stcp_t *stcp_connect(const char *host, int port) { stcp_t *ret; proxy_t *proxy; proxy = proxy_connect(host, port); if (proxy == NULL) return stcp_connect_np(host, port); ret = (stcp_t*)calloc(1,sizeof(stcp_t)); if (ret == NULL) return NULL; ret->proxy = proxy; return ret; }
int _tmain(int argc, _TCHAR* argv[]) { WSADATA ws; WSAStartup(MAKEWORD(2, 2), &ws);; struct proxy *prox; prox = proxy_create(); assert(prox); proxy_set(prox, "192.168.79.1", 1080, "test", "0"); proxy_connect(prox, "113.108.16.44", 25); proxy_recv_line(prox, buff, 512); return 0; }
/** * aim_newconn - Open a new connection * @sess: Session to create connection in * @type: Type of connection to create * @dest: Host to connect to (in "host:port" syntax) * * Opens a new connection to the specified dest host of specified * type, using the proxy settings if available. If @host is %NULL, * the connection is allocated and returned, but no connection * is made. * * FIXME: Return errors in a more sane way. * */ aim_conn_t *aim_newconn(aim_session_t *sess, int type, const char *dest) { aim_conn_t *connstruct; guint16 port = AIM_LOGIN_PORT; char *host; int i; if (!(connstruct = aim_conn_getnext(sess))) return NULL; connstruct->sessv = (void *)sess; connstruct->type = type; if (!dest) { /* just allocate a struct */ connstruct->fd = -1; connstruct->status = 0; return connstruct; } /* * As of 23 Jul 1999, AOL now sends the port number, preceded by a * colon, in the BOS redirect. This fatally breaks all previous * libfaims. Bad, bad AOL. * * We put this here to catch every case. * */ for(i = 0; i < (int)strlen(dest); i++) { if (dest[i] == ':') { port = atoi(&(dest[i+1])); break; } } host = (char *)g_malloc(i+1); strncpy(host, dest, i); host[i] = '\0'; connstruct->fd = proxy_connect(host, port, NULL, NULL); g_free(host); return connstruct; }
gboolean msn_ns_connect( struct im_connection *ic, struct msn_handler_data *handler, const char *host, int port ) { if( handler->fd >= 0 ) closesocket( handler->fd ); handler->exec_command = msn_ns_command; handler->exec_message = msn_ns_message; handler->data = ic; handler->fd = proxy_connect( host, port, msn_ns_connected, handler ); if( handler->fd < 0 ) { imcb_error( ic, "Could not connect to server" ); imc_logout( ic, TRUE ); return FALSE; } return TRUE; }
int main(int argc, char **argv) { int sock; struct config_t config; struct buffer_t buffer; /* initialize buffer */ buffer_init(&buffer); /* parse arguments and config file */ if (setup(&config, argc, argv) != SETUP_OK) { usage(stderr); return EX_USAGE; } /* ask password if none was given, but username is set */ if (config.username && !config.password) { config.password = askpass_tty(PASSWORD_PROMPT); /* exit if unable to get password */ if (!config.password) return EX_NOINPUT; } /* connect to proxy */ if ((sock = tcp_connect(config.proxyname, config.proxyport)) == -1) return EX_UNAVAILABLE; /* tunnel setup */ if (proxy_connect(sock, &buffer, config.hostname, config.hostport, config.username, config.password) != 0) { close(sock); return EX_UNAVAILABLE; } /* tunnel data (does not return on failure) */ tunnel_handler(&buffer, config.ifd, config.ofd, sock, sock); /* cleanup */ close(sock); return EX_OK; }
int connect_address(unsigned int addy, unsigned short port) { int fd; struct sockaddr_in sin; sin.sin_addr.s_addr = addy; sin.sin_family = AF_INET; sin.sin_port = htons(port); fd = socket(AF_INET, SOCK_STREAM, 0); if (fd > -1) { quad_addr=strdup(inet_ntoa(sin.sin_addr)); if (proxy_connect(fd, (struct sockaddr *)&sin, sizeof(sin)) > -1) { return fd; } } return -1; }
void *ssl_connect( char *host, int port, gboolean verify, ssl_input_function func, gpointer data ) { struct scd *conn = g_new0( struct scd, 1 ); conn->fd = proxy_connect( host, port, ssl_connected, conn ); conn->func = func; conn->data = data; conn->inpa = -1; conn->hostname = g_strdup( host ); conn->verify = verify && global.conf->cafile; if( conn->fd < 0 ) { g_free( conn ); return NULL; } return conn; }
struct msn_switchboard *msn_sb_create( struct im_connection *ic, char *host, int port, char *key, int session ) { struct msn_data *md = ic->proto_data; struct msn_switchboard *sb = g_new0( struct msn_switchboard, 1 ); sb->fd = proxy_connect( host, port, msn_sb_connected, sb ); if( sb->fd < 0 ) { g_free( sb ); return( NULL ); } sb->ic = ic; sb->key = g_strdup( key ); sb->session = session; msn_switchboards = g_slist_append( msn_switchboards, sb ); md->switchboards = g_slist_append( md->switchboards, sb ); return( sb ); }
void *ssl_connect(char *host, int port, gboolean verify, ssl_input_function func, gpointer data) { struct scd *conn = g_new0(struct scd, 1); conn->fd = proxy_connect(host, port, ssl_connected, conn); conn->func = func; conn->data = data; conn->hostname = g_strdup(host); if (conn->fd < 0) { g_free(conn->hostname); g_free(conn); return (NULL); } if (!initialized) { ssl_init(); } return (conn); }
struct http_request *http_dorequest( char *host, int port, int ssl, char *request, http_input_function func, gpointer data ) { struct http_request *req; int error = 0; req = g_new0( struct http_request, 1 ); if( ssl ) { req->ssl = ssl_connect( host, port, TRUE, http_ssl_connected, req ); if( req->ssl == NULL ) error = 1; } else { req->fd = proxy_connect( host, port, http_connected, req ); if( req->fd < 0 ) error = 1; } if( error ) { http_free( req ); return NULL; } req->func = func; req->data = data; req->request = g_strdup( request ); req->request_length = strlen( request ); req->redir_ttl = 3; req->content_length = -1; if( getenv( "BITLBEE_DEBUG" ) ) printf( "About to send HTTP request:\n%s\n", req->request ); return req; }
void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data ) { struct scd *conn = g_new0( struct scd, 1 ); conn->fd = proxy_connect( host, port, ssl_connected, conn ); conn->func = func; conn->data = data; if( conn->fd < 0 ) { g_free( conn ); return( NULL ); } if( !initialized ) { PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); NSS_NoDB_Init(NULL); NSS_SetDomesticPolicy(); } return( conn ); }
unsigned int sockroutine(acetables *g_ape) { struct _socks_list sl; int new_fd, nfds, sin_size = sizeof(struct sockaddr_in), i, tfd = 0; ape_socket *co = g_ape->co; struct timeval t_start, t_end; long int ticks = 0, uticks = 0, lticks = 0; struct sockaddr_in their_addr; sl.co = co; sl.tfd = &tfd; g_ape->bufout = xmalloc(sizeof(struct _socks_bufout) * g_ape->basemem); #if 0 add_periodical(5, 0, check_idle, &sl, g_ape); #endif while (1) { // int timeout_to_hang = MAX((1000/TICKS_RATE)-ticks, 1); /* Linux 2.6.25 provides a fd-driven timer system. It could be usefull to implement */ gettimeofday(&t_start, NULL); nfds = events_poll(g_ape->events, 1); if (nfds < 0) { continue; } if (nfds > 0) { for (i = 0; i < nfds; i++) { int active_fd = events_get_current_fd(g_ape->events, i); if (co[active_fd].stream_type == STREAM_SERVER) { while (1) { http_state http = {0, HTTP_NULL, 0, -1, 0, 0, 0}; new_fd = accept(active_fd, (struct sockaddr *)&their_addr, (unsigned int *)&sin_size); if (new_fd == -1) { break; } if (new_fd + 4 == g_ape->basemem) { /* Increase connection & events size */ growup(&g_ape->basemem, &g_ape->co, g_ape->events, &g_ape->bufout); co = g_ape->co; } strncpy(co[new_fd].ip_client, inet_ntoa(their_addr.sin_addr), 16); co[new_fd].buffer_in.data = xmalloc(sizeof(char) * (DEFAULT_BUFFER_SIZE + 1)); co[new_fd].buffer_in.size = DEFAULT_BUFFER_SIZE; co[new_fd].buffer_in.length = 0; co[new_fd].buffer_in.slot = NULL; co[new_fd].buffer_in.islot = 0; co[new_fd].http = http; co[new_fd].attach = NULL; co[new_fd].data = NULL; co[new_fd].idle = time(NULL); co[new_fd].fd = new_fd; co[new_fd].stream_type = STREAM_IN; co[new_fd].state = STREAM_ONLINE; g_ape->bufout[new_fd].fd = new_fd; g_ape->bufout[new_fd].buf = NULL; g_ape->bufout[new_fd].buflen = 0; g_ape->bufout[new_fd].allocsize = 0; co[new_fd].callbacks.on_disconnect = co[active_fd].callbacks.on_disconnect; co[new_fd].callbacks.on_read = co[active_fd].callbacks.on_read; co[new_fd].callbacks.on_read_lf = co[active_fd].callbacks.on_read_lf; co[new_fd].callbacks.on_data_completly_sent = co[active_fd].callbacks.on_data_completly_sent; co[new_fd].callbacks.on_write = co[active_fd].callbacks.on_write; co[new_fd].attach = co[active_fd].attach; setnonblocking(new_fd); events_add(g_ape->events, new_fd, EVENT_READ|EVENT_WRITE); tfd++; if (co[active_fd].callbacks.on_accept != NULL) { co[active_fd].callbacks.on_accept(&co[new_fd], g_ape); } } continue; } else { int readb = 0; int bitev = events_revent(g_ape->events, i); if (bitev & EVENT_WRITE) { if (co[active_fd].stream_type == STREAM_OUT && co[active_fd].state == STREAM_PROGRESS) { int serror = 0, ret; socklen_t serror_len = sizeof(serror); ret = getsockopt(active_fd, SOL_SOCKET, SO_ERROR, &serror, &serror_len); if (ret == 0 && serror == 0) { co[active_fd].state = STREAM_ONLINE; if (co[active_fd].callbacks.on_connect != NULL) { co[active_fd].callbacks.on_connect(&co[active_fd], g_ape); } } else { /* This can happen ? epoll seems set EPOLLIN as if the host is disconnecting */ if (co[active_fd].callbacks.on_disconnect != NULL) { co[active_fd].callbacks.on_disconnect(&co[active_fd], g_ape); } clear_buffer(&co[active_fd], &tfd); close(active_fd); } } #if 0 if (co[active_fd].stream_type == STREAM_OUT && ((ape_proxy *)(co[active_fd].attach))->state == PROXY_IN_PROGRESS) { int serror = 0, ret; socklen_t serror_len = sizeof(serror); ret = getsockopt(active_fd, SOL_SOCKET, SO_ERROR, &serror, &serror_len); if (ret == 0 && serror == 0) { ((ape_proxy *)(co[active_fd].attach))->state = PROXY_CONNECTED; ((ape_proxy *)(co[active_fd].attach))->sock.fd = active_fd; proxy_onevent((ape_proxy *)(co[active_fd].attach), "CONNECT", g_ape); if (co[active_fd].callbacks.on_connect != NULL) { co[active_fd].callbacks.on_connect(&co[active_fd]); } } else { /* This can happen ? epoll seems set EPOLLIN as if the host is disconnecting */ if (co[active_fd].callbacks.on_disconnect != NULL) { co[active_fd].callbacks.on_disconnect(&co[active_fd]); } ((ape_proxy *)(co[active_fd].attach))->state = PROXY_THROTTLED; //epoll_ctl(event_fd, EPOLL_CTL_DEL, active_fd, NULL); clear_buffer(&co[active_fd], &tfd); close(active_fd); } } #endif else if (co[active_fd].stream_type == STREAM_IN && g_ape->bufout[active_fd].buf != NULL) { if (sendqueue(active_fd, g_ape) == 1) { if (co[active_fd].callbacks.on_data_completly_sent != NULL) { co[active_fd].callbacks.on_data_completly_sent(&co[active_fd], g_ape); } } } else if (co[active_fd].stream_type == STREAM_DELEGATE) { if (co[active_fd].callbacks.on_write != NULL) { co[active_fd].callbacks.on_write(&co[active_fd], g_ape); } } } if (bitev & EVENT_READ) { if (co[active_fd].stream_type == STREAM_DELEGATE) { if (co[active_fd].callbacks.on_read != NULL) { co[active_fd].callbacks.on_read(&co[active_fd], NULL, 0, g_ape); continue; } } do { /* TODO : Check if maximum data read can improve perf Huge data may attempt to increase third parameter */ readb = read(active_fd, co[active_fd].buffer_in.data + co[active_fd].buffer_in.length, co[active_fd].buffer_in.size - co[active_fd].buffer_in.length); if (readb == -1 && errno == EAGAIN) { /* Nothing to read again */ if (co[active_fd].stream_type == STREAM_OUT) { //proxy_process_eol(&co[active_fd], g_ape); //co[active_fd].buffer_in.length = 0; } else { // co[active_fd].buffer_in.data[co[active_fd].buffer_in.length] = '\0'; } break; } else { if (readb < 1) { if (co[active_fd].callbacks.on_disconnect != NULL) { co[active_fd].callbacks.on_disconnect(&co[active_fd], g_ape); } #if 0 if (co[active_fd].stream_type == STREAM_IN && co[active_fd].attach != NULL) { if (active_fd == ((subuser *)(co[active_fd].attach))->fd) { ((subuser *)(co[active_fd].attach))->headers_sent = 0; ((subuser *)(co[active_fd].attach))->state = ADIED; } if (((subuser *)(co[active_fd].attach))->wait_for_free == 1) { free(co[active_fd].attach); co[active_fd].attach = NULL; } } else if (co[active_fd].stream_type == STREAM_OUT) { if (((ape_proxy *)(co[active_fd].attach))->state == PROXY_TOFREE) { free(co[active_fd].attach); co[active_fd].attach = NULL; } else { ((ape_proxy *)(co[active_fd].attach))->state = PROXY_THROTTLED; proxy_onevent((ape_proxy *)(co[active_fd].attach), "DISCONNECT", g_ape); } } #endif clear_buffer(&co[active_fd], &tfd); if (g_ape->bufout[active_fd].buf != NULL) { free(g_ape->bufout[active_fd].buf); g_ape->bufout[active_fd].buflen = 0; g_ape->bufout[active_fd].buf = NULL; g_ape->bufout[active_fd].allocsize = 0; } close(active_fd); break; } else { co[active_fd].buffer_in.length += readb; /* realloc the buffer for the next read (x2) */ if (co[active_fd].buffer_in.length == co[active_fd].buffer_in.size) { co[active_fd].buffer_in.size *= 2; co[active_fd].buffer_in.data = xrealloc(co[active_fd].buffer_in.data, sizeof(char) * (co[active_fd].buffer_in.size + 1)); } if (co[active_fd].callbacks.on_read_lf != NULL) { int eol, len = co[active_fd].buffer_in.length; char *pBuf = co[active_fd].buffer_in.data; while ((eol = sneof(pBuf, len, 4096)) != -1) { pBuf[eol-1] = '\0'; co[active_fd].callbacks.on_read_lf(&co[active_fd], pBuf, g_ape); pBuf = &pBuf[eol]; len -= eol; } if (len > 4096 || !len) { co[active_fd].buffer_in.length = 0; } else if (len) { memmove(co[active_fd].buffer_in.data, &co[active_fd].buffer_in.data[co[active_fd].buffer_in.length - len], len); co[active_fd].buffer_in.length = len; } } /* on_read can't get along with on_read_lf */ if (co[active_fd].callbacks.on_read != NULL && co[active_fd].callbacks.on_read_lf == NULL) { co[active_fd].callbacks.on_read(&co[active_fd], &co[active_fd].buffer_in, co[active_fd].buffer_in.length - readb, g_ape); } } } } while(readb >= 0); } } } } gettimeofday(&t_end, NULL); ticks = 0; uticks = 1000000 * (t_end.tv_sec - t_start.tv_sec); uticks += (t_end.tv_usec - t_start.tv_usec); lticks += uticks; /* Tic tac, tic tac :-) */ { unsigned long int nticks; ape_proxy *proxy = g_ape->proxy.list; int psock; while (proxy != NULL) { if (proxy->state == PROXY_NOT_CONNECTED && ((psock = proxy_connect(proxy, g_ape)) != 0)) { http_state http_s = {0, HTTP_NULL, 0, -1, 0, 0, 0}; if (psock + 4 == g_ape->basemem) { growup(&g_ape->basemem, &g_ape->co, g_ape->events, &g_ape->bufout); co = g_ape->co; } co[psock].ip_client[0] = '\0'; co[psock].buffer_in.data = xmalloc(sizeof(char) * (DEFAULT_BUFFER_SIZE + 1)); co[psock].buffer_in.size = DEFAULT_BUFFER_SIZE; co[psock].buffer_in.length = 0; co[psock].buffer_in.slot = NULL; co[psock].buffer_in.islot = 0; co[psock].idle = time(NULL); co[psock].http = http_s; co[psock].attach = proxy; co[psock].stream_type = STREAM_OUT; co[psock].fd = psock; tfd++; } proxy = proxy->next; } while (lticks > 1000) { ticks++; lticks -= 1000; } for (nticks = 0; nticks < ticks; nticks++) { process_tick(g_ape); } } } return 0; }
static int rpc_channel_tls_connect(RpcChannel* channel, int timeout) { int sockfd; rdpTls* tls; int tlsStatus; BIO* socketBio; BIO* bufferedBio; rdpRpc* rpc = channel->rpc; rdpContext* context = rpc->context; rdpSettings* settings = context->settings; const char* peerHostname = settings->GatewayHostname; UINT16 peerPort = settings->GatewayPort; const char *proxyUsername = settings->ProxyUsername, *proxyPassword = settings->ProxyPassword; BOOL isProxyConnection = proxy_prepare(settings, &peerHostname, &peerPort, &proxyUsername, &proxyPassword); sockfd = freerdp_tcp_connect(context, settings, peerHostname, peerPort, timeout); if (sockfd < 1) return -1; socketBio = BIO_new(BIO_s_simple_socket()); if (!socketBio) return FALSE; BIO_set_fd(socketBio, sockfd, BIO_CLOSE); bufferedBio = BIO_new(BIO_s_buffered_socket()); if (!bufferedBio) return FALSE; bufferedBio = BIO_push(bufferedBio, socketBio); if (!BIO_set_nonblock(bufferedBio, TRUE)) return -1; if (isProxyConnection) { if (!proxy_connect(settings, bufferedBio, proxyUsername, proxyPassword, settings->GatewayHostname, settings->GatewayPort)) return -1; } channel->bio = bufferedBio; tls = channel->tls = tls_new(settings); if (!tls) return -1; tls->hostname = settings->GatewayHostname; tls->port = settings->GatewayPort; tls->isGatewayTransport = TRUE; tlsStatus = tls_connect(tls, bufferedBio); if (tlsStatus < 1) { if (tlsStatus < 0) { if (!freerdp_get_last_error(context)) freerdp_set_last_error(context, FREERDP_ERROR_TLS_CONNECT_FAILED); } else { if (!freerdp_get_last_error(context)) freerdp_set_last_error(context, FREERDP_ERROR_CONNECT_CANCELLED); } return -1; } return 1; }
/* Splits headers and body. Checks result code, in case of 300s it'll handle redirects. If this returns FALSE, don't call any callbacks! */ static gboolean http_handle_headers( struct http_request *req ) { char *end1, *end2, *s; int evil_server = 0; /* Zero termination is very convenient. */ req->reply_headers[req->bytes_read] = '\0'; /* Find the separation between headers and body, and keep stupid webservers in mind. */ end1 = strstr( req->reply_headers, "\r\n\r\n" ); end2 = strstr( req->reply_headers, "\n\n" ); if( end2 && end2 < end1 ) { end1 = end2 + 1; evil_server = 1; } else if( end1 ) { end1 += 2; } else { req->status_string = g_strdup( "Malformed HTTP reply" ); return TRUE; } *end1 = '\0'; if( getenv( "BITLBEE_DEBUG" ) ) printf( "HTTP response headers:\n%s\n", req->reply_headers ); if( evil_server ) req->reply_body = end1 + 1; else req->reply_body = end1 + 2; /* Separately allocated space for headers and body. */ req->sblen = req->body_size = req->reply_headers + req->bytes_read - req->reply_body; req->sbuf = req->reply_body = g_memdup( req->reply_body, req->body_size + 1 ); req->reply_headers = g_realloc( req->reply_headers, end1 - req->reply_headers + 1 ); if( ( end1 = strchr( req->reply_headers, ' ' ) ) != NULL ) { if( sscanf( end1 + 1, "%hd", &req->status_code ) != 1 ) { req->status_string = g_strdup( "Can't parse status code" ); req->status_code = -1; } else { char *eol; if( evil_server ) eol = strchr( end1, '\n' ); else eol = strchr( end1, '\r' ); req->status_string = g_strndup( end1 + 1, eol - end1 - 1 ); /* Just to be sure... */ if( ( eol = strchr( req->status_string, '\r' ) ) ) *eol = 0; if( ( eol = strchr( req->status_string, '\n' ) ) ) *eol = 0; } } else { req->status_string = g_strdup( "Can't locate status code" ); req->status_code = -1; } if( ( ( req->status_code >= 301 && req->status_code <= 303 ) || req->status_code == 307 ) && req->redir_ttl-- > 0 ) { char *loc, *new_request, *new_host; int error = 0, new_port, new_proto; /* We might fill it again, so let's not leak any memory. */ g_free( req->status_string ); req->status_string = NULL; loc = strstr( req->reply_headers, "\nLocation: " ); if( loc == NULL ) /* We can't handle this redirect... */ { req->status_string = g_strdup( "Can't locate Location: header" ); return TRUE; } loc += 11; while( *loc == ' ' ) loc ++; /* TODO/FIXME: Possibly have to handle relative redirections, and rewrite Host: headers. Not necessary for now, it's enough for passport authentication like this. */ if( *loc == '/' ) { /* Just a different pathname... */ /* Since we don't cache the servername, and since we don't need this yet anyway, I won't implement it. */ req->status_string = g_strdup( "Can't handle relative redirects" ); return TRUE; } else { /* A whole URL */ url_t *url; char *s, *version, *headers; const char *new_method; s = strstr( loc, "\r\n" ); if( s == NULL ) return TRUE; url = g_new0( url_t, 1 ); *s = 0; if( !url_set( url, loc ) ) { req->status_string = g_strdup( "Malformed redirect URL" ); g_free( url ); return TRUE; } /* Find all headers and, if necessary, the POST request contents. Skip the old Host: header though. This crappy code here means anything using this http_client MUST put the Host: header at the top. */ if( !( ( s = strstr( req->request, "\r\nHost: " ) ) && ( s = strstr( s + strlen( "\r\nHost: " ), "\r\n" ) ) ) ) { req->status_string = g_strdup( "Error while rebuilding request string" ); g_free( url ); return TRUE; } headers = s; /* More or less HTTP/1.0 compliant, from my reading of RFC 2616. Always perform a GET request unless we received a 301. 303 was meant for this but it's HTTP/1.1-only and we're specifically speaking HTTP/1.0. ... Well except someone at identi.ca's didn't bother reading any RFCs and just return HTTP/1.1-specific status codes to HTTP/1.0 requests. Fuckers. So here we are, handle 301..303,307. */ if( strncmp( req->request, "GET", 3 ) == 0 ) /* GETs never become POSTs. */ new_method = "GET"; else if( req->status_code == 302 || req->status_code == 303 ) /* 302 de-facto becomes GET, 303 as specified by RFC 2616#10.3.3 */ new_method = "GET"; else /* 301 de-facto should stay POST, 307 specifally RFC 2616#10.3.8 */ new_method = "POST"; if( ( version = strstr( req->request, " HTTP/" ) ) && ( s = strstr( version, "\r\n" ) ) ) { version ++; version = g_strndup( version, s - version ); } else version = g_strdup( "HTTP/1.0" ); /* Okay, this isn't fun! We have to rebuild the request... :-( */ new_request = g_strdup_printf( "%s %s %s\r\nHost: %s%s", new_method, url->file, version, url->host, headers ); new_host = g_strdup( url->host ); new_port = url->port; new_proto = url->proto; /* If we went from POST to GET, truncate the request content. */ if( new_request[0] != req->request[0] && new_request[0] == 'G' && ( s = strstr( new_request, "\r\n\r\n" ) ) ) s[4] = '\0'; g_free( url ); g_free( version ); } if( req->ssl ) ssl_disconnect( req->ssl ); else closesocket( req->fd ); req->fd = -1; req->ssl = NULL; if( getenv( "BITLBEE_DEBUG" ) ) printf( "New headers for redirected HTTP request:\n%s\n", new_request ); if( new_proto == PROTO_HTTPS ) { req->ssl = ssl_connect( new_host, new_port, TRUE, http_ssl_connected, req ); if( req->ssl == NULL ) error = 1; } else { req->fd = proxy_connect( new_host, new_port, http_connected, req ); if( req->fd < 0 ) error = 1; } g_free( new_host ); if( error ) { req->status_string = g_strdup( "Connection problem during redirect" ); g_free( new_request ); return TRUE; } g_free( req->request ); g_free( req->reply_headers ); g_free( req->sbuf ); req->request = new_request; req->request_length = strlen( new_request ); req->bytes_read = req->bytes_written = req->inpa = 0; req->reply_headers = req->reply_body = NULL; req->sbuf = req->cbuf = NULL; req->sblen = req->cblen = 0; return FALSE; } if( ( s = get_rfc822_header( req->reply_headers, "Content-Length", 0 ) ) && sscanf( s, "%d", &req->content_length ) != 1 ) req->content_length = -1; g_free( s ); if( ( s = get_rfc822_header( req->reply_headers, "Transfer-Encoding", 0 ) ) ) { if( strcasestr( s, "chunked" ) ) { req->flags |= HTTPC_CHUNKED; req->cbuf = req->sbuf; req->cblen = req->sblen; req->reply_body = req->sbuf = g_strdup( "" ); req->body_size = req->sblen = 0; } g_free( s ); } return TRUE; }
BOOL transport_connect(rdpTransport* transport, const char* hostname, UINT16 port, int timeout) { int sockfd; BOOL status = FALSE; rdpSettings* settings = transport->settings; rdpContext* context = transport->context; BOOL rpcFallback = !settings->GatewayHttpTransport; if (transport->GatewayEnabled) { if (!status && settings->GatewayHttpTransport) { transport->rdg = rdg_new(transport); if (!transport->rdg) return FALSE; status = rdg_connect(transport->rdg, timeout, &rpcFallback); if (status) { transport->frontBio = transport->rdg->frontBio; BIO_set_nonblock(transport->frontBio, 0); transport->layer = TRANSPORT_LAYER_TSG; status = TRUE; } else { rdg_free(transport->rdg); transport->rdg = NULL; } } if (!status && settings->GatewayRpcTransport && rpcFallback) { transport->tsg = tsg_new(transport); if (!transport->tsg) return FALSE; status = tsg_connect(transport->tsg, hostname, port, timeout); if (status) { transport->frontBio = tsg_get_bio(transport->tsg); transport->layer = TRANSPORT_LAYER_TSG; status = TRUE; } else { tsg_free(transport->tsg); transport->tsg = NULL; } } } else { UINT16 peerPort; const char* proxyHostname, *proxyUsername, *proxyPassword; BOOL isProxyConnection = proxy_prepare(settings, &proxyHostname, &peerPort, &proxyUsername, &proxyPassword); if (isProxyConnection) sockfd = freerdp_tcp_connect(context, settings, proxyHostname, peerPort, timeout); else sockfd = freerdp_tcp_connect(context, settings, hostname, port, timeout); if (sockfd < 0) return FALSE; if (!transport_attach(transport, sockfd)) return FALSE; if (isProxyConnection) { if (!proxy_connect(settings, transport->frontBio, proxyUsername, proxyPassword, hostname, port)) return FALSE; } status = TRUE; } return status; }
static gboolean http_incoming_data( gpointer data, int source, b_input_condition cond ) { struct http_request *req = data; int evil_server = 0; char buffer[2048]; char *end1, *end2; int st; if( req->inpa > 0 ) b_event_remove( req->inpa ); if( req->ssl ) { st = ssl_read( req->ssl, buffer, sizeof( buffer ) ); if( st < 0 ) { if( ssl_errno != SSL_AGAIN ) { /* goto cleanup; */ /* YAY! We have to deal with crappy Microsoft servers that LOVE to send invalid TLS packets that abort connections! \o/ */ goto got_reply; } } else if( st == 0 ) { goto got_reply; } } else { st = read( req->fd, buffer, sizeof( buffer ) ); if( st < 0 ) { if( !sockerr_again() ) { req->status_string = g_strdup( strerror( errno ) ); goto cleanup; } } else if( st == 0 ) { goto got_reply; } } if( st > 0 ) { req->reply_headers = g_realloc( req->reply_headers, req->bytes_read + st + 1 ); memcpy( req->reply_headers + req->bytes_read, buffer, st ); req->bytes_read += st; } /* There will be more! */ req->inpa = b_input_add( req->fd, req->ssl ? ssl_getdirection( req->ssl ) : B_EV_IO_READ, http_incoming_data, req ); if( ssl_pending( req->ssl ) ) return http_incoming_data( data, source, cond ); else return FALSE; got_reply: /* Maybe if the webserver is overloaded, or when there's bad SSL support... */ if( req->bytes_read == 0 ) { req->status_string = g_strdup( "Empty HTTP reply" ); goto cleanup; } /* Zero termination is very convenient. */ req->reply_headers[req->bytes_read] = 0; /* Find the separation between headers and body, and keep stupid webservers in mind. */ end1 = strstr( req->reply_headers, "\r\n\r\n" ); end2 = strstr( req->reply_headers, "\n\n" ); if( end2 && end2 < end1 ) { end1 = end2 + 1; evil_server = 1; } else if( end1 ) { end1 += 2; } else { req->status_string = g_strdup( "Malformed HTTP reply" ); goto cleanup; } *end1 = 0; if( getenv( "BITLBEE_DEBUG" ) ) printf( "HTTP response headers:\n%s\n", req->reply_headers ); if( evil_server ) req->reply_body = end1 + 1; else req->reply_body = end1 + 2; req->body_size = req->reply_headers + req->bytes_read - req->reply_body; if( ( end1 = strchr( req->reply_headers, ' ' ) ) != NULL ) { if( sscanf( end1 + 1, "%d", &req->status_code ) != 1 ) { req->status_string = g_strdup( "Can't parse status code" ); req->status_code = -1; } else { char *eol; if( evil_server ) eol = strchr( end1, '\n' ); else eol = strchr( end1, '\r' ); req->status_string = g_strndup( end1 + 1, eol - end1 - 1 ); /* Just to be sure... */ if( ( eol = strchr( req->status_string, '\r' ) ) ) *eol = 0; if( ( eol = strchr( req->status_string, '\n' ) ) ) *eol = 0; } } else { req->status_string = g_strdup( "Can't locate status code" ); req->status_code = -1; } if( ( ( req->status_code >= 301 && req->status_code <= 303 ) || req->status_code == 307 ) && req->redir_ttl-- > 0 ) { char *loc, *new_request, *new_host; int error = 0, new_port, new_proto; /* We might fill it again, so let's not leak any memory. */ g_free( req->status_string ); req->status_string = NULL; loc = strstr( req->reply_headers, "\nLocation: " ); if( loc == NULL ) /* We can't handle this redirect... */ { req->status_string = g_strdup( "Can't locate Location: header" ); goto cleanup; } loc += 11; while( *loc == ' ' ) loc ++; /* TODO/FIXME: Possibly have to handle relative redirections, and rewrite Host: headers. Not necessary for now, it's enough for passport authentication like this. */ if( *loc == '/' ) { /* Just a different pathname... */ /* Since we don't cache the servername, and since we don't need this yet anyway, I won't implement it. */ req->status_string = g_strdup( "Can't handle recursive redirects" ); goto cleanup; } else { /* A whole URL */ url_t *url; char *s; const char *new_method; s = strstr( loc, "\r\n" ); if( s == NULL ) goto cleanup; url = g_new0( url_t, 1 ); *s = 0; if( !url_set( url, loc ) ) { req->status_string = g_strdup( "Malformed redirect URL" ); g_free( url ); goto cleanup; } /* Find all headers and, if necessary, the POST request contents. Skip the old Host: header though. This crappy code here means anything using this http_client MUST put the Host: header at the top. */ if( !( ( s = strstr( req->request, "\r\nHost: " ) ) && ( s = strstr( s + strlen( "\r\nHost: " ), "\r\n" ) ) ) ) { req->status_string = g_strdup( "Error while rebuilding request string" ); g_free( url ); goto cleanup; } /* More or less HTTP/1.0 compliant, from my reading of RFC 2616. Always perform a GET request unless we received a 301. 303 was meant for this but it's HTTP/1.1-only and we're specifically speaking HTTP/1.0. ... Well except someone at identi.ca's didn't bother reading any RFCs and just return HTTP/1.1-specific status codes to HTTP/1.0 requests. Fuckers. So here we are, handle 301..303,307. */ if( strncmp( req->request, "GET", 3 ) == 0 ) /* GETs never become POSTs. */ new_method = "GET"; else if( req->status_code == 302 || req->status_code == 303 ) /* 302 de-facto becomes GET, 303 as specified by RFC 2616#10.3.3 */ new_method = "GET"; else /* 301 de-facto should stay POST, 307 specifally RFC 2616#10.3.8 */ new_method = "POST"; /* Okay, this isn't fun! We have to rebuild the request... :-( */ new_request = g_strdup_printf( "%s %s HTTP/1.0\r\nHost: %s%s", new_method, url->file, url->host, s ); new_host = g_strdup( url->host ); new_port = url->port; new_proto = url->proto; /* If we went from POST to GET, truncate the request content. */ if( new_request[0] != req->request[0] && new_request[0] == 'G' && ( s = strstr( new_request, "\r\n\r\n" ) ) ) s[4] = '\0'; g_free( url ); } if( req->ssl ) ssl_disconnect( req->ssl ); else closesocket( req->fd ); req->fd = -1; req->ssl = NULL; if( getenv( "BITLBEE_DEBUG" ) ) printf( "New headers for redirected HTTP request:\n%s\n", new_request ); if( new_proto == PROTO_HTTPS ) { req->ssl = ssl_connect( new_host, new_port, TRUE, http_ssl_connected, req ); if( req->ssl == NULL ) error = 1; } else { req->fd = proxy_connect( new_host, new_port, http_connected, req ); if( req->fd < 0 ) error = 1; } g_free( new_host ); if( error ) { req->status_string = g_strdup( "Connection problem during redirect" ); g_free( new_request ); goto cleanup; } g_free( req->request ); g_free( req->reply_headers ); req->request = new_request; req->request_length = strlen( new_request ); req->bytes_read = req->bytes_written = req->inpa = 0; req->reply_headers = req->reply_body = NULL; return FALSE; } /* Assume that a closed connection means we're finished, this indeed breaks with keep-alive connections and faulty connections. */ req->finished = 1; cleanup: if( req->ssl ) ssl_disconnect( req->ssl ); else closesocket( req->fd ); if( getenv( "BITLBEE_DEBUG" ) && req ) printf( "Finishing HTTP request with status: %s\n", req->status_string ? req->status_string : "NULL" ); req->func( req ); http_free( req ); return FALSE; }
unsigned int sockroutine(int s_listen, acetables *g_ape) { int basemem = 512, epoll_fd; struct epoll_event ev, *events; int new_fd, nfds, sin_size = sizeof(struct sockaddr_in), i; struct timeval t_start, t_end; unsigned int ticks = 0; struct sockaddr_in their_addr; connection *co = xmalloc(sizeof(*co) * basemem); epoll_fd = epoll_create(1); /* the param is not used */ if (epoll_fd < 0) { printf("[ERR] Not enougth memory\n"); exit(0); } g_ape->epoll_fd = &epoll_fd; events = xmalloc(sizeof(*events) * basemem); g_ape->bufout = xmalloc(sizeof(struct _socks_bufout) * basemem); setnonblocking(s_listen); ev.events = EPOLLIN | EPOLLET | EPOLLPRI; ev.data.fd = s_listen; epoll_ctl(epoll_fd, EPOLL_CTL_ADD, s_listen, &ev); while (1) { /* Linux 2.6.25 provide a fd-driven timer system. It could be usefull to implement */ gettimeofday(&t_start, NULL); nfds = epoll_wait(epoll_fd, events, basemem, (1000/TICKS_RATE)-ticks); if (nfds < 0) { continue; } if (nfds > 0) { for (i = 0; i < nfds; i++) { if (events[i].data.fd == s_listen) { while (1) { struct epoll_event cev; http_state http = {0, HTTP_NULL, 0, -1, 0, 0, 0}; new_fd = accept(s_listen, (struct sockaddr *)&their_addr, (unsigned int *)&sin_size); if (new_fd == -1) { break; } if (new_fd + 4 == basemem) { /* Increase connection & events size */ growup(&basemem, &co, &events, &g_ape->bufout); } strncpy(co[new_fd].ip_client, inet_ntoa(their_addr.sin_addr), 16); co[new_fd].buffer.data = xmalloc(sizeof(char) * (DEFAULT_BUFFER_SIZE + 1)); co[new_fd].buffer.size = DEFAULT_BUFFER_SIZE; co[new_fd].buffer.length = 0; co[new_fd].http = http; co[new_fd].attach = NULL; co[new_fd].stream_type = STREAM_IN; g_ape->bufout[new_fd].fd = new_fd; g_ape->bufout[new_fd].buf = NULL; g_ape->bufout[new_fd].buflen = 0; g_ape->bufout[new_fd].allocsize = 0; setnonblocking(new_fd); cev.events = EPOLLIN | EPOLLET | EPOLLPRI | EPOLLOUT; cev.data.fd = new_fd; epoll_ctl(epoll_fd, EPOLL_CTL_ADD, new_fd, &cev); } continue; } else { int readb = 0; if (events[i].events & EPOLLOUT) { if (co[events[i].data.fd].stream_type == STREAM_OUT && ((ape_proxy *)(co[events[i].data.fd].attach))->state == PROXY_IN_PROGRESS) { int serror = 0, ret; socklen_t serror_len = sizeof(serror); ret = getsockopt(events[i].data.fd, SOL_SOCKET, SO_ERROR, &serror, &serror_len); if (ret == 0 && serror == 0) { ((ape_proxy *)(co[events[i].data.fd].attach))->state = PROXY_CONNECTED; ((ape_proxy *)(co[events[i].data.fd].attach))->sock.fd = events[i].data.fd; proxy_onevent((ape_proxy *)(co[events[i].data.fd].attach), "CONNECT", g_ape); } else { /* This can be happen ? epoll seems set EPOLLIN as if the host is disconnecting */ ((ape_proxy *)(co[events[i].data.fd].attach))->state = PROXY_THROTTLED; //epoll_ctl(epoll_fd, EPOLL_CTL_DEL, events[i].data.fd, NULL); clear_buffer(&co[events[i].data.fd]); close(events[i].data.fd); } } else if (co[events[i].data.fd].stream_type == STREAM_IN && g_ape->bufout[events[i].data.fd].buf != NULL) { if (sendqueue(events[i].data.fd, g_ape) == 1) { if (co[events[i].data.fd].attach != NULL && ((subuser *)(co[events[i].data.fd].attach))->burn_after_writing) { do_died((subuser *)(co[events[i].data.fd].attach)); ((subuser *)(co[events[i].data.fd].attach))->burn_after_writing = 0; } } } } if (events[i].events & EPOLLIN) { do { /* TODO : Check if maximum data read can improve perf Huge data may attempt to increase third parameter */ readb = read(events[i].data.fd, co[events[i].data.fd].buffer.data + co[events[i].data.fd].buffer.length, co[events[i].data.fd].buffer.size - co[events[i].data.fd].buffer.length); if (readb == -1 && errno == EAGAIN) { /* Nothing to read again */ if (co[events[i].data.fd].stream_type == STREAM_OUT) { proxy_process_eol(&co[events[i].data.fd], g_ape); co[events[i].data.fd].buffer.length = 0; } else { co[events[i].data.fd].buffer.data[co[events[i].data.fd].buffer.length] = '\0'; } break; } else { if (readb < 1) { #if 0 TODO : if (events[i].events & EPOLLRDHUP) { /* Client hangup the connection (half-closed) */ } #endif if (co[events[i].data.fd].stream_type == STREAM_IN && co[events[i].data.fd].attach != NULL) { if (events[i].data.fd == ((subuser *)(co[events[i].data.fd].attach))->fd) { ((subuser *)(co[events[i].data.fd].attach))->headers_sent = 0; ((subuser *)(co[events[i].data.fd].attach))->state = ADIED; } if (((subuser *)(co[events[i].data.fd].attach))->wait_for_free == 1) { free(co[events[i].data.fd].attach); co[events[i].data.fd].attach = NULL; } } else if (co[events[i].data.fd].stream_type == STREAM_OUT) { if (((ape_proxy *)(co[events[i].data.fd].attach))->state == PROXY_TOFREE) { free(co[events[i].data.fd].attach); co[events[i].data.fd].attach = NULL; } else { ((ape_proxy *)(co[events[i].data.fd].attach))->state = PROXY_THROTTLED; proxy_onevent((ape_proxy *)(co[events[i].data.fd].attach), "DISCONNECT", g_ape); } } clear_buffer(&co[events[i].data.fd]); if (g_ape->bufout[events[i].data.fd].buf != NULL) { free(g_ape->bufout[events[i].data.fd].buf); g_ape->bufout[events[i].data.fd].buflen = 0; g_ape->bufout[events[i].data.fd].buf = NULL; g_ape->bufout[events[i].data.fd].allocsize = 0; } close(events[i].data.fd); break; } else if (co[events[i].data.fd].http.ready != -1) { co[events[i].data.fd].buffer.length += readb; if (co[events[i].data.fd].buffer.length == co[events[i].data.fd].buffer.size) { co[events[i].data.fd].buffer.size *= 2; co[events[i].data.fd].buffer.data = xrealloc(co[events[i].data.fd].buffer.data, sizeof(char) * (co[events[i].data.fd].buffer.size + 1)); } if (co[events[i].data.fd].stream_type == STREAM_IN) { process_http(&co[events[i].data.fd]); if (co[events[i].data.fd].http.ready == 1) { co[events[i].data.fd].attach = checkrecv(co[events[i].data.fd].buffer.data, events[i].data.fd, g_ape, co[events[i].data.fd].ip_client); co[events[i].data.fd].buffer.length = 0; co[events[i].data.fd].http.ready = -1; } else if (co[events[i].data.fd].http.error == 1) { shutdown(events[i].data.fd, 2); } } } } } while(readb >= 0); } } } } gettimeofday(&t_end, NULL); ticks += (1000*(t_end.tv_sec - t_start.tv_sec))+((t_end.tv_usec - t_start.tv_usec)/1000); /* Tic tac, tic tac :-) */ if (ticks >= 1000/TICKS_RATE) { ape_proxy *proxy = g_ape->proxy.list; int psock; ticks = 0; while (proxy != NULL) { if (proxy->state == PROXY_NOT_CONNECTED && ((psock = proxy_connect(proxy, g_ape)) != 0)) { http_state http_s = {0, HTTP_NULL, 0, -1, 0, 0, 0}; if (psock + 4 == basemem) { growup(&basemem, &co, &events, &g_ape->bufout); } co[psock].ip_client[0] = '\0'; co[psock].buffer.data = xmalloc(sizeof(char) * (DEFAULT_BUFFER_SIZE + 1)); co[psock].buffer.size = DEFAULT_BUFFER_SIZE; co[psock].buffer.length = 0; co[psock].http = http_s; co[psock].attach = proxy; co[psock].stream_type = STREAM_OUT; } proxy = proxy->next; } process_tick(g_ape); } } close(epoll_fd); return 0; }
/* * Retrieve URL, via the proxy in $proxyvar if necessary. * Modifies the string argument given. * Returns -1 on failure, 0 on success */ static int url_get(const char *origline, const char *proxyenv, const char *outfile) { char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; char *epath, *redirurl, *loctail, *h, *p; int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1; struct addrinfo hints, *res0, *res, *ares = NULL; const char * volatile savefile; char * volatile proxyurl = NULL; char *cookie = NULL; volatile int s = -1, out; volatile sig_t oldintr, oldinti; FILE *fin = NULL; off_t hashbytes; const char *errstr; ssize_t len, wlen; #ifndef SMALL char *sslpath = NULL, *sslhost = NULL; char *locbase, *full_host = NULL, *auth = NULL; const char *scheme; int ishttpsurl = 0; SSL_CTX *ssl_ctx = NULL; #endif /* !SMALL */ SSL *ssl = NULL; int status; int save_errno; const size_t buflen = 128 * 1024; direction = "received"; newline = strdup(origline); if (newline == NULL) errx(1, "Can't allocate memory to parse URL"); if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) { host = newline + sizeof(HTTP_URL) - 1; #ifndef SMALL scheme = HTTP_URL; #endif /* !SMALL */ } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { host = newline + sizeof(FTP_URL) - 1; isftpurl = 1; #ifndef SMALL scheme = FTP_URL; #endif /* !SMALL */ } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { host = newline + sizeof(FILE_URL) - 1; isfileurl = 1; #ifndef SMALL scheme = FILE_URL; } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { host = newline + sizeof(HTTPS_URL) - 1; ishttpsurl = 1; scheme = HTTPS_URL; #endif /* !SMALL */ } else errx(1, "url_get: Invalid URL '%s'", newline); if (isfileurl) { path = host; } else { path = strchr(host, '/'); /* Find path */ if (EMPTYSTRING(path)) { if (outfile) { /* No slash, but */ path=strchr(host,'\0'); /* we have outfile. */ goto noslash; } if (isftpurl) goto noftpautologin; warnx("No `/' after host (use -o): %s", origline); goto cleanup_url_get; } *path++ = '\0'; if (EMPTYSTRING(path) && !outfile) { if (isftpurl) goto noftpautologin; warnx("No filename after host (use -o): %s", origline); goto cleanup_url_get; } } noslash: #ifndef SMALL /* * Look for auth header in host, since now host does not * contain the path. Basic auth from RFC 2617, valid * characters for path are in RFC 3986 section 3.3. */ if (proxyenv == NULL && (!strcmp(scheme, HTTP_URL) || !strcmp(scheme, HTTPS_URL))) { if ((p = strchr(host, '@')) != NULL) { size_t authlen = (strlen(host) + 5) * 4 / 3; *p = 0; /* Kill @ */ if ((auth = malloc(authlen)) == NULL) err(1, "Can't allocate memory for " "authorization"); if (b64_ntop(host, strlen(host), auth, authlen) == -1) errx(1, "error in base64 encoding"); host = p + 1; } } #endif /* SMALL */ if (outfile) savefile = outfile; else { if (path[strlen(path) - 1] == '/') /* Consider no file */ savefile = NULL; /* after dir invalid. */ else savefile = basename(path); } if (EMPTYSTRING(savefile)) { if (isftpurl) goto noftpautologin; warnx("No filename after directory (use -o): %s", origline); goto cleanup_url_get; } #ifndef SMALL if (resume && pipeout) { warnx("can't append to stdout"); goto cleanup_url_get; } #endif /* !SMALL */ if (!isfileurl && proxyenv != NULL) { /* use proxy */ #ifndef SMALL if (ishttpsurl) { sslpath = strdup(path); sslhost = strdup(host); if (! sslpath || ! sslhost) errx(1, "Can't allocate memory for https path/host."); } #endif /* !SMALL */ proxyurl = strdup(proxyenv); if (proxyurl == NULL) errx(1, "Can't allocate memory for proxy URL."); if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) host = proxyurl + sizeof(HTTP_URL) - 1; else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) host = proxyurl + sizeof(FTP_URL) - 1; else { warnx("Malformed proxy URL: %s", proxyenv); goto cleanup_url_get; } if (EMPTYSTRING(host)) { warnx("Malformed proxy URL: %s", proxyenv); goto cleanup_url_get; } if (*--path == '\0') *path = '/'; /* add / back to real path */ path = strchr(host, '/'); /* remove trailing / on host */ if (!EMPTYSTRING(path)) *path++ = '\0'; /* i guess this ++ is useless */ path = strchr(host, '@'); /* look for credentials in proxy */ if (!EMPTYSTRING(path)) { *path = '\0'; cookie = strchr(host, ':'); if (EMPTYSTRING(cookie)) { warnx("Malformed proxy URL: %s", proxyenv); goto cleanup_url_get; } cookie = malloc(COOKIE_MAX_LEN); if (cookie == NULL) errx(1, "out of memory"); if (b64_ntop(host, strlen(host), cookie, COOKIE_MAX_LEN) == -1) errx(1, "error in base64 encoding"); *path = '@'; /* restore @ in proxyurl */ /* * This removes the password from proxyurl, * filling with stars */ for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@'; host++) *host = '*'; host = path + 1; } path = newline; } if (isfileurl) { struct stat st; s = open(path, O_RDONLY); if (s == -1) { warn("Can't open file %s", path); goto cleanup_url_get; } if (fstat(s, &st) == -1) filesize = -1; else filesize = st.st_size; /* Open the output file. */ if (!pipeout) { #ifndef SMALL if (resume) out = open(savefile, O_CREAT | O_WRONLY | O_APPEND, 0666); else #endif /* !SMALL */ out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); if (out < 0) { warn("Can't open %s", savefile); goto cleanup_url_get; } } else out = fileno(stdout); #ifndef SMALL if (resume) { if (fstat(out, &st) == -1) { warn("Can't fstat %s", savefile); goto cleanup_url_get; } if (lseek(s, st.st_size, SEEK_SET) == -1) { warn("Can't lseek %s", path); goto cleanup_url_get; } restart_point = st.st_size; } #endif /* !SMALL */ /* Trap signals */ oldintr = NULL; oldinti = NULL; if (setjmp(httpabort)) { if (oldintr) (void)signal(SIGINT, oldintr); if (oldinti) (void)signal(SIGINFO, oldinti); goto cleanup_url_get; } oldintr = signal(SIGINT, abortfile); bytes = 0; hashbytes = mark; progressmeter(-1, path); if ((buf = malloc(buflen)) == NULL) errx(1, "Can't allocate memory for transfer buffer"); /* Finally, suck down the file. */ i = 0; oldinti = signal(SIGINFO, psummary); while ((len = read(s, buf, buflen)) > 0) { bytes += len; for (cp = buf; len > 0; len -= i, cp += i) { if ((i = write(out, cp, len)) == -1) { warn("Writing %s", savefile); signal(SIGINFO, oldinti); goto cleanup_url_get; } else if (i == 0) break; } if (hash && !progress) { while (bytes >= hashbytes) { (void)putc('#', ttyout); hashbytes += mark; } (void)fflush(ttyout); } } signal(SIGINFO, oldinti); if (hash && !progress && bytes > 0) { if (bytes < mark) (void)putc('#', ttyout); (void)putc('\n', ttyout); (void)fflush(ttyout); } if (len != 0) { warn("Reading from file"); goto cleanup_url_get; } progressmeter(1, NULL); if (verbose) ptransfer(0); (void)signal(SIGINT, oldintr); rval = 0; goto cleanup_url_get; } if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && (hosttail[1] == '\0' || hosttail[1] == ':')) { host++; *hosttail++ = '\0'; #ifndef SMALL if (asprintf(&full_host, "[%s]", host) == -1) errx(1, "Cannot allocate memory for hostname"); #endif /* !SMALL */ } else hosttail = host; portnum = strrchr(hosttail, ':'); /* find portnum */ if (portnum != NULL) *portnum++ = '\0'; #ifndef SMALL if (full_host == NULL) if ((full_host = strdup(host)) == NULL) errx(1, "Cannot allocate memory for hostname"); if (debug) fprintf(ttyout, "host %s, port %s, path %s, " "save as %s, auth %s.\n", host, portnum, path, savefile, auth); #endif /* !SMALL */ memset(&hints, 0, sizeof(hints)); hints.ai_family = family; hints.ai_socktype = SOCK_STREAM; #ifndef SMALL port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); #else /* !SMALL */ port = portnum ? portnum : httpport; #endif /* !SMALL */ error = getaddrinfo(host, port, &hints, &res0); /* * If the services file is corrupt/missing, fall back * on our hard-coded defines. */ if (error == EAI_SERVICE && port == httpport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); #ifndef SMALL } else if (error == EAI_SERVICE && port == httpsport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); #endif /* !SMALL */ } if (error) { warnx("%s: %s", gai_strerror(error), host); goto cleanup_url_get; } #ifndef SMALL if (srcaddr) { hints.ai_flags |= AI_NUMERICHOST; error = getaddrinfo(srcaddr, NULL, &hints, &ares); if (error) { warnx("%s: %s", gai_strerror(error), srcaddr); goto cleanup_url_get; } } #endif /* !SMALL */ s = -1; for (res = res0; res; res = res->ai_next) { if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) strlcpy(hbuf, "(unknown)", sizeof(hbuf)); if (verbose) fprintf(ttyout, "Trying %s...\n", hbuf); s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (s == -1) { cause = "socket"; continue; } #ifndef SMALL if (srcaddr) { if (ares->ai_family != res->ai_family) { close(s); s = -1; errno = EINVAL; cause = "bind"; continue; } if (bind(s, ares->ai_addr, ares->ai_addrlen) < 0) { save_errno = errno; close(s); errno = save_errno; s = -1; cause = "bind"; continue; } } #endif /* !SMALL */ again: if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { if (errno == EINTR) goto again; save_errno = errno; close(s); errno = save_errno; s = -1; cause = "connect"; continue; } /* get port in numeric */ if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) port = pbuf; else port = NULL; #ifndef SMALL if (proxyenv && sslhost) proxy_connect(s, sslhost, cookie); #endif /* !SMALL */ break; } freeaddrinfo(res0); #ifndef SMALL if (srcaddr) freeaddrinfo(ares); #endif /* !SMALL */ if (s < 0) { warn("%s", cause); goto cleanup_url_get; } #ifndef SMALL if (ishttpsurl) { union { struct in_addr ip4; struct in6_addr ip6; } addrbuf; if (proxyenv && sslpath) { ishttpsurl = 0; proxyurl = NULL; path = sslpath; } SSL_library_init(); SSL_load_error_strings(); ssl_ctx = SSL_CTX_new(SSLv23_client_method()); if (ssl_ctx == NULL) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } if (ssl_verify) { if (ssl_ca_file == NULL && ssl_ca_path == NULL) ssl_ca_file = _PATH_SSL_CAFILE; if (SSL_CTX_load_verify_locations(ssl_ctx, ssl_ca_file, ssl_ca_path) != 1) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL); if (ssl_verify_depth != -1) SSL_CTX_set_verify_depth(ssl_ctx, ssl_verify_depth); } if (ssl_ciphers != NULL && SSL_CTX_set_cipher_list(ssl_ctx, ssl_ciphers) == -1) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } ssl = SSL_new(ssl_ctx); if (ssl == NULL) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } if (SSL_set_fd(ssl, s) == 0) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } /* * RFC4366 (SNI): Literal IPv4 and IPv6 addresses are not * permitted in "HostName". */ if (inet_pton(AF_INET, host, &addrbuf) != 1 && inet_pton(AF_INET6, host, &addrbuf) != 1) { if (SSL_set_tlsext_host_name(ssl, host) == 0) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } } if (SSL_connect(ssl) <= 0) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } if (ssl_verify) { X509 *cert; cert = SSL_get_peer_certificate(ssl); if (cert == NULL) { fprintf(ttyout, "%s: no server certificate\n", getprogname()); goto cleanup_url_get; } if (ssl_check_hostname(cert, host) != 0) { fprintf(ttyout, "%s: host `%s' not present in" " server certificate\n", getprogname(), host); goto cleanup_url_get; } X509_free(cert); } } else { fin = fdopen(s, "r+"); } #else /* !SMALL */ fin = fdopen(s, "r+"); #endif /* !SMALL */ if (verbose) fprintf(ttyout, "Requesting %s", origline); /* * Construct and send the request. Proxy requests don't want leading /. */ #ifndef SMALL cookie_get(host, path, ishttpsurl, &buf); #endif /* !SMALL */ epath = url_encode(path); if (proxyurl) { if (verbose) fprintf(ttyout, " (via %s)\n", proxyurl); /* * Host: directive must use the destination host address for * the original URI (path). We do not attach it at this moment. */ if (cookie) ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n" "Proxy-Authorization: Basic %s%s\r\n%s\r\n\r\n", epath, cookie, buf ? buf : "", HTTP_USER_AGENT); else ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n%s%s\r\n\r\n", epath, buf ? buf : "", HTTP_USER_AGENT); } else { #ifndef SMALL if (resume) { struct stat stbuf; if (stat(savefile, &stbuf) == 0) restart_point = stbuf.st_size; else restart_point = 0; } if (auth) { ftp_printf(fin, ssl, "GET /%s %s\r\nAuthorization: Basic %s\r\nHost: ", epath, restart_point ? "HTTP/1.1\r\nConnection: close" : "HTTP/1.0", auth); free(auth); auth = NULL; } else #endif /* SMALL */ ftp_printf(fin, ssl, "GET /%s %s\r\nHost: ", epath, #ifndef SMALL restart_point ? "HTTP/1.1\r\nConnection: close" : #endif /* !SMALL */ "HTTP/1.0"); if (strchr(host, ':')) { /* * strip off scoped address portion, since it's * local to node */ h = strdup(host); if (h == NULL) errx(1, "Can't allocate memory."); if ((p = strchr(h, '%')) != NULL) *p = '\0'; ftp_printf(fin, ssl, "[%s]", h); free(h); } else ftp_printf(fin, ssl, "%s", host); /* * Send port number only if it's specified and does not equal * 80. Some broken HTTP servers get confused if you explicitly * send them the port number. */ #ifndef SMALL if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) ftp_printf(fin, ssl, ":%s", port); if (restart_point) ftp_printf(fin, ssl, "\r\nRange: bytes=%lld-", (long long)restart_point); #else /* !SMALL */ if (port && strcmp(port, "80") != 0) ftp_printf(fin, ssl, ":%s", port); #endif /* !SMALL */ ftp_printf(fin, ssl, "\r\n%s%s\r\n\r\n", buf ? buf : "", HTTP_USER_AGENT); if (verbose) fprintf(ttyout, "\n"); } free(epath); #ifndef SMALL free(buf); #endif /* !SMALL */ buf = NULL; if (fin != NULL && fflush(fin) == EOF) { warn("Writing HTTP request"); goto cleanup_url_get; } if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { warn("Receiving HTTP reply"); goto cleanup_url_get; } while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) buf[--len] = '\0'; #ifndef SMALL if (debug) fprintf(ttyout, "received '%s'\n", buf); #endif /* !SMALL */ cp = strchr(buf, ' '); if (cp == NULL) goto improper; else cp++; strlcpy(ststr, cp, sizeof(ststr)); status = strtonum(ststr, 200, 416, &errstr); if (errstr) { warnx("Error retrieving file: %s", cp); goto cleanup_url_get; } switch (status) { case 200: /* OK */ #ifndef SMALL /* * When we request a partial file, and we receive an HTTP 200 * it is a good indication that the server doesn't support * range requests, and is about to send us the entire file. * If the restart_point == 0, then we are not actually * requesting a partial file, and an HTTP 200 is appropriate. */ if (resume && restart_point != 0) { warnx("Server does not support resume."); restart_point = resume = 0; } /* FALLTHROUGH */ case 206: /* Partial Content */ #endif /* !SMALL */ break; case 301: /* Moved Permanently */ case 302: /* Found */ case 303: /* See Other */ case 307: /* Temporary Redirect */ isredirect++; if (redirect_loop++ > 10) { warnx("Too many redirections requested"); goto cleanup_url_get; } break; #ifndef SMALL case 416: /* Requested Range Not Satisfiable */ warnx("File is already fully retrieved."); goto cleanup_url_get; #endif /* !SMALL */ default: warnx("Error retrieving file: %s", cp); goto cleanup_url_get; } /* * Read the rest of the header. */ free(buf); filesize = -1; for (;;) { if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { warn("Receiving HTTP reply"); goto cleanup_url_get; } while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) buf[--len] = '\0'; if (len == 0) break; #ifndef SMALL if (debug) fprintf(ttyout, "received '%s'\n", buf); #endif /* !SMALL */ /* Look for some headers */ cp = buf; #define CONTENTLEN "Content-Length: " if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { size_t s; cp += sizeof(CONTENTLEN) - 1; if ((s = strcspn(cp, " \t"))) *(cp+s) = 0; filesize = strtonum(cp, 0, LLONG_MAX, &errstr); if (errstr != NULL) goto improper; #ifndef SMALL if (restart_point) filesize += restart_point; #endif /* !SMALL */ #define LOCATION "Location: " } else if (isredirect && strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { cp += sizeof(LOCATION) - 1; if (strstr(cp, "://") == NULL) { #ifdef SMALL errx(1, "Relative redirect not supported"); #else /* SMALL */ if (*cp == '/') { locbase = NULL; cp++; } else { locbase = strdup(path); if (locbase == NULL) errx(1, "Can't allocate memory" " for location base"); loctail = strchr(locbase, '#'); if (loctail != NULL) *loctail = '\0'; loctail = strchr(locbase, '?'); if (loctail != NULL) *loctail = '\0'; loctail = strrchr(locbase, '/'); if (loctail == NULL) { free(locbase); locbase = NULL; } else loctail[1] = '\0'; } /* Contruct URL from relative redirect */ if (asprintf(&redirurl, "%s%s%s%s/%s%s", scheme, full_host, portnum ? ":" : "", portnum ? portnum : "", locbase ? locbase : "", cp) == -1) errx(1, "Cannot build " "redirect URL"); free(locbase); #endif /* SMALL */ } else if ((redirurl = strdup(cp)) == NULL) errx(1, "Cannot allocate memory for URL"); loctail = strchr(redirurl, '#'); if (loctail != NULL) *loctail = '\0'; if (verbose) fprintf(ttyout, "Redirected to %s\n", redirurl); if (fin != NULL) fclose(fin); else if (s != -1) close(s); rval = url_get(redirurl, proxyenv, savefile); free(redirurl); goto cleanup_url_get; } free(buf); } /* Open the output file. */ if (!pipeout) { #ifndef SMALL if (resume) out = open(savefile, O_CREAT | O_WRONLY | O_APPEND, 0666); else #endif /* !SMALL */ out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); if (out < 0) { warn("Can't open %s", savefile); goto cleanup_url_get; } } else out = fileno(stdout); /* Trap signals */ oldintr = NULL; oldinti = NULL; if (setjmp(httpabort)) { if (oldintr) (void)signal(SIGINT, oldintr); if (oldinti) (void)signal(SIGINFO, oldinti); goto cleanup_url_get; } oldintr = signal(SIGINT, aborthttp); bytes = 0; hashbytes = mark; progressmeter(-1, path); free(buf); /* Finally, suck down the file. */ if ((buf = malloc(buflen)) == NULL) errx(1, "Can't allocate memory for transfer buffer"); i = 0; len = 1; oldinti = signal(SIGINFO, psummary); while (len > 0) { len = ftp_read(fin, ssl, buf, buflen); bytes += len; for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) { if ((i = write(out, cp, wlen)) == -1) { warn("Writing %s", savefile); signal(SIGINFO, oldinti); goto cleanup_url_get; } else if (i == 0) break; } if (hash && !progress) { while (bytes >= hashbytes) { (void)putc('#', ttyout); hashbytes += mark; } (void)fflush(ttyout); } } signal(SIGINFO, oldinti); if (hash && !progress && bytes > 0) { if (bytes < mark) (void)putc('#', ttyout); (void)putc('\n', ttyout); (void)fflush(ttyout); } if (len != 0) { warn("Reading from socket"); goto cleanup_url_get; } progressmeter(1, NULL); if ( #ifndef SMALL !resume && #endif /* !SMALL */ filesize != -1 && len == 0 && bytes != filesize) { if (verbose) fputs("Read short file.\n", ttyout); goto cleanup_url_get; } if (verbose) ptransfer(0); (void)signal(SIGINT, oldintr); rval = 0; goto cleanup_url_get; noftpautologin: warnx( "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); goto cleanup_url_get; improper: warnx("Improper response from %s", host); cleanup_url_get: #ifndef SMALL if (ssl) { SSL_shutdown(ssl); SSL_free(ssl); } free(full_host); free(auth); #endif /* !SMALL */ if (fin != NULL) fclose(fin); else if (s != -1) close(s); free(buf); free(proxyurl); free(newline); free(cookie); return (rval); }
static BOOL rdg_tls_connect(rdpRdg* rdg, rdpTls* tls, const char* peerAddress, int timeout) { int sockfd = 0; int status = 0; BIO* socketBio = NULL; BIO* bufferedBio = NULL; rdpSettings* settings = rdg->settings; const char* peerHostname = settings->GatewayHostname; UINT16 peerPort = settings->GatewayPort; const char* proxyUsername, *proxyPassword; BOOL isProxyConnection = proxy_prepare(settings, &peerHostname, &peerPort, &proxyUsername, &proxyPassword); sockfd = freerdp_tcp_connect(rdg->context, settings, peerAddress ? peerAddress : peerHostname, peerPort, timeout); if (sockfd < 0) { return FALSE; } socketBio = BIO_new(BIO_s_simple_socket()); if (!socketBio) { closesocket(sockfd); return FALSE; } BIO_set_fd(socketBio, sockfd, BIO_CLOSE); bufferedBio = BIO_new(BIO_s_buffered_socket()); if (!bufferedBio) { closesocket(sockfd); BIO_free(socketBio); return FALSE; } bufferedBio = BIO_push(bufferedBio, socketBio); status = BIO_set_nonblock(bufferedBio, TRUE); if (isProxyConnection) { if (!proxy_connect(settings, bufferedBio, proxyUsername, proxyPassword, settings->GatewayHostname, settings->GatewayPort)) return FALSE; } if (!status) { BIO_free_all(bufferedBio); return FALSE; } tls->hostname = settings->GatewayHostname; tls->port = settings->GatewayPort; tls->isGatewayTransport = TRUE; status = tls_connect(tls, bufferedBio); return (status >= 1); }
/* * Retrieve URL, via the proxy in $proxyvar if necessary. * Modifies the string argument given. * Returns -1 on failure, 0 on success */ static int url_get(const char *origline, const char *proxyenv, const char *outfile) { char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1; struct addrinfo hints, *res0, *res; const char * volatile savefile; char * volatile proxyurl = NULL; char *cookie = NULL; volatile int s = -1, out; volatile sig_t oldintr; FILE *fin = NULL; off_t hashbytes; const char *errstr; size_t len, wlen; #ifndef SMALL char *sslpath = NULL, *sslhost = NULL; int ishttpsurl = 0; SSL_CTX *ssl_ctx = NULL; #endif /* !SMALL */ SSL *ssl = NULL; int status; newline = strdup(origline); if (newline == NULL) errx(1, "Can't allocate memory to parse URL"); if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) host = newline + sizeof(HTTP_URL) - 1; else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { host = newline + sizeof(FTP_URL) - 1; isftpurl = 1; } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { host = newline + sizeof(FILE_URL) - 1; isfileurl = 1; #ifndef SMALL } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { host = newline + sizeof(HTTPS_URL) - 1; ishttpsurl = 1; #endif /* !SMALL */ } else errx(1, "url_get: Invalid URL '%s'", newline); if (isfileurl) { path = host; } else { path = strchr(host, '/'); /* find path */ if (EMPTYSTRING(path)) { if (isftpurl) goto noftpautologin; warnx("Invalid URL (no `/' after host): %s", origline); goto cleanup_url_get; } *path++ = '\0'; if (EMPTYSTRING(path)) { if (isftpurl) goto noftpautologin; warnx("Invalid URL (no file after host): %s", origline); goto cleanup_url_get; } } if (outfile) savefile = outfile; else savefile = basename(path); #ifndef SMALL if (resume && (strcmp(savefile, "-") == 0)) { warnx("can't append to stdout"); goto cleanup_url_get; } #endif /* !SMALL */ if (EMPTYSTRING(savefile)) { if (isftpurl) goto noftpautologin; warnx("Invalid URL (no file after directory): %s", origline); goto cleanup_url_get; } if (!isfileurl && proxyenv != NULL) { /* use proxy */ #ifndef SMALL if (ishttpsurl) { sslpath = strdup(path); sslhost = strdup(host); if (! sslpath || ! sslhost) errx(1, "Can't allocate memory for https path/host."); } #endif /* !SMALL */ proxyurl = strdup(proxyenv); if (proxyurl == NULL) errx(1, "Can't allocate memory for proxy URL."); if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) host = proxyurl + sizeof(HTTP_URL) - 1; else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) host = proxyurl + sizeof(FTP_URL) - 1; else { warnx("Malformed proxy URL: %s", proxyenv); goto cleanup_url_get; } if (EMPTYSTRING(host)) { warnx("Malformed proxy URL: %s", proxyenv); goto cleanup_url_get; } *--path = '/'; /* add / back to real path */ path = strchr(host, '/'); /* remove trailing / on host */ if (!EMPTYSTRING(path)) *path++ = '\0'; /* i guess this ++ is useless */ path = strchr(host, '@'); /* look for credentials in proxy */ if (!EMPTYSTRING(path)) { *path++ = '\0'; cookie = strchr(host, ':'); if (EMPTYSTRING(cookie)) { warnx("Malformed proxy URL: %s", proxyenv); goto cleanup_url_get; } cookie = malloc(COOKIE_MAX_LEN); b64_ntop(host, strlen(host), cookie, COOKIE_MAX_LEN); /* * This removes the password from proxyenv, * filling with stars */ for (host = strchr(proxyenv + 5, ':'); *host != '@'; host++) *host = '*'; host = path; } path = newline; } if (isfileurl) { struct stat st; s = open(path, O_RDONLY); if (s == -1) { warn("Can't open file %s", path); goto cleanup_url_get; } if (fstat(s, &st) == -1) filesize = -1; else filesize = st.st_size; /* Open the output file. */ if (strcmp(savefile, "-") != 0) { #ifndef SMALL if (resume) out = open(savefile, O_APPEND | O_WRONLY); else #endif /* !SMALL */ out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); if (out < 0) { warn("Can't open %s", savefile); goto cleanup_url_get; } } else out = fileno(stdout); #ifndef SMALL if (resume) { if (fstat(out, &st) == -1) { warn("Can't fstat %s", savefile); goto cleanup_url_get; } if (lseek(s, st.st_size, SEEK_SET) == -1) { warn("Can't lseek %s", path); goto cleanup_url_get; } restart_point = st.st_size; } #endif /* !SMALL */ /* Trap signals */ oldintr = NULL; if (setjmp(httpabort)) { if (oldintr) (void)signal(SIGINT, oldintr); goto cleanup_url_get; } oldintr = signal(SIGINT, abortfile); bytes = 0; hashbytes = mark; progressmeter(-1); if ((buf = malloc(4096)) == NULL) errx(1, "Can't allocate memory for transfer buffer"); /* Finally, suck down the file. */ i = 0; while ((len = read(s, buf, 4096)) > 0) { bytes += len; for (cp = buf; len > 0; len -= i, cp += i) { if ((i = write(out, cp, len)) == -1) { warn("Writing %s", savefile); goto cleanup_url_get; } else if (i == 0) break; } if (hash && !progress) { while (bytes >= hashbytes) { (void)putc('#', ttyout); hashbytes += mark; } (void)fflush(ttyout); } } if (hash && !progress && bytes > 0) { if (bytes < mark) (void)putc('#', ttyout); (void)putc('\n', ttyout); (void)fflush(ttyout); } if (len != 0) { warn("Reading from file"); goto cleanup_url_get; } progressmeter(1); if (verbose) fputs("Successfully retrieved file.\n", ttyout); (void)signal(SIGINT, oldintr); rval = 0; goto cleanup_url_get; } if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && (hosttail[1] == '\0' || hosttail[1] == ':')) { host++; *hosttail++ = '\0'; } else hosttail = host; portnum = strrchr(hosttail, ':'); /* find portnum */ if (portnum != NULL) *portnum++ = '\0'; #ifndef SMALL if (debug) fprintf(ttyout, "host %s, port %s, path %s, save as %s.\n", host, portnum, path, savefile); #endif /* !SMALL */ memset(&hints, 0, sizeof(hints)); hints.ai_family = family; hints.ai_socktype = SOCK_STREAM; #ifndef SMALL port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); #else /* !SMALL */ port = portnum ? portnum : httpport; #endif /* !SMALL */ error = getaddrinfo(host, port, &hints, &res0); /* * If the services file is corrupt/missing, fall back * on our hard-coded defines. */ if (error == EAI_SERVICE && port == httpport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); #ifndef SMALL } else if (error == EAI_SERVICE && port == httpsport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); #endif /* !SMALL */ } if (error) { warnx("%s: %s", gai_strerror(error), host); goto cleanup_url_get; } s = -1; for (res = res0; res; res = res->ai_next) { if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) strlcpy(hbuf, "(unknown)", sizeof(hbuf)); if (verbose) fprintf(ttyout, "Trying %s...\n", hbuf); s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (s == -1) { cause = "socket"; continue; } again: if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { int save_errno; if (errno == EINTR) goto again; save_errno = errno; close(s); errno = save_errno; s = -1; cause = "connect"; continue; } /* get port in numeric */ if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) port = pbuf; else port = NULL; #ifndef SMALL if (proxyenv && sslhost) proxy_connect(s, sslhost); #endif /* !SMALL */ break; } freeaddrinfo(res0); if (s < 0) { warn("%s", cause); goto cleanup_url_get; } #ifndef SMALL if (ishttpsurl) { if (proxyenv && sslpath) { ishttpsurl = 0; proxyurl = NULL; path = sslpath; } SSL_library_init(); SSL_load_error_strings(); SSLeay_add_ssl_algorithms(); ssl_ctx = SSL_CTX_new(SSLv23_client_method()); ssl = SSL_new(ssl_ctx); if (ssl == NULL || ssl_ctx == NULL) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } if (SSL_set_fd(ssl, s) == 0) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } if (SSL_connect(ssl) <= 0) { ERR_print_errors_fp(ttyout); goto cleanup_url_get; } } else { fin = fdopen(s, "r+"); } #else /* !SMALL */ fin = fdopen(s, "r+"); #endif /* !SMALL */ if (verbose) fprintf(ttyout, "Requesting %s", origline); /* * Construct and send the request. Proxy requests don't want leading /. */ #ifndef SMALL cookie_get(host, path, ishttpsurl, &buf); #endif /* !SMALL */ if (proxyurl) { if (verbose) fprintf(ttyout, " (via %s)\n", proxyenv); /* * Host: directive must use the destination host address for * the original URI (path). We do not attach it at this moment. */ if (cookie) ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n" "Proxy-Authorization: Basic %s%s\r\n%s\r\n\r\n", path, cookie, buf ? buf : "", HTTP_USER_AGENT); else ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n%s%s\r\n\r\n", path, buf ? buf : "", HTTP_USER_AGENT); } else { ftp_printf(fin, ssl, "GET /%s %s\r\nHost: ", path, #ifndef SMALL resume ? "HTTP/1.1" : #endif /* !SMALL */ "HTTP/1.0"); if (strchr(host, ':')) { char *h, *p; /* * strip off scoped address portion, since it's * local to node */ h = strdup(host); if (h == NULL) errx(1, "Can't allocate memory."); if ((p = strchr(h, '%')) != NULL) *p = '\0'; ftp_printf(fin, ssl, "[%s]", h); free(h); } else ftp_printf(fin, ssl, "%s", host); /* * Send port number only if it's specified and does not equal * 80. Some broken HTTP servers get confused if you explicitly * send them the port number. */ #ifndef SMALL if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) ftp_printf(fin, ssl, ":%s", port); if (resume) { int ret; struct stat stbuf; ret = stat(savefile, &stbuf); if (ret < 0) { if (verbose) fprintf(ttyout, "\n"); warn("Can't open %s", savefile); goto cleanup_url_get; } restart_point = stbuf.st_size; ftp_printf(fin, ssl, "\r\nRange: bytes=%lld-", (long long)restart_point); } #else /* !SMALL */ if (port && strcmp(port, "80") != 0) ftp_printf(fin, ssl, ":%s", port); #endif /* !SMALL */ ftp_printf(fin, ssl, "\r\n%s%s\r\n\r\n", buf ? buf : "", HTTP_USER_AGENT); if (verbose) fprintf(ttyout, "\n"); } #ifndef SMALL free(buf); #endif /* !SMALL */ buf = NULL; if (fin != NULL && fflush(fin) == EOF) { warn("Writing HTTP request"); goto cleanup_url_get; } if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { warn("Receiving HTTP reply"); goto cleanup_url_get; } while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) buf[--len] = '\0'; #ifndef SMALL if (debug) fprintf(ttyout, "received '%s'\n", buf); #endif /* !SMALL */ cp = strchr(buf, ' '); if (cp == NULL) goto improper; else cp++; strlcpy(ststr, cp, sizeof(ststr)); status = strtonum(ststr, 200, 416, &errstr); if (errstr) { warnx("Error retrieving file: %s", cp); goto cleanup_url_get; } switch (status) { case 200: /* OK */ #ifndef SMALL case 206: /* Partial Content */ break; #endif /* !SMALL */ case 301: /* Moved Permanently */ case 302: /* Found */ case 303: /* See Other */ case 307: /* Temporary Redirect */ isredirect++; if (redirect_loop++ > 10) { warnx("Too many redirections requested"); goto cleanup_url_get; } break; #ifndef SMALL case 416: /* Requested Range Not Satisfiable */ warnx("File is already fully retrieved."); goto cleanup_url_get; #endif /* !SMALL */ default: warnx("Error retrieving file: %s", cp); goto cleanup_url_get; } /* * Read the rest of the header. */ free(buf); filesize = -1; for (;;) { if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { warn("Receiving HTTP reply"); goto cleanup_url_get; } while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) buf[--len] = '\0'; if (len == 0) break; #ifndef SMALL if (debug) fprintf(ttyout, "received '%s'\n", buf); #endif /* !SMALL */ /* Look for some headers */ cp = buf; #define CONTENTLEN "Content-Length: " if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { cp += sizeof(CONTENTLEN) - 1; filesize = strtonum(cp, 0, LLONG_MAX, &errstr); if (errstr != NULL) goto improper; #ifndef SMALL if (resume) filesize += restart_point; #endif /* !SMALL */ #define LOCATION "Location: " } else if (isredirect && strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { cp += sizeof(LOCATION) - 1; if (verbose) fprintf(ttyout, "Redirected to %s\n", cp); if (fin != NULL) fclose(fin); else if (s != -1) close(s); free(proxyurl); free(newline); rval = url_get(cp, proxyenv, outfile); free(buf); return (rval); } } /* Open the output file. */ if (strcmp(savefile, "-") != 0) { #ifndef SMALL if (resume) out = open(savefile, O_APPEND | O_WRONLY); else #endif /* !SMALL */ out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); if (out < 0) { warn("Can't open %s", savefile); goto cleanup_url_get; } } else out = fileno(stdout); /* Trap signals */ oldintr = NULL; if (setjmp(httpabort)) { if (oldintr) (void)signal(SIGINT, oldintr); goto cleanup_url_get; } oldintr = signal(SIGINT, aborthttp); bytes = 0; hashbytes = mark; progressmeter(-1); free(buf); /* Finally, suck down the file. */ if ((buf = malloc(4096)) == NULL) errx(1, "Can't allocate memory for transfer buffer"); i = 0; len = 1; while (len > 0) { len = ftp_read(fin, ssl, buf, 4096); bytes += len; for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) { if ((i = write(out, cp, wlen)) == -1) { warn("Writing %s", savefile); goto cleanup_url_get; } else if (i == 0) break; } if (hash && !progress) { while (bytes >= hashbytes) { (void)putc('#', ttyout); hashbytes += mark; } (void)fflush(ttyout); } } if (hash && !progress && bytes > 0) { if (bytes < mark) (void)putc('#', ttyout); (void)putc('\n', ttyout); (void)fflush(ttyout); } if (len != 0) { warn("Reading from socket"); goto cleanup_url_get; } progressmeter(1); if ( #ifndef SMALL !resume && #endif /* !SMALL */ filesize != -1 && len == 0 && bytes != filesize) { if (verbose) fputs("Read short file.\n", ttyout); goto cleanup_url_get; } if (verbose) fputs("Successfully retrieved file.\n", ttyout); (void)signal(SIGINT, oldintr); rval = 0; goto cleanup_url_get; noftpautologin: warnx( "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); goto cleanup_url_get; improper: warnx("Improper response from %s", host); cleanup_url_get: #ifndef SMALL if (ssl) { SSL_shutdown(ssl); SSL_free(ssl); } #endif /* !SMALL */ if (fin != NULL) fclose(fin); else if (s != -1) close(s); free(buf); free(proxyurl); free(newline); return (rval); }
/* Separate this from jabber_login() so we can do OAuth first if necessary. Putting this in io.c would probably be more correct. */ void jabber_connect( struct im_connection *ic ) { account_t *acc = ic->acc; struct jabber_data *jd = ic->proto_data; int i; char *connect_to; struct ns_srv_reply **srvl = NULL, *srv = NULL; /* Figure out the hostname to connect to. */ if( acc->server && *acc->server ) connect_to = acc->server; else if( ( srvl = srv_lookup( "xmpp-client", "tcp", jd->server ) ) || ( srvl = srv_lookup( "jabber-client", "tcp", jd->server ) ) ) { /* Find the lowest-priority one. These usually come back in random/shuffled order. Not looking at weights etc for now. */ srv = *srvl; for( i = 1; srvl[i]; i ++ ) if( srvl[i]->prio < srv->prio ) srv = srvl[i]; connect_to = srv->name; } else connect_to = jd->server; imcb_log( ic, "Connecting" ); for( i = 0; jabber_port_list[i] > 0; i ++ ) if( set_getint( &acc->set, "port" ) == jabber_port_list[i] ) break; if( jabber_port_list[i] == 0 ) { imcb_log( ic, "Illegal port number" ); imc_logout( ic, FALSE ); return; } /* For non-SSL connections we can try to use the port # from the SRV reply, but let's not do that when using SSL, SSL usually runs on non-standard ports... */ if( set_getbool( &acc->set, "ssl" ) ) { jd->ssl = ssl_connect( connect_to, set_getint( &acc->set, "port" ), FALSE, jabber_connected_ssl, ic ); jd->fd = jd->ssl ? ssl_getfd( jd->ssl ) : -1; } else { jd->fd = proxy_connect( connect_to, srv ? srv->port : set_getint( &acc->set, "port" ), jabber_connected_plain, ic ); } srv_free( srvl ); if( jd->fd == -1 ) { imcb_error( ic, "Could not connect to server" ); imc_logout( ic, TRUE ); return; } if( set_getbool( &acc->set, "xmlconsole" ) ) { jd->flags |= JFLAG_XMLCONSOLE; /* Shouldn't really do this at this stage already, maybe. But I think this shouldn't break anything. */ imcb_add_buddy( ic, JABBER_XMLCONSOLE_HANDLE, NULL ); } jabber_generate_id_hash( jd ); }
/* Separate this from jabber_login() so we can do OAuth first if necessary. Putting this in io.c would probably be more correct. */ void jabber_connect(struct im_connection *ic) { account_t *acc = ic->acc; struct jabber_data *jd = ic->proto_data; int i; char *connect_to; struct ns_srv_reply **srvl = NULL, *srv = NULL; /* Figure out the hostname to connect to. */ if (acc->server && *acc->server) { connect_to = acc->server; } else if ((srvl = srv_lookup("xmpp-client", "tcp", jd->server)) || (srvl = srv_lookup("jabber-client", "tcp", jd->server))) { /* Find the lowest-priority one. These usually come back in random/shuffled order. Not looking at weights etc for now. */ srv = *srvl; for (i = 1; srvl[i]; i++) { if (srvl[i]->prio < srv->prio) { srv = srvl[i]; } } connect_to = srv->name; } else { connect_to = jd->server; } imcb_log(ic, "Connecting"); for (i = 0; jabber_port_list[i] > 0; i++) { if (set_getint(&acc->set, "port") == jabber_port_list[i]) { break; } } if (jabber_port_list[i] == 0) { imcb_log(ic, "Illegal port number"); imc_logout(ic, FALSE); return; } /* For non-SSL connections we can try to use the port # from the SRV reply, but let's not do that when using SSL, SSL usually runs on non-standard ports... */ if (set_getbool(&acc->set, "ssl")) { jd->ssl = ssl_connect(connect_to, set_getint(&acc->set, "port"), set_getbool(&acc->set, "tls_verify"), jabber_connected_ssl, ic); jd->fd = jd->ssl ? ssl_getfd(jd->ssl) : -1; } else { jd->fd = proxy_connect(connect_to, srv ? srv->port : set_getint(&acc->set, "port"), jabber_connected_plain, ic); } srv_free(srvl); if (jd->fd == -1) { imcb_error(ic, "Could not connect to server"); imc_logout(ic, TRUE); return; } if (set_getbool(&acc->set, "xmlconsole")) { jabber_xmlconsole_enable(ic); } if (set_getbool(&acc->set, "mail_notifications")) { /* It's gmail specific, but it checks for server support before enabling it */ jd->flags |= JFLAG_GMAILNOTIFY; if (set_getstr(&acc->set, "mail_notifications_handle")) { imcb_add_buddy(ic, set_getstr(&acc->set, "mail_notifications_handle"), NULL); } } jabber_generate_id_hash(jd); }