/* Getaddrinfo implementation */
static jb_socket rfc2553_connect_to(const char *host, int portnum, struct client_state *csp, int is_proxy)
{
struct addrinfo hints, *result, *rp;
char service[6];
int retval;
jb_socket fd;
fd_set wfds;
struct timeval timeout;
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
int flags;
#endif
int connect_failed;
/*
* XXX: Initializeing it here is only necessary
* because not all situations are properly
* covered yet.
*/
int socket_error = 0;
if (is_proxy) {
log_time_stage(csp, TIME_STAGE_PROXY_DNS_START);
}else {
log_time_stage(csp, TIME_STAGE_DNS_START);
}
struct access_control_addr dst[1];
/* Don't leak memory when retrying. */
freez(csp->error_message);
freez(csp->http->host_ip_addr_str);
retval = snprintf(service, sizeof(service), "%d", portnum);
if ((-1 == retval) || (sizeof(service) <= retval))
{
log_error(LOG_LEVEL_ERROR,
"Port number (%d) ASCII decimal representation doesn't fit into 6 bytes",
portnum);
csp->error_message = strdup("Invalid port number");
csp->http->host_ip_addr_str = strdup("unknown");
return(JB_INVALID_SOCKET);
}
memset((char *)&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_NUMERICSERV; /* avoid service look-up */
#ifdef AI_ADDRCONFIG
hints.ai_flags |= AI_ADDRCONFIG;
#endif
if ((retval = getaddrinfo(host, service, &hints, &result)))
{
if (is_proxy) {
log_time_stage(csp, TIME_STAGE_PROXY_DNS_FAIL);
}else {
log_time_stage(csp, TIME_STAGE_DNS_FAIL);
if (proxy_list) {
csp->routing = ROUTE_PROXY;
csp->current_forward_stage = FORWARD_STAGE_DNS_FAILURE;
return connect_to_forward(csp, proxy_list, 1);
}
}
log_error(LOG_LEVEL_INFO,
"Can not resolve %s: %s", host, gai_strerror(retval));
/* XXX: Should find a better way to propagate this error. */
errno = EINVAL;
csp->error_message = strdup(gai_strerror(retval));
csp->http->host_ip_addr_str = strdup("unknown");
return(JB_INVALID_SOCKET);
}
csp->http->host_ip_addr_str = malloc_or_die(NI_MAXHOST);
for (rp = result; rp != NULL; rp = rp->ai_next)
{
memcpy(&dst->addr, rp->ai_addr, rp->ai_addrlen);
#ifdef FEATURE_ACL
if (block_acl(dst, csp))
{
#ifdef __OS2__
socket_error = errno = SOCEPERM;
#else
socket_error = errno = EPERM;
#endif
continue;
}
#endif /* def FEATURE_ACL */
retval = getnameinfo(rp->ai_addr, rp->ai_addrlen, csp->http->host_ip_addr_str, NI_MAXHOST, NULL, 0, NI_NUMERICHOST);
if (retval)
{
log_error(LOG_LEVEL_ERROR,
"Failed to get the host name from the socket structure: %s",
gai_strerror(retval));
continue;
}
if (is_proxy) {
log_time_stage(csp, TIME_STAGE_PROXY_DNS_END);
}else {
csp->http->remote_host_ip_addr_str = strdup_or_die(csp->http->host_ip_addr_str);
log_time_stage(csp, TIME_STAGE_DNS_END);
}
if (!is_proxy) {
if (dst->addr.ss_family == AF_INET) {
// IPv4
if (csp->current_forward_stage == FORWARD_STAGE_NONE && !csp->forward_determined) {
log_time_stage(csp, TIME_STAGE_IP_RULE_MATCH_START);
struct forward_spec *fwd = forward_ip(csp, dst->addr);
log_time_stage(csp, TIME_STAGE_IP_RULE_MATCH_END);
csp->forward_determined = 1;
if (csp->routing == ROUTE_NONE) {
log_time_stage(csp, TIME_STAGE_DNS_IP_RULE_MATCH_START);
fwd = forward_dns_pollution_ip(csp, dst->addr);
log_time_stage(csp, TIME_STAGE_DNS_IP_RULE_MATCH_END);
if (csp->routing == ROUTE_NONE) {
if (global_mode && proxy_list) {
log_time_stage(csp, TIME_STAGE_GLOBAL_MODE);
fwd = proxy_list;
csp->routing = ROUTE_PROXY;
}else {
log_time_stage(csp, TIME_STAGE_NON_GLOBAL_MODE);
csp->routing = ROUTE_DIRECT;
}
}
}
if (csp->routing == ROUTE_NONE || csp->routing == ROUTE_DIRECT) {
}else if (csp->routing == ROUTE_BLOCK) {
log_error(LOG_LEVEL_CONNECT,
"Block request to ip: %s", csp->http->host_ip_addr_str);
return JB_INVALID_SOCKET;
}else {
if (fwd) {
return connect_to_forward(csp, fwd, 1);
}else {
// No proxy provided.
}
}
}
}else {
csp->is_ipv6 = 1;
csp->routing = ROUTE_DIRECT;
log_time_stage(csp, TIME_STAGE_IPV6);
}
}
if (is_proxy) {
log_time_stage(csp, TIME_STAGE_PROXY_START);
}else {
log_time_stage(csp, TIME_STAGE_REMOTE_START);
}
fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
#ifdef _WIN32
if (fd == JB_INVALID_SOCKET)
#else
if (fd < 0)
#endif
{
continue;
}
#ifndef _WIN32
if (fd >= FD_SETSIZE)
{
log_error(LOG_LEVEL_ERROR,
"Server socket number too high to use select(): %d >= %d",
fd, FD_SETSIZE);
close_socket(fd);
freeaddrinfo(result);
return JB_INVALID_SOCKET;
}
#endif
#ifdef FEATURE_EXTERNAL_FILTERS
mark_socket_for_close_on_execute(fd);
#endif
set_no_delay_flag(fd);
int yes = 1;
setsockopt (fd, SOL_SOCKET, SO_NOSIGPIPE, (char *) &yes, sizeof (yes));
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
if ((flags = fcntl(fd, F_GETFL, 0)) != -1)
{
flags |= O_NDELAY;
fcntl(fd, F_SETFL, flags);
}
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
connect_failed = 0;
while (connect(fd, rp->ai_addr, rp->ai_addrlen) == JB_INVALID_SOCKET)
{
#ifdef __OS2__
errno = sock_errno();
#endif /* __OS2__ */
#ifdef _WIN32
if (errno == WSAEINPROGRESS)
#else /* ifndef _WIN32 */
if (errno == EINPROGRESS)
#endif /* ndef _WIN32 || __OS2__ */
{
break;
}
if (errno != EINTR)
{
socket_error = errno;
close_socket(fd);
connect_failed = 1;
break;
}
}
if (connect_failed)
{
continue;
}
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
if (flags != -1)
{
flags &= ~O_NDELAY;
fcntl(fd, F_SETFL, flags);
}
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
/* wait for connection to complete */
FD_ZERO(&wfds);
FD_SET(fd, &wfds);
memset(&timeout, 0, sizeof(timeout));
timeout.tv_sec = 30;
/* MS Windows uses int, not SOCKET, for the 1st arg of select(). Weird! */
if ((select((int)fd + 1, NULL, &wfds, NULL, &timeout) > 0) && FD_ISSET(fd, &wfds))
{
socklen_t optlen = sizeof(socket_error);
if (!getsockopt(fd, SOL_SOCKET, SO_ERROR, &socket_error, &optlen))
{
if (!socket_error)
{
/* Connection established, no need to try other addresses. */
break;
}
if (rp->ai_next != NULL)
{
/*
* There's another address we can try, so log that this
* one didn't work out. If the last one fails, too,
* it will get logged outside the loop body so we don't
* have to mention it here.
*/
log_error(LOG_LEVEL_CONNECT, "Could not connect to [%s]:%s: %s.",
csp->http->host_ip_addr_str, service, strerror(socket_error));
}
}
else
{
socket_error = errno;
log_error(LOG_LEVEL_ERROR, "Could not get the state of "
"the connection to [%s]:%s: %s; dropping connection.",
csp->http->host_ip_addr_str, service, strerror(errno));
}
}
/* Connection failed, try next address */
close_socket(fd);
}
freeaddrinfo(result);
if (!rp)
{
log_error(LOG_LEVEL_CONNECT, "Could not connect to [%s]:%s: %s.",
host, service, strerror(socket_error));
csp->error_message = strdup(strerror(socket_error));
return(JB_INVALID_SOCKET);
}
log_error(LOG_LEVEL_CONNECT, "Connected to %s[%s]:%s.",
host, csp->http->host_ip_addr_str, service);
if (is_proxy) {
log_time_stage(csp, TIME_STAGE_PROXY_CONNECTED);
}else {
log_time_stage(csp, TIME_STAGE_REMOTE_CONNECTED);
}
return(fd);
}
static jb_socket no_rfc2553_connect_to(const char *host, int portnum, struct client_state *csp)
{
struct sockaddr_in inaddr;
jb_socket fd;
unsigned int addr;
fd_set wfds;
struct timeval tv[1];
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
int flags;
#endif
#ifdef FEATURE_ACL
struct access_control_addr dst[1];
#endif /* def FEATURE_ACL */
/* Don't leak memory when retrying. */
freez(csp->http->host_ip_addr_str);
memset((char *)&inaddr, 0, sizeof inaddr);
if ((addr = resolve_hostname_to_ip(host)) == INADDR_NONE)
{
csp->http->host_ip_addr_str = strdup("unknown");
return(JB_INVALID_SOCKET);
}
#ifdef FEATURE_ACL
dst->addr = ntohl(addr);
dst->port = portnum;
if (block_acl(dst, csp))
{
#ifdef __OS2__
errno = SOCEPERM;
#else
errno = EPERM;
#endif
return(JB_INVALID_SOCKET);
}
#endif /* def FEATURE_ACL */
inaddr.sin_addr.s_addr = addr;
inaddr.sin_family = AF_INET;
csp->http->host_ip_addr_str = strdup(inet_ntoa(inaddr.sin_addr));
#ifndef _WIN32
if (sizeof(inaddr.sin_port) == sizeof(short))
#endif /* ndef _WIN32 */
{
inaddr.sin_port = htons((unsigned short) portnum);
}
#ifndef _WIN32
else
{
inaddr.sin_port = htonl((unsigned long)portnum);
}
#endif /* ndef _WIN32 */
fd = socket(inaddr.sin_family, SOCK_STREAM, 0);
#ifdef _WIN32
if (fd == JB_INVALID_SOCKET)
#else
if (fd < 0)
#endif
{
return(JB_INVALID_SOCKET);
}
#ifndef _WIN32
if (fd >= FD_SETSIZE)
{
log_error(LOG_LEVEL_ERROR,
"Server socket number too high to use select(): %d >= %d",
fd, FD_SETSIZE);
close_socket(fd);
return JB_INVALID_SOCKET;
}
#endif
set_no_delay_flag(fd);
int yes = 1;
setsockopt (fd, SOL_SOCKET, SO_NOSIGPIPE, (char *) &yes, sizeof (yes));
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
if ((flags = fcntl(fd, F_GETFL, 0)) != -1)
{
flags |= O_NDELAY;
fcntl(fd, F_SETFL, flags);
#ifdef FEATURE_EXTERNAL_FILTERS
mark_socket_for_close_on_execute(fd);
#endif
}
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
while (connect(fd, (struct sockaddr *) & inaddr, sizeof inaddr) == JB_INVALID_SOCKET)
{
#ifdef _WIN32
if (errno == WSAEINPROGRESS)
#elif __OS2__
if (sock_errno() == EINPROGRESS)
#else /* ifndef _WIN32 */
if (errno == EINPROGRESS)
#endif /* ndef _WIN32 || __OS2__ */
{
break;
}
#ifdef __OS2__
if (sock_errno() != EINTR)
#else
if (errno != EINTR)
#endif /* __OS2__ */
{
close_socket(fd);
return(JB_INVALID_SOCKET);
}
}
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
if (flags != -1)
{
flags &= ~O_NDELAY;
fcntl(fd, F_SETFL, flags);
}
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
/* wait for connection to complete */
FD_ZERO(&wfds);
FD_SET(fd, &wfds);
tv->tv_sec = 30;
tv->tv_usec = 0;
/* MS Windows uses int, not SOCKET, for the 1st arg of select(). Weird! */
if (select((int)fd + 1, NULL, &wfds, NULL, tv) <= 0)
{
close_socket(fd);
return(JB_INVALID_SOCKET);
}
return(fd);
}
/*********************************************************************
*
* Function : connect_to
*
* Description : Open a socket and connect to it. Will check
* that this is allowed according to ACL.
*
* Parameters :
* 1 : host = hostname to connect to
* 2 : portnum = port to connent on
* 3 : csp = Current client state (buffers, headers, etc...)
* Not modified, only used for source IP and ACL.
*
* Returns : JB_INVALID_SOCKET => failure, else it is the socket
* file descriptor.
*
*********************************************************************/
jb_socket connect_to(const char *host, int portnum, struct client_state *csp)
{
#define MAX_EVENTS 1024
struct sockaddr_in inaddr;
jb_socket fd, epollfd;
int addr;
//fd_set wfds;
//struct timeval tv[1];
struct epoll_event ev;
struct epoll_event evlist[MAX_EVENTS];
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA)
int flags;
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) */
#ifdef FEATURE_ACL
struct access_control_addr dst[1];
#endif /* def FEATURE_ACL */
memset((char *)&inaddr, 0, sizeof inaddr);
if ((addr = resolve_hostname_to_ip(host)) == INADDR_NONE)
{
csp->http->host_ip_addr_str = strdup("unknown");
return(JB_INVALID_SOCKET);
}
log_error(LOG_LEVEL_GPC, "host == %s, port == %d", host, portnum);
#ifdef FEATURE_ACL
dst->addr = ntohl((unsigned long) addr);
dst->port = portnum;
if (block_acl(dst, csp))
{
#ifdef __OS2__
errno = SOCEPERM;
#else
errno = EPERM;
#endif
return(JB_INVALID_SOCKET);
}
#endif /* def FEATURE_ACL */
inaddr.sin_addr.s_addr = addr;
inaddr.sin_family = AF_INET;
csp->http->host_ip_addr_str = strdup(inet_ntoa(inaddr.sin_addr));
#ifndef _WIN32
if (sizeof(inaddr.sin_port) == sizeof(short))
#endif /* ndef _WIN32 */
{
inaddr.sin_port = htons((unsigned short) portnum);
}
#ifndef _WIN32
else
{
inaddr.sin_port = htonl((unsigned long)portnum);
}
#endif /* ndef _WIN32 */
#ifdef _WIN32
if ((fd = socket(inaddr.sin_family, SOCK_STREAM, 0)) == JB_INVALID_SOCKET)
#else
if ((fd = socket(inaddr.sin_family, SOCK_STREAM, 0)) < 0)
#endif
{
return(JB_INVALID_SOCKET);
}
#ifdef TCP_NODELAY
{ /* turn off TCP coalescence */
int mi = 1;
setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *) &mi, sizeof (int));
}
#endif /* def TCP_NODELAY */
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
if ((flags = fcntl(fd, F_GETFL, 0)) != -1)
{
flags |= O_NDELAY;
fcntl(fd, F_SETFL, flags);
}
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
while (connect(fd, (struct sockaddr *) & inaddr, sizeof inaddr) == JB_INVALID_SOCKET)
{
#ifdef _WIN32
if (errno == WSAEINPROGRESS)
#elif __OS2__
if (sock_errno() == EINPROGRESS)
#else /* ifndef _WIN32 */
if (errno == EINPROGRESS)
#endif /* ndef _WIN32 || __OS2__ */
{
break;
}
#ifdef __OS2__
if (sock_errno() != EINTR)
#else
if (errno != EINTR)
#endif /* __OS2__ */
{
close_socket(fd);
return(JB_INVALID_SOCKET);
}
}
#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
if (flags != -1)
{
flags &= ~O_NDELAY;
fcntl(fd, F_SETFL, flags);
}
#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
/* wait for connection to complete */
//FD_ZERO(&wfds);
//FD_SET(fd, &wfds);
//tv->tv_sec = 30;
//tv->tv_usec = 0;
epollfd = epoll_create(MAX_EVENTS);
if (epollfd == -1)
{
log_error(LOG_LEVEL_GPC, "epoll_create error");
return JB_INVALID_SOCKET;
}
ev.data.fd = fd;
ev.events = EPOLLIN | EPOLLOUT;
if (epoll_ctl(epollfd, EPOLL_CTL_ADD, fd, &ev) == -1)
{
log_error(LOG_LEVEL_GPC, "epoll_ctl error");
return JB_INVALID_SOCKET;
}
log_error(LOG_LEVEL_GPC, "int connect() : before select");
/* MS Windows uses int, not SOCKET, for the 1st arg of select(). Wierd! */
#if 0
if (select((int)fd + 1, NULL, &wfds, NULL, tv) <= 0)
#endif
if (epoll_wait(epollfd, evlist, MAX_EVENTS, -1) <= 0)
{
log_error(LOG_LEVEL_GPC, "in select");
close_socket(fd);
return(JB_INVALID_SOCKET);
}
log_error(LOG_LEVEL_GPC, "int connect() : after select");
return(fd);
}
