Add basic support for SOCKS 4 and HTTP CONNECT proxies.

[tinc] / src / protocol_auth.c

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 3f4fa01..e5c4c16 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -1,7 +1,7 @@
 /*
     protocol_auth.c -- handle the meta-protocol, authentication
     Copyright (C) 1999-2005 Ivo Timmermans,
-                  2000-2010 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -31,6 +31,7 @@
 #include "edge.h"
 #include "graph.h"
 #include "logger.h"
+#include "meta.h"
 #include "net.h"
 #include "netutl.h"
 #include "node.h"
@@ -38,7 +39,49 @@
 #include "utils.h"
 #include "xalloc.h"
 
+static bool send_proxyrequest(connection_t *c) {
+       switch(proxytype) {
+               case PROXY_HTTP: {
+                       char *host;
+                       char *port;
+
+                       sockaddr2str(&c->address, &host, &port);
+                       send_request(c, "CONNECT %s:%s HTTP/1.1\r\n\r", host, port);
+                       free(host);
+                       free(port);
+                       return true;
+               }
+               case PROXY_SOCKS4: {
+                       if(c->address.sa.sa_family != AF_INET) {
+                               logger(LOG_ERR, "Cannot connect to an IPv6 host through a SOCKS 4 proxy!");
+                               return false;
+                       }
+                       char s4req[9 + (proxyuser ? strlen(proxyuser) : 0)];
+                       s4req[0] = 4;
+                       s4req[1] = 1;
+                       memcpy(s4req + 2, &c->address.in.sin_port, 2);
+                       memcpy(s4req + 4, &c->address.in.sin_addr, 4);
+                       if(proxyuser)
+                               strcpy(s4req + 8, proxyuser);
+                       s4req[sizeof s4req - 1] = 0;
+                       c->tcplen = 8;
+                       return send_meta(c, s4req, sizeof s4req);
+               }
+               case PROXY_SOCKS4A:
+               case PROXY_SOCKS5:
+                       logger(LOG_ERR, "Proxy type not implemented yet");
+                       return false;
+               default:
+                       logger(LOG_ERR, "Unknown proxy type");
+                       return false;
+       }
+}
+
 bool send_id(connection_t *c) {
+       if(proxytype)
+               if(!send_proxyrequest(c))
+                       return false;
+
        return send_request(c, "%d %s %d", ID, myself->connection->name,
                                                myself->connection->protocol_version);
 }
@@ -109,15 +152,13 @@ bool id_h(connection_t *c) {
 }
 
 bool send_metakey(connection_t *c) {
-       char *buffer;
-       int len;
        bool x;
 
-       len = RSA_size(c->rsa_key);
+       int len = RSA_size(c->rsa_key);
 
        /* Allocate buffers for the meta key */
 
-       buffer = alloca(2 * len + 1);
+       char buffer[2 * len + 1];
        
        c->outkey = xrealloc(c->outkey, len);
 
@@ -287,16 +328,13 @@ bool metakey_h(connection_t *c) {
 }
 
 bool send_challenge(connection_t *c) {
-       char *buffer;
-       int len;
-
        /* CHECKME: what is most reasonable value for len? */
 
-       len = RSA_size(c->rsa_key);
+       int len = RSA_size(c->rsa_key);
 
        /* Allocate buffers for the challenge */
 
-       buffer = alloca(2 * len + 1);
+       char buffer[2 * len + 1];
 
        c->hischallenge = xrealloc(c->hischallenge, len);
 
@@ -580,7 +618,7 @@ bool ack_h(connection_t *c) {
        if(tunnelserver)
                send_add_edge(c, c->edge);
        else
-               send_add_edge(broadcast, c->edge);
+               send_add_edge(everyone, c->edge);
 
        /* Run MST and SSSP algorithms */