2010-06-04 23:10:06 +01:00
|
|
|
/*
|
|
|
|
|
* A WebSocket to TCP socket proxy with support for "wss://" encryption.
|
2010-07-17 18:05:58 +01:00
|
|
|
* Copyright 2010 Joel Martin
|
|
|
|
|
* Licensed under LGPL version 3 (see docs/LICENSE.LGPL-3)
|
2010-06-04 23:10:06 +01:00
|
|
|
*
|
|
|
|
|
* You can make a cert/key with openssl using:
|
|
|
|
|
* openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
|
|
|
|
|
* as taken from http://docs.python.org/dev/library/ssl.html#certificates
|
|
|
|
|
*/
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <errno.h>
|
2010-06-17 23:05:33 +01:00
|
|
|
#include <limits.h>
|
2010-06-16 19:58:00 +01:00
|
|
|
#include <getopt.h>
|
2010-06-04 23:10:06 +01:00
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#include <netdb.h>
|
|
|
|
|
#include <sys/select.h>
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include "websocket.h"
|
|
|
|
|
|
|
|
|
|
char traffic_legend[] = "\n\
|
|
|
|
|
Traffic Legend:\n\
|
|
|
|
|
} - Client receive\n\
|
|
|
|
|
}. - Client receive partial\n\
|
|
|
|
|
{ - Target receive\n\
|
|
|
|
|
\n\
|
|
|
|
|
> - Target send\n\
|
|
|
|
|
>. - Target send partial\n\
|
|
|
|
|
< - Client send\n\
|
|
|
|
|
<. - Client send partial\n\
|
|
|
|
|
";
|
|
|
|
|
|
2010-06-17 23:50:15 +01:00
|
|
|
char USAGE[] = "Usage: [options] " \
|
|
|
|
|
"[source_addr:]source_port target_addr:target_port\n\n" \
|
|
|
|
|
" --record REC record traffic to REC\n" \
|
|
|
|
|
" --cert CERT load CERT as SSL certificate\n" \
|
|
|
|
|
" --foreground|-f run in the foreground\n" \
|
|
|
|
|
" --ssl-only disallow non-SSL connections";
|
2010-06-16 19:58:00 +01:00
|
|
|
|
2010-06-17 23:24:54 +01:00
|
|
|
#define usage(fmt, args...) \
|
|
|
|
|
fprintf(stderr, "%s\n\n", USAGE); \
|
|
|
|
|
fprintf(stderr, fmt , ## args); \
|
2010-06-04 23:10:06 +01:00
|
|
|
exit(1);
|
|
|
|
|
|
2010-06-17 22:06:18 +01:00
|
|
|
char target_host[256];
|
2010-06-04 23:10:06 +01:00
|
|
|
int target_port;
|
|
|
|
|
int recordfd = 0;
|
2010-06-07 18:44:02 +01:00
|
|
|
|
2010-06-17 22:06:18 +01:00
|
|
|
extern settings_t settings;
|
2010-06-07 18:44:02 +01:00
|
|
|
extern char *tbuf, *cbuf, *tbuf_tmp, *cbuf_tmp;
|
|
|
|
|
extern unsigned int bufsize, dbufsize;
|
2010-06-04 23:10:06 +01:00
|
|
|
|
|
|
|
|
void do_proxy(ws_ctx_t *ws_ctx, int target) {
|
|
|
|
|
fd_set rlist, wlist, elist;
|
|
|
|
|
struct timeval tv;
|
2010-06-07 18:44:02 +01:00
|
|
|
int i, maxfd, client = ws_ctx->sockfd;
|
2010-06-04 23:10:06 +01:00
|
|
|
unsigned int tstart, tend, cstart, cend, ret;
|
|
|
|
|
ssize_t len, bytes;
|
|
|
|
|
|
|
|
|
|
tstart = tend = cstart = cend = 0;
|
|
|
|
|
maxfd = client > target ? client+1 : target+1;
|
|
|
|
|
|
|
|
|
|
while (1) {
|
|
|
|
|
tv.tv_sec = 1;
|
|
|
|
|
tv.tv_usec = 0;
|
|
|
|
|
|
|
|
|
|
FD_ZERO(&rlist);
|
|
|
|
|
FD_ZERO(&wlist);
|
|
|
|
|
FD_ZERO(&elist);
|
|
|
|
|
|
|
|
|
|
FD_SET(client, &elist);
|
|
|
|
|
FD_SET(target, &elist);
|
|
|
|
|
|
|
|
|
|
if (tend == tstart) {
|
|
|
|
|
// Nothing queued for target, so read from client
|
|
|
|
|
FD_SET(client, &rlist);
|
|
|
|
|
} else {
|
|
|
|
|
// Data queued for target, so write to it
|
|
|
|
|
FD_SET(target, &wlist);
|
|
|
|
|
}
|
|
|
|
|
if (cend == cstart) {
|
|
|
|
|
// Nothing queued for client, so read from target
|
|
|
|
|
FD_SET(target, &rlist);
|
|
|
|
|
} else {
|
|
|
|
|
// Data queued for client, so write to it
|
|
|
|
|
FD_SET(client, &wlist);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = select(maxfd, &rlist, &wlist, &elist, &tv);
|
|
|
|
|
|
|
|
|
|
if (FD_ISSET(target, &elist)) {
|
|
|
|
|
fprintf(stderr, "target exception\n");
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (FD_ISSET(client, &elist)) {
|
|
|
|
|
fprintf(stderr, "client exception\n");
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (ret == -1) {
|
|
|
|
|
error("select()");
|
|
|
|
|
break;
|
|
|
|
|
} else if (ret == 0) {
|
|
|
|
|
//fprintf(stderr, "select timeout\n");
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (FD_ISSET(target, &wlist)) {
|
|
|
|
|
len = tend-tstart;
|
|
|
|
|
bytes = send(target, tbuf + tstart, len, 0);
|
|
|
|
|
if (bytes < 0) {
|
|
|
|
|
error("target connection error");
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tstart += bytes;
|
|
|
|
|
if (tstart >= tend) {
|
|
|
|
|
tstart = tend = 0;
|
|
|
|
|
traffic(">");
|
|
|
|
|
} else {
|
|
|
|
|
traffic(">.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (FD_ISSET(client, &wlist)) {
|
|
|
|
|
len = cend-cstart;
|
|
|
|
|
bytes = ws_send(ws_ctx, cbuf + cstart, len);
|
|
|
|
|
if (len < 3) {
|
|
|
|
|
fprintf(stderr, "len: %d, bytes: %d: %d\n", len, bytes, *(cbuf + cstart));
|
|
|
|
|
}
|
|
|
|
|
cstart += bytes;
|
|
|
|
|
if (cstart >= cend) {
|
|
|
|
|
cstart = cend = 0;
|
|
|
|
|
traffic("<");
|
|
|
|
|
if (recordfd) {
|
|
|
|
|
write(recordfd, "'>", 2);
|
|
|
|
|
write(recordfd, cbuf + cstart + 1, bytes - 2);
|
|
|
|
|
write(recordfd, "',\n", 3);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
traffic("<.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (FD_ISSET(target, &rlist)) {
|
|
|
|
|
bytes = recv(target, cbuf_tmp, dbufsize , 0);
|
|
|
|
|
if (bytes <= 0) {
|
2010-06-07 18:44:02 +01:00
|
|
|
fprintf(stderr, "target closed connection");
|
2010-06-04 23:10:06 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
cstart = 0;
|
2010-06-07 18:44:02 +01:00
|
|
|
cend = encode(cbuf_tmp, bytes, cbuf, bufsize);
|
|
|
|
|
/*
|
|
|
|
|
printf("encoded: ");
|
2010-06-07 19:47:44 +01:00
|
|
|
for (i=0; i< cend; i++) {
|
|
|
|
|
printf("%u,", (unsigned char) *(cbuf+i));
|
2010-06-07 18:44:02 +01:00
|
|
|
}
|
|
|
|
|
printf("\n");
|
|
|
|
|
*/
|
|
|
|
|
if (cend < 0) {
|
|
|
|
|
fprintf(stderr, "encoding error\n");
|
2010-06-04 23:10:06 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
traffic("{");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (FD_ISSET(client, &rlist)) {
|
|
|
|
|
bytes = ws_recv(ws_ctx, tbuf_tmp, bufsize-1);
|
|
|
|
|
if (bytes <= 0) {
|
|
|
|
|
fprintf(stderr, "client closed connection\n");
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (recordfd) {
|
|
|
|
|
write(recordfd, "'", 1);
|
|
|
|
|
write(recordfd, tbuf_tmp + 1, bytes - 2);
|
|
|
|
|
write(recordfd, "',\n", 3);
|
|
|
|
|
}
|
2010-06-07 19:47:44 +01:00
|
|
|
/*
|
|
|
|
|
printf("before decode: ");
|
|
|
|
|
for (i=0; i< bytes; i++) {
|
|
|
|
|
printf("%u,", (unsigned char) *(tbuf_tmp+i));
|
|
|
|
|
}
|
|
|
|
|
printf("\n");
|
|
|
|
|
*/
|
2010-06-07 18:44:02 +01:00
|
|
|
len = decode(tbuf_tmp, bytes, tbuf, bufsize-1);
|
|
|
|
|
/*
|
|
|
|
|
printf("decoded: ");
|
2010-06-07 19:47:44 +01:00
|
|
|
for (i=0; i< len; i++) {
|
|
|
|
|
printf("%u,", (unsigned char) *(tbuf+i));
|
2010-06-07 18:44:02 +01:00
|
|
|
}
|
|
|
|
|
printf("\n");
|
|
|
|
|
*/
|
2010-06-04 23:10:06 +01:00
|
|
|
if (len < 0) {
|
2010-06-07 18:44:02 +01:00
|
|
|
fprintf(stderr, "decoding error\n");
|
2010-06-04 23:10:06 +01:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
traffic("}");
|
|
|
|
|
tstart = 0;
|
|
|
|
|
tend = len;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void proxy_handler(ws_ctx_t *ws_ctx) {
|
|
|
|
|
int tsock = 0;
|
|
|
|
|
struct sockaddr_in taddr;
|
|
|
|
|
|
2010-06-17 23:05:33 +01:00
|
|
|
if (settings.record && settings.record[0] != '\0') {
|
|
|
|
|
recordfd = open(settings.record, O_WRONLY | O_CREAT | O_APPEND,
|
2010-06-17 22:06:18 +01:00
|
|
|
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
|
|
|
|
|
}
|
|
|
|
|
|
2010-06-04 23:10:06 +01:00
|
|
|
printf("Connecting to: %s:%d\n", target_host, target_port);
|
|
|
|
|
|
|
|
|
|
tsock = socket(AF_INET, SOCK_STREAM, 0);
|
|
|
|
|
if (tsock < 0) {
|
|
|
|
|
error("Could not create target socket");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
bzero((char *) &taddr, sizeof(taddr));
|
|
|
|
|
taddr.sin_family = AF_INET;
|
|
|
|
|
taddr.sin_port = htons(target_port);
|
|
|
|
|
|
2010-06-16 19:11:07 +01:00
|
|
|
/* Resolve target address */
|
|
|
|
|
if (resolve_host(&taddr.sin_addr, target_host) < -1) {
|
2010-06-17 23:24:54 +01:00
|
|
|
error("Could not resolve target address");
|
2010-06-16 19:11:07 +01:00
|
|
|
}
|
|
|
|
|
|
2010-06-04 23:10:06 +01:00
|
|
|
if (connect(tsock, (struct sockaddr *) &taddr, sizeof(taddr)) < 0) {
|
|
|
|
|
error("Could not connect to target");
|
|
|
|
|
close(tsock);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
printf("%s", traffic_legend);
|
|
|
|
|
|
|
|
|
|
do_proxy(ws_ctx, tsock);
|
|
|
|
|
|
|
|
|
|
close(tsock);
|
|
|
|
|
if (recordfd) {
|
|
|
|
|
close(recordfd);
|
|
|
|
|
recordfd = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int main(int argc, char *argv[])
|
|
|
|
|
{
|
2010-06-17 23:05:33 +01:00
|
|
|
int listen_port, fd, c, option_index = 0;
|
2010-06-17 22:06:18 +01:00
|
|
|
static int ssl_only = 0, foreground = 0;
|
|
|
|
|
char *found;
|
2010-06-16 19:58:00 +01:00
|
|
|
static struct option long_options[] = {
|
2010-06-17 22:06:18 +01:00
|
|
|
{"ssl-only", no_argument, &ssl_only, 1 },
|
|
|
|
|
{"foreground", no_argument, &foreground, 'f'},
|
2010-06-16 19:58:00 +01:00
|
|
|
/* ---- */
|
2010-06-17 22:06:18 +01:00
|
|
|
{"record", required_argument, 0, 'r'},
|
|
|
|
|
{"cert", required_argument, 0, 'c'},
|
2010-06-16 19:58:00 +01:00
|
|
|
{0, 0, 0, 0}
|
|
|
|
|
};
|
2010-06-04 23:10:06 +01:00
|
|
|
|
2010-06-17 23:05:33 +01:00
|
|
|
settings.record = NULL;
|
|
|
|
|
settings.cert = realpath("self.pem", NULL);
|
2010-06-17 22:06:18 +01:00
|
|
|
|
2010-06-16 19:58:00 +01:00
|
|
|
while (1) {
|
2010-06-17 22:06:18 +01:00
|
|
|
c = getopt_long (argc, argv, "fr:c:",
|
2010-06-16 19:58:00 +01:00
|
|
|
long_options, &option_index);
|
2010-06-16 18:37:03 +01:00
|
|
|
|
2010-06-16 19:58:00 +01:00
|
|
|
/* Detect the end */
|
|
|
|
|
if (c == -1) { break; }
|
|
|
|
|
|
|
|
|
|
switch (c) {
|
2010-06-17 22:06:18 +01:00
|
|
|
case 0:
|
|
|
|
|
break; // ignore
|
|
|
|
|
case 1:
|
|
|
|
|
break; // ignore
|
|
|
|
|
case 'f':
|
|
|
|
|
foreground = 1;
|
|
|
|
|
break;
|
|
|
|
|
case 'r':
|
2010-06-17 23:05:33 +01:00
|
|
|
if ((fd = open(optarg, O_CREAT,
|
|
|
|
|
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) < -1) {
|
2010-06-17 23:24:54 +01:00
|
|
|
usage("Could not access %s\n", optarg);
|
2010-06-17 23:05:33 +01:00
|
|
|
}
|
|
|
|
|
close(fd);
|
|
|
|
|
settings.record = realpath(optarg, NULL);
|
2010-06-17 22:06:18 +01:00
|
|
|
break;
|
|
|
|
|
case 'c':
|
2010-06-17 23:05:33 +01:00
|
|
|
settings.cert = realpath(optarg, NULL);
|
|
|
|
|
if (! settings.cert) {
|
2010-06-17 23:24:54 +01:00
|
|
|
usage("No cert file at %s\n", optarg);
|
2010-06-17 23:05:33 +01:00
|
|
|
}
|
2010-06-17 22:06:18 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
2010-06-17 23:50:15 +01:00
|
|
|
usage("");
|
2010-06-16 19:58:00 +01:00
|
|
|
}
|
2010-06-04 23:10:06 +01:00
|
|
|
}
|
2010-06-17 22:06:18 +01:00
|
|
|
settings.ssl_only = ssl_only;
|
|
|
|
|
settings.daemon = foreground ? 0: 1;
|
2010-06-04 23:10:06 +01:00
|
|
|
|
2010-06-16 19:58:00 +01:00
|
|
|
if ((argc-optind) != 2) {
|
2010-06-17 23:24:54 +01:00
|
|
|
usage("Invalid number of arguments\n");
|
2010-06-16 18:37:03 +01:00
|
|
|
}
|
|
|
|
|
|
2010-06-17 22:06:18 +01:00
|
|
|
found = strstr(argv[optind], ":");
|
|
|
|
|
if (found) {
|
|
|
|
|
memcpy(settings.listen_host, argv[optind], found-argv[optind]);
|
|
|
|
|
settings.listen_port = strtol(found+1, NULL, 10);
|
2010-06-16 18:37:03 +01:00
|
|
|
} else {
|
2010-06-17 22:06:18 +01:00
|
|
|
settings.listen_host[0] = '\0';
|
|
|
|
|
settings.listen_port = strtol(argv[optind], NULL, 10);
|
2010-06-16 18:37:03 +01:00
|
|
|
}
|
2010-06-16 19:58:00 +01:00
|
|
|
optind++;
|
2010-06-17 23:24:54 +01:00
|
|
|
if (listen_port == 0) {
|
|
|
|
|
usage("Could not parse listen_port\n");
|
2010-06-16 18:37:03 +01:00
|
|
|
}
|
|
|
|
|
|
2010-06-17 22:06:18 +01:00
|
|
|
found = strstr(argv[optind], ":");
|
|
|
|
|
if (found) {
|
|
|
|
|
memcpy(target_host, argv[optind], found-argv[optind]);
|
|
|
|
|
target_port = strtol(found+1, NULL, 10);
|
2010-06-16 18:37:03 +01:00
|
|
|
} else {
|
2010-06-17 23:24:54 +01:00
|
|
|
usage("Target argument must be host:port\n");
|
|
|
|
|
}
|
|
|
|
|
if (target_port == 0) {
|
|
|
|
|
usage("Could not parse target port\n");
|
2010-06-16 18:37:03 +01:00
|
|
|
}
|
2010-06-17 23:24:54 +01:00
|
|
|
|
|
|
|
|
if (ssl_only) {
|
|
|
|
|
printf("cert: %s\n", settings.cert);
|
|
|
|
|
if (!settings.cert || !access(settings.cert)) {
|
|
|
|
|
usage("SSL only and cert file not found\n");
|
|
|
|
|
}
|
2010-06-16 18:37:03 +01:00
|
|
|
}
|
2010-06-04 23:10:06 +01:00
|
|
|
|
2010-06-17 23:24:54 +01:00
|
|
|
//printf(" ssl_only: %d\n", settings.ssl_only);
|
|
|
|
|
//printf(" daemon: %d\n", settings.daemon);
|
|
|
|
|
//printf(" record: %s\n", settings.record);
|
|
|
|
|
//printf(" cert: %s\n", settings.cert);
|
|
|
|
|
|
2010-06-17 22:06:18 +01:00
|
|
|
settings.handler = proxy_handler;
|
|
|
|
|
start_server();
|
2010-06-04 23:10:06 +01:00
|
|
|
|
|
|
|
|
free(tbuf);
|
|
|
|
|
free(cbuf);
|
|
|
|
|
free(tbuf_tmp);
|
|
|
|
|
free(cbuf_tmp);
|
|
|
|
|
}
|
