bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2026-02-25 13:42:25 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: bughz:fdeee233de7912298f1b6885801d76baaadfedbb
Branches Tags
bughz:master
bughz:test-ci
bughz:workflow-test
bughz:devel
bughz:0.8
bughz:0.7
bughz:0.9.5
bughz:0.9.4
bughz:0.9.3
bughz:0.9.2
bughz:0.9.1
bughz:0.9.0
bughz:0.9.0-rc
bughz:0.8.13
bughz:0.8.12
bughz:0.8.11
bughz:0.8.10
bughz:0.8.9
bughz:3proxy-0.8.8
bughz:0.8.8
bughz:3proxy-0.8.7
bughz:3proxy-0.8.6
bughz:3proxy-0.8.5
bughz:3proxy-0.8.4
bughz:3proxy-0.8.3
bughz:3proxy-0.8.2
bughz:3proxy-0.7.1.4
bughz:3proxy-0.8.1
bughz:3proxy-0.8.0
bughz:3proxy-0.8-pre
bughz:3proxy-0.7.1.3
bughz:3proxy-0.7.1.2
bughz:v0.7.1.2
bughz:v0.7.1.1
bughz:v0.7.1
bughz:v0.7
..
compare: bughz:d014bb114956c849438a69e20b1af60554682776
Branches Tags
bughz:master
bughz:test-ci
bughz:workflow-test
bughz:devel
bughz:0.8
bughz:0.7
bughz:0.9.5
bughz:0.9.4
bughz:0.9.3
bughz:0.9.2
bughz:0.9.1
bughz:0.9.0
bughz:0.9.0-rc
bughz:0.8.13
bughz:0.8.12
bughz:0.8.11
bughz:0.8.10
bughz:0.8.9
bughz:3proxy-0.8.8
bughz:0.8.8
bughz:3proxy-0.8.7
bughz:3proxy-0.8.6
bughz:3proxy-0.8.5
bughz:3proxy-0.8.4
bughz:3proxy-0.8.3
bughz:3proxy-0.8.2
bughz:3proxy-0.7.1.4
bughz:3proxy-0.8.1
bughz:3proxy-0.8.0
bughz:3proxy-0.8-pre
bughz:3proxy-0.7.1.3
bughz:3proxy-0.7.1.2
bughz:v0.7.1.2
bughz:v0.7.1.1
bughz:v0.7.1
bughz:v0.7

No commits in common. "fdeee233de7912298f1b6885801d76baaadfedbb" and "d014bb114956c849438a69e20b1af60554682776" have entirely different histories.
fdeee233de ... d014bb1149

13 changed files with 121 additions and 209 deletions
Show Stats Expand all files Collapse all files

9
src/auth.c
View File

@ -895,16 +895,9 @@ int doauth(struct clientparam * param){
if(ret > 9) return ret; if(ret > 9) return ret;
} }
if(!res){ if(!res){
ret = alwaysauth(param); return alwaysauth(param);
if (param->afterauthfilters){
FILTER_ACTION action;
action = handleafterauthflt(param);
if(action != PASS) return 19;
}
} }
return ret; return ret;
} }

7
src/common.c
View File

@ -578,13 +578,6 @@ int doconnect(struct clientparam * param){
size = sizeof(param->sinsl); size = sizeof(param->sinsl);
if(param->srv->so._getsockname(param->sostate, param->remsock, (struct sockaddr *)&param->sinsl, &size)==-1) {return (15);} if(param->srv->so._getsockname(param->sostate, param->remsock, (struct sockaddr *)&param->sinsl, &size)==-1) {return (15);}
} }
if (param->nconnectfilters){
FILTER_ACTION action;
action = handleconnectflt(param);
if(action != PASS) return 19;
}
return 0; return 0;
} }

2
src/datatypes.c
View File

@ -749,7 +749,7 @@ static struct property prop_server[] = {
static struct property prop_client[] = { static struct property prop_client[] = {
{prop_client + 1, "servicetype", ef_client_type, TYPE_STRING, "type of the client"}, {prop_client + 1, "servicetype", ef_client_type, TYPE_STRING, "type of the client"},
{prop_client + 2, "threadid", ef_client_threadid, TYPE_UNSIGNED64, "process thread id"}, {prop_client + 2, "threadid", ef_client_threadid, TYPE_INTEGER, "process thread id"},
{prop_client + 3, "starttime", ef_client_starttime, TYPE_DATETIME, "client started seconds"}, {prop_client + 3, "starttime", ef_client_starttime, TYPE_DATETIME, "client started seconds"},
{prop_client + 4, "starttime_msec", ef_client_starttime_msec, TYPE_UNSIGNED, "client started milliseconds"}, {prop_client + 4, "starttime_msec", ef_client_starttime_msec, TYPE_UNSIGNED, "client started milliseconds"},
{prop_client + 5, "redirected", ef_client_redirected, TYPE_INTEGER, "number of redirections"}, {prop_client + 5, "redirected", ef_client_redirected, TYPE_INTEGER, "number of redirections"},

41
src/libs/md4.c
View File

@ -80,7 +80,10 @@ static unsigned char PADDING[64] = {
(a) = ROTATE_LEFT ((a), (s)); \ (a) = ROTATE_LEFT ((a), (s)); \
} }
void md4_calc(unsigned char *output, unsigned char *input, unsigned inlen) void md4_calc(output, input, inlen)
unsigned char *output;
unsigned char *input; /* input block */
unsigned int inlen; /* length of input block */
{ {
MD4_CTX context; MD4_CTX context;
@ -91,7 +94,8 @@ void md4_calc(unsigned char *output, unsigned char *input, unsigned inlen)
/* MD4 initialization. Begins an MD4 operation, writing a new context. /* MD4 initialization. Begins an MD4 operation, writing a new context.
*/ */
void MD4Init ( MD4_CTX *context) void MD4Init (context)
MD4_CTX *context; /* context */
{ {
context->count[0] = context->count[1] = 0; context->count[0] = context->count[1] = 0;
@ -107,7 +111,10 @@ void MD4Init ( MD4_CTX *context)
operation, processing another message block, and updating the operation, processing another message block, and updating the
context. context.
*/ */
void MD4Update (MD4_CTX *context, unsigned char *input, unsigned inputLen) void MD4Update (context, input, inputLen)
MD4_CTX *context; /* context */
unsigned char *input; /* input block */
unsigned int inputLen; /* length of input block */
{ {
unsigned int i, index, partLen; unsigned int i, index, partLen;
@ -145,7 +152,9 @@ void MD4Update (MD4_CTX *context, unsigned char *input, unsigned inputLen)
/* MD4 finalization. Ends an MD4 message-digest operation, writing the /* MD4 finalization. Ends an MD4 message-digest operation, writing the
the message digest and zeroizing the context. the message digest and zeroizing the context.
*/ */
void MD4Final (unsigned char digest[16], MD4_CTX *context) void MD4Final (digest, context)
unsigned char digest[16]; /* message digest */
MD4_CTX *context; /* context */
{ {
unsigned char bits[8]; unsigned char bits[8];
unsigned int index, padLen; unsigned int index, padLen;
@ -171,7 +180,9 @@ void MD4Final (unsigned char digest[16], MD4_CTX *context)
/* MD4 basic transformation. Transforms state based on block. /* MD4 basic transformation. Transforms state based on block.
*/ */
static void MD4Transform (UINT4 state[4], unsigned char block[64]) static void MD4Transform (state, block)
UINT4 state[4];
unsigned char block[64];
{ {
UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
@ -244,7 +255,10 @@ static void MD4Transform (UINT4 state[4], unsigned char block[64])
/* Encodes input (UINT4) into output (unsigned char). Assumes len is /* Encodes input (UINT4) into output (unsigned char). Assumes len is
a multiple of 4. a multiple of 4.
*/ */
static void Encode (unsigned char *output, UINT4 *input, unsigned len) static void Encode (output, input, len)
unsigned char *output;
UINT4 *input;
unsigned int len;
{ {
unsigned int i, j; unsigned int i, j;
@ -259,8 +273,11 @@ static void Encode (unsigned char *output, UINT4 *input, unsigned len)
/* Decodes input (unsigned char) into output (UINT4). Assumes len is /* Decodes input (unsigned char) into output (UINT4). Assumes len is
a multiple of 4. a multiple of 4.
*/ */
static void Decode (UINT4 *output, unsigned char *input, unsigned len) static void Decode (output, input, len)
UINT4 *output;
unsigned char *input;
unsigned int len;
{ {
unsigned int i, j; unsigned int i, j;
@ -271,7 +288,10 @@ static void Decode (UINT4 *output, unsigned char *input, unsigned len)
/* Note: Replace "for loop" with standard memcpy if possible. /* Note: Replace "for loop" with standard memcpy if possible.
*/ */
static void MD4_memcpy (POINTER output, POINTER input, unsigned len) static void MD4_memcpy (output, input, len)
POINTER output;
POINTER input;
unsigned int len;
{ {
unsigned int i; unsigned int i;
@ -281,7 +301,10 @@ static void MD4_memcpy (POINTER output, POINTER input, unsigned len)
/* Note: Replace "for loop" with standard memset if possible. /* Note: Replace "for loop" with standard memset if possible.
*/ */
static void MD4_memset (POINTER output, int value, unsigned len) static void MD4_memset (output, value, len)
POINTER output;
int value;
unsigned int len;
{ {
unsigned int i; unsigned int i;

36
src/libs/md5.c
View File

@ -107,7 +107,8 @@ void librad_md5_calc(unsigned char *output, unsigned char *input,
/* MD5 initialization. Begins an MD5 operation, writing a new context. /* MD5 initialization. Begins an MD5 operation, writing a new context.
*/ */
void MD5Init (MD5_CTX *context) void MD5Init (context)
MD5_CTX *context; /* context */
{ {
context->count[0] = context->count[1] = 0; context->count[0] = context->count[1] = 0;
/* Load magic initialization constants. /* Load magic initialization constants.
@ -122,7 +123,10 @@ void MD5Init (MD5_CTX *context)
operation, processing another message block, and updating the operation, processing another message block, and updating the
context. context.
*/ */
void MD5Update (MD5_CTX *context, const unsigned char *input, unsigned inputLen) void MD5Update (context, input, inputLen)
MD5_CTX *context; /* context */
const unsigned char *input; /* input block */
unsigned int inputLen; /* length of input block */
{ {
unsigned int i, index, partLen; unsigned int i, index, partLen;
@ -161,7 +165,9 @@ void MD5Update (MD5_CTX *context, const unsigned char *input, unsigned inputLen)
/* MD5 finalization. Ends an MD5 message-digest operation, writing the /* MD5 finalization. Ends an MD5 message-digest operation, writing the
the message digest and zeroizing the context. the message digest and zeroizing the context.
*/ */
void MD5Final (unsigned char digest[16], MD5_CTX *context) void MD5Final (digest, context)
unsigned char digest[16]; /* message digest */
MD5_CTX *context; /* context */
{ {
unsigned char bits[8]; unsigned char bits[8];
unsigned int index, padLen; unsigned int index, padLen;
@ -188,7 +194,9 @@ void MD5Final (unsigned char digest[16], MD5_CTX *context)
/* MD5 basic transformation. Transforms state based on block. /* MD5 basic transformation. Transforms state based on block.
*/ */
static void MD5Transform (UINT4 state[4], const unsigned char block[64]) static void MD5Transform (state, block)
UINT4 state[4];
const unsigned char block[64];
{ {
UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
@ -279,7 +287,10 @@ static void MD5Transform (UINT4 state[4], const unsigned char block[64])
/* Encodes input (UINT4) into output (unsigned char). Assumes len is /* Encodes input (UINT4) into output (unsigned char). Assumes len is
a multiple of 4. a multiple of 4.
*/ */
static void Encode (unsigned char *output, UINT4 *input, unsigned len) static void Encode (output, input, len)
unsigned char *output;
UINT4 *input;
unsigned int len;
{ {
unsigned int i, j; unsigned int i, j;
@ -294,7 +305,10 @@ static void Encode (unsigned char *output, UINT4 *input, unsigned len)
/* Decodes input (unsigned char) into output (UINT4). Assumes len is /* Decodes input (unsigned char) into output (UINT4). Assumes len is
a multiple of 4. a multiple of 4.
*/ */
static void Decode (UINT4 *output, const unsigned char *input, unsigned len) static void Decode (output, input, len)
UINT4 *output;
const unsigned char *input;
unsigned int len;
{ {
unsigned int i, j; unsigned int i, j;
@ -306,7 +320,10 @@ static void Decode (UINT4 *output, const unsigned char *input, unsigned len)
/* Note: Replace "for loop" with standard memcpy if possible. /* Note: Replace "for loop" with standard memcpy if possible.
*/ */
static void MD5_memcpy (POINTER output, CONSTPOINTER input, unsigned len) static void MD5_memcpy (output, input, len)
POINTER output;
CONSTPOINTER input;
unsigned int len;
{ {
unsigned int i; unsigned int i;
@ -316,7 +333,10 @@ static void MD5_memcpy (POINTER output, CONSTPOINTER input, unsigned len)
/* Note: Replace "for loop" with standard memset if possible. /* Note: Replace "for loop" with standard memset if possible.
*/ */
static void MD5_memset (POINTER output, int value, unsigned len) static void MD5_memset (output, value, len)
POINTER output;
int value;
unsigned int len;
{ {
unsigned int i; unsigned int i;

2
src/plugins/FilePlugin/FilePlugin.c
View File

@ -833,8 +833,6 @@ static struct filter fp_filter = {
fp_open, fp_open,
fp_client, fp_client,
fp_request, fp_request,
NULL,
NULL,
fp_hcli, fp_hcli,
fp_hsrv, fp_hsrv,
NULL, NULL,

2
src/plugins/PamAuth/pamauth.c
View File

@ -132,7 +132,7 @@ PLUGINAPI int PLUGINCALL start(struct pluginlink * pluginlink, int argc, unsigne
if(argc < 2) return 1; if(argc < 2) return 1;
pl = pluginlink; pl = pluginlink;
if(service) free(service); if(service) free(service);
service=(unsigned char *)strdup((char *)argv[1]); service=strdup((char *)argv[1]);
if (already_loaded) { return (0); } if (already_loaded) { return (0); }

8
src/plugins/SSLPlugin/my_ssl.h
View File

@ -10,11 +10,6 @@ typedef void *SSL_CONN;
// //
typedef void *SSL_CERT; typedef void *SSL_CERT;
struct alpn {
unsigned char *protos;
unsigned int protos_len;
};
struct ssl_config { struct ssl_config {
X509 *CA_cert; X509 *CA_cert;
X509 *server_cert; X509 *server_cert;
@ -36,7 +31,7 @@ struct ssl_config {
char * server_ca_dir; char * server_ca_dir;
char * server_ca_store; char * server_ca_store;
char * client_sni; char * client_sni;
struct alpn client_alpn_protos; char * client_alpn;
int mitm; int mitm;
int serv; int serv;
int cli; int cli;
@ -46,7 +41,6 @@ struct ssl_config {
int server_max_proto_version; int server_max_proto_version;
int client_verify; int client_verify;
int server_verify; int server_verify;
int client_mode;
}; };
typedef struct ssl_config SSL_CONFIG; typedef struct ssl_config SSL_CONFIG;

161
src/plugins/SSLPlugin/ssl_plugin.c
View File

@ -30,38 +30,36 @@ PROXYFUNC tcppmfunc, proxyfunc, smtppfunc, ftpprfunc;
static struct pluginlink * pl; static struct pluginlink * pl;
static struct alpn client_alpn_protos;
static int ssl_loaded = 0; static int ssl_loaded = 0;
static int ssl_connect_timeout = 0; static int ssl_connect_timeout = 0;
static char *certcache = NULL; char *certcache = NULL;
static char *srvcert = NULL; char *srvcert = NULL;
static char *srvkey = NULL; char *srvkey = NULL;
static char *clicert = NULL; char *clicert = NULL;
static char *clikey = NULL; char *clikey = NULL;
static char *server_ca_file = NULL; char *server_ca_file = NULL;
static char *server_ca_dir = NULL; char *server_ca_dir = NULL;
static char *server_ca_store = NULL; char *server_ca_store = NULL;
static char *server_ca_key = NULL; char *server_ca_key = NULL;
static char *client_ca_file = NULL; char *client_ca_file = NULL;
static char *client_ca_dir = NULL; char *client_ca_dir = NULL;
static char *client_ca_store = NULL; char *client_ca_store = NULL;
static int mitm = 0; int mitm = 0;
static int serv = 0; int serv = 0;
static int cli = 0; int cli = 0;
static int ssl_inited = 0; int ssl_inited = 0;
static int client_min_proto_version = 0; int client_min_proto_version = 0;
static int client_max_proto_version = 0; int client_max_proto_version = 0;
static int server_min_proto_version = 0; int server_min_proto_version = 0;
static int server_max_proto_version = 0; int server_max_proto_version = 0;
static int client_verify = 0; int client_verify = 0;
static int server_verify = 0; int server_verify = 0;
static char * client_ciphersuites = NULL; char * client_ciphersuites = NULL;
static char * server_ciphersuites = NULL; char * server_ciphersuites = NULL;
static char * client_cipher_list = NULL; char * client_cipher_list = NULL;
static char * server_cipher_list = NULL; char * server_cipher_list = NULL;
static char * client_sni = NULL; char * client_sni = NULL;
static int client_mode = 0; char * client_alpn = NULL;
typedef struct _ssl_conn { typedef struct _ssl_conn {
struct SSL_CTX *ctx; struct SSL_CTX *ctx;
@ -81,6 +79,10 @@ struct SSLstate {
}; };
/*
TO DO: use hashtable
*/
#define STATE ((struct SSLstate *)(state)) #define STATE ((struct SSLstate *)(state))
static struct SSLsock *searchSSL(void* state, SOCKET s){ static struct SSLsock *searchSSL(void* state, SOCKET s){
@ -421,7 +423,6 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
sc->client_max_proto_version = client_max_proto_version; sc->client_max_proto_version = client_max_proto_version;
sc->server_min_proto_version = server_min_proto_version; sc->server_min_proto_version = server_min_proto_version;
sc->server_max_proto_version = server_max_proto_version; sc->server_max_proto_version = server_max_proto_version;
sc->client_mode = client_mode;
sc->client_verify = client_verify; sc->client_verify = client_verify;
sc->server_verify = server_verify; sc->server_verify = server_verify;
if(client_ciphersuites) sc->client_ciphersuites = strdup(client_ciphersuites); if(client_ciphersuites) sc->client_ciphersuites = strdup(client_ciphersuites);
@ -442,20 +443,15 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
return sc; return sc;
} }
} }
if(client_ca_file)sc->client_ca_file =strdup(client_ca_file); if(client_ca_file)sc->client_ca_file=client_ca_file;
if(client_ca_dir)sc->client_ca_dir = strdup(client_ca_dir); if(client_ca_dir)sc->client_ca_dir=client_ca_dir;
if(client_ca_store)sc->client_ca_store = strdup(client_ca_store); if(client_ca_store)sc->client_ca_store=client_ca_store;
if(server_ca_file)sc->server_ca_file = strdup(server_ca_file); if(server_ca_file)sc->server_ca_file=server_ca_file;
if(server_ca_dir)sc->server_ca_dir = strdup(server_ca_dir); if(server_ca_dir)sc->server_ca_dir=server_ca_dir;
if(server_ca_store)sc->server_ca_store = strdup(server_ca_store); if(server_ca_store)sc->server_ca_store=server_ca_store;
if(client_sni)sc->client_sni=strdup(client_sni); if(client_sni)sc->client_sni=client_sni;
if(client_alpn_protos.protos_len){ if(client_alpn)sc->client_alpn=client_alpn;
sc->client_alpn_protos = client_alpn_protos;
sc->client_alpn_protos.protos = malloc(client_alpn_protos.protos_len);
if(!sc->client_alpn_protos.protos) sc->client_alpn_protos.protos_len = 0;
else memcpy(sc->client_alpn_protos.protos, client_alpn_protos.protos, client_alpn_protos.protos_len);
}
if(mitm){ if(mitm){
@ -543,7 +539,6 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
if(sc->client_max_proto_version)SSL_CTX_set_max_proto_version(sc->srv_ctx, sc->client_max_proto_version); if(sc->client_max_proto_version)SSL_CTX_set_max_proto_version(sc->srv_ctx, sc->client_max_proto_version);
if(sc->client_cipher_list)SSL_CTX_set_cipher_list(sc->srv_ctx, sc->client_cipher_list); if(sc->client_cipher_list)SSL_CTX_set_cipher_list(sc->srv_ctx, sc->client_cipher_list);
if(sc->client_ciphersuites)SSL_CTX_set_ciphersuites(sc->srv_ctx, sc->client_ciphersuites); if(sc->client_ciphersuites)SSL_CTX_set_ciphersuites(sc->srv_ctx, sc->client_ciphersuites);
if(sc->client_alpn_protos.protos_len)SSL_CTX_set_alpn_protos(sc->srv_ctx, sc->client_alpn_protos.protos, sc->client_alpn_protos.protos_len);
if(sc->client_verify){ if(sc->client_verify){
if(sc->client_ca_file || sc->client_ca_dir){ if(sc->client_ca_file || sc->client_ca_dir){
SSL_CTX_load_verify_locations(sc->srv_ctx, sc->client_ca_file, sc->client_ca_dir); SSL_CTX_load_verify_locations(sc->srv_ctx, sc->client_ca_file, sc->client_ca_dir);
@ -593,24 +588,6 @@ static FILTER_ACTION ssl_filter_client(void *fo, struct clientparam * param, voi
return CONTINUE; return CONTINUE;
} }
static FILTER_ACTION ssl_filter_connect(void *fc, struct clientparam * param){
if(PCONF->cli && !client_mode) {
if(docli(param)) {
return REJECT;
}
}
return PASS;
}
static FILTER_ACTION ssl_filter_afterauth(void *fc, struct clientparam * param){
if(PCONF->cli && client_mode == 1) {
if(docli(param)) {
return REJECT;
}
}
return PASS;
}
static FILTER_ACTION ssl_filter_predata(void *fc, struct clientparam * param){ static FILTER_ACTION ssl_filter_predata(void *fc, struct clientparam * param){
if(param->operation != HTTP_CONNECT && param->operation != CONNECT) return PASS; if(param->operation != HTTP_CONNECT && param->operation != CONNECT) return PASS;
@ -621,7 +598,7 @@ static FILTER_ACTION ssl_filter_predata(void *fc, struct clientparam * param){
if(!param->redirectfunc) param->redirectfunc = proxyfunc; if(!param->redirectfunc) param->redirectfunc = proxyfunc;
return CONTINUE; return CONTINUE;
} }
else if(PCONF->cli && client_mode == 2) { else if(PCONF->cli) {
if(docli(param)) { if(docli(param)) {
return REJECT; return REJECT;
} }
@ -670,11 +647,7 @@ static void ssl_filter_close(void *fo){
free(CONFIG->client_ca_dir); free(CONFIG->client_ca_dir);
free(CONFIG->client_ca_store); free(CONFIG->client_ca_store);
free(CONFIG->client_sni); free(CONFIG->client_sni);
if(CONFIG->client_alpn_protos.protos_len){ free(CONFIG->client_alpn);
free(CONFIG->client_alpn_protos.protos);
CONFIG->client_alpn_protos.protos = NULL;
CONFIG->client_alpn_protos.protos_len = 0;
}
free(fo); free(fo);
} }
@ -684,12 +657,7 @@ static struct filter ssl_filter = {
"ssl_filter", "ssl_filter",
ssl_filter_open, ssl_filter_open,
ssl_filter_client, ssl_filter_client,
NULL, NULL, NULL, NULL, ssl_filter_predata, NULL, NULL,
ssl_filter_connect,
ssl_filter_afterauth,
NULL, NULL,
ssl_filter_predata,
NULL, NULL,
ssl_filter_clear, ssl_filter_clear,
ssl_filter_close ssl_filter_close
}; };
@ -860,33 +828,9 @@ static int h_client_sni(int argc, unsigned char **argv){
} }
static int h_client_alpn(int argc, unsigned char **argv){ static int h_client_alpn(int argc, unsigned char **argv){
int len, i; free(client_alpn);
client_alpn = argc > 1? strdup((char *)argv[1]) : NULL;
if(client_alpn_protos.protos_len){ return 0;
free(client_alpn_protos.protos);
client_alpn_protos.protos = NULL;
client_alpn_protos.protos_len = 0;
}
if(argc <= 1) return 0;
for(len = argc - 1, i = 1; i < argc; i++){
len += strlen((char *)argv[i]);
}
if(!(client_alpn_protos.protos = malloc(len))) return 10;
for(len = 0, i = 1; i < argc; i++){
int l;
l = strlen((char *)argv[i]);
if(l >= 255) return 2;
client_alpn_protos.protos[len++] = l;
memcpy(client_alpn_protos.protos + len, argv[i], l);
len += l;
}
client_alpn_protos.protos_len = len;
return 0;
} }
static int h_server_ca_dir(int argc, unsigned char **argv){ static int h_server_ca_dir(int argc, unsigned char **argv){
@ -971,15 +915,6 @@ static int h_server_verify(int argc, unsigned char **argv){
server_verify = 1; server_verify = 1;
return 0; return 0;
} }
static int h_client_mode(int argc, unsigned char **argv){
client_mode = 0;
if(argc <= 1) return 0;
client_mode = atoi((char *)argv[1]);
return 0;
}
static int h_no_server_verify(int argc, unsigned char **argv){ static int h_no_server_verify(int argc, unsigned char **argv){
server_verify = 0; server_verify = 0;
return 0; return 0;
@ -1020,8 +955,7 @@ static struct commands ssl_commandhandlers[] = {
{ssl_commandhandlers+32, "ssl_server_ca_dir", h_server_ca_dir, 1, 2}, {ssl_commandhandlers+32, "ssl_server_ca_dir", h_server_ca_dir, 1, 2},
{ssl_commandhandlers+33, "ssl_server_ca_store", h_server_ca_store, 1, 2}, {ssl_commandhandlers+33, "ssl_server_ca_store", h_server_ca_store, 1, 2},
{ssl_commandhandlers+34, "ssl_client_sni", h_client_sni, 1, 2}, {ssl_commandhandlers+34, "ssl_client_sni", h_client_sni, 1, 2},
{ssl_commandhandlers+35, "ssl_client_alpn", h_client_alpn, 1, 0}, {ssl_commandhandlers+35, "ssl_client_alpn", h_client_alpn, 1, 2},
{ssl_commandhandlers+36, "ssl_client_mode", h_client_mode, 1, 2},
{NULL, "ssl_certcache", h_certcache, 2, 2}, {NULL, "ssl_certcache", h_certcache, 2, 2},
}; };
@ -1060,7 +994,6 @@ PLUGINAPI int PLUGINCALL ssl_plugin (struct pluginlink * pluginlink,
server_max_proto_version = 0; server_max_proto_version = 0;
client_verify = 0; client_verify = 0;
server_verify = 0; server_verify = 0;
client_mode = 0;
free(client_ciphersuites); free(client_ciphersuites);
client_ciphersuites = NULL; client_ciphersuites = NULL;
free(server_ciphersuites); free(server_ciphersuites);

4
src/plugins/TransparentPlugin/transparent_plugin.c
View File

@ -63,7 +63,7 @@ static FILTER_ACTION transparent_filter_client(void *fo, struct clientparam * pa
#endif #endif
pl->myinet_ntop(*SAFAMILY(&param->req), SAADDR(&param->req), (char *)addrbuf, sizeof(addrbuf)); pl->myinet_ntop(*SAFAMILY(&param->req), SAADDR(&param->req), (char *)addrbuf, sizeof(addrbuf));
if(param->hostname) pl->freefunc(param->hostname); if(param->hostname) pl->freefunc(param->hostname);
param->hostname = (unsigned char *)pl->strdupfunc(addrbuf); param->hostname = pl->strdupfunc(addrbuf);
param->sinsr = param->req; param->sinsr = param->req;
return PASS; return PASS;
} }
@ -81,7 +81,7 @@ static struct filter transparent_filter = {
"Transparent filter", "Transparent filter",
transparent_filter_open, transparent_filter_open,
transparent_filter_client, transparent_filter_client,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
transparent_filter_clear, transparent_filter_clear,
transparent_filter_close transparent_filter_close
}; };

2
src/proxy.h
View File

@ -266,8 +266,6 @@ void freepwl(struct passwords *pw);
void copyfilter(struct filter *, struct srvparam *srv); void copyfilter(struct filter *, struct srvparam *srv);
FILTER_ACTION makefilters (struct srvparam *srv, struct clientparam *param); FILTER_ACTION makefilters (struct srvparam *srv, struct clientparam *param);
FILTER_ACTION handlereqfilters(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p); FILTER_ACTION handlereqfilters(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p);
FILTER_ACTION handleconnectflt(struct clientparam *param);
FILTER_ACTION handleafterauthflt(struct clientparam *param);
FILTER_ACTION handlehdrfilterscli(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p); FILTER_ACTION handlehdrfilterscli(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p);
FILTER_ACTION handlehdrfilterssrv(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p); FILTER_ACTION handlehdrfilterssrv(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p);
FILTER_ACTION handlepredatflt(struct clientparam *param); FILTER_ACTION handlepredatflt(struct clientparam *param);

41
src/proxymain.c
View File

@ -718,7 +718,7 @@ int MODULEMAINFUNC (int argc, char** argv){
defparam.clisock = sock; defparam.clisock = sock;
if(!srv.silent && !iscbc){ if(!srv.silent && !iscbc){
sprintf((char *)buf, "Accepting connections [%"PRINTF_INT64_MODIFIER"u/%"PRINTF_INT64_MODIFIER"u]", (uint64_t)getpid(), (uint64_t)pthread_self()); sprintf((char *)buf, "Accepting connections [%u/%u]", (unsigned)getpid(), (unsigned)pthread_self());
dolog(&defparam, buf); dolog(&defparam, buf);
} }
} }
@ -916,7 +916,7 @@ int MODULEMAINFUNC (int argc, char** argv){
#endif #endif
srv.childcount++; srv.childcount++;
if (h) { if (h) {
newparam->threadid = (uint64_t)thread; newparam->threadid = (unsigned)thread;
CloseHandle(h); CloseHandle(h);
} }
else { else {
@ -933,7 +933,7 @@ int MODULEMAINFUNC (int argc, char** argv){
if(!srv.silent)dolog(&defparam, buf); if(!srv.silent)dolog(&defparam, buf);
} }
else { else {
newparam->threadid = (uint64_t)thread; newparam->threadid = (unsigned)thread;
} }
#endif #endif
pthread_mutex_unlock(&srv.counter_mutex); pthread_mutex_unlock(&srv.counter_mutex);
@ -1075,8 +1075,6 @@ void freeparam(struct clientparam * param) {
if(param->datfilterssrv) myfree(param->datfilterssrv); if(param->datfilterssrv) myfree(param->datfilterssrv);
#ifndef STDMAIN #ifndef STDMAIN
if(param->reqfilters) myfree(param->reqfilters); if(param->reqfilters) myfree(param->reqfilters);
if(param->connectfilters) myfree(param->connectfilters);
if(param->afterauthfilters) myfree(param->afterauthfilters);
if(param->hdrfilterscli) myfree(param->hdrfilterscli); if(param->hdrfilterscli) myfree(param->hdrfilterscli);
if(param->hdrfilterssrv) myfree(param->hdrfilterssrv); if(param->hdrfilterssrv) myfree(param->hdrfilterssrv);
if(param->predatfilters) myfree(param->predatfilters); if(param->predatfilters) myfree(param->predatfilters);
@ -1130,19 +1128,6 @@ void freeparam(struct clientparam * param) {
myfree(param); myfree(param);
} }
FILTER_ACTION handleconnectflt(struct clientparam *cparam){
#ifndef STDMAIN
FILTER_ACTION action;
int i;
for(i=0; i<cparam->nconnectfilters ;i++){
action = (*cparam->connectfilters[i]->filter->filter_connect)(cparam->connectfilters[i]->data, cparam);
if(action!=CONTINUE) return action;
}
#endif
return PASS;
}
#ifndef STDMAIN #ifndef STDMAIN
static void * itcopy (void * from, size_t size){ static void * itcopy (void * from, size_t size){
@ -1328,8 +1313,6 @@ void copyfilter (struct filter *filter, struct srvparam *srv){
if(srv->nfilters>0)srv->filter[srv->nfilters - 1].next = srv->filter + srv->nfilters; if(srv->nfilters>0)srv->filter[srv->nfilters - 1].next = srv->filter + srv->nfilters;
srv->nfilters++; srv->nfilters++;
if(filter->filter_request)srv->nreqfilters++; if(filter->filter_request)srv->nreqfilters++;
if(filter->filter_connect)srv->nconnectfilters++;
if(filter->filter_afterauth)srv->nafterauthfilters++;
if(filter->filter_header_srv)srv->nhdrfilterssrv++; if(filter->filter_header_srv)srv->nhdrfilterssrv++;
if(filter->filter_header_cli)srv->nhdrfilterscli++; if(filter->filter_header_cli)srv->nhdrfilterscli++;
if(filter->filter_predata)srv->npredatfilters++; if(filter->filter_predata)srv->npredatfilters++;
@ -1347,8 +1330,6 @@ FILTER_ACTION makefilters (struct srvparam *srv, struct clientparam *param){
if(!(param->filters = myalloc(sizeof(struct filterp) * srv->nfilters)) || if(!(param->filters = myalloc(sizeof(struct filterp) * srv->nfilters)) ||
(srv->nreqfilters && !(param->reqfilters = myalloc(sizeof(struct filterp *) * srv->nreqfilters))) || (srv->nreqfilters && !(param->reqfilters = myalloc(sizeof(struct filterp *) * srv->nreqfilters))) ||
(srv->nconnectfilters && !(param->connectfilters = myalloc(sizeof(struct filterp *) * srv->nconnectfilters))) ||
(srv->nafterauthfilters && !(param->afterauthfilters = myalloc(sizeof(struct filterp *) * srv->nafterauthfilters))) ||
(srv->nhdrfilterssrv && !(param->hdrfilterssrv = myalloc(sizeof(struct filterp *) * srv->nhdrfilterssrv))) || (srv->nhdrfilterssrv && !(param->hdrfilterssrv = myalloc(sizeof(struct filterp *) * srv->nhdrfilterssrv))) ||
(srv->nhdrfilterscli && !(param->hdrfilterscli = myalloc(sizeof(struct filterp *) * srv->nhdrfilterscli))) || (srv->nhdrfilterscli && !(param->hdrfilterscli = myalloc(sizeof(struct filterp *) * srv->nhdrfilterscli))) ||
(srv->npredatfilters && !(param->predatfilters = myalloc(sizeof(struct filterp *) * srv->npredatfilters))) || (srv->npredatfilters && !(param->predatfilters = myalloc(sizeof(struct filterp *) * srv->npredatfilters))) ||
@ -1366,8 +1347,6 @@ FILTER_ACTION makefilters (struct srvparam *srv, struct clientparam *param){
if(action > CONTINUE) return action; if(action > CONTINUE) return action;
param->filters[param->nfilters].filter = srv->filter + i; param->filters[param->nfilters].filter = srv->filter + i;
if(srv->filter[i].filter_request)param->reqfilters[param->nreqfilters++] = param->filters + param->nfilters; if(srv->filter[i].filter_request)param->reqfilters[param->nreqfilters++] = param->filters + param->nfilters;
if(srv->filter[i].filter_connect)param->connectfilters[param->nconnectfilters++] = param->filters + param->nfilters;
if(srv->filter[i].filter_afterauth)param->afterauthfilters[param->nafterauthfilters++] = param->filters + param->nfilters;
if(srv->filter[i].filter_header_cli)param->hdrfilterscli[param->nhdrfilterscli++] = param->filters + param->nfilters; if(srv->filter[i].filter_header_cli)param->hdrfilterscli[param->nhdrfilterscli++] = param->filters + param->nfilters;
if(srv->filter[i].filter_header_srv)param->hdrfilterssrv[param->nhdrfilterssrv++] = param->filters + param->nfilters; if(srv->filter[i].filter_header_srv)param->hdrfilterssrv[param->nhdrfilterssrv++] = param->filters + param->nfilters;
if(srv->filter[i].filter_predata)param->predatfilters[param->npredatfilters++] = param->filters + param->nfilters; if(srv->filter[i].filter_predata)param->predatfilters[param->npredatfilters++] = param->filters + param->nfilters;
@ -1413,20 +1392,6 @@ void freeacl(struct ace *ac){
} }
} }
FILTER_ACTION handleafterauthflt(struct clientparam *cparam){
#ifndef STDMAIN
FILTER_ACTION action;
int i;
for(i=0; i<cparam->nafterauthfilters ;i++){
action = (*cparam->afterauthfilters[i]->filter->filter_afterauth)(cparam->afterauthfilters[i]->data, cparam);
if(action!=CONTINUE) return action;
}
#endif
return PASS;
}
FILTER_ACTION handlereqfilters(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){ FILTER_ACTION handlereqfilters(struct clientparam *param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
FILTER_ACTION action; FILTER_ACTION action;
int i; int i;

15
src/structures.h
View File

@ -416,8 +416,6 @@ struct filter {
FILTER_OPEN *filter_open; FILTER_OPEN *filter_open;
FILTER_CLIENT *filter_client; FILTER_CLIENT *filter_client;
FILTER_BUFFER *filter_request; FILTER_BUFFER *filter_request;
FILTER_PREDATA *filter_connect;
FILTER_PREDATA *filter_afterauth;
FILTER_BUFFER *filter_header_cli; FILTER_BUFFER *filter_header_cli;
FILTER_BUFFER *filter_header_srv; FILTER_BUFFER *filter_header_srv;
FILTER_PREDATA *filter_predata; FILTER_PREDATA *filter_predata;
@ -496,7 +494,7 @@ struct srvparam {
int needuser; int needuser;
int silent; int silent;
int transparent; int transparent;
int nfilters, nreqfilters, nconnectfilters, nafterauthfilters, nhdrfilterscli, nhdrfilterssrv, npredatfilters, ndatfilterscli, ndatfilterssrv; int nfilters, nreqfilters, nhdrfilterscli, nhdrfilterssrv, npredatfilters, ndatfilterscli, ndatfilterssrv;
int family; int family;
int stacksize; int stacksize;
int noforce; int noforce;
@ -552,7 +550,7 @@ struct clientparam {
struct filterp *filters, struct filterp *filters,
**reqfilters, **connectfilters, **afterauthfilters, **reqfilters,
**hdrfilterscli, **hdrfilterssrv, **hdrfilterscli, **hdrfilterssrv,
**predatfilters, **datfilterscli, **datfilterssrv; **predatfilters, **datfilterscli, **datfilterssrv;
@ -567,21 +565,18 @@ struct clientparam {
uint64_t waitclient64, uint64_t waitclient64,
waitserver64, waitserver64,
cycles, cycles;
threadid;
int redirected, int redirected,
operation, operation,
nfilters, nfilters, nreqfilters, nhdrfilterscli, nhdrfilterssrv, npredatfilters, ndatfilterscli, ndatfilterssrv,
nreqfilters, nconnectfilters, nafterauthfilters,
nhdrfilterscli, nhdrfilterssrv,
npredatfilters, ndatfilterscli, ndatfilterssrv,
unsafefilter, unsafefilter,
bandlimver; bandlimver;
int res, int res,
status; status;
int pwtype, int pwtype,
threadid,
weight, weight,
nolog, nolog,
nolongdatfilter, nolongdatfilter,