X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=src%2Fmeta.c;h=f68e077a8706ac5be2544d43f991eb8f564834ae;hb=a86faaf34711d6b0f278b670d70a229a3cf0d479;hp=8786d7f8b0894b69cad03f076c4c371eb04c9709;hpb=94ec8d34db0ddef14b5446975663e5ff37e27b45;p=meshlink diff --git a/src/meta.c b/src/meta.c index 8786d7f8..f68e077a 100644 --- a/src/meta.c +++ b/src/meta.c @@ -1,6 +1,6 @@ /* meta.c -- handle the meta communication - Copyright (C) 2000-2009 Guus Sliepen , + Copyright (C) 2000-2013 Guus Sliepen , 2000-2005 Ivo Timmermans 2006 Scott Lamb @@ -39,7 +39,7 @@ bool send_meta_sptps(void *handle, uint8_t type, const char *buffer, size_t leng } buffer_add(&c->outbuf, buffer, length); - event_add(&c->outevent, NULL); + io_set(&c->io, IO_READ | IO_WRITE); return true; } @@ -60,17 +60,16 @@ bool send_meta(connection_t *c, const char *buffer, int length) { if(c->status.encryptout) { size_t outlen = length; - if(!cipher_encrypt(&c->outcipher, buffer, length, buffer_prepare(&c->outbuf, length), &outlen, false) || outlen != length) { + if(!cipher_encrypt(c->outcipher, buffer, length, buffer_prepare(&c->outbuf, length), &outlen, false) || outlen != length) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting metadata to %s (%s)", c->name, c->hostname); return false; } - } else { buffer_add(&c->outbuf, buffer, length); } - event_add(&c->outevent, NULL); + io_set(&c->io, IO_READ | IO_WRITE); return true; } @@ -172,7 +171,7 @@ bool receive_meta(connection_t *c) { } else { size_t outlen = inlen; - if(!cipher_decrypt(&c->incipher, bufp, inlen, buffer_prepare(&c->inbuf, inlen), &outlen, false) || inlen != outlen) { + if(!cipher_decrypt(c->incipher, bufp, inlen, buffer_prepare(&c->inbuf, inlen), &outlen, false) || inlen != outlen) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while decrypting metadata from %s (%s)", c->name, c->hostname); return false; @@ -186,21 +185,50 @@ bool receive_meta(connection_t *c) { if(c->tcplen) { char *tcpbuffer = buffer_read(&c->inbuf, c->tcplen); - if(tcpbuffer) { - if(proxytype == PROXY_SOCKS4 && c->allow_request == ID) { + if(!tcpbuffer) + break; + + if(!c->node) { + if(c->outgoing && proxytype == PROXY_SOCKS4 && c->allow_request == ID) { if(tcpbuffer[0] == 0 && tcpbuffer[1] == 0x5a) { logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request granted"); } else { logger(DEBUG_CONNECTIONS, LOG_ERR, "Proxy request rejected"); return false; } - } else - receive_tcppacket(c, tcpbuffer, c->tcplen); - c->tcplen = 0; - continue; + } else if(c->outgoing && proxytype == PROXY_SOCKS5 && c->allow_request == ID) { + if(tcpbuffer[0] != 5) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Invalid response from proxy server"); + return false; + } + if(tcpbuffer[1] == (char)0xff) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Proxy request rejected: unsuitable authentication method"); + return false; + } + if(tcpbuffer[2] != 5) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Invalid response from proxy server"); + return false; + } + if(tcpbuffer[3] == 0) { + logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request granted"); + } else { + logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request rejected"); + return false; + } + } else { + logger(DEBUG_CONNECTIONS, LOG_ERR, "c->tcplen set but c->node is NULL!"); + abort(); + } } else { - break; + if(c->allow_request == ALL) { + receive_tcppacket(c, tcpbuffer, c->tcplen); + } else { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Got unauthorized TCP packet from %s (%s)", c->name, c->hostname); + return false; + } } + + c->tcplen = 0; } /* Otherwise we are waiting for a request */