}
SockAddr name_lookup(char *host, int port, char **canonicalname,
- const Config *cfg)
+ const Config *cfg, int addressfamily)
{
if (cfg->proxy_type != PROXY_NONE &&
do_proxy_dns(cfg) &&
return sk_nonamelookup(host);
}
- return sk_namelookup(host, canonicalname);
+ return sk_namelookup(host, canonicalname, addressfamily);
}
Socket new_connection(SockAddr addr, char *hostname,
/* look-up proxy */
proxy_addr = sk_namelookup(cfg->proxy_host,
- &proxy_canonical_name);
+ &proxy_canonical_name, cfg->addressfamily);
if (sk_addr_error(proxy_addr) != NULL) {
ret->error = "Proxy error: Unable to resolve proxy host name";
return (Socket)ret;
}
Socket new_listener(char *srcaddr, int port, Plug plug, int local_host_only,
- const Config *cfg)
+ const Config *cfg, int addressfamily)
{
/* TODO: SOCKS (and potentially others) support inbound
* TODO: connections via the proxy. support them.
*/
- return sk_newlistener(srcaddr, port, plug, local_host_only);
+ return sk_newlistener(srcaddr, port, plug, local_host_only, addressfamily);
}
/* ----------------------------------------------------------------------
* 0x03 = CHAP
*/
- char command[4];
+ char command[5];
int len;
command[0] = 5; /* version 5 */
if (p->cfg.proxy_username[0] || p->cfg.proxy_password[0]) {
- command[1] = 2; /* two methods supported: */
command[2] = 0x00; /* no authentication */
- command[3] = 0x02; /* username/password */
- len = 4;
+ len = 3;
+ proxy_socks5_offerencryptedauth (command, &len);
+ command[len++] = 0x02; /* username/password */
+ command[1] = len - 2; /* Number of methods supported */
} else {
command[1] = 1; /* one methods supported: */
command[2] = 0x00; /* no authentication */
* authentication methods:
* 0x00 = no authentication
* 0x01 = GSSAPI
- * 0x02 = username/password
+ * 0x02 = username/password
* 0x03 = CHAP
* 0xff = no acceptable methods
*/
p->state = 2; /* now proceed as authenticated */
}
+ if (p->state == 8) {
+ int ret;
+ ret = proxy_socks5_handlechap(p);
+ if (ret) return ret;
+ }
+
if (p->state == 2) {
/* request format:
}
if (p->state == 6) {
- /* TODO: Handle CHAP authentication */
- plug_closing(p->plug, "Proxy error: We don't support CHAP authentication",
- PROXY_ERROR_GENERAL, 0);
- return 1;
+ int ret;
+ ret = proxy_socks5_selectchap(p);
+ if (ret) return ret;
}
}
} else {
/* % escape. we recognize %%, %host, %port, %user, %pass.
- * anything else, we just send unescaped (including the %).
+ * %proxyhost, %proxyport. Anything else we just send
+ * unescaped (including the %).
*/
if (cfg->proxy_telnet_command[eo] == '%') {
retlen += passlen;
eo += 4;
}
+ else if (strnicmp(cfg->proxy_telnet_command + eo,
+ "proxyhost", 4) == 0) {
+ int phlen = strlen(cfg->proxy_host);
+ ENSURE(phlen);
+ memcpy(ret+retlen, cfg->proxy_host, phlen);
+ retlen += phlen;
+ eo += 9;
+ }
+ else if (strnicmp(cfg->proxy_telnet_command + eo,
+ "proxyport", 4) == 0) {
+ char pport[50];
+ int pplen;
+ sprintf(pport, "%d", cfg->proxy_port);
+ pplen = strlen(cfg->proxy_host);
+ ENSURE(pplen);
+ memcpy(ret+retlen, pport, pplen);
+ retlen += pplen;
+ eo += 9;
+ }
else {
/* we don't escape this, so send the % now, and
* don't advance eo, so that we'll consider the