| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371 |
- #if !BESTHTTP_DISABLE_PROXY && (!UNITY_WEBGL || UNITY_EDITOR)
- using System;
- using System.IO;
- using System.Text;
- using BestHTTP.Authentication;
- using BestHTTP.Extensions;
- using BestHTTP.PlatformSupport.Memory;
- using BestHTTP.PlatformSupport.Text;
- namespace BestHTTP
- {
- internal enum SOCKSVersions : byte
- {
- Unknown = 0x00,
- V5 = 0x05
- }
- /// <summary>
- /// https://tools.ietf.org/html/rfc1928
- /// The values currently defined for METHOD are:
- /// o X'00' NO AUTHENTICATION REQUIRED
- /// o X'01' GSSAPI
- /// o X'02' USERNAME/PASSWORD
- /// o X'03' to X'7F' IANA ASSIGNED
- /// o X'80' to X'FE' RESERVED FOR PRIVATE METHODS
- /// o X'FF' NO ACCEPTABLE METHODS
- /// </summary>
- internal enum SOCKSMethods : byte
- {
- NoAuthenticationRequired = 0x00,
- GSSAPI = 0x01,
- UsernameAndPassword = 0x02,
- NoAcceptableMethods = 0xFF
- }
- internal enum SOCKSReplies : byte
- {
- Succeeded = 0x00,
- GeneralSOCKSServerFailure = 0x01,
- ConnectionNotAllowedByRuleset = 0x02,
- NetworkUnreachable = 0x03,
- HostUnreachable = 0x04,
- ConnectionRefused = 0x05,
- TTLExpired = 0x06,
- CommandNotSupported = 0x07,
- AddressTypeNotSupported = 0x08
- }
- internal enum SOCKSAddressTypes
- {
- IPV4 = 0x00,
- DomainName = 0x03,
- IPv6 = 0x04
- }
- public sealed class SOCKSProxy : Proxy
- {
- public SOCKSProxy(Uri address, Credentials credentials)
- : base(address, credentials)
- { }
- internal override string GetRequestPath(Uri uri)
- {
- return uri.GetRequestPathAndQueryURL();
- }
- internal override bool SetupRequest(HTTPRequest request)
- {
- return false;
- }
- internal override void Connect(Stream stream, HTTPRequest request)
- {
- var buffer = BufferPool.Get(1024, true);
- try
- {
- int count = 0;
- // https://tools.ietf.org/html/rfc1928
- // The client connects to the server, and sends a version
- // identifier/method selection message:
- //
- // +----+----------+----------+
- // |VER | NMETHODS | METHODS |
- // +----+----------+----------+
- // | 1 | 1 | 1 to 255 |
- // +----+----------+----------+
- //
- // The VER field is set to X'05' for this version of the protocol. The
- // NMETHODS field contains the number of method identifier octets that
- // appear in the METHODS field.
- //
- buffer[count++] = (byte)SOCKSVersions.V5;
- if (this.Credentials != null)
- {
- buffer[count++] = 0x02; // method count
- buffer[count++] = (byte)SOCKSMethods.UsernameAndPassword;
- buffer[count++] = (byte)SOCKSMethods.NoAuthenticationRequired;
- }
- else
- {
- buffer[count++] = 0x01; // method count
- buffer[count++] = (byte)SOCKSMethods.NoAuthenticationRequired;
- }
- if (HTTPManager.Logger.Level == Logger.Loglevels.All)
- HTTPManager.Logger.Information("SOCKSProxy", string.Format("Sending method negotiation - count: {0} buffer: {1} ", count.ToString(), BufferToHexStr(buffer, count)), request.Context);
- // Write negotiation
- stream.Write(buffer, 0, count);
- // Read result
- count = stream.Read(buffer, 0, buffer.Length);
- if (HTTPManager.Logger.Level == Logger.Loglevels.All)
- HTTPManager.Logger.Information("SOCKSProxy", string.Format("Negotiation response - count: {0} buffer: {1} ", count.ToString(), BufferToHexStr(buffer, count)), request.Context);
- // The server selects from one of the methods given in METHODS, and
- // sends a METHOD selection message:
- //
- // +----+--------+
- // |VER | METHOD |
- // +----+--------+
- // | 1 | 1 |
- // +----+--------+
- //
- // If the selected METHOD is X'FF', none of the methods listed by the
- // client are acceptable, and the client MUST close the connection.
- //
- // The values currently defined for METHOD are:
- //
- // o X'00' NO AUTHENTICATION REQUIRED
- // o X'01' GSSAPI
- // o X'02' USERNAME/PASSWORD
- // o X'03' to X'7F' IANA ASSIGNED
- // o X'80' to X'FE' RESERVED FOR PRIVATE METHODS
- // o X'FF' NO ACCEPTABLE METHODS
- //
- // The client and server then enter a method-specific sub-negotiation.
- SOCKSVersions version = (SOCKSVersions)buffer[0];
- SOCKSMethods method = (SOCKSMethods)buffer[1];
- // Expected result:
- // 1.) Received bytes' count is 2: version + preferred method
- // 2.) Version must be 5
- // 3.) Preferred method must NOT be 0xFF
- if (count != 2)
- throw new Exception(string.Format("SOCKS Proxy - Expected read count: 2! count: {0} buffer: {1}" + count.ToString(), BufferToHexStr(buffer, count)));
- else if (version != SOCKSVersions.V5)
- throw new Exception("SOCKS Proxy - Expected version: 5, received version: " + buffer[0].ToString("X2"));
- else if (method == SOCKSMethods.NoAcceptableMethods)
- throw new Exception("SOCKS Proxy - Received 'NO ACCEPTABLE METHODS' (0xFF)");
- else
- {
- HTTPManager.Logger.Information("SOCKSProxy", "Method negotiation over. Method: " + method.ToString(), request.Context);
- switch (method)
- {
- case SOCKSMethods.NoAuthenticationRequired:
- // nothing to do
- break;
- case SOCKSMethods.UsernameAndPassword:
- if (this.Credentials.UserName.Length > 255)
- throw new Exception(string.Format("SOCKS Proxy - Credentials.UserName too long! {0} > 255", this.Credentials.UserName.Length.ToString()));
- if (this.Credentials.Password.Length > 255)
- throw new Exception(string.Format("SOCKS Proxy - Credentials.Password too long! {0} > 255", this.Credentials.Password.Length.ToString()));
- // https://tools.ietf.org/html/rfc1929 : Username/Password Authentication for SOCKS V5
- // Once the SOCKS V5 server has started, and the client has selected the
- // Username/Password Authentication protocol, the Username/Password
- // subnegotiation begins. This begins with the client producing a
- // Username/Password request:
- //
- // +----+------+----------+------+----------+
- // |VER | ULEN | UNAME | PLEN | PASSWD |
- // +----+------+----------+------+----------+
- // | 1 | 1 | 1 to 255 | 1 | 1 to 255 |
- // +----+------+----------+------+----------+
- HTTPManager.Logger.Information("SOCKSProxy", "starting sub-negotiation", request.Context);
- count = 0;
- buffer[count++] = 0x01; // version of sub negotiation
- WriteString(buffer, ref count, this.Credentials.UserName);
- WriteString(buffer, ref count, this.Credentials.Password);
- if (HTTPManager.Logger.Level == Logger.Loglevels.All)
- HTTPManager.Logger.Information("SOCKSProxy", string.Format("Sending username and password sub-negotiation - count: {0} buffer: {1} ", count.ToString(), BufferToHexStr(buffer, count)), request.Context);
- // Write negotiation
- stream.Write(buffer, 0, count);
- // Read result
- count = stream.Read(buffer, 0, buffer.Length);
- if (HTTPManager.Logger.Level == Logger.Loglevels.All)
- HTTPManager.Logger.Information("SOCKSProxy", string.Format("Username and password sub-negotiation response - count: {0} buffer: {1} ", count.ToString(), BufferToHexStr(buffer, count)), request.Context);
- // The server verifies the supplied UNAME and PASSWD, and sends the
- // following response:
- //
- // +----+--------+
- // |VER | STATUS |
- // +----+--------+
- // | 1 | 1 |
- // +----+--------+
- // A STATUS field of X'00' indicates success. If the server returns a
- // `failure' (STATUS value other than X'00') status, it MUST close the
- // connection.
- bool success = buffer[1] == 0;
- if (count != 2)
- throw new Exception(string.Format("SOCKS Proxy - Expected read count: 2! count: {0} buffer: {1}" + count.ToString(), BufferToHexStr(buffer, count)));
- else if (!success)
- throw new Exception("SOCKS proxy: username+password authentication failed!");
- HTTPManager.Logger.Information("SOCKSProxy", "Authenticated!", request.Context);
- break;
- case SOCKSMethods.GSSAPI:
- throw new Exception("SOCKS proxy: GSSAPI not supported!");
- case SOCKSMethods.NoAcceptableMethods:
- throw new Exception("SOCKS proxy: No acceptable method");
- }
- }
- // The SOCKS request is formed as follows:
- //
- // +----+-----+-------+------+----------+----------+
- // |VER | CMD | RSV | ATYP | DST.ADDR | DST.PORT |
- // +----+-----+-------+------+----------+----------+
- // | 1 | 1 | X'00' | 1 | Variable | 2 |
- // +----+-----+-------+------+----------+----------+
- //
- // Where:
- //
- // o VER protocol version: X'05'
- // o CMD
- // o CONNECT X'01'
- // o BIND X'02'
- // o UDP ASSOCIATE X'03'
- // o RSV RESERVED
- // o ATYP address type of following address
- // o IP V4 address: X'01'
- // o DOMAINNAME: X'03'
- // o IP V6 address: X'04'
- // o DST.ADDR desired destination address
- // o DST.PORT desired destination port in network octet
- // order
- count = 0;
- buffer[count++] = (byte)SOCKSVersions.V5; // version: 5
- buffer[count++] = 0x01; // command: connect
- buffer[count++] = 0x00; // reserved, bust be 0x00
- if (request.CurrentUri.IsHostIsAnIPAddress())
- {
- bool isIPV4 = Extensions.Extensions.IsIpV4AddressValid(request.CurrentUri.Host);
- buffer[count++] = isIPV4 ? (byte)SOCKSAddressTypes.IPV4 : (byte)SOCKSAddressTypes.IPv6;
- var ipAddress = System.Net.IPAddress.Parse(request.CurrentUri.Host);
- var ipBytes = ipAddress.GetAddressBytes();
- WriteBytes(buffer, ref count, ipBytes); // destination address
- }
- else
- {
- buffer[count++] = (byte)SOCKSAddressTypes.DomainName;
- // The first octet of the address field contains the number of octets of name that
- // follow, there is no terminating NUL octet.
- WriteString(buffer, ref count, request.CurrentUri.Host);
- }
- // destination port in network octet order
- buffer[count++] = (byte)((request.CurrentUri.Port >> 8) & 0xFF);
- buffer[count++] = (byte)(request.CurrentUri.Port & 0xFF);
- if (HTTPManager.Logger.Level == Logger.Loglevels.All)
- HTTPManager.Logger.Information("SOCKSProxy", string.Format("Sending connect request - count: {0} buffer: {1} ", count.ToString(), BufferToHexStr(buffer, count)), request.Context);
- stream.Write(buffer, 0, count);
- count = stream.Read(buffer, 0, buffer.Length);
- if (HTTPManager.Logger.Level == Logger.Loglevels.All)
- HTTPManager.Logger.Information("SOCKSProxy", string.Format("Connect response - count: {0} buffer: {1} ", count.ToString(), BufferToHexStr(buffer, count)), request.Context);
- // The SOCKS request information is sent by the client as soon as it has
- // established a connection to the SOCKS server, and completed the
- // authentication negotiations. The server evaluates the request, and
- // returns a reply formed as follows:
- //
- // +----+-----+-------+------+----------+----------+
- // |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT |
- // +----+-----+-------+------+----------+----------+
- // | 1 | 1 | X'00' | 1 | Variable | 2 |
- // +----+-----+-------+------+----------+----------+
- //
- // Where:
- // o VER protocol version: X'05'
- // o REP Reply field:
- // o X'00' succeeded
- // o X'01' general SOCKS server failure
- // o X'02' connection not allowed by ruleset
- // o X'03' Network unreachable
- // o X'04' Host unreachable
- // o X'05' Connection refused
- // o X'06' TTL expired
- // o X'07' Command not supported
- // o X'08' Address type not supported
- // o X'09' to X'FF' unassigned
- // o RSV RESERVED
- // o ATYP address type of following address
- // o IP V4 address: X'01'
- // o DOMAINNAME: X'03'
- // o IP V6 address: X'04'
- // o BND.ADDR server bound address
- // o BND.PORT server bound port in network octet order
- //
- // Fields marked RESERVED (RSV) must be set to X'00'.
- version = (SOCKSVersions)buffer[0];
- SOCKSReplies reply = (SOCKSReplies)buffer[1];
- // at least 10 bytes expected as a result
- if (count < 10)
- throw new Exception(string.Format("SOCKS proxy: not enough data returned by the server. Expected count is at least 10 bytes, server returned {0} bytes! content: {1}", count.ToString(), BufferToHexStr(buffer, count)));
- else if (reply != SOCKSReplies.Succeeded)
- throw new Exception("SOCKS proxy error: " + reply.ToString());
- HTTPManager.Logger.Information("SOCKSProxy", "Connected!", request.Context);
- }
- finally
- {
- BufferPool.Release(buffer);
- }
- }
- private void WriteString(byte[] buffer, ref int count, string str)
- {
- // Get the bytes
- int byteCount = Encoding.UTF8.GetByteCount(str);
- if (byteCount > 255)
- throw new Exception(string.Format("SOCKS Proxy - String is too large ({0}) to fit in 255 bytes!", byteCount.ToString()));
- // number of bytes
- buffer[count++] = (byte)byteCount;
- // and the bytes itself
- Encoding.UTF8.GetBytes(str, 0, str.Length, buffer, count);
- count += byteCount;
- }
- private void WriteBytes(byte[] buffer, ref int count, byte[] bytes)
- {
- Array.Copy(bytes, 0, buffer, count, bytes.Length);
- count += bytes.Length;
- }
- private string BufferToHexStr(byte[] buffer, int count)
- {
- StringBuilder sb = StringBuilderPool.Get(count * 2); //new StringBuilder(count * 2);
- for (int i = 0; i < count; ++i)
- sb.AppendFormat("0x{0} ", buffer[i].ToString("X2"));
- return StringBuilderPool.ReleaseAndGrab(sb);
- }
- }
- }
- #endif
|
