dma_addr_t dma_direct_map_page(struct device *dev, struct page *page,
unsigned long offset, size_t size, enum dma_data_direction dir,
unsigned long attrs)
{
phys_addr_t phys = page_to_phys(page) + offset;
dma_addr_t dma_addr = phys_to_dma(dev, phys);
if (unlikely(!dma_direct_possible(dev, dma_addr, size)) &&
!swiotlb_map(dev, &phys, &dma_addr, size, dir, attrs)) {
report_addr(dev, dma_addr, size);
return DMA_MAPPING_ERROR;
}
if (!dev_is_dma_coherent(dev) && !(attrs & DMA_ATTR_SKIP_CPU_SYNC))
arch_sync_dma_for_device(dev, phys, size, dir);
return dma_addr;
}
static void server_recv_cb(EV_P_ ev_io *w, int revents)
{
struct server_ctx *server_recv_ctx = (struct server_ctx *)w;
struct server *server = server_recv_ctx->server;
struct remote *remote = NULL;
int len = server->buf_len;
char **buf = &server->buf;
ev_timer_again(EV_A_ & server->recv_ctx->watcher);
if (server->stage != 0) {
remote = server->remote;
buf = &remote->buf;
len = 0;
}
ssize_t r = recv(server->fd, *buf + len, BUF_SIZE - len, 0);
if (r == 0) {
// connection closed
if (verbose) {
LOGI("server_recv close the connection");
}
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
} else if (r == -1) {
if (errno == EAGAIN || errno == EWOULDBLOCK) {
// no data
// continue to wait for recv
return;
} else {
ERROR("server recv");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
}
}
tx += r;
// handle incomplete header
if (server->stage == 0) {
r += server->buf_len;
if (r <= enc_get_iv_len()) {
// wait for more
if (verbose) {
#ifdef __MINGW32__
LOGI("imcomplete header: %u", r);
#else
LOGI("imcomplete header: %zu", r);
#endif
}
server->buf_len = r;
return;
} else {
server->buf_len = 0;
}
}
*buf = ss_decrypt(BUF_SIZE, *buf, &r, server->d_ctx);
if (*buf == NULL) {
LOGE("invalid password or cipher");
report_addr(server->fd);
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
}
// handshake and transmit data
if (server->stage == 5) {
int s = send(remote->fd, remote->buf, r, 0);
if (s == -1) {
if (errno == EAGAIN || errno == EWOULDBLOCK) {
// no data, wait for send
remote->buf_len = r;
remote->buf_idx = 0;
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
} else {
ERROR("server_recv_send");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
}
} else if (s < r) {
remote->buf_len = r - s;
remote->buf_idx = s;
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
}
return;
} else if (server->stage == 0) {
/*
* Shadowsocks Protocol:
*
* +------+----------+----------+
* | ATYP | DST.ADDR | DST.PORT |
* +------+----------+----------+
* | 1 | Variable | 2 |
* +------+----------+----------+
*/
int offset = 0;
int need_query = 0;
char atyp = server->buf[offset++];
char host[256] = { 0 };
uint16_t port = 0;
struct addrinfo info;
struct sockaddr_storage storage;
memset(&info, 0, sizeof(struct addrinfo));
memset(&storage, 0, sizeof(struct sockaddr_storage));
// get remote addr and port
if (atyp == 1) {
// IP V4
struct sockaddr_in *addr = (struct sockaddr_in *)&storage;
size_t in_addr_len = sizeof(struct in_addr);
addr->sin_family = AF_INET;
if (r > in_addr_len) {
addr->sin_addr = *(struct in_addr *)(server->buf + offset);
dns_ntop(AF_INET, (const void *)(server->buf + offset),
host, INET_ADDRSTRLEN);
offset += in_addr_len;
} else {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
addr->sin_port = *(uint16_t *)(server->buf + offset);
info.ai_family = AF_INET;
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
info.ai_addrlen = sizeof(struct sockaddr_in);
info.ai_addr = (struct sockaddr *)addr;
} else if (atyp == 3) {
// Domain name
uint8_t name_len = *(uint8_t *)(server->buf + offset);
if (name_len < r) {
memcpy(host, server->buf + offset + 1, name_len);
offset += name_len + 1;
} else {
LOGE("invalid name length: %d", name_len);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
struct cork_ip ip;
if (cork_ip_init(&ip, host) != -1) {
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
if (ip.version == 4) {
struct sockaddr_in *addr = (struct sockaddr_in *)&storage;
dns_pton(AF_INET, host, &(addr->sin_addr));
addr->sin_port = *(uint16_t *)(server->buf + offset);
addr->sin_family = AF_INET;
info.ai_family = AF_INET;
info.ai_addrlen = sizeof(struct sockaddr_in);
info.ai_addr = (struct sockaddr *)addr;
} else if (ip.version == 6) {
struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage;
dns_pton(AF_INET6, host, &(addr->sin6_addr));
addr->sin6_port = *(uint16_t *)(server->buf + offset);
addr->sin6_family = AF_INET6;
info.ai_family = AF_INET6;
info.ai_addrlen = sizeof(struct sockaddr_in6);
info.ai_addr = (struct sockaddr *)addr;
}
} else {
need_query = 1;
}
} else if (atyp == 4) {
// IP V6
struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage;
size_t in6_addr_len = sizeof(struct in6_addr);
addr->sin6_family = AF_INET6;
if (r > in6_addr_len) {
addr->sin6_addr = *(struct in6_addr *)(server->buf + offset);
dns_ntop(AF_INET6, (const void *)(server->buf + offset),
host, INET6_ADDRSTRLEN);
offset += in6_addr_len;
} else {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
addr->sin6_port = *(uint16_t *)(server->buf + offset);
info.ai_family = AF_INET6;
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
info.ai_addrlen = sizeof(struct sockaddr_in6);
info.ai_addr = (struct sockaddr *)addr;
}
if (offset == 1) {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
if (acl && !need_query && acl_contains_ip(host)) {
if (verbose) {
LOGI("Access denied to %s", host);
}
close_and_free_server(EV_A_ server);
return;
}
port = (*(uint16_t *)(server->buf + offset));
offset += 2;
if (verbose) {
LOGI("connect to: %s:%d", host, ntohs(port));
}
// XXX: should handle buffer carefully
if (r > offset) {
server->buf_len = r - offset;
server->buf_idx = offset;
}
if (!need_query) {
struct remote *remote = connect_to_remote(&info, server);
if (remote == NULL) {
LOGE("connect error");
close_and_free_server(EV_A_ server);
return;
} else {
server->remote = remote;
remote->server = server;
// XXX: should handle buffer carefully
if (server->buf_len > 0) {
memcpy(remote->buf, server->buf + server->buf_idx,
server->buf_len);
remote->buf_len = server->buf_len;
remote->buf_idx = 0;
server->buf_len = 0;
server->buf_idx = 0;
}
server->stage = 4;
// listen to remote connected event
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
}
} else {
server->stage = 4;
server->query = resolv_query(host, server_resolve_cb, NULL, server,
port);
ev_io_stop(EV_A_ & server_recv_ctx->io);
}
return;
}
// should not reach here
FATAL("server context error");
}
static void server_recv_cb(EV_P_ ev_io *w, int revents)
{
struct server_ctx *server_recv_ctx = (struct server_ctx *)w;
struct server *server = server_recv_ctx->server;
struct remote *remote = NULL;
int len = server->buf_len;
char **buf = &server->buf;
ev_timer_again(EV_A_ & server->recv_ctx->watcher);
if (server->stage != 0) {
remote = server->remote;
buf = &remote->buf;
len = 0;
}
ssize_t r = recv(server->fd, *buf + len, BUF_SIZE - len, 0);
if (r == 0) {
// connection closed
if (verbose) {
LOGI("server_recv close the connection");
}
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
} else if (r == -1) {
if (errno == EAGAIN || errno == EWOULDBLOCK) {
// no data
// continue to wait for recv
return;
} else {
ERROR("server recv");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
}
}
// handle incomplete header
if (server->stage == 0) {
r += server->buf_len;
if (r <= enc_get_iv_len()) {
// wait for more
if (verbose) {
#ifdef __MINGW32__
LOGI("imcomplete header: %u", r);
#else
LOGI("imcomplete header: %zu", r);
#endif
}
server->buf_len = r;
return;
} else {
server->buf_len = 0;
}
}
*buf = ss_decrypt(BUF_SIZE, *buf, &r, server->d_ctx);
if (*buf == NULL) {
LOGE("invalid password or cipher");
report_addr(server->fd);
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
}
// handshake and transmit data
if (server->stage == 5) {
int s = send(remote->fd, remote->buf, r, 0);
if (s == -1) {
if (errno == EAGAIN || errno == EWOULDBLOCK) {
// no data, wait for send
remote->buf_len = r;
remote->buf_idx = 0;
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
} else {
ERROR("server_recv_send");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
}
} else if (s < r) {
remote->buf_len = r - s;
remote->buf_idx = s;
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
}
return;
} else if (server->stage == 0) {
/*
* Shadowsocks Protocol:
*
* +------+----------+----------+
* | ATYP | DST.ADDR | DST.PORT |
* +------+----------+----------+
* | 1 | Variable | 2 |
* +------+----------+----------+
*/
int offset = 1;
int need_query = 0;
char atyp = server->buf[0] & 0x0F;
#ifdef USE_CRYPTO_OPENSSL
char atyp_btc = (server->buf[0] & 0x10) == 0x10 ? 1 : 0;
#endif
char host[256] = { 0 };
uint16_t port = 0;
struct addrinfo info;
struct sockaddr_storage storage;
memset(&info, 0, sizeof(struct addrinfo));
memset(&storage, 0, sizeof(struct sockaddr_storage));
// get remote addr and port
if (atyp == 1) {
// IP V4
struct sockaddr_in *addr = (struct sockaddr_in *)&storage;
size_t in_addr_len = sizeof(struct in_addr);
addr->sin_family = AF_INET;
if (r > in_addr_len) {
addr->sin_addr = *(struct in_addr *)(server->buf + offset);
dns_ntop(AF_INET, (const void *)(server->buf + offset),
host, INET_ADDRSTRLEN);
offset += in_addr_len;
} else {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
addr->sin_port = *(uint16_t *)(server->buf + offset);
info.ai_family = AF_INET;
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
info.ai_addrlen = sizeof(struct sockaddr_in);
info.ai_addr = (struct sockaddr *)addr;
} else if (atyp == 3) {
// Domain name
uint8_t name_len = *(uint8_t *)(server->buf + offset);
if (name_len < r && name_len < 255 && name_len > 0) {
memcpy(host, server->buf + offset + 1, name_len);
offset += name_len + 1;
}
struct cork_ip ip;
if (cork_ip_init(&ip, host) != -1) {
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
if (ip.version == 4) {
struct sockaddr_in *addr = (struct sockaddr_in *)&storage;
dns_pton(AF_INET, host, &(addr->sin_addr));
addr->sin_port = *(uint16_t *)(server->buf + offset);
addr->sin_family = AF_INET;
info.ai_family = AF_INET;
info.ai_addrlen = sizeof(struct sockaddr_in);
info.ai_addr = (struct sockaddr *)addr;
} else if (ip.version == 6) {
struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage;
dns_pton(AF_INET6, host, &(addr->sin6_addr));
addr->sin6_port = *(uint16_t *)(server->buf + offset);
addr->sin6_family = AF_INET6;
info.ai_family = AF_INET6;
info.ai_addrlen = sizeof(struct sockaddr_in6);
info.ai_addr = (struct sockaddr *)addr;
}
} else {
need_query = 1;
}
} else if (atyp == 4) {
// IP V6
struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage;
size_t in6_addr_len = sizeof(struct in6_addr);
addr->sin6_family = AF_INET6;
if (r > in6_addr_len) {
addr->sin6_addr = *(struct in6_addr *)(server->buf + offset);
dns_ntop(AF_INET6, (const void *)(server->buf + offset),
host, INET6_ADDRSTRLEN);
offset += in6_addr_len;
} else {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
addr->sin6_port = *(uint16_t *)(server->buf + offset);
info.ai_family = AF_INET6;
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
info.ai_addrlen = sizeof(struct sockaddr_in6);
info.ai_addr = (struct sockaddr *)addr;
}
if (offset == 1) {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
if (acl && !need_query && acl_contains_ip(host)) {
if (verbose) {
LOGI("Access denied to %s", host);
}
close_and_free_server(EV_A_ server);
return;
}
port = (*(uint16_t *)(server->buf + offset));
offset += 2;
if (verbose) {
LOGI("connect to: %s:%d", host, ntohs(port));
}
#ifdef USE_CRYPTO_OPENSSL
if (bitcoin_list != NULL) {
if (atyp_btc == 0) {
if (verbose) {
LOGE("client should carry with bitcoin information");
}
close_and_free_server(EV_A_ server);
return;
}
/*
* bitcoin information:
* +-----------+-----------+----------+
* | Signature | Timestamp | Address |
* +-----------+-----------+----------+
* | 65 | 4 | String |
* +-----------+-----------+----------+
*/
char *signature = server->buf + offset;
uint8_t *t = (uint8_t *)server->buf + offset + 65;
uint32_t ts = ((uint32_t)*(t + 0) << 24) + ((uint32_t)*(t + 1) << 16)
+ ((uint32_t)*(t + 2) << 8) + ((uint32_t)*(t + 3) << 0);
char *address = server->buf + offset + 65 + 4;
int64_t ts_offset = (int64_t)time(NULL) - (int64_t)ts;
if (labs(ts_offset) > 60 * 30) {
if (verbose) {
LOGE("invalid timestamp: %u, offset too large: %d",
ts, (int32_t)ts_offset);
}
close_and_free_server(EV_A_ server);
return;
}
if (!bitcoin_verify_message(address, (uint8_t *)signature, t, 4)) {
if (verbose) {
LOGE("invalid signature, address: %s", address);
}
close_and_free_server(EV_A_ server);
return;
}
if (bitcoin_check_address(bitcoin_list, address) == 0) {
if (verbose) {
LOGE("address \"%s\" is NOT in list", address);
}
close_and_free_server(EV_A_ server);
return;
}
offset += 65 + 4 + strlen(address) + 1;
if (verbose) {
LOGI("bitcoin address: %s, time offset: %d",
address, (int32_t)ts_offset);
}
}
#endif
// XXX: should handle buffer carefully
if (r > offset) {
server->buf_len = r - offset;
server->buf_idx = offset;
}
if (!need_query) {
struct remote *remote = connect_to_remote(&info, server);
if (remote == NULL) {
LOGE("connect error");
close_and_free_server(EV_A_ server);
return;
} else {
server->remote = remote;
remote->server = server;
// XXX: should handle buffer carefully
if (server->buf_len > 0) {
memcpy(remote->buf, server->buf + server->buf_idx,
server->buf_len);
remote->buf_len = server->buf_len;
remote->buf_idx = 0;
server->buf_len = 0;
server->buf_idx = 0;
}
server->stage = 4;
// listen to remote connected event
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
}
} else {
server->stage = 4;
server->query = resolv_query(host, server_resolve_cb, NULL, server,
port);
ev_io_stop(EV_A_ & server_recv_ctx->io);
}
return;
}
// should not reach here
FATAL("server context error");
}
static void server_recv_cb(EV_P_ ev_io *w, int revents)
{
struct server_ctx *server_recv_ctx = (struct server_ctx *)w;
struct server *server = server_recv_ctx->server;
struct remote *remote = NULL;
int len = server->buf_len;
char **buf = &server->buf;
ev_timer_again(EV_A_ & server->recv_ctx->watcher);
if (server->stage != 0) {
remote = server->remote;
buf = &remote->buf;
len = 0;
}
ssize_t r = recv(server->fd, *buf + len, BUF_SIZE - len, 0);
if (r == 0) {
// connection closed
if (verbose) {
LOGI("server_recv close the connection");
}
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
} else if (r == -1) {
if (errno == EAGAIN || errno == EWOULDBLOCK) {
// no data
// continue to wait for recv
return;
} else {
ERROR("server recv");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
}
}
tx += r;
// handle incomplete header
if (server->stage == 0) {
r += server->buf_len;
if (r <= enc_get_iv_len()) {
// wait for more
if (verbose) {
#ifdef __MINGW32__
LOGI("imcomplete header: %u", r);
#else
LOGI("imcomplete header: %zu", r);
#endif
}
server->buf_len = r;
return;
} else {
server->buf_len = 0;
}
}
*buf = ss_decrypt(BUF_SIZE, *buf, &r, server->d_ctx);
if (*buf == NULL) {
LOGE("invalid password or cipher");
report_addr(server->fd);
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
}
// handshake and transmit data
if (server->stage == 5) {
if (server->auth && !ss_check_hash(&remote->buf, &r, server->chunk, server->d_ctx, BUF_SIZE)) {
LOGE("hash error");
report_addr(server->fd);
close_and_free_server(EV_A_ server);
close_and_free_remote(EV_A_ remote);
return;
}
int s = send(remote->fd, remote->buf, r, 0);
if (s == -1) {
if (errno == EAGAIN || errno == EWOULDBLOCK) {
// no data, wait for send
remote->buf_len = r;
remote->buf_idx = 0;
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
} else {
ERROR("server_recv_send");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
}
} else if (s < r) {
remote->buf_len = r - s;
remote->buf_idx = s;
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
}
return;
} else if (server->stage == 0) {
/*
* Shadowsocks TCP Relay Header:
*
* +------+----------+----------+----------------+
* | ATYP | DST.ADDR | DST.PORT | HMAC-SHA1 |
* +------+----------+----------+----------------+
* | 1 | Variable | 2 | 10 |
* +------+----------+----------+----------------+
*
* If ATYP & ONETIMEAUTH_FLAG(0x10) == 1, Authentication (HMAC-SHA1) is enabled.
*
* The key of HMAC-SHA1 is (IV + KEY) and the input is the whole header.
* The output of HMAC-SHA is truncated to 10 bytes (leftmost bits).
*/
/*
* Shadowsocks TCP Request's Chunk Authentication (Optional, no hash check for response's payload):
*
* +------+-----------+-------------+------+
* | LEN | HMAC-SHA1 | DATA | ...
* +------+-----------+-------------+------+
* | 2 | 10 | Variable | ...
* +------+-----------+-------------+------+
*
* The key of HMAC-SHA1 is (IV + CHUNK ID)
* The output of HMAC-SHA is truncated to 10 bytes (leftmost bits).
*/
int offset = 0;
int need_query = 0;
char atyp = server->buf[offset++];
char host[256] = { 0 };
uint16_t port = 0;
struct addrinfo info;
struct sockaddr_storage storage;
memset(&info, 0, sizeof(struct addrinfo));
memset(&storage, 0, sizeof(struct sockaddr_storage));
// get remote addr and port
if ((atyp & ADDRTYPE_MASK) == 1) {
// IP V4
struct sockaddr_in *addr = (struct sockaddr_in *)&storage;
size_t in_addr_len = sizeof(struct in_addr);
addr->sin_family = AF_INET;
if (r > in_addr_len) {
addr->sin_addr = *(struct in_addr *)(server->buf + offset);
dns_ntop(AF_INET, (const void *)(server->buf + offset),
host, INET_ADDRSTRLEN);
offset += in_addr_len;
} else {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
addr->sin_port = *(uint16_t *)(server->buf + offset);
info.ai_family = AF_INET;
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
info.ai_addrlen = sizeof(struct sockaddr_in);
info.ai_addr = (struct sockaddr *)addr;
} else if ((atyp & ADDRTYPE_MASK) == 3) {
// Domain name
uint8_t name_len = *(uint8_t *)(server->buf + offset);
if (name_len < r) {
memcpy(host, server->buf + offset + 1, name_len);
offset += name_len + 1;
} else {
LOGE("invalid name length: %d", name_len);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
struct cork_ip ip;
if (cork_ip_init(&ip, host) != -1) {
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
if (ip.version == 4) {
struct sockaddr_in *addr = (struct sockaddr_in *)&storage;
dns_pton(AF_INET, host, &(addr->sin_addr));
addr->sin_port = *(uint16_t *)(server->buf + offset);
addr->sin_family = AF_INET;
info.ai_family = AF_INET;
info.ai_addrlen = sizeof(struct sockaddr_in);
info.ai_addr = (struct sockaddr *)addr;
} else if (ip.version == 6) {
struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage;
dns_pton(AF_INET6, host, &(addr->sin6_addr));
addr->sin6_port = *(uint16_t *)(server->buf + offset);
addr->sin6_family = AF_INET6;
info.ai_family = AF_INET6;
info.ai_addrlen = sizeof(struct sockaddr_in6);
info.ai_addr = (struct sockaddr *)addr;
}
} else {
need_query = 1;
}
} else if ((atyp & ADDRTYPE_MASK) == 4) {
// IP V6
struct sockaddr_in6 *addr = (struct sockaddr_in6 *)&storage;
size_t in6_addr_len = sizeof(struct in6_addr);
addr->sin6_family = AF_INET6;
if (r > in6_addr_len) {
addr->sin6_addr = *(struct in6_addr *)(server->buf + offset);
dns_ntop(AF_INET6, (const void *)(server->buf + offset),
host, INET6_ADDRSTRLEN);
offset += in6_addr_len;
} else {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
addr->sin6_port = *(uint16_t *)(server->buf + offset);
info.ai_family = AF_INET6;
info.ai_socktype = SOCK_STREAM;
info.ai_protocol = IPPROTO_TCP;
info.ai_addrlen = sizeof(struct sockaddr_in6);
info.ai_addr = (struct sockaddr *)addr;
}
if (offset == 1) {
LOGE("invalid header with addr type %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
if (acl && !need_query && acl_contains_ip(host)) {
if (verbose) {
LOGI("Access denied to %s", host);
}
close_and_free_server(EV_A_ server);
return;
}
port = (*(uint16_t *)(server->buf + offset));
offset += 2;
if (auth || (atyp & ONETIMEAUTH_FLAG)) {
if (ss_onetimeauth_verify(server->buf + offset, server->buf, offset, server->d_ctx->evp.iv)) {
LOGE("authentication error %d", atyp);
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
};
offset += ONETIMEAUTH_BYTES;
server->auth = 1;
}
if (verbose) {
LOGI("connect to: %s:%d", host, ntohs(port));
}
// XXX: should handle buffer carefully
if (r > offset) {
server->buf_len = r - offset;
memmove(server->buf, server->buf + offset, server->buf_len);
}
if (server->auth && !ss_check_hash(&server->buf, &server->buf_len, server->chunk, server->d_ctx, BUF_SIZE)) {
LOGE("hash error");
report_addr(server->fd);
close_and_free_server(EV_A_ server);
return;
}
if (!need_query) {
struct remote *remote = connect_to_remote(&info, server);
if (remote == NULL) {
LOGE("connect error");
close_and_free_server(EV_A_ server);
return;
} else {
server->remote = remote;
remote->server = server;
// XXX: should handle buffer carefully
if (server->buf_len > 0) {
memcpy(remote->buf, server->buf + server->buf_idx, server->buf_len);
remote->buf_len = server->buf_len;
remote->buf_idx = 0;
server->buf_len = 0;
server->buf_idx = 0;
}
server->stage = 4;
// listen to remote connected event
ev_io_stop(EV_A_ & server_recv_ctx->io);
ev_io_start(EV_A_ & remote->send_ctx->io);
}
} else {
server->stage = 4;
server->query = resolv_query(host, server_resolve_cb, NULL, server,
port);
ev_io_stop(EV_A_ & server_recv_ctx->io);
}
return;
}
// should not reach here
FATAL("server context error");
}
