From 414b0984713f8fa01ae4f8729e31c7fa15bf3773 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 21 May 2012 00:04:35 +0000 Subject: [PATCH] - more --- src/gns/gnocksy/gnocksy.c | 180 ++++++++++++++++++++++++++----------- src/gns/gnocksy/gns_glue.c | 25 ++++++ src/gns/gnocksy/gns_glue.h | 24 +++++ src/gns/gnocksy/protocol.h | 6 ++ 4 files changed, 181 insertions(+), 54 deletions(-) diff --git a/src/gns/gnocksy/gnocksy.c b/src/gns/gnocksy/gnocksy.c index 49b7d72bd..df5f06940 100644 --- a/src/gns/gnocksy/gnocksy.c +++ b/src/gns/gnocksy/gnocksy.c @@ -8,6 +8,11 @@ * Note: Only supports addr type 3 (domain) for now. * Chrome uses it automatically * For FF: about:config -> network.proxy.socks_remote_dns true + * + * TODO + * - zkey shorten + * - LEHO replacement and glue + * - SSL */ #include @@ -30,7 +35,8 @@ #define MAXEVENTS 64 -#define DEBUG 1 +#define DEBUG 0 +#define VERBOSE 1 #define HTML_HDR_CONTENT "Content-Type: text/html\r\n" @@ -38,6 +44,9 @@ #define RE_N_MATCHES 4 +#define HTTP_PORT 80 +#define HTTPS_PORT 443 + static struct MHD_Daemon *mhd_daemon; static regex_t re_dotplus; @@ -65,7 +74,6 @@ curl_write_data (void *buffer, size_t size, size_t nmemb, void* cls) if (br->MHD_CURL_BUF_STATUS == BUF_WAIT_FOR_MHD) { pthread_mutex_unlock ( &br->m_buf ); - printf( "waiting for mhd to process data... pausing curl\n"); return CURL_WRITEFUNC_PAUSE; } @@ -83,10 +91,12 @@ curl_write_data (void *buffer, size_t size, size_t nmemb, void* cls) if (nomatch) { - printf ("No more matches\n"); + if (DEBUG) + printf ("No more matches\n"); if ((p-new_buf) < 0) { - printf ("Error pMHD_CURL_BUF+bytes_copied, p, bytes-(p-new_buf)); @@ -121,7 +131,8 @@ curl_write_data (void *buffer, size_t size, size_t nmemb, void* cls) bytes_copied += strlen (new_host); p += m[3].rm_so+1; - printf ("Done. Next in %d bytes\n", m[3].rm_so); + if (DEBUG) + printf ("Done. Next in %d bytes\n", m[3].rm_so); //TODO check buf lenghts! } @@ -140,7 +151,8 @@ curl_write_data (void *buffer, size_t size, size_t nmemb, void* cls) //MHD_destroy_response (response); - printf( "buffer: %s\n", (char*)br->MHD_CURL_BUF ); + if (DEBUG) + printf( "buffer:\n%s\n", (char*)br->MHD_CURL_BUF ); return bytes; } @@ -153,8 +165,9 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void* cls) memcpy(hdr, buffer, bytes); hdr[bytes] = '\0'; - - printf ("got hdr: %s\n", hdr); + + if (DEBUG) + printf ("got hdr: %s", hdr); if (0 == strcmp(hdr, HTML_HDR_CONTENT)) br->res_is_html = 1; @@ -288,8 +301,9 @@ connect_to_domain (struct hostent* phost, uint16_t srv_port) srv_addr.sin_family = AF_INET; srv_addr.sin_addr.s_addr = srv_ip; srv_addr.sin_port = srv_port; - printf("target server: %s:%u\n", inet_ntoa(srv_addr.sin_addr), - ntohs(srv_port)); + if (DEBUG) + printf("target server: %s:%u\n", inet_ntoa(srv_addr.sin_addr), + ntohs(srv_port)); if (connect (conn_fd, (struct sockaddr*)&srv_addr, sizeof (struct sockaddr)) < 0) @@ -370,7 +384,6 @@ mhd_content_cb (void* cls, pthread_mutex_lock ( &br->m_buf ); if ( br->MHD_CURL_BUF_STATUS == BUF_WAIT_FOR_CURL ) { - printf("waiting for curl...\n"); pthread_mutex_unlock ( &br->m_buf ); return 0; } @@ -486,6 +499,9 @@ int main ( int argc, char *argv[] ) socklen_t in_len; int infd; char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV]; + + /* port offset for ssl daemons */ + int i_ssl = 1; int done; ssize_t count; @@ -627,6 +643,8 @@ int main ( int argc, char *argv[] ) while (1) { + memset (buf, 0, sizeof (buf)); + count = read (br->fd, buf, sizeof (buf)); if (count == -1) @@ -659,6 +677,8 @@ int main ( int argc, char *argv[] ) if (br->status == SOCKS5_INIT) { + if (DEBUG) + printf ("SOCKS5 init for %d\n", br->fd); hello.version = 0x05; hello.auth_method = 0; write (br->fd, &hello, sizeof (hello)); @@ -677,37 +697,81 @@ int main ( int argc, char *argv[] ) strncpy(domain, (char*)(&(req->addr_type) + 2), dom_len); req_port = *((uint16_t*)(&(req->addr_type) + 2 + dom_len)); + if (DEBUG) + printf ("Requested connection is %s:%d\n", + domain, + ntohs(req_port)); + phost = (struct hostent*)gethostbyname (domain); if (phost == NULL) { - printf ("Resolve %s error!\n" , domain ); + if (VERBOSE) + printf ("Resolve %s error!\n" , domain ); resp.version = 0x05; resp.reply = 0x01; write (br->fd, &resp, sizeof (struct socks5_server_response)); break; } + if (DEBUG) + printf ("trying to add %d to MHD\n", br->fd); + if ( -1 != is_tld (domain, ".gnunet") ) { strcpy (br->host, domain); - if (NULL == mhd_daemon) + if (HTTP_PORT == ntohs(req_port)) { - mhd_daemon = MHD_start_daemon( MHD_USE_THREAD_PER_CONNECTION, - 8080, - &access_cb, br, - &accept_cb, br, - MHD_OPTION_END); + br->use_ssl = 0; + if (NULL == mhd_daemon) + { + mhd_daemon = + MHD_start_daemon( MHD_USE_THREAD_PER_CONNECTION, + 8080, + &access_cb, br, + &accept_cb, br, + MHD_OPTION_END); + } + if (MHD_YES != MHD_add_connection (mhd_daemon, + br->fd, + &br->addr, + br->addr_len)) + { + if (VERBOSE) + printf ("Error adding %d to mhd\n", br->fd); + } } - - printf ("trying to add to MHD\n"); - if (MHD_YES != MHD_add_connection (mhd_daemon, - br->fd, - &br->addr, - br->addr_len)) + + if (HTTPS_PORT == ntohs(req_port)) { - printf ("Error adding %d to mhd\n", br->fd); + /* + * custom daemon for SSL requests + * TODO make more efficient with + * per name SSL daemons? + */ + br->use_ssl = 1; + br->ssl_daemon = + MHD_start_daemon( MHD_USE_THREAD_PER_CONNECTION | + MHD_USE_SSL, + 8080+i_ssl, + NULL, NULL, + &accept_cb, br, + MHD_OPTION_HTTPS_MEM_KEY, NULL, + MHD_OPTION_HTTPS_MEM_CERT, NULL, + MHD_OPTION_END); + + i_ssl++; + + if (MHD_YES != MHD_add_connection (br->ssl_daemon, + br->fd, + &br->addr, + br->addr_len)) + { + if (VERBOSE) + printf ("Error adding %d to mhd\n", br->fd); + } } + event.events = EPOLLIN | EPOLLET; epoll_ctl (efd, EPOLL_CTL_DEL, br->fd, &event); @@ -716,43 +780,51 @@ int main ( int argc, char *argv[] ) resp.reserved = 0x00; resp.addr_type = 0x01; write (br->fd, &resp, 10); - break; } + else + { - conn_fd = connect_to_domain (phost, req_port); + conn_fd = connect_to_domain (phost, req_port); - if (-1 == conn_fd) - { + if (-1 == conn_fd) + { + if (VERBOSE) + printf("cannot create remote connection from %d to %s:%d\n", + br->fd, domain, ntohs(req_port)); resp.version = 0x05; resp.reply = 0x01; write (br->fd, &resp, 10); - } - else - { - if (DEBUG) - printf("new remote connection %d to %d\n", br->fd, conn_fd); - resp.version = 0x05; - resp.reply = 0x00; - resp.reserved = 0x00; - resp.addr_type = 0x01; + } + else + { + if (VERBOSE) + printf("new remote connection %d to %d\n", br->fd, conn_fd); + resp.version = 0x05; + resp.reply = 0x00; + resp.reserved = 0x00; + resp.addr_type = 0x01; - new_br = malloc (sizeof (struct socks5_bridge)); - br->remote_end = new_br; - br->status = SOCKS5_DATA_TRANSFER; - new_br->fd = conn_fd; - new_br->remote_end = br; - new_br->status = SOCKS5_DATA_TRANSFER; - - event.data.ptr = new_br; - event.events = EPOLLIN | EPOLLET; - epoll_ctl (efd, EPOLL_CTL_ADD, conn_fd, &event); - write (br->fd, &resp, 10); + new_br = malloc (sizeof (struct socks5_bridge)); + if (br->remote_end != NULL) + printf ("WARNING remote end was not NULL!\n"); + br->remote_end = new_br; + br->status = SOCKS5_DATA_TRANSFER; + new_br->fd = conn_fd; + new_br->remote_end = br; + new_br->status = SOCKS5_DATA_TRANSFER; + + event.data.ptr = new_br; + event.events = EPOLLIN | EPOLLET; + epoll_ctl (efd, EPOLL_CTL_ADD, conn_fd, &event); + write (br->fd, &resp, 10); + } } } else { - printf("not implemented address type %02X\n", (int)req->addr_type); + if (DEBUG) + printf("not implemented address type %02X\n", (int)req->addr_type); } } @@ -766,14 +838,14 @@ int main ( int argc, char *argv[] ) if (done) { - close (br->fd); + //close (br->fd); if (br->remote_end) { - close (br->remote_end->fd); - free(br->remote_end); + //close (br->remote_end->fd); + //free(br->remote_end); } - free(br); + //free(br); } } } diff --git a/src/gns/gnocksy/gns_glue.c b/src/gns/gnocksy/gns_glue.c index 25a6d0e83..54e6916fc 100644 --- a/src/gns/gnocksy/gns_glue.c +++ b/src/gns/gnocksy/gns_glue.c @@ -1,6 +1,14 @@ #include #include +/* + * Glue function to return the authoritative part + * of a name. i.e. the site of origin + * + * @param name the name to process + * @param auth pointer where the result is stored + * @return 0 on success < 0 on failure + */ int gns_glue_get_auth ( char* name, char* auth ) { @@ -31,6 +39,14 @@ gns_glue_get_auth ( char* name, char* auth ) return -1; } +/* + * Glue function to return the short version of + * a given name + * + * @param name the name to shorten + * @param shortened pointer where the result will be stored + * @return 0 on success < 0 on failure + */ int gns_glue_shorten ( char* name, char* shortened ) { @@ -61,6 +77,15 @@ gns_glue_shorten ( char* name, char* shortened ) return -1; } + +/* + * Glue function to expand .+ urls and shorted the + * resulting name + * + * @param to_expand the .+ name to expand + * @param host the site of origin + * @param shortened the expanded and shortened result pointer + */ int gns_glue_expand_and_shorten( char* to_expand, char* host, char* shortened ) { diff --git a/src/gns/gnocksy/gns_glue.h b/src/gns/gnocksy/gns_glue.h index 403a1a973..7a872d683 100644 --- a/src/gns/gnocksy/gns_glue.h +++ b/src/gns/gnocksy/gns_glue.h @@ -1,9 +1,33 @@ +/* + * Glue function to return the authoritative part + * of a name. i.e. the site of origin + * + * @param name the name to process + * @param auth pointer where the result is stored + * @return 0 on success < 0 on failure + */ int gns_glue_get_auth ( char* name, char* auth ); +/* + * Glue function to return the short version of + * a given name + * + * @param name the name to shorten + * @param shortened pointer where the result will be stored + * @return 0 on success < 0 on failure + */ int gns_glue_shorten ( char* name, char* shortened); +/* + * Glue function to expand .+ urls and shorted the + * resulting name + * + * @param to_expand the .+ name to expand + * @param host the site of origin + * @param shortened the expanded and shortened result pointer + */ int gns_glue_expand_and_shorten (char* to_expand, char* host, diff --git a/src/gns/gnocksy/protocol.h b/src/gns/gnocksy/protocol.h index 4f7e23675..a6f22a64b 100644 --- a/src/gns/gnocksy/protocol.h +++ b/src/gns/gnocksy/protocol.h @@ -50,6 +50,12 @@ struct socks5_bridge socklen_t addr_len; char host[256]; int status; + + /* This is an ssl bridge? */ + int use_ssl; + + /* if use_ssl=1 we have a daemon associated */ + struct MHD_Daemon *ssl_daemon; /* http url + host */ char* full_url; -- 2.25.1