Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make utm service port spec a command line option

Browse Source 
Check NULL retvals, clean-up
pull/13/head
Soner Tari 7 years ago
parent 26cbefa3a4
commit 5a496d04e0
2 changed files with 33 additions and 54 deletions
Show Stats Download Patch File Download Diff File

45
opts.c
Unescape Escape View File

@ -334,22 +334,6 @@ proxyspec_parse(int *argc, char **argv[], const char *natengine)
case 1: case 1:
/* listenaddr */ /* listenaddr */
addr = **argv; addr = **argv;
// @todo Make this a command line or conf file option?
// @todo Need IPv6?
int rv = sys_sockaddr_parse(&spec->parent_dst_addr,
&spec->parent_dst_addrlen,
"127.0.0.1", "8080", AF_INET, 0);
if (rv == -1) {
exit(EXIT_FAILURE);
}
rv = sys_sockaddr_parse(&spec->child_src_addr,
&spec->child_src_addrlen,
"127.0.0.1", "0", AF_INET, 0);
if (rv == -1) {
exit(EXIT_FAILURE);
}
state++; state++;
break; break;
case 2: case 2:
@ -383,6 +367,27 @@ proxyspec_parse(int *argc, char **argv[], const char *natengine)
state++; state++;
break; break;
case 3: case 3:
/* UTM service port is mandatory */
// The UTM port is set/used in pf and UTM service config.
// @todo Make this a conf file option?
// @todo Need IPv6?
if (strstr(**argv, "up:")) {
af = sys_sockaddr_parse(&spec->parent_dst_addr,
&spec->parent_dst_addrlen,
"127.0.0.1", **argv+3, AF_INET, EVUTIL_AI_PASSIVE);
if (af == -1) {
exit(EXIT_FAILURE);
}
af = sys_sockaddr_parse(&spec->child_src_addr,
&spec->child_src_addrlen,
"127.0.0.1", "0", AF_INET, EVUTIL_AI_PASSIVE);
if (af == -1) {
exit(EXIT_FAILURE);
}
state++;
}
break;
case 4:
/* [ natengine | dstaddr ] */ /* [ natengine | dstaddr ] */
if (!strcmp(**argv, "tcp") || if (!strcmp(**argv, "tcp") ||
!strcmp(**argv, "ssl") || !strcmp(**argv, "ssl") ||
@ -404,7 +409,7 @@ proxyspec_parse(int *argc, char **argv[], const char *natengine)
"\n"); "\n");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
state = 5; state = 6;
} else } else
if (nat_exist(**argv)) { if (nat_exist(**argv)) {
/* natengine */ /* natengine */
@ -425,7 +430,7 @@ proxyspec_parse(int *argc, char **argv[], const char *natengine)
state++; state++;
} }
break; break;
case 4: case 5:
/* dstport */ /* dstport */
af = sys_sockaddr_parse(&spec->connect_addr, af = sys_sockaddr_parse(&spec->connect_addr,
&spec->connect_addrlen, &spec->connect_addrlen,
@ -435,7 +440,7 @@ proxyspec_parse(int *argc, char **argv[], const char *natengine)
} }
state = 0; state = 0;
break; break;
case 5: case 6:
/* SNI dstport */ /* SNI dstport */
spec->sni_port = atoi(**argv); spec->sni_port = atoi(**argv);
if (!spec->sni_port) { if (!spec->sni_port) {
@ -449,7 +454,7 @@ proxyspec_parse(int *argc, char **argv[], const char *natengine)
} }
(*argv)++; (*argv)++;
} }
if (state != 0 && state != 3) { if (state != 0 && state != 4) {
fprintf(stderr, "Incomplete proxyspec!\n"); fprintf(stderr, "Incomplete proxyspec!\n");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }

38
pxyconn.c
Unescape Escape View File

@ -2120,9 +2120,9 @@ pxy_bev_readcb(struct bufferevent *bev, void *arg)
free(header_head); free(header_head);
free(header_tail); free(header_tail);
} else { } else {
log_dbg_level_printf(LOG_DBG_MODE_FINE, ">>>>>,,,,,,,,,,,,,,,,,,,,,,, pxy_bev_readcb: No CRLF in packet\n"); log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>,,,,,,,,,,,,,,,,,,,,,,, pxy_bev_readcb: No CRLF in packet\n");
packet_size-= strlen(ctx->child_addr_str) + 2 + 1; // +2 is for \r\n
packet_size++; packet_size-= strlen(ctx->child_addr_str) + 2;
} }
// Decrement packet_size to avoid copying the null termination // Decrement packet_size to avoid copying the null termination
@ -2195,18 +2195,6 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
} }
if (bev == ctx->src.bev) { if (bev == ctx->src.bev) {
struct sockaddr_in peeraddr;
socklen_t peeraddrlen = sizeof(peeraddr);
getpeername(ctx->fd, (struct sockaddr *)&peeraddr, &peeraddrlen);
char peer[INET_ADDRSTRLEN];
if (!inet_ntop(AF_INET, &peeraddr.sin_addr, peer, INET_ADDRSTRLEN)) {
pxy_conn_free(parent);
return;
}
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>.................................................................................... pxy_bev_readcb_child: PEER [%s]:%d <<<<< fd=%d, parent fd=%d\n", peer, (int)ntohs(peeraddr.sin_port), ctx->fd, pfd);
/* request header munging */ /* request header munging */
if (parent->spec->http) { if (parent->spec->http) {
if (!ctx->seen_req_header) { if (!ctx->seen_req_header) {
@ -2217,13 +2205,6 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
evbuffer_add_buffer(outbuf, inbuf); evbuffer_add_buffer(outbuf, inbuf);
} }
} else { } else {
struct evbuffer_ptr ebp = evbuffer_search(inbuf, SSLPROXY_ADDR_KEY, SSLPROXY_ADDR_KEY_LEN, NULL);
if (ebp.pos != -1) {
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: evbuffer_search FOUND SSLproxy-Addr at %ld\n", ebp.pos);
} else {
log_dbg_level_printf(LOG_DBG_MODE_FINE, ">>>>>....................... pxy_bev_readcb_child: evbuffer_search FAILED\n");
}
size_t packet_size = evbuffer_get_length(inbuf); size_t packet_size = evbuffer_get_length(inbuf);
// ATTENTION: +1 is for null termination // ATTENTION: +1 is for null termination
char *packet = malloc(packet_size + 1); char *packet = malloc(packet_size + 1);
@ -2233,8 +2214,6 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
return; return;
} }
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: packet_size\n");
if (packet_size > 0) { if (packet_size > 0) {
int bytes_read = evbuffer_remove(inbuf, packet, packet_size); int bytes_read = evbuffer_remove(inbuf, packet, packet_size);
if (bytes_read < 0) { if (bytes_read < 0) {
@ -2255,14 +2234,9 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
char *header_tail = strdup(pos2 + 2); char *header_tail = strdup(pos2 + 2);
int header_tail_len = strlen(header_tail); int header_tail_len = strlen(header_tail);
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: REMOVED SSLproxy-Addr, packet_size old=%lu, new=%d <<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n", log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: packet_size old=%lu, new=%d <<<<<<<<<<<<<<<<<<<<<<<<<<<<< REMOVED SSLproxy-Addr\n",
packet_size, header_head_len + header_tail_len); packet_size, header_head_len + header_tail_len);
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: header_head (size = %d):\n%s\n",
header_head_len, header_head);
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: header_tail (size = %d):\n%s\n",
header_tail_len, header_tail);
// ATTENTION: Do not add 1 to packet_size for null termination, do that in snprintf(), // ATTENTION: Do not add 1 to packet_size for null termination, do that in snprintf(),
// otherwise we get an extra byte in the outbuf // otherwise we get an extra byte in the outbuf
packet_size = header_head_len + header_tail_len; packet_size = header_head_len + header_tail_len;
@ -2274,8 +2248,6 @@ pxy_bev_readcb_child(struct bufferevent *bev, void *arg)
free(header_head); free(header_head);
} }
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>>....................... pxy_bev_readcb_child: bufferevent_get_output\n");
int add_result = evbuffer_add(outbuf, packet, packet_size); int add_result = evbuffer_add(outbuf, packet, packet_size);
if (add_result < 0) { if (add_result < 0) {
log_err_printf("ERROR: evbuffer_add failed\n"); log_err_printf("ERROR: evbuffer_add failed\n");
@ -2364,7 +2336,9 @@ pxy_conn_connect_child(pxy_conn_child_ctx_t *ctx)
parent->evbase, ctx->dst.bev, ctx->dst.ssl, parent->evbase, ctx->dst.bev, ctx->dst.ssl,
BUFFEREVENT_SSL_ACCEPTING, BUFFEREVENT_SSL_ACCEPTING,
BEV_OPT_DEFER_CALLBACKS); BEV_OPT_DEFER_CALLBACKS);
if (ctx->dst.bev) {
bufferevent_setcb(ctx->dst.bev, pxy_bev_readcb_child, pxy_bev_writecb_child, pxy_bev_eventcb_child, ctx); bufferevent_setcb(ctx->dst.bev, pxy_bev_readcb_child, pxy_bev_writecb_child, pxy_bev_eventcb_child, ctx);
}
} else { } else {
log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>> pxy_conn_connect_child: SETUP dst.bev fd=%d\n", ctx->fd); log_dbg_level_printf(LOG_DBG_MODE_FINEST, ">>>>> pxy_conn_connect_child: SETUP dst.bev fd=%d\n", ctx->fd);
ctx->dst.bev = pxy_bufferevent_setup_child(ctx, -1, ctx->dst.ssl); ctx->dst.bev = pxy_bufferevent_setup_child(ctx, -1, ctx->dst.ssl);

Write Preview
Loading…
Cancel
Save