| /* GIO - GLib Input, Output and Streaming Library |
| * |
| * Copyright (C) 2008, 2010 Collabora, Ltd. |
| * Copyright (C) 2008 Nokia Corporation. All rights reserved. |
| * |
| * SPDX-License-Identifier: LGPL-2.1-or-later |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General |
| * Public License along with this library; if not, see <http://www.gnu.org/licenses/>. |
| * |
| * Author: Youness Alaoui <youness.alaoui@collabora.co.uk |
| * |
| * Contributors: |
| * Nicolas Dufresne <nicolas.dufresne@collabora.co.uk> |
| */ |
| |
| #include "config.h" |
| |
| #include "gsocks5proxy.h" |
| |
| #include <string.h> |
| |
| #include "giomodule.h" |
| #include "giomodule-priv.h" |
| #include "giostream.h" |
| #include "ginetaddress.h" |
| #include "ginputstream.h" |
| #include "glibintl.h" |
| #include "goutputstream.h" |
| #include "gproxy.h" |
| #include "gproxyaddress.h" |
| #include "gtask.h" |
| |
| #define SOCKS5_VERSION 0x05 |
| |
| #define SOCKS5_CMD_CONNECT 0x01 |
| #define SOCKS5_CMD_BIND 0x02 |
| #define SOCKS5_CMD_UDP_ASSOCIATE 0x03 |
| |
| #define SOCKS5_ATYP_IPV4 0x01 |
| #define SOCKS5_ATYP_DOMAINNAME 0x03 |
| #define SOCKS5_ATYP_IPV6 0x04 |
| |
| #define SOCKS5_AUTH_VERSION 0x01 |
| |
| #define SOCKS5_AUTH_NONE 0x00 |
| #define SOCKS5_AUTH_GSSAPI 0x01 |
| #define SOCKS5_AUTH_USR_PASS 0x02 |
| #define SOCKS5_AUTH_NO_ACCEPT 0xff |
| |
| #define SOCKS5_MAX_LEN 255 |
| #define SOCKS5_RESERVED 0x00 |
| |
| #define SOCKS5_REP_SUCCEEDED 0x00 |
| #define SOCKS5_REP_SRV_FAILURE 0x01 |
| #define SOCKS5_REP_NOT_ALLOWED 0x02 |
| #define SOCKS5_REP_NET_UNREACH 0x03 |
| #define SOCKS5_REP_HOST_UNREACH 0x04 |
| #define SOCKS5_REP_REFUSED 0x05 |
| #define SOCKS5_REP_TTL_EXPIRED 0x06 |
| #define SOCKS5_REP_CMD_NOT_SUP 0x07 |
| #define SOCKS5_REP_ATYPE_NOT_SUP 0x08 |
| |
| |
| struct _GSocks5Proxy |
| { |
| GObject parent; |
| }; |
| |
| struct _GSocks5ProxyClass |
| { |
| GObjectClass parent_class; |
| }; |
| |
| static void g_socks5_proxy_iface_init (GProxyInterface *proxy_iface); |
| |
| #define g_socks5_proxy_get_type _g_socks5_proxy_get_type |
| G_DEFINE_TYPE_WITH_CODE (GSocks5Proxy, g_socks5_proxy, G_TYPE_OBJECT, |
| G_IMPLEMENT_INTERFACE (G_TYPE_PROXY, |
| g_socks5_proxy_iface_init) |
| _g_io_modules_ensure_extension_points_registered (); |
| g_io_extension_point_implement (G_PROXY_EXTENSION_POINT_NAME, |
| g_define_type_id, |
| "socks5", |
| 0)) |
| |
| static void |
| g_socks5_proxy_finalize (GObject *object) |
| { |
| /* must chain up */ |
| G_OBJECT_CLASS (g_socks5_proxy_parent_class)->finalize (object); |
| } |
| |
| static void |
| g_socks5_proxy_init (GSocks5Proxy *proxy) |
| { |
| } |
| |
| /* |
| * +----+----------+----------+ |
| * |VER | NMETHODS | METHODS | |
| * +----+----------+----------+ |
| * | 1 | 1 | 1 to 255 | |
| * +----+----------+----------+ |
| */ |
| #define SOCKS5_NEGO_MSG_LEN 4 |
| static gint |
| set_nego_msg (guint8 *msg, gboolean has_auth) |
| { |
| gint len = 3; |
| |
| msg[0] = SOCKS5_VERSION; |
| msg[1] = 0x01; /* number of methods supported */ |
| msg[2] = SOCKS5_AUTH_NONE; |
| |
| /* add support for authentication method */ |
| if (has_auth) |
| { |
| msg[1] = 0x02; /* number of methods supported */ |
| msg[3] = SOCKS5_AUTH_USR_PASS; |
| len++; |
| } |
| |
| return len; |
| } |
| |
| |
| /* |
| * +----+--------+ |
| * |VER | METHOD | |
| * +----+--------+ |
| * | 1 | 1 | |
| * +----+--------+ |
| */ |
| #define SOCKS5_NEGO_REP_LEN 2 |
| static gboolean |
| parse_nego_reply (const guint8 *data, |
| gboolean has_auth, |
| gboolean *must_auth, |
| GError **error) |
| { |
| if (data[0] != SOCKS5_VERSION) |
| { |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("The server is not a SOCKSv5 proxy server.")); |
| return FALSE; |
| } |
| |
| switch (data[1]) |
| { |
| case SOCKS5_AUTH_NONE: |
| *must_auth = FALSE; |
| break; |
| |
| case SOCKS5_AUTH_USR_PASS: |
| if (!has_auth) |
| { |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_NEED_AUTH, |
| _("The SOCKSv5 proxy requires authentication.")); |
| return FALSE; |
| } |
| *must_auth = TRUE; |
| break; |
| |
| case SOCKS5_AUTH_NO_ACCEPT: |
| if (!has_auth) |
| { |
| /* The server has said it accepts none of our authentication methods, |
| * but given the slightly odd implementation of set_nego_msg(), we |
| * actually only gave it the choice of %SOCKS5_AUTH_NONE, since the |
| * caller specified no username or password. |
| * Return %G_IO_ERROR_PROXY_NEED_AUTH so the caller knows that if |
| * they specify a username and password and try again, authentication |
| * might succeed (since we’ll send %SOCKS5_AUTH_USR_PASS next time). */ |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_NEED_AUTH, |
| _("The SOCKSv5 proxy requires authentication.")); |
| return FALSE; |
| } |
| G_GNUC_FALLTHROUGH; |
| case SOCKS5_AUTH_GSSAPI: |
| default: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_AUTH_FAILED, |
| _("The SOCKSv5 proxy requires an authentication " |
| "method that is not supported by GLib.")); |
| return FALSE; |
| break; |
| } |
| |
| return TRUE; |
| } |
| |
| #define SOCKS5_AUTH_MSG_LEN 515 |
| static gint |
| set_auth_msg (guint8 *msg, |
| const gchar *username, |
| const gchar *password, |
| GError **error) |
| { |
| gint len = 0; |
| gint ulen = 0; /* username length */ |
| gint plen = 0; /* Password length */ |
| |
| if (username) |
| ulen = strlen (username); |
| |
| if (password) |
| plen = strlen (password); |
| |
| if (ulen > SOCKS5_MAX_LEN || plen > SOCKS5_MAX_LEN) |
| { |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("Username or password is too long for SOCKSv5 " |
| "protocol.")); |
| return -1; |
| } |
| |
| msg[len++] = SOCKS5_AUTH_VERSION; |
| msg[len++] = ulen; |
| |
| if (ulen > 0) |
| memcpy (msg + len, username, ulen); |
| |
| len += ulen; |
| msg[len++] = plen; |
| |
| if (plen > 0) |
| memcpy (msg + len, password, plen); |
| |
| len += plen; |
| |
| return len; |
| } |
| |
| |
| static gboolean |
| check_auth_status (const guint8 *data, GError **error) |
| { |
| if (data[0] != SOCKS5_AUTH_VERSION |
| || data[1] != SOCKS5_REP_SUCCEEDED) |
| { |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_AUTH_FAILED, |
| _("SOCKSv5 authentication failed due to wrong " |
| "username or password.")); |
| return FALSE; |
| } |
| return TRUE; |
| } |
| |
| /* |
| * +----+-----+-------+------+----------+----------+ |
| * |VER | CMD | RSV | ATYP | DST.ADDR | DST.PORT | |
| * +----+-----+-------+------+----------+----------+ |
| * | 1 | 1 | X'00' | 1 | Variable | 2 | |
| * +----+-----+-------+------+----------+----------+ |
| * DST.ADDR is a string with first byte being the size. So DST.ADDR may not be |
| * longer then 256 bytes. |
| */ |
| #define SOCKS5_CONN_MSG_LEN 262 |
| static gint |
| set_connect_msg (guint8 *msg, |
| const gchar *hostname, |
| guint16 port, |
| GError **error) |
| { |
| guint len = 0; |
| |
| msg[len++] = SOCKS5_VERSION; |
| msg[len++] = SOCKS5_CMD_CONNECT; |
| msg[len++] = SOCKS5_RESERVED; |
| |
| if (g_hostname_is_ip_address (hostname)) |
| { |
| GInetAddress *addr = g_inet_address_new_from_string (hostname); |
| gsize addr_len = g_inet_address_get_native_size (addr); |
| |
| /* We are cheating for simplicity, here's the logic: |
| * 1 = IPV4 = 4 bytes / 4 |
| * 4 = IPV6 = 16 bytes / 4 */ |
| msg[len++] = addr_len / 4; |
| memcpy (msg + len, g_inet_address_to_bytes (addr), addr_len); |
| len += addr_len; |
| |
| g_object_unref (addr); |
| } |
| else |
| { |
| gsize host_len = strlen (hostname); |
| |
| if (host_len > SOCKS5_MAX_LEN) |
| { |
| g_set_error (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("Hostname “%s” is too long for SOCKSv5 protocol"), |
| hostname); |
| return -1; |
| } |
| |
| msg[len++] = SOCKS5_ATYP_DOMAINNAME; |
| msg[len++] = (guint8) host_len; |
| memcpy (msg + len, hostname, host_len); |
| len += host_len; |
| } |
| |
| { |
| guint16 hp = g_htons (port); |
| memcpy (msg + len, &hp, 2); |
| len += 2; |
| } |
| |
| return len; |
| } |
| |
| /* |
| * +----+-----+-------+------+----------+----------+ |
| * |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT | |
| * +----+-----+-------+------+----------+----------+ |
| * | 1 | 1 | X'00' | 1 | Variable | 2 | |
| * +----+-----+-------+------+----------+----------+ |
| * This reply need to be read by small part to determine size. Buffer |
| * size is determined in function of the biggest part to read. |
| * |
| * The parser only requires 4 bytes. |
| */ |
| #define SOCKS5_CONN_REP_LEN 257 |
| static gboolean |
| parse_connect_reply (const guint8 *data, gint *atype, GError **error) |
| { |
| if (data[0] != SOCKS5_VERSION) |
| { |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("The server is not a SOCKSv5 proxy server.")); |
| return FALSE; |
| } |
| |
| switch (data[1]) |
| { |
| case SOCKS5_REP_SUCCEEDED: |
| if (data[2] != SOCKS5_RESERVED) |
| { |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("The server is not a SOCKSv5 proxy server.")); |
| return FALSE; |
| } |
| |
| switch (data[3]) |
| { |
| case SOCKS5_ATYP_IPV4: |
| case SOCKS5_ATYP_IPV6: |
| case SOCKS5_ATYP_DOMAINNAME: |
| *atype = data[3]; |
| break; |
| |
| default: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("The SOCKSv5 proxy server uses unknown address type.")); |
| return FALSE; |
| } |
| break; |
| |
| case SOCKS5_REP_SRV_FAILURE: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("Internal SOCKSv5 proxy server error.")); |
| return FALSE; |
| break; |
| |
| case SOCKS5_REP_NOT_ALLOWED: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_NOT_ALLOWED, |
| _("SOCKSv5 connection not allowed by ruleset.")); |
| return FALSE; |
| break; |
| |
| case SOCKS5_REP_TTL_EXPIRED: |
| case SOCKS5_REP_HOST_UNREACH: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_HOST_UNREACHABLE, |
| _("Host unreachable through SOCKSv5 server.")); |
| return FALSE; |
| break; |
| |
| case SOCKS5_REP_NET_UNREACH: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_NETWORK_UNREACHABLE, |
| _("Network unreachable through SOCKSv5 proxy.")); |
| return FALSE; |
| break; |
| |
| case SOCKS5_REP_REFUSED: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_CONNECTION_REFUSED, |
| _("Connection refused through SOCKSv5 proxy.")); |
| return FALSE; |
| break; |
| |
| case SOCKS5_REP_CMD_NOT_SUP: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("SOCKSv5 proxy does not support “connect” command.")); |
| return FALSE; |
| break; |
| |
| case SOCKS5_REP_ATYPE_NOT_SUP: |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("SOCKSv5 proxy does not support provided address type.")); |
| return FALSE; |
| break; |
| |
| default: /* Unknown error */ |
| g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_PROXY_FAILED, |
| _("Unknown SOCKSv5 proxy error.")); |
| return FALSE; |
| break; |
| } |
| |
| return TRUE; |
| } |
| |
| static GIOStream * |
| g_socks5_proxy_connect (GProxy *proxy, |
| GIOStream *io_stream, |
| GProxyAddress *proxy_address, |
| GCancellable *cancellable, |
| GError **error) |
| { |
| gboolean has_auth; |
| GInputStream *in; |
| GOutputStream *out; |
| const gchar *hostname; |
| guint16 port; |
| const gchar *username; |
| const gchar *password; |
| |
| hostname = g_proxy_address_get_destination_hostname (proxy_address); |
| port = g_proxy_address_get_destination_port (proxy_address); |
| username = g_proxy_address_get_username (proxy_address); |
| password = g_proxy_address_get_password (proxy_address); |
| |
| has_auth = username || password; |
| |
| in = g_io_stream_get_input_stream (io_stream); |
| out = g_io_stream_get_output_stream (io_stream); |
| |
| /* Send SOCKS5 handshake */ |
| { |
| guint8 msg[SOCKS5_NEGO_MSG_LEN]; |
| gint len; |
| |
| len = set_nego_msg (msg, has_auth); |
| |
| if (!g_output_stream_write_all (out, msg, len, NULL, |
| cancellable, error)) |
| goto error; |
| } |
| |
| /* Receive SOCKS5 response and reply with authentication if required */ |
| { |
| guint8 data[SOCKS5_NEGO_REP_LEN]; |
| gboolean must_auth = FALSE; |
| |
| if (!g_input_stream_read_all (in, data, sizeof (data), NULL, |
| cancellable, error)) |
| goto error; |
| |
| if (!parse_nego_reply (data, has_auth, &must_auth, error)) |
| goto error; |
| |
| if (must_auth) |
| { |
| guint8 msg[SOCKS5_AUTH_MSG_LEN]; |
| gint len; |
| |
| len = set_auth_msg (msg, username, password, error); |
| |
| if (len < 0) |
| goto error; |
| |
| if (!g_output_stream_write_all (out, msg, len, NULL, |
| cancellable, error)) |
| goto error; |
| |
| if (!g_input_stream_read_all (in, data, sizeof (data), NULL, |
| cancellable, error)) |
| goto error; |
| |
| if (!check_auth_status (data, error)) |
| goto error; |
| } |
| } |
| |
| /* Send SOCKS5 connection request */ |
| { |
| guint8 msg[SOCKS5_CONN_MSG_LEN]; |
| gint len; |
| |
| len = set_connect_msg (msg, hostname, port, error); |
| |
| if (len < 0) |
| goto error; |
| |
| if (!g_output_stream_write_all (out, msg, len, NULL, |
| cancellable, error)) |
| goto error; |
| } |
| |
| /* Read SOCKS5 response */ |
| { |
| guint8 data[SOCKS5_CONN_REP_LEN]; |
| gint atype; |
| |
| if (!g_input_stream_read_all (in, data, 4 /* VER, REP, RSV, ATYP */, NULL, |
| cancellable, error)) |
| goto error; |
| |
| if (!parse_connect_reply (data, &atype, error)) |
| goto error; |
| |
| switch (atype) |
| { |
| case SOCKS5_ATYP_IPV4: |
| if (!g_input_stream_read_all (in, data, |
| 4 /* IPv4 length */ + 2 /* port */, |
| NULL, cancellable, error)) |
| goto error; |
| break; |
| |
| case SOCKS5_ATYP_IPV6: |
| if (!g_input_stream_read_all (in, data, |
| 16 /* IPv6 length */ + 2 /* port */, |
| NULL, cancellable, error)) |
| goto error; |
| break; |
| |
| case SOCKS5_ATYP_DOMAINNAME: |
| if (!g_input_stream_read_all (in, data, 1 /* domain name length */, |
| NULL, cancellable, error)) |
| goto error; |
| if (!g_input_stream_read_all (in, data, |
| data[0] /* domain name length */ + 2 /* port */, |
| NULL, cancellable, error)) |
| goto error; |
| break; |
| } |
| } |
| |
| return g_object_ref (io_stream); |
| |
| error: |
| return NULL; |
| } |
| |
| |
| typedef struct |
| { |
| GIOStream *io_stream; |
| gchar *hostname; |
| guint16 port; |
| gchar *username; |
| gchar *password; |
| guint8 *buffer; |
| gssize length; |
| gssize offset; |
| } ConnectAsyncData; |
| |
| static void nego_msg_write_cb (GObject *source, |
| GAsyncResult *res, |
| gpointer user_data); |
| static void nego_reply_read_cb (GObject *source, |
| GAsyncResult *res, |
| gpointer user_data); |
| static void auth_msg_write_cb (GObject *source, |
| GAsyncResult *res, |
| gpointer user_data); |
| static void auth_reply_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data); |
| static void send_connect_msg (GTask *task); |
| static void connect_msg_write_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data); |
| static void connect_reply_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data); |
| static void connect_addr_len_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data); |
| static void connect_addr_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data); |
| |
| static void |
| free_connect_data (ConnectAsyncData *data) |
| { |
| g_object_unref (data->io_stream); |
| |
| g_free (data->hostname); |
| g_free (data->username); |
| g_free (data->password); |
| g_free (data->buffer); |
| |
| g_slice_free (ConnectAsyncData, data); |
| } |
| |
| static void |
| do_read (GAsyncReadyCallback callback, GTask *task, ConnectAsyncData *data) |
| { |
| GInputStream *in; |
| in = g_io_stream_get_input_stream (data->io_stream); |
| g_input_stream_read_async (in, |
| data->buffer + data->offset, |
| data->length - data->offset, |
| g_task_get_priority (task), |
| g_task_get_cancellable (task), |
| callback, task); |
| } |
| |
| static void |
| do_write (GAsyncReadyCallback callback, GTask *task, ConnectAsyncData *data) |
| { |
| GOutputStream *out; |
| out = g_io_stream_get_output_stream (data->io_stream); |
| g_output_stream_write_async (out, |
| data->buffer + data->offset, |
| data->length - data->offset, |
| g_task_get_priority (task), |
| g_task_get_cancellable (task), |
| callback, task); |
| } |
| |
| static void |
| g_socks5_proxy_connect_async (GProxy *proxy, |
| GIOStream *io_stream, |
| GProxyAddress *proxy_address, |
| GCancellable *cancellable, |
| GAsyncReadyCallback callback, |
| gpointer user_data) |
| { |
| GTask *task; |
| ConnectAsyncData *data; |
| |
| data = g_slice_new0 (ConnectAsyncData); |
| data->io_stream = g_object_ref (io_stream); |
| |
| task = g_task_new (proxy, cancellable, callback, user_data); |
| g_task_set_source_tag (task, g_socks5_proxy_connect_async); |
| g_task_set_task_data (task, data, (GDestroyNotify) free_connect_data); |
| |
| g_object_get (G_OBJECT (proxy_address), |
| "destination-hostname", &data->hostname, |
| "destination-port", &data->port, |
| "username", &data->username, |
| "password", &data->password, |
| NULL); |
| |
| data->buffer = g_malloc0 (SOCKS5_NEGO_MSG_LEN); |
| data->length = set_nego_msg (data->buffer, |
| data->username || data->password); |
| data->offset = 0; |
| |
| do_write (nego_msg_write_cb, task, data); |
| } |
| |
| |
| static void |
| nego_msg_write_cb (GObject *source, |
| GAsyncResult *res, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize written; |
| |
| written = g_output_stream_write_finish (G_OUTPUT_STREAM (source), |
| res, &error); |
| |
| if (written < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += written; |
| |
| if (data->offset == data->length) |
| { |
| g_free (data->buffer); |
| |
| data->buffer = g_malloc0 (SOCKS5_NEGO_REP_LEN); |
| data->length = SOCKS5_NEGO_REP_LEN; |
| data->offset = 0; |
| |
| do_read (nego_reply_read_cb, task, data); |
| } |
| else |
| { |
| do_write (nego_msg_write_cb, task, data); |
| } |
| } |
| |
| static void |
| nego_reply_read_cb (GObject *source, |
| GAsyncResult *res, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize read; |
| |
| read = g_input_stream_read_finish (G_INPUT_STREAM (source), |
| res, &error); |
| |
| if (read < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| if (read == 0) |
| { |
| g_task_return_new_error_literal (task, |
| G_IO_ERROR, |
| G_IO_ERROR_CONNECTION_CLOSED, |
| "Connection to SOCKSv5 proxy server lost"); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += read; |
| |
| if (data->offset == data->length) |
| { |
| gboolean must_auth = FALSE; |
| gboolean has_auth = data->username || data->password; |
| |
| if (!parse_nego_reply (data->buffer, has_auth, &must_auth, &error)) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| if (must_auth) |
| { |
| g_free (data->buffer); |
| |
| data->buffer = g_malloc0 (SOCKS5_AUTH_MSG_LEN); |
| data->length = set_auth_msg (data->buffer, |
| data->username, |
| data->password, |
| &error); |
| data->offset = 0; |
| |
| if (data->length < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| do_write (auth_msg_write_cb, task, data); |
| } |
| else |
| { |
| send_connect_msg (task); |
| } |
| } |
| else |
| { |
| do_read (nego_reply_read_cb, task, data); |
| } |
| } |
| |
| static void |
| auth_msg_write_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize written; |
| |
| written = g_output_stream_write_finish (G_OUTPUT_STREAM (source), |
| result, &error); |
| |
| if (written < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += written; |
| |
| if (data->offset == data->length) |
| { |
| g_free (data->buffer); |
| |
| data->buffer = g_malloc0 (SOCKS5_NEGO_REP_LEN); |
| data->length = SOCKS5_NEGO_REP_LEN; |
| data->offset = 0; |
| |
| do_read (auth_reply_read_cb, task, data); |
| } |
| else |
| { |
| do_write (auth_msg_write_cb, task, data); |
| } |
| } |
| |
| static void |
| auth_reply_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize read; |
| |
| read = g_input_stream_read_finish (G_INPUT_STREAM (source), |
| result, &error); |
| |
| if (read < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| if (read == 0) |
| { |
| g_task_return_new_error_literal (task, |
| G_IO_ERROR, |
| G_IO_ERROR_CONNECTION_CLOSED, |
| "Connection to SOCKSv5 proxy server lost"); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += read; |
| |
| if (data->offset == data->length) |
| { |
| if (!check_auth_status (data->buffer, &error)) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| send_connect_msg (task); |
| } |
| else |
| { |
| do_read (auth_reply_read_cb, task, data); |
| } |
| } |
| |
| static void |
| send_connect_msg (GTask *task) |
| { |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| |
| g_free (data->buffer); |
| |
| data->buffer = g_malloc0 (SOCKS5_CONN_MSG_LEN); |
| data->length = set_connect_msg (data->buffer, |
| data->hostname, |
| data->port, |
| &error); |
| data->offset = 0; |
| |
| if (data->length < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| do_write (connect_msg_write_cb, task, data); |
| } |
| |
| static void |
| connect_msg_write_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize written; |
| |
| written = g_output_stream_write_finish (G_OUTPUT_STREAM (source), |
| result, &error); |
| |
| if (written < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += written; |
| |
| if (data->offset == data->length) |
| { |
| g_free (data->buffer); |
| |
| data->buffer = g_malloc0 (SOCKS5_CONN_REP_LEN); |
| data->length = 4; |
| data->offset = 0; |
| |
| do_read (connect_reply_read_cb, task, data); |
| } |
| else |
| { |
| do_write (connect_msg_write_cb, task, data); |
| } |
| } |
| |
| static void |
| connect_reply_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize read; |
| |
| read = g_input_stream_read_finish (G_INPUT_STREAM (source), |
| result, &error); |
| |
| if (read < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| if (read == 0) |
| { |
| g_task_return_new_error_literal (task, |
| G_IO_ERROR, |
| G_IO_ERROR_CONNECTION_CLOSED, |
| "Connection to SOCKSv5 proxy server lost"); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += read; |
| |
| if (data->offset == data->length) |
| { |
| gint atype; |
| |
| if (!parse_connect_reply (data->buffer, &atype, &error)) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| switch (atype) |
| { |
| case SOCKS5_ATYP_IPV4: |
| data->length = 6; |
| data->offset = 0; |
| do_read (connect_addr_read_cb, task, data); |
| break; |
| |
| case SOCKS5_ATYP_IPV6: |
| data->length = 18; |
| data->offset = 0; |
| do_read (connect_addr_read_cb, task, data); |
| break; |
| |
| case SOCKS5_ATYP_DOMAINNAME: |
| data->length = 1; |
| data->offset = 0; |
| do_read (connect_addr_len_read_cb, task, data); |
| break; |
| } |
| } |
| else |
| { |
| do_read (connect_reply_read_cb, task, data); |
| } |
| } |
| |
| static void |
| connect_addr_len_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize read; |
| |
| read = g_input_stream_read_finish (G_INPUT_STREAM (source), |
| result, &error); |
| |
| if (read < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| if (read == 0) |
| { |
| g_task_return_new_error_literal (task, |
| G_IO_ERROR, |
| G_IO_ERROR_CONNECTION_CLOSED, |
| "Connection to SOCKSv5 proxy server lost"); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->length = data->buffer[0] + 2; |
| data->offset = 0; |
| |
| do_read (connect_addr_read_cb, task, data); |
| } |
| |
| static void |
| connect_addr_read_cb (GObject *source, |
| GAsyncResult *result, |
| gpointer user_data) |
| { |
| GTask *task = user_data; |
| ConnectAsyncData *data = g_task_get_task_data (task); |
| GError *error = NULL; |
| gssize read; |
| |
| read = g_input_stream_read_finish (G_INPUT_STREAM (source), |
| result, &error); |
| |
| if (read < 0) |
| { |
| g_task_return_error (task, error); |
| g_object_unref (task); |
| return; |
| } |
| |
| if (read == 0) |
| { |
| g_task_return_new_error_literal (task, |
| G_IO_ERROR, |
| G_IO_ERROR_CONNECTION_CLOSED, |
| "Connection to SOCKSv5 proxy server lost"); |
| g_object_unref (task); |
| return; |
| } |
| |
| data->offset += read; |
| |
| if (data->offset == data->length) |
| { |
| g_task_return_pointer (task, g_object_ref (data->io_stream), g_object_unref); |
| g_object_unref (task); |
| return; |
| } |
| else |
| { |
| do_read (connect_reply_read_cb, task, data); |
| } |
| } |
| |
| static GIOStream * |
| g_socks5_proxy_connect_finish (GProxy *proxy, |
| GAsyncResult *result, |
| GError **error) |
| { |
| return g_task_propagate_pointer (G_TASK (result), error); |
| } |
| |
| static gboolean |
| g_socks5_proxy_supports_hostname (GProxy *proxy) |
| { |
| return TRUE; |
| } |
| |
| static void |
| g_socks5_proxy_class_init (GSocks5ProxyClass *class) |
| { |
| GObjectClass *object_class; |
| |
| object_class = (GObjectClass *) class; |
| object_class->finalize = g_socks5_proxy_finalize; |
| } |
| |
| static void |
| g_socks5_proxy_iface_init (GProxyInterface *proxy_iface) |
| { |
| proxy_iface->connect = g_socks5_proxy_connect; |
| proxy_iface->connect_async = g_socks5_proxy_connect_async; |
| proxy_iface->connect_finish = g_socks5_proxy_connect_finish; |
| proxy_iface->supports_hostname = g_socks5_proxy_supports_hostname; |
| } |