X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=gateway.c;h=135b217344cfadea2e51e9d7f9c7c85e55412789;hp=110d0d6c4b599f54ebc26b6f5ffcca24fab0930d;hb=41bcde325feaf65a42fe2c4ab21cee5771ac60ad;hpb=d5ff7ad1d0c63ced6492f38488befe9e49f18776 diff --git a/gateway.c b/gateway.c index 110d0d6c..135b2173 100644 --- a/gateway.c +++ b/gateway.c @@ -1,14 +1,13 @@ -const char gateway_rcs[] = "$Id: gateway.c,v 1.26 2008/08/18 17:42:06 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/gateway.c,v $ * * Purpose : Contains functions to connect to a server, possibly * using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4 - * proxy). + * or SOCKS5 proxy). * - * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge - * Privoxy team. http://www.privoxy.org/ + * Copyright : Written by and Copyright (C) 2001-2020 the + * Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written * by and Copyright (C) 1997 Anonymous Coders and @@ -32,132 +31,8 @@ const char gateway_rcs[] = "$Id: gateway.c,v 1.26 2008/08/18 17:42:06 fabiankeil * or write to the Free Software Foundation, Inc., 59 * Temple Place - Suite 330, Boston, MA 02111-1307, USA. * - * Revisions : - * $Log: gateway.c,v $ - * Revision 1.26 2008/08/18 17:42:06 fabiankeil - * Fix typo in macro name. - * - * Revision 1.25 2008/02/07 18:09:46 fabiankeil - * In socks5_connect: - * - make the buffers quite a bit smaller. - * - properly report "socks5 server unreachable" failures. - * - let strncpy() use the whole buffer. Using a length of 0xffu wasn't actually - * wrong, but requires too much thinking as it doesn't depend on the buffer size. - * - log a message if the socks5 server sends more data than expected. - * - add some assertions and comments. - * - * Revision 1.24 2008/02/04 14:56:29 fabiankeil - * - Fix a compiler warning. - * - Stop assuming that htonl(INADDR_NONE) equals INADDR_NONE. - * - * Revision 1.23 2008/02/04 13:11:35 fabiankeil - * Remember the cause of the SOCKS5 error for the CGI message. - * - * Revision 1.22 2008/02/03 13:46:15 fabiankeil - * Add SOCKS5 support. Patch #1862863 by Eric M. Hopper with minor changes. - * - * Revision 1.21 2007/07/28 12:30:03 fabiankeil - * Modified patch from Song Weijia (#1762559) to - * fix socks requests on big-endian platforms. - * - * Revision 1.20 2007/05/14 10:23:48 fabiankeil - * - Use strlcpy() instead of strcpy(). - * - Use the same buffer for socks requests and socks responses. - * - Fix bogus warning about web_server_addr being used uninitialized. - * - * Revision 1.19 2007/01/25 14:09:45 fabiankeil - * - Save errors in socks4_connect() to csp->error_message. - * - Silence some gcc43 warnings, hopefully the right way. - * - * Revision 1.18 2006/07/18 14:48:46 david__schmidt - * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch) - * with what was really the latest development (the v_3_0_branch branch) - * - * Revision 1.16 2002/05/12 21:36:29 jongfoster - * Correcting function comments - * - * Revision 1.15 2002/03/26 22:29:54 swa - * we have a new homepage! - * - * Revision 1.14 2002/03/24 13:25:43 swa - * name change related issues - * - * Revision 1.13 2002/03/13 00:29:59 jongfoster - * Killing warnings - * - * Revision 1.12 2002/03/09 20:03:52 jongfoster - * - Making various functions return int rather than size_t. - * (Undoing a recent change). Since size_t is unsigned on - * Windows, functions like read_socket that return -1 on - * error cannot return a size_t. - * - * THIS WAS A MAJOR BUG - it caused frequent, unpredictable - * crashes, and also frequently caused JB to jump to 100% - * CPU and stay there. (Because it thought it had just - * read ((unsigned)-1) == 4Gb of data...) - * - * - The signature of write_socket has changed, it now simply - * returns success=0/failure=nonzero. - * - * - Trying to get rid of a few warnings --with-debug on - * Windows, I've introduced a new type "jb_socket". This is - * used for the socket file descriptors. On Windows, this - * is SOCKET (a typedef for unsigned). Everywhere else, it's - * an int. The error value can't be -1 any more, so it's - * now JB_INVALID_SOCKET (which is -1 on UNIX, and in - * Windows it maps to the #define INVALID_SOCKET.) - * - * - The signature of bind_port has changed. - * - * Revision 1.11 2002/03/08 17:46:04 jongfoster - * Fixing int/size_t warnings - * - * Revision 1.10 2002/03/07 03:50:19 oes - * - Improved handling of failed DNS lookups - * - Fixed compiler warnings - * - * Revision 1.9 2001/10/25 03:40:48 david__schmidt - * Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple - * threads to call select() simultaneously. So, it's time to do a real, live, - * native OS/2 port. See defines for __EMX__ (the porting layer) vs. __OS2__ - * (native). Both versions will work, but using __OS2__ offers multi-threading. - * - * Revision 1.8 2001/09/13 20:10:12 jongfoster - * Fixing missing #include under Windows - * - * Revision 1.7 2001/09/12 17:58:26 steudten - * - * add #include - * - * Revision 1.6 2001/09/10 10:41:16 oes - * Added #include in.h - * - * Revision 1.5 2001/07/29 18:47:57 jongfoster - * Adding missing #include project.h - * - * Revision 1.4 2001/07/24 12:47:06 oes - * Applied BeOS support update by Eugenia - * - * Revision 1.3 2001/06/09 10:55:28 jongfoster - * Changing BUFSIZ ==> BUFFER_SIZE - * - * Revision 1.2 2001/06/07 23:11:38 jongfoster - * Removing gateways[] list - no longer used. - * Replacing function pointer in struct gateway with a directly - * called function forwarded_connect(), which can do the common - * task of deciding whether to connect to the web server or HTTP - * proxy. - * Replacing struct gateway with struct forward_spec - * Fixing bug with SOCKS4A and HTTP proxy server in combination. - * It was a bug which led to the connection being made to the web - * server rather than the HTTP proxy, and also a buffer overrun. - * - * Revision 1.1.1.1 2001/05/15 13:58:54 oes - * Initial import of version 2.9.3 source tree - * - * *********************************************************************/ - + #include "config.h" @@ -180,21 +55,27 @@ const char gateway_rcs[] = "$Id: gateway.c,v 1.26 2008/08/18 17:42:06 fabiankeil #include #endif /* def __BEOS__ */ -#ifdef __OS2__ -#include -#endif /* def __OS2__ */ - #include "project.h" #include "jcc.h" #include "errlog.h" #include "jbsockets.h" #include "gateway.h" #include "miscutil.h" - -const char gateway_h_rcs[] = GATEWAY_H_VERSION; - -static jb_socket socks4_connect(const struct forward_spec * fwd, - const char * target_host, +#include "list.h" +#include "parsers.h" + +#ifdef FEATURE_CONNECTION_KEEP_ALIVE +#ifdef HAVE_POLL +#ifdef __GLIBC__ +#include +#else +#include +#endif /* def __GLIBC__ */ +#endif /* HAVE_POLL */ +#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ + +static jb_socket socks4_connect(const struct forward_spec *fwd, + const char *target_host, int target_port, struct client_state *csp); @@ -203,21 +84,24 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, int target_port, struct client_state *csp); +enum { + SOCKS4_REQUEST_GRANTED = 90, + SOCKS4_REQUEST_REJECT = 91, + SOCKS4_REQUEST_IDENT_FAILED = 92, + SOCKS4_REQUEST_IDENT_CONFLICT = 93 +}; -#define SOCKS_REQUEST_GRANTED 90 -#define SOCKS_REQUEST_REJECT 91 -#define SOCKS_REQUEST_IDENT_FAILED 92 -#define SOCKS_REQUEST_IDENT_CONFLICT 93 - -#define SOCKS5_REQUEST_GRANTED 0 -#define SOCKS5_REQUEST_FAILED 1 -#define SOCKS5_REQUEST_DENIED 2 -#define SOCKS5_REQUEST_NETWORK_UNREACHABLE 3 -#define SOCKS5_REQUEST_HOST_UNREACHABLE 4 -#define SOCKS5_REQUEST_CONNECTION_REFUSED 5 -#define SOCKS5_REQUEST_TTL_EXPIRED 6 -#define SOCKS5_REQUEST_PROTOCOL_ERROR 7 -#define SOCKS5_REQUEST_BAD_ADDRESS_TYPE 8 +enum { + SOCKS5_REQUEST_GRANTED = 0, + SOCKS5_REQUEST_FAILED = 1, + SOCKS5_REQUEST_DENIED = 2, + SOCKS5_REQUEST_NETWORK_UNREACHABLE = 3, + SOCKS5_REQUEST_HOST_UNREACHABLE = 4, + SOCKS5_REQUEST_CONNECTION_REFUSED = 5, + SOCKS5_REQUEST_TTL_EXPIRED = 6, + SOCKS5_REQUEST_PROTOCOL_ERROR = 7, + SOCKS5_REQUEST_BAD_ADDRESS_TYPE = 8 +}; /* structure of a socks client operation */ struct socks_op { @@ -240,6 +124,530 @@ struct socks_reply { static const char socks_userid[] = "anonymous"; +#ifdef FEATURE_CONNECTION_SHARING +#ifndef FEATURE_CONNECTION_KEEP_ALIVE +#error Using FEATURE_CONNECTION_SHARING without FEATURE_CONNECTION_KEEP_ALIVE is impossible +#endif + +#define MAX_REUSABLE_CONNECTIONS 100 + +static struct reusable_connection reusable_connection[MAX_REUSABLE_CONNECTIONS]; +static int mark_connection_unused(const struct reusable_connection *connection); + +/********************************************************************* + * + * Function : initialize_reusable_connections + * + * Description : Initializes the reusable_connection structures. + * Must be called with connection_reuse_mutex locked. + * + * Parameters : N/A + * + * Returns : void + * + *********************************************************************/ +extern void initialize_reusable_connections(void) +{ + unsigned int slot = 0; + +#if !defined(HAVE_POLL) && !defined(_WIN32) + log_error(LOG_LEVEL_INFO, + "Detecting already dead connections might not work " + "correctly on your platform. In case of problems, " + "unset the keep-alive-timeout option."); +#endif + + for (slot = 0; slot < SZ(reusable_connection); slot++) + { + mark_connection_closed(&reusable_connection[slot]); + } + + log_error(LOG_LEVEL_CONNECT, "Initialized %d socket slots.", slot); +} + + +/********************************************************************* + * + * Function : remember_connection + * + * Description : Remembers a server connection for reuse later on. + * + * Parameters : + * 1 : connection = The server connection to remember. + * + * Returns : void + * + *********************************************************************/ +void remember_connection(const struct reusable_connection *connection) +{ + unsigned int slot = 0; + int free_slot_found = FALSE; + + assert(NULL != connection); + assert(connection->sfd != JB_INVALID_SOCKET); + + if (mark_connection_unused(connection)) + { + return; + } + + privoxy_mutex_lock(&connection_reuse_mutex); + + /* Find free socket slot. */ + for (slot = 0; slot < SZ(reusable_connection); slot++) + { + if (reusable_connection[slot].sfd == JB_INVALID_SOCKET) + { + assert(reusable_connection[slot].in_use == 0); + log_error(LOG_LEVEL_CONNECT, + "Remembering socket %d for %s:%d in slot %d.", + connection->sfd, connection->host, connection->port, slot); + free_slot_found = TRUE; + break; + } + } + + if (!free_slot_found) + { + log_error(LOG_LEVEL_CONNECT, + "No free slots found to remember socket for %s:%d. Last slot %d.", + connection->host, connection->port, slot); + privoxy_mutex_unlock(&connection_reuse_mutex); + close_socket(connection->sfd); + return; + } + + assert(slot < SZ(reusable_connection)); + assert(NULL != connection->host); + reusable_connection[slot].host = strdup_or_die(connection->host); + reusable_connection[slot].sfd = connection->sfd; + reusable_connection[slot].port = connection->port; + reusable_connection[slot].in_use = 0; + reusable_connection[slot].timestamp = connection->timestamp; + reusable_connection[slot].request_sent = connection->request_sent; + reusable_connection[slot].response_received = connection->response_received; + reusable_connection[slot].keep_alive_timeout = connection->keep_alive_timeout; + reusable_connection[slot].requests_sent_total = connection->requests_sent_total; + + assert(reusable_connection[slot].gateway_host == NULL); + assert(reusable_connection[slot].gateway_port == 0); + assert(reusable_connection[slot].auth_username == NULL); + assert(reusable_connection[slot].auth_password == NULL); + assert(reusable_connection[slot].forwarder_type == SOCKS_NONE); + assert(reusable_connection[slot].forward_host == NULL); + assert(reusable_connection[slot].forward_port == 0); + + reusable_connection[slot].forwarder_type = connection->forwarder_type; + if (NULL != connection->gateway_host) + { + reusable_connection[slot].gateway_host = strdup_or_die(connection->gateway_host); + } + else + { + reusable_connection[slot].gateway_host = NULL; + } + reusable_connection[slot].gateway_port = connection->gateway_port; + if (NULL != connection->auth_username) + { + reusable_connection[slot].auth_username = strdup_or_die(connection->auth_username); + } + else + { + reusable_connection[slot].auth_username = NULL; + } + if (NULL != connection->auth_password) + { + reusable_connection[slot].auth_password = strdup_or_die(connection->auth_password); + } + else + { + reusable_connection[slot].auth_password = NULL; + } + + if (NULL != connection->forward_host) + { + reusable_connection[slot].forward_host = strdup_or_die(connection->forward_host); + } + else + { + reusable_connection[slot].forward_host = NULL; + } + reusable_connection[slot].forward_port = connection->forward_port; + + privoxy_mutex_unlock(&connection_reuse_mutex); +} +#endif /* def FEATURE_CONNECTION_SHARING */ + + +/********************************************************************* + * + * Function : mark_connection_closed + * + * Description : Marks a reused connection closed. + * + * Parameters : + * 1 : closed_connection = The connection to mark as closed. + * + * Returns : void + * + *********************************************************************/ +void mark_connection_closed(struct reusable_connection *closed_connection) +{ + closed_connection->in_use = FALSE; + closed_connection->sfd = JB_INVALID_SOCKET; + freez(closed_connection->host); + closed_connection->port = 0; + closed_connection->timestamp = 0; + closed_connection->request_sent = 0; + closed_connection->response_received = 0; + closed_connection->keep_alive_timeout = 0; + closed_connection->requests_sent_total = 0; + closed_connection->forwarder_type = SOCKS_NONE; + freez(closed_connection->gateway_host); + closed_connection->gateway_port = 0; + freez(closed_connection->auth_username); + freez(closed_connection->auth_password); + freez(closed_connection->forward_host); + closed_connection->forward_port = 0; +} + + +#ifdef FEATURE_CONNECTION_SHARING +/********************************************************************* + * + * Function : forget_connection + * + * Description : Removes a previously remembered connection from + * the list of reusable connections. + * + * Parameters : + * 1 : sfd = The socket belonging to the connection in question. + * + * Returns : void + * + *********************************************************************/ +void forget_connection(jb_socket sfd) +{ + unsigned int slot = 0; + + assert(sfd != JB_INVALID_SOCKET); + + privoxy_mutex_lock(&connection_reuse_mutex); + + for (slot = 0; slot < SZ(reusable_connection); slot++) + { + if (reusable_connection[slot].sfd == sfd) + { + assert(reusable_connection[slot].in_use); + + log_error(LOG_LEVEL_CONNECT, + "Forgetting socket %d for %s:%d in slot %d.", + sfd, reusable_connection[slot].host, + reusable_connection[slot].port, slot); + mark_connection_closed(&reusable_connection[slot]); + break; + } + } + + privoxy_mutex_unlock(&connection_reuse_mutex); + +} +#endif /* def FEATURE_CONNECTION_SHARING */ + + +#ifdef FEATURE_CONNECTION_KEEP_ALIVE +/********************************************************************* + * + * Function : string_or_none + * + * Description : Returns a given string or "none" if a NULL pointer + * is given. + * Helper function for connection_destination_matches(). + * + * Parameters : + * 1 : string = The string to check. + * + * Returns : The string if non-NULL, "none" otherwise. + * + *********************************************************************/ +static const char *string_or_none(const char *string) +{ + return(string != NULL ? string : "none"); +} + + +/********************************************************************* + * + * Function : connection_detail_matches + * + * Description : Helper function for connection_destination_matches(). + * Compares strings which can be NULL. + * + * Parameters : + * 1 : connection_detail = The connection detail to compare. + * 2 : fowarder_detail = The forwarder detail to compare. + * + * Returns : TRUE for yes, FALSE otherwise. + * + *********************************************************************/ +static int connection_detail_matches(const char *connection_detail, + const char *forwarder_detail) +{ + if (connection_detail == NULL && forwarder_detail == NULL) + { + /* Both details are unset. */ + return TRUE; + } + + if ((connection_detail == NULL && forwarder_detail != NULL) + || (connection_detail != NULL && forwarder_detail == NULL)) + { + /* Only one detail isn't set. */ + return FALSE; + } + + /* Both details are set, but do they match? */ + return(!strcmpic(connection_detail, forwarder_detail)); + +} + + +/********************************************************************* + * + * Function : connection_destination_matches + * + * Description : Determines whether a remembered connection can + * be reused. That is, whether the destination and + * the forwarding settings match. + * + * Parameters : + * 1 : connection = The connection to check. + * 2 : http = The destination for the connection. + * 3 : fwd = The forwarder settings. + * + * Returns : TRUE for yes, FALSE otherwise. + * + *********************************************************************/ +int connection_destination_matches(const struct reusable_connection *connection, + const struct http_request *http, + const struct forward_spec *fwd) +{ + if ((connection->forwarder_type != fwd->type) + || (connection->gateway_port != fwd->gateway_port) + || (connection->forward_port != fwd->forward_port) + || (connection->port != http->port)) + { + return FALSE; + } + + if (!connection_detail_matches(connection->gateway_host, fwd->gateway_host)) + { + log_error(LOG_LEVEL_CONNECT, + "Gateway mismatch. Previous gateway: %s. Current gateway: %s", + string_or_none(connection->gateway_host), + string_or_none(fwd->gateway_host)); + return FALSE; + } + + if (!connection_detail_matches(connection->auth_username, fwd->auth_username)) + { + log_error(LOG_LEVEL_CONNECT, "Socks user name mismatch. " + "Previous user name: %s. Current user name: %s", + string_or_none(connection->auth_username), + string_or_none(fwd->auth_username)); + return FALSE; + } + + if (!connection_detail_matches(connection->auth_password, fwd->auth_password)) + { + log_error(LOG_LEVEL_CONNECT, "Socks user name mismatch. " + "Previous password: %s. Current password: %s", + string_or_none(connection->auth_password), + string_or_none(fwd->auth_password)); + return FALSE; + } + + if (!connection_detail_matches(connection->forward_host, fwd->forward_host)) + { + log_error(LOG_LEVEL_CONNECT, + "Forwarding proxy mismatch. Previous proxy: %s. Current proxy: %s", + string_or_none(connection->forward_host), + string_or_none(fwd->forward_host)); + return FALSE; + } + + return (!strcmpic(connection->host, http->host)); + +} +#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ + + +#ifdef FEATURE_CONNECTION_SHARING +/********************************************************************* + * + * Function : close_unusable_connections + * + * Description : Closes remembered connections that have timed + * out or have been closed on the other side. + * + * Parameters : none + * + * Returns : Number of connections that are still alive. + * + *********************************************************************/ +int close_unusable_connections(void) +{ + unsigned int slot = 0; + int connections_alive = 0; + + privoxy_mutex_lock(&connection_reuse_mutex); + + for (slot = 0; slot < SZ(reusable_connection); slot++) + { + if (!reusable_connection[slot].in_use + && (JB_INVALID_SOCKET != reusable_connection[slot].sfd)) + { + time_t time_open = time(NULL) - reusable_connection[slot].timestamp; + time_t latency = (reusable_connection[slot].response_received - + reusable_connection[slot].request_sent) / 2; + + if (reusable_connection[slot].keep_alive_timeout < time_open + latency) + { + log_error(LOG_LEVEL_CONNECT, + "The connection to %s:%d in slot %d timed out. " + "Closing socket %d. Timeout is: %d. Assumed latency: %ld.", + reusable_connection[slot].host, + reusable_connection[slot].port, slot, + reusable_connection[slot].sfd, + reusable_connection[slot].keep_alive_timeout, + latency); + close_socket(reusable_connection[slot].sfd); + mark_connection_closed(&reusable_connection[slot]); + } + else if (!socket_is_still_alive(reusable_connection[slot].sfd)) + { + log_error(LOG_LEVEL_CONNECT, + "The connection to %s:%d in slot %d is no longer usable. " + "Closing socket %d.", reusable_connection[slot].host, + reusable_connection[slot].port, slot, + reusable_connection[slot].sfd); + close_socket(reusable_connection[slot].sfd); + mark_connection_closed(&reusable_connection[slot]); + } + else + { + connections_alive++; + } + } + } + + privoxy_mutex_unlock(&connection_reuse_mutex); + + return connections_alive; + +} + + +/********************************************************************* + * + * Function : get_reusable_connection + * + * Description : Returns an open socket to a previously remembered + * open connection (if there is one). + * + * Parameters : + * 1 : http = The destination for the connection. + * 2 : fwd = The forwarder settings. + * + * Returns : JB_INVALID_SOCKET => No reusable connection found, + * otherwise a usable socket. + * + *********************************************************************/ +static jb_socket get_reusable_connection(const struct http_request *http, + const struct forward_spec *fwd) +{ + jb_socket sfd = JB_INVALID_SOCKET; + unsigned int slot = 0; + + close_unusable_connections(); + + privoxy_mutex_lock(&connection_reuse_mutex); + + for (slot = 0; slot < SZ(reusable_connection); slot++) + { + if (!reusable_connection[slot].in_use + && (JB_INVALID_SOCKET != reusable_connection[slot].sfd)) + { + if (connection_destination_matches(&reusable_connection[slot], http, fwd)) + { + reusable_connection[slot].in_use = TRUE; + sfd = reusable_connection[slot].sfd; + log_error(LOG_LEVEL_CONNECT, + "Found reusable socket %d for %s:%d in slot %d. Timestamp made %ld " + "seconds ago. Timeout: %d. Latency: %d. Requests served: %d", + sfd, reusable_connection[slot].host, reusable_connection[slot].port, + slot, time(NULL) - reusable_connection[slot].timestamp, + reusable_connection[slot].keep_alive_timeout, + (int)(reusable_connection[slot].response_received - + reusable_connection[slot].request_sent), + reusable_connection[slot].requests_sent_total); + break; + } + } + } + + privoxy_mutex_unlock(&connection_reuse_mutex); + + return sfd; + +} + + +/********************************************************************* + * + * Function : mark_connection_unused + * + * Description : Gives a remembered connection free for reuse. + * + * Parameters : + * 1 : connection = The connection in question. + * + * Returns : TRUE => Socket found and marked as unused. + * FALSE => Socket not found. + * + *********************************************************************/ +static int mark_connection_unused(const struct reusable_connection *connection) +{ + unsigned int slot = 0; + int socket_found = FALSE; + + assert(connection->sfd != JB_INVALID_SOCKET); + + privoxy_mutex_lock(&connection_reuse_mutex); + + for (slot = 0; slot < SZ(reusable_connection); slot++) + { + if (reusable_connection[slot].sfd == connection->sfd) + { + assert(reusable_connection[slot].in_use); + socket_found = TRUE; + log_error(LOG_LEVEL_CONNECT, + "Marking open socket %d for %s:%d in slot %d as unused.", + connection->sfd, reusable_connection[slot].host, + reusable_connection[slot].port, slot); + reusable_connection[slot].in_use = 0; + reusable_connection[slot].timestamp = connection->timestamp; + break; + } + } + + privoxy_mutex_unlock(&connection_reuse_mutex); + + return socket_found; + +} +#endif /* def FEATURE_CONNECTION_SHARING */ + /********************************************************************* * @@ -256,14 +664,26 @@ static const char socks_userid[] = "anonymous"; * Returns : JB_INVALID_SOCKET => failure, else it is the socket file descriptor. * *********************************************************************/ -jb_socket forwarded_connect(const struct forward_spec * fwd, +jb_socket forwarded_connect(const struct forward_spec *fwd, struct http_request *http, struct client_state *csp) { - const char * dest_host; + const char *dest_host; int dest_port; jb_socket sfd = JB_INVALID_SOCKET; +#ifdef FEATURE_CONNECTION_SHARING + if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_SHARING) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED)) + { + sfd = get_reusable_connection(http, fwd); + if (JB_INVALID_SOCKET != sfd) + { + return sfd; + } + } +#endif /* def FEATURE_CONNECTION_SHARING */ + /* Figure out if we need to connect to the web server or a HTTP proxy. */ if (fwd->forward_host) { @@ -282,6 +702,7 @@ jb_socket forwarded_connect(const struct forward_spec * fwd, switch (fwd->type) { case SOCKS_NONE: + case FORWARD_WEBSERVER: sfd = connect_to(dest_host, dest_port, csp); break; case SOCKS_4: @@ -289,12 +710,20 @@ jb_socket forwarded_connect(const struct forward_spec * fwd, sfd = socks4_connect(fwd, dest_host, dest_port, csp); break; case SOCKS_5: + case SOCKS_5T: sfd = socks5_connect(fwd, dest_host, dest_port, csp); break; default: /* Should never get here */ log_error(LOG_LEVEL_FATAL, - "SOCKS4 impossible internal error - bad SOCKS type."); + "Internal error in forwarded_connect(). Bad proxy type: %d", fwd->type); + } + + if (JB_INVALID_SOCKET != sfd) + { + log_error(LOG_LEVEL_CONNECT, + "Created new connection to %s:%d on socket %d.", + http->host, http->port, sfd); } return sfd; @@ -302,6 +731,51 @@ jb_socket forwarded_connect(const struct forward_spec * fwd, } +#ifdef FUZZ +/********************************************************************* + * + * Function : socks_fuzz + * + * Description : Wrapper around socks[45]_connect() used for fuzzing. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * + * Returns : JB_ERR_OK or JB_ERR_PARSE + * + *********************************************************************/ +extern jb_err socks_fuzz(struct client_state *csp) +{ + jb_socket socket; + static struct forward_spec fwd; + char target_host[] = "fuzz.example.org"; + int target_port = 12345; + + fwd.gateway_host = strdup_or_die("fuzz.example.org"); + fwd.gateway_port = 12345; + + fwd.type = SOCKS_4A; + socket = socks4_connect(&fwd, target_host, target_port, csp); + + if (JB_INVALID_SOCKET != socket) + { + fwd.type = SOCKS_5; + socket = socks5_connect(&fwd, target_host, target_port, csp); + } + + if (JB_INVALID_SOCKET == socket) + { + log_error(LOG_LEVEL_ERROR, "%s", csp->error_message); + return JB_ERR_PARSE; + } + + log_error(LOG_LEVEL_INFO, "Input looks like an acceptable socks response"); + + return JB_ERR_OK; + +} +#endif + /********************************************************************* * * Function : socks4_connect @@ -325,12 +799,12 @@ jb_socket forwarded_connect(const struct forward_spec * fwd, * Returns : JB_INVALID_SOCKET => failure, else a socket file descriptor. * *********************************************************************/ -static jb_socket socks4_connect(const struct forward_spec * fwd, - const char * target_host, +static jb_socket socks4_connect(const struct forward_spec *fwd, + const char *target_host, int target_port, struct client_state *csp) { - unsigned int web_server_addr; + unsigned long web_server_addr; char buf[BUFFER_SIZE]; struct socks_op *c = (struct socks_op *)buf; struct socks_reply *s = (struct socks_reply *)buf; @@ -356,7 +830,7 @@ static jb_socket socks4_connect(const struct forward_spec * fwd, if (err) { log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr); - csp->error_message = strdup(errstr); + csp->error_message = strdup(errstr); errno = EINVAL; return(JB_INVALID_SOCKET); } @@ -425,24 +899,23 @@ static jb_socket socks4_connect(const struct forward_spec * fwd, c->vn = 4; c->cd = 1; - c->dstport[0] = (unsigned char)((target_port >> 8 ) & 0xff); - c->dstport[1] = (unsigned char)((target_port ) & 0xff); - c->dstip[0] = (unsigned char)((web_server_addr >> 24 ) & 0xff); - c->dstip[1] = (unsigned char)((web_server_addr >> 16 ) & 0xff); - c->dstip[2] = (unsigned char)((web_server_addr >> 8 ) & 0xff); - c->dstip[3] = (unsigned char)((web_server_addr ) & 0xff); - + c->dstport[0] = (unsigned char)((target_port >> 8 ) & 0xff); + c->dstport[1] = (unsigned char)((target_port ) & 0xff); + c->dstip[0] = (unsigned char)((web_server_addr >> 24) & 0xff); + c->dstip[1] = (unsigned char)((web_server_addr >> 16) & 0xff); + c->dstip[2] = (unsigned char)((web_server_addr >> 8) & 0xff); + c->dstip[3] = (unsigned char)((web_server_addr ) & 0xff); + +#ifdef FUZZ + sfd = 0; +#else /* pass the request to the socks server */ sfd = connect_to(fwd->gateway_host, fwd->gateway_port, csp); if (sfd == JB_INVALID_SOCKET) { - /* - * XXX: connect_to should fill in the exact reason. - * Most likely resolving the IP of the forwarder failed. - */ - errstr = "connect_to failed: see logfile for details"; - err = 1; + /* The error an its reason have already been logged by connect_to() */ + return(JB_INVALID_SOCKET); } else if (write_socket(sfd, (char *)c, csiz)) { @@ -451,7 +924,23 @@ static jb_socket socks4_connect(const struct forward_spec * fwd, err = 1; close_socket(sfd); } - else if (read_socket(sfd, buf, sizeof(buf)) != sizeof(*s)) + else if (!data_is_available(sfd, csp->config->socket_timeout)) + { + if (socket_is_still_alive(sfd)) + { + errstr = "SOCKS4 negotiation timed out"; + } + else + { + errstr = "SOCKS4 negotiation got aborted by the server"; + } + log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr); + err = 1; + close_socket(sfd); + } + else +#endif + if (read_socket(sfd, buf, sizeof(buf)) != sizeof(*s)) { errstr = "SOCKS4 negotiation read failed."; log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr); @@ -461,25 +950,24 @@ static jb_socket socks4_connect(const struct forward_spec * fwd, if (err) { - csp->error_message = strdup(errstr); + csp->error_message = strdup(errstr); return(JB_INVALID_SOCKET); } switch (s->cd) { - case SOCKS_REQUEST_GRANTED: + case SOCKS4_REQUEST_GRANTED: return(sfd); - break; - case SOCKS_REQUEST_REJECT: + case SOCKS4_REQUEST_REJECT: errstr = "SOCKS request rejected or failed."; errno = EINVAL; break; - case SOCKS_REQUEST_IDENT_FAILED: + case SOCKS4_REQUEST_IDENT_FAILED: errstr = "SOCKS request rejected because " "SOCKS server cannot connect to identd on the client."; errno = EACCES; break; - case SOCKS_REQUEST_IDENT_CONFLICT: + case SOCKS4_REQUEST_IDENT_CONFLICT: errstr = "SOCKS request rejected because " "the client program and identd report " "different user-ids."; @@ -524,7 +1012,7 @@ static const char *translate_socks5_error(int socks_error) case SOCKS5_REQUEST_NETWORK_UNREACHABLE: return "SOCKS5 network unreachable"; case SOCKS5_REQUEST_HOST_UNREACHABLE: - return "SOCKS5 host unreachable"; + return "SOCKS5 destination host unreachable"; case SOCKS5_REQUEST_CONNECTION_REFUSED: return "SOCKS5 connection refused"; case SOCKS5_REQUEST_TTL_EXPIRED: @@ -540,6 +1028,7 @@ static const char *translate_socks5_error(int socks_error) } } + /********************************************************************* * * Function : socks5_connect @@ -564,9 +1053,12 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, int target_port, struct client_state *csp) { +#define SIZE_SOCKS5_REPLY_IPV4 10 +#define SIZE_SOCKS5_REPLY_IPV6 22 +#define SOCKS5_REPLY_DIFFERENCE (SIZE_SOCKS5_REPLY_IPV6 - SIZE_SOCKS5_REPLY_IPV4) int err = 0; char cbuf[300]; - char sbuf[30]; + char sbuf[SIZE_SOCKS5_REPLY_IPV6]; size_t client_pos = 0; int server_size = 0; size_t hostlen = 0; @@ -592,13 +1084,13 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, } hostlen = strlen(target_host); - if (hostlen > 255) + if (hostlen > (size_t)255) { errstr = "target host name is longer than 255 characters"; err = 1; } - if (fwd->type != SOCKS_5) + if ((fwd->type != SOCKS_5) && (fwd->type != SOCKS_5T)) { /* Should never get here */ log_error(LOG_LEVEL_FATAL, @@ -615,6 +1107,10 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, return(JB_INVALID_SOCKET); } +#ifdef FUZZ + sfd = 0; + if (!err && read_socket(sfd, sbuf, 2) != 2) +#else /* pass the request to the socks server */ sfd = connect_to(fwd->gateway_host, fwd->gateway_port, csp); @@ -622,13 +1118,24 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, { errstr = "socks5 server unreachable"; log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr); + /* Free the generic error message provided by connect_to() */ + freez(csp->error_message); csp->error_message = strdup(errstr); return(JB_INVALID_SOCKET); } client_pos = 0; cbuf[client_pos++] = '\x05'; /* Version */ - cbuf[client_pos++] = '\x01'; /* One authentication method supported */ + + if (fwd->auth_username && fwd->auth_password) + { + cbuf[client_pos++] = '\x02'; /* Two authentication methods supported */ + cbuf[client_pos++] = '\x02'; /* Username/password */ + } + else + { + cbuf[client_pos++] = '\x01'; /* One authentication method supported */ + } cbuf[client_pos++] = '\x00'; /* The no authentication authentication method */ if (write_socket(sfd, cbuf, client_pos)) @@ -639,8 +1146,21 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, close_socket(sfd); return(JB_INVALID_SOCKET); } + if (!data_is_available(sfd, csp->config->socket_timeout)) + { + if (socket_is_still_alive(sfd)) + { + errstr = "SOCKS5 negotiation timed out"; + } + else + { + errstr = "SOCKS5 negotiation got aborted by the server"; + } + err = 1; + } - if (read_socket(sfd, sbuf, sizeof(sbuf)) != 2) + if (!err && read_socket(sfd, sbuf, sizeof(sbuf)) != 2) +#endif { errstr = "SOCKS5 negotiation read failed"; err = 1; @@ -658,7 +1178,51 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, err = 1; } - if (!err && (sbuf[1] != '\x00')) + if (!err && (sbuf[1] == '\x02')) + { + /* check cbuf overflow */ + size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3; + if (auth_len > sizeof(cbuf)) + { + errstr = "SOCKS5 username and/or password too long"; + err = 1; + } + + if (!err) + { + client_pos = 0; + cbuf[client_pos++] = '\x01'; /* Version */ + cbuf[client_pos++] = (char)strlen(fwd->auth_username); + + memcpy(cbuf + client_pos, fwd->auth_username, strlen(fwd->auth_username)); + client_pos += strlen(fwd->auth_username); + cbuf[client_pos++] = (char)strlen(fwd->auth_password); + memcpy(cbuf + client_pos, fwd->auth_password, strlen(fwd->auth_password)); + client_pos += strlen(fwd->auth_password); + + if (write_socket(sfd, cbuf, client_pos)) + { + errstr = "SOCKS5 negotiation auth write failed"; + csp->error_message = strdup(errstr); + log_error(LOG_LEVEL_CONNECT, "%s", errstr); + close_socket(sfd); + return(JB_INVALID_SOCKET); + } + + if (read_socket(sfd, sbuf, sizeof(sbuf)) != 2) + { + errstr = "SOCKS5 negotiation auth read failed"; + err = 1; + } + } + + if (!err && (sbuf[1] != '\x00')) + { + errstr = "SOCKS5 authentication failed"; + err = 1; + } + } + else if (!err && (sbuf[1] != '\x00')) { errstr = "SOCKS5 negotiation protocol error"; err = 1; @@ -680,16 +1244,17 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, cbuf[client_pos++] = '\x00'; /* Reserved, must be 0x00 */ cbuf[client_pos++] = '\x03'; /* Address is domain name */ cbuf[client_pos++] = (char)(hostlen & 0xffu); - assert(sizeof(cbuf) - client_pos > 255); + assert(sizeof(cbuf) - client_pos > (size_t)255); /* Using strncpy because we really want the nul byte padding. */ - strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos); + strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos - 1); client_pos += (hostlen & 0xffu); - cbuf[client_pos++] = (char)((target_port >> 8) & 0xffu); - cbuf[client_pos++] = (char)((target_port ) & 0xffu); + cbuf[client_pos++] = (char)((target_port >> 8) & 0xff); + cbuf[client_pos++] = (char)((target_port ) & 0xff); +#ifndef FUZZ if (write_socket(sfd, cbuf, client_pos)) { - errstr = "SOCKS5 negotiation read failed"; + errstr = "SOCKS5 negotiation write failed"; csp->error_message = strdup(errstr); log_error(LOG_LEVEL_CONNECT, "%s", errstr); close_socket(sfd); @@ -697,40 +1262,102 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, return(JB_INVALID_SOCKET); } - server_size = read_socket(sfd, sbuf, sizeof(sbuf)); - if (server_size < 3) - { - errstr = "SOCKS5 negotiation read failed"; - err = 1; - } - else if (server_size > 20) + /* + * Optimistically send the HTTP request with the initial + * SOCKS request if the user enabled the use of Tor extensions, + * the CONNECT method isn't being used (in which case the client + * doesn't send data until it gets our 200 response) and the + * client request has actually been completely read already. + */ + if ((fwd->type == SOCKS_5T) && (csp->http->ssl == 0) + && (csp->flags & CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ)) { - /* This is somewhat unexpected but doesn't realy matter. */ - log_error(LOG_LEVEL_CONNECT, "socks5_connect: read %d bytes " - "from socks server. Would have accepted up to %d.", - server_size, sizeof(sbuf)); - } + char *client_headers = list_to_text(csp->headers); + size_t header_length; - if (!err && (sbuf[0] != '\x05')) - { - errstr = "SOCKS5 negotiation protocol version error"; - err = 1; + if (client_headers == NULL) + { + log_error(LOG_LEVEL_FATAL, "Out of memory rebuilding client headers"); + } + list_remove_all(csp->headers); + header_length= strlen(client_headers); + + log_error(LOG_LEVEL_CONNECT, + "Optimistically sending %lu bytes of client headers intended for %s", + header_length, csp->http->hostport); + + if (write_socket(sfd, client_headers, header_length)) + { + log_error(LOG_LEVEL_CONNECT, + "optimistically writing header to: %s failed: %E", csp->http->hostport); + freez(client_headers); + return(JB_INVALID_SOCKET); + } + freez(client_headers); + if (csp->expected_client_content_length != 0) + { + unsigned long long buffered_request_bytes = + (unsigned long long)(csp->client_iob->eod - csp->client_iob->cur); + log_error(LOG_LEVEL_CONNECT, + "Optimistically sending %llu bytes of client body. Expected %llu", + csp->expected_client_content_length, buffered_request_bytes); + assert(csp->expected_client_content_length == buffered_request_bytes); + if (write_socket(sfd, csp->client_iob->cur, buffered_request_bytes)) + { + log_error(LOG_LEVEL_CONNECT, + "optimistically writing %llu bytes of client body to: %s failed: %E", + buffered_request_bytes, csp->http->hostport); + return(JB_INVALID_SOCKET); + } + clear_iob(csp->client_iob); + } } +#endif - if (!err && (sbuf[2] != '\x00')) + server_size = read_socket(sfd, sbuf, SIZE_SOCKS5_REPLY_IPV4); + if (server_size != SIZE_SOCKS5_REPLY_IPV4) { - errstr = "SOCKS5 negotiation protocol error"; - err = 1; + errstr = "SOCKS5 negotiation read failed"; } - - if (!err) + else { - if (sbuf[1] == SOCKS5_REQUEST_GRANTED) + if (sbuf[0] != '\x05') { - return(sfd); + errstr = "SOCKS5 negotiation protocol version error"; + } + else if (sbuf[2] != '\x00') + { + errstr = "SOCKS5 negotiation protocol error"; + } + else if (sbuf[1] != SOCKS5_REQUEST_GRANTED) + { + errstr = translate_socks5_error(sbuf[1]); + } + else + { + if (sbuf[3] == '\x04') + { + /* + * The address field contains an IPv6 address + * which means we didn't get the whole reply + * yet. Read and discard the rest of it to make + * sure it isn't treated as HTTP data later on. + */ + server_size = read_socket(sfd, sbuf, SOCKS5_REPLY_DIFFERENCE); + if (server_size != SOCKS5_REPLY_DIFFERENCE) + { + errstr = "SOCKS5 negotiation read failed (IPv6 address)"; + } + } + else if (sbuf[3] != '\x01') + { + errstr = "SOCKS5 reply contains unsupported address type"; + } + if (errstr == NULL) + { + return(sfd); + } } - errstr = translate_socks5_error(sbuf[1]); - err = 1; } assert(errstr != NULL);