-const char gateway_rcs[] = "$Id: gateway.c,v 1.63 2009/10/01 16:07:33 fabiankeil Exp $";
+const char gateway_rcs[] = "$Id: gateway.c,v 1.72 2011/03/27 14:00:36 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/gateway.c,v $
int target_port,
struct client_state *csp);
+enum {
+ SOCKS4_REQUEST_GRANTED = 90,
+ SOCKS4_REQUEST_REJECT = 91,
+ SOCKS4_REQUEST_IDENT_FAILED = 92,
+ SOCKS4_REQUEST_IDENT_CONFLICT = 93
+};
-#define SOCKS_REQUEST_GRANTED 90
-#define SOCKS_REQUEST_REJECT 91
-#define SOCKS_REQUEST_IDENT_FAILED 92
-#define SOCKS_REQUEST_IDENT_CONFLICT 93
-
-#define SOCKS5_REQUEST_GRANTED 0
-#define SOCKS5_REQUEST_FAILED 1
-#define SOCKS5_REQUEST_DENIED 2
-#define SOCKS5_REQUEST_NETWORK_UNREACHABLE 3
-#define SOCKS5_REQUEST_HOST_UNREACHABLE 4
-#define SOCKS5_REQUEST_CONNECTION_REFUSED 5
-#define SOCKS5_REQUEST_TTL_EXPIRED 6
-#define SOCKS5_REQUEST_PROTOCOL_ERROR 7
-#define SOCKS5_REQUEST_BAD_ADDRESS_TYPE 8
+enum {
+ SOCKS5_REQUEST_GRANTED = 0,
+ SOCKS5_REQUEST_FAILED = 1,
+ SOCKS5_REQUEST_DENIED = 2,
+ SOCKS5_REQUEST_NETWORK_UNREACHABLE = 3,
+ SOCKS5_REQUEST_HOST_UNREACHABLE = 4,
+ SOCKS5_REQUEST_CONNECTION_REFUSED = 5,
+ SOCKS5_REQUEST_TTL_EXPIRED = 6,
+ SOCKS5_REQUEST_PROTOCOL_ERROR = 7,
+ SOCKS5_REQUEST_BAD_ADDRESS_TYPE = 8
+};
/* structure of a socks client operation */
struct socks_op {
&& strcmpic(connection->gateway_host, fwd->gateway_host))
&& (connection->gateway_host != fwd->gateway_host))
{
- log_error(LOG_LEVEL_CONNECT, "Gateway mismatch.");
+ log_error(LOG_LEVEL_CONNECT,
+ "Gateway mismatch. Previous gateway: %s. Current gateway: %s",
+ connection->gateway_host, fwd->gateway_host);
return FALSE;
}
&& strcmpic(connection->forward_host, fwd->forward_host))
&& (connection->forward_host != fwd->forward_host))
{
- log_error(LOG_LEVEL_CONNECT, "Forwarding proxy mismatch.");
+ log_error(LOG_LEVEL_CONNECT,
+ "Forwarding proxy mismatch. Previous proxy: %s. Current proxy: %s",
+ connection->forward_host, fwd->forward_host);
return FALSE;
}
close_socket(reusable_connection[slot].sfd);
mark_connection_closed(&reusable_connection[slot]);
}
- else if (!socket_is_still_usable(reusable_connection[slot].sfd))
+ else if (!socket_is_still_alive(reusable_connection[slot].sfd))
{
log_error(LOG_LEVEL_CONNECT,
"The connection to %s:%d in slot %d is no longer usable. "
if (sfd == JB_INVALID_SOCKET)
{
- /*
- * XXX: connect_to should fill in the exact reason.
- * Most likely resolving the IP of the forwarder failed.
- */
- errstr = "connect_to failed: see logfile for details";
+ /* The error an its reason have already been logged by connect_to() */
+ return(JB_INVALID_SOCKET);
+ }
+ else if (!data_is_available(sfd, csp->config->socket_timeout))
+ {
+ if (socket_is_still_alive(sfd))
+ {
+ errstr = "SOCKS4 negotiation timed out";
+ }
+ else
+ {
+ errstr = "SOCKS4 negotiation got aborted by the server";
+ }
+ log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
err = 1;
+ close_socket(sfd);
}
else if (write_socket(sfd, (char *)c, csiz))
{
switch (s->cd)
{
- case SOCKS_REQUEST_GRANTED:
+ case SOCKS4_REQUEST_GRANTED:
return(sfd);
- case SOCKS_REQUEST_REJECT:
+ case SOCKS4_REQUEST_REJECT:
errstr = "SOCKS request rejected or failed.";
errno = EINVAL;
break;
- case SOCKS_REQUEST_IDENT_FAILED:
+ case SOCKS4_REQUEST_IDENT_FAILED:
errstr = "SOCKS request rejected because "
"SOCKS server cannot connect to identd on the client.";
errno = EACCES;
break;
- case SOCKS_REQUEST_IDENT_CONFLICT:
+ case SOCKS4_REQUEST_IDENT_CONFLICT:
errstr = "SOCKS request rejected because "
"the client program and identd report "
"different user-ids.";
return(JB_INVALID_SOCKET);
}
- if (read_socket(sfd, sbuf, sizeof(sbuf)) != 2)
+ if (!data_is_available(sfd, csp->config->socket_timeout))
+ {
+ if (socket_is_still_alive(sfd))
+ {
+ errstr = "SOCKS5 negotiation timed out";
+ }
+ else
+ {
+ errstr = "SOCKS5 negotiation got aborted by the server";
+ }
+ err = 1;
+ }
+
+ if (!err && read_socket(sfd, sbuf, sizeof(sbuf)) != 2)
{
errstr = "SOCKS5 negotiation read failed";
err = 1;
}
else if (server_size > 20)
{
- /* This is somewhat unexpected but doesn't realy matter. */
+ /* This is somewhat unexpected but doesn't really matter. */
log_error(LOG_LEVEL_CONNECT, "socks5_connect: read %d bytes "
"from socks server. Would have accepted up to %d.",
server_size, sizeof(sbuf));