/* returns 0 when it could create lock, or -1 on error */
int xiowaitlock(const char *lockfile, struct timespec *intervall) {
int rc;
int level = E_NOTICE; /* first print a notice */
while ((rc = xiogetlock(lockfile)) == 1) {
Msg1(level, "waiting for lock \"%s\"", lockfile);
level = E_INFO; /* afterwards only make info */
Nanosleep(intervall, NULL);
}
return rc;
}
/* perform socks4 client dialog on existing FD.
Called within fork/retry loop, after connect() */
int _xioopen_socks4_connect(struct single *xfd,
struct socks4 *sockhead,
size_t headlen,
int level) {
ssize_t bytes;
int result;
unsigned char buff[SIZEOF_STRUCT_SOCKS4];
struct socks4 *replyhead = (struct socks4 *)buff;
char *destdomname = NULL;
/* send socks header (target addr+port, +auth) */
#if WITH_MSGLEVEL <= E_INFO
if (ntohl(sockhead->dest) <= 0x000000ff) {
destdomname = strchr(sockhead->userid, '\0')+1;
}
Info11("sending socks4%s request VN=%d DC=%d DSTPORT=%d DSTIP=%d.%d.%d.%d USERID=%s%s%s",
destdomname?"a":"",
sockhead->version, sockhead->action, ntohs(sockhead->port),
((unsigned char *)&sockhead->dest)[0],
((unsigned char *)&sockhead->dest)[1],
((unsigned char *)&sockhead->dest)[2],
((unsigned char *)&sockhead->dest)[3],
sockhead->userid,
destdomname?" DESTNAME=":"",
destdomname?destdomname:"");
#endif /* WITH_MSGLEVEL <= E_INFO */
#if WITH_MSGLEVEL <= E_DEBUG
{
char *msgbuff;
if ((msgbuff = Malloc(3*headlen)) != NULL) {
xiohexdump((const unsigned char *)sockhead, headlen, msgbuff);
Debug1("sending socks4(a) request data %s", msgbuff);
}
}
#endif /* WITH_MSGLEVEL <= E_DEBUG */
if (writefull(xfd->fd, sockhead, headlen) < 0) {
Msg4(level, "write(%d, %p, "F_Zu"): %s",
xfd->fd, sockhead, headlen, strerror(errno));
if (Close(xfd->fd) < 0) {
Info2("close(%d): %s", xfd->fd, strerror(errno));
}
return STAT_RETRYLATER; /* retry complete open cycle */
}
bytes = 0;
Info("waiting for socks reply");
while (bytes >= 0) { /* loop over answer chunks until complete or error */
/* receive socks answer */
do {
result = Read(xfd->fd, buff+bytes, SIZEOF_STRUCT_SOCKS4-bytes);
} while (result < 0 && errno == EINTR);
if (result < 0) {
Msg4(level, "read(%d, %p, "F_Zu"): %s",
xfd->fd, buff+bytes, SIZEOF_STRUCT_SOCKS4-bytes,
strerror(errno));
if (Close(xfd->fd) < 0) {
Info2("close(%d): %s", xfd->fd, strerror(errno));
}
}
if (result == 0) {
Msg(level, "read(): EOF during read of socks reply, peer might not be a socks4 server");
if (Close(xfd->fd) < 0) {
Info2("close(%d): %s", xfd->fd, strerror(errno));
}
return STAT_RETRYLATER;
}
#if WITH_MSGLEVEL <= E_DEBUG
{
char msgbuff[3*SIZEOF_STRUCT_SOCKS4];
* xiohexdump((const unsigned char *)replyhead+bytes, result, msgbuff)
= '\0';
Debug2("received socks4 reply data (offset "F_Zd"): %s", bytes, msgbuff);
}
#endif /* WITH_MSGLEVEL <= E_DEBUG */
bytes += result;
if (bytes == SIZEOF_STRUCT_SOCKS4) {
Debug1("received all "F_Zd" bytes", bytes);
break;
}
Debug2("received %d bytes, waiting for "F_Zu" more bytes",
result, SIZEOF_STRUCT_SOCKS4-bytes);
}
if (result <= 0) { /* we had a problem while reading socks answer */
return STAT_RETRYLATER; /* retry complete open cycle */
}
Info7("received socks reply VN=%u CD=%u DSTPORT=%u DSTIP=%u.%u.%u.%u",
replyhead->version, replyhead->action, ntohs(replyhead->port),
((uint8_t *)&replyhead->dest)[0],
((uint8_t *)&replyhead->dest)[1],
((uint8_t *)&replyhead->dest)[2],
((uint8_t *)&replyhead->dest)[3]);
if (replyhead->version != 0) {
Warn1("socks: reply code version is not 0 (%d)",
replyhead->version);
}
switch (replyhead->action) {
case SOCKS_CD_GRANTED:
/* Notice("socks: connect request succeeded"); */
#if 0
if (Getsockname(xfd->fd, (struct sockaddr *)&us, &uslen) < 0) {
Warn4("getsockname(%d, %p, {%d}): %s",
xfd->fd, &us, uslen, strerror(errno));
}
Notice1("successfully connected from %s via socks4",
sockaddr_info((struct sockaddr *)&us, infobuff, sizeof(infobuff)));
#else
Notice("successfully connected via socks4");
#endif
break;
case SOCKS_CD_FAILED:
Msg(level, "socks: connect request rejected or failed");
return STAT_RETRYLATER;
case SOCKS_CD_NOIDENT:
Msg(level, "socks: ident refused by client");
return STAT_RETRYLATER;
case SOCKS_CD_IDENTFAILED:
Msg(level, "socks: ident failed");
return STAT_RETRYLATER;
default:
Msg1(level, "socks: undefined status %u", replyhead->action);
}
return STAT_OK;
}
/* the current socat/xio implementation knows two kinds of children:
exec/system addresses perform a fork: their children are registered and
their death's influence the parents' flow;
listen-socket with fork children: these children are "anonymous" and their
death does not affect the parent process (now; maybe we have a child
process counter later) */
void childdied(int signum
#if HAVE_SIGACTION
, siginfo_t *siginfo, void *context
#endif /* HAVE_SIGACTION */
) {
pid_t pid;
int _errno;
int status = 0;
bool wassig = false;
int i;
struct _xiosigchld_child *entry;
_errno = errno; /* save current value; e.g., select() on Cygwin seems
to set it to EINTR _before_ handling the signal, and
then passes the value left by the signal handler to
the caller of select(), accept() etc. */
/* is not thread/signal save, but confused messages in rare cases are better
than no messages at all */
Info1("childdied(signum=%d)", signum);
do {
pid = Waitpid(-1, &status, WNOHANG);
if (pid == 0) {
Msg(wassig?E_INFO:E_WARN,
"waitpid(-1, {}, WNOHANG): no child has exited");
Info("childdied() finished");
errno = _errno;
return;
} else if (pid < 0 && errno == ECHILD) {
Msg1(wassig?E_INFO:E_WARN,
"waitpid(-1, {}, WNOHANG): %s", strerror(errno));
Info("childdied() finished");
errno = _errno;
return;
}
wassig = true;
if (pid < 0) {
Warn2("waitpid(-1, {%d}, WNOHANG): %s", status, strerror(errno));
Info("childdied() finished");
errno = _errno;
return;
}
#if 0
/*! indent */
/* check if it was a registered child process */
i = 0;
while (i < XIO_MAXSOCK) {
if (xio_checkchild(sock[i], i, pid)) break;
++i;
}
if (i == XIO_MAXSOCK) {
Info2("childdied(%d): cannot identify child %d", signum, pid);
if (diedunknown1 == 0) {
diedunknown1 = pid;
Debug("saving pid in diedunknown1");
} else if (diedunknown2 == 0) {
diedunknown2 = pid;
Debug("saving pid in diedunknown2");
} else if (diedunknown3 == 0) {
diedunknown3 = pid;
Debug("saving pid in diedunknown3");
} else {
diedunknown4 = pid;
Debug("saving pid in diedunknown4");
}
}
#else
entry = _xiosigchld_find(pid);
if (entry == NULL) {
Info("dead child "F_pid" died unknown");
} else {
(*entry->sigaction)(signum, siginfo, entry->context);
xiosigchld_unregister(pid);
}
#endif
if (WIFEXITED(status)) {
if (WEXITSTATUS(status) == 0) {
Info2("waitpid(): child %d exited with status %d",
pid, WEXITSTATUS(status));
} else {
Warn2("waitpid(): child %d exited with status %d",
pid, WEXITSTATUS(status));
}
} else if (WIFSIGNALED(status)) {
Info2("waitpid(): child %d exited on signal %d",
pid, WTERMSIG(status));
} else if (WIFSTOPPED(status)) {
Info2("waitpid(): child %d stopped on signal %d",
pid, WSTOPSIG(status));
} else {
Warn1("waitpid(): cannot determine status of child %d", pid);
}
#if !HAVE_SIGACTION
/* we might need to re-register our handler */
if (Signal(SIGCHLD, childdied) == SIG_ERR) {
Warn2("signal(SIGCHLD, %p): %s", childdied, strerror(errno));
}
#endif /* !HAVE_SIGACTION */
} while (1);
Info("childdied() finished");
errno = _errno;
}
int _xioopen_proxy_connect(struct single *xfd,
struct proxyvars *proxyvars,
int level) {
size_t offset;
char request[CONNLEN];
char buff[BUFLEN+1];
#if CONNLEN > BUFLEN
#error not enough buffer space
#endif
char textbuff[2*BUFLEN+1]; /* just for sanitizing print data */
char *eol = buff;
int state;
ssize_t sresult;
/* generate proxy request header - points to final target */
sprintf(request, "CONNECT %s:%u HTTP/1.0\r\n",
proxyvars->targetaddr, proxyvars->targetport);
/* send proxy CONNECT request (target addr+port) */
* xiosanitize(request, strlen(request), textbuff) = '\0';
Info1("sending \"%s\"", textbuff);
/* write errors are assumed to always be hard errors, no retry */
do {
sresult = Write(xfd->wfd, request, strlen(request));
} while (sresult < 0 && errno == EINTR);
if (sresult < 0) {
Msg4(level, "write(%d, %p, "F_Zu"): %s",
xfd->wfd, request, strlen(request), strerror(errno));
if (Close(xfd->wfd) < 0) {
Info2("close(%d): %s", xfd->wfd, strerror(errno));
}
return STAT_RETRYLATER;
}
if (proxyvars->authstring) {
/* send proxy authentication header */
# define XIOAUTHHEAD "Proxy-authorization: Basic "
# define XIOAUTHLEN 27
static const char *authhead = XIOAUTHHEAD;
# define HEADLEN 256
char *header, *next;
/* ...\r\n\0 */
if ((header =
Malloc(XIOAUTHLEN+((strlen(proxyvars->authstring)+2)/3)*4+3))
== NULL) {
return -1;
}
strcpy(header, authhead);
next = xiob64encodeline(proxyvars->authstring,
strlen(proxyvars->authstring),
strchr(header, '\0'));
*next = '\0';
Info1("sending \"%s\\r\\n\"", header);
*next++ = '\r'; *next++ = '\n'; *next++ = '\0';
do {
sresult = Write(xfd->wfd, header, strlen(header));
} while (sresult < 0 && errno == EINTR);
if (sresult < 0) {
Msg4(level, "write(%d, %p, "F_Zu"): %s",
xfd->wfd, header, strlen(header), strerror(errno));
if (Close(xfd->wfd/*!*/) < 0) {
Info2("close(%d): %s", xfd->wfd, strerror(errno));
}
return STAT_RETRYLATER;
}
free(header);
}
Info("sending \"\\r\\n\"");
do {
sresult = Write(xfd->wfd, "\r\n", 2);
} while (sresult < 0 && errno == EINTR);
/*! */
/* request is kept for later error messages */
*strstr(request, " HTTP") = '\0';
/* receive proxy answer; looks like "HTTP/1.0 200 .*\r\nHeaders..\r\n\r\n" */
/* socat version 1 depends on a valid fd for data transfer; address
therefore cannot buffer data. So, to prevent reading beyond the end of
the answer headers, only single bytes are read. puh. */
state = XIOSTATE_HTTP1;
offset = 0; /* up to where the buffer is filled (relative) */
/*eol;*/ /* points to the first lineterm of the current line */
do {
sresult = xioproxy_recvbytes(xfd, buff+offset, 1, level);
if (sresult <= 0) {
state = XIOSTATE_ERROR;
break; /* leave read cycles */
}
switch (state) {
case XIOSTATE_HTTP1:
/* 0 or more bytes of first line received, no '\r' yet */
if (*(buff+offset) == '\r') {
eol = buff+offset;
state = XIOSTATE_HTTP2;
break;
}
if (proxyvars->ignorecr && *(buff+offset) == '\n') {
eol = buff+offset;
state = XIOSTATE_HTTP3;
break;
}
break;
case XIOSTATE_HTTP2:
/* first line received including '\r' */
if (*(buff+offset) != '\n') {
state = XIOSTATE_HTTP1;
break;
}
state = XIOSTATE_HTTP3;
break;
case XIOSTATE_HTTP3:
/* received status (first line) and "\r\n" */
if (*(buff+offset) == '\r') {
state = XIOSTATE_HTTP7;
break;
}
if (proxyvars->ignorecr && *(buff+offset) == '\n') {
state = XIOSTATE_HTTP8;
break;
}
state = XIOSTATE_HTTP4;
break;
case XIOSTATE_HTTP4:
/* within header */
if (*(buff+offset) == '\r') {
eol = buff+offset;
state = XIOSTATE_HTTP5;
break;
}
if (proxyvars->ignorecr && *(buff+offset) == '\n') {
eol = buff+offset;
state = XIOSTATE_HTTP6;
break;
}
break;
case XIOSTATE_HTTP5:
/* within header, '\r' received */
if (*(buff+offset) != '\n') {
state = XIOSTATE_HTTP4;
break;
}
state = XIOSTATE_HTTP6;
break;
case XIOSTATE_HTTP6:
/* received status (first line) and 1 or more headers, "\r\n" */
if (*(buff+offset) == '\r') {
state = XIOSTATE_HTTP7;
break;
}
if (proxyvars->ignorecr && *(buff+offset) == '\n') {
state = XIOSTATE_HTTP8;
break;
}
state = XIOSTATE_HTTP4;
break;
case XIOSTATE_HTTP7:
/* received status (first line), 0 or more headers, "\r\n\r" */
if (*(buff+offset) == '\n') {
state = XIOSTATE_HTTP8;
break;
}
if (*(buff+offset) == '\r') {
if (proxyvars->ignorecr) {
break; /* ignore it, keep waiting for '\n' */
} else {
state = XIOSTATE_HTTP5;
}
break;
}
state = XIOSTATE_HTTP4;
break;
}
++offset;
/* end of status line reached */
if (state == XIOSTATE_HTTP3) {
char *ptr;
/* set a terminating null - on or after CRLF? */
*(buff+offset) = '\0';
* xiosanitize(buff, Min(offset, (sizeof(textbuff)-1)>>1), textbuff)
= '\0';
Info1("proxy_connect: received answer \"%s\"", textbuff);
*eol = '\0';
* xiosanitize(buff, Min(strlen(buff), (sizeof(textbuff)-1)>>1),
textbuff) = '\0';
if (strncmp(buff, "HTTP/1.0 ", 9) &&
strncmp(buff, "HTTP/1.1 ", 9)) {
/* invalid answer */
Msg1(level, "proxy: invalid answer \"%s\"", textbuff);
return STAT_RETRYLATER;
}
ptr = buff+9;
/* skip multiple spaces */
while (*ptr == ' ') ++ptr;
/* HTTP answer */
if (strncmp(ptr, "200", 3)) {
/* not ok */
/* CERN:
"HTTP/1.0 200 Connection established"
"HTTP/1.0 400 Invalid request "CONNECT 10.244.9.3:8080 HTTP/1.0" (unknown method)"
"HTTP/1.0 403 Forbidden - by rule"
"HTTP/1.0 407 Proxy Authentication Required"
Proxy-Authenticate: Basic realm="Squid proxy-caching web server"
> 50 72 6f 78 79 2d 61 75 74 68 6f 72 69 7a 61 74 Proxy-authorizat
> 69 6f 6e 3a 20 42 61 73 69 63 20 61 57 4e 6f 63 ion: Basic aWNoc
> 32 56 73 59 6e 4e 30 4f 6e 4e 30 63 6d 56 75 5a 2VsYnN0OnN0cmVuZ
> 32 64 6c 61 47 56 70 62 51 3d 3d 0d 0a 2dlaGVpbQ==..
b64encode("username:password")
"HTTP/1.0 500 Can't connect to host"
*/
/* Squid:
"HTTP/1.0 400 Bad Request"
"HTTP/1.0 403 Forbidden"
"HTTP/1.0 503 Service Unavailable"
interesting header: "X-Squid-Error: ERR_CONNECT_FAIL 111" */
/* Apache:
"HTTP/1.0 400 Bad Request"
"HTTP/1.1 405 Method Not Allowed"
*/
/* WTE:
"HTTP/1.1 200 Connection established"
"HTTP/1.1 404 Host not found or not responding, errno: 79"
"HTTP/1.1 404 Host not found or not responding, errno: 32"
"HTTP/1.1 404 Host not found or not responding, errno: 13"
*/
/* IIS:
"HTTP/1.1 404 Object Not Found"
*/
ptr += 3;
while (*ptr == ' ') ++ptr;
Msg2(level, "%s: %s", request, ptr);
return STAT_RETRYLATER;
}
/* ok!! */
/* "HTTP/1.0 200 Connection established" */
/*Info1("proxy: \"%s\"", textbuff+13);*/
offset = 0;
} else if (state == XIOSTATE_HTTP6) {
/* end of a header line reached */
char *endp;
/* set a terminating null */
*(buff+offset) = '\0';
endp =
xiosanitize(buff, Min(offset, (sizeof(textbuff)-1)>>1),
textbuff);
*endp = '\0';
Info1("proxy_connect: received header \"%s\"", textbuff);
offset = 0;
}
