TDataConnection *ProxyOpenDataConnection(TSession *Session, int Flags)
{
int result=FALSE, val;
char *Type="ToServer", *ptr, *Tempstr=NULL;
char *Message=NULL;
TDataConnection *DataCon;
DataCon=Session->ProxyDataConnection;
LogToFile(Settings.LogPath, "PRoxy OPD %s",DataCon->SourceAddress);
//May already be open
if (DataCon->Sock !=NULL) return(DataCon);
if (DataCon->Flags & DC_OUTGOING)
{
GetSockDetails(Session->ProxySock->in_fd,&DataCon->SourceAddress,&val,&Tempstr,&val);
result=MakeOutgoingDataConnection(Session->ProxySock, DataCon, Type);
if (! CopyToSock(Session->ClientSock, Session->ProxySock)) return(NULL);
LogToFile(Settings.LogPath, "PRoxy MOD %s %d",DataCon->DestAddress,DataCon->DestPort);
}
else
{
GetSockDetails(Session->ProxySock->in_fd,&DataCon->DestAddress,&val,&Tempstr,&val);
Type="FromServer";
LogToFile(Settings.LogPath, "PRoxy MID %s %d",DataCon->DestAddress,DataCon->SourcePort);
result=MakeIncomingDataConnection(Session->ClientSock, DataCon, Type);
}
/*
if (Session->Flags & SESSION_COMPRESSED_TRANSFERS)
{
Tempstr=CopyStr(Tempstr,"");
ptr=GetVar(Session->Vars,"Opt:Mode Z:LEVEL");
if (StrLen(ptr)) Tempstr=MCopyStr(Tempstr,"level=",ptr,NULL);
LogToFile(Settings.LogPath, "Compression Level %s",ptr);
STREAMAddStandardDataProcessor(DataCon->Sock,"compression","zlib",Tempstr);
}
*/
DestroyString(Tempstr);
return(DataCon);
}
void HandleClient()
{
TSession *Session;
char *Tempstr=NULL;
int i;
Session=(TSession *) calloc(1,sizeof(TSession));
Session->Shell=CopyStr(Session->Shell,Settings.DefaultShell);
Session->S=STREAMFromDualFD(0,1);
STREAMSetTimeout(Session->S,0);
GetSockDetails(0, &Session->ServerIP, &i, &Session->ClientIP, &i);
GetClientHardwareAddress(Session);
Session->ClientHost=CopyStr(Session->ClientHost,IPStrToHostName(Session->ClientIP));
openlog("ptelnetd",LOG_PID|LOG_NDELAY,LOG_AUTH);
if (StrLen(Session->ClientMAC)) syslog(Settings.InfoLogLevel,"connection from: %s (%s / %s)", Session->ClientHost, Session->ClientIP, Session->ClientMAC);
else syslog(Settings.InfoLogLevel,"connection from: %s (%s)", Session->ClientHost, Session->ClientIP);
if (! CheckClientPermissions(Session)) Session->Flags |= FLAG_DENYAUTH;
chdir(Settings.ChDir);
if (StrLen(Settings.ChDir)==0) chdir(Settings.ChDir);
if (Settings.Flags & FLAG_CHROOT) chroot(".");
TelnetSendNegotiation(Session->S, TELNET_WONT, TELNET_LINEMODE);
TelnetSendNegotiation(Session->S, TELNET_WILL, TELNET_NOGOAHEAD);
//TelnetSendNegotiation(Session->S, TELNET_DONT, TELNET_LINEMODE);
TelnetSendNegotiation(Session->S, TELNET_WILL, TELNET_ECHO);
if (StrLen(Settings.Banner))
{
Tempstr=SessionSubstituteVars(Tempstr,Settings.Banner,Session);
STREAMWriteLine(Tempstr,Session->S);
STREAMWriteLine("\r\n",Session->S);
}
if (strcmp(Settings.AuthMethods,"open")==0) Session->Flags |= FLAG_AUTHENTICATED;
else
{
for (i=0; i < Settings.AuthTries; i++)
{
if (Login(Session)) break;
printf("\r\nLogin incorrect\r\n"); fflush(NULL);
if (! (Settings.Flags & FLAG_DENYAUTH)){
openlog("ptelnetd",LOG_PID|LOG_NDELAY,LOG_AUTH);
syslog(Settings.ErrorLogLevel,"%s@%s login failed: tries used %d/%d",Session->User,Session->ClientIP,i,Settings.AuthTries);
}
sleep(Settings.AuthDelay);
}
}
if (Session->Flags & FLAG_AUTHENTICATED)
{
syslog(Settings.InfoLogLevel,"%s@%s logged in after %d tries",Session->User,Session->ClientIP,i);
RunTelnetSession(Session);
}
else syslog(Settings.ErrorLogLevel,"login from %s failed after %d tries",Session->ClientIP,i);
DestroyString(Tempstr);
free(Session);
_exit(0);
}
//This function reads the first line of an HTTP Request, including the Method, URL, and cgi arguments
void HTTPServerParseCommand(HTTPSession *Session, STREAM *S, char *Command)
{
char *Token=NULL, *ptr, *tmp_ptr;
int val;
GetSockDetails(S->in_fd,&Session->ServerName,&Session->ServerPort,&Session->ClientIP,&val);
GetHostARP(Session->ClientIP, &Token, &Session->ClientMAC);
if ((Settings.Flags & FLAG_LOOKUP_CLIENT) && StrLen(Session->ClientIP)) Session->ClientHost=CopyStr(Session->ClientHost,IPStrToHostName(Session->ClientIP));
LogToFile(Settings.LogPath,"");
//Log first line of the response
Token=MCopyStr(Token, "NEW REQUEST: ",Session->ClientHost," (",Session->ClientIP,") ", Command, NULL);
if (Settings.Flags & FLAG_SSL)
{
Session->Cipher=CopyStr(Session->Cipher,STREAMGetValue(S,"SSL-Cipher"));
Token=MCatStr(Token," SSL-CIPHER=", Session->Cipher, NULL);
if (! HTTPServerCheckCertificate(Session,S)) exit(1);
//Set the Username to be the common name signed in the certificate. If it doesn't
//authenticate against a user then we can query for a username later
Session->UserName=CopyStr(Session->UserName,STREAMGetValue(Session->S,"SSL-Certificate-CommonName"));
if (Settings.AuthFlags & FLAG_AUTH_CERT_SUFFICIENT)
{
if (StrLen(Session->UserName)) Session->AuthFlags |= FLAG_AUTH_PRESENT;
}
}
LogToFile(Settings.LogPath, "%s", Token);
//Read Method (GET, POST, etc)
ptr=GetToken(Command,"\\S",&Session->Method,0);
Session->MethodID=MatchTokenFromList(Session->Method,HTTPMethods,0);
//Read URL
ptr=GetToken(ptr,"\\S",&Token,0);
//Read Protocol (HTTP1.0, HTTP1.1, etc)
ptr=GetToken(ptr,"\\S",&Session->Protocol,0);
if (! StrLen(Session->Protocol)) Session->Protocol=CopyStr(Session->Protocol,"HTTP/1.0");
tmp_ptr=Token;
//Clip out arguments from URL
tmp_ptr=strchr(Token,'?');
if (tmp_ptr)
{
*tmp_ptr='\0';
tmp_ptr++;
// Session->Arguments=HTTPUnQuote(Session->Arguments,tmp_ptr);
//Don't unquote arguments here, one of them might contain '&'
Session->Arguments=CopyStr(Session->Arguments,tmp_ptr);
}
//URL with arguments removed is the 'true' URL
Session->OriginalURL=CopyStr(Session->OriginalURL,Token);
if (StrLen(Session->OriginalURL)==0) Session->OriginalURL=CopyStr(Session->OriginalURL,"/");
if
(
(strncasecmp(Session->OriginalURL,"http:",5)==0) ||
(strncasecmp(Session->OriginalURL,"https:",6)==0)
)
{
if (Session->MethodID==METHOD_GET)
{
Session->Method=CopyStr(Session->Method,"RGET");
Session->MethodID=METHOD_RGET;
}
if (Session->MethodID==METHOD_POST)
{
Session->Method=CopyStr(Session->Method,"RPOST");
Session->MethodID=METHOD_RPOST;
}
}
DestroyString(Token);
}
