Annotation of src/usr.bin/nc/socks.c, Revision 1.12
1.12 ! djm 1: /* $OpenBSD: socks.c,v 1.11 2005/05/19 04:29:46 djm Exp $ */
1.1 jakob 2:
3: /*
4: * Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions
8: * are met:
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: * 2. Redistributions in binary form must reproduce the above copyright
12: * notice, this list of conditions and the following disclaimer in the
13: * documentation and/or other materials provided with the distribution.
14: *
15: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25: */
26:
27: #include <sys/types.h>
28: #include <sys/socket.h>
29: #include <netinet/in.h>
30: #include <arpa/inet.h>
31:
32: #include <err.h>
1.9 djm 33: #include <errno.h>
1.1 jakob 34: #include <netdb.h>
35: #include <stdio.h>
36: #include <stdlib.h>
37: #include <string.h>
38: #include <unistd.h>
39:
40: #define SOCKS_PORT "1080"
1.9 djm 41: #define HTTP_PROXY_PORT "3128"
42: #define HTTP_MAXHDRS 64
1.5 markus 43: #define SOCKS_V5 5
44: #define SOCKS_V4 4
1.1 jakob 45: #define SOCKS_NOAUTH 0
46: #define SOCKS_NOMETHOD 0xff
47: #define SOCKS_CONNECT 1
48: #define SOCKS_IPV4 1
1.9 djm 49:
1.4 ericj 50:
1.10 otto 51: int remote_connect(const char *, const char *, struct addrinfo);
52: int socks_connect(const char *host, const char *port, struct addrinfo hints,
53: const char *proxyhost, const char *proxyport, struct addrinfo proxyhints,
1.8 deraadt 54: int socksv);
1.1 jakob 55:
56: static in_addr_t
1.8 deraadt 57: decode_addr(const char *s)
1.1 jakob 58: {
1.11 djm 59: struct hostent *hp = gethostbyname(s);
1.1 jakob 60: struct in_addr retval;
61:
62: if (hp)
1.11 djm 63: return (*(in_addr_t *)hp->h_addr_list[0]);
64: if (inet_aton(s, &retval))
65: return (retval.s_addr);
66: errx(1, "cannot decode address \"%s\"", s);
1.1 jakob 67: }
68:
69: static in_port_t
1.8 deraadt 70: decode_port(const char *s)
1.1 jakob 71: {
72: struct servent *sp;
73: in_port_t port;
74: char *p;
75:
1.11 djm 76: port = strtol(s, &p, 10);
1.1 jakob 77: if (s == p) {
1.11 djm 78: sp = getservbyname(s, "tcp");
1.1 jakob 79: if (sp)
1.11 djm 80: return (sp->s_port);
1.1 jakob 81: }
82: if (*s != '\0' && *p == '\0')
1.11 djm 83: return (htons(port));
1.1 jakob 84: errx (1, "cannot decode port \"%s\"", s);
85: }
86:
1.9 djm 87: static int
88: proxy_read_line(int fd, char *buf, int bufsz)
89: {
90: int r, off;
91:
92: for(off = 0;;) {
93: if (off >= bufsz)
94: errx(1, "proxy read too long");
95: if ((r = read(fd, buf + off, 1)) <= 0) {
96: if (r == -1 && errno == EINTR)
97: continue;
98: err(1, "proxy read");
99: }
100: /* Skip CR */
101: if (buf[off] == '\r')
102: continue;
103: if (buf[off] == '\n') {
104: buf[off] = '\0';
105: break;
106: }
107: off++;
108: }
109: return (off);
110: }
111:
1.1 jakob 112: int
1.10 otto 113: socks_connect(const char *host, const char *port,
114: struct addrinfo hints __attribute__ ((__unused__)),
115: const char *proxyhost, const char *proxyport, struct addrinfo proxyhints,
1.5 markus 116: int socksv)
1.1 jakob 117: {
1.9 djm 118: int proxyfd, r;
119: unsigned char buf[1024];
1.1 jakob 120: ssize_t cnt;
121: in_addr_t serveraddr;
122: in_port_t serverport;
123:
1.9 djm 124: if (proxyport == NULL)
125: proxyport = (socksv == -1) ? HTTP_PROXY_PORT : SOCKS_PORT;
126:
127: proxyfd = remote_connect(proxyhost, proxyport, proxyhints);
1.1 jakob 128:
1.6 stevesk 129: if (proxyfd < 0)
1.11 djm 130: return (-1);
1.1 jakob 131:
1.11 djm 132: serveraddr = decode_addr(host);
133: serverport = decode_port(port);
1.1 jakob 134:
1.5 markus 135: if (socksv == 5) {
136: /* Version 5, one method: no authentication */
137: buf[0] = SOCKS_V5;
138: buf[1] = 1;
139: buf[2] = SOCKS_NOAUTH;
1.11 djm 140: cnt = write(proxyfd, buf, 3);
1.5 markus 141: if (cnt == -1)
1.11 djm 142: err(1, "write failed");
1.5 markus 143: if (cnt != 3)
1.11 djm 144: errx(1, "short write, %d (expected 3)", cnt);
1.5 markus 145:
1.11 djm 146: read(proxyfd, buf, 2);
1.5 markus 147: if (buf[1] == SOCKS_NOMETHOD)
1.11 djm 148: errx(1, "authentication method negotiation failed");
1.5 markus 149:
150: /* Version 5, connect: IPv4 address */
151: buf[0] = SOCKS_V5;
152: buf[1] = SOCKS_CONNECT;
153: buf[2] = 0;
154: buf[3] = SOCKS_IPV4;
1.11 djm 155: memcpy(buf + 4, &serveraddr, sizeof serveraddr);
156: memcpy(buf + 8, &serverport, sizeof serverport);
1.5 markus 157:
158: /* XXX Handle short writes better */
1.11 djm 159: cnt = write(proxyfd, buf, 10);
1.5 markus 160: if (cnt == -1)
1.11 djm 161: err(1, "write failed");
1.5 markus 162: if (cnt != 10)
1.11 djm 163: errx(1, "short write, %d (expected 10)", cnt);
1.5 markus 164:
165: /* XXX Handle short reads better */
1.12 ! djm 166: cnt = read(proxyfd, buf, 10);
1.5 markus 167: if (cnt == -1)
1.11 djm 168: err(1, "read failed");
1.5 markus 169: if (cnt != 10)
1.11 djm 170: errx(1, "unexpected reply size %d (expected 10)", cnt);
1.5 markus 171: if (buf[1] != 0)
1.11 djm 172: errx(1, "connection failed, SOCKS error %d", buf[1]);
1.9 djm 173: } else if (socksv == 4) {
1.5 markus 174: /* Version 4 */
175: buf[0] = SOCKS_V4;
176: buf[1] = SOCKS_CONNECT; /* connect */
1.11 djm 177: memcpy(buf + 2, &serverport, sizeof serverport);
178: memcpy(buf + 4, &serveraddr, sizeof serveraddr);
1.5 markus 179: buf[8] = 0; /* empty username */
180:
1.11 djm 181: cnt = write(proxyfd, buf, 9);
1.5 markus 182: if (cnt == -1)
1.11 djm 183: err(1, "write failed");
1.5 markus 184: if (cnt != 9)
1.11 djm 185: errx(1, "short write, %d (expected 9)", cnt);
1.5 markus 186:
187: /* XXX Handle short reads better */
1.11 djm 188: cnt = read(proxyfd, buf, 8);
1.5 markus 189: if (cnt == -1)
1.11 djm 190: err(1, "read failed");
1.5 markus 191: if (cnt != 8)
1.11 djm 192: errx(1, "unexpected reply size %d (expected 8)", cnt);
1.5 markus 193: if (buf[1] != 90)
1.11 djm 194: errx(1, "connection failed, SOCKS error %d", buf[1]);
1.9 djm 195: } else if (socksv == -1) {
196: /* HTTP proxy CONNECT */
197:
198: /* Disallow bad chars in hostname */
199: if (strcspn(host, "\r\n\t []:") != strlen(host))
1.11 djm 200: errx(1, "Invalid hostname");
1.9 djm 201:
202: /* Try to be sane about numeric IPv6 addresses */
203: if (strchr(host, ':') != NULL) {
204: r = snprintf(buf, sizeof(buf),
205: "CONNECT [%s]:%d HTTP/1.0\r\n\r\n",
206: host, ntohs(serverport));
207: } else {
208: r = snprintf(buf, sizeof(buf),
209: "CONNECT %s:%d HTTP/1.0\r\n\r\n",
210: host, ntohs(serverport));
211: }
1.10 otto 212: if (r == -1 || (size_t)r >= sizeof(buf))
1.11 djm 213: errx(1, "hostname too long");
1.9 djm 214: r = strlen(buf);
215:
216: /* XXX atomicio */
1.11 djm 217: cnt = write(proxyfd, buf, r);
1.9 djm 218: if (cnt == -1)
1.11 djm 219: err(1, "write failed");
1.9 djm 220: if (cnt != r)
1.11 djm 221: errx(1, "short write, %d (expected %d)", cnt, r);
1.9 djm 222:
223: /* Read reply */
224: for (r = 0; r < HTTP_MAXHDRS; r++) {
225: proxy_read_line(proxyfd, buf, sizeof(buf));
226: if (r == 0 && strncmp(buf, "HTTP/1.0 200 ", 12) != 0)
1.11 djm 227: errx(1, "Proxy error: \"%s\"", buf);
1.9 djm 228: /* Discard headers until we hit an empty line */
229: if (*buf == '\0')
230: break;
231: }
232: } else
1.11 djm 233: errx(1, "Unknown proxy protocol %d", socksv);
1.1 jakob 234:
1.11 djm 235: return (proxyfd);
1.1 jakob 236: }
![[BACK]](/icons/back.gif){kind=icon}
Return to socks.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / nc