summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoshua Judson Rosen2015-02-17 00:37:08 -0500
committerJoshua Judson Rosen2015-02-17 00:37:08 -0500
commit714aebccbd7a4ab6ec0964d4580efd49171ba140 (patch)
treee71ac66a95848b1c0e8f47ea7d3df0e54c052d48 /src
parentNix mysleep(). (diff)
downloadapf-714aebccbd7a4ab6ec0964d4580efd49171ba140.tar.gz
Remove HTTP proxy support.
There are plenty of popular, readily-available external tools that, frankly, provide better options for going through proxies-- both of the HTTP variety and others (corkscrew, httptunnel, socat...); and dropping our internal implementation results in a significant reduction in code complexity--including the complete elimination of multithreading and all of the worries that go along with it.
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am7
-rw-r--r--src/afclient.c80
-rw-r--r--src/afclient.h4
-rw-r--r--src/afserver.c127
-rw-r--r--src/afserver.h2
-rw-r--r--src/client_initialization.c30
-rw-r--r--src/client_initialization.h2
-rw-r--r--src/client_realm_struct.c44
-rw-r--r--src/client_realm_struct.h6
-rw-r--r--src/client_signals.c6
-rw-r--r--src/connect_client_struct.h2
-rw-r--r--src/file_client.c33
-rw-r--r--src/file_server.c13
-rw-r--r--src/http_proxy_client.c565
-rw-r--r--src/http_proxy_client.h29
-rw-r--r--src/http_proxy_functions.c395
-rw-r--r--src/http_proxy_functions.h85
-rw-r--r--src/http_proxy_options_struct.c254
-rw-r--r--src/http_proxy_options_struct.h58
-rw-r--r--src/http_proxy_server.c585
-rw-r--r--src/http_proxy_server.h29
-rw-r--r--src/network.h3
-rw-r--r--src/server_remoteadmin.c16
-rw-r--r--src/server_signals.c9
-rw-r--r--src/thread_management.c102
-rw-r--r--src/thread_management.h34
-rw-r--r--src/usage.c21
27 files changed, 11 insertions, 2530 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index b385b15..48c6934 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -2,8 +2,8 @@ bin_PROGRAMS = afserver afclient
afserver_SOURCES = afserver.c network.c file.c stats.c buf_list_node_struct.c buf_list_struct.c \
server_remoteadmin.c server_check.c server_set.c server_eval.c server_find.c \
server_remove.c make_ssl_handshake.c first_run.c inet_ntop.c realmnames.c \
- clientnames.c usernames.c http_proxy_functions.c http_proxy_server.c server_get.c \
- thread_management.c server_signals.c usage.c logging.c daemon.c ssl_fd_struct.c \
+ clientnames.c usernames.c server_get.c \
+ server_signals.c usage.c logging.c daemon.c ssl_fd_struct.c \
user_stats_struct.c usr_cli_struct.c connect_user_struct.c string_functions.c \
audit_list_node_struct.c audit_list_struct.c connect_client_struct.c timeval_functions.c \
header_buffer_struct.c server_realm_struct.c server_configuration_struct.c file_server.c \
@@ -11,8 +11,7 @@ afserver_SOURCES = afserver.c network.c file.c stats.c buf_list_node_struct.c bu
afclient_LDFLAGS = ${USE_RDYNAMIC}
afclient_SOURCES = afclient.c network.c file.c stats.c buf_list_node_struct.c buf_list_struct.c \
module_struct.c client_remoteadmin.c make_ssl_handshake.c first_run.c inet_ntop.c \
- http_proxy_functions.c http_proxy_client.c http_proxy_options_struct.c \
- thread_management.c client_reverse_udp.c server_check.c client_initialization.c \
+ client_reverse_udp.c server_check.c client_initialization.c \
client_shutdown.c client_signals.c usage.c logging.c daemon.c base64.c ssl_routines.c \
connect_user_struct.c user_stats_struct.c string_functions.c ar_options_struct.c \
audit_list_node_struct.c audit_list_struct.c ssl_fd_struct.c timeval_functions.c \
diff --git a/src/afclient.c b/src/afclient.c
index e99598d..3364529 100644
--- a/src/afclient.c
+++ b/src/afclient.c
@@ -19,6 +19,7 @@
*/
#include <config.h>
+#include <unistd.h>
#include "afclient.h"
@@ -51,13 +52,6 @@ static struct option long_options[] = {
{"id", 1, 0, 'i'},
{"dateformat", 1, 0, 'D'},
{"remoteadmin", 0, 0, 'r'},
-#ifdef HAVE_LIBPTHREAD
- {"use-https", 0, 0, 'S'},
- {"proxyname", 1, 0, 'P'},
- {"proxyport", 1, 0, 'X'},
- {"pa-t-basic", 0, 0, 'B'},
- {"pa-cred", 1, 0, 'C'},
-#endif
{"version", 0, 0, 'V'},
{"keep-alive", 1, 0, 'K'},
{"ar-tries", 1, 0, 'A'},
@@ -95,8 +89,6 @@ main(int argc, char **argv)
fd_set rset, allset, wset, tmpset;
struct timeval keepAlive;
char verbose = 0;
- HttpProxyOptions* hpo = HttpProxyOptions_new();
- char hpoUsed = 0;
ArOptions* ao = ArOptions_new();
ClientRealm* pointer;
char aoUsed = 0;
@@ -133,13 +125,6 @@ main(int argc, char **argv)
* initialization
*/
-#ifdef HAVE_LIBPTHREAD
- if (hpo == NULL) {
- printf("Problems with memory allocation... exiting\n");
- exit(1);
- }
-#endif
-
if (ao == NULL) {
printf("Problems with memory allocation... exiting\n");
exit(1);
@@ -162,20 +147,11 @@ main(int argc, char **argv)
act.sa_handler = client_sig_alrm;
sigaction(SIGALRM, &act, NULL);
-#ifdef HAVE_LIBPTHREAD
- remember_mainthread();
-#endif
-
#ifdef AF_INET6
#define GETOPT_LONG_AF_INET6(x) "46"x
#else
#define GETOPT_LONG_AF_INET6(x) x
#endif
-#ifdef HAVE_LIBPTHREAD
-#define GETOPT_LONG_LIBPTHREAD(x) "SP:X:BC:"x
-#else
-#define GETOPT_LONG_LIBPTHREAD(x) x
-#endif
#ifdef HAVE_LIBDL
#define GETOPT_LONG_LIBDL(x) "l:L:"x
#else
@@ -183,8 +159,8 @@ main(int argc, char **argv)
#endif
while ((n = getopt_long(argc, argv,
- GETOPT_LONG_LIBDL(GETOPT_LONG_LIBPTHREAD(
- GETOPT_LONG_AF_INET6("huUn:m:d:p:vk:c:s:o:i:D:rP:X:VK:A:T:f:")))
+ GETOPT_LONG_LIBDL(
+ GETOPT_LONG_AF_INET6("huUn:m:d:p:vk:c:s:o:i:D:rP:X:VK:A:T:f:"))
, long_options, 0)) != -1) {
switch (n) {
case 'h': {
@@ -195,33 +171,6 @@ main(int argc, char **argv)
serverName = optarg;
break;
}
-#ifdef HAVE_LIBPTHREAD
- case 'S': {
- HttpProxyOptions_use_https(hpo);
- hpoUsed = 1;
- break;
- }
- case 'P': {
- HttpProxyOptions_set_proxyname(hpo, optarg);
- hpoUsed = 1;
- break;
- }
- case 'X': {
- HttpProxyOptions_set_proxyport(hpo, optarg);
- hpoUsed = 1;
- break;
- }
- case 'B': {
- HttpProxyOptions_set_proxyauth_type(hpo, PROXYAUTH_TYPE_BASIC);
- hpoUsed = 1;
- break;
- }
- case 'C': {
- HttpProxyOptions_set_proxyauth_cred(hpo, optarg);
- hpoUsed = 1;
- break;
- }
-#endif
case 'i': {
realmId = optarg;
break;
@@ -422,12 +371,6 @@ main(int argc, char **argv)
"Working without sense is really without sense...");
exit(1);
}
- if (hpoUsed) {
- ClientRealm_set_httpProxyOptions(pointer, hpo);
- }
- else {
- HttpProxyOptions_free(&hpo);
- }
if (aoUsed) {
ClientRealm_set_arOptions(pointer, ao);
}
@@ -531,7 +474,6 @@ main(int argc, char **argv)
ClientRealm_set_hostName(pointer, hostName);
ClientRealm_set_destinationPorts(pointer, destinationPorts);
ClientRealm_set_realmId(pointer, realmId);
- ClientRealm_set_httpProxyOptions(pointer, hpo);
ClientRealm_set_arOptions(pointer, ao);
ClientRealm_set_password(pointer, password);
ClientRealm_set_localName(pointer, localName);
@@ -587,22 +529,6 @@ main(int argc, char **argv)
if (ClientRealm_get_clientMode(pointer) == CLIENTREALM_MODE_REVERSE)
client_short_usage("Port on the server is required in reverse mode");
}
-#ifdef HAVE_LIBPTHREAD
- if ((HttpProxyOptions_get_proxyname(ClientRealm_get_httpProxyOptions(pointer))) ||
- (HttpProxyOptions_get_proxyport(ClientRealm_get_httpProxyOptions(pointer)))) {
- if (ClientRealm_get_tunnelType(pointer) == CLIENTREALM_TUNNELTYPE_DIRECT) {
- ClientRealm_set_tunnelType(pointer, CLIENTREALM_TUNNELTYPE_HTTPPROXY);
- }
- else {
- ClientRealm_set_tunnelType(pointer, CLIENTREALM_TUNNELTYPE_UNKNOWN);
- }
- }
- if (ClientRealm_get_tunnelType(pointer) == CLIENTREALM_TUNNELTYPE_HTTPPROXY) {
- if (HttpProxyOptions_get_proxyport(ClientRealm_get_httpProxyOptions(pointer)) == NULL) {
- HttpProxyOptions_set_proxyport(ClientRealm_get_httpProxyOptions(pointer), "8080");
- }
- }
-#endif
if ((ClientRealm_get_clientMode(pointer) != CLIENTREALM_MODE_REVERSE) &&
(ClientRealm_get_clientMode(pointer) != CLIENTREALM_MODE_REMOTE) &&
(ClientRealm_get_hostName(pointer) == NULL)) {
diff --git a/src/afclient.h b/src/afclient.h
index 1be222d..c5888b3 100644
--- a/src/afclient.h
+++ b/src/afclient.h
@@ -26,13 +26,9 @@
#include "client_remoteadmin.h"
#include "make_ssl_handshake.h"
#include "first_run.h"
-#include "http_proxy_client.h"
-#include "thread_management.h"
#include "client_reverse_udp.h"
#include "server_check.h"
#include "client_initialization.h"
-#include "http_proxy_functions.h"
-#include "http_proxy_options_struct.h"
#include "client_shutdown.h"
#include "client_signals.h"
#include "usage.h"
diff --git a/src/afserver.c b/src/afserver.c
index 461f476..0da7e45 100644
--- a/src/afserver.c
+++ b/src/afserver.c
@@ -54,12 +54,6 @@ static struct option long_options[] = {
{"baseport", 0, 0, 'b'},
{"dnslookups", 0, 0, 311},
{"dateformat", 1, 0, 'D'},
-#ifdef HAVE_LIBPTHREAD
- {"enableproxy", 0, 0, 'P'},
- /* FIXME: don't need it now
- {"use-https", 0, 0, 'S'},
- */
-#endif
{"version", 0, 0, 'V'},
{0, 0, 0, 0}
};
@@ -93,9 +87,6 @@ main(int argc, char **argv)
unsigned char pass[4] = {1, 2, 3, 4};
char verbose = 0;
char mode = 0;
-#ifdef HAVE_LIBPTHREAD
- char tunneltype = 0;
-#endif
char ipfam = 0;
char baseport = 0;
char audit = 0;
@@ -133,27 +124,15 @@ main(int argc, char **argv)
TYPE_SET_SSL(mode);
TYPE_SET_ZLIB(mode);
TYPE_SET_SUPPORTED_MULTI(mode);
-
-#ifdef HAVE_LIBPTHREAD
- remember_mainthread();
-#endif
#ifdef AF_INET6
#define GETOPT_LONG_AF_INET6(x) "46"x
#else
#define GETOPT_LONG_AF_INET6(x) x
#endif
-#ifdef HAVE_LIBPTHREAD
-/* FIXME: 'S' option is not needed now
-#define GETOPT_LONG_LIBPTHREAD(x) "PS"x
-*/
-#define GETOPT_LONG_LIBPTHREAD(x) "P"x
-#else
-#define GETOPT_LONG_LIBPTHREAD(x) x
-#endif
-
+
while ((n = getopt_long(argc, argv,
- GETOPT_LONG_LIBPTHREAD(GETOPT_LONG_AF_INET6("hn:l:m:vu:c:A:d:k:f:p:o:t:C:U:M:abD:R:r:V"))
+ GETOPT_LONG_AF_INET6("hn:l:m:vu:c:A:d:k:f:p:o:t:C:U:M:abD:R:r:V")
, long_options, 0)) != -1) {
switch (n) {
case 'h': {
@@ -293,30 +272,6 @@ main(int argc, char **argv)
dateformat = optarg;
break;
}
-#ifdef HAVE_LIBPTHREAD
- case 'P': {
- if ((tunneltype < 0) || (tunneltype > 2)) {
- tunneltype = -1;
- }
- else {
- if (tunneltype != 2) {
- tunneltype = 1;
- }
- }
- break;
- }
- /* FIXME: don't need it now
- case 'S': {
- if ((tunneltype < 0) || (tunneltype > 2)) {
- tunneltype = -1;
- }
- else {
- tunneltype = 2;
- }
- break;
- }
- */
-#endif
case 'V': {
printf("%s\n", (AF_VER("Active port forwarder (server)")));
exit(0);
@@ -460,9 +415,6 @@ main(int argc, char **argv)
ServerRealm_set_sClientMode(pointer, clim);
ServerRealm_set_basePortOn(pointer, baseport);
ServerRealm_set_auditOn(pointer, audit);
-#ifdef HAVE_LIBPTHREAD
- ServerRealm_set_tunnelType(pointer, tunneltype);
-#endif
ServerRealm_set_dnsLookupsOn(pointer, dnslookups);
ServerRealm_set_realmName(pointer, realmname);
ServerRealm_set_password(pointer, pass);
@@ -699,17 +651,6 @@ main(int argc, char **argv)
if (ServerRealm_get_auditOn(scRealmsTable[i]) == 0) {
ServerRealm_set_auditOn(scRealmsTable[i], audit);
}
-#ifdef HAVE_LIBPTHREAD
- /* using user's tunneltype value*/
- if (ServerRealm_get_tunnelType(scRealmsTable[i]) == 0) {
- if (tunneltype == -1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "Conflicting types of tunnel type... exiting");
- exit(1);
- }
- ServerRealm_set_tunnelType(scRealmsTable[i], tunneltype);
- }
-#endif
/* using user's dnslookups value*/
if (ServerRealm_get_dnsLookupsOn(scRealmsTable[i]) == 0) {
ServerRealm_set_dnsLookupsOn(scRealmsTable[i], dnslookups);
@@ -878,49 +819,6 @@ main(int argc, char **argv)
UsrCli_get_managePortName(srUsersClientsTable[j])));
break;
}
-#ifdef HAVE_LIBPTHREAD
- case 1:
- case 2: {
- temp = find_previousFd(srUsersClientsTable, j,
- UsrCli_get_manageHostName(srUsersClientsTable[j]),
- UsrCli_get_managePortName(srUsersClientsTable[j]));
- if (temp == -1) {
- if (initialize_http_proxy_server(&temp,
- UsrCli_get_manageHostName(srUsersClientsTable[j]) ?
- UsrCli_get_manageHostName(srUsersClientsTable[j]) :
- ServerRealm_get_hostName(scRealmsTable[i]),
- UsrCli_get_managePortName(srUsersClientsTable[j]),
- (&len), ipfam,
- ServerRealm_get_clientsLimit(scRealmsTable[i]) +
- ServerRealm_get_raClientsLimit(scRealmsTable[i]),
- (ServerRealm_get_tunnelType(scRealmsTable[i]) - 1),
- ServerRealm_get_SslCtx(scRealmsTable[i]))) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
-#ifdef AF_INET6
- "http%s_proxy_listen_%s error for %s, %s",
- (ServerRealm_get_tunnelType(scRealmsTable[i]) == 2) ? "s" : "",
- (ipfam & 0x02)?"ipv4":(ipfam & 0x04)?"ipv6":"unspec",
-#else
- "http%s_proxy_listen error for %s, %s",
- (ServerRealm_get_tunnelType(scRealmsTable[i]) == 2) ? "s" : "",
-#endif
- UsrCli_get_manageHostName(srUsersClientsTable[j]) ?
- UsrCli_get_manageHostName(srUsersClientsTable[j]) :
- ServerRealm_get_hostName(scRealmsTable[i]),
- UsrCli_get_managePortName(srUsersClientsTable[j]));
- exit(1);
- }
- }
- ServerRealm_set_addressLength(scRealmsTable[i], len);
- UsrCli_set_manageFd(srUsersClientsTable[j], temp);
- flags = fcntl(UsrCli_get_manageFd(srUsersClientsTable[j]), F_GETFL, 0);
- fcntl(UsrCli_get_manageFd(srUsersClientsTable[j]), F_SETFL, flags | O_NONBLOCK);
- UsrCli_set_number(srUsersClientsTable[j], eval_UsrCliPair(srUsersClientsTable, j,
- UsrCli_get_manageHostName(srUsersClientsTable[j]),
- UsrCli_get_managePortName(srUsersClientsTable[j])));
- break;
- }
-#endif
default: {
aflog(LOG_T_INIT, LOG_I_CRIT,
"Unknown tunnel type");
@@ -2048,11 +1946,6 @@ main(int argc, char **argv)
ConnectClient_set_lastActivity(
srRaClientsTable[l],
ConnectClient_get_lastActivity(srClientsTable[k]));
-#ifdef HAVE_LIBPTHREAD
- ConnectClient_set_tunnelType(
- srRaClientsTable[l],
- ConnectClient_get_tunnelType(srClientsTable[k]));
-#endif
ConnectClient_set_clientId(
srRaClientsTable[l],
ConnectClient_get_clientId(srClientsTable[k]));
@@ -2259,11 +2152,6 @@ main(int argc, char **argv)
ConnectClient_set_lastActivity(
srClientsTable[l],
ConnectClient_get_lastActivity(srRaClientsTable[k]));
-#ifdef HAVE_LIBPTHREAD
- ConnectClient_set_tunnelType(
- srClientsTable[l],
- ConnectClient_get_tunnelType(srRaClientsTable[k]));
-#endif
ConnectClient_set_clientId(
srClientsTable[l],
ConnectClient_get_clientId(srRaClientsTable[k]));
@@ -2536,12 +2424,7 @@ main(int argc, char **argv)
aflog(LOG_T_CLIENT, LOG_I_DDEBUG,
"realm[%s]: managefd: FD_ISSET", get_realmname(config, j));
len = ServerRealm_get_addressLength(pointer);
-#ifdef HAVE_LIBPTHREAD
- sent = get_new_socket(UsrCli_get_manageFd(srUsersClientsTable[l]),
- ServerRealm_get_tunnelType(pointer),ServerRealm_get_clientAddress(pointer), &len, &tunneltype);
-#else
sent = accept(UsrCli_get_manageFd(srUsersClientsTable[l]), ServerRealm_get_clientAddress(pointer), &len);
-#endif
if (sent == -1) {
if (errno == EAGAIN) {
aflog(LOG_T_USER, LOG_I_DDEBUG,
@@ -2567,9 +2450,6 @@ main(int argc, char **argv)
time(&now);
ConnectClient_set_connectTime(srClientsTable[k], now);
ConnectClient_set_lastActivity(srClientsTable[k], now);
-#ifdef HAVE_LIBPTHREAD
- ConnectClient_set_tunnelType(srClientsTable[k], tunneltype);
-#endif
aflog(LOG_T_CLIENT, LOG_I_INFO,
"realm[%s]: new Client[%s] IP:%s", get_realmname(config, j), get_clientname(pointer, k),
sock_ntop(ServerRealm_get_clientAddress(pointer), len, ConnectClient_get_nameBuf(srClientsTable[k]),
@@ -2603,9 +2483,6 @@ main(int argc, char **argv)
time(&now);
ConnectClient_set_connectTime(srRaClientsTable[k], now);
ConnectClient_set_lastActivity(srRaClientsTable[k], now);
-#ifdef HAVE_LIBPTHREAD
- ConnectClient_set_tunnelType(srRaClientsTable[k], tunneltype);
-#endif
aflog(LOG_T_MANAGE, LOG_I_INFO,
"realm[%s]: new Client[%s] (ra) IP:%s",
get_realmname(config, j), get_raclientname(pointer, k),
diff --git a/src/afserver.h b/src/afserver.h
index bc23e75..85bd03f 100644
--- a/src/afserver.h
+++ b/src/afserver.h
@@ -34,8 +34,6 @@
#include "clientnames.h"
#include "usernames.h"
#include "server_get.h"
-#include "http_proxy_server.h"
-#include "thread_management.h"
#include "server_signals.h"
#include "usage.h"
#include "logging.h"
diff --git a/src/client_initialization.c b/src/client_initialization.c
index efde9a9..9cc8c9a 100644
--- a/src/client_initialization.c
+++ b/src/client_initialization.c
@@ -70,36 +70,6 @@ initialize_client_stage1(ClientRealm* cr, SSL_CTX* ctx, unsigned char* buff, cha
SslFd_set_fd(ClientRealm_get_masterSslFd(cr), tmp);
break;
}
-#ifdef HAVE_LIBPTHREAD
- case 1: {
- if (initialize_http_proxy_client(&tmp, cr, ctx)) {
-#ifdef AF_INET6
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http_proxy_connect_%s error for %s, %s (proxy: %s, %s)",
- (ClientRealm_get_ipFamily(cr) & 0x02) ?
- "ipv4":(ClientRealm_get_ipFamily(cr) & 0x04) ?
- "ipv6":"unspec", ClientRealm_get_serverName(cr),
- ClientRealm_get_managePort(cr),
- HttpProxyOptions_get_proxyname(ClientRealm_get_httpProxyOptions(cr)),
- HttpProxyOptions_get_proxyport(ClientRealm_get_httpProxyOptions(cr)));
-#else
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http_proxy_connect error for %s, %s (proxy: %s, %s)", ClientRealm_get_serverName(cr),
- ClientRealm_get_managePort(cr),
- HttpProxyOptions_get_proxyname(ClientRealm_get_httpProxyOptions(cr)),
- HttpProxyOptions_get_proxyport(ClientRealm_get_httpProxyOptions(cr)));
-#endif
- if (wanttoexit) {
- exit(1);
- }
- else {
- return 1;
- }
- }
- SslFd_set_fd(ClientRealm_get_masterSslFd(cr), tmp);
- break;
- }
-#endif
default: {
aflog(LOG_T_INIT, LOG_I_CRIT,
"Unknown tunnel type");
diff --git a/src/client_initialization.h b/src/client_initialization.h
index 390568f..4f981a3 100644
--- a/src/client_initialization.h
+++ b/src/client_initialization.h
@@ -23,8 +23,6 @@
#include "activefor.h"
#include "stats.h"
#include "logging.h"
-#include "http_proxy_client.h"
-#include "http_proxy_options_struct.h"
#include "ssl_fd_struct.h"
#include "client_realm_struct.h"
diff --git a/src/client_realm_struct.c b/src/client_realm_struct.c
index 5b4477e..4963671 100644
--- a/src/client_realm_struct.c
+++ b/src/client_realm_struct.c
@@ -59,12 +59,6 @@ ClientRealm_new()
ClientRealm_free(&tmp);
return NULL;
}
- tmp->httpProxyOptions = HttpProxyOptions_new();
- assert(tmp->httpProxyOptions != NULL);
- if (tmp->httpProxyOptions == NULL) {
- ClientRealm_free(&tmp);
- return NULL;
- }
#ifdef HAVE_LIBDL
tmp->userModule = Module_new();
assert(tmp->userModule != NULL);
@@ -110,7 +104,6 @@ ClientRealm_free(ClientRealm** cr)
ClientRealm_set_localDestinationName((*cr), NULL);
ClientRealm_set_clientAddress((*cr), NULL);
ClientRealm_set_masterSslFd((*cr), NULL);
- ClientRealm_set_httpProxyOptions((*cr), NULL);
ClientRealm_set_arOptions((*cr), NULL);
ClientRealm_set_destinationPorts((*cr), NULL);
ClientRealm_set_usersTable((*cr), NULL);
@@ -507,26 +500,6 @@ ClientRealm_set_masterSslFd(ClientRealm* cr, SslFd* masterSslFd)
}
/*
- * Function name: ClientRealm_set_httpProxyOptions
- * Description: Set client realm's http proxy options.
- * Arguments: cr - pointer to ClientRealm structure
- * httpProxyOptions - client realm's http proxy options
- */
-
-void
-ClientRealm_set_httpProxyOptions(ClientRealm* cr, HttpProxyOptions* httpProxyOptions)
-{
- assert(cr != NULL);
- if (cr == NULL) {
- return;
- }
- if (cr->httpProxyOptions) {
- HttpProxyOptions_free(&(cr->httpProxyOptions));
- }
- cr->httpProxyOptions = httpProxyOptions;
-}
-
-/*
* Function name: ClientRealm_set_arOptions
* Description: Set client realm's auto-reconnect options.
* Arguments: cr - pointer to ClientRealm structure
@@ -994,23 +967,6 @@ ClientRealm_get_masterSslFd(ClientRealm* cr)
}
/*
- * Function name: ClientRealm_get_httpProxyOptions
- * Description: Get client realm's http proxy options.
- * Arguments: cr - pointer to ClientRealm structure
- * Returns: Client realm's http proxy options.
- */
-
-HttpProxyOptions*
-ClientRealm_get_httpProxyOptions(ClientRealm* cr)
-{
- assert(cr != NULL);
- if (cr == NULL) {
- return NULL;
- }
- return cr->httpProxyOptions;
-}
-
-/*
* Function name: ClientRealm_get_arOptions
* Description: Get client realm's auto-reconnect options.
* Arguments: cr - pointer to ClientRealm structure
diff --git a/src/client_realm_struct.h b/src/client_realm_struct.h
index 0fd1789..51790ef 100644
--- a/src/client_realm_struct.h
+++ b/src/client_realm_struct.h
@@ -20,7 +20,6 @@
#include "activefor.h"
#include "ssl_fd_struct.h"
-#include "http_proxy_options_struct.h"
#include "ar_options_struct.h"
#include "module_struct.h"
#include "port_list_struct.h"
@@ -36,8 +35,6 @@
#define CLIENTREALM_TUNNELTYPE_UNKNOWN -1
#define CLIENTREALM_TUNNELTYPE_DIRECT 0
-#define CLIENTREALM_TUNNELTYPE_HTTPPROXY 1
-#define CLIENTREALM_TUNNELTYPE_HTTPSPROXY 2
typedef struct {
char* serverName;
@@ -61,7 +58,6 @@ typedef struct {
socklen_t addressLength;
struct sockaddr* clientAddress;
SslFd* masterSslFd;
- HttpProxyOptions* httpProxyOptions;
ArOptions* arOptions;
PortList* destinationPorts;
ConnectUser** usersTable;
@@ -97,7 +93,6 @@ void ClientRealm_set_keepAlive(ClientRealm* cr, struct timeval keepAlive);
void ClientRealm_set_addressLength(ClientRealm* cr, socklen_t addressLength);
void ClientRealm_set_clientAddress(ClientRealm* cr, struct sockaddr* clientAddress);
void ClientRealm_set_masterSslFd(ClientRealm* cr, SslFd* masterSslFd);
-void ClientRealm_set_httpProxyOptions(ClientRealm* cr, HttpProxyOptions* httpProxyOptions);
void ClientRealm_set_arOptions(ClientRealm* cr, ArOptions* arOptions);
void ClientRealm_set_destinationPorts(ClientRealm* cr, PortList* destinationPorts);
void ClientRealm_set_usersTable(ClientRealm* cr, ConnectUser** usersTable);
@@ -127,7 +122,6 @@ struct timeval ClientRealm_get_keepAlive(ClientRealm* cr);
socklen_t ClientRealm_get_addressLength(ClientRealm* cr);
struct sockaddr* ClientRealm_get_clientAddress(ClientRealm* cr);
SslFd* ClientRealm_get_masterSslFd(ClientRealm* cr);
-HttpProxyOptions* ClientRealm_get_httpProxyOptions(ClientRealm* cr);
ArOptions* ClientRealm_get_arOptions(ClientRealm* cr);
PortList* ClientRealm_get_destinationPorts(ClientRealm* cr);
ConnectUser** ClientRealm_get_usersTable(ClientRealm* cr);
diff --git a/src/client_signals.c b/src/client_signals.c
index 04c344e..e8c7269 100644
--- a/src/client_signals.c
+++ b/src/client_signals.c
@@ -21,7 +21,6 @@
#include <config.h>
#include "client_signals.h"
-#include "thread_management.h"
#include "stats.h"
#include "logging.h"
@@ -36,11 +35,6 @@
void
client_sig_int(int signo)
{
-#ifdef HAVE_LIBPTHREAD
- if (!is_this_a_mainthread()) {
- return;
- }
-#endif
aflog(LOG_T_MAIN, LOG_I_NOTICE,
"CLIENT CLOSED cg: %ld bytes", getcg());
exit(0);
diff --git a/src/connect_client_struct.h b/src/connect_client_struct.h
index 9cf2e6d..9f598be 100644
--- a/src/connect_client_struct.h
+++ b/src/connect_client_struct.h
@@ -37,8 +37,6 @@
#define CONNECTCLIENT_TUNNELTYPE_UNKNOWN -1
#define CONNECTCLIENT_TUNNELTYPE_DIRECT 0
-#define CONNECTCLIENT_TUNNELTYPE_HTTPPROXY 1
-#define CONNECTCLIENT_TUNNELTYPE_HTTPSPROXY 2
#define CONNECTCLIENT_MULTI_ENABLED 1
#define CONNECTCLIENT_MULTI_DISABLED 0
diff --git a/src/file_client.c b/src/file_client.c
index 672eeaf..5ba1d97 100644
--- a/src/file_client.c
+++ b/src/file_client.c
@@ -144,27 +144,6 @@ cparsefile(char* name, int* status)
ClientRealm_set_clientMode(ClientConfiguration_get_realmsTable(cfg)[0], CLIENTREALM_MODE_UNKNOWN);
}
}
- else if ((strcmp(helpbuf1, "S") == 0) || (strcmp(helpbuf1, "use-https") == 0)) {
- HttpProxyOptions_use_https(ClientRealm_get_httpProxyOptions(
- ClientConfiguration_get_realmsTable(cfg)[0]));
- }
- else if ((strcmp(helpbuf1, "B") == 0) || (strcmp(helpbuf1, "pa-t-basic") == 0)) {
- HttpProxyOptions_set_proxyauth_type(ClientRealm_get_httpProxyOptions(
- ClientConfiguration_get_realmsTable(cfg)[0]), PROXYAUTH_TYPE_BASIC);
- }
-#ifdef HAVE_LIBPTHREAD
- else if (strcmp(helpbuf1, "enableproxy")==0) {
- if (ClientRealm_get_tunnelType(
- ClientConfiguration_get_realmsTable(cfg)[0]) == 0) {
- ClientRealm_set_tunnelType(
- ClientConfiguration_get_realmsTable(cfg)[0],
- 1);
- }
- else {
- return cfg;
- }
- }
-#endif
#ifdef AF_INET6
else if (strcmp(helpbuf1, "ipv4")==0) {
if (TYPE_IS_UNSPEC(ClientRealm_get_realmType(
@@ -255,18 +234,6 @@ cparsefile(char* name, int* status)
ArOptions_set_s_arDelay(ClientRealm_get_arOptions(ClientConfiguration_get_realmsTable(cfg)[0]),
helpbuf2);
}
- else if ((strcmp(helpbuf1, "P") == 0) || (strcmp(helpbuf1, "proxyname") == 0)) {
- HttpProxyOptions_set_proxyname(ClientRealm_get_httpProxyOptions(
- ClientConfiguration_get_realmsTable(cfg)[0]), helpbuf2);
- }
- else if ((strcmp(helpbuf1, "X") == 0) || (strcmp(helpbuf1, "proxyport") == 0)) {
- HttpProxyOptions_set_proxyport(ClientRealm_get_httpProxyOptions(
- ClientConfiguration_get_realmsTable(cfg)[0]), helpbuf2);
- }
- else if ((strcmp(helpbuf1, "C") == 0) || (strcmp(helpbuf1, "pa-cred") == 0)) {
- HttpProxyOptions_set_proxyauth_cred(ClientRealm_get_httpProxyOptions(
- ClientConfiguration_get_realmsTable(cfg)[0]), helpbuf2);
- }
else {
return cfg;
}
diff --git a/src/file_server.c b/src/file_server.c
index 35ed235..d027f02 100644
--- a/src/file_server.c
+++ b/src/file_server.c
@@ -206,19 +206,6 @@ parsefile(char* name, int* status)
ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1],
1);
}
-#ifdef HAVE_LIBPTHREAD
- else if (strcmp(helpbuf1, "enableproxy")==0) {
- if (ServerRealm_get_tunnelType(
- ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1]) == 0) {
- ServerRealm_set_tunnelType(
- ServerConfiguration_get_realmsTable(cfg)[ServerConfiguration_get_realmsNumber(cfg) - 1],
- 1);
- }
- else {
- return cfg;
- }
- }
-#endif
#ifdef AF_INET6
else if (strcmp(helpbuf1, "ipv4")==0) {
if (TYPE_IS_UNSPEC(ServerRealm_get_realmType(
diff --git a/src/http_proxy_client.c b/src/http_proxy_client.c
deleted file mode 100644
index 157d009..0000000
--- a/src/http_proxy_client.c
+++ /dev/null
@@ -1,565 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include <config.h>
-
-#include "http_proxy_functions.h"
-#include "http_proxy_client.h"
-#include "thread_management.h"
-#include "network.h"
-#include "stats.h"
-#include "logging.h"
-#include "base64.h"
-
-#ifdef HAVE_LIBPTHREAD
-typedef struct {
- int sockfd;
- char *host;
- char *serv;
- HttpProxyOptions* hpo;
- char type;
- SSL_CTX* ctx;
-} proxy_argT;
-
-/*
- * Function name: clean_return
- * Description: Closes the connection and exits the thread.
- * Arguments: sockfd - the descriptor of the connection
- */
-
-static void
-clean_return(int sockfd)
-{
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http proxy: clean_return");
- close(sockfd);
- pthread_exit(NULL);
-}
-
-/*
- * Function name: http_proxy_client
- * Description: Function responsible for the client part of the http proxy connection.
- * Arguments: vptr - the structure with all the information needed for http proxy tunnel
- */
-
-void*
-http_proxy_client(void *vptr)
-{
- char tab[9000];
- connection conn;
- header hdr;
- int j, n, maxfdp1;
- fd_set rset, allset;
- struct timeval tv;
- int timeout = 5;
- int tmp;
- char *host, *serv, *proxyname, *proxyport, *credentials, *name = "";
- char b64cred[100];
- char type, authtype, https;
- SSL_CTX* ctx;
- proxy_argT *proxy_argptr;
-
- start_critical_section();
- proxy_argptr = (proxy_argT *) vptr;
-
- host = proxy_argptr->host;
- serv = proxy_argptr->serv;
- proxyname = HttpProxyOptions_get_proxyname(proxy_argptr->hpo);
- proxyport = HttpProxyOptions_get_proxyport(proxy_argptr->hpo);
- credentials = HttpProxyOptions_get_proxyauth_cred(proxy_argptr->hpo);
- type = proxy_argptr->type;
- authtype = HttpProxyOptions_get_proxyauth_type(proxy_argptr->hpo);
- conn.sockfd = proxy_argptr->sockfd;
- https = HttpProxyOptions_is_https(proxy_argptr->hpo);
- ctx = proxy_argptr->ctx;
-
- broadcast_condition();
- end_critical_section();
-
- conn.postFd = SslFd_new();
- conn.getFd = SslFd_new();
- conn.tmpFd = SslFd_new();
- if ((conn.postFd == NULL) || (conn.getFd == NULL) || (conn.tmpFd == NULL)) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
-
- if (https) {
- name = "s";
- SslFd_set_ssl(conn.postFd, SSL_new(ctx));
- SslFd_set_ssl(conn.getFd, SSL_new(ctx));
- SslFd_set_ssl(conn.tmpFd, SSL_new(ctx));
- if ((SslFd_get_ssl(conn.postFd) == NULL) ||
- (SslFd_get_ssl(conn.getFd) == NULL) ||
- (SslFd_get_ssl(conn.tmpFd) == NULL)) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
- }
-
- if (authtype == PROXYAUTH_TYPE_WRONG) {
- aflog(LOG_T_MAIN, LOG_I_WARNING,
- "Wrong type of proxy authorizaton --> switching to no authorization");
- credentials = NULL;
- }
-
- if (credentials) {
- if (b64_ntop((unsigned char*)credentials, strlen(credentials), b64cred, 100) == -1) {
- aflog(LOG_T_MAIN, LOG_I_ERR,
- "Cannot encode credentials for proxy authorization");
- b64cred[0] = 0;
- }
- else {
- if (authtype == PROXYAUTH_TYPE_NOTSET) {
- authtype = PROXYAUTH_TYPE_BASIC;
- }
- }
- }
-
- FD_ZERO(&allset);
- tv.tv_usec = 0;
- tv.tv_sec = timeout;
-
- memset(conn.id, 0, 10);
- for (j = 0; j < 9; ++j) {
- conn.id[j] = myrand(65, 90);
- }
- conn.id[9] = 0;
-
- /* postfd */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: connecting (postfd)...", name);
- if (ip_connect(&tmp, proxyname, proxyport, type, NULL, NULL)) {
- clean_return(conn.sockfd);
- }
- SslFd_set_fd(conn.postFd, tmp);
- if (https) {
- if (SSL_set_fd(SslFd_get_ssl(conn.postFd), SslFd_get_fd(conn.postFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: Problem with initializing ssl");
- clean_return(conn.sockfd);
- }
- if (SSL_connect(SslFd_get_ssl(conn.postFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: SSL_connect has failed");
- clean_return(conn.sockfd);
- }
- }
-
- memset(tab, 0, 9000);
- switch (authtype) {
- case PROXYAUTH_TYPE_BASIC:
- sprintf(tab,
- "POST http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n"
- "Proxy-Authorization: Basic %s\r\n\r\n", host, serv, conn.id, host, serv, b64cred);
- break;
- default:
- sprintf(tab,
- "POST http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n\r\n", host, serv, conn.id, host, serv);
- }
- j = strlen (tab);
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: writing POST request...", name);
- if (http_write(https, conn.postFd, (unsigned char*) tab, j) <= 0) {
- clean_return(conn.sockfd);
- }
-
- /* getfd */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: connecting (getfd)...", name);
- if (ip_connect(&tmp, proxyname, proxyport, type, NULL, NULL)) {
- clean_return(conn.sockfd);
- }
- SslFd_set_fd(conn.getFd, tmp);
- if (https) {
- if (SSL_set_fd(SslFd_get_ssl(conn.getFd), SslFd_get_fd(conn.getFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: Problem with initializing ssl");
- clean_return(conn.sockfd);
- }
- if (SSL_connect(SslFd_get_ssl(conn.getFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: SSL_connect has failed");
- clean_return(conn.sockfd);
- }
- }
-
- memset(tab, 0, 9000);
- switch (authtype) {
- case PROXYAUTH_TYPE_BASIC:
- sprintf(tab,
- "GET http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Connection: close\r\n"
- "Proxy-Authorization: Basic %s\r\n\r\n", host, serv, conn.id, host, serv, b64cred);
- break;
- default:
- sprintf(tab,
- "GET http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Connection: close\r\n\r\n", host, serv, conn.id, host, serv);
- }
- j = strlen (tab);
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: writing GET request...", name);
- if (http_write(https, conn.getFd, (unsigned char*) tab, j) <= 0) {
- clean_return(conn.sockfd);
- }
-
- set_fd(conn.sockfd, &maxfdp1, &allset);
- set_fd(SslFd_get_fd(conn.postFd), &maxfdp1, &allset);
- set_fd(SslFd_get_fd(conn.getFd), &maxfdp1, &allset);
- conn.state = C_OPEN;
-
- memset(tab, 0, 9000);
-
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: parsing header from getfd", name);
- if (parse_header(conn.getFd, tab, &hdr, https)) {
- clean_return(conn.sockfd);
- }
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: checking hdr.type", name);
- if (hdr.type != H_TYPE_OK) {
- clean_return(conn.sockfd);
- }
- if (hdr.length) {
- conn.received += hdr.length;
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: reading message...", name);
- if (read_message(conn.sockfd, hdr.length, &conn, tab, hdr.ptr)) {
- clean_return(conn.sockfd);
- }
- }
-
- while (1) {
- if ((conn.state == C_OPEN) && (!(FD_ISSET(conn.sockfd, &allset)))) {
- FD_SET(conn.sockfd, &allset);
- }
- rset = allset;
-
- if (select(maxfdp1, &rset, NULL, NULL, &tv) == 0) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: timeout", name);
- tv.tv_sec = timeout;
- if (conn.sent_ptr+1 >= 90000) {
- if (conn.state == C_CLOSED) {
- continue;
- }
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: send T", name);
- http_write(https, conn.postFd, (unsigned char*) "T", 1);
- conn.sent_ptr = 0;
- clear_sslFd(conn.postFd, &allset);
- /* postfd */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: connecting (postfd)...", name);
- if (ip_connect(&tmp, proxyname, proxyport, type, NULL, NULL)) {
- clean_return(conn.sockfd);
- }
- SslFd_set_fd(conn.postFd, tmp);
- if (https) {
- if (SSL_set_fd(SslFd_get_ssl(conn.postFd), SslFd_get_fd(conn.postFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: Problem with initializing ssl");
- clean_return(conn.sockfd);
- }
- if (SSL_connect(SslFd_get_ssl(conn.postFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: SSL_connect has failed");
- clean_return(conn.sockfd);
- }
- }
-
- memset(tab, 0, 9000);
- switch (authtype) {
- case PROXYAUTH_TYPE_BASIC:
- sprintf(tab,
- "POST http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n"
- "Proxy-Authorization: Basic %s\r\n\r\n", host, serv, conn.id, host, serv, b64cred);
- break;
- default:
- sprintf(tab,
- "POST http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n\r\n", host, serv, conn.id, host, serv);
- }
- j = strlen (tab);
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: writing POST request...", name);
- if (http_write(https, conn.postFd, (unsigned char *) tab, j) <= 0) {
- clean_return(conn.sockfd);
- }
- conn.sent_ptr = 0;
- conn.ptr = 0;
- conn.length = 0;
- conn.state = C_CLOSED;
-
- set_fd(SslFd_get_fd(conn.postFd), &maxfdp1, &allset);
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: send T", name);
- http_write(https, conn.postFd, (unsigned char *) "T", 1);
- conn.sent_ptr += 1;
- }
- continue;
- }
-
- /* sockfd */
- if (FD_ISSET(conn.sockfd, &rset)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(conn.sockfd)", name);
- n = read(conn.sockfd, conn.buf+5, 8995);
- if (n <= 0) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: send Q", name);
- http_write(https, conn.postFd, (unsigned char *) "Q", 1);
- clean_return(conn.sockfd);
- }
- if ((conn.state == C_CLOSED) && (conn.sent_ptr > 70000)) {
- FD_CLR(conn.sockfd, &allset);
- }
- conn.buf[0] = 'M';
- tmp = htonl(n);
- memcpy(&conn.buf[1], &tmp, 4);
- if (conn.sent_ptr+5 + n >= 90000) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: send message", name);
- http_write(https, conn.postFd, (unsigned char *) conn.buf, 90000 - conn.sent_ptr);
- conn.ptr = 90000 - conn.sent_ptr;
- conn.length = 5+n - conn.ptr;
- conn.sent_ptr = 0;
- clear_sslFd(conn.postFd, &allset);
-
- /* postfd */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: connecting (postfd)...", name);
- if (ip_connect(&tmp, proxyname, proxyport, type, NULL, NULL)) {
- clean_return(conn.sockfd);
- }
- SslFd_set_fd(conn.postFd, tmp);
- if (https) {
- if (SSL_set_fd(SslFd_get_ssl(conn.postFd), SslFd_get_fd(conn.postFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: Problem with initializing ssl");
- clean_return(conn.sockfd);
- }
- if (SSL_connect(SslFd_get_ssl(conn.postFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: SSL_connect has failed");
- clean_return(conn.sockfd);
- }
- }
-
- memset(tab, 0, 9000);
- switch (authtype) {
- case PROXYAUTH_TYPE_BASIC:
- sprintf(tab,
- "POST http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n"
- "Proxy-Authorization: Basic %s\r\n\r\n", host, serv, conn.id, host, serv, b64cred);
- break;
- default:
- sprintf(tab,
- "POST http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n\r\n", host, serv, conn.id, host, serv);
- }
- j = strlen (tab);
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: writing POST request...", name);
- if (http_write(https, conn.postFd, (unsigned char *) tab, j) <= 0) {
- clean_return(conn.sockfd);
- }
- if (conn.length > 0) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: writing old data...", name);
- if (http_write(https, conn.postFd, (unsigned char *) (conn.buf+conn.ptr), conn.length) <= 0) {
- clean_return(conn.sockfd);
- }
- }
- conn.sent_ptr = conn.length;
- conn.ptr = 0;
- conn.length = 0;
- conn.state = C_CLOSED;
-
- set_fd(SslFd_get_fd(conn.postFd), &maxfdp1, &allset);
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: send message", name);
- http_write(https, conn.postFd, (unsigned char *) conn.buf, 5+n);
- conn.sent_ptr += 5+n;
- }
- }
-
- /* getfd */
- if (FD_ISSET(SslFd_get_fd(conn.getFd), &rset)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(conn.getfd)", name);
- n = http_read(https, conn.getFd, (unsigned char*) tab, 9000);
- conn.received += n;
- if (n == 0) {
- conn.received = 0;
- clear_sslFd(conn.getFd, &allset);
-
- /* getfd */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: connecting (getfd)...", name);
- if (ip_connect(&tmp, proxyname, proxyport, type, NULL, NULL)) {
- clean_return(conn.sockfd);
- }
- SslFd_set_fd(conn.getFd, tmp);
- if (https) {
- if (SSL_set_fd(SslFd_get_ssl(conn.getFd), SslFd_get_fd(conn.getFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: Problem with initializing ssl");
- clean_return(conn.sockfd);
- }
- if (SSL_connect(SslFd_get_ssl(conn.getFd)) != 1) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "https proxy: SSL_connect has failed");
- clean_return(conn.sockfd);
- }
- }
-
- memset(tab, 0, 9000);
- switch (authtype) {
- case PROXYAUTH_TYPE_BASIC:
- sprintf(tab,
- "GET http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Connection: close\r\n"
- "Proxy-Authorization: Basic %s\r\n\r\n", host, serv, conn.id, host, serv, b64cred);
- break;
- default:
- sprintf(tab,
- "GET http://%s:%s/yahpt.html?id=%s HTTP/1.1\r\n"
- "Host: %s:%s\r\n"
- "Connection: close\r\n\r\n", host, serv, conn.id, host, serv);
- }
- j = strlen (tab);
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: writing GET request...", name);
- if (http_write(https, conn.getFd, (unsigned char *) tab, j) <= 0) {
- clean_return(conn.sockfd);
- }
- memset(tab, 0, 9000);
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: parsing header from getfd", name);
- if (parse_header(conn.getFd, tab, &hdr, https)) {
- clean_return(conn.sockfd);
- }
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: checking hdr.type", name);
- if (hdr.type != H_TYPE_OK) {
- clean_return(conn.sockfd);
- }
-
- set_fd(SslFd_get_fd(conn.getFd), &maxfdp1, &allset);
- if (hdr.length) {
- conn.received += hdr.length;
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: reading message...", name);
- if (read_message(conn.sockfd, hdr.length, &conn, tab, hdr.ptr)) {
- clean_return(conn.sockfd);
- }
- }
- }
- else {
- if (read_message(conn.sockfd, n, &conn, tab, 0)) {
- clean_return(conn.sockfd);
- }
- }
- }
-
- /* postfd */
- if (FD_ISSET(SslFd_get_fd(conn.postFd), &rset)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(conn.postfd) --> clean_return", name);
- clear_sslFd(conn.postFd, &allset);
- clean_return(conn.sockfd);
- }
- }
- clean_return(conn.sockfd);
-}
-
-/*
- * Function name: initialize_http_proxy_client
- * Description: Initializes the thread responsible for http proxy connection.
- * Arguments: sockfd - the new connection descriptor will be stored here
- * cr - the pointer to ClientRealm structure
- * ctx - the pointer to SSL_CTX structure
- * Returns: 0 - success,
- * !0 - failure.
- */
-
-int
-initialize_http_proxy_client(int* sockfd, ClientRealm* cr, SSL_CTX* ctx)
-{
- int retval;
- int sockets[2];
- pthread_t proxy_thread;
- static proxy_argT arg;
-
- if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockets)) {
- return 1;
- }
- (*sockfd) = sockets[0];
-
- if (HttpProxyOptions_get_proxyname(ClientRealm_get_httpProxyOptions(cr)) == NULL) {
- return 1;
- }
-
- start_critical_section();
-
- arg.host = ClientRealm_get_serverName(cr);
- arg.serv = ClientRealm_get_managePort(cr);
- arg.hpo = ClientRealm_get_httpProxyOptions(cr);
- arg.type = ClientRealm_get_ipFamily(cr);
- arg.sockfd = sockets[1];
- arg.ctx = ctx;
-
- retval = pthread_create(&proxy_thread, NULL, &http_proxy_client, &arg);
-
- wait_for_condition();
-
- end_critical_section();
-
- return retval;
-}
-
-#endif
diff --git a/src/http_proxy_client.h b/src/http_proxy_client.h
deleted file mode 100644
index 15506c7..0000000
--- a/src/http_proxy_client.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include "http_proxy_options_struct.h"
-#include "client_realm_struct.h"
-
-#ifndef _JS_HTTP_PROXY_CLIENT_H
-#define _JS_HTTP_PROXY_CLIENT_H
-
-int initialize_http_proxy_client(int* sockfd, ClientRealm* cr, SSL_CTX* ctx);
-
-#endif
diff --git a/src/http_proxy_functions.c b/src/http_proxy_functions.c
deleted file mode 100644
index 3e53365..0000000
--- a/src/http_proxy_functions.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include <config.h>
-
-#include "http_proxy_functions.h"
-#include "network.h"
-#include "stats.h"
-#include "logging.h"
-
-static char isseed;
-
-/*
- * Function name: myrand
- * Description: Returns the pseudo-random number from the given range.
- * If the lower and upper bounds are the same, the pseudo-random
- * number is returned from the range (-RAND_MAX, -RAND_MAX+down)
- * or (down, RAND_MAX).
- * Arguments: down - the lower bound of the range
- * up - the upper bound of the range
- * Returns: The pseudo-random number from the given range.
- */
-
-int
-myrand(int down, int up)
-{
- struct timeval tv;
- if (!isseed) {
- gettimeofday(&tv, 0);
- srand(tv.tv_sec);
- isseed = 1;
- }
- return ( down + ( rand() % (up - down + 1) ) );
-}
-
-/*
- * Function name: delete_user
- * Description: Deletes the user's connection from the http proxy connections.
- * Arguments: cnts - the connection to remove
- * i - the user's number
- * allset - the set of file descriptors
- */
-
-void
-delete_user(connection* cnts, int i, fd_set* allset)
-{
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http proxy: delete_user(%d)", i);
- clear_fd(&(cnts[i].sockfd), allset);
- if (!(cnts[i].state & C_POST_WAIT)) {
- clear_sslFd(cnts[i].postFd, allset);
- }
- if ((cnts[i].type == 0) && (!(cnts[i].state & C_GET_WAIT))) {
- clear_sslFd(cnts[i].getFd, allset);
- }
- cnts[i].state = C_CLOSED;
- cnts[i].sent_ptr = cnts[i].ptr = cnts[i].length = 0;
- cnts[i].type = 0;
-}
-
-/*
- * Function name: parse_header
- * Description: Reads and parses the http header.
- * Arguments: sf - the pointer to SslFd structure
- * tab - the buffer used for reading the data
- * hdr - the pointer to header structure
- * https - the flag indicating if the connection is http/https
- * Returns: 0 - success,
- * 1 - failure.
- */
-
-int
-parse_header(SslFd* sf, char* tab, header* hdr, char https)
-{
- int n, i, j, state = 0;
- char tmpt[100];
- if (https) {
- n = SSL_read(SslFd_get_ssl(sf), tab, 9000);
- }
- else {
- n = read(SslFd_get_fd(sf), tab, 9000);
- }
- hdr->allreaded = n;
- i = j = 0;
- memset(tmpt, 0, 100);
- hdr->ptr = 0;
- hdr->length = 0;
- while (i < n) {
- if (j == 99)
- return 1;
- switch (state) {
- case 0:
- if ((tab[i] != ' ') && (tab[i] != '\t')) {
- tmpt[j] = tab[i];
- ++j;
- }
- else {
- tmpt[j] = 0;
- if (strcmp(tmpt, "GET") == 0) {
- hdr->type = H_TYPE_GET;
- state = 1;
- break;
- }
- if (strcmp(tmpt, "POST") == 0) {
- hdr->type = H_TYPE_POST;
- state = 1;
- break;
- }
- if ((strcmp(tmpt, "HTTP/1.0") == 0) || (strcmp(tmpt, "HTTP/1.1") == 0)) {
- hdr->type = H_TYPE_OK;
- state = 6;
- break;
- }
- return 1;
- }
- break;
- case 1:
- if ((tab[i] != ' ') && (tab[i] != '\t')) {
- tmpt[0] = tab[i];
- j = 1;
- state = 2;
- }
- break;
- case 2:
- if (tab[i] != '=') {
- tmpt[j] = tab[i];
- ++j;
- }
- else {
- tmpt[j] = 0;
- if (strcmp(tmpt, "/yahpt.html?id")) {
- return 1;
- }
- j = 0;
- state = 3;
- }
- break;
- case 3:
- if ((tab[i] != ' ') && (tab[i] != '\t')) {
- if (j == 9) {
- return 1;
- }
- hdr->id[j] = tab[i];
- ++j;
- }
- else {
- if (j != 9) {
- return 1;
- }
- hdr->id[j] = 0;
- state = 4;
- }
- break;
- case 4:
- if (tab[i] == '\n')
- state = 5;
- break;
- case 5:
- if (tab[i] == '\n') {
- hdr->ptr = i+1;
- hdr->length = n - hdr->ptr;
- return 0;
- }
- if (tab[i] != '\r') {
- state = 4;
- }
- break;
- case 6:
- if ((tab[i] != ' ') && (tab[i] != '\t')) {
- tmpt[0] = tab[i];
- j = 1;
- state = 7;
- }
- break;
- case 7:
- if ((tab[i] == ' ') || (tab[i] == '\t')) {
- tmpt[j] = 0;
- if (strcmp(tmpt, "200")) {
- return 1;
- }
- state = 4;
- }
- else {
- tmpt[j] = tab[i];
- ++j;
- }
- break;
- }
- ++i;
- }
- return 1;
-}
-
-/*
- * Function name: set_fd
- * Description: Starts watching the file descriptor.
- * Arguments: fd - the file descriptor
- * maxfdp1 - the upper limit of the file descriptor numbers
- * allset - the set of file descriptors
- */
-
-void
-set_fd(int fd, int* maxfdp1, fd_set* allset)
-{
- FD_SET(fd, allset);
- (*maxfdp1) = ((*maxfdp1) > fd) ? (*maxfdp1) : (fd + 1);
-}
-
-/*
- * Function name: close_fd
- * Description: Closes the file descriptor.
- * Arguments: fd - the file descriptor to close
- */
-
-void
-close_fd(int* fd)
-{
- close(*fd);
-}
-
-/*
- * Function name: clear_fd
- * Description: Removes the file descriptor from the set and closes it.
- * Arguments: fd - the file descriptor to remove and close
- * set - the set of file descriptors
- */
-
-void
-clear_fd(int* fd, fd_set* set)
-{
- FD_CLR(*fd, set);
- close_fd(fd);
-}
-
-/*
- * Function name: read_message
- * Description: Reads the message from the http proxy connection and writes it
- * to the file descriptor.
- * Arguments: fd - the file descriptor
- * length - the length of the buffer
- * client - the http proxy connection
- * tab - the buffer with the readed data
- * ptr - the offset from which the data reading will start
- * Returns: 0 - success,
- * 1 - failure.
- */
-
-int
-read_message(int fd, int length, connection* client, char* tab, int ptr)
-{
- int j = 0;
- int tmp = 0;
- while (j < length) {
- if (client->curreceived + length-j > client->toreceive) {
- if (client->toreceive - client->curreceived > 0) {
- writen(fd, (unsigned char*) (tab+ptr+j), client->toreceive - client->curreceived);
- j += client->toreceive - client->curreceived;
- client->curreceived += client->toreceive - client->curreceived;
- }
- if (client->read_state == 0) {
- switch (tab[ptr + j]) {
- case 'M': {
- if (j + 5 <= length) {
- memcpy(&tmp, &tab[ptr + j + 1], 4);
- client->toreceive = ntohl(tmp);
- client->curreceived = 0;
- j += 5;
- }
- else if (j + 1 < length) {
- memcpy(client->readed_length, &tab[ptr + j + 1], length - j - 1);
- client->read_state = length - j;
- j += length - j;
- }
- else {
- ++j;
- client->read_state = 1;
- }
- break;
- }
- case 'T': {
- ++j;
- break;
- }
- case 'A': {
- ++j;
- if (client->state == C_CLOSED) {
- client->state = C_OPEN;
- }
- break;
- }
- default: {
- return 1;
- }
- }
- }
- else {
- if (j + 5 - client->read_state <= length) {
- memcpy(&client->readed_length[client->read_state-1], &tab[ptr + j], 5 - client->read_state);
- memcpy(&tmp, client->readed_length, 4);
- client->toreceive = ntohl(tmp);
- client->curreceived = 0;
- j += 5 - client->read_state;
- client->read_state = 0;
- }
- else {
- memcpy(&client->readed_length[client->read_state-1], &tab[ptr + j], length - j);
- client->read_state += length - j;
- j += length -j;
- }
- }
- }
- else if (length-j > 0) {
- client->curreceived += length-j;
- writen(fd, (unsigned char*) (tab+ptr+j), length-j);
- j += length-j;
- }
- }
- return 0;
-}
-
-/*
- * Function name: clear_sslFd
- * Description: Close the socket encapsulated in SslFd structure, remove this file descriptor
- * from fd_set and clear ssl structure.
- * Arguments: sf - pointer to SslFd structure
- * set - pointer to fd_set structure
- */
-
-void
-clear_sslFd(SslFd* sf, fd_set* set)
-{
- clear_fd((&(sf->fd)), set);
- if (SslFd_get_ssl(sf)) {
- SSL_clear(SslFd_get_ssl(sf));
- }
-}
-
-/*
- * Function name: http_write
- * Description: Write the message via http/https proxy.
- * Arguments: https - if the https proxy will be used instead of http proxy
- * sf - pointer to SslFd structure
- * buf - buffer containing the data to send
- * amount - how much butes will be send
- * Returns: The result of writen or SSL_writen function, depending on 'https' value.
- */
-
-int
-http_write(char https, SslFd* sf, unsigned char* buf, int amount)
-{
- if (https) {
- return SSL_writen(SslFd_get_ssl(sf), buf, amount);
- }
- else {
- return writen(SslFd_get_fd(sf), buf, amount);
- }
-}
-
-/*
- * Function name: http_read
- * Description: Read the message via http/https proxy.
- * Arguments: https - if the https proxy will be used instead of http proxy
- * sf - pointer to SslFd structure
- * buf - buffer for the received data
- * amount - how much bytes will be received
- * Returns: The result of read or SSL_read function, depending on 'https' value.
- */
-
-int
-http_read(char https, SslFd* sf, unsigned char* buf, int amount)
-{
- if (https) {
- return SSL_read(SslFd_get_ssl(sf), buf, amount);
- }
- else {
- return read(SslFd_get_fd(sf), buf, amount);
- }
-}
diff --git a/src/http_proxy_functions.h b/src/http_proxy_functions.h
deleted file mode 100644
index 1b10f9a..0000000
--- a/src/http_proxy_functions.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/time.h>
-#include <sys/select.h>
-#include <unistd.h>
-
-#include "ssl_fd_struct.h"
-
-#ifndef _JS_HTTP_PROXY_FUNCTIONS_H
-#define _JS_HTTP_PROXY_FUNCTIONS_H
-
-#define C_CLOSED 0
-#define C_POST_WAIT 1
-#define C_GET_WAIT 2
-#define C_OPEN 4
-#define C_DELAYED_A 8
-
-#define H_TYPE_GET 0
-#define H_TYPE_POST 1
-#define H_TYPE_OK 2
-#define H_TYPE_ERROR 3
-
-typedef struct {
- char type;
- char id[10];
- int ptr;
- int length;
- int allreaded;
-} header;
-
-typedef struct {
- char read_state;
- char readed_length[4];
- char state;
- char id[10];
- SslFd* postFd;
- SslFd* getFd;
- int sent_ptr;
- int sockfd;
- char buf[9000];
- char tmpbuf[9000];
- char tmpstate;
- SslFd* tmpFd;
- char type;
- header tmpheader;
- int ptr;
- int length;
- int curreceived;
- int toreceive;
- int received;
-} connection;
-
-int myrand(int, int);
-int parse_header(SslFd*, char*, header*, char);
-int read_message(int, int, connection*, char*, int);
-void delete_user(connection*, int, fd_set*);
-void set_fd(int, int*, fd_set*);
-void close_fd(int*);
-void clear_fd(int*, fd_set*);
-void clear_sslFd(SslFd*, fd_set*);
-int http_write(char, SslFd*, unsigned char*, int);
-int http_read(char, SslFd*, unsigned char*, int);
-
-#endif
diff --git a/src/http_proxy_options_struct.c b/src/http_proxy_options_struct.c
deleted file mode 100644
index e1dcc4d..0000000
--- a/src/http_proxy_options_struct.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include <config.h>
-
-#include <stdlib.h>
-#include <string.h>
-#include <assert.h>
-
-#include "http_proxy_options_struct.h"
-#include "string_functions.h"
-
-/*
- * Function name: HttpProxyOptions_new
- * Description: Create and initialize new HttpProxyOptions structure.
- * Returns: Pointer to newly created HttpProxyOptions structure.
- */
-
-HttpProxyOptions*
-HttpProxyOptions_new()
-{
- HttpProxyOptions* tmp = calloc(1, sizeof(HttpProxyOptions));
- assert(tmp != NULL);
- if (tmp == NULL) {
- return NULL;
- }
- tmp->proxyauth_type = PROXYAUTH_TYPE_NOTSET;
- return tmp;
-}
-
-/*
- * Function name: HttpProxyOptions_free
- * Description: Free the memory allocated for HttpProxyOptions structure.
- * Arguments: hpo - pointer to pointer to HttpProxyOptions structure
- */
-
-void
-HttpProxyOptions_free(HttpProxyOptions** hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return;
- }
- assert((*hpo) != NULL);
- if ((*hpo) == NULL) {
- return;
- }
- if ((*hpo)->proxyname) {
- free((*hpo)->proxyname);
- (*hpo)->proxyname = NULL;
- }
- if ((*hpo)->proxyport) {
- free((*hpo)->proxyport);
- (*hpo)->proxyport = NULL;
- }
- if ((*hpo)->proxyauth_cred) {
- free((*hpo)->proxyauth_cred);
- (*hpo)->proxyauth_cred = NULL;
- }
- free((*hpo));
- (*hpo) = NULL;
-}
-
-/*
- * Function name: HttpProxyOptions_set_proxyname
- * Description: Set name of the http proxy server.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * proxyname - name of the http proxy server
- */
-
-void
-HttpProxyOptions_set_proxyname(HttpProxyOptions* hpo, char* proxyname)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return;
- }
- string_cp(&(hpo->proxyname), proxyname);
-}
-
-/*
- * Function name: HttpProxyOptions_set_proxyport
- * Description: Set port on which http proxy server is listening.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * proxyport - port on which http proxy server is listening
- */
-
-void
-HttpProxyOptions_set_proxyport(HttpProxyOptions* hpo, char* proxyport)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return;
- }
- string_cp(&(hpo->proxyport), proxyport);
-}
-
-/*
- * Function name: HttpProxyOptions_set_proxyauth_cred
- * Description: Set credentials for http proxy server.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * proxyauth_cred - credentials for http proxy server
- */
-
-void
-HttpProxyOptions_set_proxyauth_cred(HttpProxyOptions* hpo, char* proxyauth_cred)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return;
- }
- string_cp(&(hpo->proxyauth_cred), proxyauth_cred);
-}
-
-/*
- * Function name: HttpProxyOptions_set_proxyauth_type
- * Description: Set type of the proxy authorization.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * proxyauth_type - type of the proxy authorization
- */
-
-void
-HttpProxyOptions_set_proxyauth_type(HttpProxyOptions* hpo, char proxyauth_type)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return;
- }
- assert(hpo->proxyauth_type == PROXYAUTH_TYPE_NOTSET);
- if (hpo->proxyauth_type != PROXYAUTH_TYPE_NOTSET) {
- hpo->proxyauth_type = PROXYAUTH_TYPE_WRONG;
- return;
- }
- hpo->proxyauth_type = proxyauth_type;
-}
-
-/*
- * Function name: HttpProxyOptions_get_proxyname
- * Description: Get name of the http proxy server
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * Returns: Name of the http proxy server or NULL, if name not set.
- */
-
-char*
-HttpProxyOptions_get_proxyname(HttpProxyOptions* hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return NULL;
- }
- return hpo->proxyname;
-}
-
-/*
- * Function name: HttpProxyOptions_get_proxyport
- * Description: Get port on which http proxy server is listening.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * Returns: Port on which http proxy server is listening or NULL, if port not set.
- */
-
-char*
-HttpProxyOptions_get_proxyport(HttpProxyOptions* hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return NULL;
- }
- return hpo->proxyport;
-}
-
-/*
- * Function name: HttpProxyOptions_get_proxyauth_cred
- * Description: Get credentials for http proxy server.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * Returns: Credentials for http proxy server or NULL, if not set.
- */
-
-char*
-HttpProxyOptions_get_proxyauth_cred(HttpProxyOptions* hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return NULL;
- }
- return hpo->proxyauth_cred;
-}
-
-/*
- * Function name: HttpProxyOptions_get_proxyauth_type
- * Description: Get type of the proxy authorization.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * Returns: Type of the proxy authorization.
- */
-
-char
-HttpProxyOptions_get_proxyauth_type(HttpProxyOptions* hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return PROXYAUTH_TYPE_WRONG;
- }
- return hpo->proxyauth_type;
-}
-
-/*
- * Function name: HttpProxyOptions_use_https
- * Description: Enable use of https proxy instead of http proxy.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- */
-
-void
-HttpProxyOptions_use_https(HttpProxyOptions* hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return;
- }
- hpo->useHttps = USEHTTPS_ON;
-}
-
-/*
- * Function name: HttpProxyOptions_is_https
- * Description: Check if the use of https proxy is enabled.
- * Arguments: hpo - pointer to HttpProxyOptions structure
- * Returns: USEHTTPS_OFF - http proxy will be used
- * USEHTTPS_ON - https proxy will be used
- */
-
-char
-HttpProxyOptions_is_https(HttpProxyOptions* hpo)
-{
- assert(hpo != NULL);
- if (hpo == NULL) {
- return USEHTTPS_OFF;
- }
- return hpo->useHttps;
-}
diff --git a/src/http_proxy_options_struct.h b/src/http_proxy_options_struct.h
deleted file mode 100644
index db0208c..0000000
--- a/src/http_proxy_options_struct.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#ifndef _JS_HTTP_PROXY_OPTIONS_STRUCT_H
-#define _JS_HTTP_PROXY_OPTIONS_STRUCT_H
-
-#define PROXYAUTH_TYPE_NOTSET 0
-#define PROXYAUTH_TYPE_WRONG -1
-#define PROXYAUTH_TYPE_BASIC 1
-
-#define USEHTTPS_OFF 0
-#define USEHTTPS_ON 1
-
-typedef struct {
- char* proxyname;
- char* proxyport;
- char* proxyauth_cred;
- char proxyauth_type;
- char useHttps;
-} HttpProxyOptions;
-
-/* 'constructor' */
-HttpProxyOptions* HttpProxyOptions_new();
-/* 'destructor' */
-void HttpProxyOptions_free(HttpProxyOptions** hpo);
-/* setters */
-void HttpProxyOptions_set_proxyname(HttpProxyOptions* hpo, char* proxyname);
-void HttpProxyOptions_set_proxyport(HttpProxyOptions* hpo, char* proxyport);
-void HttpProxyOptions_set_proxyauth_cred(HttpProxyOptions* hpo, char* proxyauth_cred);
-void HttpProxyOptions_set_proxyauth_type(HttpProxyOptions* hpo, char proxyauth_type);
-/* getters */
-char* HttpProxyOptions_get_proxyname(HttpProxyOptions* hpo);
-char* HttpProxyOptions_get_proxyport(HttpProxyOptions* hpo);
-char* HttpProxyOptions_get_proxyauth_cred(HttpProxyOptions* hpo);
-char HttpProxyOptions_get_proxyauth_type(HttpProxyOptions* hpo);
-/* other */
-void HttpProxyOptions_use_https(HttpProxyOptions* hpo);
-char HttpProxyOptions_is_https(HttpProxyOptions* hpo);
-
-#endif
-
diff --git a/src/http_proxy_server.c b/src/http_proxy_server.c
deleted file mode 100644
index 17baf5a..0000000
--- a/src/http_proxy_server.c
+++ /dev/null
@@ -1,585 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include <config.h>
-
-#include "make_ssl_handshake.h"
-#include "http_proxy_server.h"
-#include "thread_management.h"
-#include "stats.h"
-#include "logging.h"
-#include "network.h"
-
-#ifdef HAVE_LIBPTHREAD
-
-typedef struct {
- int sockfd;
- char *host;
- char *serv;
- socklen_t *addrlenp;
- char type;
- int limit;
- char https;
- SSL_CTX* ctx;
-} sproxy_argT;
-
-/*
- * Function name: afserver_connect
- * Description: Connects new http proxy connection to the afserver.
- * Arguments: sockfd - the file descriptor which will be used for communication with afserver
- * afserverfd - the afserver's file descriptor
- * cliaddr - pointer to sockaddr structure
- * addrlenp - pointer to the length of the sockaddr structure
- * type - the type of the connection
- */
-
-int
-afserver_connect(int* sockfd, int afserverfd, struct sockaddr* cliaddr, socklen_t* addrlenp, char type)
-{
- int sockets[2];
- if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockets)) {
- return 1;
- }
- if (write(afserverfd, &sockets[0], 4) != 4) {
- return 2;
- }
- if (write(afserverfd, &type, 1) != 1) {
- return 3;
- }
- if (write(afserverfd, addrlenp, 4) != 4) {
- return 4;
- }
- if (write(afserverfd, cliaddr, *addrlenp) != *addrlenp) {
- return 5;
- }
- (*sockfd) = sockets[1];
- return 0;
-}
-
-/*
- * Function name: http_proxy_server
- * Description: Function responsible for the server part of the http proxy connection.
- * Arguments: vptr - the structure with all the information needed for http proxy tunnel.
- */
-
-void*
-http_proxy_server(void *vptr)
-{
- int listenfd, afserverfd;
- SslFd* connFd;
- struct sockaddr* cliaddr;
- char tab[9000];
- connection* table;
- header hdr;
- int i, n, maxfdp1;
- fd_set rset, allset;
- struct timeval tv;
- int maxclients, tmp;
- int timeout = 5;
- socklen_t *addrlenp;
- socklen_t addrlen;
- char type, nothttp, https;
- char *host, *serv, *name = "";
- SSL_CTX* ctx;
- sproxy_argT *proxy_argptr;
-
- start_critical_section();
- proxy_argptr = (sproxy_argT *) vptr;
-
- afserverfd = proxy_argptr->sockfd;
- host = proxy_argptr->host;
- serv = proxy_argptr->serv;
- addrlenp = proxy_argptr->addrlenp;
- type = proxy_argptr->type;
- maxclients = proxy_argptr->limit+1;
- https = proxy_argptr->https;
- ctx = proxy_argptr->ctx;
-
- if (https) {
- name = "s";
- }
-
- table = calloc(maxclients, sizeof(connection));
- if (table == NULL) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
- for (i = 0; i < maxclients; ++i) {
- table[i].postFd = SslFd_new();
- table[i].getFd = SslFd_new();
- table[i].tmpFd = SslFd_new();
- if ((table[i].postFd == NULL) || (table[i].getFd == NULL) || (table[i].tmpFd == NULL)) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
- if (https) {
- SslFd_set_ssl(table[i].postFd, SSL_new(ctx));
- SslFd_set_ssl(table[i].getFd, SSL_new(ctx));
- SslFd_set_ssl(table[i].tmpFd, SSL_new(ctx));
- if ((SslFd_get_ssl(table[i].postFd) == NULL) ||
- (SslFd_get_ssl(table[i].getFd) == NULL) ||
- (SslFd_get_ssl(table[i].tmpFd) == NULL)) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
- }
- }
- connFd = SslFd_new();
- if (connFd == NULL) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
- if (https) {
- SslFd_set_ssl(connFd, SSL_new(ctx));
- if (SslFd_get_ssl(connFd) == NULL) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't allocate memory... exiting.", name);
- exit(1);
- }
- }
-
- if (ip_listen(&listenfd, host, serv, addrlenp, type)) {
- aflog(LOG_T_INIT, LOG_I_CRIT,
- "http%s proxy: Can't listen on %s:%s", name, host, serv);
- exit(1);
- }
- cliaddr = malloc(*addrlenp);
- addrlen = (*addrlenp);
- addrlenp = &addrlen;
-
- broadcast_condition();
- end_critical_section();
-
- FD_ZERO(&allset);
- FD_SET(listenfd, &allset);
- maxfdp1 = listenfd + 1;
- tv.tv_usec = 0;
- tv.tv_sec = timeout;
-
- while (1) {
- rset = allset;
-
- if (select(maxfdp1, &rset, NULL, NULL, &tv) == 0) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: timeout", name);
- tv.tv_sec = timeout;
- for (i = 0; i < maxclients; ++i) {
- if ((table[i].state == C_CLOSED) || (table[i].state & C_GET_WAIT) || (table[i].type == 1)) {
- continue;
- }
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: send T to table[%d].getfd", name, i);
- if (table[i].sent_ptr+1 >= 90000) {
- http_write(https, table[i].getFd, (unsigned char*) "T", 1);
- table[i].sent_ptr = 0;
- clear_sslFd(table[i].getFd, &allset);
- FD_CLR(table[i].sockfd, &allset);
- table[i].state |= C_GET_WAIT;
- }
- else {
- http_write(https, table[i].getFd, (unsigned char*) "T", 1);
- table[i].sent_ptr += 1;
- }
- }
- continue;
- }
-
- /* http proxy tunnels */
- for (i = 0; i < maxclients; ++i) {
- if ((table[i].state == C_CLOSED) || (table[i].type == 1)) {
- continue;
- }
-
- /* sockfd */
- if ((!(table[i].state & C_GET_WAIT)) && (FD_ISSET(table[i].sockfd, &rset))) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(table[%d].sockfd)", name, i);
- n = read(table[i].sockfd, table[i].buf+5, 8995);
- if (n <= 0) {
- http_write(https, table[i].getFd, (unsigned char*) "Q", 1);
- delete_user(table, i, &allset);
- continue;
- }
- table[i].buf[0] = 'M';
- tmp = htonl(n);
- memcpy(&table[i].buf[1], &tmp, 4);
- if (table[i].sent_ptr+5 + n >= 90000) {
- http_write(https, table[i].getFd, (unsigned char*) table[i].buf, 90000 - table[i].sent_ptr);
- table[i].ptr = 90000 - table[i].sent_ptr;
- table[i].length = 5+n - table[i].ptr;
- table[i].sent_ptr = 0;
- clear_sslFd(table[i].getFd, &allset);
- FD_CLR(table[i].sockfd, &allset);
- table[i].state |= C_GET_WAIT;
- continue;
- }
- else {
- http_write(https, table[i].getFd, (unsigned char*) table[i].buf, n+5);
- table[i].sent_ptr += n+5;
- }
- }
-
- /* getfd */
- if (FD_ISSET(SslFd_get_fd(table[i].getFd), &rset)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(table[%d].getfd)", name, i);
- delete_user(table, i, &allset);
- continue;
- }
-
- /* postfd */
- if (FD_ISSET(SslFd_get_fd(table[i].postFd), &rset)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(table[%d].postfd)", name, i);
- n = http_read(https, table[i].postFd, (unsigned char*) tab, 9000);
- if (n != 0) {
- table[i].received += n;
- if (read_message(table[i].sockfd, n, &table[i], tab, 0)) {
- delete_user(table, i, &allset);
- }
- }
- if ((n == 0) || (table[i].received == 90000)) {
- table[i].received = 0;
- clear_sslFd(table[i].postFd, &allset);
- table[i].state |= C_POST_WAIT;
-
- if (!(table[i].state & C_GET_WAIT)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: send A to table[%d].getfd", name, i);
- if (table[i].sent_ptr+1 >= 90000) {
- http_write(https, table[i].getFd, (unsigned char*) "A", 1);
- table[i].sent_ptr = 0;
- clear_sslFd(table[i].getFd, &allset);
- FD_CLR(table[i].sockfd, &allset);
- table[i].state |= C_GET_WAIT;
- }
- else {
- http_write(https, table[i].getFd, (unsigned char*) "A", 1);
- table[i].sent_ptr += 1;
- }
- }
- else {
- table[i].state |= C_DELAYED_A;
- }
-
- if (table[i].tmpstate == 1) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: get old POST request...", name);
- table[i].state &= ~C_POST_WAIT;
- SslFd_swap_content(table[i].postFd, table[i].tmpFd);
- set_fd(SslFd_get_fd(table[i].postFd), &maxfdp1, &allset);
- table[i].tmpstate = 0;
- if (table[i].tmpheader.length) {
- table[i].received += table[i].tmpheader.length;
- if (read_message(table[i].sockfd, table[i].tmpheader.length, &table[i],
- table[i].tmpbuf, table[i].tmpheader.ptr)) {
- delete_user(table, i, &allset);
- }
- }
- }
- continue;
- }
- }
- }
-
- /* direct tunnels */
- for (i = 0; i < maxclients; ++i) {
- if ((table[i].state == C_OPEN) && (table[i].type == 1)) {
-
- if (FD_ISSET(table[i].sockfd, &rset)) {
- n = read(table[i].sockfd, table[i].buf, 9000);
- if (n > 0) {
- writen(SslFd_get_fd(table[i].postFd), (unsigned char*) table[i].buf, n);
- }
- else {
- delete_user(table, i, &allset);
- continue;
- }
- }
-
- if (FD_ISSET(SslFd_get_fd(table[i].postFd), &rset)) {
- n = read(SslFd_get_fd(table[i].postFd), tab, 9000);
- if (n > 0) {
- writen(table[i].sockfd, (unsigned char*) tab, n);
- }
- else {
- delete_user(table, i, &allset);
- continue;
- }
- }
-
- }
- }
-
- /* listen */
- if (FD_ISSET(listenfd, &rset)) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: FD_ISSET(listenfd)", name);
- tmp = accept(listenfd, cliaddr, addrlenp);
- if (tmp != -1) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: New connection...", name);
- SslFd_set_fd(connFd, tmp);
- if (https) {
- make_ssl_initialize(connFd);
- if (make_ssl_accept(connFd)) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "https proxy: DENIED by SSL_accept");
- close(SslFd_get_fd(connFd));
- SSL_clear(SslFd_get_ssl(connFd));
- continue;
- }
- }
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: New connection --> EAGAIN", name);
- continue;
- }
- memset(tab, 0, 9000);
- nothttp = 0;
- if (parse_header(connFd, tab, &hdr, https)) {
- nothttp = 1;
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: no http header...", name);
- }
- n = -1;
- for (i = 0; i < maxclients; ++i) {
- if (table[i].state == C_CLOSED) {
- if (n == -1)
- n = i;
- }
- else {
- if ((!nothttp) && (strcmp(table[i].id, hdr.id) == 0)) {
- break;
- }
- }
- }
- if (i < maxclients) { /* the client exists */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: the client exist...", name);
- if (hdr.type == H_TYPE_GET) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: type GET...", name);
- if (!(table[i].state & C_GET_WAIT)) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: not waiting for GET...", name);
- table[i].sent_ptr = 0;
- FD_CLR(table[i].sockfd, &allset);
- clear_sslFd(table[i].getFd, &allset);
- table[i].state |= C_GET_WAIT;
- }
- if (!(table[i].state & C_OPEN)) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: not opened...", name);
- if (afserver_connect(&table[i].sockfd, afserverfd, cliaddr, addrlenp, 1)) {
- memset(tab, 0, 9000);
- sprintf(tab,"HTTP/1.1 400 Bad Request\r\n\r\n");
- n = strlen (tab);
- http_write(https, connFd, (unsigned char*) tab, n);
- close_fd((&(connFd->fd)));
- SSL_clear(SslFd_get_ssl(connFd));
- clear_sslFd(table[i].postFd, &allset);
- table[i].state = C_CLOSED;
- continue;
- }
- table[i].state |= C_OPEN;
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: OPEN...", name);
- }
- table[i].state &= ~C_GET_WAIT;
- table[i].sent_ptr = 0;
- SslFd_swap_content(table[i].getFd, connFd);
- set_fd(table[i].sockfd, &maxfdp1, &allset);
- set_fd(SslFd_get_fd(table[i].getFd), &maxfdp1, &allset);
- memset(tab, 0, 9000);
- sprintf(tab,
- "HTTP/1.1 200 OK\r\n"
- "Content-Length: 90000\r\n"
- "Connection: close\r\n"
- "Pragma: no-cache\r\n"
- "Cache-Control: no-cache, no-store, must-revalidate\r\n"
- "Expires: 0\r\n"
- "Content-Type: text/html\r\n\r\n");
- n = strlen(tab);
- if (writen(SslFd_get_fd(table[i].getFd), (unsigned char*) tab, n) <= 0) {
- delete_user(table, i, &allset);
- continue;
- }
- if (table[i].length) {
- if (writen(SslFd_get_fd(table[i].getFd),
- (unsigned char*) (table[i].buf+table[i].ptr), table[i].length) <= 0) {
- delete_user(table, i, &allset);
- continue;
- }
- }
- table[i].sent_ptr = table[i].length;
- table[i].ptr = 0;
- table[i].length = 0;
- if (table[i].state & C_DELAYED_A) {
- aflog(LOG_T_MAIN, LOG_I_DDEBUG,
- "http%s proxy: send A to table[%d].getfd", name, i);
- http_write(https, table[i].getFd, (unsigned char*) "A", 1);
- table[i].sent_ptr += 1;
- table[i].state &= ~C_DELAYED_A;
- }
- }
- else if (hdr.type == H_TYPE_POST) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: type POST...", name);
- if (!(table[i].state & C_POST_WAIT)) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: unexpected POST request...", name);
- if (table[i].tmpstate == 0) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: buffering POST request...", name);
- table[i].tmpstate = 1;
- SslFd_swap_content(table[i].tmpFd, connFd);
- memcpy(table[i].tmpbuf, tab, 9000);
- table[i].tmpheader = hdr;
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: no space to buffer POST request (received from first postfd: %d)", name,
- table[i].received);
- delete_user(table, i, &allset);
- }
- }
- else {
- if (hdr.length) {
- table[i].received += hdr.length;
- if (read_message(table[i].sockfd, hdr.length, &table[i], tab, hdr.ptr)) {
- delete_user(table, i, &allset);
- }
- }
- table[i].state &= ~C_POST_WAIT;
- SslFd_swap_content(table[i].postFd, connFd);
- set_fd(SslFd_get_fd(table[i].postFd), &maxfdp1, &allset);
- }
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: unrecognized type...", name);
- delete_user(table, i, &allset);
- }
- }
- else if (n != -1) { /* there are free slots */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: there are free slots...", name);
- if (!nothttp) {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: http header...", name);
- if (hdr.type == H_TYPE_POST) { /* POST request must be first */
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: type POST...", name);
- table[n].state = C_GET_WAIT;
- memcpy(table[n].id,hdr.id, 9);
- SslFd_swap_content(table[n].postFd, connFd);
- set_fd(SslFd_get_fd(table[n].postFd), &maxfdp1, &allset);
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: closing this connection... (not POST type)", name);
- close_fd((&(connFd->fd)));
- if (https) {
- SSL_clear(SslFd_get_ssl(connFd));
- }
- continue;
- }
- }
- else {
- table[n].state = C_OPEN;
- SslFd_set_fd(table[n].postFd, SslFd_get_fd(connFd));
- table[n].type = 1;
- set_fd(SslFd_get_fd(table[n].postFd), &maxfdp1, &allset);
- if (afserver_connect(&table[n].sockfd, afserverfd, cliaddr, addrlenp, 0)) {
- clear_sslFd(table[n].postFd, &allset);
- table[n].state = C_CLOSED;
- continue;
- }
- set_fd(table[n].sockfd, &maxfdp1, &allset);
- write(table[n].sockfd, tab, hdr.allreaded);
- }
- }
- else {
- aflog(LOG_T_MAIN, LOG_I_DEBUG,
- "http%s proxy: closing this connection... (no free slots)", name);
- close_fd((&(connFd->fd)));
- continue;
- }
- }
- }
-
- return 0;
-}
-
-/*
- * Function name: initialize_http_proxy_server
- * Description: Initializes the thread responsible for http proxy connection.
- * Arguments: sockfd - the new connection descriptor will be stored here
- * host - the name of the host on which we will be listening on
- * serv - the port on which we will be listening on
- * addrlenp - pointer to the length of the sockaddr structure
- * type - the type of the connection
- * limit - the limit for user's connections
- * https - if the connection should be https instead of http
- * ctx - the pointer to SSL_CTX structure
- * Returns: 0 - success,
- * !0 - failure.
- */
-
-int
-initialize_http_proxy_server(int* sockfd, const char *host, const char *serv, socklen_t *addrlenp, const char type, int limit, char https, SSL_CTX* ctx)
-{
- int retval;
- int sockets[2];
- pthread_t proxy_thread;
- static sproxy_argT arg;
-
- if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockets)) {
- return 1;
- }
- (*sockfd) = sockets[0];
-
- start_critical_section();
-
- arg.host = (char*) host;
- arg.serv = (char*) serv;
- arg.addrlenp = addrlenp;
- arg.limit = limit;
- arg.type = (char) type;
- arg.sockfd = sockets[1];
- arg.https = https;
- arg.ctx = ctx;
-
- retval = pthread_create(&proxy_thread, NULL, &http_proxy_server, &arg);
-
- wait_for_condition();
-
- end_critical_section();
-
- return retval;
-}
-
-#endif
diff --git a/src/http_proxy_server.h b/src/http_proxy_server.h
deleted file mode 100644
index 22c121c..0000000
--- a/src/http_proxy_server.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#ifndef _JS_HTTP_PROXY_SERVER_H
-#define _JS_HTTP_PROXY_SERVER_H
-
-#include "http_proxy_functions.h"
-#include "network.h"
-
-int initialize_http_proxy_server(int* sockfd, const char *host, const char *serv, socklen_t *addrlenp, const char type, int limit, char https, SSL_CTX* ctx);
-
-#endif
diff --git a/src/network.h b/src/network.h
index b8c0273..132b780 100644
--- a/src/network.h
+++ b/src/network.h
@@ -30,9 +30,6 @@
#include <arpa/inet.h>
#include <netinet/in.h>
#include <unistd.h>
-#ifdef HAVE_LIBPTHREAD
-#include <pthread.h>
-#endif
#include <netdb.h>
#include <openssl/ssl.h>
diff --git a/src/server_remoteadmin.c b/src/server_remoteadmin.c
index 1d10520..de778f6 100644
--- a/src/server_remoteadmin.c
+++ b/src/server_remoteadmin.c
@@ -388,14 +388,6 @@ serve_admin(ServerConfiguration* config, int realm, int client, unsigned char* b
add_to_message(buff, "tunneltype: direct");
break;
}
- case CONNECTCLIENT_TUNNELTYPE_HTTPPROXY: {
- add_to_message(buff, "tunneltype: http proxy");
- break;
- }
- case CONNECTCLIENT_TUNNELTYPE_HTTPSPROXY: {
- add_to_message(buff, "tunneltype: https proxy");
- break;
- }
default: {
add_to_message(buff, "tunneltype: UNKNOWN");
}
@@ -452,14 +444,6 @@ serve_admin(ServerConfiguration* config, int realm, int client, unsigned char* b
add_to_message(buff, "tunneltype: direct");
break;
}
- case CONNECTCLIENT_TUNNELTYPE_HTTPPROXY: {
- add_to_message(buff, "tunneltype: http proxy");
- break;
- }
- case CONNECTCLIENT_TUNNELTYPE_HTTPSPROXY: {
- add_to_message(buff, "tunneltype: https proxy");
- break;
- }
default: {
add_to_message(buff, "tunneltype: UNKNOWN");
}
diff --git a/src/server_signals.c b/src/server_signals.c
index 84cf5ec..b21d467 100644
--- a/src/server_signals.c
+++ b/src/server_signals.c
@@ -19,11 +19,10 @@
*/
#include <config.h>
+#include <unistd.h>
#include "server_signals.h"
#include "activefor.h"
-#include "thread_management.h"
-#include "http_proxy_functions.h"
#include "stats.h"
#include "logging.h"
#include "server_configuration_struct.h"
@@ -44,12 +43,6 @@ server_sig_int(int signo)
int i, j;
unsigned char buff[5];
ServerRealm** scRealmsTable;
-
-#ifdef HAVE_LIBPTHREAD
- if (!is_this_a_mainthread()) {
- return;
- }
-#endif
for (j = 0; j < ServerConfiguration_get_realmsNumber(config); ++j) {
scRealmsTable = ServerConfiguration_get_realmsTable(config);
diff --git a/src/thread_management.c b/src/thread_management.c
deleted file mode 100644
index d423ca6..0000000
--- a/src/thread_management.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#include <config.h>
-
-#include "thread_management.h"
-
-#ifdef HAVE_LIBPTHREAD
-
-static pthread_t mainthread;
-static pthread_mutex_t mainmutex = PTHREAD_MUTEX_INITIALIZER;
-static pthread_cond_t maincond = PTHREAD_COND_INITIALIZER;
-
-/*
- * Function name: remember_mainthread
- * Description: Remembers the current thread as a main thread.
- */
-
-void
-remember_mainthread(void)
-{
- mainthread = pthread_self();
-}
-
-/*
- * Function name: is_this_a_mainthread
- * Description: Checks, if the current thread is a main thread.
- * Returns: 0 - this is not a main thread,
- * 1 - this is a main thread.
- */
-
-int
-is_this_a_mainthread(void)
-{
- if (pthread_self() == mainthread) {
- return 1;
- }
- return 0;
-}
-
-/*
- * Function name: start_critical_section
- * Description: Starts the critical section of the code by locking the mutex.
- */
-
-void
-start_critical_section(void)
-{
- pthread_mutex_lock( &mainmutex);
-}
-
-/*
- * Function name: end_critical_section
- * Description: Ends the critical section of the code by unlocking the mutex.
- */
-
-void
-end_critical_section(void)
-{
- pthread_mutex_unlock( &mainmutex);
-}
-
-/*
- * Function name: wait_for_condition
- * Description: Starts waiting for the condition.
- */
-
-void
-wait_for_condition(void)
-{
- pthread_cond_wait(&maincond, &mainmutex);
-}
-
-/*
- * Function name: broadcast_condition
- * Description: Broadcast the met of the condition.
- */
-
-void
-broadcast_condition(void)
-{
- pthread_cond_broadcast(&maincond);
-}
-
-#endif
diff --git a/src/thread_management.h b/src/thread_management.h
deleted file mode 100644
index 9ea87fb..0000000
--- a/src/thread_management.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * active port forwarder - software for secure forwarding
- * Copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- */
-
-#ifndef _JS_THREAD_MANAGEMENT_H
-#define _JS_THREAD_MANAGEMENT_H
-
-#include <pthread.h>
-
-void remember_mainthread(void);
-int is_this_a_mainthread(void);
-void start_critical_section(void);
-void end_critical_section(void);
-void wait_for_condition(void);
-void broadcast_condition(void);
-
-#endif
-
diff --git a/src/usage.c b/src/usage.c
index 08a85b8..e32f6f8 100644
--- a/src/usage.c
+++ b/src/usage.c
@@ -110,15 +110,7 @@ server_long_usage(char* info)
printf(" -4, --ipv4 - use ipv4 only\n");
printf(" -6, --ipv6 - use ipv6 only\n\n");
#endif
-#ifdef HAVE_LIBPTHREAD
- printf(" HTTP PROXY:\n\n");
- printf(" -P, --enableproxy - enable http proxy mode\n\n");
- /* FIXME: afclient is always trying to get http page, so this option is not needed now
- printf(" -S, --use-https - use https proxy instead of http proxy. '-P' option\n");
- printf(" will be set implicitly\n\n");
- */
-#endif
-
+
exit(0);
}
@@ -213,15 +205,6 @@ client_long_usage(char* info)
printf(" -l, --load - load a module for user's packets filtering\n");
printf(" -L, --Load - load a module for service's packets filtering\n\n");
#endif
-#ifdef HAVE_LIBPTHREAD
- printf(" HTTP/HTTPS PROXY:\n\n");
- printf(" -S, --use-https - use https proxy instead of http proxy\n");
- printf(" -P, --proxyname - the name of the machine with proxy server\n");
- printf(" -X, --proxyport - the port used by proxy server (default: 8080)\n");
- printf(" -C, --pa-cred U:P - the user (U) and password (P) used in proxy\n");
- printf(" authorization\n");
- printf(" -B, --pa-t-basic - the Basic type of proxy authorization (default)\n\n");
-#endif
-
+
exit(0);
}