socks.c 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.haxx.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. ***************************************************************************/
  22. #include "curl_setup.h"
  23. #if !defined(CURL_DISABLE_PROXY)
  24. #ifdef HAVE_NETINET_IN_H
  25. #include <netinet/in.h>
  26. #endif
  27. #ifdef HAVE_ARPA_INET_H
  28. #include <arpa/inet.h>
  29. #endif
  30. #include "urldata.h"
  31. #include "sendf.h"
  32. #include "select.h"
  33. #include "connect.h"
  34. #include "timeval.h"
  35. #include "socks.h"
  36. /* The last #include file should be: */
  37. #include "memdebug.h"
  38. /*
  39. * Helper read-from-socket functions. Does the same as Curl_read() but it
  40. * blocks until all bytes amount of buffersize will be read. No more, no less.
  41. *
  42. * This is STUPID BLOCKING behaviour which we frown upon, but right now this
  43. * is what we have...
  44. */
  45. int Curl_blockread_all(struct connectdata *conn, /* connection data */
  46. curl_socket_t sockfd, /* read from this socket */
  47. char *buf, /* store read data here */
  48. ssize_t buffersize, /* max amount to read */
  49. ssize_t *n) /* amount bytes read */
  50. {
  51. ssize_t nread = 0;
  52. ssize_t allread = 0;
  53. int result;
  54. *n = 0;
  55. for(;;) {
  56. timediff_t timeleft = Curl_timeleft(conn->data, NULL, TRUE);
  57. if(timeleft < 0) {
  58. /* we already got the timeout */
  59. result = CURLE_OPERATION_TIMEDOUT;
  60. break;
  61. }
  62. if(SOCKET_READABLE(sockfd, timeleft) <= 0) {
  63. result = ~CURLE_OK;
  64. break;
  65. }
  66. result = Curl_read_plain(sockfd, buf, buffersize, &nread);
  67. if(CURLE_AGAIN == result)
  68. continue;
  69. if(result)
  70. break;
  71. if(buffersize == nread) {
  72. allread += nread;
  73. *n = allread;
  74. result = CURLE_OK;
  75. break;
  76. }
  77. if(!nread) {
  78. result = ~CURLE_OK;
  79. break;
  80. }
  81. buffersize -= nread;
  82. buf += nread;
  83. allread += nread;
  84. }
  85. return result;
  86. }
  87. /*
  88. * This function logs in to a SOCKS4 proxy and sends the specifics to the final
  89. * destination server.
  90. *
  91. * Reference :
  92. * https://www.openssh.com/txt/socks4.protocol
  93. *
  94. * Note :
  95. * Set protocol4a=true for "SOCKS 4A (Simple Extension to SOCKS 4 Protocol)"
  96. * Nonsupport "Identification Protocol (RFC1413)"
  97. */
  98. CURLcode Curl_SOCKS4(const char *proxy_user,
  99. const char *hostname,
  100. int remote_port,
  101. int sockindex,
  102. struct connectdata *conn)
  103. {
  104. const bool protocol4a =
  105. (conn->socks_proxy.proxytype == CURLPROXY_SOCKS4A) ? TRUE : FALSE;
  106. #define SOCKS4REQLEN 262
  107. unsigned char socksreq[SOCKS4REQLEN]; /* room for SOCKS4 request incl. user
  108. id */
  109. CURLcode code;
  110. curl_socket_t sock = conn->sock[sockindex];
  111. struct Curl_easy *data = conn->data;
  112. if(Curl_timeleft(data, NULL, TRUE) < 0) {
  113. /* time-out, bail out, go home */
  114. failf(data, "Connection time-out");
  115. return CURLE_OPERATION_TIMEDOUT;
  116. }
  117. if(conn->bits.httpproxy)
  118. infof(conn->data, "SOCKS4%s: connecting to HTTP proxy %s port %d\n",
  119. protocol4a ? "a" : "", hostname, remote_port);
  120. (void)curlx_nonblock(sock, FALSE);
  121. infof(data, "SOCKS4 communication to %s:%d\n", hostname, remote_port);
  122. /*
  123. * Compose socks4 request
  124. *
  125. * Request format
  126. *
  127. * +----+----+----+----+----+----+----+----+----+----+....+----+
  128. * | VN | CD | DSTPORT | DSTIP | USERID |NULL|
  129. * +----+----+----+----+----+----+----+----+----+----+....+----+
  130. * # of bytes: 1 1 2 4 variable 1
  131. */
  132. socksreq[0] = 4; /* version (SOCKS4) */
  133. socksreq[1] = 1; /* connect */
  134. socksreq[2] = (unsigned char)((remote_port >> 8) & 0xff); /* PORT MSB */
  135. socksreq[3] = (unsigned char)(remote_port & 0xff); /* PORT LSB */
  136. /* DNS resolve only for SOCKS4, not SOCKS4a */
  137. if(!protocol4a) {
  138. struct Curl_dns_entry *dns;
  139. Curl_addrinfo *hp = NULL;
  140. int rc;
  141. rc = Curl_resolv(conn, hostname, remote_port, &dns);
  142. if(rc == CURLRESOLV_ERROR)
  143. return CURLE_COULDNT_RESOLVE_PROXY;
  144. if(rc == CURLRESOLV_PENDING)
  145. /* ignores the return code, but 'dns' remains NULL on failure */
  146. (void)Curl_resolver_wait_resolv(conn, &dns);
  147. /*
  148. * We cannot use 'hostent' as a struct that Curl_resolv() returns. It
  149. * returns a Curl_addrinfo pointer that may not always look the same.
  150. */
  151. if(dns)
  152. hp = dns->addr;
  153. if(hp) {
  154. char buf[64];
  155. Curl_printable_address(hp, buf, sizeof(buf));
  156. if(hp->ai_family == AF_INET) {
  157. struct sockaddr_in *saddr_in;
  158. saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr;
  159. socksreq[4] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[0];
  160. socksreq[5] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[1];
  161. socksreq[6] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[2];
  162. socksreq[7] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[3];
  163. infof(data, "SOCKS4 connect to IPv4 %s (locally resolved)\n", buf);
  164. }
  165. else {
  166. hp = NULL; /* fail! */
  167. failf(data, "SOCKS4 connection to %s not supported\n", buf);
  168. }
  169. Curl_resolv_unlock(data, dns); /* not used anymore from now on */
  170. }
  171. if(!hp) {
  172. failf(data, "Failed to resolve \"%s\" for SOCKS4 connect.",
  173. hostname);
  174. return CURLE_COULDNT_RESOLVE_HOST;
  175. }
  176. }
  177. /*
  178. * This is currently not supporting "Identification Protocol (RFC1413)".
  179. */
  180. socksreq[8] = 0; /* ensure empty userid is NUL-terminated */
  181. if(proxy_user) {
  182. size_t plen = strlen(proxy_user);
  183. if(plen >= sizeof(socksreq) - 8) {
  184. failf(data, "Too long SOCKS proxy name, can't use!\n");
  185. return CURLE_COULDNT_CONNECT;
  186. }
  187. /* copy the proxy name WITH trailing zero */
  188. memcpy(socksreq + 8, proxy_user, plen + 1);
  189. }
  190. /*
  191. * Make connection
  192. */
  193. {
  194. int result;
  195. ssize_t actualread;
  196. ssize_t written;
  197. ssize_t hostnamelen = 0;
  198. ssize_t packetsize = 9 +
  199. strlen((char *)socksreq + 8); /* size including NUL */
  200. /* If SOCKS4a, set special invalid IP address 0.0.0.x */
  201. if(protocol4a) {
  202. socksreq[4] = 0;
  203. socksreq[5] = 0;
  204. socksreq[6] = 0;
  205. socksreq[7] = 1;
  206. /* If still enough room in buffer, also append hostname */
  207. hostnamelen = (ssize_t)strlen(hostname) + 1; /* length including NUL */
  208. if(packetsize + hostnamelen <= SOCKS4REQLEN)
  209. strcpy((char *)socksreq + packetsize, hostname);
  210. else
  211. hostnamelen = 0; /* Flag: hostname did not fit in buffer */
  212. }
  213. /* Send request */
  214. code = Curl_write_plain(conn, sock, (char *)socksreq,
  215. packetsize + hostnamelen,
  216. &written);
  217. if(code || (written != packetsize + hostnamelen)) {
  218. failf(data, "Failed to send SOCKS4 connect request.");
  219. return CURLE_COULDNT_CONNECT;
  220. }
  221. if(protocol4a && hostnamelen == 0) {
  222. /* SOCKS4a with very long hostname - send that name separately */
  223. hostnamelen = (ssize_t)strlen(hostname) + 1;
  224. code = Curl_write_plain(conn, sock, (char *)hostname, hostnamelen,
  225. &written);
  226. if(code || (written != hostnamelen)) {
  227. failf(data, "Failed to send SOCKS4 connect request.");
  228. return CURLE_COULDNT_CONNECT;
  229. }
  230. }
  231. packetsize = 8; /* receive data size */
  232. /* Receive response */
  233. result = Curl_blockread_all(conn, sock, (char *)socksreq, packetsize,
  234. &actualread);
  235. if(result || (actualread != packetsize)) {
  236. failf(data, "Failed to receive SOCKS4 connect request ack.");
  237. return CURLE_COULDNT_CONNECT;
  238. }
  239. /*
  240. * Response format
  241. *
  242. * +----+----+----+----+----+----+----+----+
  243. * | VN | CD | DSTPORT | DSTIP |
  244. * +----+----+----+----+----+----+----+----+
  245. * # of bytes: 1 1 2 4
  246. *
  247. * VN is the version of the reply code and should be 0. CD is the result
  248. * code with one of the following values:
  249. *
  250. * 90: request granted
  251. * 91: request rejected or failed
  252. * 92: request rejected because SOCKS server cannot connect to
  253. * identd on the client
  254. * 93: request rejected because the client program and identd
  255. * report different user-ids
  256. */
  257. /* wrong version ? */
  258. if(socksreq[0] != 0) {
  259. failf(data,
  260. "SOCKS4 reply has wrong version, version should be 4.");
  261. return CURLE_COULDNT_CONNECT;
  262. }
  263. /* Result */
  264. switch(socksreq[1]) {
  265. case 90:
  266. infof(data, "SOCKS4%s request granted.\n", protocol4a?"a":"");
  267. break;
  268. case 91:
  269. failf(data,
  270. "Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)"
  271. ", request rejected or failed.",
  272. (unsigned char)socksreq[4], (unsigned char)socksreq[5],
  273. (unsigned char)socksreq[6], (unsigned char)socksreq[7],
  274. (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]),
  275. (unsigned char)socksreq[1]);
  276. return CURLE_COULDNT_CONNECT;
  277. case 92:
  278. failf(data,
  279. "Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)"
  280. ", request rejected because SOCKS server cannot connect to "
  281. "identd on the client.",
  282. (unsigned char)socksreq[4], (unsigned char)socksreq[5],
  283. (unsigned char)socksreq[6], (unsigned char)socksreq[7],
  284. (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]),
  285. (unsigned char)socksreq[1]);
  286. return CURLE_COULDNT_CONNECT;
  287. case 93:
  288. failf(data,
  289. "Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)"
  290. ", request rejected because the client program and identd "
  291. "report different user-ids.",
  292. (unsigned char)socksreq[4], (unsigned char)socksreq[5],
  293. (unsigned char)socksreq[6], (unsigned char)socksreq[7],
  294. (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]),
  295. (unsigned char)socksreq[1]);
  296. return CURLE_COULDNT_CONNECT;
  297. default:
  298. failf(data,
  299. "Can't complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)"
  300. ", Unknown.",
  301. (unsigned char)socksreq[4], (unsigned char)socksreq[5],
  302. (unsigned char)socksreq[6], (unsigned char)socksreq[7],
  303. (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]),
  304. (unsigned char)socksreq[1]);
  305. return CURLE_COULDNT_CONNECT;
  306. }
  307. }
  308. (void)curlx_nonblock(sock, TRUE);
  309. return CURLE_OK; /* Proxy was successful! */
  310. }
  311. /*
  312. * This function logs in to a SOCKS5 proxy and sends the specifics to the final
  313. * destination server.
  314. */
  315. CURLcode Curl_SOCKS5(const char *proxy_user,
  316. const char *proxy_password,
  317. const char *hostname,
  318. int remote_port,
  319. int sockindex,
  320. struct connectdata *conn)
  321. {
  322. /*
  323. According to the RFC1928, section "6. Replies". This is what a SOCK5
  324. replies:
  325. +----+-----+-------+------+----------+----------+
  326. |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT |
  327. +----+-----+-------+------+----------+----------+
  328. | 1 | 1 | X'00' | 1 | Variable | 2 |
  329. +----+-----+-------+------+----------+----------+
  330. Where:
  331. o VER protocol version: X'05'
  332. o REP Reply field:
  333. o X'00' succeeded
  334. */
  335. unsigned char socksreq[600]; /* room for large user/pw (255 max each) */
  336. int idx;
  337. ssize_t actualread;
  338. ssize_t written;
  339. int result;
  340. CURLcode code;
  341. curl_socket_t sock = conn->sock[sockindex];
  342. struct Curl_easy *data = conn->data;
  343. timediff_t timeout;
  344. bool socks5_resolve_local =
  345. (conn->socks_proxy.proxytype == CURLPROXY_SOCKS5) ? TRUE : FALSE;
  346. const size_t hostname_len = strlen(hostname);
  347. ssize_t len = 0;
  348. const unsigned long auth = data->set.socks5auth;
  349. bool allow_gssapi = FALSE;
  350. if(conn->bits.httpproxy)
  351. infof(conn->data, "SOCKS5: connecting to HTTP proxy %s port %d\n",
  352. hostname, remote_port);
  353. /* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */
  354. if(!socks5_resolve_local && hostname_len > 255) {
  355. infof(conn->data, "SOCKS5: server resolving disabled for hostnames of "
  356. "length > 255 [actual len=%zu]\n", hostname_len);
  357. socks5_resolve_local = TRUE;
  358. }
  359. /* get timeout */
  360. timeout = Curl_timeleft(data, NULL, TRUE);
  361. if(timeout < 0) {
  362. /* time-out, bail out, go home */
  363. failf(data, "Connection time-out");
  364. return CURLE_OPERATION_TIMEDOUT;
  365. }
  366. (void)curlx_nonblock(sock, TRUE);
  367. /* wait until socket gets connected */
  368. result = SOCKET_WRITABLE(sock, timeout);
  369. if(-1 == result) {
  370. failf(conn->data, "SOCKS5: no connection here");
  371. return CURLE_COULDNT_CONNECT;
  372. }
  373. if(0 == result) {
  374. failf(conn->data, "SOCKS5: connection timeout");
  375. return CURLE_OPERATION_TIMEDOUT;
  376. }
  377. if(result & CURL_CSELECT_ERR) {
  378. failf(conn->data, "SOCKS5: error occurred during connection");
  379. return CURLE_COULDNT_CONNECT;
  380. }
  381. if(auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
  382. infof(conn->data,
  383. "warning: unsupported value passed to CURLOPT_SOCKS5_AUTH: %lu\n",
  384. auth);
  385. if(!(auth & CURLAUTH_BASIC))
  386. /* disable username/password auth */
  387. proxy_user = NULL;
  388. #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
  389. if(auth & CURLAUTH_GSSAPI)
  390. allow_gssapi = TRUE;
  391. #endif
  392. idx = 0;
  393. socksreq[idx++] = 5; /* version */
  394. idx++; /* reserve for the number of authentication methods */
  395. socksreq[idx++] = 0; /* no authentication */
  396. if(allow_gssapi)
  397. socksreq[idx++] = 1; /* GSS-API */
  398. if(proxy_user)
  399. socksreq[idx++] = 2; /* username/password */
  400. /* write the number of authentication methods */
  401. socksreq[1] = (unsigned char) (idx - 2);
  402. (void)curlx_nonblock(sock, FALSE);
  403. infof(data, "SOCKS5 communication to %s:%d\n", hostname, remote_port);
  404. code = Curl_write_plain(conn, sock, (char *)socksreq, (2 + (int)socksreq[1]),
  405. &written);
  406. if(code || (written != (2 + (int)socksreq[1]))) {
  407. failf(data, "Unable to send initial SOCKS5 request.");
  408. return CURLE_COULDNT_CONNECT;
  409. }
  410. (void)curlx_nonblock(sock, TRUE);
  411. result = SOCKET_READABLE(sock, timeout);
  412. if(-1 == result) {
  413. failf(conn->data, "SOCKS5 nothing to read");
  414. return CURLE_COULDNT_CONNECT;
  415. }
  416. if(0 == result) {
  417. failf(conn->data, "SOCKS5 read timeout");
  418. return CURLE_OPERATION_TIMEDOUT;
  419. }
  420. if(result & CURL_CSELECT_ERR) {
  421. failf(conn->data, "SOCKS5 read error occurred");
  422. return CURLE_RECV_ERROR;
  423. }
  424. (void)curlx_nonblock(sock, FALSE);
  425. result = Curl_blockread_all(conn, sock, (char *)socksreq, 2, &actualread);
  426. if(result || (actualread != 2)) {
  427. failf(data, "Unable to receive initial SOCKS5 response.");
  428. return CURLE_COULDNT_CONNECT;
  429. }
  430. if(socksreq[0] != 5) {
  431. failf(data, "Received invalid version in initial SOCKS5 response.");
  432. return CURLE_COULDNT_CONNECT;
  433. }
  434. if(socksreq[1] == 0) {
  435. /* Nothing to do, no authentication needed */
  436. ;
  437. }
  438. #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
  439. else if(allow_gssapi && (socksreq[1] == 1)) {
  440. code = Curl_SOCKS5_gssapi_negotiate(sockindex, conn);
  441. if(code) {
  442. failf(data, "Unable to negotiate SOCKS5 GSS-API context.");
  443. return CURLE_COULDNT_CONNECT;
  444. }
  445. }
  446. #endif
  447. else if(socksreq[1] == 2) {
  448. /* Needs user name and password */
  449. size_t proxy_user_len, proxy_password_len;
  450. if(proxy_user && proxy_password) {
  451. proxy_user_len = strlen(proxy_user);
  452. proxy_password_len = strlen(proxy_password);
  453. }
  454. else {
  455. proxy_user_len = 0;
  456. proxy_password_len = 0;
  457. }
  458. /* username/password request looks like
  459. * +----+------+----------+------+----------+
  460. * |VER | ULEN | UNAME | PLEN | PASSWD |
  461. * +----+------+----------+------+----------+
  462. * | 1 | 1 | 1 to 255 | 1 | 1 to 255 |
  463. * +----+------+----------+------+----------+
  464. */
  465. len = 0;
  466. socksreq[len++] = 1; /* username/pw subnegotiation version */
  467. socksreq[len++] = (unsigned char) proxy_user_len;
  468. if(proxy_user && proxy_user_len)
  469. memcpy(socksreq + len, proxy_user, proxy_user_len);
  470. len += proxy_user_len;
  471. socksreq[len++] = (unsigned char) proxy_password_len;
  472. if(proxy_password && proxy_password_len)
  473. memcpy(socksreq + len, proxy_password, proxy_password_len);
  474. len += proxy_password_len;
  475. code = Curl_write_plain(conn, sock, (char *)socksreq, len, &written);
  476. if(code || (len != written)) {
  477. failf(data, "Failed to send SOCKS5 sub-negotiation request.");
  478. return CURLE_COULDNT_CONNECT;
  479. }
  480. result = Curl_blockread_all(conn, sock, (char *)socksreq, 2, &actualread);
  481. if(result || (actualread != 2)) {
  482. failf(data, "Unable to receive SOCKS5 sub-negotiation response.");
  483. return CURLE_COULDNT_CONNECT;
  484. }
  485. /* ignore the first (VER) byte */
  486. if(socksreq[1] != 0) { /* status */
  487. failf(data, "User was rejected by the SOCKS5 server (%d %d).",
  488. socksreq[0], socksreq[1]);
  489. return CURLE_COULDNT_CONNECT;
  490. }
  491. /* Everything is good so far, user was authenticated! */
  492. }
  493. else {
  494. /* error */
  495. if(!allow_gssapi && (socksreq[1] == 1)) {
  496. failf(data,
  497. "SOCKS5 GSSAPI per-message authentication is not supported.");
  498. return CURLE_COULDNT_CONNECT;
  499. }
  500. if(socksreq[1] == 255) {
  501. if(!proxy_user || !*proxy_user) {
  502. failf(data,
  503. "No authentication method was acceptable. (It is quite likely"
  504. " that the SOCKS5 server wanted a username/password, since none"
  505. " was supplied to the server on this connection.)");
  506. }
  507. else {
  508. failf(data, "No authentication method was acceptable.");
  509. }
  510. return CURLE_COULDNT_CONNECT;
  511. }
  512. else {
  513. failf(data,
  514. "Undocumented SOCKS5 mode attempted to be used by server.");
  515. return CURLE_COULDNT_CONNECT;
  516. }
  517. }
  518. /* Authentication is complete, now specify destination to the proxy */
  519. len = 0;
  520. socksreq[len++] = 5; /* version (SOCKS5) */
  521. socksreq[len++] = 1; /* connect */
  522. socksreq[len++] = 0; /* must be zero */
  523. if(!socks5_resolve_local) {
  524. socksreq[len++] = 3; /* ATYP: domain name = 3 */
  525. socksreq[len++] = (char) hostname_len; /* address length */
  526. memcpy(&socksreq[len], hostname, hostname_len); /* address str w/o NULL */
  527. len += hostname_len;
  528. }
  529. else {
  530. struct Curl_dns_entry *dns;
  531. Curl_addrinfo *hp = NULL;
  532. int rc = Curl_resolv(conn, hostname, remote_port, &dns);
  533. if(rc == CURLRESOLV_ERROR)
  534. return CURLE_COULDNT_RESOLVE_HOST;
  535. if(rc == CURLRESOLV_PENDING) {
  536. /* this requires that we're in "wait for resolve" state */
  537. code = Curl_resolver_wait_resolv(conn, &dns);
  538. if(code)
  539. return code;
  540. }
  541. /*
  542. * We cannot use 'hostent' as a struct that Curl_resolv() returns. It
  543. * returns a Curl_addrinfo pointer that may not always look the same.
  544. */
  545. if(dns)
  546. hp = dns->addr;
  547. if(hp) {
  548. char buf[64];
  549. Curl_printable_address(hp, buf, sizeof(buf));
  550. if(hp->ai_family == AF_INET) {
  551. int i;
  552. struct sockaddr_in *saddr_in;
  553. socksreq[len++] = 1; /* ATYP: IPv4 = 1 */
  554. saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr;
  555. for(i = 0; i < 4; i++) {
  556. socksreq[len++] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[i];
  557. }
  558. infof(data, "SOCKS5 connect to IPv4 %s (locally resolved)\n", buf);
  559. }
  560. #ifdef ENABLE_IPV6
  561. else if(hp->ai_family == AF_INET6) {
  562. int i;
  563. struct sockaddr_in6 *saddr_in6;
  564. socksreq[len++] = 4; /* ATYP: IPv6 = 4 */
  565. saddr_in6 = (struct sockaddr_in6 *)(void *)hp->ai_addr;
  566. for(i = 0; i < 16; i++) {
  567. socksreq[len++] =
  568. ((unsigned char *)&saddr_in6->sin6_addr.s6_addr)[i];
  569. }
  570. infof(data, "SOCKS5 connect to IPv6 %s (locally resolved)\n", buf);
  571. }
  572. #endif
  573. else {
  574. hp = NULL; /* fail! */
  575. failf(data, "SOCKS5 connection to %s not supported\n", buf);
  576. }
  577. Curl_resolv_unlock(data, dns); /* not used anymore from now on */
  578. }
  579. if(!hp) {
  580. failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.",
  581. hostname);
  582. return CURLE_COULDNT_RESOLVE_HOST;
  583. }
  584. }
  585. socksreq[len++] = (unsigned char)((remote_port >> 8) & 0xff); /* PORT MSB */
  586. socksreq[len++] = (unsigned char)(remote_port & 0xff); /* PORT LSB */
  587. #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
  588. if(conn->socks5_gssapi_enctype) {
  589. failf(data, "SOCKS5 GSS-API protection not yet implemented.");
  590. }
  591. else
  592. #endif
  593. code = Curl_write_plain(conn, sock, (char *)socksreq, len, &written);
  594. if(code || (len != written)) {
  595. failf(data, "Failed to send SOCKS5 connect request.");
  596. return CURLE_COULDNT_CONNECT;
  597. }
  598. len = 10; /* minimum packet size is 10 */
  599. #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
  600. if(conn->socks5_gssapi_enctype) {
  601. failf(data, "SOCKS5 GSS-API protection not yet implemented.");
  602. }
  603. else
  604. #endif
  605. result = Curl_blockread_all(conn, sock, (char *)socksreq,
  606. len, &actualread);
  607. if(result || (len != actualread)) {
  608. failf(data, "Failed to receive SOCKS5 connect request ack.");
  609. return CURLE_COULDNT_CONNECT;
  610. }
  611. if(socksreq[0] != 5) { /* version */
  612. failf(data,
  613. "SOCKS5 reply has wrong version, version should be 5.");
  614. return CURLE_COULDNT_CONNECT;
  615. }
  616. /* Fix: in general, returned BND.ADDR is variable length parameter by RFC
  617. 1928, so the reply packet should be read until the end to avoid errors at
  618. subsequent protocol level.
  619. +----+-----+-------+------+----------+----------+
  620. |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT |
  621. +----+-----+-------+------+----------+----------+
  622. | 1 | 1 | X'00' | 1 | Variable | 2 |
  623. +----+-----+-------+------+----------+----------+
  624. ATYP:
  625. o IP v4 address: X'01', BND.ADDR = 4 byte
  626. o domain name: X'03', BND.ADDR = [ 1 byte length, string ]
  627. o IP v6 address: X'04', BND.ADDR = 16 byte
  628. */
  629. /* Calculate real packet size */
  630. if(socksreq[3] == 3) {
  631. /* domain name */
  632. int addrlen = (int) socksreq[4];
  633. len = 5 + addrlen + 2;
  634. }
  635. else if(socksreq[3] == 4) {
  636. /* IPv6 */
  637. len = 4 + 16 + 2;
  638. }
  639. /* At this point we already read first 10 bytes */
  640. #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
  641. if(!conn->socks5_gssapi_enctype) {
  642. /* decrypt_gssapi_blockread already read the whole packet */
  643. #endif
  644. if(len > 10) {
  645. result = Curl_blockread_all(conn, sock, (char *)&socksreq[10],
  646. len - 10, &actualread);
  647. if(result || ((len - 10) != actualread)) {
  648. failf(data, "Failed to receive SOCKS5 connect request ack.");
  649. return CURLE_COULDNT_CONNECT;
  650. }
  651. }
  652. #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
  653. }
  654. #endif
  655. if(socksreq[1] != 0) { /* Anything besides 0 is an error */
  656. if(socksreq[3] == 1) {
  657. failf(data,
  658. "Can't complete SOCKS5 connection to %d.%d.%d.%d:%d. (%d)",
  659. (unsigned char)socksreq[4], (unsigned char)socksreq[5],
  660. (unsigned char)socksreq[6], (unsigned char)socksreq[7],
  661. (((unsigned char)socksreq[8] << 8) |
  662. (unsigned char)socksreq[9]),
  663. (unsigned char)socksreq[1]);
  664. }
  665. else if(socksreq[3] == 3) {
  666. unsigned char port_upper = (unsigned char)socksreq[len - 2];
  667. socksreq[len - 2] = 0;
  668. failf(data,
  669. "Can't complete SOCKS5 connection to %s:%d. (%d)",
  670. (char *)&socksreq[5],
  671. ((port_upper << 8) |
  672. (unsigned char)socksreq[len - 1]),
  673. (unsigned char)socksreq[1]);
  674. socksreq[len - 2] = port_upper;
  675. }
  676. else if(socksreq[3] == 4) {
  677. failf(data,
  678. "Can't complete SOCKS5 connection to %02x%02x:%02x%02x:"
  679. "%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%d. (%d)",
  680. (unsigned char)socksreq[4], (unsigned char)socksreq[5],
  681. (unsigned char)socksreq[6], (unsigned char)socksreq[7],
  682. (unsigned char)socksreq[8], (unsigned char)socksreq[9],
  683. (unsigned char)socksreq[10], (unsigned char)socksreq[11],
  684. (unsigned char)socksreq[12], (unsigned char)socksreq[13],
  685. (unsigned char)socksreq[14], (unsigned char)socksreq[15],
  686. (unsigned char)socksreq[16], (unsigned char)socksreq[17],
  687. (unsigned char)socksreq[18], (unsigned char)socksreq[19],
  688. (((unsigned char)socksreq[20] << 8) |
  689. (unsigned char)socksreq[21]),
  690. (unsigned char)socksreq[1]);
  691. }
  692. return CURLE_COULDNT_CONNECT;
  693. }
  694. infof(data, "SOCKS5 request granted.\n");
  695. (void)curlx_nonblock(sock, TRUE);
  696. return CURLE_OK; /* Proxy was successful! */
  697. }
  698. #endif /* CURL_DISABLE_PROXY */