-const char gateway_rcs[] = "$Id: gateway.c,v 1.68 2011/02/14 16:03:03 fabiankeil Exp $";
+const char gateway_rcs[] = "$Id: gateway.c,v 1.83 2011/12/24 15:28:45 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/gateway.c,v $
#include "miscutil.h"
#ifdef FEATURE_CONNECTION_KEEP_ALIVE
#ifdef HAVE_POLL
-#ifdef __GLIBC__
+#ifdef __GLIBC__
#include <sys/poll.h>
#else
#include <poll.h>
int target_port,
struct client_state *csp);
-
-#define SOCKS_REQUEST_GRANTED 90
-#define SOCKS_REQUEST_REJECT 91
-#define SOCKS_REQUEST_IDENT_FAILED 92
-#define SOCKS_REQUEST_IDENT_CONFLICT 93
+enum {
+ SOCKS4_REQUEST_GRANTED = 90,
+ SOCKS4_REQUEST_REJECT = 91,
+ SOCKS4_REQUEST_IDENT_FAILED = 92,
+ SOCKS4_REQUEST_IDENT_CONFLICT = 93
+};
enum {
SOCKS5_REQUEST_GRANTED = 0,
sfd, reusable_connection[slot].host,
reusable_connection[slot].port, slot);
mark_connection_closed(&reusable_connection[slot]);
- privoxy_mutex_unlock(&connection_reuse_mutex);
-
- return;
+ break;
}
}
- log_error(LOG_LEVEL_CONNECT,
- "Socket %d already forgotten or never remembered.", sfd);
-
privoxy_mutex_unlock(&connection_reuse_mutex);
+
}
#endif /* def FEATURE_CONNECTION_SHARING */
default:
/* Should never get here */
log_error(LOG_LEVEL_FATAL,
- "SOCKS4 impossible internal error - bad SOCKS type.");
+ "Internal error in forwarded_connect(). Bad proxy type: %d", fwd->type);
}
if (JB_INVALID_SOCKET != sfd)
if (err)
{
log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
- csp->error_message = strdup(errstr);
+ csp->error_message = strdup(errstr);
errno = EINVAL;
return(JB_INVALID_SOCKET);
}
if (sfd == JB_INVALID_SOCKET)
{
- /*
- * XXX: connect_to should fill in the exact reason.
- * Most likely resolving the IP of the forwarder failed.
- */
- errstr = "connect_to failed: see logfile for details";
+ /* The error an its reason have already been logged by connect_to() */
+ return(JB_INVALID_SOCKET);
+ }
+ else if (write_socket(sfd, (char *)c, csiz))
+ {
+ errstr = "SOCKS4 negotiation write failed.";
+ log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
err = 1;
+ close_socket(sfd);
}
else if (!data_is_available(sfd, csp->config->socket_timeout))
{
err = 1;
close_socket(sfd);
}
- else if (write_socket(sfd, (char *)c, csiz))
- {
- errstr = "SOCKS4 negotiation write failed.";
- log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
- err = 1;
- close_socket(sfd);
- }
else if (read_socket(sfd, buf, sizeof(buf)) != sizeof(*s))
{
errstr = "SOCKS4 negotiation read failed.";
if (err)
{
- csp->error_message = strdup(errstr);
+ csp->error_message = strdup(errstr);
return(JB_INVALID_SOCKET);
}
switch (s->cd)
{
- case SOCKS_REQUEST_GRANTED:
+ case SOCKS4_REQUEST_GRANTED:
return(sfd);
- case SOCKS_REQUEST_REJECT:
+ case SOCKS4_REQUEST_REJECT:
errstr = "SOCKS request rejected or failed.";
errno = EINVAL;
break;
- case SOCKS_REQUEST_IDENT_FAILED:
+ case SOCKS4_REQUEST_IDENT_FAILED:
errstr = "SOCKS request rejected because "
"SOCKS server cannot connect to identd on the client.";
errno = EACCES;
break;
- case SOCKS_REQUEST_IDENT_CONFLICT:
+ case SOCKS4_REQUEST_IDENT_CONFLICT:
errstr = "SOCKS request rejected because "
"the client program and identd report "
"different user-ids.";
{
int err = 0;
char cbuf[300];
- char sbuf[30];
+ char sbuf[10];
size_t client_pos = 0;
int server_size = 0;
size_t hostlen = 0;
{
errstr = "socks5 server unreachable";
log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr);
+ /* Free the generic error message provided by connect_to() */
+ freez(csp->error_message);
csp->error_message = strdup(errstr);
return(JB_INVALID_SOCKET);
}
if (write_socket(sfd, cbuf, client_pos))
{
- errstr = "SOCKS5 negotiation read failed";
+ errstr = "SOCKS5 negotiation write failed";
csp->error_message = strdup(errstr);
log_error(LOG_LEVEL_CONNECT, "%s", errstr);
close_socket(sfd);
}
server_size = read_socket(sfd, sbuf, sizeof(sbuf));
- if (server_size < 3)
+ if (server_size != sizeof(sbuf))
{
errstr = "SOCKS5 negotiation read failed";
- err = 1;
- }
- else if (server_size > 20)
- {
- /* This is somewhat unexpected but doesn't realy matter. */
- log_error(LOG_LEVEL_CONNECT, "socks5_connect: read %d bytes "
- "from socks server. Would have accepted up to %d.",
- server_size, sizeof(sbuf));
- }
-
- if (!err && (sbuf[0] != '\x05'))
- {
- errstr = "SOCKS5 negotiation protocol version error";
- err = 1;
- }
-
- if (!err && (sbuf[2] != '\x00'))
- {
- errstr = "SOCKS5 negotiation protocol error";
- err = 1;
}
-
- if (!err)
+ else
{
- if (sbuf[1] == SOCKS5_REQUEST_GRANTED)
+ if (sbuf[0] != '\x05')
+ {
+ errstr = "SOCKS5 negotiation protocol version error";
+ }
+ else if (sbuf[2] != '\x00')
+ {
+ errstr = "SOCKS5 negotiation protocol error";
+ }
+ else if (sbuf[1] != SOCKS5_REQUEST_GRANTED)
+ {
+ errstr = translate_socks5_error(sbuf[1]);
+ }
+ else
{
return(sfd);
}
- errstr = translate_socks5_error(sbuf[1]);
}
assert(errstr != NULL);
csp->error_message = strdup(errstr);
- log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr);
+ if (server_size == -1)
+ {
+ /*
+ * We didn't read() anything from the server at all.
+ * Don't try to log a negative number of characters
+ * which could trigger an assert().
+ */
+ server_size = 0;
+ }
+ log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s: %N", errstr, server_size, sbuf);
close_socket(sfd);
errno = EINVAL;