1 /***************************************************************************
2  * nsock_proxy.h -- PRIVATE interface definitions for proxy handling.      *
3  *                                                                         *
4  ***********************IMPORTANT NSOCK LICENSE TERMS***********************
5  *                                                                         *
6  * The nsock parallel socket event library is (C) 1999-2017 Insecure.Com   *
7  * LLC This library is free software; you may redistribute and/or          *
8  * modify it under the terms of the GNU General Public License as          *
9  * published by the Free Software Foundation; Version 2.  This guarantees  *
10  * your right to use, modify, and redistribute this software under certain *
11  * conditions.  If this license is unacceptable to you, Insecure.Com LLC   *
12  * may be willing to sell alternative licenses (contact                    *
13  * sales@insecure.com ).                                                   *
14  *                                                                         *
15  * As a special exception to the GPL terms, Insecure.Com LLC grants        *
16  * permission to link the code of this program with any version of the     *
17  * OpenSSL library which is distributed under a license identical to that  *
18  * listed in the included docs/licenses/OpenSSL.txt file, and distribute   *
19  * linked combinations including the two. You must obey the GNU GPL in all *
20  * respects for all of the code used other than OpenSSL.  If you modify    *
21  * this file, you may extend this exception to your version of the file,   *
22  * but you are not obligated to do so.                                     *
23  *                                                                         *
24  * If you received these files with a written license agreement stating    *
25  * terms other than the (GPL) terms above, then that alternative license   *
26  * agreement takes precedence over this comment.                           *
27  *                                                                         *
28  * Source is provided to this software because we believe users have a     *
29  * right to know exactly what a program is going to do before they run it. *
30  * This also allows you to audit the software for security holes.          *
31  *                                                                         *
32  * Source code also allows you to port Nmap to new platforms, fix bugs,    *
33  * and add new features.  You are highly encouraged to send your changes   *
34  * to the dev@nmap.org mailing list for possible incorporation into the    *
35  * main distribution.  By sending these changes to Fyodor or one of the    *
36  * Insecure.Org development mailing lists, or checking them into the Nmap  *
37  * source code repository, it is understood (unless you specify otherwise) *
38  * that you are offering the Nmap Project (Insecure.Com LLC) the           *
39  * unlimited, non-exclusive right to reuse, modify, and relicense the      *
40  * code.  Nmap will always be available Open Source, but this is important *
41  * because the inability to relicense code has caused devastating problems *
42  * for other Free Software projects (such as KDE and NASM).  We also       *
43  * occasionally relicense the code to third parties as discussed above.    *
44  * If you wish to specify special license conditions of your               *
45  * contributions, just say so when you send them.                          *
46  *                                                                         *
47  * This program is distributed in the hope that it will be useful, but     *
48  * WITHOUT ANY WARRANTY; without even the implied warranty of              *
49  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU       *
50  * General Public License v2.0 for more details                            *
51  * (http://www.gnu.org/licenses/gpl-2.0.html).                             *
52  *                                                                         *
53  ***************************************************************************/
54 
55 /* $Id$ */
56 
57 #ifndef NSOCK_PROXY_H
58 #define NSOCK_PROXY_H
59 
60 #include "gh_list.h"
61 
62 #if HAVE_NETDB_H
63 #include <netdb.h>
64 #endif
65 
66 #include <nsock.h>
67 #include <errno.h>
68 
69 
70 /* ------------------- CONSTANTS ------------------- */
71 enum nsock_proxy_type {
72   PROXY_TYPE_HTTP = 0,
73   PROXY_TYPE_SOCKS4,
74   PROXY_TYPE_COUNT,
75 };
76 
77 enum nsock_proxy_state {
78   /* Common initial state for all proxy types. */
79   PROXY_STATE_INITIAL,
80 
81   /* HTTP proxy states. */
82   PROXY_STATE_HTTP_TCP_CONNECTED,
83   PROXY_STATE_HTTP_TUNNEL_ESTABLISHED,
84 
85   /* SOCKS 4 proxy states. */
86   PROXY_STATE_SOCKS4_TCP_CONNECTED,
87   PROXY_STATE_SOCKS4_TUNNEL_ESTABLISHED,
88 };
89 
90 
91 /* ------------------- STRUCTURES ------------------- */
92 
93 struct uri {
94   char *scheme;
95   char *user;
96   char *pass;
97   char *host;
98   char *path;
99   int port;
100 };
101 
102 /* Static information about a proxy node in the chain. This is generated by
103  * parsing the proxy specification string given by user. Those structures are
104  * then read-only and stored in the nsock_pool. */
105 struct proxy_node {
106   const struct proxy_spec *spec;
107 
108   struct sockaddr_storage ss;
109   size_t sslen;
110   unsigned short port;
111   char *nodestr; /* used for log messages */
112   gh_lnode_t nodeq;
113 };
114 
115 /* Ordered list of proxy nodes, as specified in the proxy specification string. */
116 struct proxy_chain {
117   gh_list_t nodes;
118 };
119 
120 /* IOD-specific context. For each IOD we establish a tunnel through the chain of
121  * proxies. This structure stores all the related information. */
122 struct proxy_chain_context {
123   const struct proxy_chain *px_chain;
124 
125   /* Nodes iterator in px_chain->nodes */
126   struct proxy_node *px_current;
127 
128   /* Current node connection state. */
129   enum nsock_proxy_state px_state;
130 
131   /* Those fields are used to store information about the final target
132    * to reach. */
133   enum nse_type target_ev_type;
134   struct sockaddr_storage target_ss;
135   size_t target_sslen;
136   unsigned short target_port;
137   nsock_ev_handler target_handler;
138 };
139 
140 struct proxy_op {
141   int (*node_new)(struct proxy_node **node, const struct uri *uri);
142   void (*node_delete)(struct proxy_node *node);
143   void (*handler)(nsock_pool nspool, nsock_event nsevent, void *udata);
144 };
145 
146 struct proxy_spec {
147   const char *prefix;
148   enum nsock_proxy_type type;
149   const struct proxy_op *ops;
150 };
151 
152 
153 /* ------------------- UTIL FUNCTIONS ------------------- */
154 int proxy_resolve(const char *host, struct sockaddr *addr, size_t *addrlen);
155 
proxy_ctx_node_next(struct proxy_chain_context * ctx)156 static inline struct proxy_node *proxy_ctx_node_next(struct proxy_chain_context *ctx) {
157   gh_lnode_t *next;
158 
159   assert(ctx);
160   assert(ctx->px_current);
161 
162   next = gh_lnode_next(&ctx->px_current->nodeq);
163   if (!next)
164     return NULL;
165 
166   return container_of(next, struct proxy_node, nodeq);
167 }
168 
169 
170 /* ------------------- PROTOTYPES ------------------- */
171 
172 struct proxy_chain_context *proxy_chain_context_new(nsock_pool nspool);
173 void proxy_chain_context_delete(struct proxy_chain_context *ctx);
174 
175 void nsock_proxy_ev_dispatch(nsock_pool nspool, nsock_event nsevent, void *udata);
176 void forward_event(nsock_pool nspool, nsock_event nse, void *udata);
177 
178 
179 #endif /* NSOCK_PROXY_H */
180 
181