48#define UP_TYPE_SOCKS "SOCKS Proxy"
86 volatile int *signal_received)
104 msg(
M_NONFATAL,
"SOCKS username and/or password exceeds 255 characters. "
105 "Authentication not possible.");
109 int sret = snprintf(to_send,
sizeof(to_send),
"\x01%c%s%c%s", (
int)strlen(creds.
username),
111 ASSERT(sret <=
sizeof(to_send));
113 size = send(sd, to_send, strlen(to_send),
MSG_NOSIGNAL);
115 if (size != strlen(to_send))
118 "socks_username_password_auth: TCP port write failed on send()");
135 status = select(sd + 1, &reads, NULL, NULL, &tv);
138 if (*signal_received)
147 "socks_username_password_auth: TCP port read timeout expired");
155 "socks_username_password_auth: TCP port read failed on select()");
166 "socks_username_password_auth: TCP port read failed on recv()");
175 if (buf[0] != 5 && buf[1] != 0)
177 msg(
D_LINK_ERRORS,
"socks_username_password_auth: server refused the authentication");
190 struct event_timeout *server_poll_timeout,
volatile int *signal_received)
197 char method_sel[3] = { 0x05, 0x01, 0x00 };
200 method_sel[2] = 0x02;
202 size = send(sd, method_sel,
sizeof(method_sel),
MSG_NOSIGNAL);
203 if (size !=
sizeof(method_sel))
222 status = select(sd + 1, &reads, NULL, NULL, &tv);
225 if (*signal_received)
259 if (buf[0] !=
'\x05')
266 if (buf[1] != method_sel[2])
268 msg(
D_LINK_ERRORS,
"socks_handshake: Socks proxy returned unexpected auth");
282 "socks_handshake: server asked for username/login auth but we were "
283 "not provided any credentials");
304 struct event_timeout *server_poll_timeout,
volatile int *signal_received)
313 addr->
addr.
in4.sin_family = AF_INET;
314 addr->
addr.
in4.sin_addr.s_addr = htonl(INADDR_ANY);
315 addr->
addr.
in4.sin_port = htons(0);
318 while (len < 4 + alen + 2)
331 status = select(sd + 1, &reads, NULL, NULL, &tv);
334 if (*signal_received)
364 msg(
D_LINK_ERRORS,
"ERROR: recv_socks_reply: empty response from socks server");
385 alen = (
unsigned char)c + 1;
393 msg(
D_LINK_ERRORS,
"recv_socks_reply: Socks proxy returned bad address type");
399 if (len < (
int)
sizeof(buf))
407 if (buf[0] !=
'\x05' || buf[1] !=
'\x00')
414 if (atyp ==
'\x01' && addr != NULL)
416 memcpy(&addr->
addr.
in4.sin_addr, buf + 4,
sizeof(addr->
addr.
in4.sin_addr));
417 memcpy(&addr->
addr.
in4.sin_port, buf + 8,
sizeof(addr->
addr.
in4.sin_port));
431 port = atoi(servname);
432 if (port > 0 && port < 65536)
438 service = getservbyname(servname, NULL);
451 const char *servname,
470 len = (5 + len + 2 >
sizeof(buf)) ? (
sizeof(buf) - 5 - 2) : len;
473 memcpy(buf + 5, host, len);
478 msg(
D_LINK_ERRORS,
"establish_socks_proxy_passthrough: Cannot convert %s to port number",
483 buf[5 + len] = (char)(port >> 8);
484 buf[5 + len + 1] = (char)(port & 0xff);
487 const ssize_t size = send(sd, buf, 5 + len + 2,
MSG_NOSIGNAL);
488 if ((
int)size != 5 + (
int)len + 2)
491 "establish_socks_proxy_passthru: TCP port write failed on send()");
528 send(ctrl_sd,
"\x05\x03\x00\x01\x00\x00\x00\x00\x00\x00", 10,
MSG_NOSIGNAL);
532 "establish_socks_proxy_passthru: TCP port write failed on send()");
612 buf_write(&head, &
to->dest.addr.in4.sin_addr,
sizeof(
to->dest.addr.in4.sin_addr));
613 buf_write(&head, &
to->dest.addr.in4.sin_port,
sizeof(
to->dest.addr.in4.sin_port));
struct buffer buf_sub(struct buffer *buf, int size, bool prepend)
static bool buf_write_u16(struct buffer *dest, uint16_t data)
static int buf_read_u16(struct buffer *buf)
static bool buf_read(struct buffer *src, void *dest, int size)
static void secure_memzero(void *data, size_t len)
Securely zeroise memory.
static bool buf_write(struct buffer *dest, const void *src, size_t size)
static bool buf_write_u8(struct buffer *dest, uint8_t data)
static int buf_read_u8(struct buffer *buf)
static void strncpynt(char *dest, const char *src, size_t maxlen)
static void gc_free(struct gc_arena *a)
#define ALLOC_OBJ_CLEAR(dptr, type)
static bool buf_defined(const struct buffer *buf)
static struct gc_arena gc_new(void)
static void openvpn_fd_set(socket_descriptor_t fd, fd_set *setp)
int get_server_poll_remaining_time(struct event_timeout *server_poll_timeout)
Interface functions to the internal and external multiplexers.
static SERVICE_STATUS status
static SERVICE_STATUS_HANDLE service
#define GET_USER_PASS_MANAGEMENT
static bool get_user_pass(struct user_pass *up, const char *auth_file, const char *prefix, const unsigned int flags)
Retrieves the user credentials from various sources depending on the flags.
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
static void get_signal(volatile int *sig)
Copy the global signal_received (if non-zero) to the passed-in argument sig.
static const char * print_openvpn_sockaddr(const struct openvpn_sockaddr *addr, struct gc_arena *gc)
static int port_from_servname(const char *servname)
void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, const char *host, const char *servname, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
static bool socks_handshake(struct socks_proxy_info *p, socket_descriptor_t sd, struct event_timeout *server_poll_timeout, volatile int *signal_received)
int socks_process_outgoing_udp(struct buffer *buf, const struct link_socket_actual *to)
static bool socks_username_password_auth(struct socks_proxy_info *p, socket_descriptor_t sd, struct event_timeout *server_poll_timeout, volatile int *signal_received)
void socks_process_incoming_udp(struct buffer *buf, struct link_socket_actual *from)
static bool recv_socks_reply(socket_descriptor_t sd, struct openvpn_sockaddr *addr, struct event_timeout *server_poll_timeout, volatile int *signal_received)
struct socks_proxy_info * socks_proxy_new(const char *server, const char *port, const char *authfile)
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
void socks_proxy_close(struct socks_proxy_info *sp)
Wrapper structure for dynamically allocated memory.
int len
Length in bytes of the actual content within the allocated memory.
Garbage collection arena used to keep track of dynamically allocated memory.
struct openvpn_sockaddr dest
union openvpn_sockaddr::@27 addr
volatile int signal_received
char password[USER_PASS_LEN]
char username[USER_PASS_LEN]
SOCKET socket_descriptor_t
static int cleanup(void **state)