|
Packit |
b5b901 |
/* Copyright StrongLoop, Inc. All rights reserved.
|
|
Packit |
b5b901 |
*
|
|
Packit |
b5b901 |
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
Packit |
b5b901 |
* of this software and associated documentation files (the "Software"), to
|
|
Packit |
b5b901 |
* deal in the Software without restriction, including without limitation the
|
|
Packit |
b5b901 |
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
|
Packit |
b5b901 |
* sell copies of the Software, and to permit persons to whom the Software is
|
|
Packit |
b5b901 |
* furnished to do so, subject to the following conditions:
|
|
Packit |
b5b901 |
*
|
|
Packit |
b5b901 |
* The above copyright notice and this permission notice shall be included in
|
|
Packit |
b5b901 |
* all copies or substantial portions of the Software.
|
|
Packit |
b5b901 |
*
|
|
Packit |
b5b901 |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
Packit |
b5b901 |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
Packit |
b5b901 |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
Packit |
b5b901 |
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
Packit |
b5b901 |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
Packit |
b5b901 |
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
|
Packit |
b5b901 |
* IN THE SOFTWARE.
|
|
Packit |
b5b901 |
*/
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
#include "s5.h"
|
|
Packit |
b5b901 |
#include <errno.h>
|
|
Packit |
b5b901 |
#include <stdint.h>
|
|
Packit |
b5b901 |
#include <stdlib.h> /* abort() */
|
|
Packit |
b5b901 |
#include <string.h> /* memset() */
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
enum {
|
|
Packit |
b5b901 |
s5_version,
|
|
Packit |
b5b901 |
s5_nmethods,
|
|
Packit |
b5b901 |
s5_methods,
|
|
Packit |
b5b901 |
s5_auth_pw_version,
|
|
Packit |
b5b901 |
s5_auth_pw_userlen,
|
|
Packit |
b5b901 |
s5_auth_pw_username,
|
|
Packit |
b5b901 |
s5_auth_pw_passlen,
|
|
Packit |
b5b901 |
s5_auth_pw_password,
|
|
Packit |
b5b901 |
s5_req_version,
|
|
Packit |
b5b901 |
s5_req_cmd,
|
|
Packit |
b5b901 |
s5_req_reserved,
|
|
Packit |
b5b901 |
s5_req_atyp,
|
|
Packit |
b5b901 |
s5_req_atyp_host,
|
|
Packit |
b5b901 |
s5_req_daddr,
|
|
Packit |
b5b901 |
s5_req_dport0,
|
|
Packit |
b5b901 |
s5_req_dport1,
|
|
Packit |
b5b901 |
s5_dead
|
|
Packit |
b5b901 |
};
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
void s5_init(s5_ctx *cx) {
|
|
Packit |
b5b901 |
memset(cx, 0, sizeof(*cx));
|
|
Packit |
b5b901 |
cx->state = s5_version;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
s5_err s5_parse(s5_ctx *cx, uint8_t **data, size_t *size) {
|
|
Packit |
b5b901 |
s5_err err;
|
|
Packit |
b5b901 |
uint8_t *p;
|
|
Packit |
b5b901 |
uint8_t c;
|
|
Packit |
b5b901 |
size_t i;
|
|
Packit |
b5b901 |
size_t n;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
p = *data;
|
|
Packit |
b5b901 |
n = *size;
|
|
Packit |
b5b901 |
i = 0;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
while (i < n) {
|
|
Packit |
b5b901 |
c = p[i];
|
|
Packit |
b5b901 |
i += 1;
|
|
Packit |
b5b901 |
switch (cx->state) {
|
|
Packit |
b5b901 |
case s5_version:
|
|
Packit |
b5b901 |
if (c != 5) {
|
|
Packit |
b5b901 |
err = s5_bad_version;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
cx->state = s5_nmethods;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_nmethods:
|
|
Packit |
b5b901 |
cx->arg0 = 0;
|
|
Packit |
b5b901 |
cx->arg1 = c; /* Number of bytes to read. */
|
|
Packit |
b5b901 |
cx->state = s5_methods;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_methods:
|
|
Packit |
b5b901 |
if (cx->arg0 < cx->arg1) {
|
|
Packit |
b5b901 |
switch (c) {
|
|
Packit |
b5b901 |
case 0:
|
|
Packit |
b5b901 |
cx->methods |= S5_AUTH_NONE;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
case 1:
|
|
Packit |
b5b901 |
cx->methods |= S5_AUTH_GSSAPI;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
case 2:
|
|
Packit |
b5b901 |
cx->methods |= S5_AUTH_PASSWD;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
/* Ignore everything we don't understand. */
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
cx->arg0 += 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
if (cx->arg0 == cx->arg1) {
|
|
Packit |
b5b901 |
err = s5_auth_select;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_auth_pw_version:
|
|
Packit |
b5b901 |
if (c != 1) {
|
|
Packit |
b5b901 |
err = s5_bad_version;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
cx->state = s5_auth_pw_userlen;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_auth_pw_userlen:
|
|
Packit |
b5b901 |
cx->arg0 = 0;
|
|
Packit |
b5b901 |
cx->userlen = c;
|
|
Packit |
b5b901 |
cx->state = s5_auth_pw_username;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_auth_pw_username:
|
|
Packit |
b5b901 |
if (cx->arg0 < cx->userlen) {
|
|
Packit |
b5b901 |
cx->username[cx->arg0] = c;
|
|
Packit |
b5b901 |
cx->arg0 += 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
if (cx->arg0 == cx->userlen) {
|
|
Packit |
b5b901 |
cx->username[cx->userlen] = '\0';
|
|
Packit |
b5b901 |
cx->state = s5_auth_pw_passlen;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_auth_pw_passlen:
|
|
Packit |
b5b901 |
cx->arg0 = 0;
|
|
Packit |
b5b901 |
cx->passlen = c;
|
|
Packit |
b5b901 |
cx->state = s5_auth_pw_password;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_auth_pw_password:
|
|
Packit |
b5b901 |
if (cx->arg0 < cx->passlen) {
|
|
Packit |
b5b901 |
cx->password[cx->arg0] = c;
|
|
Packit |
b5b901 |
cx->arg0 += 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
if (cx->arg0 == cx->passlen) {
|
|
Packit |
b5b901 |
cx->password[cx->passlen] = '\0';
|
|
Packit |
b5b901 |
cx->state = s5_req_version;
|
|
Packit |
b5b901 |
err = s5_auth_verify;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_version:
|
|
Packit |
b5b901 |
if (c != 5) {
|
|
Packit |
b5b901 |
err = s5_bad_version;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
cx->state = s5_req_cmd;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_cmd:
|
|
Packit |
b5b901 |
switch (c) {
|
|
Packit |
b5b901 |
case 1: /* TCP connect */
|
|
Packit |
b5b901 |
cx->cmd = s5_cmd_tcp_connect;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
case 3: /* UDP associate */
|
|
Packit |
b5b901 |
cx->cmd = s5_cmd_udp_assoc;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
default:
|
|
Packit |
b5b901 |
err = s5_bad_cmd;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
cx->state = s5_req_reserved;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_reserved:
|
|
Packit |
b5b901 |
cx->state = s5_req_atyp;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_atyp:
|
|
Packit |
b5b901 |
cx->arg0 = 0;
|
|
Packit |
b5b901 |
switch (c) {
|
|
Packit |
b5b901 |
case 1: /* IPv4, four octets. */
|
|
Packit |
b5b901 |
cx->state = s5_req_daddr;
|
|
Packit |
b5b901 |
cx->atyp = s5_atyp_ipv4;
|
|
Packit |
b5b901 |
cx->arg1 = 4;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
case 3: /* Hostname. First byte is length. */
|
|
Packit |
b5b901 |
cx->state = s5_req_atyp_host;
|
|
Packit |
b5b901 |
cx->atyp = s5_atyp_host;
|
|
Packit |
b5b901 |
cx->arg1 = 0;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
case 4: /* IPv6, sixteen octets. */
|
|
Packit |
b5b901 |
cx->state = s5_req_daddr;
|
|
Packit |
b5b901 |
cx->atyp = s5_atyp_ipv6;
|
|
Packit |
b5b901 |
cx->arg1 = 16;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
default:
|
|
Packit |
b5b901 |
err = s5_bad_atyp;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_atyp_host:
|
|
Packit |
b5b901 |
cx->arg1 = c;
|
|
Packit |
b5b901 |
cx->state = s5_req_daddr;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_daddr:
|
|
Packit |
b5b901 |
if (cx->arg0 < cx->arg1) {
|
|
Packit |
b5b901 |
cx->daddr[cx->arg0] = c;
|
|
Packit |
b5b901 |
cx->arg0 += 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
if (cx->arg0 == cx->arg1) {
|
|
Packit |
b5b901 |
cx->daddr[cx->arg1] = '\0';
|
|
Packit |
b5b901 |
cx->state = s5_req_dport0;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_dport0:
|
|
Packit |
b5b901 |
cx->dport = c << 8;
|
|
Packit |
b5b901 |
cx->state = s5_req_dport1;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_req_dport1:
|
|
Packit |
b5b901 |
cx->dport |= c;
|
|
Packit |
b5b901 |
cx->state = s5_dead;
|
|
Packit |
b5b901 |
err = s5_exec_cmd;
|
|
Packit |
b5b901 |
goto out;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
case s5_dead:
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
default:
|
|
Packit |
b5b901 |
abort();
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
err = s5_ok;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
out:
|
|
Packit |
b5b901 |
*data = p + i;
|
|
Packit |
b5b901 |
*size = n - i;
|
|
Packit |
b5b901 |
return err;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
unsigned int s5_auth_methods(const s5_ctx *cx) {
|
|
Packit |
b5b901 |
return cx->methods;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
int s5_select_auth(s5_ctx *cx, s5_auth_method method) {
|
|
Packit |
b5b901 |
int err;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
err = 0;
|
|
Packit |
b5b901 |
switch (method) {
|
|
Packit |
b5b901 |
case S5_AUTH_NONE:
|
|
Packit |
b5b901 |
cx->state = s5_req_version;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
case S5_AUTH_PASSWD:
|
|
Packit |
b5b901 |
cx->state = s5_auth_pw_version;
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
default:
|
|
Packit |
b5b901 |
err = -EINVAL;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
return err;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
const char *s5_strerror(s5_err err) {
|
|
Packit |
b5b901 |
#define S5_ERR_GEN(_, name, errmsg) case s5_ ## name: return errmsg;
|
|
Packit |
b5b901 |
switch (err) {
|
|
Packit |
b5b901 |
S5_ERR_MAP(S5_ERR_GEN)
|
|
Packit |
b5b901 |
default: ; /* Silence s5_max_errors -Wswitch warning. */
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
#undef S5_ERR_GEN
|
|
Packit |
b5b901 |
return "Unknown error.";
|
|
Packit |
b5b901 |
}
|