mirror of
https://github.com/3proxy/3proxy.git
synced 2025-04-04 19:53:12 +08:00
Compare commits
27 Commits
4e1420ffb9
...
6133d6002d
| Author | SHA1 | Date | |
|---|---|---|---|
|
6133d6002d | ||
|
|
7aad0205e1 | ||
|
|
89b45b1b2a | ||
|
|
27c9e62faa | ||
|
|
7888502cd5 | ||
|
|
9429421314 | ||
|
|
00b3e02e05 | ||
|
|
08177f2161 | ||
|
|
188b0a2841 | ||
|
|
a37e6e5a81 | ||
|
|
8fc31a7336 | ||
|
|
4eb0ca60b7 | ||
|
|
584fdfd51f | ||
|
|
5a6e9c92e3 | ||
|
|
eaf66dc8d1 | ||
|
|
e6f5f7b5e0 | ||
|
|
d48f24ac84 | ||
|
|
4de45ff3a8 | ||
|
|
74081c8146 | ||
|
|
c71370ec03 | ||
|
|
b1b64972c5 | ||
|
|
db7ef4ba2f | ||
|
|
51fc2f6dcb | ||
|
|
16bd55a074 | ||
|
|
0ca9030520 | ||
|
|
87255a8201 | ||
|
|
090baeab33 |
50
.github/workflows/c-cpp.yml
vendored
Normal file
50
.github/workflows/c-cpp.yml
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
name: C/C++ CI
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "master" ]
|
||||
paths: [ '**.c', '**.h', 'Makefile.**', '.github/configs', '.github/workflows/c-cpp.yml' ]
|
||||
pull_request:
|
||||
branches: [ "master" ]
|
||||
paths: [ '**.c', '**.h', 'Makefile.**', '.github/configs', '.github/workflows/c-cpp.yml' ]
|
||||
|
||||
jobs:
|
||||
ci:
|
||||
name: "${{ matrix.target }}"
|
||||
strategy:
|
||||
matrix:
|
||||
target:
|
||||
- ubuntu-latest
|
||||
- ubuntu-24.04-arm
|
||||
- macos-15
|
||||
- windows-2022
|
||||
runs-on: ${{ matrix.target }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
# - name: configure
|
||||
# run: ./configure
|
||||
- name: ln Linux
|
||||
if: ${{ startsWith(matrix.target, 'ubuntu') }}
|
||||
run: ln -s Makefile.Linux Makefile
|
||||
- name: ln Mac
|
||||
if: ${{ startsWith(matrix.target, 'macos') }}
|
||||
run: ln -s Makefile.FreeBSD Makefile
|
||||
- name: ln Windows
|
||||
if: ${{ startsWith(matrix.target, 'windows') }}
|
||||
run: copy Makefile.win Makefile
|
||||
- name: dirs Windows
|
||||
if: ${{ startsWith(matrix.target, 'windows') }}
|
||||
run: cmd /C 'echo LIBS := -L "c:/program files/openssl/lib" $(LIBS) >>Makefile.win && echo CFLAGS := -I "c:/program files/openssl/include" $(CFLAGS) >>Makefile.win && type Makefile.win'
|
||||
- name: SSLPlugin Linux
|
||||
if: ${{ startsWith(matrix.target, 'ubuntu') }}
|
||||
run: 'echo PLUGINS := $(PLUGINS) SSLPlugin >>Makefile & echo LIBS := $(LIBS) -lcrypto -lssl >>Makefile'
|
||||
- name: make
|
||||
run: make
|
||||
- name: mkdir
|
||||
if: ${{ startsWith(matrix.target, 'ubuntu') }}
|
||||
run: mkdir ~/3proxy
|
||||
- name: make install
|
||||
if: ${{ startsWith(matrix.target, 'ubuntu') }}
|
||||
run: make DESTDIR=~/3proxy install
|
||||
- name: make clean
|
||||
run: make clean
|
||||
@ -10,13 +10,13 @@
|
||||
|
||||
BUILDDIR = ../bin/
|
||||
CC = clang
|
||||
CFLAGS = -O2 -fno-strict-aliasing -c -pthread -static -DWITH_STD_MALLOC -DNOIPV6
|
||||
CFLAGS = -O2 -fno-strict-aliasing -c -pthread -DWITH_STD_MALLOC -DWITH_WSAPOLL
|
||||
COUT = -o
|
||||
LN = $(CC)
|
||||
LDFLAGS = -O2 -fno-strict-aliasing -static -s
|
||||
LDFLAGS = -O2 -fno-strict-aliasing -s
|
||||
DLFLAGS = -shared
|
||||
DLSUFFICS = .dll
|
||||
LIBS = -lws2_32 -lodbc32 -ladvapi32
|
||||
LIBS = -lws2_32 -lodbc32 -ladvapi32 -luser32 -lcrypto -lssl
|
||||
LIBSPREFIX = -l
|
||||
LIBSSUFFIX =
|
||||
LNOUT = -o
|
||||
@ -28,10 +28,19 @@ REMOVECOMMAND = rm -f
|
||||
AFTERCLEAN = find src/ -type f -name "*.o" -delete && find src/ -type f -name "Makefile.var" -delete && find bin/ -type f -executable -delete
|
||||
TYPECOMMAND = cat
|
||||
COMPATLIBS =
|
||||
MAKEFILE = Makefile.win
|
||||
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin
|
||||
MAKEFILE = Makefile.llvm
|
||||
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin SSLPlugin
|
||||
VERFILE := 3proxy.res $(VERFILE)
|
||||
VERSION := $(VERSION)
|
||||
VERSIONDEP := 3proxy.res $(VERSIONDEP)
|
||||
BUILDDATE := $(BUILDDATE)
|
||||
AFTERCLEAN = (find . -type f -name "*.o" -delete && find . -type f -name "*.res" -delete && find src/ -type f -name "Makefile.var" -delete && find bin/ -type f -executable -delete) || true
|
||||
|
||||
include Makefile.inc
|
||||
|
||||
3proxy.res:
|
||||
llvm-rc 3proxy.rc
|
||||
|
||||
allplugins:
|
||||
for /D %%i in ($(PLUGINS)) do (copy Makefile plugins\%%i && copy Makefile.var plugins\%%i && cd plugins\%%i && nmake && del *.o &&cd ..\..)
|
||||
@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ; cd ../.. ; done
|
||||
|
||||
|
||||
17
Makefile.win
17
Makefile.win
@ -10,13 +10,13 @@
|
||||
|
||||
BUILDDIR = ../bin/
|
||||
CC = gcc
|
||||
CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC -DNOIPV6 -DNORADIUS
|
||||
CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC -DWITH_WSAPOLL
|
||||
COUT = -o
|
||||
LN = gcc
|
||||
LDFLAGS = -O2 -s -mthreads
|
||||
DLFLAGS = -shared
|
||||
DLSUFFICS = .dll
|
||||
LIBS = -lws2_32 -lodbc32 -ladvapi32
|
||||
LIBS = -lws2_32 -lodbc32 -ladvapi32 -luser32 -lcrypto -lssl
|
||||
LIBSPREFIX = -l
|
||||
LIBSSUFFIX =
|
||||
LNOUT = -o
|
||||
@ -28,9 +28,18 @@ REMOVECOMMAND = rm -f
|
||||
TYPECOMMAND = cat
|
||||
COMPATLIBS =
|
||||
MAKEFILE = Makefile.win
|
||||
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin
|
||||
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin SSLPLugin
|
||||
VERFILE := 3proxyres.o $(VERFILE)
|
||||
VERSION := $(VERSION)
|
||||
VERSIONDEP := 3proxyres.o $(VERSIONDEP)
|
||||
BUILDDATE := $(BUILDDATE)
|
||||
AFTERCLEAN = (find . -type f -name "*.o" -delete && find . -type f -name "*.res" -delete && find src/ -type f -name "Makefile.var" -delete && find bin/ -type f -executable -delete) || true
|
||||
|
||||
include Makefile.inc
|
||||
|
||||
3proxyres.o:
|
||||
windres 3proxy.rc -o 3proxyres.o
|
||||
|
||||
allplugins:
|
||||
@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ; rm *.o ; cd ../.. ; done
|
||||
@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ; cd ../.. ; done
|
||||
|
||||
|
||||
@ -291,7 +291,7 @@ Also, you must specify logformat to build SQL query, to insert recod into
|
||||
log, see <A HREF="#LOGFORMAT">How to setup logging format</A>
|
||||
</p>
|
||||
<p>
|
||||
Rotation and archiving may be set up with log, rotate ¨ archiver commands
|
||||
Rotation and archiving may be set up with log, rotate ¨ archiver commands
|
||||
<pre>
|
||||
log filename LOGTYPE
|
||||
</pre>
|
||||
@ -367,12 +367,19 @@ logformat "L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
|
||||
<br>(no line breaks)
|
||||
</p>
|
||||
<p>
|
||||
If ODBC used, logformat should specify SQL command,
|
||||
If ODBC is used, logformat should specify SQL command,
|
||||
to insert record into log, for example
|
||||
<p><pre>
|
||||
logformat "-\'+_GINSERT INTO proxystat VALUES (%t, '%c', '%U', %I)"</pre>
|
||||
<br>(no line breaks)
|
||||
<br>-\'+_ instructs to replace characters \ and ' with _
|
||||
</p>
|
||||
<p>
|
||||
If no log format is set, it will fall back to the default log format:
|
||||
<pre>
|
||||
logformat "G%y%m%d%H%M%S.%. %p %E %U %C:%c %R:%r %O %I %h %T"
|
||||
</pre>
|
||||
|
||||
</p>
|
||||
<li><A NAME="LOGANALIZERS">How to use log analizers with 3proxy</A>
|
||||
<p>
|
||||
@ -475,7 +482,7 @@ proxy -p8080 -i192.168.2.1
|
||||
</p>
|
||||
<li><a name="ISFTP"><i>How to setup FTP proxy</i></a></li>
|
||||
<p>
|
||||
There is FTP over HTTP (what is called FTP proxy in browsers) and FTP over FTP ¯à®ªá¨
|
||||
There is FTP over HTTP (what is called FTP proxy in browsers) and FTP over FTP ¯à®ªá¨
|
||||
(what is called FTP proxy in file managers and FTP clients). For browsers, there is no need to start additional
|
||||
proxy service, 'proxy' supports FTP over HTTP, configure 'proxy' port as an FTP proxy. For ftp clients and file
|
||||
managers use ftppr. FTP proxy supports both active and passive mode with client, but always use passive mode with FTP servers.
|
||||
@ -736,7 +743,7 @@ no need to run these services expicitly. Local redirections are usefull if
|
||||
you want to see and control via ACLs protocol specific parameters, e.g.
|
||||
filenames requests thorugh FTP while clients are using SOCKS.
|
||||
</p>
|
||||
<li><a name="SOCKSREDIR">Š ª ã¯à ¢«ïâì «®ª «ì묨 ¯¥à¥ ¯à ¢«¥¨ï¬¨</a>
|
||||
<li><a name="SOCKSREDIR"> ª ã¯à ¢«ïâì «®ª «ì묨 ¯¥à¥ ¯à ¢«¥¨ï¬¨</a>
|
||||
<p>
|
||||
<p><i>Q: What is it for?</i></p>
|
||||
A: To have control based on request and to have URLs and another protocol specific parameters to be logged.
|
||||
|
||||
@ -144,18 +144,12 @@ $(BUILDDIR)mycrypt$(EXESUFFICS): md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycryptmain$(
|
||||
md4$(OBJSUFFICS): libs/md4.h libs/md4.c
|
||||
$(CC) $(COUT)md4$(OBJSUFFICS) $(CFLAGS) libs/md4.c
|
||||
|
||||
smbdes$(OBJSUFFICS): libs/smbdes.c
|
||||
$(CC) $(COUT)smbdes$(OBJSUFFICS) $(CFLAGS) libs/smbdes.c
|
||||
|
||||
md5$(OBJSUFFICS): libs/md5.h libs/md5.c
|
||||
$(CC) $(COUT)md5$(OBJSUFFICS) $(CFLAGS) libs/md5.c
|
||||
|
||||
ntlm$(OBJSUFFICS): ntlm.c
|
||||
$(CC) $(COUT)ntlm$(OBJSUFFICS) $(CFLAGS) ntlm.c
|
||||
|
||||
stringtable$(OBJSUFFICS): stringtable.c
|
||||
$(CC) $(COUT)stringtable$(OBJSUFFICS) $(CFLAGS) stringtable.c
|
||||
|
||||
$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) authradius$(OBJSUFFICS) conf$(OBJSUFFICS) log$(OBJSUFFICS) datatypes$(OBJSUFFICS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycrypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(VERSIONDEP)
|
||||
$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) authradius$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) log$(OBJSUFFICS) mycrypt$(OBJSUFFICS) md5$(OBJSUFFICS) md4$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
|
||||
$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) authradius$(OBJSUFFICS) conf$(OBJSUFFICS) log$(OBJSUFFICS) datatypes$(OBJSUFFICS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycrypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(VERSIONDEP)
|
||||
$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) authradius$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) log$(OBJSUFFICS) mycrypt$(OBJSUFFICS) md5$(OBJSUFFICS) md4$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
|
||||
|
||||
|
||||
62
src/auth.c
62
src/auth.c
@ -222,6 +222,7 @@ int handleredirect(struct clientparam * param, struct ace * acentry){
|
||||
int weight = 1000;
|
||||
int res;
|
||||
int done = 0;
|
||||
int ha = 0;
|
||||
struct chain * cur;
|
||||
struct chain * redir = NULL;
|
||||
int r2;
|
||||
@ -278,6 +279,7 @@ int handleredirect(struct clientparam * param, struct ace * acentry){
|
||||
return 0;
|
||||
}
|
||||
else if(SAISNULL(&cur->addr) && !*SAPORT(&cur->addr)){
|
||||
int i;
|
||||
if(cur->extuser){
|
||||
if(param->extusername)
|
||||
myfree(param->extusername);
|
||||
@ -289,27 +291,18 @@ int handleredirect(struct clientparam * param, struct ace * acentry){
|
||||
}
|
||||
if(*cur->extuser == '*' && !param->username) return 4;
|
||||
}
|
||||
switch(cur->type){
|
||||
case R_POP3:
|
||||
param->redirectfunc = pop3pchild;
|
||||
break;
|
||||
case R_FTP:
|
||||
param->redirectfunc = ftpprchild;
|
||||
break;
|
||||
case R_ADMIN:
|
||||
param->redirectfunc = adminchild;
|
||||
break;
|
||||
case R_SMTP:
|
||||
param->redirectfunc = smtppchild;
|
||||
break;
|
||||
case R_TLS:
|
||||
param->redirectfunc = tlsprchild;
|
||||
break;
|
||||
default:
|
||||
param->redirectfunc = proxychild;
|
||||
|
||||
for(i=0; redirs[i].name; i++){
|
||||
if(cur->type == redirs[i].redir) {
|
||||
param->redirectfunc = redirs[i].func;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(cur->type == R_HA){
|
||||
ha = 1;
|
||||
}
|
||||
if(cur->next)continue;
|
||||
return 0;
|
||||
if(!ha) return 0;
|
||||
}
|
||||
else if(!*SAPORT(&cur->addr) && !SAISNULL(&cur->addr)) {
|
||||
unsigned short port = *SAPORT(¶m->sinsr);
|
||||
@ -324,6 +317,21 @@ int handleredirect(struct clientparam * param, struct ace * acentry){
|
||||
if((res = alwaysauth(param))){
|
||||
return (res >= 10)? res : 60+res;
|
||||
}
|
||||
if(ha) {
|
||||
char buf[128];
|
||||
int len;
|
||||
len = sprintf(buf, "PROXY %s ",
|
||||
*SAFAMILY(¶m->sincr) == AF_INET6 ? "TCP6" : "TCP4");
|
||||
len += myinet_ntop(*SAFAMILY(¶m->sincr), SAADDR(¶m->sincr), buf+len, sizeof(param->sincr));
|
||||
buf[len++] = ' ';
|
||||
len += myinet_ntop(*SAFAMILY(¶m->sincl), SAADDR(¶m->sincl), buf+len, sizeof(param->sincl));
|
||||
len += sprintf(buf + len, " %hu %hu\r\n",
|
||||
ntohs(*SAPORT(¶m->sincr)),
|
||||
ntohs(*SAPORT(¶m->sincl))
|
||||
);
|
||||
if(socksend(param, param->remsock, (unsigned char *)buf, len, conf.timeouts[CHAIN_TO])!=len) return 39;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
else {
|
||||
res = (redir)?clientnegotiate(redir, param, (struct sockaddr *)&cur->addr, cur->exthost):0;
|
||||
@ -963,15 +971,6 @@ int strongauth(struct clientparam * param){
|
||||
else if (!param->pwtype && param->password && !strcmp((char *)param->password, (char *)pwl->password)){
|
||||
break;
|
||||
}
|
||||
#ifndef NOCRYPT
|
||||
else if (param->pwtype == 2 && param->password) {
|
||||
ntpwdhash(buf, pwl->password, 0);
|
||||
mschap(buf, param->password, buf + 16);
|
||||
if(!memcmp(buf+16, param->password+8, 24)) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 6;
|
||||
#ifndef NOCRYPT
|
||||
@ -985,13 +984,6 @@ int strongauth(struct clientparam * param){
|
||||
if(param->password && !param->pwtype && !memcmp(pwl->password, ntpwdhash(buf,param->password, 1), 32)) {
|
||||
break;
|
||||
}
|
||||
else if (param->pwtype == 2){
|
||||
fromhex(pwl->password, buf, 16);
|
||||
mschap(buf, param->password, buf + 16);
|
||||
if(!memcmp(buf + 16, param->password+8, 24)) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 8;
|
||||
#endif
|
||||
|
||||
@ -23,6 +23,7 @@ void * autochild(struct clientparam* param) {
|
||||
dolog(param, (unsigned char *)"");
|
||||
}
|
||||
if(*param->clibuf == 4 || *param->clibuf == 5) return sockschild(param);
|
||||
if(*param->clibuf == 22) return tlsprchild(param);
|
||||
return proxychild(param);
|
||||
}
|
||||
|
||||
|
||||
48
src/conf.c
48
src/conf.c
@ -729,10 +729,34 @@ static int h_monitor(int argc, unsigned char **argv){
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
struct redirdesc redirs[] = {
|
||||
{R_TCP, "tcp", tcppmchild},
|
||||
{R_CONNECT, "connect", proxychild},
|
||||
{R_SOCKS4, "socks4", sockschild},
|
||||
{R_SOCKS5, "socks5", sockschild},
|
||||
{R_HTTP, "http", proxychild},
|
||||
{R_POP3, "pop3", pop3pchild},
|
||||
{R_SMTP, "smtp", smtppchild},
|
||||
{R_FTP, "ftp", ftpprchild},
|
||||
{R_CONNECTP, "connect+", proxychild},
|
||||
{R_SOCKS4P, "socks4+", sockschild},
|
||||
{R_SOCKS5P, "socks5+", sockschild},
|
||||
{R_SOCKS4B, "socks4b", sockschild},
|
||||
{R_SOCKS5B, "socks5b", sockschild},
|
||||
{R_ADMIN, "admin", adminchild},
|
||||
{R_EXTIP, "extip", NULL},
|
||||
{R_TLS, "tls", tlsprchild},
|
||||
{R_HA, "ha", NULL},
|
||||
{R_DNS, "dns", dnsprchild},
|
||||
{0, NULL, NULL}
|
||||
};
|
||||
|
||||
static int h_parent(int argc, unsigned char **argv){
|
||||
struct ace *acl = NULL;
|
||||
struct chain *chains;
|
||||
char * cidr;
|
||||
int i;
|
||||
|
||||
acl = conf.acl;
|
||||
while(acl && acl->next) acl = acl->next;
|
||||
@ -752,23 +776,13 @@ static int h_parent(int argc, unsigned char **argv){
|
||||
fprintf(stderr, "Chaining error: bad chain weight %u line %d\n", chains->weight, linenum);
|
||||
return(3);
|
||||
}
|
||||
if(!strcmp((char *)argv[2], "tcp"))chains->type = R_TCP;
|
||||
else if(!strcmp((char *)argv[2], "http"))chains->type = R_HTTP;
|
||||
else if(!strcmp((char *)argv[2], "connect"))chains->type = R_CONNECT;
|
||||
else if(!strcmp((char *)argv[2], "socks4"))chains->type = R_SOCKS4;
|
||||
else if(!strcmp((char *)argv[2], "socks5"))chains->type = R_SOCKS5;
|
||||
else if(!strcmp((char *)argv[2], "connect+"))chains->type = R_CONNECTP;
|
||||
else if(!strcmp((char *)argv[2], "socks4+"))chains->type = R_SOCKS4P;
|
||||
else if(!strcmp((char *)argv[2], "socks5+"))chains->type = R_SOCKS5P;
|
||||
else if(!strcmp((char *)argv[2], "socks4b"))chains->type = R_SOCKS4B;
|
||||
else if(!strcmp((char *)argv[2], "socks5b"))chains->type = R_SOCKS5B;
|
||||
else if(!strcmp((char *)argv[2], "pop3"))chains->type = R_POP3;
|
||||
else if(!strcmp((char *)argv[2], "tls"))chains->type = R_TLS;
|
||||
else if(!strcmp((char *)argv[2], "ftp"))chains->type = R_FTP;
|
||||
else if(!strcmp((char *)argv[2], "admin"))chains->type = R_ADMIN;
|
||||
else if(!strcmp((char *)argv[2], "extip"))chains->type = R_EXTIP;
|
||||
else if(!strcmp((char *)argv[2], "smtp"))chains->type = R_SMTP;
|
||||
else {
|
||||
for(i = 0; redirs[i].name ; i++){
|
||||
if(!strcmp((char *)argv[2], redirs[i].name)) {
|
||||
chains->type = redirs[i].redir;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(!redirs[i].name) {
|
||||
fprintf(stderr, "Chaining error: bad chain type (%s)\n", argv[2]);
|
||||
return(4);
|
||||
}
|
||||
|
||||
@ -325,24 +325,12 @@ static void * ef_chain_next(struct node * node){
|
||||
}
|
||||
|
||||
static void * ef_chain_type(struct node * node){
|
||||
switch (((struct chain *)node->value) -> type) {
|
||||
case R_TCP:
|
||||
return "tcp";
|
||||
case R_CONNECT:
|
||||
return "connect";
|
||||
case R_SOCKS4:
|
||||
return "socks4";
|
||||
case R_SOCKS5:
|
||||
return "socks5";
|
||||
case R_HTTP:
|
||||
return "http";
|
||||
case R_FTP:
|
||||
return "ftp";
|
||||
case R_POP3:
|
||||
return "pop3";
|
||||
default:
|
||||
return "";
|
||||
int i;
|
||||
|
||||
for(i=0; redirs[i].name; i++){
|
||||
if(((struct chain *)node->value) -> type == redirs[i].redir) return redirs[i].name;
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
static void * ef_chain_addr(struct node * node){
|
||||
|
||||
3821
src/libs/regex.c
3821
src/libs/regex.c
File diff suppressed because it is too large
Load Diff
@ -1,74 +0,0 @@
|
||||
/*
|
||||
|
||||
Minimal version of Henry Spencer's regex library
|
||||
with minor modifications
|
||||
|
||||
*/
|
||||
|
||||
|
||||
#ifndef _REGEX_H_
|
||||
#define _REGEX_H_
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef off_t regoff_t;
|
||||
typedef struct {
|
||||
int re_magic;
|
||||
size_t re_nsub; /* number of parenthesized subexpressions */
|
||||
const char *re_endp; /* end pointer for REG_PEND */
|
||||
struct re_guts *re_g; /* none of your business :-) */
|
||||
} regex_t;
|
||||
typedef struct {
|
||||
regoff_t rm_so; /* start of match */
|
||||
regoff_t rm_eo; /* end of match */
|
||||
} regmatch_t;
|
||||
|
||||
|
||||
extern int regcomp(regex_t *, const char *, int);
|
||||
#define REG_BASIC 0000
|
||||
#define REG_EXTENDED 0001
|
||||
#define REG_ICASE 0002
|
||||
#define REG_NOSUB 0004
|
||||
#define REG_NEWLINE 0010
|
||||
#define REG_NOSPEC 0020
|
||||
#define REG_PEND 0040
|
||||
#define REG_DUMP 0200
|
||||
|
||||
|
||||
#define REG_OKAY 0
|
||||
#define REG_NOMATCH 1
|
||||
#define REG_BADPAT 2
|
||||
#define REG_ECOLLATE 3
|
||||
#define REG_ECTYPE 4
|
||||
#define REG_EESCAPE 5
|
||||
#define REG_ESUBREG 6
|
||||
#define REG_EBRACK 7
|
||||
#define REG_EPAREN 8
|
||||
#define REG_EBRACE 9
|
||||
#define REG_BADBR 10
|
||||
#define REG_ERANGE 11
|
||||
#define REG_ESPACE 12
|
||||
#define REG_BADRPT 13
|
||||
#define REG_EMPTY 14
|
||||
#define REG_ASSERT 15
|
||||
#define REG_INVARG 16
|
||||
#define REG_ATOI 255 /* convert name to number (!) */
|
||||
#define REG_ITOA 0400 /* convert number to name (!) */
|
||||
|
||||
|
||||
extern int regexec(const regex_t *, const char *, size_t, regmatch_t [], int);
|
||||
#define REG_NOTBOL 00001
|
||||
#define REG_NOTEOL 00002
|
||||
#define REG_STARTEND 00004
|
||||
#define REG_TRACE 00400 /* tracing of execution */
|
||||
#define REG_LARGE 01000 /* force large representation */
|
||||
#define REG_BACKR 02000 /* force use of backref code */
|
||||
|
||||
|
||||
extern void regfree(regex_t *);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
@ -1,321 +0,0 @@
|
||||
/*
|
||||
Unix SMB/CIFS implementation.
|
||||
|
||||
a partial implementation of DES designed for use in the
|
||||
SMB authentication protocol
|
||||
|
||||
Copyright (C) Andrew Tridgell 1998
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include <ctype.h>
|
||||
|
||||
|
||||
#define uchar unsigned char
|
||||
|
||||
static const uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9,
|
||||
1, 58, 50, 42, 34, 26, 18,
|
||||
10, 2, 59, 51, 43, 35, 27,
|
||||
19, 11, 3, 60, 52, 44, 36,
|
||||
63, 55, 47, 39, 31, 23, 15,
|
||||
7, 62, 54, 46, 38, 30, 22,
|
||||
14, 6, 61, 53, 45, 37, 29,
|
||||
21, 13, 5, 28, 20, 12, 4};
|
||||
|
||||
static const uchar perm2[48] = {14, 17, 11, 24, 1, 5,
|
||||
3, 28, 15, 6, 21, 10,
|
||||
23, 19, 12, 4, 26, 8,
|
||||
16, 7, 27, 20, 13, 2,
|
||||
41, 52, 31, 37, 47, 55,
|
||||
30, 40, 51, 45, 33, 48,
|
||||
44, 49, 39, 56, 34, 53,
|
||||
46, 42, 50, 36, 29, 32};
|
||||
|
||||
static const uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2,
|
||||
60, 52, 44, 36, 28, 20, 12, 4,
|
||||
62, 54, 46, 38, 30, 22, 14, 6,
|
||||
64, 56, 48, 40, 32, 24, 16, 8,
|
||||
57, 49, 41, 33, 25, 17, 9, 1,
|
||||
59, 51, 43, 35, 27, 19, 11, 3,
|
||||
61, 53, 45, 37, 29, 21, 13, 5,
|
||||
63, 55, 47, 39, 31, 23, 15, 7};
|
||||
|
||||
static const uchar perm4[48] = { 32, 1, 2, 3, 4, 5,
|
||||
4, 5, 6, 7, 8, 9,
|
||||
8, 9, 10, 11, 12, 13,
|
||||
12, 13, 14, 15, 16, 17,
|
||||
16, 17, 18, 19, 20, 21,
|
||||
20, 21, 22, 23, 24, 25,
|
||||
24, 25, 26, 27, 28, 29,
|
||||
28, 29, 30, 31, 32, 1};
|
||||
|
||||
static const uchar perm5[32] = { 16, 7, 20, 21,
|
||||
29, 12, 28, 17,
|
||||
1, 15, 23, 26,
|
||||
5, 18, 31, 10,
|
||||
2, 8, 24, 14,
|
||||
32, 27, 3, 9,
|
||||
19, 13, 30, 6,
|
||||
22, 11, 4, 25};
|
||||
|
||||
|
||||
static const uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32,
|
||||
39, 7, 47, 15, 55, 23, 63, 31,
|
||||
38, 6, 46, 14, 54, 22, 62, 30,
|
||||
37, 5, 45, 13, 53, 21, 61, 29,
|
||||
36, 4, 44, 12, 52, 20, 60, 28,
|
||||
35, 3, 43, 11, 51, 19, 59, 27,
|
||||
34, 2, 42, 10, 50, 18, 58, 26,
|
||||
33, 1, 41, 9, 49, 17, 57, 25};
|
||||
|
||||
|
||||
static const uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};
|
||||
|
||||
static const uchar sbox[8][4][16] = {
|
||||
{{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7},
|
||||
{0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8},
|
||||
{4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0},
|
||||
{15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}},
|
||||
|
||||
{{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10},
|
||||
{3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5},
|
||||
{0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15},
|
||||
{13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}},
|
||||
|
||||
{{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8},
|
||||
{13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1},
|
||||
{13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7},
|
||||
{1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}},
|
||||
|
||||
{{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15},
|
||||
{13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9},
|
||||
{10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4},
|
||||
{3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}},
|
||||
|
||||
{{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9},
|
||||
{14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6},
|
||||
{4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14},
|
||||
{11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}},
|
||||
|
||||
{{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11},
|
||||
{10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8},
|
||||
{9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6},
|
||||
{4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}},
|
||||
|
||||
{{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1},
|
||||
{13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6},
|
||||
{1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2},
|
||||
{6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}},
|
||||
|
||||
{{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7},
|
||||
{1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2},
|
||||
{7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8},
|
||||
{2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}};
|
||||
|
||||
static void permute(char *out, const char *in, const uchar *p, int n)
|
||||
{
|
||||
int i;
|
||||
for (i=0;i<n;i++)
|
||||
out[i] = in[p[i]-1];
|
||||
}
|
||||
|
||||
static void lshift(char *d, int count, int n)
|
||||
{
|
||||
char out[64];
|
||||
int i;
|
||||
for (i=0;i<n;i++)
|
||||
out[i] = d[(i+count)%n];
|
||||
for (i=0;i<n;i++)
|
||||
d[i] = out[i];
|
||||
}
|
||||
|
||||
static void concat(char *out, char *in1, char *in2, int l1, int l2)
|
||||
{
|
||||
while (l1--)
|
||||
*out++ = *in1++;
|
||||
while (l2--)
|
||||
*out++ = *in2++;
|
||||
}
|
||||
|
||||
static void xor(char *out, char *in1, char *in2, int n)
|
||||
{
|
||||
int i;
|
||||
for (i=0;i<n;i++)
|
||||
out[i] = in1[i] ^ in2[i];
|
||||
}
|
||||
|
||||
static void dohash(char *out, char *in, char *key)
|
||||
{
|
||||
int i, j, k;
|
||||
char pk1[56];
|
||||
char c[28];
|
||||
char d[28];
|
||||
char cd[56];
|
||||
char ki[16][48];
|
||||
char pd1[64];
|
||||
char l[32], r[32];
|
||||
char rl[64];
|
||||
|
||||
permute(pk1, key, perm1, 56);
|
||||
|
||||
for (i=0;i<28;i++)
|
||||
c[i] = pk1[i];
|
||||
for (i=0;i<28;i++)
|
||||
d[i] = pk1[i+28];
|
||||
|
||||
for (i=0;i<16;i++) {
|
||||
lshift(c, sc[i], 28);
|
||||
lshift(d, sc[i], 28);
|
||||
|
||||
concat(cd, c, d, 28, 28);
|
||||
permute(ki[i], cd, perm2, 48);
|
||||
}
|
||||
|
||||
permute(pd1, in, perm3, 64);
|
||||
|
||||
for (j=0;j<32;j++) {
|
||||
l[j] = pd1[j];
|
||||
r[j] = pd1[j+32];
|
||||
}
|
||||
|
||||
for (i=0;i<16;i++) {
|
||||
char er[48];
|
||||
char erk[48];
|
||||
char b[8][6];
|
||||
char cb[32];
|
||||
char pcb[32];
|
||||
char r2[32];
|
||||
|
||||
permute(er, r, perm4, 48);
|
||||
|
||||
xor(erk, er, ki[i], 48);
|
||||
|
||||
for (j=0;j<8;j++)
|
||||
for (k=0;k<6;k++)
|
||||
b[j][k] = erk[j*6 + k];
|
||||
|
||||
for (j=0;j<8;j++) {
|
||||
int m, n;
|
||||
m = (b[j][0]<<1) | b[j][5];
|
||||
|
||||
n = (b[j][1]<<3) | (b[j][2]<<2) | (b[j][3]<<1) | b[j][4];
|
||||
|
||||
for (k=0;k<4;k++)
|
||||
b[j][k] = (sbox[j][m][n] & (1<<(3-k)))?1:0;
|
||||
}
|
||||
|
||||
for (j=0;j<8;j++)
|
||||
for (k=0;k<4;k++)
|
||||
cb[j*4+k] = b[j][k];
|
||||
permute(pcb, cb, perm5, 32);
|
||||
|
||||
xor(r2, l, pcb, 32);
|
||||
|
||||
for (j=0;j<32;j++)
|
||||
l[j] = r[j];
|
||||
|
||||
for (j=0;j<32;j++)
|
||||
r[j] = r2[j];
|
||||
}
|
||||
|
||||
concat(rl, r, l, 32, 32);
|
||||
|
||||
permute(out, rl, perm6, 64);
|
||||
}
|
||||
|
||||
static void str_to_key(unsigned char *str,unsigned char *key)
|
||||
{
|
||||
int i;
|
||||
|
||||
key[0] = str[0]>>1;
|
||||
key[1] = ((str[0]&0x01)<<6) | (str[1]>>2);
|
||||
key[2] = ((str[1]&0x03)<<5) | (str[2]>>3);
|
||||
key[3] = ((str[2]&0x07)<<4) | (str[3]>>4);
|
||||
key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5);
|
||||
key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6);
|
||||
key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7);
|
||||
key[7] = str[6]&0x7F;
|
||||
for (i=0;i<8;i++) {
|
||||
key[i] = (key[i]<<1);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static void smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
|
||||
{
|
||||
int i;
|
||||
char outb[64];
|
||||
char inb[64];
|
||||
char keyb[64];
|
||||
unsigned char key2[8];
|
||||
|
||||
str_to_key(key, key2);
|
||||
|
||||
for (i=0;i<64;i++) {
|
||||
inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
|
||||
keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
|
||||
outb[i] = 0;
|
||||
}
|
||||
|
||||
dohash(outb, inb, keyb);
|
||||
|
||||
for (i=0;i<8;i++) {
|
||||
out[i] = 0;
|
||||
}
|
||||
|
||||
for (i=0;i<64;i++) {
|
||||
if (outb[i])
|
||||
out[i/8] |= (1<<(7-(i%8)));
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Converts the password to uppercase, and creates the LM
|
||||
* password hash.
|
||||
*/
|
||||
void lmpwdhash(const unsigned char *password,unsigned char *lmhash)
|
||||
{
|
||||
int i;
|
||||
unsigned char p14[14];
|
||||
static unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
|
||||
|
||||
memset(p14, 0, sizeof(p14));
|
||||
for (i = 0; i < 14 && password[i]; i++) {
|
||||
p14[i] = toupper((int) password[i]);
|
||||
}
|
||||
|
||||
smbhash(lmhash, sp8, p14);
|
||||
smbhash(lmhash+8, sp8, p14+7);
|
||||
}
|
||||
|
||||
/*
|
||||
* Take the NT or LM password, and return the MSCHAP response
|
||||
*
|
||||
* The win_password MUST be exactly 16 bytes long.
|
||||
*/
|
||||
void mschap(const unsigned char *win_password,
|
||||
const unsigned char *challenge, unsigned char *response)
|
||||
{
|
||||
unsigned char p21[21];
|
||||
|
||||
memset(p21, 0, sizeof(p21));
|
||||
memcpy(p21, win_password, 16);
|
||||
|
||||
smbhash(response, challenge, p21);
|
||||
smbhash(response+8, challenge, p21+7);
|
||||
smbhash(response+16, challenge, p21+14);
|
||||
}
|
||||
88
src/ntlm.c
88
src/ntlm.c
@ -1,88 +0,0 @@
|
||||
/*
|
||||
3APA3A simpliest proxy server
|
||||
(c) 2002-2021 by Vladimir Dubrovin <3proxy@3proxy.org>
|
||||
|
||||
please read License Agreement
|
||||
|
||||
*/
|
||||
|
||||
#include "proxy.h"
|
||||
struct ntlmchal {
|
||||
unsigned char sig[8];
|
||||
unsigned char messtype[4];
|
||||
unsigned char dom_len[2];
|
||||
unsigned char dom_max_len[2];
|
||||
unsigned char dom_offset[4];
|
||||
unsigned char flags[4];
|
||||
unsigned char challenge[8];
|
||||
unsigned char reserved[8];
|
||||
unsigned char addr_len[2];
|
||||
unsigned char addr_max_len[2];
|
||||
unsigned char addr_offset[4];
|
||||
unsigned char data[1];
|
||||
};
|
||||
|
||||
struct ntlmreq {
|
||||
unsigned char sig[8];
|
||||
unsigned char messtype[4];
|
||||
unsigned char flags[4];
|
||||
unsigned char dom_len[2];
|
||||
unsigned char dom_max_len[2];
|
||||
unsigned char dom_offset[4];
|
||||
unsigned char pad1[2];
|
||||
unsigned char host_len[2];
|
||||
unsigned char host_max_len[2];
|
||||
unsigned char host_offset[4];
|
||||
unsigned char pad2[2];
|
||||
unsigned char data[1];
|
||||
};
|
||||
|
||||
int text2unicode(const char * text, char * buf, int buflen){
|
||||
int count = 0;
|
||||
buflen = ((buflen>>1)<<1);
|
||||
if(!text || !buflen) return 0;
|
||||
do {
|
||||
buf[count++] = toupper(*text++);
|
||||
buf[count++] = '\0';
|
||||
} while (*text && count < buflen);
|
||||
return count;
|
||||
}
|
||||
|
||||
void unicode2text(const char *unicode, char * buf, int len){
|
||||
int i;
|
||||
if(!unicode || !len) return;
|
||||
for(i=0; i<len; i++){
|
||||
buf[i] = unicode[(i<<1)];
|
||||
}
|
||||
buf[i] = 0;
|
||||
}
|
||||
|
||||
void genchallenge(struct clientparam *param, char * challenge, char *buf){
|
||||
struct ntlmchal *chal;
|
||||
char tmpbuf[1024];
|
||||
char hostname[128];
|
||||
int len, i;
|
||||
|
||||
|
||||
chal = (struct ntlmchal *)tmpbuf;
|
||||
memset(chal, 0, 1024);
|
||||
memcpy(chal->sig, "NTLMSSP", 8);
|
||||
chal->messtype[0] = 2;
|
||||
gethostname(hostname, 128);
|
||||
hostname[15] = 0;
|
||||
len = (((int)strlen(hostname)) << 1);
|
||||
chal->dom_len[0] = len;
|
||||
chal->dom_max_len[0] = len;
|
||||
chal->dom_offset[0] = (unsigned char)((unsigned char *)chal->data - (unsigned char *)chal);
|
||||
chal->flags[0] = 0x03;
|
||||
chal->flags[1] = 0x82;
|
||||
chal->flags[2] = 0x81;
|
||||
chal->flags[3] = 0xA0;
|
||||
text2unicode(hostname, (char *)chal->data, 64);
|
||||
time((time_t *)challenge);
|
||||
memcpy(challenge+4, SAADDR(¶m->sincr), 4);
|
||||
challenge[1]^=*SAPORT(¶m->sincr);
|
||||
for(i = 0; i < 8; i++) challenge[i] ^= myrand(challenge, 8);
|
||||
memcpy(chal->challenge, challenge, 8);
|
||||
en64((unsigned char *)tmpbuf, (unsigned char *)buf, (int)((unsigned char *)chal->data - (unsigned char *)chal) + len);
|
||||
}
|
||||
@ -7,6 +7,7 @@
|
||||
|
||||
#include "../../structures.h"
|
||||
#include <string.h>
|
||||
#define PCRE_STATIC
|
||||
#include "pcre.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
@ -6,7 +6,6 @@
|
||||
*/
|
||||
|
||||
#include "../../structures.h"
|
||||
#include <openssl/rsa.h> /* SSLeay stuff */
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
@ -439,18 +438,14 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
|
||||
if(sc->client_cipher_list)SSL_CTX_set_cipher_list(sc->srv_ctx, sc->client_cipher_list);
|
||||
if(sc->client_ciphersuites)SSL_CTX_set_ciphersuites(sc->srv_ctx, sc->client_ciphersuites);
|
||||
if(sc->client_verify){
|
||||
if(sc->client_ca_file && sc->client_ca_dir){
|
||||
if(sc->client_ca_file || sc->client_ca_dir){
|
||||
SSL_CTX_load_verify_locations(sc->srv_ctx, sc->client_ca_file, sc->client_ca_dir);
|
||||
}
|
||||
else if(sc->client_ca_file){
|
||||
SSL_CTX_load_verify_file(sc->srv_ctx, sc->client_ca_file);
|
||||
}
|
||||
else if(sc->client_ca_dir){
|
||||
SSL_CTX_load_verify_dir(sc->srv_ctx, sc->client_ca_dir);
|
||||
}
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
else if(sc->client_ca_store){
|
||||
SSL_CTX_load_verify_store(sc->srv_ctx, sc->client_ca_store);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
else
|
||||
SSL_CTX_set_default_verify_paths(sc->srv_ctx);
|
||||
SSL_CTX_set_verify(sc->srv_ctx, SSL_VERIFY_PEER, verify_callback);
|
||||
|
||||
48
src/proxy.c
48
src/proxy.c
@ -381,54 +381,6 @@ for(;;){
|
||||
param->username = (unsigned char *)mystrdup((char *)username);
|
||||
continue;
|
||||
}
|
||||
#ifndef NOCRYPT
|
||||
if(param->srv->usentlm && !strncasecmp((char *)sb, "ntlm", 4)){
|
||||
sb+=4;
|
||||
while(isspace(*sb))sb++;
|
||||
i = de64(sb, username, 1023);
|
||||
if(i<=16)continue;
|
||||
username[i] = 0;
|
||||
if(strncasecmp((char *)username, "NTLMSSP", 8)) continue;
|
||||
if(username[8] == 1) {
|
||||
while( (i = sockgetlinebuf(param, CLIENT, buf, BUFSIZE - 1, '\n', conf.timeouts[STRING_S])) > 2){
|
||||
if(i> 15 && (!strncasecmp((char *)(buf), "content-length", 14))){
|
||||
buf[i]=0;
|
||||
sscanf((char *)buf + 15, "%"PRINTF_INT64_MODIFIER"u", &contentlength64);
|
||||
}
|
||||
}
|
||||
while( contentlength64 > 0 && (i = sockgetlinebuf(param, CLIENT, buf, (BUFSIZE < contentlength64)? BUFSIZE - 1:(int)contentlength64, '\n', conf.timeouts[STRING_S])) > 0){
|
||||
if ((uint64_t)i > contentlength64) break;
|
||||
contentlength64-=i;
|
||||
}
|
||||
contentlength64 = 0;
|
||||
if(param->password)myfree(param->password);
|
||||
param->password = myalloc(32);
|
||||
param->pwtype = 2;
|
||||
i = (int)strlen(proxy_stringtable[13]);
|
||||
memcpy(buf, proxy_stringtable[13], i);
|
||||
genchallenge(param, (char *)param->password, (char *)buf + i);
|
||||
memcpy(buf + strlen((char *)buf), "\r\n\r\n", 5);
|
||||
socksend(param, param->clisock, buf, (int)strlen((char *)buf), conf.timeouts[STRING_S]);
|
||||
ckeepalive = keepalive = 1;
|
||||
goto REQUESTEND;
|
||||
}
|
||||
if(username[8] == 3 && param->pwtype == 2 && i>=80) {
|
||||
unsigned offset, len;
|
||||
|
||||
len = username[20] + (((unsigned)username[21]) << 8);
|
||||
offset = username[24] + (((unsigned)username[25]) << 8);
|
||||
if(len != 24 || len + offset > (unsigned)i) continue;
|
||||
memcpy(param->password + 8, username + offset, 24);
|
||||
len = username[36] + (((unsigned)username[37]) << 8);
|
||||
offset = username[40] + (((unsigned)username[41]) << 8);
|
||||
if(len> 255 || len + offset > (unsigned)i) continue;
|
||||
if(param->username) myfree(param->username);
|
||||
unicode2text((char *)username+offset, (char *)username+offset, (len>>1));
|
||||
param->username = (unsigned char *)mystrdup((char *)username+offset);
|
||||
}
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
if(!isconnect && (
|
||||
|
||||
@ -74,6 +74,37 @@ void * threadfunc (void *p) {
|
||||
#endif
|
||||
#endif
|
||||
|
||||
if(param->srv->haproxy){
|
||||
char buf[128];
|
||||
int i;
|
||||
i = sockgetlinebuf(param, CLIENT, (unsigned char *)buf, sizeof(buf)-1, '\n', conf.timeouts[STRING_S]);
|
||||
if(i > 12 && !strncasecmp(buf, "PROXY TCP", 9)){
|
||||
char *token, *token2=NULL;
|
||||
unsigned short u1=0, u2=0;
|
||||
buf[i] = 0;
|
||||
token = strchr(buf, ' ');
|
||||
if(token) token = strchr(token+1, ' ');
|
||||
if(token) token++;
|
||||
if(token) token2 = strchr(token+1, ' ');
|
||||
if(token2) {
|
||||
*token2 = 0;
|
||||
getip46(46, (unsigned char*) token, (struct sockaddr *)¶m->sincr);
|
||||
token = token2+1;
|
||||
token2 = strchr(token, ' ');
|
||||
}
|
||||
if(token2) {
|
||||
*token2 = 0;
|
||||
getip46(46, (unsigned char *) token, (struct sockaddr *)¶m->sincl);
|
||||
token = token2+1;
|
||||
token2 = strchr(token, ' ');
|
||||
}
|
||||
if(token){
|
||||
sscanf(token,"%hu%hu", &u1, &u2);
|
||||
if(u1) *SAPORT(¶m->sincr) = htons(u1);
|
||||
if(u2) *SAPORT(¶m->sincl) = htons(u1);
|
||||
}
|
||||
}
|
||||
}
|
||||
((struct clientparam *) p)->srv->pf((struct clientparam *)p);
|
||||
}
|
||||
#ifdef _WIN32
|
||||
@ -417,6 +448,9 @@ int MODULEMAINFUNC (int argc, char** argv){
|
||||
case 'h':
|
||||
hostname = argv[i] + 2;
|
||||
break;
|
||||
case 'H':
|
||||
srv.haproxy=1;
|
||||
break;
|
||||
case 'c':
|
||||
srv.requirecert = 1;
|
||||
if(isdigit(argv[i][2])) srv.requirecert = atoi(argv[i]+2);
|
||||
|
||||
@ -266,7 +266,7 @@ struct passwords {
|
||||
};
|
||||
|
||||
typedef enum {
|
||||
R_TCP,
|
||||
R_TCP = 1,
|
||||
R_CONNECT,
|
||||
R_SOCKS4,
|
||||
R_SOCKS5,
|
||||
@ -281,9 +281,20 @@ typedef enum {
|
||||
R_SOCKS5B,
|
||||
R_ADMIN,
|
||||
R_EXTIP,
|
||||
R_TLS
|
||||
R_TLS,
|
||||
R_HA,
|
||||
R_DNS
|
||||
} REDIRTYPE;
|
||||
|
||||
struct redirdesc {
|
||||
REDIRTYPE redir;
|
||||
char * name;
|
||||
void * (*func)(struct clientparam *);
|
||||
};
|
||||
|
||||
extern struct redirdesc redirs[];
|
||||
|
||||
|
||||
struct chain {
|
||||
struct chain * next;
|
||||
int type;
|
||||
@ -490,6 +501,7 @@ struct srvparam {
|
||||
int clisockopts, srvsockopts, lissockopts, cbcsockopts, cbssockopts;
|
||||
int gracetraf, gracenum, gracedelay;
|
||||
int requirecert;
|
||||
int haproxy;
|
||||
#ifdef WITHSPLICE
|
||||
int usesplice;
|
||||
#endif
|
||||
|
||||
Loading…
Reference in New Issue
Block a user