bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2026-06-13 11:00:11 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: bughz:b1ac46da79d9f98391a6ad62971a2f81b8f0b8f6
Branches Tags
bughz:master
bughz:test-ci
bughz:0.8
bughz:0.7
bughz:0.9.6
bughz:0.9.5
bughz:0.9.4
bughz:0.9.3
bughz:0.9.2
bughz:0.9.1
bughz:0.9.0
bughz:0.9.0-rc
bughz:0.8.13
bughz:0.8.12
bughz:0.8.11
bughz:0.8.10
bughz:0.8.9
bughz:3proxy-0.8.8
bughz:0.8.8
bughz:3proxy-0.8.7
bughz:3proxy-0.8.6
bughz:3proxy-0.8.5
bughz:3proxy-0.8.4
bughz:3proxy-0.8.3
bughz:3proxy-0.8.2
bughz:3proxy-0.7.1.4
bughz:3proxy-0.8.1
bughz:3proxy-0.8.0
bughz:3proxy-0.8-pre
bughz:3proxy-0.7.1.3
bughz:3proxy-0.7.1.2
bughz:v0.7.1.2
bughz:v0.7.1.1
bughz:v0.7.1
bughz:v0.7
...
compare: bughz:043f0dd8abf1f9ce2676d84a486970f7cb875bff
Branches Tags
bughz:master
bughz:test-ci
bughz:0.8
bughz:0.7
bughz:0.9.6
bughz:0.9.5
bughz:0.9.4
bughz:0.9.3
bughz:0.9.2
bughz:0.9.1
bughz:0.9.0
bughz:0.9.0-rc
bughz:0.8.13
bughz:0.8.12
bughz:0.8.11
bughz:0.8.10
bughz:0.8.9
bughz:3proxy-0.8.8
bughz:0.8.8
bughz:3proxy-0.8.7
bughz:3proxy-0.8.6
bughz:3proxy-0.8.5
bughz:3proxy-0.8.4
bughz:3proxy-0.8.3
bughz:3proxy-0.8.2
bughz:3proxy-0.7.1.4
bughz:3proxy-0.8.1
bughz:3proxy-0.8.0
bughz:3proxy-0.8-pre
bughz:3proxy-0.7.1.3
bughz:3proxy-0.7.1.2
bughz:v0.7.1.2
bughz:v0.7.1.1
bughz:v0.7.1
bughz:v0.7

6 Commits
b1ac46da79 ... 043f0dd8ab

Author SHA1 Message Date
Vladimir Dubrovin
043f0dd8ab Move pcre code to 3proxy
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
2026-04-30 18:51:12 +03:00
Vladimir Dubrovin
8b08f39438 Link PCRE statically 2026-04-30 18:30:04 +03:00
Vladimir Dubrovin
289fc04987 Update CMakeLists.txt 2026-04-30 18:13:28 +03:00
Vladimir Dubrovin
30bee085e9 move ssl code to 3proxy, remove SSLPlugin, switch md4/md5/blake to OpenSSL where possible 2026-04-30 17:58:16 +03:00
Vladimir Dubrovin
d674d1d51b Fix sasize in sockmap 2026-04-30 13:48:10 +03:00
Vladimir Dubrovin
a3fb7aff07 Clean up UDP code 2026-04-30 11:32:12 +03:00
36 changed files with 583 additions and 1128 deletions
Show Stats Expand all files Collapse all files

99
CMakeLists.txt
View File

@ -105,7 +105,6 @@ if(WIN32)
# MSVC-specific settings
add_compile_definitions(
MSVC
WITH_SSL
)
# Use static runtime library
set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>")
@ -123,7 +122,6 @@ if(WIN32)
# clang-cl (Clang with MSVC frontend)
add_compile_definitions(
MSVC
WITH_SSL
)
set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>")
add_compile_options(
@ -254,14 +252,14 @@ endif()
# OpenSSL
set(OPENSSL_FOUND FALSE)
if(3PROXY_USE_OPENSSL)
find_package(OpenSSL QUIET)
find_package(OpenSSL REQUIRED)
if(OpenSSL_FOUND)
set(OPENSSL_FOUND TRUE)
add_compile_definitions(WITH_SSL)
message(STATUS "OpenSSL found: ${OPENSSL_VERSION}")
else()
message(STATUS "OpenSSL not found, SSLPlugin will not be built")
endif()
else()
message(STATUS "OpenSSL disabled by user request")
endif()
# PCRE2
@ -269,9 +267,10 @@ set(PCRE2_FOUND FALSE)
if(3PROXY_USE_PCRE2)
find_package(PCRE2 QUIET)
if(PCRE2_FOUND)
add_compile_definitions(WITH_PCRE)
message(STATUS "PCRE2 found: ${PCRE2_VERSION}")
else()
message(STATUS "PCRE2 not found, PCREPlugin will not be built")
message(STATUS "PCRE2 not found, PCRE support will not be built")
endif()
endif()
@ -302,6 +301,11 @@ if(NOT ODBC_FOUND)
add_compile_definitions(NOODBC)
endif()
# Set NORADIUS if OpenSSL is not available (RADIUS requires MD5 from OpenSSL)
if(NOT OPENSSL_FOUND)
add_compile_definitions(NORADIUS)
endif()
# Source files for 3proxy core
set(3PROXY_CORE_SOURCES
src/3proxy.c
@ -320,10 +324,8 @@ set(3PROXY_CORE_SOURCES
src/stringtable.c
)
# MD4/MD5/BLAKE2 sources for 3proxy_crypt
# BLAKE2 source for 3proxy_crypt
set(MD_SOURCES
src/libs/md4.c
src/libs/md5.c
src/libs/blake2b-ref.c
)
@ -384,6 +386,9 @@ target_include_directories(ftp_obj PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/src)
# 3proxy_crypt object for 3proxy (without WITHMAIN)
add_library(3proxy_crypt_obj OBJECT src/3proxy_crypt.c)
target_include_directories(3proxy_crypt_obj PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/src)
if(OpenSSL_FOUND)
target_include_directories(3proxy_crypt_obj PRIVATE ${OPENSSL_INCLUDE_DIR})
endif()
# ============================================================================
# Main 3proxy executable
@ -402,10 +407,24 @@ add_executable(3proxy
$<TARGET_OBJECTS:3proxy_crypt_obj>
)
if(OpenSSL_FOUND)
target_sources(3proxy PRIVATE src/ssllib.c src/ssl.c)
endif()
if(PCRE2_FOUND)
target_sources(3proxy PRIVATE src/pcre.c)
endif()
target_include_directories(3proxy PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}/src
${CMAKE_CURRENT_SOURCE_DIR}/src/libs
)
if(OpenSSL_FOUND)
target_include_directories(3proxy PRIVATE ${OPENSSL_INCLUDE_DIR})
endif()
if(PCRE2_FOUND)
target_include_directories(3proxy PRIVATE ${PCRE2_INCLUDE_DIRS})
endif()
target_link_libraries(3proxy PRIVATE Threads::Threads)
@ -417,19 +436,49 @@ if(ODBC_FOUND)
endif()
endif()
if(OpenSSL_FOUND)
target_link_libraries(3proxy PRIVATE OpenSSL::SSL OpenSSL::Crypto)
endif()
# PCRE2 linking (static on Linux/FreeBSD, dynamic on other platforms)
if(PCRE2_FOUND)
if(CMAKE_SYSTEM_NAME STREQUAL "Linux" OR
CMAKE_SYSTEM_NAME MATCHES "FreeBSD|OpenBSD|NetBSD" OR
CMAKE_SYSTEM_NAME STREQUAL "Unix")
# Static linking for Linux/BSD
find_library(PCRE2_STATIC_LIB
NAMES pcre2-8 libpcre2-8.a pcre2-8.a
PATHS ${PC_PCRE2_LIBRARY_DIRS}
/usr/lib
/usr/local/lib
/lib
)
if(PCRE2_STATIC_LIB)
target_link_libraries(3proxy PRIVATE
-Wl,-Bstatic
${PCRE2_STATIC_LIB}
-Wl,-Bdynamic
)
message(STATUS "Using static PCRE2: ${PCRE2_STATIC_LIB}")
elseif(TARGET PCRE2::PCRE2)
target_link_libraries(3proxy PRIVATE PCRE2::PCRE2)
else()
target_link_libraries(3proxy PRIVATE ${PCRE2_LIBRARIES})
endif()
elseif(TARGET PCRE2::PCRE2)
target_link_libraries(3proxy PRIVATE PCRE2::PCRE2)
else()
target_link_libraries(3proxy PRIVATE ${PCRE2_LIBRARIES})
endif()
endif()
if(WIN32)
target_link_libraries(3proxy PRIVATE ${WINDOWS_LIBS})
if(OpenSSL_FOUND)
target_link_libraries(3proxy PRIVATE OpenSSL::SSL OpenSSL::Crypto)
endif()
if(COMPILER_IS_MSVC AND EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/3proxy.rc)
target_sources(3proxy PRIVATE 3proxy.rc)
endif()
elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux")
target_link_libraries(3proxy PRIVATE dl)
if(OpenSSL_FOUND)
target_link_libraries(3proxy PRIVATE OpenSSL::SSL OpenSSL::Crypto)
endif()
endif()
# Build 3proxy_crypt utility
@ -443,7 +492,13 @@ target_include_directories(3proxy_crypt PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}/src
${CMAKE_CURRENT_SOURCE_DIR}/src/libs
)
if(OpenSSL_FOUND)
target_include_directories(3proxy_crypt PRIVATE ${OPENSSL_INCLUDE_DIR})
endif()
target_link_libraries(3proxy_crypt PRIVATE Threads::Threads)
if(OpenSSL_FOUND)
target_link_libraries(3proxy_crypt PRIVATE OpenSSL::SSL OpenSSL::Crypto)
endif()
if("${3PROXY_BINARY_PREFIX}" STREQUAL "")
set_target_properties(3proxy_crypt PROPERTIES OUTPUT_NAME "mycrypt")
else()
@ -527,26 +582,12 @@ foreach(PLUGIN ${DEFAULT_PLUGINS})
add_subdirectory(src/plugins/${PLUGIN})
endforeach()
if(OPENSSL_FOUND)
add_subdirectory(src/plugins/SSLPlugin)
endif()
if(PCRE2_FOUND)
add_subdirectory(src/plugins/PCREPlugin)
endif()
if(PAM_FOUND)
add_subdirectory(src/plugins/PamAuth)
endif()
# Build full list of plugins to be built
set(ALL_PLUGINS ${DEFAULT_PLUGINS})
if(OPENSSL_FOUND)
list(APPEND ALL_PLUGINS SSLPlugin)
endif()
if(PCRE2_FOUND)
list(APPEND ALL_PLUGINS PCREPlugin)
endif()
if(PAM_FOUND)
list(APPEND ALL_PLUGINS PamAuth)
endif()

9
Makefile.FreeBSD
View File

@ -36,11 +36,14 @@ PLUGINS ?= StringsPlugin TrafficPlugin TransparentPlugin FilePlugin
OPENSSL_CHECK = $(shell echo "\#include <openssl/ssl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testssl.o - 2>/dev/null && $(CC) $(LDFLAGS) -otestssl testssl.o -lcrypto -lssl 2>/dev/null && rm testssl testssl.o && echo true||echo false)
ifeq ($(OPENSSL_CHECK), true)
LIBS += -l crypto -l ssl
PLUGINS += SSLPlugin
CFLAGS += -DWITH_SSL
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
endif
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -lpcre2-8 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
ifeq ($(PCRE_CHECK), true)
PLUGINS += PCREPlugin
CFLAGS += -DWITH_PCRE
PCRE_OBJS = pcre$(OBJSUFFICS)
PCRE_LIBS = -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic
endif
PAM_CHECK = $(shell echo "\#include <security/pam_appl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpam.o - 2>/dev/null && $(CC) $(LDFLAGS) -o testpam testpam.o -lpam 2>/dev/null && rm testpam testpam.o && echo true||echo false)
ifeq ($(PAM_CHECK), true)

9
Makefile.Linux
View File

@ -38,11 +38,14 @@ PLUGINS ?= StringsPlugin TrafficPlugin TransparentPlugin FilePlugin
OPENSSL_CHECK = $(shell echo "\#include <openssl/ssl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testssl.o - 2>/dev/null && $(CC) $(LDFLAGS) -otestssl testssl.o -lcrypto -lssl 2>/dev/null && rm testssl testssl.o && echo true||echo false)
ifeq ($(OPENSSL_CHECK), true)
LIBS += -l crypto -l ssl
PLUGINS += SSLPlugin
CFLAGS += -DWITH_SSL
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
endif
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -lpcre2-8 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
ifeq ($(PCRE_CHECK), true)
PLUGINS += PCREPlugin
CFLAGS += -DWITH_PCRE
PCRE_OBJS = pcre$(OBJSUFFICS)
PCRE_LIBS = -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic
endif
PAM_CHECK = $(shell echo "\#include <security/pam_appl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpam.o - 2>/dev/null && $(CC) $(LDFLAGS) -o testpam testpam.o -lpam 2>/dev/null && rm testpam testpam.o && echo true||echo false)
ifeq ($(PAM_CHECK), true)

15
Makefile.Solaris
View File

@ -27,7 +27,20 @@ AFTERCLEAN = (find . -type f -name "*.o" -delete && find src/ -type f -name "Mak
TYPECOMMAND = cat
COMPATLIBS =
MAKEFILE = Makefile.Solaris
PLUGINS = StringsPlugin TrafficPlugin
PLUGINS = StringsPlugin TrafficPlugin TransparentPlugin FilePlugin
OPENSSL_CHECK = $(shell echo "\#include <openssl/ssl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testssl.o - 2>/dev/null && $(CC) $(LDFLAGS) -o testssl testssl.o -lcrypto -lssl 2>/dev/null && rm testssl testssl.o && echo true||echo false)
ifeq ($(OPENSSL_CHECK), true)
LIBS += -l crypto -l ssl
CFLAGS += -DWITH_SSL
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
endif
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
ifeq ($(PCRE_CHECK), true)
CFLAGS += -DWITH_PCRE
PCRE_OBJS = pcre$(OBJSUFFICS)
PCRE_LIBS = -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic
endif
include Makefile.inc

8
Makefile.msvc
View File

@ -8,13 +8,13 @@ BUILDDIR = ../bin/
CC = cl
VERSION = $(VERSION)
BUILDDATE = $(BUILDDATE)
CFLAGS = /nologo /MT /W3 /Ox /GS /EHs- /GA /GF /D "MSVC" /D "WITH_WSAPOLL" /D "NDEBUG" /D "WIN32" /D "WITH_SSL" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /Fp"proxy.pch" /FD /c $(BUILDDATE) $(VERSION)
CFLAGS = /nologo /MT /W3 /Ox /GS /EHs- /GA /GF /D "MSVC" /D "WITH_WSAPOLL" /D "NDEBUG" /D "WIN32" /D "WITH_SSL" /D "WITH_PCRE" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /Fp"proxy.pch" /FD /c $(BUILDDATE) $(VERSION)
COUT = /Fo
LN = link
LDFLAGS = /nologo /subsystem:console /incremental:no
DLFLAGS = /DLL
DLSUFFICS = .dll
LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib kernel32.lib Gdi32.lib Crypt32.lib libcrypto.lib libssl.lib
LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib kernel32.lib Gdi32.lib Crypt32.lib libcrypto.lib libssl.lib pcre2-8.lib
LIBSPREFIX =
LIBSSUFFIX = .lib
LIBEXT = .lib
@ -27,7 +27,9 @@ REMOVECOMMAND = del
TYPECOMMAND = type
COMPATLIBS =
MAKEFILE = Makefile.msvc
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin FilePlugin SSLPlugin PCREPlugin
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin FilePlugin
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
PCRE_OBJS = pcre$(OBJSUFFICS)
VERFILE = 3proxy.res $(VERFILE)
VERSIONDEP = 3proxy.res $(VERSIONDEP)
AFTERCLEAN = if exist src\*.res (del src\*.res) && if exist src\*.err (del src\*.err)

9
Makefile.unix
View File

@ -38,11 +38,14 @@ PLUGINS ?= StringsPlugin TrafficPlugin TransparentPlugin FilePlugin
OPENSSL_CHECK = $(shell echo "\#include <openssl/ssl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testssl.o - 2>/dev/null && $(CC) $(LDFLAGS) -otestssl testssl.o -lcrypto -lssl 2>/dev/null && rm testssl testssl.o && echo true||echo false)
ifeq ($(OPENSSL_CHECK), true)
LIBS += -l crypto -l ssl
PLUGINS += SSLPlugin
CFLAGS += -DWITH_SSL
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
endif
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -lpcre2-8 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n\#include <pcre2.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpcre.o - 2>/dev/null && $(CC) -o testpcre testpcre.o $(LDFLAGS) -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic 2>/dev/null && rm testpcre testpcre.o && echo true||echo false)
ifeq ($(PCRE_CHECK), true)
PLUGINS += PCREPlugin
CFLAGS += -DWITH_PCRE
PCRE_OBJS = pcre$(OBJSUFFICS)
PCRE_LIBS = -Wl,-Bstatic -lpcre2-8 -Wl,-Bdynamic
endif
PAM_CHECK = $(shell echo "\#include <security/pam_appl.h>\\n int main(){return 0;}" | tr -d \\\\ | $(CC) -x c $(CFLAGS) -o testpam.o - 2>/dev/null && $(CC) $(LDFLAGS) -o testpam testpam.o -lpam 2>/dev/null && rm testpam testpam.o && echo true||echo false)
ifeq ($(PAM_CHECK), true)

2
Makefile.watcom
View File

@ -27,6 +27,8 @@ TYPECOMMAND = type
COMPATLIBS =
MAKEFILE = Makefile.watcom
PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
PCRE_OBJS = pcre$(OBJSUFFICS)
VERFILE = $(VERFILE)
VERSION = $(VERSION)
VERSIONDEP = 3proxy.res $(VERSIONDEP)

7
Makefile.win
View File

@ -37,7 +37,8 @@ ifndef OPENSSL_CHECK
OPENSSL_CHECK = $(shell echo "\#include <openssl/ssl.h>\\n int main(){return 0;}" | tr -d '\\\\' | cc -x c $(CFLAGS) $(LDFLAGS) -l crypto -l ssl -o testssl - 2>/dev/null && rm testssl && echo true||echo false)
ifeq ($(OPENSSL_CHECK), true)
LIBS += -l crypto -l ssl
PLUGINS += SSLPlugin
CFLAGS += -DWITH_SSL
SSL_OBJS = ssllib$(OBJSUFFICS) ssl$(OBJSUFFICS)
endif
PAM_CHECK = $(shell echo "\#include <security/pam_appl.h>\\n int main(){return 0;}" | tr -d '\\\\' | cc -x c $(CFLAGS) $(LDFLAGS) -l pam -o testpam - 2>/dev/null && rm testpam && echo true||echo false)
ifeq ($(PAM_CHECK), true)
@ -45,7 +46,9 @@ ifeq ($(PAM_CHECK), true)
endif
PCRE_CHECK = $(shell echo "\#define PCRE2_CODE_UNIT_WIDTH 8\\n#include <pcre2.h>\\n int main(){return 0;}" | tr -d '\\\\' | cc -x c $(CFLAGS) $(LDFLAGS) -lpcre2-8 -o testpcre - 2>/dev/null && rm testpcre && echo true||echo false)
ifeq ($(PCRE_CHECK), true)
PLUGINS += PCREPlugin
CFLAGS += -DWITH_PCRE
PCRE_OBJS = pcre$(OBJSUFFICS)
PCRE_LIBS = -lpcre2-8
endif
endif

15
src/3proxy.c
View File

@ -7,6 +7,12 @@
*/
#include "proxy.h"
#ifdef WITH_SSL
void ssl_install(void);
#endif
#ifdef WITH_PCRE
void pcre_install(void);
#endif
#ifndef _WIN32
#include <sys/resource.h>
#ifndef NOPLUGINS
@ -514,7 +520,7 @@ int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int
_3proxy_mutex_init(&rad_mutex);
#endif
#ifdef _WIN32
conf.threadinit = CreateSemaphore(NULL, 0, 1, NULL);
conf.threadinit = CreateSemaphore(NULL, 1, 1, NULL);
if(!conf.threadinit){
fprintf(stderr, "semaphore init failed\n");
return 1;
@ -523,6 +529,13 @@ int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int
_3proxy_mutex_init(&conf.threadinit);
#endif
#ifdef WITH_SSL
ssl_install();
#endif
#ifdef WITH_PCRE
pcre_install();
#endif
freeconf(&conf);
res = readconfig(fp);
conf.version++;

126
src/3proxy_crypt.c
View File

@ -5,11 +5,13 @@
please read License Agreement
*/
#include "blake2_compat.h"
#ifdef WITH_SSL
#include <openssl/evp.h>
#ifndef WITHMAIN
#include "libs/md5.h"
/* MD5 needed for $1$ crypt */
#endif
#endif
#include "libs/md4.h"
#include "libs/blake2.h"
#include <string.h>
#define MD5_SIZE 16
@ -24,6 +26,12 @@ void tohex(unsigned char *in, unsigned char *out, int len);
static unsigned char itoa64[] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
#if defined(WITH_SSL)
EVP_MD *md4 = NULL;
EVP_MD *md5 = NULL;
#endif
void
_crypt_to64(unsigned char *s, unsigned long v, int n)
{
@ -34,11 +42,13 @@ _crypt_to64(unsigned char *s, unsigned long v, int n)
}
#ifdef WITH_SSL
unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPassword, int ctohex)
{
unsigned char szUnicodePass[513];
unsigned int nPasswordLen;
MD4_CTX ctx;
EVP_MD_CTX *ctx;
unsigned int len=sizeof(szUnicodePass);
unsigned int i;
/*
@ -53,15 +63,20 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
}
/* Encrypt Unicode password to a 16-byte MD4 hash */
MD4Init(&ctx);
MD4Update(&ctx, szUnicodePass, (nPasswordLen<<1));
MD4Final(szUnicodePass, &ctx);
ctx = EVP_MD_CTX_new();
if(!EVP_DigestInit_ex(ctx, md4, NULL)){
fprintf(stderr, "Failed to init MD4 digest\n");
}
EVP_DigestUpdate(ctx, szUnicodePass, (nPasswordLen<<1));
EVP_DigestFinal_ex(ctx, szUnicodePass, &len);
EVP_MD_CTX_free(ctx);
if (ctohex){
tohex(szUnicodePass, szHash, 16);
}
else memcpy(szHash, szUnicodePass, 16);
return szHash;
}
#endif
unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsigned char *passwd){
@ -74,34 +89,38 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
int sl;
unsigned long l;
#ifndef WITHMAIN
#if defined(WITH_SSL)
if(salt[0] == '$' && salt[1] == '1' && salt[2] == '$' && (ep = (unsigned char *)strchr((char *)salt+3, '$'))) {
MD5_CTX ctx,ctx1;
EVP_MD_CTX *ctx, *ctx1;
unsigned int len;
int pl, i;
sp = salt +3;
sl = (int)(ep - sp);
magic = (unsigned char *)"$1$";
MD5Init(&ctx);
ctx = EVP_MD_CTX_new();
EVP_DigestInit_ex(ctx, md5, NULL);
/* The password first, since that is what is most unknown */
MD5Update(&ctx,pw,strlen((char *)pw));
EVP_DigestUpdate(ctx,pw,strlen((char *)pw));
/* Then our magic string */
MD5Update(&ctx,magic,strlen((char *)magic));
EVP_DigestUpdate(ctx,magic,strlen((char *)magic));
/* Then the raw salt */
MD5Update(&ctx,sp,sl);
EVP_DigestUpdate(ctx,sp,sl);
/* Then just as many unsigned characters of the MD5(pw,salt,pw) */
MD5Init(&ctx1);
MD5Update(&ctx1,pw,strlen((char *)pw));
MD5Update(&ctx1,sp,sl);
MD5Update(&ctx1,pw,strlen((char *)pw));
MD5Final(final,&ctx1);
ctx1 = EVP_MD_CTX_new();
EVP_DigestInit_ex(ctx1, EVP_md5(), NULL);
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
EVP_DigestUpdate(ctx1,sp,sl);
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
EVP_DigestFinal_ex(ctx1,final,&len);
EVP_MD_CTX_free(ctx1);
for(pl = (int)strlen((char *)pw); pl > 0; pl -= MD5_SIZE)
MD5Update(&ctx,final,pl>MD5_SIZE ? MD5_SIZE : pl);
EVP_DigestUpdate(ctx,final,pl>MD5_SIZE ? MD5_SIZE : pl);
/* Don't leave anything around in vm they could use. */
memset(final,0,sizeof final);
@ -109,12 +128,13 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
/* Then something really weird... */
for (i = (int)strlen((char *)pw); i ; i >>= 1)
if(i&1)
MD5Update(&ctx, final, 1);
EVP_DigestUpdate(ctx, final, 1);
else
MD5Update(&ctx, pw, 1);
EVP_DigestUpdate(ctx, pw, 1);
MD5Final(final,&ctx);
EVP_DigestFinal_ex(ctx,final,&len);
EVP_MD_CTX_free(ctx);
/*
* and now, just to make sure things don't run too fast
@ -122,23 +142,25 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
* need 30 seconds to build a 1000 entry dictionary...
*/
for(i=0;i<1000;i++) {
MD5Init(&ctx1);
ctx1 = EVP_MD_CTX_new();
EVP_DigestInit_ex(ctx1, md5, NULL);
if(i & 1)
MD5Update(&ctx1,pw,strlen((char *)pw));
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
else
MD5Update(&ctx1,final,MD5_SIZE);
EVP_DigestUpdate(ctx1,final,MD5_SIZE);
if(i % 3)
MD5Update(&ctx1,sp,sl);
EVP_DigestUpdate(ctx1,sp,sl);
if(i % 7)
MD5Update(&ctx1,pw,strlen((char *)pw));
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
if(i & 1)
MD5Update(&ctx1,final,MD5_SIZE);
EVP_DigestUpdate(ctx1,final,MD5_SIZE);
else
MD5Update(&ctx1,pw,strlen((char *)pw));
MD5Final(final,&ctx1);
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
EVP_DigestFinal_ex(ctx1,final,&len);
EVP_MD_CTX_free(ctx1);
}
@ -151,7 +173,13 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
sp = salt +3;
sl = (int)(ep - sp);
magic = (unsigned char *)"$3$";
blake2b(final, MD5_SIZE, pw, strlen((char *)pw), sp, sl);
{
blake2b_state S;
blake2b_init(&S, MD5_SIZE);
blake2b_update(&S, pw, strlen((char *)pw) + 1);
blake2b_update(&S, sp, sl);
blake2b_final(&S, final, MD5_SIZE);
}
}
else {
*passwd = 0;
@ -180,25 +208,55 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
}
#ifdef WITHMAIN
#ifdef WITH_SSL
OSSL_LIB_CTX *library_ctx = NULL;
#include <openssl/provider.h>
#endif
#include <stdio.h>
int main(int argc, char* argv[]){
unsigned char buf[1024];
unsigned i;
if(argc < 2 || argc > 3) {
fprintf(stderr, "usage: \n"
#ifdef WITH_SSL
"\t%s <password>\n"
#endif
"\t%s <salt> <password>\n"
#ifdef WITH_SSL
"Performs NT crypt if no salt specified, BLAKE2 crypt with salt\n"
#else
"Performs BLAKE2 crypt with salt\n"
#endif
"This software uses:\n"
" RSA Data Security, Inc. MD4 Message-Digest Algorithm\n"
" RSA Data Security, Inc. MD5 Message-Digest Algorithm\n",
#ifdef WITH_SSL
" OpenSSL EVP (MD4, MD5, BLAKE2b)\n"
#else
" BLAKE2 reference implementation\n"
#endif
,
argv[0],
argv[0]);
return 1;
}
#ifdef WITH_SSL
library_ctx = OSSL_LIB_CTX_new();
OSSL_PROVIDER_load(library_ctx, "legacy");
OSSL_PROVIDER_load(library_ctx, "default");
md4 = EVP_MD_fetch(library_ctx, "MD4", NULL);
if (md4 == NULL) {
fprintf(stderr, "Error fetching MD4\n");
}
md5 = EVP_MD_fetch(library_ctx, "MD5", NULL);
if (md5 == NULL) {
fprintf(stderr, "Error fetching MD5\n");
}
#endif
if(argc == 2) {
#ifdef WITH_SSL
printf("NT:%s\n", ntpwdhash(buf, (unsigned char *)argv[1], 1));
#else
fprintf(stderr, "NT crypt not available (compiled without OpenSSL)\n");
#endif
}
else {
i = (int)strlen((char *)argv[1]);

23
src/Makefile.inc
View File

@ -152,21 +152,24 @@ datatypes$(OBJSUFFICS): datatypes.c proxy.h structures.h
3proxy_cryptmain$(OBJSUFFICS): 3proxy_crypt.c
$(CC) $(COUT)3proxy_cryptmain$(OBJSUFFICS) $(CFLAGS) $(DEFINEOPTION)WITHMAIN 3proxy_crypt.c
md4$(OBJSUFFICS): libs/md4.h libs/md4.c
$(CC) $(COUT)md4$(OBJSUFFICS) $(CFLAGS) libs/md4.c
md5$(OBJSUFFICS): libs/md5.h libs/md5.c
$(CC) $(COUT)md5$(OBJSUFFICS) $(CFLAGS) libs/md5.c
blake2$(OBJSUFFICS): libs/blake2.h libs/blake2-impl.h libs/blake2b-ref.c
$(CC) $(COUT)blake2$(OBJSUFFICS) $(CFLAGS) libs/blake2b-ref.c
$(BUILDDIR)$(CRYPT_PREFIX)crypt$(EXESUFFICS): md4$(OBJSUFFICS) blake2$(OBJSUFFICS) 3proxy_cryptmain$(OBJSUFFICS) base64$(OBJSUFFICS)
$(LN) $(LNOUT)$(BUILDDIR)$(CRYPT_PREFIX)crypt$(EXESUFFICS) $(LDFLAGS) md4$(OBJSUFFICS) blake2$(OBJSUFFICS) base64$(OBJSUFFICS) 3proxy_cryptmain$(OBJSUFFICS)
$(BUILDDIR)$(CRYPT_PREFIX)crypt$(EXESUFFICS): blake2$(OBJSUFFICS) 3proxy_cryptmain$(OBJSUFFICS) base64$(OBJSUFFICS)
$(LN) $(LNOUT)$(BUILDDIR)$(CRYPT_PREFIX)crypt$(EXESUFFICS) $(LDFLAGS) blake2$(OBJSUFFICS) base64$(OBJSUFFICS) 3proxy_cryptmain$(OBJSUFFICS) $(LIBS)
stringtable$(OBJSUFFICS): stringtable.c
$(CC) $(COUT)stringtable$(OBJSUFFICS) $(CFLAGS) stringtable.c
$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) acl$(OBJSUFFICS) limiter$(OBJSUFFICS) redirect$(OBJSUFFICS) authradius$(OBJSUFFICS) hash$(OBJSUFFICS) hashtables$(OBJSUFFICS) resolve$(OBJSUFFICS) sql$(OBJSUFFICS) conf$(OBJSUFFICS) log$(OBJSUFFICS) datatypes$(OBJSUFFICS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) blake2$(OBJSUFFICS) 3proxy_crypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(VERSIONDEP)
$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) acl$(OBJSUFFICS) limiter$(OBJSUFFICS) redirect$(OBJSUFFICS) authradius$(OBJSUFFICS) hash$(OBJSUFFICS) hashtables$(OBJSUFFICS) resolve$(OBJSUFFICS) sql$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) log$(OBJSUFFICS) 3proxy_crypt$(OBJSUFFICS) md5$(OBJSUFFICS) blake2$(OBJSUFFICS) md4$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
ssllib$(OBJSUFFICS): ssllib.c
$(CC) $(COUT)ssllib$(OBJSUFFICS) $(CFLAGS) ssllib.c
ssl$(OBJSUFFICS): ssl.c
$(CC) $(COUT)ssl$(OBJSUFFICS) $(CFLAGS) ssl.c
pcre$(OBJSUFFICS): pcre.c
$(CC) $(COUT)pcre$(OBJSUFFICS) $(CFLAGS) $(DEFINEOPTION)WITH_PCRE pcre.c
$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) acl$(OBJSUFFICS) limiter$(OBJSUFFICS) redirect$(OBJSUFFICS) authradius$(OBJSUFFICS) hash$(OBJSUFFICS) hashtables$(OBJSUFFICS) resolve$(OBJSUFFICS) sql$(OBJSUFFICS) conf$(OBJSUFFICS) log$(OBJSUFFICS) datatypes$(OBJSUFFICS) blake2$(OBJSUFFICS) 3proxy_crypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(SSL_OBJS) $(PCRE_OBJS) $(COMPATLIBS) $(VERSIONDEP)
$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) acl$(OBJSUFFICS) limiter$(OBJSUFFICS) redirect$(OBJSUFFICS) authradius$(OBJSUFFICS) hash$(OBJSUFFICS) hashtables$(OBJSUFFICS) resolve$(OBJSUFFICS) sql$(OBJSUFFICS) conf$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvauto$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvtlspr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) common$(OBJSUFFICS) log$(OBJSUFFICS) 3proxy_crypt$(OBJSUFFICS) blake2$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(SSL_OBJS) $(PCRE_OBJS) $(COMPATLIBS) $(LIBS) $(PCRE_LIBS)

2
src/auth.c
View File

@ -223,8 +223,10 @@ int strongauth(struct clientparam * param){
if (!param->pwtype && param->password) {
if (pw_table.ihashtable && hashresolv(&pw_table, param, &dummy, NULL))
return 0;
#ifdef WITH_SSL
if (pwnt_table.ihashtable && hashresolv(&pwnt_table, param, &dummy, NULL))
return 0;
#endif
#ifndef NOCRYPT
if (pwcr_table.ihashtable && hashresolv(&pwcr_table, param, cryptpw, NULL)) {
if (!strcmp(cryptpw, (char *)mycrypt(param->password, (unsigned char *)cryptpw, buf)))

17
src/authradius.c
View File

@ -8,7 +8,7 @@
#ifndef NORADIUS
#include "proxy.h"
#include "libs/md5.h"
#include <openssl/evp.h>
#define AUTH_VECTOR_LEN 16
#define MAX_STRING_LEN 254
@ -183,14 +183,19 @@ char *strNcpy(char *dest, const char *src, int n)
return dest;
}
extern EVP_MD *md4;
extern EVP_MD *md5;
void md5_calc(unsigned char *output, unsigned char *input,
unsigned int inlen)
{
MD5_CTX context;
MD5Init(&context);
MD5Update(&context, input, inlen);
MD5Final(output, &context);
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
unsigned int len = 0;
EVP_DigestInit_ex(ctx, md5, NULL);
EVP_DigestUpdate(ctx, input, inlen);
EVP_DigestFinal_ex(ctx, output, &len);
EVP_MD_CTX_free(ctx);
}

76
src/blake2_compat.h Normal file
View File

@ -0,0 +1,76 @@
#ifndef BLAKE2_COMPAT_H
#define BLAKE2_COMPAT_H
#if defined(WITH_SSL)
#include <openssl/opensslv.h>
#endif
#if defined(WITH_SSL) && OPENSSL_VERSION_NUMBER >= 0x10100000L
#include <openssl/evp.h>
#include <string.h>
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/params.h>
#include <openssl/core_names.h>
#endif
/*
* OpenSSL 1.1.0+ BLAKE2b implementation.
* Provides the same streaming API as libs/blake2.h but uses EVP internally.
*
* OpenSSL 3.0+: uses OSSL_DIGEST_PARAM_SIZE for proper custom output sizes.
* OpenSSL 1.1.x: computes full 64-byte output and truncates in blake2b_final.
*/
typedef EVP_MD_CTX *blake2b_state;
static int blake2b_init(blake2b_state *S, size_t outlen) {
*S = EVP_MD_CTX_new();
if (!*S) return -1;
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
size_t sz = outlen;
OSSL_PARAM params[2];
params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &sz);
params[1] = OSSL_PARAM_construct_end();
if (!EVP_DigestInit_ex2(*S, EVP_blake2b512(), params)) {
#else
(void)outlen;
if (!EVP_DigestInit_ex(*S, EVP_blake2b512(), NULL)) {
#endif
EVP_MD_CTX_free(*S);
*S = NULL;
return -1;
}
return 0;
}
static int blake2b_update(blake2b_state *S, const void *in, size_t inlen) {
if (inlen == 0) return 0;
return EVP_DigestUpdate(*S, in, inlen) ? 0 : -1;
}
static int blake2b_final(blake2b_state *S, void *out, size_t outlen) {
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
unsigned int len = 0;
int ret = EVP_DigestFinal_ex(*S, out, &len) ? 0 : -1;
#else
unsigned char tmp[64];
unsigned int len = 0;
int ret = EVP_DigestFinal_ex(*S, tmp, &len) ? 0 : -1;
if (ret == 0) memcpy(out, tmp, outlen);
#endif
EVP_MD_CTX_free(*S);
*S = NULL;
return ret;
}
#else
#include "libs/blake2.h"
#endif
#endif /* BLAKE2_COMPAT_H */

36
src/conf.c
View File

@ -7,6 +7,12 @@
*/
#include "proxy.h"
#ifdef WITH_SSL
void ssl_install(void);
#endif
#ifdef WITH_PCRE
void pcre_install(void);
#endif
#ifndef _WIN32
#include <sys/resource.h>
#include <pwd.h>
@ -153,6 +159,7 @@ int start_proxy_thread(struct child * chp){
HANDLE h;
#endif
_3proxy_sem_lock(conf.threadinit);
#ifdef _WIN32
#ifndef _WINCE
h = (HANDLE)_beginthreadex((LPSECURITY_ATTRIBUTES )NULL, 16384+conf.stacksize, (void *)startsrv, (void *) chp, (DWORD)0, &thread);
@ -164,16 +171,11 @@ int start_proxy_thread(struct child * chp){
pthread_attr_init(&pa);
pthread_attr_setstacksize(&pa,PTHREAD_STACK_MIN + (32768+conf.stacksize));
pthread_attr_setdetachstate(&pa,PTHREAD_CREATE_DETACHED);
_3proxy_mutex_lock(&conf.threadinit);
pthread_create(&thread, &pa, startsrv, (void *)chp);
pthread_attr_destroy(&pa);
#endif
#ifdef _WIN32
WaitForSingleObject(conf.threadinit, INFINITE);
#else
_3proxy_mutex_lock(&conf.threadinit);
_3proxy_mutex_unlock(&conf.threadinit);
#endif
_3proxy_sem_lock(conf.threadinit);
_3proxy_sem_unlock(conf.threadinit);
if(haveerror) {
fprintf(stderr, "Service not started on line: %d%s\n", linenum, haveerror == 2? ": insufficient memory":"");
return(40);
@ -530,9 +532,11 @@ static int h_users(int argc, unsigned char **argv){
if (arg[1] && arg[2] && arg[3] == ':') {
pw[1] = (char *)(arg + 4);
if (arg[1] == 'N' && arg[2] == 'T') {
#ifdef WITH_SSL
if (!pwnt_table.ihashtable && inithashtable(&pwnt_table, 16, 32, 1048576))
return 3;
hashadd(&pwnt_table, pw, &dummy, MAX_COUNTER_TIME);
#endif
continue;
}
if (arg[1] == 'C' && arg[2] == 'R') {
@ -1451,6 +1455,16 @@ static int h_authcache(int argc, unsigned char **argv){
}
static int h_plugin(int argc, unsigned char **argv){
#ifdef WITH_SSL
if(argc >= 3 && !strcmp((char *)argv[2], "ssl_plugin")){
return 0;
}
#endif
#ifdef WITH_PCRE
if(argc >= 3 && !strcmp((char *)argv[2], "pcre_plugin")){
return 0;
}
#endif
#ifdef NOPLUGINS
return 999;
#else
@ -1879,7 +1893,9 @@ void freeconf(struct extparam *confp){
_3proxy_mutex_unlock(&connlim_mutex);
destroyhashtable(&pw_table);
#ifdef WITH_SSL
destroyhashtable(&pwnt_table);
#endif
destroyhashtable(&pwcr_table);
confp->logfunc = lognone;
@ -1950,6 +1966,12 @@ int reload (void){
int error = -2;
_3proxy_mutex_lock(&config_mutex);
#ifdef WITH_SSL
ssl_install();
#endif
#ifdef WITH_PCRE
pcre_install();
#endif
conf.paused++;
freeconf(&conf);
conf.paused++;

18
src/hashtables.c
View File

@ -1,11 +1,13 @@
#include "proxy.h"
#include "libs/blake2.h"
#include "blake2_compat.h"
static void char_index2hash(const struct hashtable *ht, void *index, uint8_t *hash){
char* name = index;
blake2b_state S;
blake2b(hash, ht->hash_size, index, strlen((const char*)index), NULL, 0);
blake2b_init(&S, ht->hash_size);
blake2b_update(&S, index, strlen((const char*)index) + 1);
blake2b_final(&S, hash, ht->hash_size);
}
static void param2hash_add(const struct hashtable *ht, void *index, uint8_t *hash){
@ -36,7 +38,11 @@ void param2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
static void user2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
struct clientparam *param = (struct clientparam *)index;
blake2b(hash, ht->hash_size, param->username, strlen((const char *)param->username), NULL, 0);
blake2b_state S;
blake2b_init(&S, ht->hash_size);
blake2b_update(&S, param->username, strlen((const char *)param->username) + 1);
blake2b_final(&S, hash, ht->hash_size);
}
static void udpparam2hash(const struct hashtable *ht, void *index, uint8_t *hash){
@ -80,6 +86,7 @@ static void pwnt2hash_add(const struct hashtable *ht, void *index, uint8_t *hash
}
#ifdef WITH_SSL
static void pwnt2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
struct clientparam *param = (struct clientparam *)index;
unsigned char pass[40];
@ -88,6 +95,7 @@ static void pwnt2hash_search(const struct hashtable *ht, void *index, uint8_t *h
ntpwdhash(pass, param->password, 1);
pwnt2hash_add(ht, pw, hash);
}
#endif
@ -95,5 +103,7 @@ struct hashtable dns_table = {char_index2hash, char_index2hash, 4, 12};
struct hashtable dns6_table = {char_index2hash, char_index2hash, 16, 12};
struct hashtable auth_table = {param2hash_add, param2hash_search, sizeof(struct authcache), 12};
struct hashtable pw_table = {pw2hash_add, pw2hash_search, 0, 12};
#ifdef WITH_SSL
struct hashtable pwnt_table = {pwnt2hash_add, pwnt2hash_search, 0, 12};
#endif
struct hashtable pwcr_table = {char_index2hash, user2hash_search, 64, 12};

290
src/libs/md4.c
View File

@ -1,290 +0,0 @@
/*
* md4c.c MD4 message-digest algorithm
*
* License to copy and use this software is granted provided that it
* is identified as the "RSA Data Security, Inc. MD4 Message-Digest
* Algorithm" in all material mentioning or referencing this software
* or this function.
*
* License is also granted to make and use derivative works provided
* that such works are identified as "derived from the RSA Data
* Security, Inc. MD4 Message-Digest Algorithm" in all material
* mentioning or referencing the derived work.
*
* RSA Data Security, Inc. makes no representations concerning either
* the merchantability of this software or the suitability of this
* software for any particular purpose. It is provided "as is"
* without express or implied warranty of any kind.
*
* These notices must be retained in any copies of any part of this
* documentation and/or software.
*
* Copyright 1990,1991,1992 RSA Data Security, Inc.
*/
#include "md4.h"
/* Constants for MD4Transform routine.
*/
#define S11 3
#define S12 7
#define S13 11
#define S14 19
#define S21 3
#define S22 5
#define S23 9
#define S24 13
#define S31 3
#define S32 9
#define S33 11
#define S34 15
static void MD4Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
static void Encode PROTO_LIST
((unsigned char *, UINT4 *, unsigned int));
static void Decode PROTO_LIST
((UINT4 *, unsigned char *, unsigned int));
static void MD4_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
static void MD4_memset PROTO_LIST ((POINTER, int, unsigned int));
static unsigned char PADDING[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
/* F, G and H are basic MD4 functions.
*/
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
#define H(x, y, z) ((x) ^ (y) ^ (z))
/* ROTATE_LEFT rotates x left n bits.
*/
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
/* FF, GG and HH are transformations for rounds 1, 2 and 3 */
/* Rotation is separate from addition to prevent recomputation */
#define FF(a, b, c, d, x, s) { \
(a) += F ((b), (c), (d)) + (x); \
(a) = ROTATE_LEFT ((a), (s)); \
}
#define GG(a, b, c, d, x, s) { \
(a) += G ((b), (c), (d)) + (x) + (UINT4)0x5a827999; \
(a) = ROTATE_LEFT ((a), (s)); \
}
#define HH(a, b, c, d, x, s) { \
(a) += H ((b), (c), (d)) + (x) + (UINT4)0x6ed9eba1; \
(a) = ROTATE_LEFT ((a), (s)); \
}
void md4_calc(unsigned char *output, unsigned char *input, unsigned inlen)
{
MD4_CTX context;
MD4Init(&context);
MD4Update(&context, input, inlen);
MD4Final(output, &context);
}
/* MD4 initialization. Begins an MD4 operation, writing a new context.
*/
void MD4Init ( MD4_CTX *context)
{
context->count[0] = context->count[1] = 0;
/* Load magic initialization constants.
*/
context->state[0] = 0x67452301;
context->state[1] = 0xefcdab89;
context->state[2] = 0x98badcfe;
context->state[3] = 0x10325476;
}
/* MD4 block update operation. Continues an MD4 message-digest
operation, processing another message block, and updating the
context.
*/
void MD4Update (MD4_CTX *context, unsigned char *input, unsigned inputLen)
{
unsigned int i, index, partLen;
/* Compute number of bytes mod 64 */
index = (unsigned int)((context->count[0] >> 3) & 0x3F);
/* Update number of bits */
if ((context->count[0] += ((UINT4)inputLen << 3))
< ((UINT4)inputLen << 3))
context->count[1]++;
context->count[1] += ((UINT4)inputLen >> 29);
partLen = 64 - index;
/* Transform as many times as possible.
*/
if (inputLen >= partLen) {
MD4_memcpy
((POINTER)&context->buffer[index], (POINTER)input, partLen);
MD4Transform (context->state, context->buffer);
for (i = partLen; i + 63 < inputLen; i += 64)
MD4Transform (context->state, &input[i]);
index = 0;
}
else
i = 0;
/* Buffer remaining input */
MD4_memcpy
((POINTER)&context->buffer[index], (POINTER)&input[i],
inputLen-i);
}
/* MD4 finalization. Ends an MD4 message-digest operation, writing the
the message digest and zeroizing the context.
*/
void MD4Final (unsigned char digest[16], MD4_CTX *context)
{
unsigned char bits[8];
unsigned int index, padLen;
/* Save number of bits */
Encode (bits, context->count, 8);
/* Pad out to 56 mod 64.
*/
index = (unsigned int)((context->count[0] >> 3) & 0x3f);
padLen = (index < 56) ? (56 - index) : (120 - index);
MD4Update (context, PADDING, padLen);
/* Append length (before padding) */
MD4Update (context, bits, 8);
/* Store state in digest */
Encode (digest, context->state, 16);
/* Zeroize sensitive information.
*/
MD4_memset ((POINTER)context, 0, sizeof (*context));
}
/* MD4 basic transformation. Transforms state based on block.
*/
static void MD4Transform (UINT4 state[4], unsigned char block[64])
{
UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
Decode (x, block, 64);
/* Round 1 */
FF (a, b, c, d, x[ 0], S11); /* 1 */
FF (d, a, b, c, x[ 1], S12); /* 2 */
FF (c, d, a, b, x[ 2], S13); /* 3 */
FF (b, c, d, a, x[ 3], S14); /* 4 */
FF (a, b, c, d, x[ 4], S11); /* 5 */
FF (d, a, b, c, x[ 5], S12); /* 6 */
FF (c, d, a, b, x[ 6], S13); /* 7 */
FF (b, c, d, a, x[ 7], S14); /* 8 */
FF (a, b, c, d, x[ 8], S11); /* 9 */
FF (d, a, b, c, x[ 9], S12); /* 10 */
FF (c, d, a, b, x[10], S13); /* 11 */
FF (b, c, d, a, x[11], S14); /* 12 */
FF (a, b, c, d, x[12], S11); /* 13 */
FF (d, a, b, c, x[13], S12); /* 14 */
FF (c, d, a, b, x[14], S13); /* 15 */
FF (b, c, d, a, x[15], S14); /* 16 */
/* Round 2 */
GG (a, b, c, d, x[ 0], S21); /* 17 */
GG (d, a, b, c, x[ 4], S22); /* 18 */
GG (c, d, a, b, x[ 8], S23); /* 19 */
GG (b, c, d, a, x[12], S24); /* 20 */
GG (a, b, c, d, x[ 1], S21); /* 21 */
GG (d, a, b, c, x[ 5], S22); /* 22 */
GG (c, d, a, b, x[ 9], S23); /* 23 */
GG (b, c, d, a, x[13], S24); /* 24 */
GG (a, b, c, d, x[ 2], S21); /* 25 */
GG (d, a, b, c, x[ 6], S22); /* 26 */
GG (c, d, a, b, x[10], S23); /* 27 */
GG (b, c, d, a, x[14], S24); /* 28 */
GG (a, b, c, d, x[ 3], S21); /* 29 */
GG (d, a, b, c, x[ 7], S22); /* 30 */
GG (c, d, a, b, x[11], S23); /* 31 */
GG (b, c, d, a, x[15], S24); /* 32 */
/* Round 3 */
HH (a, b, c, d, x[ 0], S31); /* 33 */
HH (d, a, b, c, x[ 8], S32); /* 34 */
HH (c, d, a, b, x[ 4], S33); /* 35 */
HH (b, c, d, a, x[12], S34); /* 36 */
HH (a, b, c, d, x[ 2], S31); /* 37 */
HH (d, a, b, c, x[10], S32); /* 38 */
HH (c, d, a, b, x[ 6], S33); /* 39 */
HH (b, c, d, a, x[14], S34); /* 40 */
HH (a, b, c, d, x[ 1], S31); /* 41 */
HH (d, a, b, c, x[ 9], S32); /* 42 */
HH (c, d, a, b, x[ 5], S33); /* 43 */
HH (b, c, d, a, x[13], S34); /* 44 */
HH (a, b, c, d, x[ 3], S31); /* 45 */
HH (d, a, b, c, x[11], S32); /* 46 */
HH (c, d, a, b, x[ 7], S33); /* 47 */
HH (b, c, d, a, x[15], S34); /* 48 */
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
/* Zeroize sensitive information.
*/
MD4_memset ((POINTER)x, 0, sizeof (x));
}
/* Encodes input (UINT4) into output (unsigned char). Assumes len is
a multiple of 4.
*/
static void Encode (unsigned char *output, UINT4 *input, unsigned len)
{
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4) {
output[j] = (unsigned char)(input[i] & 0xff);
output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
}
}
/* Decodes input (unsigned char) into output (UINT4). Assumes len is
a multiple of 4.
*/
static void Decode (UINT4 *output, unsigned char *input, unsigned len)
{
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
(((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
}
/* Note: Replace "for loop" with standard memcpy if possible.
*/
static void MD4_memcpy (POINTER output, POINTER input, unsigned len)
{
unsigned int i;
for (i = 0; i < len; i++)
output[i] = input[i];
}
/* Note: Replace "for loop" with standard memset if possible.
*/
static void MD4_memset (POINTER output, int value, unsigned len)
{
unsigned int i;
for (i = 0; i < len; i++)
((char *)output)[i] = (char)value;
}

83
src/libs/md4.h
View File

@ -1,83 +0,0 @@
#ifndef _LRAD_MD4_H
#define _LRAD_MD4_H
#ifndef _LRAD_PROTO_H
#define _LRAD_PROTO_H
/* GLOBAL.H - RSAREF types and constants
*/
/* PROTOTYPES should be set to one if and only if the compiler supports
function argument prototyping.
The following makes PROTOTYPES default to 0 if it has not already
been defined with C compiler flags.
*/
#ifndef PROTOTYPES
# if __STDC__
# define PROTOTYPES 1
# else
# define PROTOTYPES 0
# endif
#endif
/* POINTER defines a generic pointer type */
typedef unsigned char *POINTER;
#define _POINTER_T
/* UINT2 defines a two byte word */
typedef unsigned short int UINT2;
#define _UINT2_T
/* UINT4 defines a four byte word */
typedef unsigned int UINT4;
#define _UINT4_T
/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
returns an empty list.
*/
#if PROTOTYPES
#define PROTO_LIST(list) list
#else
#define PROTO_LIST(list) ()
#endif
#endif /* _LRAD_PROTO_H */
/* MD4.H - header file for MD4C.C
*/
/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
rights reserved.
License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD4 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function.
License is also granted to make and use derivative works provided
that such works are identified as "derived from the RSA Data
Security, Inc. MD4 Message-Digest Algorithm" in all material
mentioning or referencing the derived work.
RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this
documentation and/or software.
*/
/* MD4 context. */
typedef struct {
UINT4 state[4]; /* state (ABCD) */
UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */
unsigned char buffer[64]; /* input buffer */
} MD4_CTX;
void md4_calc (unsigned char *, unsigned char *, unsigned int);
void MD4Init PROTO_LIST ((MD4_CTX *));
void MD4Update PROTO_LIST
((MD4_CTX *, unsigned char *, unsigned int));
void MD4Final PROTO_LIST ((unsigned char [16], MD4_CTX *));
#endif /* _LRAD_MD4_H */

325
src/libs/md5.c
View File

@ -1,325 +0,0 @@
/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
*/
/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
rights reserved.
License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function.
License is also granted to make and use derivative works provided
that such works are identified as "derived from the RSA Data
Security, Inc. MD5 Message-Digest Algorithm" in all material
mentioning or referencing the derived work.
RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this
documentation and/or software.
*/
#include "md5.h"
/* Constants for MD5Transform routine.
*/
#define S11 7
#define S12 12
#define S13 17
#define S14 22
#define S21 5
#define S22 9
#define S23 14
#define S24 20
#define S31 4
#define S32 11
#define S33 16
#define S34 23
#define S41 6
#define S42 10
#define S43 15
#define S44 21
void librad_md5_calc(unsigned char *output, unsigned char *input,
unsigned int inputlen);
static void MD5Transform PROTO_LIST ((UINT4 [4], const unsigned char [64]));
static void Encode PROTO_LIST
((unsigned char *, UINT4 *, unsigned int));
static void Decode PROTO_LIST
((UINT4 *, const unsigned char *, unsigned int));
static void MD5_memcpy PROTO_LIST ((POINTER, CONSTPOINTER, unsigned int));
static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
static const unsigned char PADDING[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
/* F, G, H and I are basic MD5 functions.
*/
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
#define H(x, y, z) ((x) ^ (y) ^ (z))
#define I(x, y, z) ((y) ^ ((x) | (~z)))
/* ROTATE_LEFT rotates x left n bits.
*/
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
Rotation is separate from addition to prevent recomputation.
*/
#define FF(a, b, c, d, x, s, ac) { \
(a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
#define GG(a, b, c, d, x, s, ac) { \
(a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
#define HH(a, b, c, d, x, s, ac) { \
(a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
#define II(a, b, c, d, x, s, ac) { \
(a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \
(a) += (b); \
}
void librad_md5_calc(unsigned char *output, unsigned char *input,
unsigned int inlen)
{
MD5_CTX context;
MD5Init(&context);
MD5Update(&context, input, inlen);
MD5Final(output, &context);
}
/* MD5 initialization. Begins an MD5 operation, writing a new context.
*/
void MD5Init (MD5_CTX *context)
{
context->count[0] = context->count[1] = 0;
/* Load magic initialization constants.
*/
context->state[0] = 0x67452301;
context->state[1] = 0xefcdab89;
context->state[2] = 0x98badcfe;
context->state[3] = 0x10325476;
}
/* MD5 block update operation. Continues an MD5 message-digest
operation, processing another message block, and updating the
context.
*/
void MD5Update (MD5_CTX *context, const unsigned char *input, unsigned inputLen)
{
unsigned int i, index, partLen;
/* Compute number of bytes mod 64 */
index = (unsigned int)((context->count[0] >> 3) & 0x3F);
/* Update number of bits */
if ((context->count[0] += ((UINT4)inputLen << 3))
< ((UINT4)inputLen << 3))
context->count[1]++;
context->count[1] += ((UINT4)inputLen >> 29);
partLen = 64 - index;
/* Transform as many times as possible.
*/
if (inputLen >= partLen) {
MD5_memcpy
((POINTER)&context->buffer[index], (CONSTPOINTER)input, partLen);
MD5Transform (context->state, context->buffer);
for (i = partLen; i + 63 < inputLen; i += 64)
MD5Transform (context->state, &input[i]);
index = 0;
}
else
i = 0;
/* Buffer remaining input */
MD5_memcpy
((POINTER)&context->buffer[index], (CONSTPOINTER)&input[i],
inputLen-i);
}
/* MD5 finalization. Ends an MD5 message-digest operation, writing the
the message digest and zeroizing the context.
*/
void MD5Final (unsigned char digest[16], MD5_CTX *context)
{
unsigned char bits[8];
unsigned int index, padLen;
/* Save number of bits */
Encode (bits, context->count, 8);
/* Pad out to 56 mod 64.
*/
index = (unsigned int)((context->count[0] >> 3) & 0x3f);
padLen = (index < 56) ? (56 - index) : (120 - index);
MD5Update (context, PADDING, padLen);
/* Append length (before padding) */
MD5Update (context, bits, 8);
/* Store state in digest */
Encode (digest, context->state, 16);
/* Zeroize sensitive information.
*/
MD5_memset ((POINTER)context, 0, sizeof (*context));
}
/* MD5 basic transformation. Transforms state based on block.
*/
static void MD5Transform (UINT4 state[4], const unsigned char block[64])
{
UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
Decode (x, block, 64);
/* Round 1 */
FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
/* Round 2 */
GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
/* Round 3 */
HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
/* Round 4 */
II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
/* Zeroize sensitive information.
*/
MD5_memset ((POINTER)x, 0, sizeof (x));
}
/* Encodes input (UINT4) into output (unsigned char). Assumes len is
a multiple of 4.
*/
static void Encode (unsigned char *output, UINT4 *input, unsigned len)
{
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4) {
output[j] = (unsigned char)(input[i] & 0xff);
output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
}
}
/* Decodes input (unsigned char) into output (UINT4). Assumes len is
a multiple of 4.
*/
static void Decode (UINT4 *output, const unsigned char *input, unsigned len)
{
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
(((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
}
/* Note: Replace "for loop" with standard memcpy if possible.
*/
static void MD5_memcpy (POINTER output, CONSTPOINTER input, unsigned len)
{
unsigned int i;
for (i = 0; i < len; i++)
output[i] = input[i];
}
/* Note: Replace "for loop" with standard memset if possible.
*/
static void MD5_memset (POINTER output, int value, unsigned len)
{
unsigned int i;
for (i = 0; i < len; i++)
((char *)output)[i] = (char)value;
}

94
src/libs/md5.h
View File

@ -1,94 +0,0 @@
#ifndef _LRAD_MD5_H
#define _LRAD_MD5_H
#ifndef _LRAD_PROTO_H
#define _LRAD_PROTO_H
/* GLOBAL.H - RSAREF types and constants
*/
/* PROTOTYPES should be set to one if and only if the compiler supports
function argument prototyping.
The following makes PROTOTYPES default to 0 if it has not already
been defined with C compiler flags.
*/
#ifndef PROTOTYPES
# if __STDC__
# define PROTOTYPES 1
# else
# define PROTOTYPES 0
# endif
#endif
/* POINTER defines a generic pointer type */
#ifndef _POINTER_T
typedef unsigned char *POINTER;
#endif
typedef const unsigned char *CONSTPOINTER;
/* UINT2 defines a two byte word */
#ifndef _UINT2_T
typedef unsigned short int UINT2;
#endif
/* UINT4 defines a four byte word */
#ifndef _UINT4_T
typedef unsigned int UINT4;
#endif
/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
returns an empty list.
*/
#if PROTOTYPES
#define PROTO_LIST(list) list
#else
#define PROTO_LIST(list) ()
#endif
#endif /* _LRAD_PROTO_H */
/*
* FreeRADIUS defines to ensure globally unique MD5 function names,
* so that we don't pick up vendor-specific broken MD5 libraries.
*/
#define MD5_CTX librad_MD5_CTX
#define MD5Init librad_MD5Init
#define MD5Update librad_MD5Update
#define MD5Final librad_MD5Final
/* MD5.H - header file for MD5C.C
*/
/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
rights reserved.
License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function.
License is also granted to make and use derivative works provided
that such works are identified as "derived from the RSA Data
Security, Inc. MD5 Message-Digest Algorithm" in all material
mentioning or referencing the derived work.
RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this
documentation and/or software.
*/
/* MD5 context. */
typedef struct {
UINT4 state[4]; /* state (ABCD) */
UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */
unsigned char buffer[64]; /* input buffer */
} MD5_CTX;
void MD5Init PROTO_LIST ((MD5_CTX *));
void MD5Update PROTO_LIST
((MD5_CTX *, const unsigned char *, unsigned int));
void MD5Final PROTO_LIST ((unsigned char [16], MD5_CTX *));
#endif /* _LRAD_MD5_H */

19
src/plugins/PCREPlugin/pcre_plugin.c → src/pcre.c
View File

@ -5,7 +5,7 @@
*/
#include "../../structures.h"
#include "structures.h"
#include <string.h>
#define PCRE2_CODE_UNIT_WIDTH 8
#define PCRE2_STATIC
@ -261,7 +261,7 @@ static int h_pcre(int argc, unsigned char **argv){
PCRE2_SIZE erroffset;
struct pcre_filter_data *flt;
struct filter *newf;
char *replace = NULL;
char * replace = NULL;
if(!strncmp((char *)argv[2], "allow",5)) action = PASS;
else if(!strncmp((char *)argv[2], "deny",4)) action = REJECT;
@ -368,7 +368,7 @@ static int h_pcre_rewrite(int argc, unsigned char **argv){
PCRE2_SIZE erroffset;
struct pcre_filter_data *flt;
struct filter *newf;
char *replace = NULL;
char * replace = NULL;
if(!strncmp((char *)argv[2], "allow",5)) action = PASS;
else if(!strncmp((char *)argv[2], "deny",4)) action = REJECT;
@ -503,17 +503,11 @@ static struct symbol regexp_symbols[] = {
{NULL, "pcre_options", (void *)&pcre_options},
};
#ifdef WATCOM
#pragma aux pcre_plugin "*" parm caller [ ] value struct float struct routine [eax] modify [eax ecx edx]
#undef PLUGINCALL
#define PLUGINCALL
#endif
PLUGINAPI int PLUGINCALL pcre_plugin (struct pluginlink * pluginlink,
int argc, char** argv){
void pcre_install(void){
struct filter *flt, *tmpflt;
pl = pluginlink;
pl = &pluginlink;
pcre_options = 0;
if(!pcre_loaded){
pcre_loaded = 1;
@ -537,9 +531,8 @@ PLUGINAPI int PLUGINCALL pcre_plugin (struct pluginlink * pluginlink,
}
}
pcre_last_filter = NULL;
return 0;
}
#ifdef __cplusplus
}
#endif

6
src/pcre.h Normal file
View File

@ -0,0 +1,6 @@
#ifndef __pcre_h__
#define __pcre_h__
void pcre_install(void);
#endif /* __pcre_h__ */

20
src/plugins/PCREPlugin/CMakeLists.txt
View File

@ -1,20 +0,0 @@
# PCREPlugin - requires PCRE2
if(NOT PCRE2_FOUND)
message(STATUS "PCREPlugin requires PCRE2, skipping")
return()
endif()
add_3proxy_plugin(PCREPlugin
SOURCES pcre_plugin.c
COMPILE_DEFINITIONS PCRE2_CODE_UNIT_WIDTH=8
)
if(TARGET PCRE2::PCRE2)
target_link_libraries(PCREPlugin PRIVATE PCRE2::PCRE2)
else()
target_link_libraries(PCREPlugin PRIVATE ${PCRE2_LIBRARIES})
if(PCRE2_INCLUDE_DIRS)
target_include_directories(PCREPlugin PRIVATE ${PCRE2_INCLUDE_DIRS})
endif()
endif()

1
src/plugins/PCREPlugin/Makefile
View File

@ -1 +0,0 @@
include Makefile.var

8
src/plugins/PCREPlugin/Makefile.inc
View File

@ -1,8 +0,0 @@
all: $(BUILDDIR)PCREPlugin$(DLSUFFICS)
pcre_plugin$(OBJSUFFICS): pcre_plugin.c
$(CC) $(DCFLAGS) $(CFLAGS) pcre_plugin.c
$(BUILDDIR)PCREPlugin$(DLSUFFICS): pcre_plugin$(OBJSUFFICS)
$(LN) $(LNOUT)../../$(BUILDDIR)PCREPlugin$(DLSUFFICS) $(LDFLAGS) $(DLFLAGS) pcre_plugin$(OBJSUFFICS) $(LIBSPREFIX)pcre2-8$(LIBSSUFFIX)

17
src/plugins/SSLPlugin/CMakeLists.txt
View File

@ -1,17 +0,0 @@
# SSLPlugin - requires OpenSSL
if(NOT TARGET OpenSSL::SSL)
message(STATUS "SSLPlugin requires OpenSSL, skipping")
return()
endif()
add_3proxy_plugin(SSLPlugin
SOURCES
ssl_plugin.c
my_ssl.c
LIBRARIES
OpenSSL::SSL
OpenSSL::Crypto
COMPILE_DEFINITIONS
WITH_SSL
)

1
src/plugins/SSLPlugin/Makefile
View File

@ -1 +0,0 @@
include Makefile.var

14
src/plugins/SSLPlugin/Makefile.inc
View File

@ -1,14 +0,0 @@
all: $(BUILDDIR)SSLPlugin$(DLSUFFICS)
ssl_plugin$(OBJSUFFICS): ssl_plugin.c
$(CC) $(DCFLAGS) $(CFLAGS) ssl_plugin.c
my_ssl$(OBJSUFFICS): my_ssl.c
$(CC) $(DCFLAGS) $(CFLAGS) my_ssl.c
$(BUILDDIR)SSLPlugin$(DLSUFFICS): ssl_plugin$(OBJSUFFICS) my_ssl$(OBJSUFFICS)
$(LN) $(LNOUT)../../$(BUILDDIR)SSLPlugin$(DLSUFFICS) $(LDFLAGS) $(DLFLAGS) ssl_plugin$(OBJSUFFICS) my_ssl$(OBJSUFFICS) $(LIBS)

17
src/proxy.h
View File

@ -15,6 +15,12 @@
#ifndef _3PROXY_H_
#define _3PROXY_H_
#include "version.h"
#ifndef WITH_SSL
#ifndef NORADIUS
#define NORADIUS
#endif
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -232,12 +238,23 @@ extern int paused;
extern int demon;
unsigned char * mycrypt(const unsigned char *key, const unsigned char *salt, unsigned char *buf);
#ifdef WITH_SSL
unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPassword, int tohex);
#endif
int de64 (const unsigned char *in, unsigned char *out, int maxlen);
unsigned char* en64 (const unsigned char *in, unsigned char *out, int inlen);
void tohex(unsigned char *in, unsigned char *out, int len);
void fromhex(unsigned char *in, unsigned char *out, int len);
#ifdef _WIN32
extern HANDLE udpinit;
#define _3proxy_sem_lock(x) WaitForSingleObject(x, INFINITE)
#define _3proxy_sem_unlock(x) ReleaseSemaphore(x, 1, NULL)
#else
extern _3proxy_mutex_t udpinit;
#define _3proxy_sem_lock(x) pthread_mutex_lock(&x)
#define _3proxy_sem_unlock(x) pthread_mutex_unlock(&x)
#endif
int ftplogin(struct clientparam *param, char *buf, int *inbuf);

110
src/proxymain.c
View File

@ -115,16 +115,6 @@ void * threadfunc (void *p) {
}
#undef param
int pushthreadinit(){
#ifdef _WIN32
return ReleaseSemaphore(conf.threadinit, 1, NULL) ? 1 : 0;
#else
_3proxy_mutex_unlock(&conf.threadinit);
return 1;
#endif
}
struct socketoptions sockopts[] = {
#ifdef TCP_NODELAY
{TCP_NODELAY, "TCP_NODELAY"},
@ -262,7 +252,7 @@ int MODULEMAINFUNC (int argc, char** argv){
char *hostname=NULL;
int opt = 1, isudp = 0, iscbl = 0, iscbc = 0;
#ifndef NOUDPMAIN
unsigned char udpbuf[UDPBUFSIZE];
unsigned char *udpbuf = NULL;
int udplen = 0;
#endif
unsigned char *cbc_string = NULL, *cbl_string = NULL;
@ -353,6 +343,7 @@ int MODULEMAINFUNC (int argc, char** argv){
#ifndef NOUDPMAIN
if(isudp) {
if(!udp_table.ihashtable)inithashtable(&udp_table, 64, 256, 65536);
if(!(udpbuf = myalloc(UDPBUFSIZE))) return 21;
}
#endif
srv.service = defparam.service = childdef.service;
@ -567,7 +558,7 @@ int MODULEMAINFUNC (int argc, char** argv){
if (error || i!=argc) {
#ifndef STDMAIN
haveerror = 1;
pushthreadinit();
_3proxy_sem_unlock(conf.threadinit);
#endif
fprintf(stderr, "%s of %s\n"
"Usage: %s options\n"
@ -599,7 +590,7 @@ int MODULEMAINFUNC (int argc, char** argv){
if (error || argc != i+3 || *argv[i]=='-'|| (*SAPORT(&srv.intsa) = htons((uint16_t)atoi(argv[i])))==0 || (srv.targetport = htons((uint16_t)atoi(argv[i+2])))==0) {
#ifndef STDMAIN
haveerror = 1;
pushthreadinit();
_3proxy_sem_unlock(conf.threadinit);
#endif
fprintf(stderr, "%s of %s\n"
"Usage: %s options"
@ -665,7 +656,7 @@ int MODULEMAINFUNC (int argc, char** argv){
#ifndef STDMAIN
copyfilter(conf.filters, &srv);
pushthreadinit();
_3proxy_sem_unlock(conf.threadinit);
#endif
@ -937,19 +928,23 @@ int MODULEMAINFUNC (int argc, char** argv){
struct clientparam *toparam;
udplen = sockrecvfrom(NULL, srv.srvsock, (struct sockaddr *)&defparam.sincr, udpbuf, UDPBUFSIZE, 0);
if(udplen <= 0) continue;
_3proxy_mutex_lock(&srv.counter_mutex);
_3proxy_sem_lock(udpinit);
if(hashresolv(&udp_table, &defparam, &toparam, NULL)) {
socksendto(toparam, toparam->remsock, (struct sockaddr *)&toparam->sinsr, udpbuf, udplen, 0);
_3proxy_sem_unlock(udpinit);
toparam->statscli64 += udplen;
toparam->nwrites++;
_3proxy_mutex_unlock(&srv.counter_mutex);
continue;
}
_3proxy_mutex_unlock(&srv.counter_mutex);
}
#endif
if(! (newparam = myalloc (sizeof(defparam)))){
if(!isudp) srv.so._closesocket(srv.so.state, new_sock);
#ifndef NOUDPMAIN
else {
_3proxy_sem_unlock(udpinit);
}
#endif
defparam.res = 21;
if(!srv.silent)dolog(&defparam, (unsigned char *)"Memory Allocation Failed");
usleep(SLEEPTIME);
@ -962,36 +957,24 @@ int MODULEMAINFUNC (int argc, char** argv){
#ifndef STDMAIN
if(makefilters(&srv, newparam) > CONTINUE){
freeparam(newparam);
#ifndef NOUDPMAIN
if(isudp) {
_3proxy_sem_unlock(udpinit);
}
#endif
continue;
}
#endif
#ifndef NOUDPMAIN
if(isudp) {
int authres;
if(parsehostname((char *)srv.target, newparam, ntohs(srv.targetport))) { freeparam(newparam); continue; }
#ifndef NOIPV6
memcpy(&newparam->sinsl, *SAFAMILY(&newparam->req) == AF_INET6 ? (struct sockaddr *)&srv.extsa6 : (struct sockaddr *)&srv.extsa, SASIZE(&newparam->req));
#else
memcpy(&newparam->sinsl, (struct sockaddr *)&srv.extsa, SASIZE(&newparam->req));
#endif
*SAPORT(&newparam->sinsl) = 0;
newparam->remsock = srv.so._socket(srv.so.state, SASOCK(&newparam->sinsl), SOCK_DGRAM, IPPROTO_UDP);
if(newparam->remsock == INVALID_SOCKET) { freeparam(newparam); continue; }
if(srv.so._bind(srv.so.state, newparam->remsock, (struct sockaddr *)&newparam->sinsl, SASIZE(&newparam->sinsl))) { freeparam(newparam); continue; }
#ifdef _WIN32
{ unsigned long ul2 = 1; ioctlsocket(newparam->remsock, FIONBIO, &ul2); }
#else
fcntl(newparam->remsock, F_SETFL, O_NONBLOCK | fcntl(newparam->remsock, F_GETFL));
#endif
memcpy(&newparam->sinsr, &newparam->req, sizeof(newparam->req));
newparam->operation = UDPASSOC;
authres = (*srv.authfunc)(newparam);
if(authres) { freeparam(newparam); continue; }
if(!srv.singlepacket)hashadd(&udp_table, newparam, &newparam, MAX_COUNTER_TIME);
socksendto(newparam, newparam->remsock, (struct sockaddr *)&newparam->sinsr, udpbuf, udplen, 0);
newparam->statscli64 += udplen;
newparam->nwrites++;
if(!(newparam->srvbuf = myalloc(UDPBUFSIZE))){
freeparam(newparam);
_3proxy_sem_unlock(udpinit);
continue;
}
newparam->srvbufsize = UDPBUFSIZE;
newparam->srvinbuf = udplen;
memcpy(newparam->srvbuf, udpbuf, udplen);
}
#endif
newparam->prev = newparam->next = NULL;
@ -1010,38 +993,37 @@ int MODULEMAINFUNC (int argc, char** argv){
#else
h = (HANDLE)CreateThread((LPSECURITY_ATTRIBUTES )NULL, (unsigned)(16384 + srv.stacksize), (void *)threadfunc, (void *) newparam, 0, &thread);
#endif
srv.childcount++;
if (h) {
newparam->threadid = (uint64_t)thread;
CloseHandle(h);
}
else {
sprintf((char *)buf, "_beginthreadex(): %s", _strerror(NULL));
if(!srv.silent)dolog(&defparam, buf);
error = 1;
}
_3proxy_mutex_unlock(&srv.counter_mutex);
if(error) freeparam(newparam);
#else
error = pthread_create(&thread, &pa, threadfunc, (void *)newparam);
if(error){
if ((error = pthread_create(&thread, &pa, threadfunc, (void *)newparam))){
sprintf((char *)buf, "pthread_create(): %s", strerror(error));
}
#endif
if(error){
if(!srv.silent)dolog(&defparam, buf);
if(newparam->prev) newparam->prev->next = newparam->next;
else srv.child = newparam->next;
if(newparam->next) newparam->next->prev = newparam->prev;
_3proxy_mutex_unlock(&srv.counter_mutex);
newparam->srv = NULL;
#ifndef NOUDPMAIN
if(isudp){
_3proxy_sem_unlock(udpinit);
}
#endif
freeparam(newparam);
}
else {
srv.childcount++;
newparam->threadid = (uint64_t)thread;
_3proxy_mutex_unlock(&srv.counter_mutex);
}
#endif
_3proxy_mutex_unlock(&srv.counter_mutex);
memset(&defparam.sincl, 0, sizeof(defparam.sincl));
memset(&defparam.sincr, 0, sizeof(defparam.sincr));
}
@ -1065,10 +1047,22 @@ int MODULEMAINFUNC (int argc, char** argv){
if(cbc_string)myfree(cbc_string);
if(cbl_string)myfree(cbl_string);
if(fp) fclose(fp);
#ifndef NOUDPMAIN
myfree(udpbuf);
#endif
return 0;
}
#ifndef NOUDPMAIN
int udpinited = 0;
#ifdef _WIN32
HANDLE udpinit;
#else
_3proxy_mutex_t udpinit;
#endif
#endif
void srvinit(struct srvparam * srv, struct clientparam *param){
@ -1102,6 +1096,16 @@ void srvinit(struct srvparam * srv, struct clientparam *param){
param->remsock = param->clisock = param->ctrlsock = param->ctrlsocksrv = INVALID_SOCKET;
*SAFAMILY(&param->req) = *SAFAMILY(&param->sinsl) = *SAFAMILY(&param->sinsr) = *SAFAMILY(&param->sincr) = *SAFAMILY(&param->sincl) = AF_INET;
_3proxy_mutex_init(&srv->counter_mutex);
#ifndef NOUDPMAIN
if(!udpinited){
#ifdef _WIN32
udpinit = CreateSemaphore(NULL, 1, 1, NULL);
#else
_3proxy_mutex_init(&udpinit);
#endif
}
udpinited = 1;
#endif
srv->intsa = conf.intsa;
srv->extsa = conf.extsa;
#ifndef NOIPV6

4
src/sockmap.c
View File

@ -212,7 +212,7 @@ log("send to server from buf");
param->clioffset = param->cliinbuf = 0;
if(fromclient) TOCLIENTBUF = 1;
}
sasize = sizeof(param->sinsr);
sasize = SASIZE(&param->sinsr);
res = param->srv->so._sendto(param->sostate, param->remsock, (char *)param->clibuf + param->clioffset, (int)MIN(inclientbuf, fromclient), 0, (struct sockaddr*)&param->sinsr, sasize);
if(res <= 0) {
TOSERVER = 0;
@ -258,7 +258,7 @@ log("send to client from buf");
param->srvinbuf = param->srvoffset = 0;
continue;
}
sasize = sizeof(param->sincr);
sasize = SASIZE(&param->sincr);
res = param->srv->so._sendto(param->sostate, param->clisock, (char *)param->srvbuf + param->srvoffset, (int)MIN(inserverbuf,fromserver), 0, (struct sockaddr*)&param->sincr, sasize);
if(res <= 0) {
TOCLIENT = 0;

34
src/plugins/SSLPlugin/ssl_plugin.c → src/ssl.c
View File

@ -5,23 +5,19 @@
*/
#include "../../structures.h"
#include "structures.h"
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include "../../proxy.h"
#include "my_ssl.h"
#include "proxy.h"
#include "ssl.h"
#ifndef _WIN32
#define WINAPI
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef isnumber
#define isnumber(i_n_arg) ((i_n_arg>='0')&&(i_n_arg<='9'))
#endif
@ -62,11 +58,6 @@ static char * server_cipher_list = NULL;
static char * client_sni = NULL;
static int client_mode = 0;
typedef struct _ssl_conn {
SSL_CTX *ctx;
SSL *ssl;
} ssl_conn;
struct SSLsock {
SOCKET s;
@ -1178,21 +1169,13 @@ static struct symbol ssl_symbols[] = {
};
#ifdef WATCOM
#pragma aux ssl_plugin "*" parm caller [ ] value struct float struct routine [eax] modify [eax ecx edx]
#undef PLUGINCALL
#define PLUGINCALL
#endif
PLUGINAPI int PLUGINCALL ssl_plugin (struct pluginlink * pluginlink,
int argc, char** argv){
void ssl_install(void){
h_nomitm(0, NULL);
h_noserv(0, NULL);
h_nocli(0, NULL);
pl = pluginlink;
pl = &pluginlink;
free(certcache);
certcache = NULL;
@ -1245,7 +1228,7 @@ PLUGINAPI int PLUGINCALL ssl_plugin (struct pluginlink * pluginlink,
}
tcppmfunc = (PROXYFUNC)pl->findbyname("tcppm");
if(!tcppmfunc){return 13;}
if(!tcppmfunc) return;
proxyfunc = (PROXYFUNC)pl->findbyname("proxy");
if(!proxyfunc)proxyfunc = tcppmfunc;
smtppfunc = (PROXYFUNC)pl->findbyname("smtpp");
@ -1253,9 +1236,4 @@ PLUGINAPI int PLUGINCALL ssl_plugin (struct pluginlink * pluginlink,
ftpprfunc = (PROXYFUNC)pl->findbyname("ftppr");
if(!ftpprfunc)ftpprfunc = tcppmfunc;
return 0;
}
#ifdef __cplusplus
}
#endif

16
src/plugins/SSLPlugin/my_ssl.h → src/ssl.h
View File

@ -1,5 +1,5 @@
#ifndef __my_ssl_h__
#define __my_ssl_h__
#ifndef __ssl_h__
#define __ssl_h__
//
// opaque connection structure
@ -10,6 +10,11 @@ typedef void *SSL_CONN;
//
typedef void *SSL_CERT;
typedef struct _ssl_conn {
SSL_CTX *ctx;
SSL *ssl;
} ssl_conn;
struct alpn {
unsigned char *protos;
unsigned int protos_len;
@ -83,5 +88,10 @@ void _ssl_cert_free(SSL_CERT cert);
void ssl_init(void);
char * getSSLErr(void);
//
// Built-in SSL installation (called from 3proxy.c)
//
void ssl_install(void);
extern struct sockfuncs sso;
#endif // __my_ssl_h__
#endif // __ssl_h__

32
src/plugins/SSLPlugin/my_ssl.c → src/ssllib.c
View File

@ -7,7 +7,7 @@
#define _CRT_SECURE_NO_WARNINGS
#include "../../structures.h"
#include "structures.h"
#include <memory.h>
#include <fcntl.h>
#ifndef _WIN32
@ -20,18 +20,12 @@
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/provider.h>
#include "../../proxy.h"
#include "my_ssl.h"
#include "proxy.h"
#include "ssl.h"
typedef struct _ssl_conn {
SSL_CTX *ctx;
SSL *ssl;
} ssl_conn;
_3proxy_mutex_t ssl_file_mutex;
@ -284,15 +278,31 @@ int ssl_file_init = 0;
int ssl_init_done = 0;
OSSL_LIB_CTX *library_ctx = NULL;
extern EVP_MD *md4;
extern EVP_MD *md5;
void ssl_init()
{
if(!ssl_init_done){
ssl_init_done = 1;
thread_setup();
SSLeay_add_ssl_algorithms();
SSL_load_error_strings();
_3proxy_mutex_init(&ssl_file_mutex);
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
library_ctx = OSSL_LIB_CTX_new();
OSSL_PROVIDER_load(library_ctx, "legacy");
OSSL_PROVIDER_load(library_ctx, "default");
md4 = EVP_MD_fetch(library_ctx, "MD4", NULL);
if (md4 == NULL) {
printf("Error fetching MD4\n");
}
md5 = EVP_MD_fetch(library_ctx, "MD5", NULL);
if (md5 == NULL) {
printf("Error fetching MD5\n");
}
}
}

2
src/structures.h
View File

@ -771,7 +771,9 @@ extern struct hashtable dns_table;
extern struct hashtable dns6_table;
extern struct hashtable auth_table;
extern struct hashtable pw_table;
#ifdef WITH_SSL
extern struct hashtable pwnt_table;
#endif
extern struct hashtable pwcr_table;
extern struct hashtable udp_table;

29
src/udppm.c
View File

@ -31,13 +31,42 @@ static void udpparam2hash(const struct hashtable *ht, void *index, uint8_t *hash
struct hashtable udp_table = {udpparam2hash, udpparam2hash, sizeof(struct clientparam *), 8};
void * udppmchild(struct clientparam* param) {
int authres;
if(parsehostname((char *)param->srv->target, param, ntohs(param->srv->targetport))) { RETURN(201) }
#ifndef NOIPV6
memcpy(&param->sinsl, *SAFAMILY(&param->req) == AF_INET6 ? (struct sockaddr *)&param->srv->extsa6 : (struct sockaddr *)&param->srv->extsa, SASIZE(&param->req));
#else
memcpy(&param->sinsl, (struct sockaddr *)&param->srv->extsa, SASIZE(&param->req));
#endif
*SAPORT(&param->sinsl) = 0;
param->remsock = param->srv->so._socket(param->srv->so.state, SASOCK(&param->sinsl), SOCK_DGRAM, IPPROTO_UDP);
if(param->remsock == INVALID_SOCKET) { RETURN(202); }
if(param->srv->so._bind(param->srv->so.state, param->remsock, (struct sockaddr *)&param->sinsl, SASIZE(&param->sinsl))) { RETURN(203); }
#ifdef _WIN32
{ unsigned long ul2 = 1; ioctlsocket(param->remsock, FIONBIO, &ul2); }
#else
fcntl(param->remsock, F_SETFL, O_NONBLOCK | fcntl(param->remsock, F_GETFL));
#endif
memcpy(&param->sinsr, &param->req, sizeof(param->req));
param->operation = UDPASSOC;
authres = (*param->srv->authfunc)(param);
if(authres) { RETURN(authres); }
if(!param->srv->singlepacket)hashadd(&udp_table, param, &param, MAX_COUNTER_TIME);
socksendto(param, param->remsock, (struct sockaddr *)&param->sinsr, param->srvbuf, param->srvinbuf, 0);
_3proxy_sem_unlock(udpinit);
param->statscli64 += param->srvinbuf;
param->srvinbuf = 0;
param->nwrites++;
param->clisock = param->srv->srvsock;
param->waitserver64 = 0x7fffffffffffffff;
param->res = mapsocket(param, conf.timeouts[STRING_L]);
_3proxy_sem_lock(udpinit);
if(!param->srv->singlepacket)hashdelete(&udp_table, param);
CLEANRET:
_3proxy_sem_unlock(udpinit);
dolog(param, NULL);
param->clisock = INVALID_SOCKET;
freeparam(param);