mirror of
https://github.com/PurpleI2P/i2pd
synced 2024-11-10 00:00:29 +03:00
Return adequate SOCKS replies
This commit is contained in:
Francisco Blas (klondike) Izquierdo Riera
parent
cb94d43092
commit
f383ebb718
171
SOCKS.cpp
171
SOCKS.cpp
@ -4,6 +4,7 @@
|
|||||||
#include "Destination.h"
|
#include "Destination.h"
|
||||||
#include "ClientContext.h"
|
#include "ClientContext.h"
|
||||||
#include "I2PEndian.h"
|
#include "I2PEndian.h"
|
||||||
|
#include <cstring>
|
||||||
#include <cassert>
|
#include <cassert>
|
||||||
|
|
||||||
namespace i2p
|
namespace i2p
|
||||||
@ -28,73 +29,104 @@ namespace proxy
|
|||||||
delete this; // HACK: ew
|
delete this; // HACK: ew
|
||||||
}
|
}
|
||||||
|
|
||||||
|
boost::asio::const_buffers_1 SOCKSHandler::GenerateSOCKS5SelectAuth(SOCKSHandler::authMethods method)
|
||||||
|
{
|
||||||
|
response[0] = '\x05'; //Version
|
||||||
|
response[1] = method; //Response code
|
||||||
|
return boost::asio::const_buffers_1(response,2);
|
||||||
|
}
|
||||||
|
|
||||||
|
boost::asio::const_buffers_1 SOCKSHandler::GenerateSOCKS4Response(SOCKSHandler::errTypes error, uint32_t ip, uint16_t port)
|
||||||
|
{
|
||||||
|
assert(error >= SOCKS4_OK);
|
||||||
|
assert(type == ADDR_IPV4);
|
||||||
|
response[0] = '\x00'; //Version
|
||||||
|
response[1] = error; //Response code
|
||||||
|
htobe16buf(response+2,port); //Port
|
||||||
|
htobe32buf(response+4,ip); //IP
|
||||||
|
return boost::asio::const_buffers_1(response,8);
|
||||||
|
}
|
||||||
|
|
||||||
|
boost::asio::const_buffers_1 SOCKSHandler::GenerateSOCKS5Response(SOCKSHandler::errTypes error, SOCKSHandler::addrTypes type,
|
||||||
|
const SOCKSHandler::address &addr, uint16_t port)
|
||||||
|
{
|
||||||
|
size_t size;
|
||||||
|
assert(error <= SOCKS5_ADDR_UNSUP);
|
||||||
|
response[0] = '\x05'; //Version
|
||||||
|
response[1] = error; //Response code
|
||||||
|
response[2] = '\x00'; //RSV
|
||||||
|
response[3] = type; //Address type
|
||||||
|
switch (type) {
|
||||||
|
case ADDR_IPV4:
|
||||||
|
size = 10;
|
||||||
|
htobe32buf(response+4,addr.ip);
|
||||||
|
break;
|
||||||
|
case ADDR_IPV6:
|
||||||
|
size = 22;
|
||||||
|
memcpy(response+4,addr.ipv6, 16);
|
||||||
|
break;
|
||||||
|
case ADDR_DNS:
|
||||||
|
size = 7+addr.dns.size;
|
||||||
|
response[4] = addr.dns.size;
|
||||||
|
memcpy(response+5,addr.dns.value, addr.dns.size);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
htobe16buf(response+size-2,port); //Port
|
||||||
|
return boost::asio::const_buffers_1(response,size);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Ah ah ah, you didn't say the magic word */
|
||||||
void SOCKSHandler::Socks5AuthNegoFailed()
|
void SOCKSHandler::Socks5AuthNegoFailed()
|
||||||
{
|
{
|
||||||
LogPrint(eLogWarning,"--- SOCKS5 authentication negotiation failed");
|
LogPrint(eLogWarning,"--- SOCKS5 authentication negotiation failed");
|
||||||
boost::asio::async_write(*m_sock, boost::asio::buffer("\x05\xff",2),
|
boost::asio::async_write(*m_sock, GenerateSOCKS5SelectAuth(AUTH_UNACCEPTABLE),
|
||||||
std::bind(&SOCKSHandler::SentSocksFailed, this,
|
std::bind(&SOCKSHandler::SentSocksFailed, this, std::placeholders::_1));
|
||||||
std::placeholders::_1));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void SOCKSHandler::Socks5ChooseAuth()
|
void SOCKSHandler::Socks5ChooseAuth()
|
||||||
{
|
{
|
||||||
LogPrint(eLogDebug,"--- SOCKS5 choosing authentication method");
|
LogPrint(eLogDebug,"--- SOCKS5 choosing authentication method: ", m_authchosen);
|
||||||
//TODO: Choose right method
|
boost::asio::async_write(*m_sock, GenerateSOCKS5SelectAuth(m_authchosen),
|
||||||
boost::asio::async_write(*m_sock, boost::asio::buffer("\x05\x00",2),
|
std::bind(&SOCKSHandler::SentSocksResponse, this, std::placeholders::_1));
|
||||||
std::bind(&SOCKSHandler::SentSocksResponse, this,
|
|
||||||
std::placeholders::_1, nullptr));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char *socks5Replies[9] = {
|
/* All hope is lost beyond this point */
|
||||||
"\x05\x00\x00\x01\x00\x00\x00\x00\x00\x00",
|
void SOCKSHandler::SocksRequestFailed(SOCKSHandler::errTypes error)
|
||||||
"\x05\x01\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x02\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x03\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x04\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x05\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x06\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x07\x00\x01\x00\x00\x00\x00\x00\x00",
|
|
||||||
"\x05\x08\x00\x01\x00\x00\x00\x00\x00\x00" };
|
|
||||||
|
|
||||||
/* All hope is lost */
|
|
||||||
void SOCKSHandler::SocksRequestFailed()
|
|
||||||
{
|
{
|
||||||
|
boost::asio::const_buffers_1 response(nullptr,0);
|
||||||
|
assert(error != SOCKS4_OK && error != SOCKS5_OK);
|
||||||
switch (m_socksv) {
|
switch (m_socksv) {
|
||||||
case SOCKS4:
|
case SOCKS4:
|
||||||
LogPrint(eLogWarning,"--- SOCKS4 failed");
|
LogPrint(eLogWarning,"--- SOCKS4 failed: ", error);
|
||||||
//TODO: send the right response
|
if (error < SOCKS4_OK) error = SOCKS4_FAIL; //Transparently map SOCKS5 errors
|
||||||
boost::asio::async_write(*m_sock, boost::asio::buffer("\x00\x5b\x00\x00\x00\x00\x00\x00",8),
|
response = GenerateSOCKS4Response(error, m_4aip, m_port);
|
||||||
std::bind(&SOCKSHandler::SentSocksFailed, this, std::placeholders::_1));
|
|
||||||
break;
|
break;
|
||||||
case SOCKS5:
|
case SOCKS5:
|
||||||
assert(m_error <= SOCKS5_ADDR_UNSUP);
|
LogPrint(eLogWarning,"--- SOCKS5 failed: ", error);
|
||||||
LogPrint(eLogWarning,"--- SOCKS5 failed");
|
response = GenerateSOCKS5Response(error, m_addrtype, m_address, m_port);
|
||||||
//TODO: use error properly and address type m_error
|
|
||||||
boost::asio::async_write(*m_sock, boost::asio::buffer(socks5Replies[m_error],10),
|
|
||||||
std::bind(&SOCKSHandler::SentSocksFailed, this, std::placeholders::_1));
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
boost::asio::async_write(*m_sock, response, std::bind(&SOCKSHandler::SentSocksFailed, this, std::placeholders::_1));
|
||||||
}
|
}
|
||||||
|
|
||||||
void SOCKSHandler::SocksRequestSuccess()
|
void SOCKSHandler::SocksRequestSuccess()
|
||||||
{
|
{
|
||||||
std::shared_ptr<std::vector<uint8_t>> response(new std::vector<uint8_t>);
|
boost::asio::const_buffers_1 response(nullptr,0);
|
||||||
|
//TODO: this should depend on things like the command type and callbacks may change
|
||||||
switch (m_socksv) {
|
switch (m_socksv) {
|
||||||
case SOCKS4:
|
case SOCKS4:
|
||||||
LogPrint(eLogInfo,"--- SOCKS4 connection success");
|
LogPrint(eLogInfo,"--- SOCKS4 connection success");
|
||||||
//TODO: send the right response
|
response = GenerateSOCKS4Response(SOCKS4_OK, m_4aip, m_port);
|
||||||
boost::asio::async_write(*m_sock, boost::asio::buffer("\x00\x5a\x00\x00\x00\x00\x00\x00",8),
|
|
||||||
std::bind(&SOCKSHandler::SentSocksResponse, this,
|
|
||||||
std::placeholders::_1, nullptr));
|
|
||||||
break;
|
break;
|
||||||
case SOCKS5:
|
case SOCKS5:
|
||||||
LogPrint(eLogInfo,"--- SOCKS5 connection success");
|
LogPrint(eLogInfo,"--- SOCKS5 connection success");
|
||||||
//TODO: send the right response using the port? and the localside i2p address
|
auto s = i2p::client::context.GetAddressBook().ToAddress(m_parent->GetLocalDestination()->GetIdentHash());
|
||||||
boost::asio::async_write(*m_sock, boost::asio::buffer("\x05\x00\x00\x01\x00\x00\x00\x00\x00\x00",10),
|
address ad; ad.dns.FromString(s);
|
||||||
std::bind(&SOCKSHandler::SentSocksResponse, this,
|
//HACK only 16 bits passed in port as SOCKS5 doesn't allow for more
|
||||||
std::placeholders::_1, response));
|
response = GenerateSOCKS5Response(SOCKS5_OK, ADDR_DNS, ad, m_stream->GetSendStreamID());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
boost::asio::async_write(*m_sock, response, std::bind(&SOCKSHandler::SentSocksResponse, this, std::placeholders::_1));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -197,8 +229,7 @@ namespace proxy
|
|||||||
if ( m_cmd != CMD_CONNECT ) {
|
if ( m_cmd != CMD_CONNECT ) {
|
||||||
//TODO: we need to support binds and other shit!
|
//TODO: we need to support binds and other shit!
|
||||||
LogPrint(eLogError,"--- SOCKS unsupported command: ", m_cmd);
|
LogPrint(eLogError,"--- SOCKS unsupported command: ", m_cmd);
|
||||||
m_error = SOCKS5_CMD_UNSUP;
|
SocksRequestFailed(SOCKS5_CMD_UNSUP);
|
||||||
SocksRequestFailed();
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
//TODO: we may want to support other address types!
|
//TODO: we may want to support other address types!
|
||||||
@ -206,24 +237,23 @@ namespace proxy
|
|||||||
switch (m_socksv) {
|
switch (m_socksv) {
|
||||||
case SOCKS5:
|
case SOCKS5:
|
||||||
LogPrint(eLogError,"--- SOCKS5 unsupported address type: ", m_addrtype);
|
LogPrint(eLogError,"--- SOCKS5 unsupported address type: ", m_addrtype);
|
||||||
m_error = SOCKS5_ADDR_UNSUP;
|
|
||||||
break;
|
break;
|
||||||
case SOCKS4:
|
case SOCKS4:
|
||||||
LogPrint(eLogError,"--- SOCKS4a rejected because it's actually SOCKS4");
|
LogPrint(eLogError,"--- SOCKS4a rejected because it's actually SOCKS4");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
SocksRequestFailed();
|
SocksRequestFailed(SOCKS5_ADDR_UNSUP);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
//TODO: we may want to support other domains
|
//TODO: we may want to support other domains
|
||||||
if(m_addrtype == ADDR_DNS && m_destination.find(".i2p") == std::string::npos) {
|
if(m_addrtype == ADDR_DNS && m_address.dns.ToString().find(".i2p") == std::string::npos) {
|
||||||
LogPrint(eLogError,"--- SOCKS invalid hostname: ", m_destination);
|
LogPrint(eLogError,"--- SOCKS invalid hostname: ", m_address.dns.ToString());
|
||||||
m_error = SOCKS5_ADDR_UNSUP;
|
SocksRequestFailed(SOCKS5_ADDR_UNSUP);
|
||||||
SocksRequestFailed();
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::size_t SOCKSHandler::HandleSOCKSRequest(uint8_t *sock_buff, std::size_t len)
|
std::size_t SOCKSHandler::HandleSOCKSRequest(uint8_t *sock_buff, std::size_t len)
|
||||||
{
|
{
|
||||||
std::size_t rv = 0;
|
std::size_t rv = 0;
|
||||||
@ -240,8 +270,7 @@ namespace proxy
|
|||||||
if (m_socksv == SOCKS5) break;
|
if (m_socksv == SOCKS5) break;
|
||||||
default:
|
default:
|
||||||
LogPrint(eLogError,"--- SOCKS invalid command: ", ((int)*sock_buff));
|
LogPrint(eLogError,"--- SOCKS invalid command: ", ((int)*sock_buff));
|
||||||
m_error = SOCKS5_GEN_FAIL;
|
SocksRequestFailed(SOCKS5_GEN_FAIL);
|
||||||
SocksRequestFailed();
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
m_cmd = (SOCKSHandler::cmdTypes)*sock_buff;
|
m_cmd = (SOCKSHandler::cmdTypes)*sock_buff;
|
||||||
@ -256,28 +285,29 @@ namespace proxy
|
|||||||
if (m_addrleft == 0) {
|
if (m_addrleft == 0) {
|
||||||
switch (m_socksv) {
|
switch (m_socksv) {
|
||||||
case SOCKS5: m_pstate = DONE; break;
|
case SOCKS5: m_pstate = DONE; break;
|
||||||
case SOCKS4: m_pstate = GET_IPV4; m_addrleft = 4; break;
|
case SOCKS4: m_pstate = GET_IPV4; m_address.ip = 0; m_addrleft = 4; break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case GET_IPV4:
|
case GET_IPV4:
|
||||||
m_ip = (m_ip << 8)|((uint32_t)*sock_buff);
|
m_address.ip = (m_address.ip << 8)|((uint32_t)*sock_buff);
|
||||||
m_addrleft--;
|
m_addrleft--;
|
||||||
if (m_addrleft == 0) {
|
if (m_addrleft == 0) {
|
||||||
switch (m_socksv) {
|
switch (m_socksv) {
|
||||||
case SOCKS5: m_pstate = GET_PORT; m_addrleft = 2; break;
|
case SOCKS5: m_pstate = GET_PORT; m_addrleft = 2; break;
|
||||||
case SOCKS4: m_pstate = GET4_IDENT; break;
|
case SOCKS4: m_pstate = GET4_IDENT; m_4aip = m_address.ip; break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case GET4_IDENT:
|
case GET4_IDENT:
|
||||||
if (!*sock_buff) {
|
if (!*sock_buff) {
|
||||||
if( m_ip == 0 || m_ip > 255 ) {
|
if( m_4aip == 0 || m_4aip > 255 ) {
|
||||||
m_addrtype = ADDR_IPV4;
|
m_addrtype = ADDR_IPV4;
|
||||||
m_pstate = DONE;
|
m_pstate = DONE;
|
||||||
} else {
|
} else {
|
||||||
m_addrtype = ADDR_DNS;
|
m_addrtype = ADDR_DNS;
|
||||||
m_pstate = GET4A_HOST;
|
m_pstate = GET4A_HOST;
|
||||||
|
m_address.dns.size = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@ -286,18 +316,17 @@ namespace proxy
|
|||||||
m_pstate = DONE;
|
m_pstate = DONE;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (m_destination.size() > max_socks_hostname_size) {
|
if (m_address.dns.size >= max_socks_hostname_size) {
|
||||||
LogPrint(eLogError,"--- SOCKS4a destination is too large");
|
LogPrint(eLogError,"--- SOCKS4a destination is too large");
|
||||||
SocksRequestFailed();
|
SocksRequestFailed(SOCKS4_FAIL);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
m_destination.push_back(*sock_buff);
|
m_address.dns.push_back(*sock_buff);
|
||||||
break;
|
break;
|
||||||
case GET5_REQUESTV:
|
case GET5_REQUESTV:
|
||||||
if (*sock_buff != SOCKS5) {
|
if (*sock_buff != SOCKS5) {
|
||||||
LogPrint(eLogError,"--- SOCKS5 rejected unknown request version: ", ((int)*sock_buff));
|
LogPrint(eLogError,"--- SOCKS5 rejected unknown request version: ", ((int)*sock_buff));
|
||||||
m_error = SOCKS5_GEN_FAIL;
|
SocksRequestFailed(SOCKS5_GEN_FAIL);
|
||||||
SocksRequestFailed();
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
m_pstate = GET_COMMAND;
|
m_pstate = GET_COMMAND;
|
||||||
@ -305,27 +334,25 @@ namespace proxy
|
|||||||
case GET5_GETRSV:
|
case GET5_GETRSV:
|
||||||
if ( *sock_buff != 0 ) {
|
if ( *sock_buff != 0 ) {
|
||||||
LogPrint(eLogError,"--- SOCKS5 unknown reserved field: ", ((int)*sock_buff));
|
LogPrint(eLogError,"--- SOCKS5 unknown reserved field: ", ((int)*sock_buff));
|
||||||
m_error = SOCKS5_GEN_FAIL;
|
SocksRequestFailed(SOCKS5_GEN_FAIL);
|
||||||
SocksRequestFailed();
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
m_pstate = GET5_GETADDRTYPE;
|
m_pstate = GET5_GETADDRTYPE;
|
||||||
break;
|
break;
|
||||||
case GET5_GETADDRTYPE:
|
case GET5_GETADDRTYPE:
|
||||||
switch (*sock_buff) {
|
switch (*sock_buff) {
|
||||||
case ADDR_IPV4: m_pstate = GET_IPV4; m_addrleft = 4; break;
|
case ADDR_IPV4: m_pstate = GET_IPV4; m_address.ip = 0; m_addrleft = 4; break;
|
||||||
case ADDR_IPV6: m_pstate = GET5_IPV6; m_addrleft = 16; break;
|
case ADDR_IPV6: m_pstate = GET5_IPV6; m_addrleft = 16; break;
|
||||||
case ADDR_DNS : m_pstate = GET5_HOST_SIZE; break;
|
case ADDR_DNS : m_pstate = GET5_HOST_SIZE; break;
|
||||||
default:
|
default:
|
||||||
LogPrint(eLogError,"--- SOCKS5 unknown address type: ", ((int)*sock_buff));
|
LogPrint(eLogError,"--- SOCKS5 unknown address type: ", ((int)*sock_buff));
|
||||||
m_error = SOCKS5_GEN_FAIL;
|
SocksRequestFailed(SOCKS5_GEN_FAIL);
|
||||||
SocksRequestFailed();
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
m_addrtype = (SOCKSHandler::addrTypes)*sock_buff;
|
m_addrtype = (SOCKSHandler::addrTypes)*sock_buff;
|
||||||
break;
|
break;
|
||||||
case GET5_IPV6:
|
case GET5_IPV6:
|
||||||
m_ipv6[16-m_addrleft] = *sock_buff;
|
m_address.ipv6[16-m_addrleft] = *sock_buff;
|
||||||
m_addrleft--;
|
m_addrleft--;
|
||||||
if (m_addrleft == 0) {
|
if (m_addrleft == 0) {
|
||||||
m_pstate = GET_PORT;
|
m_pstate = GET_PORT;
|
||||||
@ -334,10 +361,11 @@ namespace proxy
|
|||||||
break;
|
break;
|
||||||
case GET5_HOST_SIZE:
|
case GET5_HOST_SIZE:
|
||||||
m_addrleft = *sock_buff;
|
m_addrleft = *sock_buff;
|
||||||
|
m_address.dns.size = 0;
|
||||||
m_pstate = GET5_HOST;
|
m_pstate = GET5_HOST;
|
||||||
break;
|
break;
|
||||||
case GET5_HOST:
|
case GET5_HOST:
|
||||||
m_destination.push_back(*sock_buff);
|
m_address.dns.push_back(*sock_buff);
|
||||||
m_addrleft--;
|
m_addrleft--;
|
||||||
if (m_addrleft == 0) {
|
if (m_addrleft == 0) {
|
||||||
m_pstate = GET_PORT;
|
m_pstate = GET_PORT;
|
||||||
@ -381,16 +409,16 @@ namespace proxy
|
|||||||
assert(!(m_state == READY && m_need_more));
|
assert(!(m_state == READY && m_need_more));
|
||||||
|
|
||||||
if (m_state == READY) {
|
if (m_state == READY) {
|
||||||
LogPrint(eLogInfo,"--- SOCKS requested ", m_destination, ":" , m_port);
|
LogPrint(eLogInfo,"--- SOCKS requested ", m_address.dns.ToString(), ":" , m_port);
|
||||||
if (pos != len) {
|
if (pos != len) {
|
||||||
LogPrint(eLogError,"--- SOCKS rejected because we can't handle extra data");
|
LogPrint(eLogError,"--- SOCKS rejected because we can't handle extra data");
|
||||||
SocksRequestFailed();
|
SocksRequestFailed(SOCKS5_GEN_FAIL);
|
||||||
return ;
|
return ;
|
||||||
}
|
}
|
||||||
|
|
||||||
m_parent->GetLocalDestination ()->CreateStream (
|
m_parent->GetLocalDestination ()->CreateStream (
|
||||||
std::bind (&SOCKSHandler::HandleStreamRequestComplete,
|
std::bind (&SOCKSHandler::HandleStreamRequestComplete,
|
||||||
this, std::placeholders::_1), m_destination, m_port);
|
this, std::placeholders::_1), m_address.dns.ToString(), m_port);
|
||||||
} else if (m_need_more) {
|
} else if (m_need_more) {
|
||||||
LogPrint (eLogDebug,"--- SOCKS Need more data");
|
LogPrint (eLogDebug,"--- SOCKS Need more data");
|
||||||
AsyncSockRead();
|
AsyncSockRead();
|
||||||
@ -407,9 +435,8 @@ namespace proxy
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void SOCKSHandler::SentSocksResponse(const boost::system::error_code & ecode, std::shared_ptr<std::vector<uint8_t>> response)
|
void SOCKSHandler::SentSocksResponse(const boost::system::error_code & ecode)
|
||||||
{
|
{
|
||||||
response.reset(); // Information wants to be free, so does memory
|
|
||||||
if (!ecode) {
|
if (!ecode) {
|
||||||
if(m_state == READY) {
|
if(m_state == READY) {
|
||||||
LogPrint (eLogInfo,"--- SOCKS New I2PTunnel connection");
|
LogPrint (eLogInfo,"--- SOCKS New I2PTunnel connection");
|
||||||
@ -431,12 +458,12 @@ namespace proxy
|
|||||||
void SOCKSHandler::HandleStreamRequestComplete (std::shared_ptr<i2p::stream::Stream> stream)
|
void SOCKSHandler::HandleStreamRequestComplete (std::shared_ptr<i2p::stream::Stream> stream)
|
||||||
{
|
{
|
||||||
if (stream) {
|
if (stream) {
|
||||||
|
//TODO: test the stream is open if it isn't fail with connrefused
|
||||||
m_stream = stream;
|
m_stream = stream;
|
||||||
SocksRequestSuccess();
|
SocksRequestSuccess();
|
||||||
} else {
|
} else {
|
||||||
m_error = SOCKS5_HOST_UNREACH;
|
|
||||||
LogPrint (eLogError,"--- SOCKS Issue when creating the stream, check the previous warnings for more info.");
|
LogPrint (eLogError,"--- SOCKS Issue when creating the stream, check the previous warnings for more info.");
|
||||||
SocksRequestFailed();
|
SocksRequestFailed(SOCKS5_HOST_UNREACH);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
44
SOCKS.h
44
SOCKS.h
@ -2,7 +2,7 @@
|
|||||||
#define SOCKS_H__
|
#define SOCKS_H__
|
||||||
|
|
||||||
#include <memory>
|
#include <memory>
|
||||||
#include <vector>
|
#include <string>
|
||||||
#include <boost/asio.hpp>
|
#include <boost/asio.hpp>
|
||||||
#include "Identity.h"
|
#include "Identity.h"
|
||||||
#include "Streaming.h"
|
#include "Streaming.h"
|
||||||
@ -16,9 +16,20 @@ namespace proxy
|
|||||||
const size_t socks_buffer_size = 8192;
|
const size_t socks_buffer_size = 8192;
|
||||||
const size_t max_socks_hostname_size = 255; // Limit for socks5 and bad idea to traverse
|
const size_t max_socks_hostname_size = 255; // Limit for socks5 and bad idea to traverse
|
||||||
|
|
||||||
|
struct SOCKSDnsAddress {
|
||||||
|
uint8_t size;
|
||||||
|
char value[max_socks_hostname_size];
|
||||||
|
void FromString (std::string str) {
|
||||||
|
size = str.length();
|
||||||
|
if (str.length() > max_socks_hostname_size) size = max_socks_hostname_size;
|
||||||
|
memcpy(value,str.c_str(),size);
|
||||||
|
}
|
||||||
|
std::string ToString() { return std::string(value, size); }
|
||||||
|
void push_back (char c) { value[size++] = c; }
|
||||||
|
};
|
||||||
|
|
||||||
class SOCKSServer;
|
class SOCKSServer;
|
||||||
class SOCKSHandler {
|
class SOCKSHandler {
|
||||||
|
|
||||||
private:
|
private:
|
||||||
enum state {
|
enum state {
|
||||||
GET_VERSION, // Get SOCKS version
|
GET_VERSION, // Get SOCKS version
|
||||||
@ -78,9 +89,12 @@ namespace proxy
|
|||||||
SOCKS4 = 4, // SOCKS4
|
SOCKS4 = 4, // SOCKS4
|
||||||
SOCKS5 = 5 // SOCKS5
|
SOCKS5 = 5 // SOCKS5
|
||||||
};
|
};
|
||||||
|
union address {
|
||||||
|
uint32_t ip;
|
||||||
|
SOCKSDnsAddress dns;
|
||||||
|
uint8_t ipv6[16];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
void GotClientRequest(boost::system::error_code & ecode, std::string & host, uint16_t port);
|
|
||||||
std::size_t HandleData(uint8_t *sock_buff, std::size_t len);
|
std::size_t HandleData(uint8_t *sock_buff, std::size_t len);
|
||||||
std::size_t HandleVersion(uint8_t *sock_buff);
|
std::size_t HandleVersion(uint8_t *sock_buff);
|
||||||
std::size_t HandleSOCKS5AuthNego(uint8_t *sock_buff, std::size_t len);
|
std::size_t HandleSOCKS5AuthNego(uint8_t *sock_buff, std::size_t len);
|
||||||
@ -91,13 +105,16 @@ namespace proxy
|
|||||||
void CloseSock();
|
void CloseSock();
|
||||||
void CloseStream();
|
void CloseStream();
|
||||||
void AsyncSockRead();
|
void AsyncSockRead();
|
||||||
|
boost::asio::const_buffers_1 GenerateSOCKS5SelectAuth(authMethods method);
|
||||||
|
boost::asio::const_buffers_1 GenerateSOCKS4Response(errTypes error, uint32_t ip, uint16_t port);
|
||||||
|
boost::asio::const_buffers_1 GenerateSOCKS5Response(errTypes error, addrTypes type, const address &addr, uint16_t port);
|
||||||
void Socks5AuthNegoFailed();
|
void Socks5AuthNegoFailed();
|
||||||
void Socks5ChooseAuth();
|
void Socks5ChooseAuth();
|
||||||
void SocksRequestFailed();
|
void SocksRequestFailed(errTypes error);
|
||||||
void SocksRequestSuccess();
|
void SocksRequestSuccess();
|
||||||
void SentSocksFailed(const boost::system::error_code & ecode);
|
|
||||||
//HACK: we need to pass the shared_ptr to ensure the buffer will live enough
|
//HACK: we need to pass the shared_ptr to ensure the buffer will live enough
|
||||||
void SentSocksResponse(const boost::system::error_code & ecode, std::shared_ptr<std::vector<uint8_t>> response);
|
void SentSocksFailed(const boost::system::error_code & ecode);
|
||||||
|
void SentSocksResponse(const boost::system::error_code & ecode);
|
||||||
void HandleStreamRequestComplete (std::shared_ptr<i2p::stream::Stream> stream);
|
void HandleStreamRequestComplete (std::shared_ptr<i2p::stream::Stream> stream);
|
||||||
|
|
||||||
uint8_t m_sock_buff[socks_buffer_size];
|
uint8_t m_sock_buff[socks_buffer_size];
|
||||||
@ -108,24 +125,23 @@ namespace proxy
|
|||||||
parseState m_pstate;
|
parseState m_pstate;
|
||||||
uint8_t m_command;
|
uint8_t m_command;
|
||||||
uint16_t m_port;
|
uint16_t m_port;
|
||||||
uint32_t m_ip;
|
uint32_t m_4aip; //Used in 4a requests
|
||||||
uint8_t m_ipv6[16];
|
|
||||||
std::string m_destination;
|
|
||||||
uint8_t m_authleft; //Authentication methods left
|
uint8_t m_authleft; //Authentication methods left
|
||||||
//TODO: this will probably be more elegant as enums
|
//TODO: this will probably be more elegant as enums
|
||||||
authMethods m_authchosen; //Authentication chosen
|
authMethods m_authchosen; //Authentication chosen
|
||||||
addrTypes m_addrtype; //Address type chosen
|
addrTypes m_addrtype; //Address type chosen
|
||||||
uint8_t m_addrleft; //Octets of DNS address left
|
address m_address; //Address
|
||||||
errTypes m_error; //Error cause
|
uint8_t m_addrleft; //Octets of current address left
|
||||||
socksVersions m_socksv; //Socks version
|
socksVersions m_socksv; //Socks version
|
||||||
cmdTypes m_cmd; // Command requested
|
cmdTypes m_cmd; // Command requested
|
||||||
bool m_need_more; //The parser still needs to receive more data
|
bool m_need_more; //The parser still needs to receive more data
|
||||||
|
uint8_t response[7+max_socks_hostname_size];
|
||||||
|
|
||||||
public:
|
public:
|
||||||
SOCKSHandler(SOCKSServer * parent, boost::asio::ip::tcp::socket * sock) :
|
SOCKSHandler(SOCKSServer * parent, boost::asio::ip::tcp::socket * sock) :
|
||||||
m_parent(parent), m_sock(sock), m_stream(nullptr), m_state(GET_VERSION),
|
m_parent(parent), m_sock(sock), m_stream(nullptr), m_state(GET_VERSION),
|
||||||
m_authchosen(AUTH_UNACCEPTABLE), m_addrtype(ADDR_IPV4), m_error(SOCKS5_GEN_FAIL)
|
m_authchosen(AUTH_UNACCEPTABLE), m_addrtype(ADDR_IPV4)
|
||||||
{ AsyncSockRead(); m_destination.reserve(max_socks_hostname_size+1); }
|
{ m_address.ip = 0; AsyncSockRead(); }
|
||||||
~SOCKSHandler() { CloseSock(); CloseStream(); }
|
~SOCKSHandler() { CloseSock(); CloseStream(); }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user