* XXX Handle short reads better */
188: cnt = read (proxyfd, buf, 8);
189: if (cnt == -1)
190: err (1, "read failed");
191: if (cnt != 8)
192: errx (1, "unexpected reply size %d (expected 8)", cnt);
193: if (buf[1] != 90)
194: errx (1, "connection failed, SOCKS error %d", buf[1]);
1.9 djm 195: } else if (socksv == -1) {
196: /* HTTP proxy CONNECT */
197:
198: /* Disallow bad chars in hostname */
199: if (strcspn(host, "\r\n\t []:") != strlen(host))
200: errx (1, "Invalid hostname");
201:
202: /* Try to be sane about numeric IPv6 addresses */
203: if (strchr(host, ':') != NULL) {
204: r = snprintf(buf, sizeof(buf),
205: "CONNECT [%s]:%d HTTP/1.0\r\n\r\n",
206: host, ntohs(serverport));
207: } else {
208: r = snprintf(buf, sizeof(buf),
209: "CONNECT %s:%d HTTP/1.0\r\n\r\n",
210: host, ntohs(serverport));
211: }
1.10 ! otto 212: if (r == -1 || (size_t)r >= sizeof(buf))
1.9 djm 213: errx (1, "hostname too long");
214: r = strlen(buf);
215:
216: /* XXX atomicio */
217: cnt = write (proxyfd, buf, r);
218: if (cnt == -1)
219: err (1, "write failed");
220: if (cnt != r)
221: errx (1, "short write, %d (expected %d)", cnt, r);
222:
223: /* Read reply */
224: for (r = 0; r < HTTP_MAXHDRS; r++) {
225: proxy_read_line(proxyfd, buf, sizeof(buf));
226: if (r == 0 && strncmp(buf, "HTTP/1.0 200 ", 12) != 0)
227: errx (1, "Proxy error: \"%s\"", buf);
228: /* Discard headers until we hit an empty line */
229: if (*buf == '\0')
230: break;
231: }
232: } else
233: errx (1, "Unknown proxy protocol %d", socksv);
1.1 jakob 234:
235: return proxyfd;
236: }