static void socks4_read_cb(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
assert(client->state >= socks4_request_sent);
redsocks_touch_client(client);
if (client->state == socks4_request_sent) {
socks4_reply reply;
if (redsocks_read_expected(client, bufferevent_get_input(buffev), &reply, sizes_greater_equal, sizeof(reply)) < 0)
return;
client->state = socks4_reply_came;
if (reply.ver != 0) {
redsocks_log_error(client, LOG_NOTICE, "Socks4 server reported unexpected reply version...");
redsocks_drop_client(client);
}
else if (reply.status == socks4_status_ok)
redsocks_start_relay(client);
else {
redsocks_log_error(client, LOG_NOTICE, "Socks4 server status: %s (%i)",
reply.status == socks4_status_fail ? "fail" :
reply.status == socks4_status_no_ident ? "no ident" :
reply.status == socks4_status_fake_ident ? "fake ident" : "?",
reply.status);
redsocks_drop_client(client);
}
}
}
static void ss_relay_connected(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
ss_header_ipv4 header;
size_t len = 0;
assert(buffev == client->relay);
assert(client->state == ss_new);
redsocks_touch_client(client);
if (!red_is_socket_connected_ok(buffev)) {
redsocks_log_error(client, LOG_DEBUG, "failed to connect to destination");
redsocks_drop_client(client);
return;
}
client->relay_connected = 1;
/* We do not need to detect timeouts any more.
The two peers will handle it. */
bufferevent_set_timeouts(client->relay, NULL, NULL);
if (!redsocks_start_relay(client))
{
/* overwrite theread callback to my function */
bufferevent_setcb(client->client, ss_client_readcb,
ss_client_writecb,
redsocks_event_error,
client);
bufferevent_setcb(client->relay, ss_relay_readcb,
ss_relay_writecb,
redsocks_event_error,
client);
}
else
{
redsocks_log_error(client, LOG_DEBUG, "failed to start relay");
redsocks_drop_client(client);
return;
}
/* build and send header */
// TODO: Better implementation and IPv6 Support
header.addr_type = ss_addrtype_ipv4;
header.addr = client->destaddr.sin_addr.s_addr;
header.port = client->destaddr.sin_port;
len += sizeof(header);
encrypt_mem(client, (char *)&header, len, client->relay, 0);
client->state = ss_connected;
// Write any data received from client side to relay.
if (evbuffer_get_length(bufferevent_get_input(client->client)))
ss_relay_writecb(client->relay, client);
return;
}
static void direct_write_cb(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
redsocks_touch_client(client);
if (client->state == 0)
{
client->state = 1;
if (redsocks_start_relay(client))
// Failed to start relay. Connection is dropped.
return;
// Write any data received from client to relay
if (evbuffer_get_length(bufferevent_get_input(client->client)))
client->instance->relay_ss->writecb(buffev, client);
}
}
static void auto_relay_connected(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
autoproxy_client * aclient = (void*)(client + 1) + client->instance->relay_ss->payload_len;
assert(buffev == client->relay);
redsocks_touch_client(client);
if (!red_is_socket_connected_ok(buffev)) {
if (aclient->state == AUTOPROXY_NEW && !auto_retry_or_drop(client))
return;
redsocks_log_error(client, LOG_DEBUG, "failed to connect to proxy");
goto fail;
}
/* update client state */
aclient->state = AUTOPROXY_CONNECTED;
/* We do not need to detect timeouts any more.
The two peers will handle it. */
bufferevent_set_timeouts(client->relay, NULL, NULL);
if (!redsocks_start_relay(client))
{
/* overwrite theread callback to my function */
client->client->readcb = direct_relay_clientreadcb;
client->client->writecb = direct_relay_clientwritecb;
client->relay->readcb = direct_relay_relayreadcb;
client->relay->writecb = direct_relay_relaywritecb;
}
else
{
redsocks_log_error(client, LOG_DEBUG, "failed to start relay");
goto fail;
}
client->relay->writecb(buffev, _arg);
return;
fail:
redsocks_drop_client(client);
}
static void socks5_read_cb(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
socks5_client *socks5 = red_payload(client);
redsocks_touch_client(client);
if (client->state == socks5_method_sent) {
socks5_read_auth_methods(buffev, client, socks5);
}
else if (client->state == socks5_auth_sent) {
socks5_read_auth_reply(buffev, client, socks5);
}
else if (client->state == socks5_request_sent) {
socks5_read_reply(buffev, client, socks5);
}
else if (client->state == socks5_skip_domain) {
socks5_addr_ipv4 ipv4; // all socks5_addr*.port are equal
uint8_t size;
if (redsocks_read_expected(client, buffev->input, &size, sizes_greater_equal, sizeof(size)) < 0)
return;
socks5->to_skip = size + sizeof(ipv4.port);
redsocks_write_helper(
buffev, client,
NULL, socks5_skip_address, socks5->to_skip
);
}
else if (client->state == socks5_skip_address) {
uint8_t data[socks5->to_skip];
if (redsocks_read_expected(client, buffev->input, data, sizes_greater_equal, socks5->to_skip) < 0)
return;
redsocks_start_relay(client);
}
else {
redsocks_drop_client(client);
}
}
static void auto_write_cb(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
redsocks_touch_client(client);
if (client->state == socks5_pre_detect) {
client->state = socks5_direct;
if (!redsocks_start_relay(client))
{
/* overwrite theread callback to my function */
client->client->readcb = direct_relay_clientreadcb;
client->client->writecb = direct_relay_clientwritecb;
client->relay->readcb = direct_relay_relayreadcb;
client->relay->writecb = direct_relay_relaywritecb;
}
}
else if (client->state == socks5_direct)
redsocks_log_error(client, LOG_DEBUG, "Should not be here!");
else
socks5_write_cb(buffev, _arg);
}
static void httpr_relay_read_cb(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
httpr_client *httpr = (void*)(client + 1);
int dropped = 0;
assert(client->state >= httpr_request_sent);
redsocks_touch_client(client);
httpr_buffer_fini(&httpr->relay_buffer);
httpr_buffer_init(&httpr->relay_buffer);
if (client->state == httpr_request_sent) {
size_t len = EVBUFFER_LENGTH(buffev->input);
char *line = redsocks_evbuffer_readline(buffev->input);
if (line) {
httpr_buffer_append(&httpr->relay_buffer, line, strlen(line));
httpr_buffer_append(&httpr->relay_buffer, "\r\n", 2);
unsigned int code;
if (sscanf(line, "HTTP/%*u.%*u %u", &code) == 1) { // 1 == one _assigned_ match
if (code == 407) { // auth failed
http_auth *auth = (void*)(client->instance + 1);
if (auth->last_auth_query != NULL && auth->last_auth_count == 1) {
redsocks_log_error(client, LOG_NOTICE, "proxy auth failed");
redsocks_drop_client(client);
dropped = 1;
} else if (client->instance->config.login == NULL || client->instance->config.password == NULL) {
redsocks_log_error(client, LOG_NOTICE, "proxy auth required, but no login information provided");
redsocks_drop_client(client);
dropped = 1;
} else {
free(line);
char *auth_request = get_auth_request_header(buffev->input);
if (!auth_request) {
redsocks_log_error(client, LOG_NOTICE, "403 found, but no proxy auth challenge");
redsocks_drop_client(client);
dropped = 1;
} else {
free(auth->last_auth_query);
char *ptr = auth_request;
ptr += strlen(auth_request_header);
while (isspace(*ptr))
ptr++;
auth->last_auth_query = calloc(strlen(ptr) + 1, 1);
strcpy(auth->last_auth_query, ptr);
auth->last_auth_count = 0;
free(auth_request);
httpr_buffer_fini(&httpr->relay_buffer);
if (bufferevent_disable(client->relay, EV_WRITE)) {
redsocks_log_errno(client, LOG_ERR, "bufferevent_disable");
return;
}
/* close relay tunnel */
redsocks_close(EVENT_FD(&client->relay->ev_write));
bufferevent_free(client->relay);
/* set to initial state*/
client->state = httpr_recv_request_headers;
/* and reconnect */
redsocks_connect_relay(client);
return;
}
}
} else if (100 <= code && code <= 999) {
client->state = httpr_reply_came;
} else {
redsocks_log_error(client, LOG_NOTICE, "%s", line);
redsocks_drop_client(client);
dropped = 1;
}
}
free(line);
}
else if (len >= HTTP_HEAD_WM_HIGH) {
redsocks_drop_client(client);
dropped = 1;
}
}
if (dropped)
return;
while (client->state == httpr_reply_came) {
char *line = redsocks_evbuffer_readline(buffev->input);
if (line) {
httpr_buffer_append(&httpr->relay_buffer, line, strlen(line));
httpr_buffer_append(&httpr->relay_buffer, "\r\n", 2);
if (strlen(line) == 0) {
client->state = httpr_headers_skipped;
}
free(line);
}
else {
break;
}
}
if (client->state == httpr_headers_skipped) {
if (bufferevent_write(client->client, httpr->relay_buffer.buff, httpr->relay_buffer.len) != 0) {
redsocks_log_error(client, LOG_NOTICE, "bufferevent_write");
redsocks_drop_client(client);
return;
}
redsocks_start_relay(client);
}
}
static void httpc_read_cb(struct bufferevent *buffev, void *_arg)
{
redsocks_client *client = _arg;
assert(client->relay == buffev);
assert(client->state == httpc_request_sent || client->state == httpc_reply_came);
redsocks_touch_client(client);
// evbuffer_add() triggers callbacks, so we can't write to client->client
// till we know that we're going to ONFAIL_FORWARD_HTTP_ERR.
// And the decision is made when all the headers are processed.
struct evbuffer* tee = NULL;
const bool do_errtee = client->instance->config.on_proxy_fail == ONFAIL_FORWARD_HTTP_ERR;
if (client->state == httpc_request_sent) {
size_t len = evbuffer_get_length(buffev->input);
char *line = redsocks_evbuffer_readline(buffev->input);
if (line) {
unsigned int code;
if (sscanf(line, "HTTP/%*u.%*u %u", &code) == 1) { // 1 == one _assigned_ match
if (code == 407) { // auth failed
http_auth *auth = red_http_auth(client->instance);
if (auth->last_auth_query != NULL && auth->last_auth_count == 1) {
redsocks_log_error(client, LOG_NOTICE, "HTTP Proxy auth failed: %s", line);
client->state = httpc_no_way;
} else if (client->instance->config.login == NULL || client->instance->config.password == NULL) {
redsocks_log_error(client, LOG_NOTICE, "HTTP Proxy auth required, but no login/password configured: %s", line);
client->state = httpc_no_way;
} else {
if (do_errtee)
tee = evbuffer_new();
char *auth_request = http_auth_request_header(buffev->input, tee);
if (!auth_request) {
redsocks_log_error(client, LOG_NOTICE, "HTTP Proxy auth required, but no <%s> header found: %s", auth_request_header, line);
client->state = httpc_no_way;
} else {
free(line);
if (tee)
evbuffer_free(tee);
free(auth->last_auth_query);
char *ptr = auth_request;
ptr += strlen(auth_request_header);
while (isspace(*ptr))
ptr++;
size_t last_auth_query_len = strlen(ptr) + 1;
auth->last_auth_query = calloc(last_auth_query_len, 1);
memcpy(auth->last_auth_query, ptr, last_auth_query_len);
auth->last_auth_count = 0;
free(auth_request);
if (bufferevent_disable(client->relay, EV_WRITE)) {
redsocks_log_errno(client, LOG_ERR, "bufferevent_disable");
return;
}
/* close relay tunnel */
redsocks_bufferevent_free(client->relay);
/* set to initial state*/
client->state = httpc_new;
/* and reconnect */
redsocks_connect_relay(client);
return;
}
}
} else if (200 <= code && code <= 299) {
client->state = httpc_reply_came;
} else {
redsocks_log_error(client, LOG_NOTICE, "HTTP Proxy error: %s", line);
client->state = httpc_no_way;
}
} else {
redsocks_log_error(client, LOG_NOTICE, "HTTP Proxy bad firstline: %s", line);
client->state = httpc_no_way;
}
if (do_errtee && client->state == httpc_no_way) {
if (bufferevent_write(client->client, line, strlen(line)) != 0 ||
bufferevent_write(client->client, "\r\n", 2) != 0)
{
redsocks_log_errno(client, LOG_NOTICE, "bufferevent_write");
goto fail;
}
}
free(line);
}
else if (len >= HTTP_HEAD_WM_HIGH) {
redsocks_log_error(client, LOG_NOTICE, "HTTP Proxy reply is too long, %zu bytes", len);
client->state = httpc_no_way;
}
}
if (do_errtee && client->state == httpc_no_way) {
if (tee) {
if (bufferevent_write_buffer(client->client, tee) != 0) {
redsocks_log_errno(client, LOG_NOTICE, "bufferevent_write_buffer");
goto fail;
}
}
redsocks_shutdown(client, client->client, SHUT_RD);
const size_t avail = evbuffer_get_length(client->client->input);
if (avail) {
if (evbuffer_drain(client->client->input, avail) != 0) {
redsocks_log_errno(client, LOG_NOTICE, "evbuffer_drain");
goto fail;
}
}
redsocks_shutdown(client, client->relay, SHUT_WR);
client->state = httpc_headers_skipped;
}
fail:
if (tee) {
evbuffer_free(tee);
}
if (client->state == httpc_no_way) {
redsocks_drop_client(client);
return;
}
while (client->state == httpc_reply_came) {
char *line = redsocks_evbuffer_readline(buffev->input);
if (line) {
if (strlen(line) == 0) {
client->state = httpc_headers_skipped;
}
free(line);
}
else {
break;
}
}
if (client->state == httpc_headers_skipped) {
redsocks_start_relay(client);
}
}
