int main(int ac, char **av) { t_client *client; client = xmalloc(sizeof(t_client)); init_client(client); register_command(client, "id", cmd_id); register_command(client, "map", cmd_map); register_command(client, "start", cmd_start); register_command(client, "player", cmd_player); register_command(client, "coin", cmd_coin); register_command(client, "finish", cmd_finish); register_command(client, "remove", cmd_remove); parse_args(client, ac, av); my_connect(client); return (0); }
static int NetlibHttpFallbackToDirect(struct NetlibConnection *nlc, struct NetlibUser *nlu, NETLIBOPENCONNECTION *nloc) { NetlibDoClose(nlc, true); NetlibLogf(nlu,"Fallback to direct connection"); NetlibLogf(nlu,"(%p) Connecting to server %s:%d....", nlc, nloc->szHost, nloc->wPort); nlc->proxyAuthNeeded = false; nlc->proxyType = 0; mir_free(nlc->szProxyServer); nlc->szProxyServer = NULL; nlc->sinProxy.sin_family = AF_INET; nlc->sinProxy.sin_port = htons(nloc->wPort); nlc->sinProxy.sin_addr.S_un.S_addr = DnsLookup(nlu, nloc->szHost); if (nlc->sinProxy.sin_addr.S_un.S_addr == 0 || my_connect(nlc, nloc) == SOCKET_ERROR) { if (nlc->sinProxy.sin_addr.S_un.S_addr) NetlibLogf(nlu, "%s %d: %s() failed (%u)", __FILE__, __LINE__, "connect", WSAGetLastError()); return false; } return true; }
static VALUE stream_connect(VALUE klass, VALUE addr, int io_wait) { int domain; socklen_t addrlen; struct sockaddr *sockaddr; if (TYPE(addr) == T_STRING) { sockaddr = (struct sockaddr *)(RSTRING_PTR(addr)); addrlen = (socklen_t)RSTRING_LEN(addr); } else { rb_raise(rb_eTypeError, "invalid address"); } switch (((struct sockaddr_storage *)(sockaddr))->ss_family) { case AF_UNIX: domain = PF_UNIX; break; case AF_INET: domain = PF_INET; break; case AF_INET6: domain = PF_INET6; break; default: rb_raise(rb_eArgError, "invalid address family"); } return my_connect(klass, io_wait, domain, sockaddr, addrlen); }
static int my_client(char *ip, int port) { struct sockaddr_in s_in; struct protoent *pe; int fd; if ((pe = getprotobyname("TCP")) == NULL) return (-1); if ((fd = my_socket_client(pe)) == -1) return (-1); s_in.sin_family = AF_INET; s_in.sin_port = htons(port); s_in.sin_addr.s_addr = inet_addr(ip); if (my_connect(fd, s_in) == -1) return (-1); if (close(fd) == -1) { printf("Error on : close\n"); return (-1); } return (0); }
bool NetlibReconnect(NetlibConnection *nlc) { char buf[4]; bool opened; switch (WaitUntilReadable(nlc->s, 0, true)) { case SOCKET_ERROR: opened = false; break; case 0: opened = true; break; case 1: opened = recv(nlc->s, buf, 1, MSG_PEEK) > 0; break; } if (!opened) { NetlibDoClose(nlc, true); if (Miranda_Terminated()) return false; if (nlc->usingHttpGateway) { nlc->proxyAuthNeeded = true; NetlibLogf(nlc->nlu,"(%p) Connecting....", nlc); return my_connect(nlc, &nlc->nloc) == 0; } else return NetlibDoConnect(nlc); } return true; }
int myproxy_ocsp_verify(X509 *cert, X509 *issuer) { BIO *bio = 0; int rc, reason, ssl, status; char *host = 0, *path = 0, *port = 0, *certdir = 0; char *aiaocspurl = 0, *chosenurl = 0; SSL_CTX *ctx = 0; X509_LOOKUP *lookup = NULL; X509_STORE *store = 0; OCSP_CERTID *id; OCSP_REQUEST *req = 0; OCSP_RESPONSE *resp = 0; OCSP_BASICRESP *basic = 0; myproxy_ocspresult_t result; ASN1_GENERALIZEDTIME *producedAt, *thisUpdate, *nextUpdate; globus_result_t res; if (!policy && !responder_url) { result = MYPROXY_OCSPRESULT_ERROR_NOTCONFIGURED; goto end; } result = MYPROXY_OCSPRESULT_ERROR_UNKNOWN; if (policy && strstr(policy, "aia")) { aiaocspurl = myproxy_get_aia_ocsp_uri(cert); } if (!responder_url && !aiaocspurl) { result = MYPROXY_OCSPRESULT_ERROR_NOTCONFIGURED; goto end; } chosenurl = aiaocspurl ? aiaocspurl : responder_url; if (!OCSP_parse_url(chosenurl, &host, &port, &path, &ssl)) { result = MYPROXY_OCSPRESULT_ERROR_BADOCSPADDRESS; goto end; } myproxy_log("querying OCSP responder at %s", chosenurl); if (!(req = OCSP_REQUEST_new())) { result = MYPROXY_OCSPRESULT_ERROR_OUTOFMEMORY; goto end; } id = OCSP_cert_to_id(0, cert, issuer); if (!id || !OCSP_request_add0_id(req, id)) goto end; if (usenonce) OCSP_request_add1_nonce(req, 0, -1); /* sign the request */ if (sign_cert && sign_key && !OCSP_request_sign(req, sign_cert, sign_key, EVP_sha1(), 0, 0)) { result = MYPROXY_OCSPRESULT_ERROR_SIGNFAILURE; goto end; } /* setup GSI context */ store=X509_STORE_new(); lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()); if (lookup == NULL) { result = MYPROXY_OCSPRESULT_ERROR_OUTOFMEMORY; goto end; } res = GLOBUS_GSI_SYSCONFIG_GET_CERT_DIR(&certdir); if (res != GLOBUS_SUCCESS) { verror_put_string("failed to find GSI CA cert directory"); globus_error_to_verror(res); goto end; } X509_LOOKUP_add_dir(lookup, certdir, X509_FILETYPE_PEM); ctx = SSL_CTX_new(SSLv23_client_method()); if (ctx == NULL) { result = MYPROXY_OCSPRESULT_ERROR_OUTOFMEMORY; goto end; } SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_cert_store(ctx, store); SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL); /* establish a connection to the OCSP responder */ if (!(bio = my_connect(host, atoi(port), ssl, &ctx))) { result = MYPROXY_OCSPRESULT_ERROR_CONNECTFAILURE; goto end; } /* send the request and get a response */ resp = OCSP_sendreq_bio(bio, path, req); if ((rc = OCSP_response_status(resp)) != OCSP_RESPONSE_STATUS_SUCCESSFUL) { switch (rc) { case OCSP_RESPONSE_STATUS_MALFORMEDREQUEST: result = MYPROXY_OCSPRESULT_ERROR_MALFORMEDREQUEST; break; case OCSP_RESPONSE_STATUS_INTERNALERROR: result = MYPROXY_OCSPRESULT_ERROR_INTERNALERROR; break; case OCSP_RESPONSE_STATUS_TRYLATER: result = MYPROXY_OCSPRESULT_ERROR_TRYLATER; break; case OCSP_RESPONSE_STATUS_SIGREQUIRED: result = MYPROXY_OCSPRESULT_ERROR_SIGREQUIRED; break; case OCSP_RESPONSE_STATUS_UNAUTHORIZED: result = MYPROXY_OCSPRESULT_ERROR_UNAUTHORIZED; break; } goto end; } /* verify the response */ result = MYPROXY_OCSPRESULT_ERROR_INVALIDRESPONSE; if (!(basic = OCSP_response_get1_basic(resp))) goto end; if (usenonce && OCSP_check_nonce(req, basic) <= 0) goto end; if (!responder_cert || (rc = OCSP_basic_verify(basic, responder_cert, store, OCSP_TRUSTOTHER)) <= 0) if ((rc = OCSP_basic_verify(basic, NULL, store, 0)) <= 0) goto end; if (!OCSP_resp_find_status(basic, id, &status, &reason, &producedAt, &thisUpdate, &nextUpdate)) goto end; if (!OCSP_check_validity(thisUpdate, nextUpdate, skew, maxage)) goto end; /* All done. Set the return code based on the status from the response. */ if (status == V_OCSP_CERTSTATUS_REVOKED) { result = MYPROXY_OCSPRESULT_CERTIFICATE_REVOKED; myproxy_log("OCSP status revoked!"); } else { result = MYPROXY_OCSPRESULT_CERTIFICATE_VALID; myproxy_log("OCSP status valid"); } end: if (result < 0 && result != MYPROXY_OCSPRESULT_ERROR_NOTCONFIGURED) { ssl_error_to_verror(); myproxy_log("OCSP check failed"); myproxy_log_verror(); } if (bio) BIO_free_all(bio); if (host) OPENSSL_free(host); if (port) OPENSSL_free(port); if (path) OPENSSL_free(path); if (req) OCSP_REQUEST_free(req); if (resp) OCSP_RESPONSE_free(resp); if (basic) OCSP_BASICRESP_free(basic); if (ctx) SSL_CTX_free(ctx); /* this does X509_STORE_free(store) */ if (certdir) free(certdir); if (aiaocspurl) free(aiaocspurl); return result; }
bool NetlibDoConnect(NetlibConnection *nlc) { NETLIBOPENCONNECTION *nloc = &nlc->nloc; NetlibUser *nlu = nlc->nlu; nlc->sinProxy.sin_family = AF_INET; mir_free(nlc->szProxyServer); nlc->szProxyServer = NULL; bool usingProxy = false, forceHttps = false; if (nlu->settings.useProxy) { if (nlu->settings.proxyType == PROXYTYPE_IE) { usingProxy = NetlibGetIeProxyConn(nlc, false); } else { if (nlu->settings.szProxyServer && nlu->settings.szProxyServer[0]) { nlc->szProxyServer = mir_strdup(nlu->settings.szProxyServer); nlc->wProxyPort = nlu->settings.wProxyPort; nlc->proxyType = nlu->settings.proxyType; usingProxy = true; } } } retry: if (usingProxy) { NetlibLogf(nlu,"(%p) Resolving proxy %s:%d for %s:%d ....", nlc, nlc->szProxyServer, nlc->wProxyPort, nloc->szHost, nloc->wPort); nlc->sinProxy.sin_port = htons(nlc->wProxyPort); nlc->sinProxy.sin_addr.S_un.S_addr = DnsLookup(nlu, nlc->szProxyServer); if (nlc->sinProxy.sin_addr.S_un.S_addr == 0) { usingProxy = false; nlc->proxyType = 0; } } if (!usingProxy) { NetlibLogf(nlu,"(%p) Connecting to server %s:%d....", nlc, nloc->szHost, nloc->wPort); nlc->sinProxy.sin_port = htons(nloc->wPort); nlc->sinProxy.sin_addr.S_un.S_addr = DnsLookup(nlu, nloc->szHost); } else NetlibLogf(nlu,"(%p) Connecting to proxy %s:%d for %s:%d ....", nlc, nlc->szProxyServer, nlc->wProxyPort, nloc->szHost, nloc->wPort); if (nlc->sinProxy.sin_addr.S_un.S_addr == 0) return false; if (my_connect(nlc, nloc) == SOCKET_ERROR) { if (usingProxy && (nlc->proxyType == PROXYTYPE_HTTPS || nlc->proxyType == PROXYTYPE_HTTP)) { usingProxy = false; if (!NetlibHttpFallbackToDirect(nlc, nlu, nloc)) { NetlibLogf(nlu, "%s %d: %s() failed (%u)", __FILE__, __LINE__, "connect", WSAGetLastError()); return false; } } else { if (nlu->settings.useProxy && !usingProxy && nlu->settings.proxyType == PROXYTYPE_IE && !forceHttps) { forceHttps = true; usingProxy = NetlibGetIeProxyConn(nlc, true); if (usingProxy) goto retry; } NetlibLogf(nlu, "%s %d: %s() failed (%u)", __FILE__, __LINE__, "connect", WSAGetLastError()); return false; } } if (usingProxy && !((nloc->flags & (NLOCF_HTTP | NLOCF_SSL)) == NLOCF_HTTP && (nlc->proxyType == PROXYTYPE_HTTP || nlc->proxyType == PROXYTYPE_HTTPS))) { if (!WaitUntilWritable(nlc->s, 30000)) return false; switch (nlc->proxyType) { case PROXYTYPE_SOCKS4: if (!NetlibInitSocks4Connection(nlc, nlu, nloc)) return false; break; case PROXYTYPE_SOCKS5: if (!NetlibInitSocks5Connection(nlc, nlu, nloc)) return false; break; case PROXYTYPE_HTTPS: nlc->proxyAuthNeeded = true; if (!NetlibInitHttpsConnection(nlc, nlu, nloc)) { usingProxy = false; if (!NetlibHttpFallbackToDirect(nlc, nlu, nloc)) return false; } break; case PROXYTYPE_HTTP: nlc->proxyAuthNeeded = true; if (!(nlu->user.flags & NUF_HTTPGATEWAY || nloc->flags & NLOCF_HTTPGATEWAY) || nloc->flags & NLOCF_SSL) { //NLOCF_HTTP not specified and no HTTP gateway available: try HTTPS if (!NetlibInitHttpsConnection(nlc, nlu, nloc)) { //can't do HTTPS: try direct usingProxy = false; if (!NetlibHttpFallbackToDirect(nlc, nlu, nloc)) return false; } } else { if (!NetlibInitHttpConnection(nlc, nlu, nloc)) return false; } break; default: SetLastError(ERROR_INVALID_PARAMETER); FreePartiallyInitedConnection(nlc); return false; } } else if (nloc->flags & NLOCF_HTTPGATEWAY) { if (!NetlibInitHttpConnection(nlc, nlu, nloc)) return false; nlc->usingDirectHttpGateway = true; } NetlibLogf(nlu,"(%d) Connected to %s:%d", nlc->s, nloc->szHost, nloc->wPort); if (NLOCF_SSL & nloc->flags) { return NetlibStartSsl((WPARAM)nlc, 0) != 0; } return true; }
bool NetlibDoConnect(NetlibConnection *nlc) { NETLIBOPENCONNECTION *nloc = &nlc->nloc; NetlibUser *nlu = nlc->nlu; mir_free(nlc->szProxyServer); nlc->szProxyServer = NULL; bool usingProxy = false, forceHttps = false; if (nlu->settings.useProxy) { if (nlu->settings.proxyType == PROXYTYPE_IE) usingProxy = NetlibGetIeProxyConn(nlc, false); else { if (nlu->settings.szProxyServer && nlu->settings.szProxyServer[0]) { nlc->szProxyServer = mir_strdup(nlu->settings.szProxyServer); nlc->wProxyPort = nlu->settings.wProxyPort; nlc->proxyType = nlu->settings.proxyType; usingProxy = true; } } } while (!my_connect(nlc, nloc)) { // Fallback to direct only when using HTTP proxy, as this is what used by companies // If other type of proxy used it's an indication of security nutcase, leave him alone if (usingProxy && (nlc->proxyType == PROXYTYPE_HTTPS || nlc->proxyType == PROXYTYPE_HTTP)) { usingProxy = false; nlc->proxyType = 0; NetlibLogf(nlu,"Fallback to direct connection"); continue; } if (nlu->settings.useProxy && !usingProxy && nlu->settings.proxyType == PROXYTYPE_IE && !forceHttps) { forceHttps = true; usingProxy = NetlibGetIeProxyConn(nlc, true); if (usingProxy) continue; } NetlibLogf(nlu, "%s %d: %s() failed (%u)", __FILE__, __LINE__, "connect", WSAGetLastError()); return false; } if (usingProxy && !((nloc->flags & (NLOCF_HTTP | NLOCF_SSL)) == NLOCF_HTTP && (nlc->proxyType == PROXYTYPE_HTTP || nlc->proxyType == PROXYTYPE_HTTPS))) { if (!WaitUntilWritable(nlc->s, 30000)) return false; switch (nlc->proxyType) { case PROXYTYPE_SOCKS4: if (!NetlibInitSocks4Connection(nlc, nlu, nloc)) return false; break; case PROXYTYPE_SOCKS5: if (!NetlibInitSocks5Connection(nlc, nlu, nloc)) return false; break; case PROXYTYPE_HTTPS: nlc->proxyAuthNeeded = true; if (!NetlibInitHttpsConnection(nlc, nlu, nloc)) { usingProxy = false; if (!NetlibHttpFallbackToDirect(nlc, nlu, nloc)) return false; } break; case PROXYTYPE_HTTP: nlc->proxyAuthNeeded = true; if (!(nlu->user.flags & NUF_HTTPGATEWAY || nloc->flags & NLOCF_HTTPGATEWAY) || nloc->flags & NLOCF_SSL) { //NLOCF_HTTP not specified and no HTTP gateway available: try HTTPS if (!NetlibInitHttpsConnection(nlc, nlu, nloc)) { //can't do HTTPS: try direct usingProxy = false; if (!NetlibHttpFallbackToDirect(nlc, nlu, nloc)) return false; } } else if (!NetlibInitHttpConnection(nlc, nlu, nloc)) return false; break; default: SetLastError(ERROR_INVALID_PARAMETER); FreePartiallyInitedConnection(nlc); return false; } } else if (nloc->flags & NLOCF_HTTPGATEWAY) { if (!NetlibInitHttpConnection(nlc, nlu, nloc)) return false; nlc->usingDirectHttpGateway = true; } NetlibLogf(nlu, "(%d) Connected to %s:%d", nlc->s, nloc->szHost, nloc->wPort); if (NLOCF_SSL & nloc->flags) return NetlibStartSsl((WPARAM)nlc, 0) != 0; return true; }
int main(int argc, char **argv){ u_int32_t packet_crc32; u_int32_t calculated_crc32; int16_t result; int rc; packet send_packet; packet receive_packet; int bytes_to_send; int bytes_to_recv; result=process_arguments(argc,argv); if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE){ if(result!=OK) printf("Incorrect command line arguments supplied\n"); printf("\n"); printf("NRPE Plugin for Nagios\n"); printf("Copyright (c) 1999-2008 Ethan Galstad ([email protected])\n"); printf("Version: %s\n",PROGRAM_VERSION); printf("Last Modified: %s\n",MODIFICATION_DATE); printf("License: GPL v2 with exemptions (-l for more info)\n"); #ifdef HAVE_SSL printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n"); #endif printf("\n"); } if(result!=OK || show_help==TRUE){ printf("Usage: check_nrpe -H <host> [ -b <bindaddr> ] [-4] [-6] [-n] [-u] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>]\n"); printf("\n"); printf("Options:\n"); printf(" -n = Do no use SSL\n"); printf(" -u = Make socket timeouts return an UNKNOWN state instead of CRITICAL\n"); printf(" <host> = The address of the host running the NRPE daemon\n"); printf(" <bindaddr> = bind to local address\n"); printf(" -4 = user ipv4 only\n"); printf(" -6 = user ipv6 only\n"); printf(" [port] = The port on which the daemon is running (default=%d)\n",DEFAULT_SERVER_PORT); printf(" [timeout] = Number of seconds before connection times out (default=%d)\n",DEFAULT_SOCKET_TIMEOUT); printf(" [command] = The name of the command that the remote daemon should run\n"); printf(" [arglist] = Optional arguments that should be passed to the command. Multiple\n"); printf(" arguments should be separated by a space. If provided, this must be\n"); printf(" the last option supplied on the command line.\n"); printf("\n"); printf("Note:\n"); printf("This plugin requires that you have the NRPE daemon running on the remote host.\n"); printf("You must also have configured the daemon to associate a specific plugin command\n"); printf("with the [command] option you are specifying here. Upon receipt of the\n"); printf("[command] argument, the NRPE daemon will run the appropriate plugin command and\n"); printf("send the plugin output and return code back to *this* plugin. This allows you\n"); printf("to execute plugins on remote hosts and 'fake' the results to make Nagios think\n"); printf("the plugin is being run locally.\n"); printf("\n"); } if(show_license==TRUE) display_license(); if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE) exit(STATE_UNKNOWN); /* generate the CRC 32 table */ generate_crc32_table(); #ifdef HAVE_SSL /* initialize SSL */ if(use_ssl==TRUE){ SSL_library_init(); SSLeay_add_ssl_algorithms(); meth=SSLv23_client_method(); SSL_load_error_strings(); if((ctx=SSL_CTX_new(meth))==NULL){ printf("CHECK_NRPE: Error - could not create SSL context.\n"); exit(STATE_CRITICAL); } /* ADDED 01/19/2004 */ /* use only TLSv1 protocol */ SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); } #endif /* initialize alarm signal handling */ signal(SIGALRM,alarm_handler); /* set socket timeout */ alarm(socket_timeout); /* try to connect to the host at the given port number */ if((sd=my_connect(server_name, &hostaddr, server_port, address_family, bind_address)) < 0 ) { exit (255); } else { result=STATE_OK; } #ifdef HAVE_SSL /* do SSL handshake */ if(result==STATE_OK && use_ssl==TRUE){ if((ssl=SSL_new(ctx))!=NULL){ SSL_CTX_set_cipher_list(ctx,"ADH"); SSL_set_fd(ssl,sd); if((rc=SSL_connect(ssl))!=1){ printf("CHECK_NRPE: Error - Could not complete SSL handshake.\n"); #ifdef DEBUG printf("SSL_connect=%d\n",rc); /* rc=SSL_get_error(ssl,rc); printf("SSL_get_error=%d\n",rc); printf("ERR_get_error=%lu\n",ERR_get_error()); printf("%s\n",ERR_error_string(rc,NULL)); */ ERR_print_errors_fp(stdout); #endif result=STATE_CRITICAL; } } else{ printf("CHECK_NRPE: Error - Could not create SSL connection structure.\n"); result=STATE_CRITICAL; } /* bail if we had errors */ if(result!=STATE_OK){ SSL_CTX_free(ctx); close(sd); exit(result); } } #endif /* we're connected and ready to go */ if(result==STATE_OK){ /* clear the packet buffer */ bzero(&send_packet,sizeof(send_packet)); /* fill the packet with semi-random data */ randomize_buffer((char *)&send_packet,sizeof(send_packet)); /* initialize packet data */ send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2); send_packet.packet_type=(int16_t)htons(QUERY_PACKET); strncpy(&send_packet.buffer[0],query,MAX_PACKETBUFFER_LENGTH); send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; /* calculate the crc 32 value of the packet */ send_packet.crc32_value=(u_int32_t)0L; calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet)); send_packet.crc32_value=(u_int32_t)htonl(calculated_crc32); /***** ENCRYPT REQUEST *****/ /* send the packet */ bytes_to_send=sizeof(send_packet); if(use_ssl==FALSE) rc=sendall(sd,(char *)&send_packet,&bytes_to_send); #ifdef HAVE_SSL else{ rc=SSL_write(ssl,&send_packet,bytes_to_send); if(rc<0) rc=-1; } #endif if(rc==-1){ printf("CHECK_NRPE: Error sending query to host.\n"); close(sd); return STATE_UNKNOWN; } /* wait for the response packet */ bytes_to_recv=sizeof(receive_packet); if(use_ssl==FALSE) rc=recvall(sd,(char *)&receive_packet,&bytes_to_recv,socket_timeout); #ifdef HAVE_SSL else rc=SSL_read(ssl,&receive_packet,bytes_to_recv); #endif /* reset timeout */ alarm(0); /* close the connection */ #ifdef HAVE_SSL if(use_ssl==TRUE){ SSL_shutdown(ssl); SSL_free(ssl); SSL_CTX_free(ctx); } #endif graceful_close(sd,1000); /* recv() error */ if(rc<0){ printf("CHECK_NRPE: Error receiving data from daemon.\n"); return STATE_UNKNOWN; } /* server disconnected */ else if(rc==0){ printf("CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.\n"); return STATE_UNKNOWN; } /* receive underflow */ else if(bytes_to_recv<sizeof(receive_packet)){ printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet)); return STATE_UNKNOWN; } /***** DECRYPT RESPONSE *****/ /* check the crc 32 value */ packet_crc32=ntohl(receive_packet.crc32_value); receive_packet.crc32_value=0L; calculated_crc32=calculate_crc32((char *)&receive_packet,sizeof(receive_packet)); if(packet_crc32!=calculated_crc32){ printf("CHECK_NRPE: Response packet had invalid CRC32.\n"); close(sd); return STATE_UNKNOWN; } /* check packet version */ if(ntohs(receive_packet.packet_version)!=NRPE_PACKET_VERSION_2){ printf("CHECK_NRPE: Invalid packet version received from server.\n"); close(sd); return STATE_UNKNOWN; } /* check packet type */ if(ntohs(receive_packet.packet_type)!=RESPONSE_PACKET){ printf("CHECK_NRPE: Invalid packet type received from server.\n"); close(sd); return STATE_UNKNOWN; } /* get the return code from the remote plugin */ result=(int16_t)ntohs(receive_packet.result_code); /* print the output returned by the daemon */ receive_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; if(!strcmp(receive_packet.buffer,"")) printf("CHECK_NRPE: No output returned from daemon.\n"); else printf("%s\n",receive_packet.buffer); } /* reset the alarm */ else alarm(0); return result; }
/*============================================================================= Function url_content_ok Purpose: determines if the content at the given URL is ok for processing, that is it is text/plain or text/html with no content encoding Parameters: *sad (IN) - prepared sockaddr structure *url (IN) - the URL we are checking *host (IN) - the host we are connecting to port (IN) - the port we are connecting to *fullpath (IN) - the path to the resource we are requesting from host Returns: 1 if ok to process, 0 otherwise =============================================================================*/ int url_content_ok(struct sockaddr *sad, char *url, char *host, int port, char *fullpath) { int sd, content_ok, done, new_bytes, num_bytes, line, start, end; char head_request[MAX_URL + strlen("HEAD HTTP/1.0\r\n\r\n")]; char buf[MAX_BUF+1]; /* +1 to let us read MAX_BUF and still null terminate */ if ((sd=socket(PF_INET, SOCK_STREAM, 0))==-1) { printf("unable to create socket\n"); exit(1); } if (my_connect(sd,sad,sizeof(*sad),connect_timeout)<0) { close(sd); if (errno==EINTR) printf("connect to %s timed out\n",host); else printf("unable to connect to %s\n",host); return 0; } sprintf(head_request,"HEAD %s HTTP/1.0\r\n\r\n",fullpath); #ifdef DEBUG printf(" sending request: %s",head_request); #endif if (send_all(sd,head_request,strlen(head_request))<strlen(head_request)) { printf("could not send entire HEAD request\n"); close(sd); return 0; } done = num_bytes = 0; /* try to get a buffer of data, we assume HEAD will fit in MAX_BUF bytes */ do { new_bytes = recv(sd,buf+num_bytes,MAX_BUF-num_bytes,0); if (new_bytes>0) num_bytes+=new_bytes; else if (new_bytes==0) done = 1; else if (new_bytes==-1) { printf("problem encountered on recv call\n"); done = 1; } } while (num_bytes<MAX_BUF && !done); buf[num_bytes] = 0; /* null terminate what was read */ content_ok = line = start = 0; /* process the HEAD buffer */ while ((end = strcspn(buf+start,"\n"))+start!=num_bytes) { buf[start+end] = 0; /* null terminate */ if (line==0) { if (strcasestr(buf+start,"200") == NULL) { printf("URL rejected(%s): %s\n",url,buf+start); content_ok = 0; break; } } else { if (strcasestr(buf+start,"Content-Type:")) { if (strcasestr(buf+start,"Content-Type: text/html") || strcasestr(buf+start,"Content-Type: text/plain")) content_ok = 1; else { printf("URL rejected(%s): %s\n",url,buf+start); content_ok = 0; break; } } if (strcasestr(buf+start,"Content-Encoding:")) { printf("URL rejected(%s): %s\n",url,buf+start); content_ok = 0; break; } } /* some, like www.yahoo.com, send more than HEAD ??? so we break */ if (strcmp(buf+start,"\r")==0) break; start+=end+1; /* position for next search */ line++; } close(sd); return content_ok; }
/*============================================================================= Function process_page Purpose: to search the given page for matches as specified in the command line parameters. Parameters: *sad (IN) - prepared sockaddr structure *host (IN) - the host we are connecting to port (IN) - the port we are connecting to *fullpath (IN) - the path to the resource we are requesting from host *url - URL for page *server_context - server part of URL for relative hyperlinks *full_context - server and path part of URL for relative hyperlinks depth - search depth of page Returns: nothing, processes the page giving proper reports and adding links to the pages to be spidered if under specified depth =============================================================================*/ void process_page(struct sockaddr *sad, char *host, char *fullpath, char *url, char *server_context, char *full_context, int depth) { int sd, done, line, new_bytes, num_bytes, line_match, page_match, start, end; char get_request[MAX_URL + strlen("GET HTTP/1.0\r\n\r\n")]; char buf[MAX_BUF+1]; /* +1 to let us read MAX_BUF and still null terminate */ if ((sd=socket(PF_INET, SOCK_STREAM, 0))==-1) { printf("unable to create socket\n"); exit(1); } if (my_connect(sd,sad,sizeof(*sad),connect_timeout)<0) { close(sd); if (errno==EINTR) printf("connect to %s timed out\n",host); else printf("unable to connect to %s\n",host); return; } sprintf(get_request,"GET %s HTTP/1.0\r\n\r\n",fullpath); #ifdef DEBUG printf(" sending request: %s",get_request); #endif if (send_all(sd,get_request,strlen(get_request))<strlen(get_request)) { printf("problem sending GET request\n"); close(sd); return; } done = line = num_bytes = page_match = 0; while(!done) { /* try to get a full buffer of data */ do { new_bytes = recv(sd,buf+num_bytes,MAX_BUF-num_bytes,0); if (new_bytes>0) num_bytes+=new_bytes; else if (new_bytes==0) done = 1; else if (new_bytes==-1) { printf("problem encountered on recv call\n"); done = 1; } } while (num_bytes<MAX_BUF && !done); buf[num_bytes] = 0; /* terminate for string processing */ line = start = 0; /* process the buffer of data */ while ((end = strcspn(buf+start,"\n"))+start!=num_bytes) { buf[start+end] = 0; /* null terminate */ if (case_independent) line_match = strcasestr(buf+start,pattern) != NULL; else line_match = strstr(buf+start,pattern) != NULL; if (line_match) page_match = 1; if (depth < search_depth) process_hrefs(buf+start, server_context, full_context, depth); line_report(url,line++,buf+start,line_match); start+=end+1; /* position for next search */ } /* calculate bytes left over in buf without /n */ num_bytes -= start; if (done) { /* process the last line, in MOST cases this is </html> */ if (case_independent) line_match = strcasestr(buf+start,pattern) != NULL; else line_match = strstr(buf+start,pattern) != NULL; if (line_match) page_match = 1; if (depth < search_depth) process_hrefs(buf+start, server_context, full_context, depth); line_report(url,line++,buf+start,line_match); } else if (num_bytes==MAX_BUF) { /* full buffer with no \n */ num_bytes = 0; /* allow full buffer read on next pass */ line--; /* adjust line counter back to proper line */ } else if (num_bytes) { /* bytes left in buffer with no \n, reposition */ memmove(buf,buf+start,num_bytes); } else { /* last byte read was \n */ num_bytes = 0; } } close(sd); url_report(url, page_match); }
void echotester (int sock) { setcntl(sock, F_SETFL, O_NONBLOCK, "O_NONBLOCK"); long long sent = 0, recvd = 0, recvdnow = 0; int ptrsend = 0; int ptrrecv = 0; struct pollfd pollfd = { .fd = sock, .events = POLLIN | POLLOUT, }; struct timeval tb, ti, te; gettimeofday(&tb, NULL); ti = tb; while (1) { int ret = poll(&pollfd, 1, 1000 /*ms*/); if (ret == -1) { perror("poll"); exit(1); } if (pollfd.revents & POLLIN) { ssize_t ret = read(sock, bufin, BUFLEN); if (ret == -1) { perror("read"); exit(1); } size_t pr = 0; while (ret) { ssize_t size = ret; if (size > BUFLEN - ptrrecv) size = BUFLEN - ptrrecv; if (memcmp(bufin + pr, bufout + ptrrecv, size) != 0) { fprintf(stderr, "\ndata differ (sent=%Li revcd=%Li ptrsend=%i ptrrecv=%i ret=%i size=%i)\n", sent, recvd, ptrsend, ptrrecv, (int)ret, (int)size); int i = 0; for (i = 0; i < size; i++) if (bufin[i + pr] != bufout[i + ptrrecv]) { printf("offset-diff @%Li @0x%Lx\n", i + recvd, i + recvd); break; } int j = i > 16? i - 16: 0; int k = i + 16 < size? i + 16: size - 1; while (j++ < k) printf("@%Lx:R%02x/S%02x ", j + recvd, bufin[j + pr], bufout[j + ptrrecv]); printf("\n"); exit(1); } recvd += size; recvdnow += size; ptrrecv = (ptrrecv + size) & (BUFLEN - 1); ret -= size; pr += size; } } if (pollfd.revents & POLLOUT) { ssize_t size = BUFLEN - ptrsend; ssize_t ret = write(sock, bufout + ptrsend, size); if (ret == -1) { perror("write"); exit(1); } sent += ret; ptrsend = (ptrsend + ret) & (BUFLEN - 1); } gettimeofday(&te, NULL); if (te.tv_sec - ti.tv_sec > 1) { printbw(te.tv_sec - tb.tv_sec, te.tv_usec - tb.tv_usec, recvd, "avg:"); printbw(te.tv_sec - ti.tv_sec, te.tv_usec - ti.tv_usec, recvdnow, "now:"); printsz(recvd, "size:"); printf("-----\r"); fflush(stdout); ti = te; recvdnow = 0; } } my_close(sock); } void echoserver (int sock) { setcntl(sock, F_SETFL, O_NONBLOCK, "O_NONBLOCK"); int ptrsend = 0; int ptrrecv = 0; size_t inbuf = 0; struct pollfd pollfd = { .fd = sock, .events = POLLIN | POLLOUT, }; while (1) { pollfd.events = 0; if (inbuf < BUFLEN) pollfd.events |= POLLIN; if (inbuf) pollfd.events |= POLLOUT; int ret = poll(&pollfd, 1, 1000 /*ms*/); if (ret == -1) { perror("poll"); exit(1); } if (pollfd.revents & POLLIN) { ssize_t maxrecv = BUFLEN - inbuf; if (maxrecv > BUFLEN - ptrrecv) maxrecv = BUFLEN - ptrrecv; ssize_t ret = read(sock, bufin + ptrrecv, maxrecv); if (ret == -1) { perror("read"); exit(1); } inbuf += ret; ptrrecv = (ptrrecv + ret) & (BUFLEN - 1); } if (pollfd.revents & POLLOUT) { ssize_t maxsend = inbuf; if (maxsend > BUFLEN - ptrsend) maxsend = BUFLEN - ptrsend; ssize_t ret = write(sock, bufin + ptrsend, maxsend); if (ret == -1) { perror("write"); exit(1); } inbuf -= ret; ptrsend = (ptrsend + ret) & (BUFLEN - 1); } } my_close(sock); } int main (int argc, char* argv[]) { int op; const char* host = "localhost"; int port = 10102; int server = 0; int i; //int nodelay = 0; while ((op = getopt(argc, argv, "hp:d:fs")) != EOF) switch(op) { case 'h': help(); return 0; case 'p': port = atoi(optarg); break; case 'd': host = optarg; break; // case 'f': // nodelay = 1; // break; case 's': server = 1; break; default: printf("option '%c' not recognized\n", op); help(); return 1; } for (i = 0; i < BUFLEN; i++) { #if 1 bufout[i] = random() >> 23; #else char c = i & 0x0f; c += c > 9? 'a' - 10: '0'; bufout[i] = c; #endif } int sock = my_socket(); if (server) { printf("waiting on port %i\n", port); my_bind_listen(sock, port); int clisock = my_accept(sock); echoserver(clisock); close(sock); } else { printf("remote host: %s\n" "port: %i\n", host, port); my_connect(host, port, sock); echotester(sock); } return 0; }
ftpbuf_t* ftp_open(const char *host, short port) { int fd = -1; ftpbuf_t *ftp; struct sockaddr_in addr; struct hostent *he; int size; /* set up the address */ if ((he = gethostbyname(host)) == NULL) { #if 0 herror("gethostbyname"); #endif return NULL; } memset(&addr, 0, sizeof(addr)); memcpy(&addr.sin_addr, he->h_addr, he->h_length); addr.sin_family = AF_INET; addr.sin_port = port ? port : htons(21); /* alloc the ftp structure */ ftp = calloc(1, sizeof(*ftp)); if (ftp == NULL) { perror("calloc"); return NULL; } /* connect */ if ((fd = socket(PF_INET, SOCK_STREAM, 0)) == -1) { perror("socket"); goto bail; } if (my_connect(fd, (struct sockaddr*) &addr, sizeof(addr)) == -1) { perror("connect"); goto bail; } size = sizeof(addr); if (getsockname(fd, (struct sockaddr*) &addr, &size) == -1) { perror("getsockname"); goto bail; } ftp->localaddr = addr.sin_addr; ftp->fd = fd; if (!ftp_getresp(ftp) || ftp->resp != 220) { goto bail; } return ftp; bail: if (fd != -1) closesocket(fd); free(ftp); return NULL; }
int main( int argc, char **argv ) { SSL_CTX *ctx = NULL; SSL *session = NULL; char *command = "HEAD / HTTP/1.0\r\n\r\n"; int s; int status; /* We first need to establish what sort of * connection we know how to make. We can use one of * SSLv23_client_method(), SSLv2_client_method() and * SSLv3_client_method(). */ SSL_METHOD *meth = SSLv23_client_method(); if (meth == NULL) { fprintf( stderr, "no method. :(\n" ); exit(1); } /* This enables all ciphers in SSLeay, these include: * DES, RC4, IDEA, RC2, Blowfish, * MD2, SHA, DSA. * See crypto/c_all.c */ SSLeay_add_all_algorithms(); /* Initialize the context. This is shared between SSL sessions * and can do FH caching. */ ctx = SSL_CTX_new( meth ); if ( ctx == NULL ) { fprintf( stderr, "no context. :(\n" ); exit(1); } /* Set up a callback for each state change so we can see what's * going on */ SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); /* Set it up so tha we will connect to *any* site, regardless * of their certificate. */ SSL_CTX_set_verify( ctx, SSL_VERIFY_NONE, my_dumb_callback ); /* MACRO. Set's CTX options. Not sure. I think this enables bug * support hacks. */ SSL_CTX_set_options(ctx,SSL_OP_ALL); /* Finally, we're all set so we can set up the session holder */ session = SSL_new( ctx ); if ( session == NULL ) { fprintf( stderr, "no session. :(\n" ); exit(1);} /* Make connection s.t. s is the appropriate fd */ s = my_connect( (argc == 2) ? argv[1] : "bozo.mit.edu" , 443 ); /* Set up the SSL side of the connection */ SSL_set_fd( session, s ); status = SSL_connect( session ); /* Check the results. */ switch (SSL_get_error(session,status)) { case SSL_ERROR_NONE: /* Everything worked :-) */ break; case SSL_ERROR_SSL: fprintf( stderr, "ssl handshake failure\n" ); ERR_print_errors_fp(stderr); goto byebye; break; /* These are for NON-BLOCKING I/O only! */ case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_WRITE: fprintf( stderr, "want read/write. Use blocking?\n" ); goto byebye; break; case SSL_ERROR_WANT_CONNECT: fprintf( stderr, "want connect. sleep a while, try again." ); goto byebye; break; case SSL_ERROR_SYSCALL: perror("SSL_connect"); goto byebye; break; case SSL_ERROR_WANT_X509_LOOKUP: /* not used! */ fprintf( stderr, "shouldn't be getting this.\n" ); break; case SSL_ERROR_ZERO_RETURN: fprintf( stderr, "connection closed.\n" ); goto byebye; } /* Send the request */ SSL_write( session, command, strlen(command) ); /* wait a second for processing. */ sleep(1); /* read! :) */ while (1) { char readdata[1024]; status = SSL_read( session, readdata, 1024 ); if ( status == 0 ) break; if ( status < 0 ) { sleep(1); continue; } fwrite( readdata, 1, status, stdout ); } byebye: /* close everything down */ SSL_shutdown(session); close(s); SSL_free( session ); session = NULL; SSL_CTX_free(ctx); return 0; }