From 0236ee5eaabac05e21cede2ee9b68db70019f1b7 Mon Sep 17 00:00:00 2001 From: Enrico Scholz Date: Tue, 26 Feb 2008 17:29:10 +0100 Subject: [PATCH] PROXY: implemented native proxy support This patch creates a hook into the net_connect*() methods which call a method to connect to a proxy. Previous solution to send certain strings in the normal IRC dialog was some kind of hack as most proxies require some kind of negotation. E.g. HTTP proxies sent a 'HTTP/1.0 200 Connection established' HTTP header and clients have to wait for it. Else, sent bytes of the following IRC login will be dropped silently. With old method, it is also impossible to tunnel SSL IRC connections through the proxy as proxy speaks plain text or a special protocol while e.g. 'CONNECT ... HTTP/1.0' will be encrypted with key of IRC server. There are further enhancements possible: the whole net_connect stuff should be made asynchronously. Currently, only the hostname is resolved in the background (which makes little sense of local proxies usually). --- src/core/Makefile.am | 3 + src/core/network-openssl.c | 4 +- src/core/network-proxy-priv.h | 128 ++++++++++++++++++++++++++++++++++ src/core/network-proxy.c | 30 ++++++++ src/core/network-proxy.h | 81 +++++++++++++++++++++ src/core/network.c | 15 +++- src/core/network.h | 6 +- src/core/server-connect-rec.h | 5 +- src/core/servers-reconnect.c | 7 +- src/core/servers-setup.c | 15 ++-- src/core/servers.c | 23 +++--- src/irc/core/irc-servers.c | 28 +++----- 12 files changed, 297 insertions(+), 48 deletions(-) create mode 100644 src/core/network-proxy-priv.h create mode 100644 src/core/network-proxy.c create mode 100644 src/core/network-proxy.h diff --git a/src/core/Makefile.am b/src/core/Makefile.am index fc32e17e..ce4b4bb6 100644 --- a/src/core/Makefile.am +++ b/src/core/Makefile.am @@ -31,6 +31,9 @@ libcore_a_SOURCES = \ net-sendbuffer.c \ network.c \ network-openssl.c \ + network-proxy.c \ + network-proxy.h \ + network-proxy-priv.h \ nicklist.c \ nickmatch-cache.c \ pidwait.c \ diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c index 768fd540..1ef2c99c 100644 --- a/src/core/network-openssl.c +++ b/src/core/network-openssl.c @@ -552,11 +552,11 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_ return gchan; } -GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server) +GIOChannel *net_connect_proxy_ssl(struct network_proxy const *proxy, char const *host, int port, IPADDR *ip, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify) { GIOChannel *handle, *ssl_handle; - handle = net_connect_ip(ip, port, my_ip); + handle = net_connect_proxy(proxy, host, port, ip, my_ip); if (handle == NULL) return NULL; ssl_handle = irssi_ssl_get_iochannel(handle, port, server); diff --git a/src/core/network-proxy-priv.h b/src/core/network-proxy-priv.h new file mode 100644 index 00000000..0a8f2449 --- /dev/null +++ b/src/core/network-proxy-priv.h @@ -0,0 +1,128 @@ +/* --*- c -*-- + * Copyright (C) 2008 Enrico Scholz + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 and/or 3 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#ifndef H_IRSSI_SRC_CORE_PROXY_PRIV_H +#define H_IRSSI_SRC_CORE_PROXY_PRIV_H + +#include "settings.h" +#include + +/* stolen from linux kernel */ +#define container_of(ptr, type, member) __extension__ ({ \ + const __typeof__( ((type *)0)->member ) *__mptr = (ptr); \ + (type *)( (char *)__mptr - offsetof(type,member) );}) + + +inline static void +_network_proxy_create(struct network_proxy *dst) +{ + dst->port = settings_get_int("proxy_port"); + dst->host = g_strdup(settings_get_str("proxy_address")); +} + +inline static void +_network_proxy_clone(struct network_proxy *dst, struct network_proxy const *src) +{ + dst->host = g_strdup(src->host); + dst->port = src->port; + + dst->destroy = src->destroy; + dst->connect = src->connect; + dst->clone = src->clone; +} + +inline static void +_network_proxy_destroy(struct network_proxy *proxy) +{ + g_free((void *)proxy->host); +} + + + +inline static bool +_network_proxy_send_all(GIOChannel *ch, void const *buf, ssize_t len) +{ + GError *err = NULL; + gsize written; + GIOStatus status; + + while ((status=g_io_channel_write_chars(ch, buf, len, &written, + &err))==G_IO_STATUS_AGAIN) + continue; + + if (status==G_IO_STATUS_NORMAL) + return true; + + if (err) { + g_warning("failed to send proxy request: %s", err->message); + g_error_free(err); + } + + return false; +} + +inline static bool +_network_proxy_recv_all(GIOChannel *ch, void *buf_v, size_t len) +{ + GError *err = NULL; + gchar *buf = buf_v; + + while (len>0) { + GIOStatus status; + gsize l; + + status = g_io_channel_read_chars(ch, buf, len, &l, &err); + if (status==G_IO_STATUS_AGAIN) + continue; + if (status!=G_IO_STATUS_NORMAL) + break; + + buf += l; + len -= l; + } + + if (len==0) + return true; + + if (err) { + g_warning("failed to send proxy request: %s", err->message); + g_error_free(err); + } + + return false; +} + +inline static bool +_network_proxy_flush(GIOChannel *ch) +{ + GError *err = NULL; + GIOStatus status; + + while ((status=g_io_channel_flush(ch, &err))==G_IO_STATUS_AGAIN) + continue; + + if (status==G_IO_STATUS_NORMAL) + return true; + + if (err) { + g_warning("failed to flush proxy channel: %s", err->message); + g_error_free(err); + } + + return false; +} + +#endif /* H_IRSSI_SRC_CORE_PROXY_PRIV_H */ diff --git a/src/core/network-proxy.c b/src/core/network-proxy.c new file mode 100644 index 00000000..cedf96b5 --- /dev/null +++ b/src/core/network-proxy.c @@ -0,0 +1,30 @@ +/* --*- c -*-- + * Copyright (C) 2008 Enrico Scholz + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 and/or 3 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include "module.h" + +#include "network-proxy.h" +#include + +struct network_proxy * +network_proxy_create(char const *type) +{ + if (type==NULL) + return NULL; + + g_error("unsupported proxy type '%s'", type); + return NULL; +} diff --git a/src/core/network-proxy.h b/src/core/network-proxy.h new file mode 100644 index 00000000..cdc3d057 --- /dev/null +++ b/src/core/network-proxy.h @@ -0,0 +1,81 @@ +/* --*- c -*-- + * Copyright (C) 2008 Enrico Scholz + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 and/or 3 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#ifndef H_IRSSI_SRC_CORE_PROXY_H +#define H_IRSSI_SRC_CORE_PROXY_H + +#include +#include + +/* helper structure for the send_string*() functions of the network_proxy + * class */ +struct network_proxy_send_string_info +{ + char const *host; /* hostname of the IRC server */ + uint16_t port; /* portnumber of the IRC server */ + + /* function which is used to send string; usually irc_send_cmd_now() */ + void (*func)(void *obj, char const *); + + /* object for func */ + void *obj; +}; + +struct network_proxy { + /* destroys the network_proxy structure which must not be used anymore + * after; this memberfunction is mandatory */ + void (*destroy)(struct network_proxy *); + + /* connects through the proxy; this memberfunction is mandatory + * + * \arg hint_ip the asynchronously resolved ip of the proxy; when + * NULL, method will resolve it itself + * \arg address the hostname where proxy shall connect to + * \arg port port address where proxy shall connect to + */ + GIOChannel * (*connect)(struct network_proxy const *, IPADDR const *hint_ip, + char const *address, int port); + + /* clones the given network_proxy object; this memberfunction is + * mandatory */ + struct network_proxy * (*clone)(struct network_proxy const *); + + + /* sends a string after connection has been established but before IRC + * authentication begins; this memberfunction is optional + */ + void (*send_string)(struct network_proxy const *, + struct network_proxy_send_string_info const *); + + /* sends a string after connection IRC authentication suceeded; this + * memberfunction is optional + */ + void (*send_string_after)(struct network_proxy const *, + struct network_proxy_send_string_info const *); + + + /* hostname of proxy host */ + char const *host; + + /* portnumber of proxy */ + int port; +}; + +/* factory method to create a proxy object based upon value of 'type' */ +struct network_proxy * network_proxy_create(char const *type); + + +#endif /* H_IRSSI_SRC_CORE_PROXY_H */ diff --git a/src/core/network.c b/src/core/network.c index 3659ab36..b65c376d 100644 --- a/src/core/network.c +++ b/src/core/network.c @@ -20,6 +20,7 @@ #include "module.h" #include "network.h" +#include "network-proxy.h" #include @@ -169,7 +170,7 @@ GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip) } /* Connect to socket with ip address */ -GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip) +GIOChannel *net_connect_ip(IPADDR const *ip, int port, IPADDR *my_ip) { union sockaddr_union so; int handle, ret, opt = 1; @@ -226,6 +227,18 @@ GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip) return g_io_channel_new(handle); } +/* Connect to socket */ +GIOChannel *net_connect_proxy(struct network_proxy const *proxy, + char const *host, int port, IPADDR *ip, IPADDR *my_ip) +{ + + if (proxy) + return proxy->connect(proxy, ip, host, port); + else + return net_connect_ip(ip, port, my_ip); +} + + /* Connect to named UNIX socket */ GIOChannel *net_connect_unix(const char *path) { diff --git a/src/core/network.h b/src/core/network.h index fa7e9675..af9c6983 100644 --- a/src/core/network.h +++ b/src/core/network.h @@ -39,6 +39,7 @@ struct _IPADDR { #define IPADDR_IS_V6(ip) ((ip)->family != AF_INET) +struct network_proxy; extern IPADDR ip4_any; GIOChannel *g_io_channel_new(int handle); @@ -49,10 +50,11 @@ int net_ip_compare(IPADDR *ip1, IPADDR *ip2); /* Connect to socket */ GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip); /* Connect to socket with ip address and SSL*/ -GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server); +GIOChannel *net_connect_ip(IPADDR const *ip, int port, IPADDR *my_ip); +GIOChannel *net_connect_proxy_ssl(struct network_proxy const *proxy, char const *host, int port, IPADDR *ip, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify); int irssi_ssl_handshake(GIOChannel *handle); /* Connect to socket with ip address */ -GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip); +GIOChannel *net_connect_proxy(struct network_proxy const *proxy, char const *host, int port, IPADDR *ip, IPADDR *my_ip); /* Connect to named UNIX socket */ GIOChannel *net_connect_unix(const char *path); /* Disconnect socket */ diff --git a/src/core/server-connect-rec.h b/src/core/server-connect-rec.h index 17537508..ac99df8d 100644 --- a/src/core/server-connect-rec.h +++ b/src/core/server-connect-rec.h @@ -5,10 +5,7 @@ int chat_type; /* chat_protocol_lookup(xx) */ int refcount; -/* if we're connecting via proxy, or just NULLs */ -char *proxy; -int proxy_port; -char *proxy_string, *proxy_string_after, *proxy_password; +struct network_proxy *proxy; unsigned short family; /* 0 = don't care, AF_INET or AF_INET6 */ char *tag; /* try to keep this tag when connected to server */ diff --git a/src/core/servers-reconnect.c b/src/core/servers-reconnect.c index 0a08b461..3ee498ed 100644 --- a/src/core/servers-reconnect.c +++ b/src/core/servers-reconnect.c @@ -29,6 +29,7 @@ #include "servers-reconnect.h" #include "settings.h" +#include "network-proxy.h" GSList *reconnects; static int last_reconnect_tag; @@ -157,11 +158,7 @@ server_connect_copy_skeleton(SERVER_CONNECT_REC *src, int connect_info) server_connect_ref(dest); dest->type = module_get_uniq_id("SERVER CONNECT", 0); dest->reconnection = src->reconnection; - dest->proxy = g_strdup(src->proxy); - dest->proxy_port = src->proxy_port; - dest->proxy_string = g_strdup(src->proxy_string); - dest->proxy_string_after = g_strdup(src->proxy_string_after); - dest->proxy_password = g_strdup(src->proxy_password); + dest->proxy = src->proxy ? src->proxy->clone(src->proxy) : NULL; dest->tag = g_strdup(src->tag); diff --git a/src/core/servers-setup.c b/src/core/servers-setup.c index 0819ff1a..87470266 100644 --- a/src/core/servers-setup.c +++ b/src/core/servers-setup.c @@ -28,6 +28,7 @@ #include "chatnets.h" #include "servers.h" #include "servers-setup.h" +#include "network-proxy.h" GSList *setupservers; @@ -126,15 +127,6 @@ static void server_setup_fill(SERVER_CONNECT_REC *conn, conn->username = g_strdup(settings_get_str("user_name")); conn->realname = g_strdup(settings_get_str("real_name")); - /* proxy settings */ - if (settings_get_bool("use_proxy")) { - conn->proxy = g_strdup(settings_get_str("proxy_address")); - conn->proxy_port = settings_get_int("proxy_port"); - conn->proxy_string = g_strdup(settings_get_str("proxy_string")); - conn->proxy_string_after = g_strdup(settings_get_str("proxy_string_after")); - conn->proxy_password = g_strdup(settings_get_str("proxy_password")); - } - /* source IP */ if (source_host_ip4 != NULL) { conn->own_ip4 = g_new(IPADDR, 1); @@ -145,6 +137,10 @@ static void server_setup_fill(SERVER_CONNECT_REC *conn, memcpy(conn->own_ip6, source_host_ip6, sizeof(IPADDR)); } + /* proxy settings */ + if (settings_get_bool("use_proxy")) + conn->proxy = network_proxy_create(settings_get_str("proxy_type")); + signal_emit("server setup fill connect", 1, conn); } @@ -546,6 +542,7 @@ void servers_setup_init(void) settings_add_str("proxy", "proxy_string", "CONNECT %s %d"); settings_add_str("proxy", "proxy_string_after", ""); settings_add_str("proxy", "proxy_password", ""); + settings_add_str("proxy", "proxy_type", "simple"); setupservers = NULL; source_host_ip4 = source_host_ip6 = NULL; diff --git a/src/core/servers.c b/src/core/servers.c index 06f82d4d..39b54f9a 100644 --- a/src/core/servers.c +++ b/src/core/servers.c @@ -34,6 +34,7 @@ #include "servers-setup.h" #include "channels.h" #include "queries.h" +#include "network-proxy.h" GSList *servers, *lookup_servers; @@ -221,10 +222,18 @@ static void server_real_connect(SERVER_REC *server, IPADDR *ip, own_ip = ip == NULL ? NULL : (IPADDR_IS_V6(ip) ? server->connrec->own_ip6 : server->connrec->own_ip4); - port = server->connrec->proxy != NULL ? - server->connrec->proxy_port : server->connrec->port; + port = server->connrec->port; handle = server->connrec->use_ssl ? - net_connect_ip_ssl(ip, port, own_ip, server) : net_connect_ip(ip, port, own_ip); + net_connect_proxy_ssl(server->connrec->proxy, + server->connrec->address, port, + ip, own_ip, + server->connrec->ssl_cert, + server->connrec->ssl_pkey, + server->connrec->ssl_cafile, + server->connrec->ssl_capath, server->connrec->ssl_verify) : + net_connect_proxy(server->connrec->proxy, + server->connrec->address, port, + ip, own_ip); } else { handle = net_connect_unix(unix_socket); } @@ -421,7 +430,7 @@ int server_start_connect(SERVER_REC *server) server->connect_pipe[1] = g_io_channel_new(fd[1]); connect_address = server->connrec->proxy != NULL ? - server->connrec->proxy : server->connrec->address; + server->connrec->proxy->host : server->connrec->address; server->connect_pid = net_gethostbyname_nonblock(connect_address, server->connect_pipe[1], @@ -616,10 +625,8 @@ void server_connect_unref(SERVER_CONNECT_REC *conn) if (conn->connect_handle != NULL) net_disconnect(conn->connect_handle); - g_free_not_null(conn->proxy); - g_free_not_null(conn->proxy_string); - g_free_not_null(conn->proxy_string_after); - g_free_not_null(conn->proxy_password); + if (conn->proxy) + conn->proxy->destroy(conn->proxy); g_free_not_null(conn->tag); g_free_not_null(conn->address); diff --git a/src/irc/core/irc-servers.c b/src/irc/core/irc-servers.c index 27878989..1bf67ac3 100644 --- a/src/irc/core/irc-servers.c +++ b/src/irc/core/irc-servers.c @@ -37,6 +37,7 @@ #include "servers-reconnect.h" #include "servers-redirect.h" #include "modes.h" +#include "network-proxy.h" #include "settings.h" #include "recode.h" @@ -195,23 +196,19 @@ static void server_init(IRC_SERVER_REC *server) IRC_SERVER_CONNECT_REC *conn; char *address, *ptr, *username, *cmd; GTimeVal now; + struct network_proxy_send_string_info const send_info = { + .host = server->connrec->address, + .port = server->connrec->port, + .func = irc_send_cmd_now_wrapper, + .obj = server + }; g_return_if_fail(server != NULL); conn = server->connrec; - if (conn->proxy != NULL && conn->proxy_password != NULL && - *conn->proxy_password != '\0') { - cmd = g_strdup_printf("PASS %s", conn->proxy_password); - irc_send_cmd_now(server, cmd); - g_free(cmd); - } - - if (conn->proxy != NULL && conn->proxy_string != NULL) { - cmd = g_strdup_printf(conn->proxy_string, conn->address, conn->port); - irc_send_cmd_now(server, cmd); - g_free(cmd); - } + if (conn->proxy && conn->proxy->send_string) + conn->proxy->send_string(conn->proxy, &send_info); if (conn->password != NULL && *conn->password != '\0') { /* send password */ @@ -245,11 +242,8 @@ static void server_init(IRC_SERVER_REC *server) g_free(cmd); g_free(username); - if (conn->proxy != NULL && conn->proxy_string_after != NULL) { - cmd = g_strdup_printf(conn->proxy_string_after, conn->address, conn->port); - irc_send_cmd_now(server, cmd); - g_free(cmd); - } + if (conn->proxy && conn->proxy->send_string_after) + conn->proxy->send_string_after(conn->proxy, &send_info); server->isupport = g_hash_table_new((GHashFunc) g_istr_hash, (GCompareFunc) g_istr_equal);