| 1 | /************************************************* |
| 2 | * Exim - an Internet mail transport agent * |
| 3 | *************************************************/ |
| 4 | |
| 5 | /* Copyright (c) Jeremy Harris 2015 */ |
| 6 | /* See the file NOTICE for conditions of use and distribution. */ |
| 7 | |
| 8 | /* SOCKS version 5 proxy, client-mode */ |
| 9 | |
| 10 | #include "../exim.h" |
| 11 | #include "smtp.h" |
| 12 | |
| 13 | #ifdef EXPERIMENTAL_SOCKS /* entire file */ |
| 14 | |
| 15 | #ifndef nelem |
| 16 | # define nelem(arr) (sizeof(arr)/sizeof(*arr)) |
| 17 | #endif |
| 18 | |
| 19 | |
| 20 | /* Defaults */ |
| 21 | #define SOCKS_PORT 1080 |
| 22 | #define SOCKS_TIMEOUT 5 |
| 23 | #define SOCKS_WEIGHT 1 |
| 24 | #define SOCKS_PRIORITY 1 |
| 25 | |
| 26 | #define AUTH_NONE 0 |
| 27 | #define AUTH_NAME 2 /* user/password per RFC 1929 */ |
| 28 | #define AUTH_NAME_VER 1 |
| 29 | |
| 30 | struct socks_err |
| 31 | { |
| 32 | uschar * reason; |
| 33 | int errcode; |
| 34 | } socks_errs[] = |
| 35 | { |
| 36 | {NULL, 0}, |
| 37 | {US"general SOCKS server failure", EIO}, |
| 38 | {US"connection not allowed by ruleset", EACCES}, |
| 39 | {US"Network unreachable", ENETUNREACH}, |
| 40 | {US"Host unreachable", EHOSTUNREACH}, |
| 41 | {US"Connection refused", ECONNREFUSED}, |
| 42 | {US"TTL expired", ECANCELED}, |
| 43 | {US"Command not supported", EOPNOTSUPP}, |
| 44 | {US"Address type not supported", EAFNOSUPPORT} |
| 45 | }; |
| 46 | |
| 47 | typedef struct |
| 48 | { |
| 49 | const uschar * proxy_host; |
| 50 | uschar auth_type; /* RFC 1928 encoding */ |
| 51 | const uschar * auth_name; |
| 52 | const uschar * auth_pwd; |
| 53 | short port; |
| 54 | BOOL is_failed; |
| 55 | unsigned timeout; |
| 56 | unsigned weight; |
| 57 | unsigned priority; |
| 58 | } socks_opts; |
| 59 | |
| 60 | static void |
| 61 | socks_option_defaults(socks_opts * sob) |
| 62 | { |
| 63 | sob->proxy_host = NULL; |
| 64 | sob->auth_type = AUTH_NONE; |
| 65 | sob->auth_name = US""; |
| 66 | sob->auth_pwd = US""; |
| 67 | sob->is_failed = FALSE; |
| 68 | sob->port = SOCKS_PORT; |
| 69 | sob->timeout = SOCKS_TIMEOUT; |
| 70 | sob->weight = SOCKS_WEIGHT; |
| 71 | sob->priority = SOCKS_PRIORITY; |
| 72 | } |
| 73 | |
| 74 | static void |
| 75 | socks_option(socks_opts * sob, const uschar * opt) |
| 76 | { |
| 77 | const uschar * s; |
| 78 | |
| 79 | if (Ustrncmp(opt, "auth=", 5) == 0) |
| 80 | { |
| 81 | opt += 5; |
| 82 | if (Ustrcmp(opt, "none") == 0) sob->auth_type = AUTH_NONE; |
| 83 | else if (Ustrcmp(opt, "name") == 0) sob->auth_type = AUTH_NAME; |
| 84 | } |
| 85 | else if (Ustrncmp(opt, "name=", 5) == 0) |
| 86 | sob->auth_name = opt + 5; |
| 87 | else if (Ustrncmp(opt, "pass=", 5) == 0) |
| 88 | sob->auth_pwd = opt + 5; |
| 89 | else if (Ustrncmp(opt, "port=", 5) == 0) |
| 90 | sob->port = atoi(opt + 5); |
| 91 | else if (Ustrncmp(opt, "tmo=", 4) == 0) |
| 92 | sob->timeout = atoi(opt + 4); |
| 93 | else if (Ustrncmp(opt, "pri=", 4) == 0) |
| 94 | sob->priority = atoi(opt + 4); |
| 95 | else if (Ustrncmp(opt, "weight=", 7) == 0) |
| 96 | sob->weight = atoi(opt + 7); |
| 97 | return; |
| 98 | } |
| 99 | |
| 100 | static int |
| 101 | socks_auth(int fd, int method, socks_opts * sob, time_t tmo) |
| 102 | { |
| 103 | uschar * s; |
| 104 | int len, i, j; |
| 105 | |
| 106 | switch(method) |
| 107 | { |
| 108 | default: |
| 109 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 110 | "Unrecognised socks auth method %d", method); |
| 111 | return FAIL; |
| 112 | case AUTH_NONE: |
| 113 | return OK; |
| 114 | case AUTH_NAME: |
| 115 | HDEBUG(D_transport|D_acl|D_v) debug_printf(" socks auth NAME '%s' '%s'\n", |
| 116 | sob->auth_name, sob->auth_pwd); |
| 117 | i = Ustrlen(sob->auth_name); |
| 118 | j = Ustrlen(sob->auth_pwd); |
| 119 | s = string_sprintf("%c%c%.255s%c%.255s", AUTH_NAME_VER, |
| 120 | i, sob->auth_name, j, sob->auth_pwd); |
| 121 | len = i + j + 3; |
| 122 | HDEBUG(D_transport|D_acl|D_v) |
| 123 | { |
| 124 | int i; |
| 125 | debug_printf(" SOCKS>>"); |
| 126 | for (i = 0; i<len; i++) debug_printf(" %02x", s[i]); |
| 127 | debug_printf("\n"); |
| 128 | } |
| 129 | if ( send(fd, s, len, 0) < 0 |
| 130 | || !fd_ready(fd, tmo-time(NULL)) |
| 131 | || read(fd, s, 2) != 2 |
| 132 | ) |
| 133 | return FAIL; |
| 134 | HDEBUG(D_transport|D_acl|D_v) |
| 135 | debug_printf(" SOCKS<< %02x %02x\n", s[0], s[1]); |
| 136 | if (s[0] == AUTH_NAME_VER && s[1] == 0) |
| 137 | { |
| 138 | HDEBUG(D_transport|D_acl|D_v) debug_printf(" socks auth OK\n"); |
| 139 | return OK; |
| 140 | } |
| 141 | |
| 142 | log_write(0, LOG_MAIN|LOG_PANIC, "socks auth failed"); |
| 143 | errno = EPROTO; |
| 144 | return FAIL; |
| 145 | } |
| 146 | } |
| 147 | |
| 148 | |
| 149 | |
| 150 | /* Find a suitable proxy to use from the list. |
| 151 | Possible common code with spamd_get_server() ? |
| 152 | |
| 153 | Return: index into proxy spec array, or -1 |
| 154 | */ |
| 155 | |
| 156 | static int |
| 157 | socks_get_proxy(socks_opts * proxies, unsigned nproxies) |
| 158 | { |
| 159 | unsigned int i; |
| 160 | socks_opts * sd; |
| 161 | socks_opts * lim = &proxies[nproxies]; |
| 162 | long rnd, weights; |
| 163 | unsigned pri; |
| 164 | static BOOL srandomed = FALSE; |
| 165 | |
| 166 | if (nproxies == 1) /* shortcut, if we have only 1 server */ |
| 167 | return (proxies[0].is_failed ? -1 : 0); |
| 168 | |
| 169 | /* init random */ |
| 170 | if (!srandomed) |
| 171 | { |
| 172 | struct timeval tv; |
| 173 | gettimeofday(&tv, NULL); |
| 174 | srandom((unsigned int)(tv.tv_usec/1000)); |
| 175 | srandomed = TRUE; |
| 176 | } |
| 177 | |
| 178 | /* scan for highest pri */ |
| 179 | for (pri = 0, sd = proxies; sd < lim; sd++) |
| 180 | if (!sd->is_failed && sd->priority > pri) |
| 181 | pri = sd->priority; |
| 182 | |
| 183 | /* get sum of weights at this pri */ |
| 184 | for (weights = 0, sd = proxies; sd < lim; sd++) |
| 185 | if (!sd->is_failed && sd->priority == pri) |
| 186 | weights += sd->weight; |
| 187 | if (weights == 0) /* all servers failed */ |
| 188 | return -1; |
| 189 | |
| 190 | for (rnd = random() % weights, i = 0; i < nproxies; i++) |
| 191 | { |
| 192 | sd = &proxies[i]; |
| 193 | if (!sd->is_failed && sd->priority == pri) |
| 194 | if ((rnd -= sd->weight) <= 0) |
| 195 | return i; |
| 196 | } |
| 197 | |
| 198 | log_write(0, LOG_MAIN|LOG_PANIC, |
| 199 | "%s unknown error (memory/cpu corruption?)", __FUNCTION__); |
| 200 | return -1; |
| 201 | } |
| 202 | |
| 203 | |
| 204 | |
| 205 | /* Make a connection via a socks proxy |
| 206 | |
| 207 | Arguments: |
| 208 | host smtp target host |
| 209 | host_af address family |
| 210 | port remote tcp port number |
| 211 | interface local interface |
| 212 | tb transport |
| 213 | timeout connection timeout (zero for indefinite) |
| 214 | |
| 215 | Return value: |
| 216 | 0 on success; -1 on failure, with errno set |
| 217 | */ |
| 218 | |
| 219 | int |
| 220 | socks_sock_connect(host_item * host, int host_af, int port, uschar * interface, |
| 221 | transport_instance * tb, int timeout) |
| 222 | { |
| 223 | smtp_transport_options_block * ob = |
| 224 | (smtp_transport_options_block *)tb->options_block; |
| 225 | const uschar * proxy_list; |
| 226 | const uschar * proxy_spec; |
| 227 | int sep = 0; |
| 228 | int fd; |
| 229 | time_t tmo; |
| 230 | const uschar * state; |
| 231 | uschar buf[24]; |
| 232 | socks_opts proxies[32]; /* max #proxies handled */ |
| 233 | unsigned nproxies; |
| 234 | socks_opts * sob; |
| 235 | unsigned size; |
| 236 | |
| 237 | if (!timeout) timeout = 24*60*60; /* use 1 day for "indefinite" */ |
| 238 | tmo = time(NULL) + timeout; |
| 239 | |
| 240 | if (!(proxy_list = expand_string(ob->socks_proxy))) |
| 241 | { |
| 242 | log_write(0, LOG_MAIN|LOG_PANIC, "Bad expansion for socks_proxy in %s", |
| 243 | tb->name); |
| 244 | return -1; |
| 245 | } |
| 246 | |
| 247 | /* Read proxy list */ |
| 248 | |
| 249 | for (nproxies = 0; |
| 250 | nproxies < nelem(proxies) |
| 251 | && (proxy_spec = string_nextinlist(&proxy_list, &sep, NULL, 0)); |
| 252 | nproxies++) |
| 253 | { |
| 254 | int subsep = -' '; |
| 255 | const uschar * option; |
| 256 | |
| 257 | socks_option_defaults(sob = &proxies[nproxies]); |
| 258 | |
| 259 | if (!(sob->proxy_host = string_nextinlist(&proxy_spec, &subsep, NULL, 0))) |
| 260 | { |
| 261 | /* paniclog config error */ |
| 262 | return -1; |
| 263 | } |
| 264 | |
| 265 | /*XXX consider global options eg. "hide socks_password = wibble" on the tpt */ |
| 266 | /* extract any further per-proxy options */ |
| 267 | while ((option = string_nextinlist(&proxy_spec, &subsep, NULL, 0))) |
| 268 | socks_option(sob, option); |
| 269 | } |
| 270 | |
| 271 | /* Try proxies until a connection succeeds */ |
| 272 | |
| 273 | for(;;) |
| 274 | { |
| 275 | int idx; |
| 276 | host_item proxy; |
| 277 | int proxy_af; |
| 278 | |
| 279 | if ((idx = socks_get_proxy(proxies, nproxies)) < 0) |
| 280 | { |
| 281 | HDEBUG(D_transport|D_acl|D_v) debug_printf(" no proxies left\n"); |
| 282 | errno = EBUSY; |
| 283 | return -1; |
| 284 | } |
| 285 | sob = &proxies[idx]; |
| 286 | |
| 287 | /* bodge up a host struct for the proxy */ |
| 288 | proxy.address = sob->proxy_host; |
| 289 | proxy_af = Ustrchr(sob->proxy_host, ':') ? AF_INET6 : AF_INET; |
| 290 | |
| 291 | if ((fd = smtp_sock_connect(&proxy, proxy_af, sob->port, |
| 292 | interface, tb, sob->timeout)) >= 0) |
| 293 | break; |
| 294 | |
| 295 | log_write(0, LOG_MAIN, "%s: %s", __FUNCTION__, strerror(errno)); |
| 296 | sob->is_failed = TRUE; |
| 297 | } |
| 298 | |
| 299 | /* Do the socks protocol stuff */ |
| 300 | /* Send method-selection */ |
| 301 | |
| 302 | state = US"method select"; |
| 303 | HDEBUG(D_transport|D_acl|D_v) debug_printf(" SOCKS>> 05 01 %02x\n", sob->auth_type); |
| 304 | buf[0] = 5; buf[1] = 1; buf[2] = sob->auth_type; |
| 305 | if (send(fd, buf, 3, 0) < 0) |
| 306 | goto snd_err; |
| 307 | |
| 308 | /* expect method response */ |
| 309 | |
| 310 | if ( !fd_ready(fd, tmo-time(NULL)) |
| 311 | || read(fd, buf, 2) != 2 |
| 312 | ) |
| 313 | goto rcv_err; |
| 314 | HDEBUG(D_transport|D_acl|D_v) |
| 315 | debug_printf(" SOCKS<< %02x %02x\n", buf[0], buf[1]); |
| 316 | if ( buf[0] != 5 |
| 317 | || socks_auth(fd, buf[1], sob, tmo) != OK |
| 318 | ) |
| 319 | goto proxy_err; |
| 320 | |
| 321 | { |
| 322 | union sockaddr_46 sin; |
| 323 | (void) ip_addr(&sin, host_af, host->address, port); |
| 324 | |
| 325 | /* send connect (ipver, ipaddr, port) */ |
| 326 | |
| 327 | buf[0] = 5; buf[1] = 1; buf[2] = 0; buf[3] = host_af == AF_INET6 ? 4 : 1; |
| 328 | #if HAVE_IPV6 |
| 329 | if (host_af == AF_INET6) |
| 330 | { |
| 331 | memcpy(buf+4, &sin.v6.sin6_addr, sizeof(sin.v6.sin6_addr)); |
| 332 | memcpy(buf+4+sizeof(sin.v6.sin6_addr), |
| 333 | &sin.v6.sin6_port, sizeof(sin.v6.sin6_port)); |
| 334 | size = 4+sizeof(sin.v6.sin6_addr)+sizeof(sin.v6.sin6_port); |
| 335 | } |
| 336 | else |
| 337 | #endif |
| 338 | { |
| 339 | memcpy(buf+4, &sin.v4.sin_addr.s_addr, sizeof(sin.v4.sin_addr.s_addr)); |
| 340 | memcpy(buf+4+sizeof(sin.v4.sin_addr.s_addr), |
| 341 | &sin.v4.sin_port, sizeof(sin.v4.sin_port)); |
| 342 | size = 4+sizeof(sin.v4.sin_addr.s_addr)+sizeof(sin.v4.sin_port); |
| 343 | } |
| 344 | } |
| 345 | |
| 346 | state = US"connect"; |
| 347 | HDEBUG(D_transport|D_acl|D_v) |
| 348 | { |
| 349 | int i; |
| 350 | debug_printf(" SOCKS>>"); |
| 351 | for (i = 0; i<size; i++) debug_printf(" %02x", buf[i]); |
| 352 | debug_printf("\n"); |
| 353 | } |
| 354 | if (send(fd, buf, size, 0) < 0) |
| 355 | goto snd_err; |
| 356 | |
| 357 | /* expect conn-reply (success, local(ipver, addr, port)) |
| 358 | of same length as conn-request, or non-success fail code */ |
| 359 | |
| 360 | if ( !fd_ready(fd, tmo-time(NULL)) |
| 361 | || (size = read(fd, buf, size)) < 2 |
| 362 | ) |
| 363 | goto rcv_err; |
| 364 | HDEBUG(D_transport|D_acl|D_v) |
| 365 | { |
| 366 | int i; |
| 367 | debug_printf(" SOCKS>>"); |
| 368 | for (i = 0; i<size; i++) debug_printf(" %02x", buf[i]); |
| 369 | debug_printf("\n"); |
| 370 | } |
| 371 | if ( buf[0] != 5 |
| 372 | || buf[1] != 0 |
| 373 | ) |
| 374 | goto proxy_err; |
| 375 | |
| 376 | /*XXX log proxy outbound addr/port? */ |
| 377 | HDEBUG(D_transport|D_acl|D_v) |
| 378 | debug_printf(" proxy farside local: [%s]:%d\n", |
| 379 | host_ntoa(buf[3] == 4 ? AF_INET6 : AF_INET, buf+4, NULL, NULL), |
| 380 | ntohs(*((uint16_t *)(buf + (buf[3] == 4 ? 20 : 8))))); |
| 381 | |
| 382 | return fd; |
| 383 | |
| 384 | snd_err: |
| 385 | HDEBUG(D_transport|D_acl|D_v) debug_printf(" proxy snd_err %s: %s\n", state, strerror(errno)); |
| 386 | return -1; |
| 387 | |
| 388 | proxy_err: |
| 389 | { |
| 390 | struct socks_err * se = |
| 391 | buf[1] > nelem(socks_errs) ? NULL : socks_errs + buf[1]; |
| 392 | HDEBUG(D_transport|D_acl|D_v) |
| 393 | debug_printf(" proxy %s: %s\n", state, se ? se->reason : US"unknown error code received"); |
| 394 | errno = se ? se->errcode : EPROTO; |
| 395 | } |
| 396 | |
| 397 | rcv_err: |
| 398 | HDEBUG(D_transport|D_acl|D_v) debug_printf(" proxy rcv_err %s: %s\n", state, strerror(errno)); |
| 399 | if (!errno) errno = EPROTO; |
| 400 | else if (errno == ENOENT) errno = ECONNABORTED; |
| 401 | return -1; |
| 402 | } |
| 403 | |
| 404 | #endif /* entire file */ |
| 405 | /* vi: aw ai sw=2 |
| 406 | */ |