[tor-commits] [orbot/master] first commit of new OrbotVPN integration into Orbot
n8fr8 at torproject.org
n8fr8 at torproject.org
Fri Nov 14 17:40:34 UTC 2014
commit e45991899a015798973be125ddc51e506ac09d6a
Author: Nathan Freitas <nathan at freitas.net>
Date: Tue Oct 21 12:30:13 2014 -0400
first commit of new OrbotVPN integration into Orbot
---
.gitmodules | 3 +
AndroidManifest.xml | 8 +
external/badvpn | 1 +
external/tor | 2 +-
res/menu/main.xml | 3 +
src/com/runjva/sourceforge/jsocks/main/SOCKS.java | 269 ++++++++
.../runjva/sourceforge/jsocks/main/SocksEcho.gif | Bin 0 -> 926 bytes
.../jsocks/protocol/Authentication.java | 35 +
.../jsocks/protocol/AuthenticationNone.java | 22 +
.../sourceforge/jsocks/protocol/InetRange.java | 492 ++++++++++++++
.../sourceforge/jsocks/protocol/ProxyMessage.java | 118 ++++
.../sourceforge/jsocks/protocol/ProxyServer.java | 669 ++++++++++++++++++++
.../sourceforge/jsocks/protocol/Socks4Message.java | 167 +++++
.../sourceforge/jsocks/protocol/Socks4Proxy.java | 144 +++++
.../jsocks/protocol/Socks5DatagramSocket.java | 485 ++++++++++++++
.../sourceforge/jsocks/protocol/Socks5Message.java | 330 ++++++++++
.../sourceforge/jsocks/protocol/Socks5Proxy.java | 295 +++++++++
.../jsocks/protocol/SocksException.java | 111 ++++
.../jsocks/protocol/SocksProxyBase.java | 543 ++++++++++++++++
.../jsocks/protocol/SocksServerSocket.java | 238 +++++++
.../sourceforge/jsocks/protocol/SocksSocket.java | 389 ++++++++++++
.../jsocks/protocol/UDPEncapsulation.java | 33 +
.../jsocks/protocol/UDPRelayServer.java | 231 +++++++
.../protocol/UserPasswordAuthentication.java | 91 +++
.../runjva/sourceforge/jsocks/server/Ident.java | 176 +++++
.../jsocks/server/IdentAuthenticator.java | 182 ++++++
.../jsocks/server/ServerAuthenticator.java | 126 ++++
.../jsocks/server/ServerAuthenticatorBase.java | 187 ++++++
.../jsocks/server/ServerAuthenticatorNone.java | 16 +
.../jsocks/server/UserPasswordAuthenticator.java | 82 +++
.../sourceforge/jsocks/server/UserValidation.java | 24 +
src/org/torproject/android/Orbot.java | 27 +-
.../torproject/android/vpn/OrbotVpnService.java | 239 +++++++
src/org/torproject/android/vpn/Tun2Socks.java | 124 ++++
34 files changed, 5858 insertions(+), 4 deletions(-)
diff --git a/.gitmodules b/.gitmodules
index caa21c3..9041ca4 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -29,3 +29,6 @@
[submodule "external/polipo"]
path = external/polipo
url = https://github.com/jech/polipo.git
+[submodule "external/badvpn"]
+ path = external/badvpn
+ url = https://github.com/ambrop72/badvpn.git
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 75b1c32..22a6e6b 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -101,6 +101,14 @@
<action android:name="android.intent.action.BOOT_COMPLETED" />
</intent-filter>
</receiver>
+
+
+ <service android:name="org.torproject.android.vpn.OrbotVpnService"
+ android:permission="android.permission.BIND_VPN_SERVICE">
+ <intent-filter>
+ <action android:name="android.net.VpnService"/>
+ </intent-filter>
+ </service>
</application>
diff --git a/external/badvpn b/external/badvpn
new file mode 160000
index 0000000..5153894
--- /dev/null
+++ b/external/badvpn
@@ -0,0 +1 @@
+Subproject commit 5153894f4375d7a0e43d0b60c1b759543e6b383a
diff --git a/external/tor b/external/tor
index 40233ca..a64f3ab 160000
--- a/external/tor
+++ b/external/tor
@@ -1 +1 @@
-Subproject commit 40233cadbbbf77214913db818a1458c6ddd14a9f
+Subproject commit a64f3ab3ee5c433cc1f046a7e26df7a49e308e4c
diff --git a/res/menu/main.xml b/res/menu/main.xml
index 9954339..4d2ac1a 100644
--- a/res/menu/main.xml
+++ b/res/menu/main.xml
@@ -73,6 +73,9 @@
/>
+ <item android:id="@+id/menu_vpn"
+ android:title="start VPN"
+ yourapp:showAsAction="never"/>
<!--
<item android:id="@+id/menu_diag"
android:title="Test Mode"
diff --git a/src/com/runjva/sourceforge/jsocks/main/SOCKS.java b/src/com/runjva/sourceforge/jsocks/main/SOCKS.java
new file mode 100644
index 0000000..d1012fd
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/main/SOCKS.java
@@ -0,0 +1,269 @@
+package com.runjva.sourceforge.jsocks.main;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Hashtable;
+import java.util.Properties;
+import java.util.StringTokenizer;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.runjva.sourceforge.jsocks.protocol.InetRange;
+import com.runjva.sourceforge.jsocks.protocol.ProxyServer;
+import com.runjva.sourceforge.jsocks.protocol.SocksProxyBase;
+import com.runjva.sourceforge.jsocks.server.IdentAuthenticator;
+
+public class SOCKS {
+
+ private static final int DEFAULT_LISTENING_PORT = 1080;
+ final private static Logger log = LoggerFactory.getLogger(SOCKS.class);
+
+ static public void usage() {
+ System.out.println("Usage: java SOCKS [inifile1 inifile2 ...]\n"
+ + "If none inifile is given, uses socks.properties.\n");
+ }
+
+ static public void main(String[] args) {
+
+ String[] file_names;
+ int port = DEFAULT_LISTENING_PORT;
+ String logFile = null;
+ String host = null;
+
+ final IdentAuthenticator auth = new IdentAuthenticator();
+
+ InetAddress localIP = null;
+
+ if (args.length == 0) {
+ file_names = new String[] { "socks.properties" };
+ } else {
+ file_names = args;
+ }
+
+ inform("Loading properties");
+ for (int i = 0; i < file_names.length; ++i) {
+
+ inform("Reading file " + file_names[i]);
+
+ final Properties pr = loadProperties(file_names[i]);
+ if (pr == null) {
+ System.err.println("Loading of properties from "
+ + file_names[i] + "failed.");
+ usage();
+ return;
+ }
+ if (!addAuth(auth, pr)) {
+ System.err.println("Error in file " + file_names[i] + ".");
+ usage();
+ return;
+ }
+ // First file should contain all global settings,
+ // like port and host and log.
+ if (i == 0) {
+ final String port_s = (String) pr.get("port");
+ if (port_s != null) {
+ try {
+ port = Integer.parseInt(port_s);
+ } catch (final NumberFormatException nfe) {
+ System.err.println("Can't parse port: " + port_s);
+ return;
+ }
+ }
+
+ serverInit(pr);
+ logFile = (String) pr.get("log");
+ host = (String) pr.get("host");
+ }
+
+ // inform("Props:"+pr);
+ }
+
+ if (logFile != null) {
+ System.err.println("log property not supported anymore.");
+ }
+ if (host != null) {
+ try {
+ localIP = InetAddress.getByName(host);
+ } catch (final UnknownHostException uhe) {
+ System.err.println("Can't resolve local ip: " + host);
+ return;
+ }
+ }
+
+ inform("Using Ident Authentication scheme: " + auth);
+ final ProxyServer server = new ProxyServer(auth);
+ server.start(port, 5, localIP);
+ }
+
+ static Properties loadProperties(String file_name) {
+
+ final Properties pr = new Properties();
+
+ try {
+ final InputStream fin = new FileInputStream(file_name);
+ pr.load(fin);
+ fin.close();
+ } catch (final IOException ioe) {
+ return null;
+ }
+ return pr;
+ }
+
+ static boolean addAuth(IdentAuthenticator ident, Properties pr) {
+
+ InetRange irange;
+
+ final String range = (String) pr.get("range");
+ if (range == null) {
+ return false;
+ }
+ irange = parseInetRange(range);
+
+ final String users = (String) pr.get("users");
+
+ if (users == null) {
+ ident.add(irange, null);
+ return true;
+ }
+
+ final Hashtable<String, String> uhash = new Hashtable<String, String>();
+
+ final StringTokenizer st = new StringTokenizer(users, ";");
+ while (st.hasMoreTokens()) {
+ uhash.put(st.nextToken(), "");
+ }
+
+ ident.add(irange, uhash);
+ return true;
+ }
+
+ /**
+ * Does server initialisation.
+ */
+ static void serverInit(Properties props) {
+ int val;
+ val = readInt(props, "iddleTimeout");
+ if (val >= 0) {
+ ProxyServer.setIddleTimeout(val);
+ inform("Setting iddle timeout to " + val + " ms.");
+ }
+ val = readInt(props, "acceptTimeout");
+ if (val >= 0) {
+ ProxyServer.setAcceptTimeout(val);
+ inform("Setting accept timeout to " + val + " ms.");
+ }
+ val = readInt(props, "udpTimeout");
+ if (val >= 0) {
+ ProxyServer.setUDPTimeout(val);
+ inform("Setting udp timeout to " + val + " ms.");
+ }
+
+ val = readInt(props, "datagramSize");
+ if (val >= 0) {
+ ProxyServer.setDatagramSize(val);
+ inform("Setting datagram size to " + val + " bytes.");
+ }
+
+ proxyInit(props);
+
+ }
+
+ /**
+ * Initialises proxy, if any specified.
+ */
+ static void proxyInit(Properties props) {
+ String proxy_list;
+ SocksProxyBase proxy = null;
+ StringTokenizer st;
+
+ proxy_list = (String) props.get("proxy");
+ if (proxy_list == null) {
+ return;
+ }
+
+ st = new StringTokenizer(proxy_list, ";");
+ while (st.hasMoreTokens()) {
+ final String proxy_entry = st.nextToken();
+
+ final SocksProxyBase p = SocksProxyBase.parseProxy(proxy_entry);
+
+ if (p == null) {
+ exit("Can't parse proxy entry:" + proxy_entry);
+ }
+
+ inform("Adding Proxy:" + p);
+
+ if (proxy != null) {
+ p.setChainProxy(proxy);
+ }
+
+ proxy = p;
+
+ }
+ if (proxy == null) {
+ return; // Empty list
+ }
+
+ final String direct_hosts = (String) props.get("directHosts");
+ if (direct_hosts != null) {
+ final InetRange ir = parseInetRange(direct_hosts);
+ inform("Setting direct hosts:" + ir);
+ proxy.setDirect(ir);
+ }
+
+ ProxyServer.setProxy(proxy);
+ }
+
+ /**
+ * Inits range from the string of semicolon separated ranges.
+ */
+ static InetRange parseInetRange(String source) {
+ final InetRange irange = new InetRange();
+
+ final StringTokenizer st = new StringTokenizer(source, ";");
+ while (st.hasMoreTokens()) {
+ irange.add(st.nextToken());
+ }
+
+ return irange;
+ }
+
+ /**
+ * Integer representaion of the property named name, or -1 if one is not
+ * found.
+ */
+ static int readInt(Properties props, String name) {
+ int result = -1;
+ final String val = (String) props.get(name);
+ if (val == null) {
+ return -1;
+ }
+ final StringTokenizer st = new StringTokenizer(val);
+ if (!st.hasMoreElements()) {
+ return -1;
+ }
+ try {
+ result = Integer.parseInt(st.nextToken());
+ } catch (final NumberFormatException nfe) {
+ inform("Bad value for " + name + ":" + val);
+ }
+ return result;
+ }
+
+ // Display functions
+ // /////////////////
+
+ static void inform(String s) {
+ log.info(s);
+ }
+
+ static void exit(String msg) {
+ System.err.println("Error:" + msg);
+ System.err.println("Aborting operation");
+ System.exit(0);
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/main/SocksEcho.gif b/src/com/runjva/sourceforge/jsocks/main/SocksEcho.gif
new file mode 100644
index 0000000..701d39a
Binary files /dev/null and b/src/com/runjva/sourceforge/jsocks/main/SocksEcho.gif differ
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/Authentication.java b/src/com/runjva/sourceforge/jsocks/protocol/Authentication.java
new file mode 100644
index 0000000..7bc58d9
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/Authentication.java
@@ -0,0 +1,35 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+/**
+ * The Authentication interface provides for performing method specific
+ * authentication for SOCKS5 connections.
+ */
+public interface Authentication {
+ /**
+ * This method is called when SOCKS5 server have selected a particular
+ * authentication method, for whch an implementaion have been registered.
+ *
+ * <p>
+ * This method should return an array {inputstream,outputstream
+ * [,UDPEncapsulation]}. The reason for that is that SOCKS5 protocol allows
+ * to have method specific encapsulation of data on the socket for purposes
+ * of integrity or security. And this encapsulation should be performed by
+ * those streams returned from the method. It is also possible to
+ * encapsulate datagrams. If authentication method supports such
+ * encapsulation an instance of the UDPEncapsulation interface should be
+ * returned as third element of the array, otherwise either null should be
+ * returned as third element, or array should contain only 2 elements.
+ *
+ * @param methodId
+ * Authentication method selected by the server.
+ * @param proxySocket
+ * Socket used to conect to the proxy.
+ * @return Two or three element array containing Input/Output streams which
+ * should be used on this connection. Third argument is optional and
+ * should contain an instance of UDPEncapsulation. It should be
+ * provided if the authentication method used requires any
+ * encapsulation to be done on the datagrams.
+ */
+ Object[] doSocksAuthentication(int methodId, java.net.Socket proxySocket)
+ throws java.io.IOException;
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/AuthenticationNone.java b/src/com/runjva/sourceforge/jsocks/protocol/AuthenticationNone.java
new file mode 100644
index 0000000..e682154
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/AuthenticationNone.java
@@ -0,0 +1,22 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.InputStream;
+import java.io.OutputStream;
+
+/**
+ * SOCKS5 none authentication. Dummy class does almost nothing.
+ */
+public class AuthenticationNone implements Authentication {
+
+ public Object[] doSocksAuthentication(final int methodId,
+ final java.net.Socket proxySocket) throws java.io.IOException {
+
+ if (methodId != 0) {
+ return null;
+ }
+
+ InputStream in = proxySocket.getInputStream();
+ OutputStream out = proxySocket.getOutputStream();
+ return new Object[] { in, out };
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/InetRange.java b/src/com/runjva/sourceforge/jsocks/protocol/InetRange.java
new file mode 100644
index 0000000..fae1358
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/InetRange.java
@@ -0,0 +1,492 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.StringTokenizer;
+import java.util.Vector;
+
+/**
+ * Class InetRange provides the means of defining the range of inetaddresses.
+ * It's used by Proxy class to store and look up addresses of machines, that
+ * should be contacted directly rather then through the proxy.
+ * <P>
+ * InetRange provides several methods to add either standalone addresses, or
+ * ranges (e.g. 100.200.300.0:100.200.300.255, which covers all addresses on on
+ * someones local network). It also provides methods for checking wether given
+ * address is in this range. Any number of ranges and standalone addresses can
+ * be added to the range.
+ */
+public class InetRange implements Cloneable {
+
+ Hashtable<String, Object[]> host_names;
+ Vector<Object[]> all;
+ Vector<String> end_names;
+
+ boolean useSeparateThread = true;
+
+ /**
+ * Creates the empty range.
+ */
+ public InetRange() {
+ all = new Vector<Object[]>();
+ host_names = new Hashtable<String, Object[]>();
+ end_names = new Vector<String>();
+ }
+
+ /**
+ * Adds another host or range to this range. The String can be one of those:
+ * <UL>
+ * <li>Host name. eg.(Athena.myhost.com or 45.54.56.65)
+ *
+ * <li>Range in the form .myhost.net.au <BR>
+ * In which case anything that ends with .myhost.net.au will be considered
+ * in the range.
+ *
+ * <li>Range in the form ddd.ddd.ddd. <BR>
+ * This will be treated as range ddd.ddd.ddd.0 to ddd.ddd.ddd.255. It is not
+ * necessary to specify 3 first bytes you can use just one or two. For
+ * example 130. will cover address between 130.0.0.0 and 13.255.255.255.
+ *
+ * <li>Range in the form host_from[: \t\n\r\f]host_to. <br>
+ * That is two hostnames or ips separated by either whitespace or colon.
+ * </UL>
+ */
+ public synchronized boolean add(final String s0) {
+ if (s0 == null) {
+ return false;
+ }
+
+ String s = s0.trim();
+ if (s.length() == 0) {
+ return false;
+ }
+
+ Object[] entry;
+
+ if (s.endsWith(".")) {
+ // thing like: 111.222.33.
+ // it is being treated as range 111.222.33.000 - 111.222.33.255
+
+ final int[] addr = ip2intarray(s);
+ long from, to;
+ from = to = 0;
+
+ if (addr == null) {
+ return false;
+ }
+ for (int i = 0; i < 4; i++) {
+ if (addr[i] >= 0) {
+ from += (((long) addr[i]) << 8 * (3 - i));
+ } else {
+ to = from;
+ while (i < 4) {
+ to += 255l << 8 * (3 - i++);
+ }
+ break;
+ }
+ }
+ entry = new Object[] { s, null, new Long(from), new Long(to) };
+ all.addElement(entry);
+
+ } else if (s.startsWith(".")) {
+ // Thing like: .myhost.com
+
+ end_names.addElement(s);
+ all.addElement(new Object[] { s, null, null, null });
+ } else {
+ final StringTokenizer tokens = new StringTokenizer(s, " \t\r\n\f:");
+ if (tokens.countTokens() > 1) {
+ entry = new Object[] { s, null, null, null };
+ resolve(entry, tokens.nextToken(), tokens.nextToken());
+ all.addElement(entry);
+ } else {
+ entry = new Object[] { s, null, null, null };
+ all.addElement(entry);
+ host_names.put(s, entry);
+ resolve(entry);
+ }
+
+ }
+
+ return true;
+ }
+
+ /**
+ * Adds another ip for this range.
+ *
+ * @param ip
+ * IP os the host which should be added to this range.
+ */
+ public synchronized void add(final InetAddress ip) {
+ long from, to;
+ from = to = ip2long(ip);
+ all.addElement(new Object[] { ip.getHostName(), ip, new Long(from),
+ new Long(to) });
+ }
+
+ /**
+ * Adds another range of ips for this range.Any host with ip address greater
+ * than or equal to the address of from and smaller than or equal to the
+ * address of to will be included in the range.
+ *
+ * @param from
+ * IP from where range starts(including).
+ * @param to
+ * IP where range ends(including).
+ */
+ public synchronized void add(final InetAddress from, final InetAddress to) {
+ all.addElement(new Object[] {
+ from.getHostAddress() + ":" + to.getHostAddress(), null,
+ new Long(ip2long(from)), new Long(ip2long(to)) });
+ }
+
+ /**
+ * Checks wether the givan host is in the range. Attempts to resolve host
+ * name if required.
+ *
+ * @param host
+ * Host name to check.
+ * @return true If host is in the range, false otherwise.
+ * @see InetRange#contains(String,boolean)
+ */
+ public synchronized boolean contains(final String host) {
+ return contains(host, true);
+ }
+
+ /**
+ * Checks wether the given host is in the range.
+ * <P>
+ * Algorithm: <BR>
+ * <ol>
+ * <li>Look up if the hostname is in the range (in the Hashtable).
+ * <li>Check if it ends with one of the speciefied endings.
+ * <li>Check if it is ip(eg.130.220.35.98). If it is check if it is in the
+ * range.
+ * <li>If attemptResolve is true, host is name, rather than ip, and all
+ * previous attempts failed, try to resolve the hostname, and check wether
+ * the ip associated with the host is in the range.It also repeats all
+ * previos steps with the hostname obtained from InetAddress, but the name
+ * is not allways the full name,it is quite likely to be the same. Well it
+ * was on my machine.
+ * </ol>
+ *
+ * @param host
+ * Host name to check.
+ * @param attemptResolve
+ * Wether to lookup ip address which corresponds to the host,if
+ * required.
+ * @return true If host is in the range, false otherwise.
+ */
+ public synchronized boolean contains(final String host0,
+ final boolean attemptResolve) {
+ if (all.size() == 0) {
+ return false; // Empty range
+ }
+
+ String host = host0.trim();
+ if (host.length() == 0) {
+ return false;
+ }
+
+ if (checkHost(host)) {
+ return true;
+ }
+ if (checkHostEnding(host)) {
+ return true;
+ }
+
+ final long l = host2long(host);
+ if (l >= 0) {
+ return contains(l);
+ }
+
+ if (!attemptResolve) {
+ return false;
+ }
+
+ try {
+ final InetAddress ip = InetAddress.getByName(host);
+ return contains(ip);
+ } catch (final UnknownHostException uhe) {
+
+ }
+
+ return false;
+ }
+
+ /**
+ * Checks wether the given ip is in the range.
+ *
+ * @param ip
+ * Address of the host to check.
+ * @return true If host is in the range, false otherwise.
+ */
+ public synchronized boolean contains(final InetAddress ip) {
+ if (checkHostEnding(ip.getHostName())) {
+ return true;
+ }
+ if (checkHost(ip.getHostName())) {
+ return true;
+ }
+ return contains(ip2long(ip));
+ }
+
+ /**
+ * Get all entries in the range as strings. <BR>
+ * These strings can be used to delete entries from the range with remove
+ * function.
+ *
+ * @return Array of entries as strings.
+ * @see InetRange#remove(String)
+ */
+ public synchronized String[] getAll() {
+ final int size = all.size();
+ Object entry[];
+ final String all_names[] = new String[size];
+
+ for (int i = 0; i < size; ++i) {
+ entry = all.elementAt(i);
+ all_names[i] = (String) entry[0];
+ }
+ return all_names;
+ }
+
+ /**
+ * Removes an entry from this range.<BR>
+ *
+ * @param s
+ * Entry to remove.
+ * @return true if successfull.
+ */
+ public synchronized boolean remove(final String s) {
+ final Enumeration<Object[]> enumx = all.elements();
+ while (enumx.hasMoreElements()) {
+ final Object[] entry = enumx.nextElement();
+ if (s.equals(entry[0])) {
+ all.removeElement(entry);
+ end_names.removeElement(s);
+ host_names.remove(s);
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /** Get string representaion of this Range. */
+ public String toString() {
+ final String all[] = getAll();
+ if (all.length == 0) {
+ return "";
+ }
+
+ String s = all[0];
+ for (int i = 1; i < all.length; ++i) {
+ s += "; " + all[i];
+ }
+ return s;
+ }
+
+ /** Creates a clone of this Object */
+
+ @SuppressWarnings("unchecked")
+ public Object clone() {
+ final InetRange new_range = new InetRange();
+ new_range.all = (Vector<Object[]>) all.clone();
+ new_range.end_names = (Vector<String>) end_names.clone();
+ new_range.host_names = (Hashtable<String, Object[]>) host_names.clone();
+ return new_range;
+ }
+
+ // Private methods
+ // ///////////////
+ /**
+ * Same as previous but used internally, to avoid unnecessary convertion of
+ * IPs, when checking subranges
+ */
+ private synchronized boolean contains(final long ip) {
+ final Enumeration<Object[]> enumx = all.elements();
+ while (enumx.hasMoreElements()) {
+ final Object[] obj = enumx.nextElement();
+ final Long from = obj[2] == null ? null : (Long) obj[2];
+ final Long to = obj[3] == null ? null : (Long) obj[3];
+ if ((from != null) && (from.longValue() <= ip)
+ && (to.longValue() >= ip)) {
+ return true;
+ }
+
+ }
+ return false;
+ }
+
+ private boolean checkHost(final String host) {
+ return host_names.containsKey(host);
+ }
+
+ private boolean checkHostEnding(final String host) {
+ final Enumeration<String> enumx = end_names.elements();
+ while (enumx.hasMoreElements()) {
+ if (host.endsWith(enumx.nextElement())) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private void resolve(final Object[] entry) {
+ // First check if it's in the form ddd.ddd.ddd.ddd.
+ final long ip = host2long((String) entry[0]);
+ if (ip >= 0) {
+ entry[2] = entry[3] = new Long(ip);
+ } else {
+ final InetRangeResolver res = new InetRangeResolver(entry);
+ res.resolve(useSeparateThread);
+ }
+ }
+
+ private void resolve(final Object[] entry, final String from,
+ final String to) {
+ long f, t;
+ if (((f = host2long(from)) >= 0) && ((t = host2long(to)) >= 0)) {
+ entry[2] = new Long(f);
+ entry[3] = new Long(t);
+ } else {
+ final InetRangeResolver res = new InetRangeResolver(entry, from, to);
+ res.resolve(useSeparateThread);
+ }
+ }
+
+ // Class methods
+ // /////////////
+
+ // Converts ipv4 to long value(unsigned int)
+ // /////////////////////////////////////////
+ static long ip2long(final InetAddress ip) {
+ long l = 0;
+ final byte[] addr = ip.getAddress();
+
+ if (addr.length == 4) { // IPV4
+ for (int i = 0; i < 4; ++i) {
+ l += (((long) addr[i] & 0xFF) << 8 * (3 - i));
+ }
+ } else { // IPV6
+ return 0; // Have no idea how to deal with those
+ }
+ return l;
+ }
+
+ long host2long(final String host) {
+ long ip = 0;
+
+ // check if it's ddd.ddd.ddd.ddd
+ if (!Character.isDigit(host.charAt(0))) {
+ return -1;
+ }
+
+ final int[] addr = ip2intarray(host);
+ if (addr == null) {
+ return -1;
+ }
+
+ for (int i = 0; i < addr.length; ++i) {
+ ip += ((long) (addr[i] >= 0 ? addr[i] : 0)) << 8 * (3 - i);
+ }
+
+ return ip;
+ }
+
+ static int[] ip2intarray(final String host) {
+ final int[] address = { -1, -1, -1, -1 };
+ int i = 0;
+ final StringTokenizer tokens = new StringTokenizer(host, ".");
+ if (tokens.countTokens() > 4) {
+ return null;
+ }
+ while (tokens.hasMoreTokens()) {
+ try {
+ address[i++] = Integer.parseInt(tokens.nextToken()) & 0xFF;
+ } catch (final NumberFormatException nfe) {
+ return null;
+ }
+
+ }
+ return address;
+ }
+
+ /*
+ * //* This was the test main function //**********************************
+ *
+ * public static void main(String args[])throws UnknownHostException{ int i;
+ *
+ * InetRange ir = new InetRange();
+ *
+ *
+ * for(i=0;i<args.length;++i){ System.out.println("Adding:" + args[i]);
+ * ir.add(args[i]); }
+ *
+ * String host; java.io.DataInputStream din = new
+ * java.io.DataInputStream(System.in); try{ host = din.readLine();
+ * while(host!=null){ if(ir.contains(host)){
+ * System.out.println("Range contains ip:"+host); }else{
+ * System.out.println(host+" is not in the range"); } host = din.readLine();
+ * } }catch(java.io.IOException io_ex){ io_ex.printStackTrace(); } }
+ * ******************
+ */
+
+}
+
+class InetRangeResolver implements Runnable {
+
+ Object[] entry;
+
+ String from;
+ String to;
+
+ InetRangeResolver(final Object[] entry) {
+ this.entry = entry;
+ from = null;
+ to = null;
+ }
+
+ InetRangeResolver(final Object[] entry, final String from, final String to) {
+ this.entry = entry;
+ this.from = from;
+ this.to = to;
+ }
+
+ public final void resolve() {
+ resolve(true);
+ }
+
+ public final void resolve(final boolean inSeparateThread) {
+ if (inSeparateThread) {
+ final Thread t = new Thread(this);
+ t.start();
+ } else {
+ run();
+ }
+
+ }
+
+ public void run() {
+ try {
+ if (from == null) {
+ final InetAddress ip = InetAddress.getByName((String) entry[0]);
+ entry[1] = ip;
+ final Long l = new Long(InetRange.ip2long(ip));
+ entry[2] = l;
+ entry[3] = l;
+ } else {
+ final InetAddress f = InetAddress.getByName(from);
+ final InetAddress t = InetAddress.getByName(to);
+ entry[2] = new Long(InetRange.ip2long(f));
+ entry[3] = new Long(InetRange.ip2long(t));
+
+ }
+ } catch (final UnknownHostException uhe) {
+ // System.err.println("Resolve failed for "+from+','+to+','+entry[0]);
+ }
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/ProxyMessage.java b/src/com/runjva/sourceforge/jsocks/protocol/ProxyMessage.java
new file mode 100644
index 0000000..e7721a1
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/ProxyMessage.java
@@ -0,0 +1,118 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+
+/**
+ * Abstract class which describes SOCKS4/5 response/request.
+ */
+public abstract class ProxyMessage {
+
+ /** Host as an IP address */
+ public InetAddress ip = null;
+
+ /** SOCKS version, or version of the response for SOCKS4 */
+ public int version;
+
+ /** Port field of the request/response */
+ public int port;
+
+ /** Request/response code as an int */
+ public int command;
+
+ /** Host as string. */
+ public String host = null;
+
+ /** User field for SOCKS4 request messages */
+ public String user = null;
+
+ ProxyMessage(int command, InetAddress ip, int port) {
+ this.command = command;
+ this.ip = ip;
+ this.port = port;
+ }
+
+ ProxyMessage() {
+ }
+
+ /**
+ * Initialises Message from the stream. Reads server response from given
+ * stream.
+ *
+ * @param in
+ * Input stream to read response from.
+ * @throws SocksException
+ * If server response code is not SOCKS_SUCCESS(0), or if any
+ * error with protocol occurs.
+ * @throws IOException
+ * If any error happens with I/O.
+ */
+ public abstract void read(InputStream in) throws SocksException,
+ IOException;
+
+ /**
+ * Initialises Message from the stream. Reads server response or client
+ * request from given stream.
+ *
+ * @param in
+ * Input stream to read response from.
+ * @param clinetMode
+ * If true read server response, else read client request.
+ * @throws SocksException
+ * If server response code is not SOCKS_SUCCESS(0) and reading
+ * in client mode, or if any error with protocol occurs.
+ * @throws IOException
+ * If any error happens with I/O.
+ */
+ public abstract void read(InputStream in, boolean client_mode)
+ throws SocksException, IOException;
+
+ /**
+ * Writes the message to the stream.
+ *
+ * @param out
+ * Output stream to which message should be written.
+ */
+ public abstract void write(OutputStream out) throws SocksException,
+ IOException;
+
+ /**
+ * Get the Address field of this message as InetAddress object.
+ *
+ * @return Host address or null, if one can't be determined.
+ */
+ public InetAddress getInetAddress() throws UnknownHostException {
+ return ip;
+ }
+
+ /**
+ * Get string representaion of this message.
+ *
+ * @return string representation of this message.
+ */
+ public String toString() {
+ return "Proxy Message:\n" + "Version:" + version + "\n" + "Command:"
+ + command + "\n" + "IP: " + ip + "\n" + "Port: " + port
+ + "\n" + "User: " + user + "\n";
+ }
+
+ // Package methods
+ // ////////////////
+
+ static final String bytes2IPV4(byte[] addr, int offset) {
+ String hostName = "" + (addr[offset] & 0xFF);
+ for (int i = offset + 1; i < offset + 4; i++) {
+ hostName += "." + (addr[i] & 0xFF);
+ }
+ return hostName;
+ }
+
+ static final String bytes2IPV6(byte[] addr, int offset) {
+ // Have no idea how they look like!
+ return null;
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/ProxyServer.java b/src/com/runjva/sourceforge/jsocks/protocol/ProxyServer.java
new file mode 100644
index 0000000..a672bfa
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/ProxyServer.java
@@ -0,0 +1,669 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InterruptedIOException;
+import java.io.OutputStream;
+import java.io.PushbackInputStream;
+import java.net.ConnectException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.NoRouteToHostException;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.SocketAddress;
+import java.nio.channels.SocketChannel;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import android.net.VpnService;
+
+import com.runjva.sourceforge.jsocks.server.ServerAuthenticator;
+
+/**
+ * SOCKS4 and SOCKS5 proxy, handles both protocols simultaniously. Implements
+ * all SOCKS commands, including UDP relaying.
+ * <p>
+ * In order to use it you will need to implement ServerAuthenticator interface.
+ * There is an implementation of this interface which does no authentication
+ * ServerAuthenticatorNone, but it is very dangerous to use, as it will give
+ * access to your local network to anybody in the world. One should never use
+ * this authentication scheme unless one have pretty good reason to do so. There
+ * is a couple of other authentication schemes in socks.server package.
+ *
+ * @see socks.server.ServerAuthenticator
+ */
+public class ProxyServer implements Runnable {
+
+ ServerAuthenticator auth;
+ ProxyMessage msg = null;
+
+ Socket sock = null, remote_sock = null;
+ ServerSocket ss = null;
+ UDPRelayServer relayServer = null;
+ InputStream in, remote_in;
+ OutputStream out, remote_out;
+
+ int mode;
+ static final int START_MODE = 0;
+ static final int ACCEPT_MODE = 1;
+ static final int PIPE_MODE = 2;
+ static final int ABORT_MODE = 3;
+
+ static final int BUF_SIZE = 8192;
+
+ Thread pipe_thread1, pipe_thread2;
+ long lastReadTime;
+
+ static int iddleTimeout = 180000; // 3 minutes
+ static int acceptTimeout = 180000; // 3 minutes
+
+ static Logger log = LoggerFactory.getLogger(ProxyServer.class);
+ static SocksProxyBase proxy;
+
+ static VpnService vpnService;
+
+ // Public Constructors
+ // ///////////////////
+
+ /**
+ * Creates a proxy server with given Authentication scheme.
+ *
+ * @param auth
+ * Authentication scheme to be used.
+ */
+ public ProxyServer(final ServerAuthenticator auth) {
+ this.auth = auth;
+ }
+
+ // Other constructors
+ // //////////////////
+
+ ProxyServer(final ServerAuthenticator auth, final Socket s) {
+ this.auth = auth;
+ this.sock = s;
+ this.mode = START_MODE;
+ }
+
+ // Public methods
+ // ///////////////
+
+ /**
+ * Set proxy.
+ * <p>
+ * Allows Proxy chaining so that one Proxy server is connected to another
+ * and so on. If proxy supports SOCKSv4, then only some SOCKSv5 requests can
+ * be handled, UDP would not work, however CONNECT and BIND will be
+ * translated.
+ *
+ * @param p
+ * Proxy which should be used to handle user requests.
+ */
+ public static void setProxy(final SocksProxyBase p) {
+ proxy = p;
+ // FIXME: Side effect.
+ UDPRelayServer.proxy = proxy;
+ }
+
+ public static void setVpnService (final VpnService v)
+ {
+ vpnService = v;
+ }
+ /**
+ * Get proxy.
+ *
+ * @return Proxy wich is used to handle user requests.
+ */
+ public static SocksProxyBase getProxy() {
+ return proxy;
+ }
+
+ /**
+ * Sets the timeout for connections, how long shoud server wait for data to
+ * arrive before dropping the connection.<br>
+ * Zero timeout implies infinity.<br>
+ * Default timeout is 3 minutes.
+ */
+ public static void setIddleTimeout(final int timeout) {
+ iddleTimeout = timeout;
+ }
+
+ /**
+ * Sets the timeout for BIND command, how long the server should wait for
+ * the incoming connection.<br>
+ * Zero timeout implies infinity.<br>
+ * Default timeout is 3 minutes.
+ */
+ public static void setAcceptTimeout(final int timeout) {
+ acceptTimeout = timeout;
+ }
+
+ /**
+ * Sets the timeout for UDPRelay server.<br>
+ * Zero timeout implies infinity.<br>
+ * Default timeout is 3 minutes.
+ */
+ public static void setUDPTimeout(final int timeout) {
+ UDPRelayServer.setTimeout(timeout);
+ }
+
+ /**
+ * Sets the size of the datagrams used in the UDPRelayServer.<br>
+ * Default size is 64K, a bit more than maximum possible size of the
+ * datagram.
+ */
+ public static void setDatagramSize(final int size) {
+ UDPRelayServer.setDatagramSize(size);
+ }
+
+ /**
+ * Start the Proxy server at given port.<br>
+ * This methods blocks.
+ */
+ public void start(final int port) {
+ start(port, 5, null);
+ }
+
+ /**
+ * Create a server with the specified port, listen backlog, and local IP
+ * address to bind to. The localIP argument can be used on a multi-homed
+ * host for a ServerSocket that will only accept connect requests to one of
+ * its addresses. If localIP is null, it will default accepting connections
+ * on any/all local addresses. The port must be between 0 and 65535,
+ * inclusive. <br>
+ * This methods blocks.
+ */
+ public void start(final int port, final int backlog,
+ final InetAddress localIP) {
+ try {
+ ss = new ServerSocket(port, backlog, localIP);
+ final String address = ss.getInetAddress().getHostAddress();
+ final int localPort = ss.getLocalPort();
+ log.info("Starting SOCKS Proxy on: {}:{}", address, localPort);
+
+ while (true) {
+ final Socket s = ss.accept();
+ final String hostName = s.getInetAddress().getHostName();
+ final int port2 = s.getPort();
+ log.info("Accepted from:{}:{}", hostName, port2);
+
+ final ProxyServer ps = new ProxyServer(auth, s);
+ (new Thread(ps)).start();
+ }
+ } catch (final IOException ioe) {
+ ioe.printStackTrace();
+ } finally {
+ }
+ }
+
+ /**
+ * Stop server operation.It would be wise to interrupt thread running the
+ * server afterwards.
+ */
+ public void stop() {
+ try {
+ if (ss != null) {
+ ss.close();
+ }
+ } catch (final IOException ioe) {
+ }
+ }
+
+ // Runnable interface
+ // //////////////////
+ public void run() {
+ switch (mode) {
+ case START_MODE:
+ try {
+ startSession();
+ } catch (final IOException ioe) {
+ handleException(ioe);
+ // ioe.printStackTrace();
+ } finally {
+ abort();
+ if (auth != null) {
+ auth.endSession();
+ }
+ log.info("Main thread(client->remote)stopped.");
+ }
+ break;
+ case ACCEPT_MODE:
+ try {
+ doAccept();
+ mode = PIPE_MODE;
+ pipe_thread1.interrupt(); // Tell other thread that connection
+ // have
+ // been accepted.
+ pipe(remote_in, out);
+ } catch (final IOException ioe) {
+ // log("Accept exception:"+ioe);
+ handleException(ioe);
+ } finally {
+ abort();
+ log.info("Accept thread(remote->client) stopped");
+ }
+ break;
+ case PIPE_MODE:
+ try {
+ pipe(remote_in, out);
+ } catch (final IOException ioe) {
+ } finally {
+ abort();
+ log.info("Support thread(remote->client) stopped");
+ }
+ break;
+ case ABORT_MODE:
+ break;
+ default:
+ log.warn("Unexpected MODE " + mode);
+ }
+ }
+
+ // Private methods
+ // ///////////////
+ private void startSession() throws IOException {
+ sock.setSoTimeout(iddleTimeout);
+
+ try {
+ auth = auth.startSession(sock);
+ } catch (final IOException ioe) {
+ log.warn("Auth throwed exception:", ioe);
+ auth = null;
+ return;
+ }
+
+ if (auth == null) { // Authentication failed
+ log.info("Authentication failed");
+ return;
+ }
+
+ in = auth.getInputStream();
+ out = auth.getOutputStream();
+
+ msg = readMsg(in);
+ handleRequest(msg);
+ }
+
+ private void handleRequest(final ProxyMessage msg) throws IOException {
+ if (!auth.checkRequest(msg)) {
+ throw new SocksException(SocksProxyBase.SOCKS_FAILURE);
+ }
+
+ if (msg.ip == null) {
+ if (msg instanceof Socks5Message) {
+ msg.ip = InetAddress.getByName(msg.host);
+ } else {
+ throw new SocksException(SocksProxyBase.SOCKS_FAILURE);
+ }
+ }
+ log(msg);
+
+ switch (msg.command) {
+ case SocksProxyBase.SOCKS_CMD_CONNECT:
+ onConnect(msg);
+ break;
+ case SocksProxyBase.SOCKS_CMD_BIND:
+ onBind(msg);
+ break;
+ case SocksProxyBase.SOCKS_CMD_UDP_ASSOCIATE:
+ onUDP(msg);
+ break;
+ default:
+ throw new SocksException(SocksProxyBase.SOCKS_CMD_NOT_SUPPORTED);
+ }
+ }
+
+ private void handleException(final IOException ioe) {
+ // If we couldn't read the request, return;
+ if (msg == null) {
+ return;
+ }
+ // If have been aborted by other thread
+ if (mode == ABORT_MODE) {
+ return;
+ }
+ // If the request was successfully completed, but exception happened
+ // later
+ if (mode == PIPE_MODE) {
+ return;
+ }
+
+ int error_code = SocksProxyBase.SOCKS_FAILURE;
+
+ if (ioe instanceof SocksException) {
+ error_code = ((SocksException) ioe).errCode;
+ } else if (ioe instanceof NoRouteToHostException) {
+ error_code = SocksProxyBase.SOCKS_HOST_UNREACHABLE;
+ } else if (ioe instanceof ConnectException) {
+ error_code = SocksProxyBase.SOCKS_CONNECTION_REFUSED;
+ } else if (ioe instanceof InterruptedIOException) {
+ error_code = SocksProxyBase.SOCKS_TTL_EXPIRE;
+ }
+
+ if ((error_code > SocksProxyBase.SOCKS_ADDR_NOT_SUPPORTED)
+ || (error_code < 0)) {
+ error_code = SocksProxyBase.SOCKS_FAILURE;
+ }
+
+ sendErrorMessage(error_code);
+ }
+
+ private void onConnect(final ProxyMessage msg) throws IOException {
+ Socket s;
+
+ if (proxy == null) {
+ //s = new Socket(msg.ip, msg.port);
+
+ s= SocketChannel.open().socket();
+ if ((null != s) && (null != vpnService)) {
+ vpnService.protect(s);
+ }
+
+ s.connect(new InetSocketAddress(msg.ip,msg.port));
+
+ } else {
+ s = new SocksSocket(proxy, msg.ip, msg.port);
+ }
+
+ if (vpnService != null)
+ vpnService.protect(s);
+
+ log.info("Connected to " + s.getInetAddress() + ":" + s.getPort());
+
+ ProxyMessage response = null;
+ final InetAddress localAddress = s.getLocalAddress();
+ final int localPort = s.getLocalPort();
+
+ if (msg instanceof Socks5Message) {
+ final int cmd = SocksProxyBase.SOCKS_SUCCESS;
+ response = new Socks5Message(cmd, localAddress, localPort);
+ } else {
+ final int cmd = Socks4Message.REPLY_OK;
+ response = new Socks4Message(cmd, localAddress, localPort);
+
+ }
+ response.write(out);
+ startPipe(s);
+ }
+
+ private void onBind(final ProxyMessage msg) throws IOException {
+ ProxyMessage response = null;
+
+ if (proxy == null) {
+ ss = new ServerSocket(0);
+ } else {
+ ss = new SocksServerSocket(proxy, msg.ip, msg.port);
+ }
+
+ ss.setSoTimeout(acceptTimeout);
+
+ final InetAddress inetAddress = ss.getInetAddress();
+ final int localPort = ss.getLocalPort();
+ log.info("Trying accept on {}:{}", inetAddress, localPort);
+
+ if (msg.version == 5) {
+ final int cmd = SocksProxyBase.SOCKS_SUCCESS;
+ response = new Socks5Message(cmd, inetAddress, localPort);
+ } else {
+ final int cmd = Socks4Message.REPLY_OK;
+ response = new Socks4Message(cmd, inetAddress, localPort);
+ }
+ response.write(out);
+
+ mode = ACCEPT_MODE;
+
+ pipe_thread1 = Thread.currentThread();
+ pipe_thread2 = new Thread(this);
+ pipe_thread2.start();
+
+ // Make timeout infinit.
+ sock.setSoTimeout(0);
+ int eof = 0;
+
+ try {
+ while ((eof = in.read()) >= 0) {
+ if (mode != ACCEPT_MODE) {
+ if (mode != PIPE_MODE) {
+ return;// Accept failed
+ }
+
+ remote_out.write(eof);
+ break;
+ }
+ }
+ } catch (final EOFException e) {
+ log.debug("Connection closed while we were trying to accept", e);
+ return;
+ } catch (final InterruptedIOException e) {
+ log.debug("Interrupted by unsucessful accept thread", e);
+ if (mode != PIPE_MODE) {
+ return;
+ }
+ } finally {
+ // System.out.println("Finnaly!");
+ }
+
+ if (eof < 0) {
+ return;
+ }
+
+ // Do not restore timeout, instead timeout is set on the
+ // remote socket. It does not make any difference.
+
+ pipe(in, remote_out);
+ }
+
+ private void onUDP(final ProxyMessage msg) throws IOException {
+ if (msg.ip.getHostAddress().equals("0.0.0.0")) {
+ msg.ip = sock.getInetAddress();
+ }
+ log.info("Creating UDP relay server for {}:{}", msg.ip, msg.port);
+
+ relayServer = new UDPRelayServer(msg.ip, msg.port,
+ Thread.currentThread(), sock, auth);
+
+ ProxyMessage response;
+
+ response = new Socks5Message(SocksProxyBase.SOCKS_SUCCESS,
+ relayServer.relayIP, relayServer.relayPort);
+
+ response.write(out);
+
+ relayServer.start();
+
+ // Make timeout infinit.
+ sock.setSoTimeout(0);
+ try {
+ while (in.read() >= 0) {
+ /* do nothing */;
+ // FIXME: Consider a slight delay here?
+ }
+ } catch (final EOFException eofe) {
+ }
+ }
+
+ // Private methods
+ // ////////////////
+
+ private void doAccept() throws IOException {
+ Socket s = null;
+ final long startTime = System.currentTimeMillis();
+
+ while (true) {
+ s = ss.accept();
+ if (s.getInetAddress().equals(msg.ip)) {
+ // got the connection from the right host
+ // Close listenning socket.
+ ss.close();
+ break;
+ } else if (ss instanceof SocksServerSocket) {
+ // We can't accept more then one connection
+ s.close();
+ ss.close();
+ throw new SocksException(SocksProxyBase.SOCKS_FAILURE);
+ } else {
+ if (acceptTimeout != 0) { // If timeout is not infinit
+ final long passed = System.currentTimeMillis() - startTime;
+ final int newTimeout = acceptTimeout - (int) passed;
+
+ if (newTimeout <= 0) {
+ throw new InterruptedIOException("newTimeout <= 0");
+ }
+ ss.setSoTimeout(newTimeout);
+ }
+ s.close(); // Drop all connections from other hosts
+ }
+ }
+
+ // Accepted connection
+ remote_sock = s;
+ remote_in = s.getInputStream();
+ remote_out = s.getOutputStream();
+
+ // Set timeout
+ remote_sock.setSoTimeout(iddleTimeout);
+
+ final InetAddress inetAddress = s.getInetAddress();
+ final int port = s.getPort();
+ log.info("Accepted from {}:{}", s.getInetAddress(), port);
+
+ ProxyMessage response;
+
+ if (msg.version == 5) {
+ final int cmd = SocksProxyBase.SOCKS_SUCCESS;
+ response = new Socks5Message(cmd, inetAddress, port);
+ } else {
+ final int cmd = Socks4Message.REPLY_OK;
+ response = new Socks4Message(cmd, inetAddress, port);
+ }
+ response.write(out);
+ }
+
+ private ProxyMessage readMsg(final InputStream in) throws IOException {
+ PushbackInputStream push_in;
+ if (in instanceof PushbackInputStream) {
+ push_in = (PushbackInputStream) in;
+ } else {
+ push_in = new PushbackInputStream(in);
+ }
+
+ final int version = push_in.read();
+ push_in.unread(version);
+
+ ProxyMessage msg;
+
+ if (version == 5) {
+ msg = new Socks5Message(push_in, false);
+ } else if (version == 4) {
+ msg = new Socks4Message(push_in, false);
+ } else {
+ throw new SocksException(SocksProxyBase.SOCKS_FAILURE);
+ }
+ return msg;
+ }
+
+ private void startPipe(final Socket s) {
+ mode = PIPE_MODE;
+ remote_sock = s;
+ try {
+ remote_in = s.getInputStream();
+ remote_out = s.getOutputStream();
+ pipe_thread1 = Thread.currentThread();
+ pipe_thread2 = new Thread(this);
+ pipe_thread2.start();
+ pipe(in, remote_out);
+ } catch (final IOException ioe) {
+ }
+ }
+
+ private void sendErrorMessage(final int error_code) {
+ ProxyMessage err_msg;
+ if (msg instanceof Socks4Message) {
+ err_msg = new Socks4Message(Socks4Message.REPLY_REJECTED);
+ } else {
+ err_msg = new Socks5Message(error_code);
+ }
+ try {
+ err_msg.write(out);
+ } catch (final IOException ioe) {
+ }
+ }
+
+ private synchronized void abort() {
+ if (mode == ABORT_MODE) {
+ return;
+ }
+ mode = ABORT_MODE;
+ try {
+ log.info("Aborting operation");
+ if (remote_sock != null) {
+ remote_sock.close();
+ }
+ if (sock != null) {
+ sock.close();
+ }
+ if (relayServer != null) {
+ relayServer.stop();
+ }
+ if (ss != null) {
+ ss.close();
+ }
+ if (pipe_thread1 != null) {
+ pipe_thread1.interrupt();
+ }
+ if (pipe_thread2 != null) {
+ pipe_thread2.interrupt();
+ }
+ } catch (final IOException ioe) {
+ }
+ }
+
+ static final void log(final ProxyMessage msg) {
+ log.debug("Request version: {}, Command: ", msg.version,
+ command2String(msg.command));
+
+ final String user = msg.version == 4 ? ", User:" + msg.user : "";
+ log.debug("IP:" + msg.ip + ", Port:" + msg.port + user);
+ }
+
+ private void pipe(final InputStream in, final OutputStream out)
+ throws IOException {
+ lastReadTime = System.currentTimeMillis();
+ final byte[] buf = new byte[BUF_SIZE];
+ int len = 0;
+ while (len >= 0) {
+ try {
+ if (len != 0) {
+ out.write(buf, 0, len);
+ out.flush();
+ }
+ len = in.read(buf);
+ lastReadTime = System.currentTimeMillis();
+ } catch (final InterruptedIOException iioe) {
+ if (iddleTimeout == 0) {
+ return;// Other thread interrupted us.
+ }
+ final long timeSinceRead = System.currentTimeMillis()
+ - lastReadTime;
+
+ if (timeSinceRead >= iddleTimeout - 1000) {
+ return;
+ }
+ len = 0;
+
+ }
+ }
+ }
+
+ static final String command_names[] = { "CONNECT", "BIND", "UDP_ASSOCIATE" };
+
+ static final String command2String(int cmd) {
+ if ((cmd > 0) && (cmd < 4)) {
+ return command_names[cmd - 1];
+ } else {
+ return "Unknown Command " + cmd;
+ }
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/Socks4Message.java b/src/com/runjva/sourceforge/jsocks/protocol/Socks4Message.java
new file mode 100644
index 0000000..484ad96
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/Socks4Message.java
@@ -0,0 +1,167 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+
+/**
+ * SOCKS4 Reply/Request message.
+ */
+
+class Socks4Message extends ProxyMessage {
+
+ private byte[] msgBytes;
+ private int msgLength;
+
+ /**
+ * Server failed reply, cmd command for failed request
+ */
+ public Socks4Message(final int cmd) {
+ super(cmd, null, 0);
+ this.user = null;
+
+ msgLength = 2;
+ msgBytes = new byte[2];
+
+ msgBytes[0] = (byte) 0;
+ msgBytes[1] = (byte) command;
+ }
+
+ /**
+ * Server successfull reply
+ */
+ public Socks4Message(final int cmd, final InetAddress ip, final int port) {
+ this(0, cmd, ip, port, null);
+ }
+
+ /**
+ * Client request
+ */
+ public Socks4Message(final int cmd, final InetAddress ip, final int port,
+ final String user) {
+ this(SOCKS_VERSION, cmd, ip, port, user);
+ }
+
+ /**
+ * Most general constructor
+ */
+ public Socks4Message(final int version, final int cmd,
+ final InetAddress ip, final int port, final String user) {
+
+ super(cmd, ip, port);
+ this.user = user;
+ this.version = version;
+
+ msgLength = user == null ? 8 : 9 + user.length();
+ msgBytes = new byte[msgLength];
+
+ msgBytes[0] = (byte) version;
+ msgBytes[1] = (byte) command;
+ msgBytes[2] = (byte) (port >> 8);
+ msgBytes[3] = (byte) port;
+
+ byte[] addr;
+
+ if (ip != null) {
+ addr = ip.getAddress();
+ } else {
+ addr = new byte[4];
+ addr[0] = addr[1] = addr[2] = addr[3] = 0;
+ }
+ System.arraycopy(addr, 0, msgBytes, 4, 4);
+
+ if (user != null) {
+ final byte[] buf = user.getBytes();
+ System.arraycopy(buf, 0, msgBytes, 8, buf.length);
+ msgBytes[msgBytes.length - 1] = 0;
+ }
+ }
+
+ /**
+ * Initialise from the stream If clientMode is true attempts to read a
+ * server response otherwise reads a client request see read for more detail
+ */
+ public Socks4Message(final InputStream in, final boolean clientMode)
+ throws IOException {
+ msgBytes = null;
+ read(in, clientMode);
+ }
+
+ public void read(final InputStream in) throws IOException {
+ read(in, true);
+ }
+
+ public void read(final InputStream in, final boolean clientMode)
+ throws IOException {
+ final DataInputStream d_in = new DataInputStream(in);
+ version = d_in.readUnsignedByte();
+ command = d_in.readUnsignedByte();
+ if (clientMode && (command != REPLY_OK)) {
+ String errMsg;
+ // FIXME: Range should be replaced with cases.
+ if ((command > REPLY_OK) && (command < REPLY_BAD_IDENTD)) {
+ errMsg = replyMessage[command - REPLY_OK];
+ } else {
+ errMsg = "Unknown Reply Code";
+ }
+ throw new SocksException(command, errMsg);
+ }
+ port = d_in.readUnsignedShort();
+ final byte[] addr = new byte[4];
+ d_in.readFully(addr);
+ ip = bytes2IP(addr);
+ host = ip.getHostName();
+ if (!clientMode) {
+ int b = in.read();
+ // FIXME: Hope there are no idiots with user name bigger than this
+ final byte[] userBytes = new byte[256];
+ int i = 0;
+ for (i = 0; (i < userBytes.length) && (b > 0); ++i) {
+ userBytes[i] = (byte) b;
+ b = in.read();
+ }
+ user = new String(userBytes, 0, i);
+ }
+ }
+
+ public void write(final OutputStream out) throws IOException {
+ if (msgBytes == null) {
+ final Socks4Message msg;
+ msg = new Socks4Message(version, command, ip, port, user);
+ msgBytes = msg.msgBytes;
+ msgLength = msg.msgLength;
+ }
+ out.write(msgBytes);
+ }
+
+ // Class methods
+ static InetAddress bytes2IP(final byte[] addr) {
+ final String s = bytes2IPV4(addr, 0);
+ try {
+ return InetAddress.getByName(s);
+ } catch (final UnknownHostException uh_ex) {
+ return null;
+ }
+ }
+
+ // Constants
+
+ static final String[] replyMessage = { "Request Granted",
+ "Request Rejected or Failed",
+ "Failed request, can't connect to Identd",
+ "Failed request, bad user name" };
+
+ static final int SOCKS_VERSION = 4;
+
+ public final static int REQUEST_CONNECT = 1;
+ public final static int REQUEST_BIND = 2;
+
+ public final static int REPLY_OK = 90;
+ public final static int REPLY_REJECTED = 91;
+ public final static int REPLY_NO_CONNECT = 92;
+ public final static int REPLY_BAD_IDENTD = 93;
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/Socks4Proxy.java b/src/com/runjva/sourceforge/jsocks/protocol/Socks4Proxy.java
new file mode 100644
index 0000000..5850b5e
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/Socks4Proxy.java
@@ -0,0 +1,144 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+
+/**
+ * Proxy which describes SOCKS4 proxy.
+ */
+
+public class Socks4Proxy extends SocksProxyBase implements Cloneable {
+
+ // Data members
+ String user;
+
+ // Public Constructors
+ // ====================
+
+ /**
+ * Creates the SOCKS4 proxy
+ *
+ * @param p
+ * Proxy to use to connect to this proxy, allows proxy chaining.
+ * @param proxyHost
+ * Address of the proxy server.
+ * @param proxyPort
+ * Port of the proxy server
+ * @param user
+ * User name to use for identification purposes.
+ * @throws UnknownHostException
+ * If proxyHost can't be resolved.
+ */
+ public Socks4Proxy(SocksProxyBase p, String proxyHost, int proxyPort,
+ String user) throws UnknownHostException {
+ super(p, proxyHost, proxyPort);
+ this.user = new String(user);
+ version = 4;
+ }
+
+ /**
+ * Creates the SOCKS4 proxy
+ *
+ * @param proxyHost
+ * Address of the proxy server.
+ * @param proxyPort
+ * Port of the proxy server
+ * @param user
+ * User name to use for identification purposes.
+ * @throws UnknownHostException
+ * If proxyHost can't be resolved.
+ */
+ public Socks4Proxy(String proxyHost, int proxyPort, String user)
+ throws UnknownHostException {
+ this(null, proxyHost, proxyPort, user);
+ }
+
+ /**
+ * Creates the SOCKS4 proxy
+ *
+ * @param p
+ * Proxy to use to connect to this proxy, allows proxy chaining.
+ * @param proxyIP
+ * Address of the proxy server.
+ * @param proxyPort
+ * Port of the proxy server
+ * @param user
+ * User name to use for identification purposes.
+ */
+ public Socks4Proxy(SocksProxyBase p, InetAddress proxyIP, int proxyPort,
+ String user) {
+ super(p, proxyIP, proxyPort);
+ this.user = new String(user);
+ version = 4;
+ }
+
+ /**
+ * Creates the SOCKS4 proxy
+ *
+ * @param proxyIP
+ * Address of the proxy server.
+ * @param proxyPort
+ * Port of the proxy server
+ * @param user
+ * User name to use for identification purposes.
+ */
+ public Socks4Proxy(InetAddress proxyIP, int proxyPort, String user) {
+ this(null, proxyIP, proxyPort, user);
+ }
+
+ // Public instance methods
+ // ========================
+
+ /**
+ * Creates a clone of this proxy. Changes made to the clone should not
+ * affect this object.
+ */
+ public Object clone() {
+ final Socks4Proxy newProxy = new Socks4Proxy(proxyIP, proxyPort, user);
+ newProxy.directHosts = (InetRange) directHosts.clone();
+ newProxy.chainProxy = chainProxy;
+ return newProxy;
+ }
+
+ // Public Static(Class) Methods
+ // ==============================
+
+ // Protected Methods
+ // =================
+
+ protected SocksProxyBase copy() {
+ final Socks4Proxy copy = new Socks4Proxy(proxyIP, proxyPort, user);
+ copy.directHosts = this.directHosts;
+ copy.chainProxy = chainProxy;
+ return copy;
+ }
+
+ protected ProxyMessage formMessage(int cmd, InetAddress ip, int port) {
+ switch (cmd) {
+ case SOCKS_CMD_CONNECT:
+ cmd = Socks4Message.REQUEST_CONNECT;
+ break;
+ case SOCKS_CMD_BIND:
+ cmd = Socks4Message.REQUEST_BIND;
+ break;
+ default:
+ return null;
+ }
+ return new Socks4Message(cmd, ip, port, user);
+ }
+
+ protected ProxyMessage formMessage(int cmd, String host, int port)
+ throws UnknownHostException {
+
+ return formMessage(cmd, InetAddress.getByName(host), port);
+ }
+
+ protected ProxyMessage formMessage(InputStream in) throws SocksException,
+ IOException {
+
+ return new Socks4Message(in, true);
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/Socks5DatagramSocket.java b/src/com/runjva/sourceforge/jsocks/protocol/Socks5DatagramSocket.java
new file mode 100644
index 0000000..6dcaf44
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/Socks5DatagramSocket.java
@@ -0,0 +1,485 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InterruptedIOException;
+import java.net.DatagramPacket;
+import java.net.DatagramSocket;
+import java.net.InetAddress;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Datagram socket to interract through the firewall.<BR>
+ * Can be used same way as the normal DatagramSocket. One should be carefull
+ * though with the datagram sizes used, as additional data is present in both
+ * incomming and outgoing datagrams.
+ * <p>
+ * SOCKS5 protocol allows to send host address as either:
+ * <ul>
+ * <li>IPV4, normal 4 byte address. (10 bytes header size)
+ * <li>IPV6, version 6 ip address (not supported by Java as for now). 22 bytes
+ * header size.
+ * <li>Host name,(7+length of the host name bytes header size).
+ * </ul>
+ * As with other Socks equivalents, direct addresses are handled transparently,
+ * that is data will be send directly when required by the proxy settings.
+ * <p>
+ * <b>NOTE:</b><br>
+ * Unlike other SOCKS Sockets, it <b>does not</b> support proxy chaining, and
+ * will throw an exception if proxy has a chain proxy attached. The reason for
+ * that is not my laziness, but rather the restrictions of the SOCKSv5 protocol.
+ * Basicaly SOCKSv5 proxy server, needs to know from which host:port datagrams
+ * will be send for association, and returns address to which datagrams should
+ * be send by the client, but it does not inform client from which host:port it
+ * is going to send datagrams, in fact there is even no guarantee they will be
+ * send at all and from the same address each time.
+ */
+public class Socks5DatagramSocket extends DatagramSocket {
+
+ InetAddress relayIP;
+ int relayPort;
+ Socks5Proxy proxy;
+ private boolean server_mode = false;
+ UDPEncapsulation encapsulation;
+
+ private Logger log = LoggerFactory.getLogger(Socks5DatagramSocket.class);
+
+ /**
+ * Construct Datagram socket for communication over SOCKS5 proxy server.
+ * This constructor uses default proxy, the one set with
+ * Proxy.setDefaultProxy() method. If default proxy is not set or it is set
+ * to version4 proxy, which does not support datagram forwarding, throws
+ * SocksException.
+ */
+ public Socks5DatagramSocket() throws SocksException, IOException {
+ this(SocksProxyBase.defaultProxy, 0, null);
+ }
+
+ /**
+ * Construct Datagram socket for communication over SOCKS5 proxy server. And
+ * binds it to the specified local port. This constructor uses default
+ * proxy, the one set with Proxy.setDefaultProxy() method. If default proxy
+ * is not set or it is set to version4 proxy, which does not support
+ * datagram forwarding, throws SocksException.
+ */
+ public Socks5DatagramSocket(int port) throws SocksException, IOException {
+ this(SocksProxyBase.defaultProxy, port, null);
+ }
+
+ /**
+ * Construct Datagram socket for communication over SOCKS5 proxy server. And
+ * binds it to the specified local port and address. This constructor uses
+ * default proxy, the one set with Proxy.setDefaultProxy() method. If
+ * default proxy is not set or it is set to version4 proxy, which does not
+ * support datagram forwarding, throws SocksException.
+ */
+ public Socks5DatagramSocket(int port, InetAddress ip)
+ throws SocksException, IOException {
+ this(SocksProxyBase.defaultProxy, port, ip);
+ }
+
+ /**
+ * Constructs datagram socket for communication over specified proxy. And
+ * binds it to the given local address and port. Address of null and port of
+ * 0, signify any availabale port/address. Might throw SocksException, if:
+ * <ol>
+ * <li>Given version of proxy does not support UDP_ASSOCIATE.
+ * <li>Proxy can't be reached.
+ * <li>Authorization fails.
+ * <li>Proxy does not want to perform udp forwarding, for any reason.
+ * </ol>
+ * Might throw IOException if binding datagram socket to given address/port
+ * fails. See java.net.DatagramSocket for more details.
+ */
+ public Socks5DatagramSocket(SocksProxyBase p, int port, InetAddress ip)
+ throws SocksException, IOException {
+
+ super(port, ip);
+
+ if (p == null) {
+ throw new SocksException(SocksProxyBase.SOCKS_NO_PROXY);
+ }
+
+ if (!(p instanceof Socks5Proxy)) {
+ final String s = "Datagram Socket needs Proxy version 5";
+ throw new SocksException(-1, s);
+ }
+
+ if (p.chainProxy != null) {
+ final String s = "Datagram Sockets do not support proxy chaining.";
+ throw new SocksException(SocksProxyBase.SOCKS_JUST_ERROR, s);
+ }
+
+ proxy = (Socks5Proxy) p.copy();
+
+ final ProxyMessage msg = proxy.udpAssociate(super.getLocalAddress(),
+ super.getLocalPort());
+
+ relayIP = msg.ip;
+ if (relayIP.getHostAddress().equals("0.0.0.0")) {
+ // FIXME: What happens here?
+ relayIP = proxy.proxyIP;
+ }
+ relayPort = msg.port;
+
+ encapsulation = proxy.udp_encapsulation;
+
+ log.debug("Datagram Socket:{}:{}", getLocalAddress(), getLocalPort());
+ log.debug("Socks5Datagram: {}:{}", relayIP, relayPort);
+ }
+
+ /**
+ * Used by UDPRelayServer.
+ */
+ Socks5DatagramSocket(boolean server_mode, UDPEncapsulation encapsulation,
+ InetAddress relayIP, int relayPort) throws IOException {
+ super();
+ this.server_mode = server_mode;
+ this.relayIP = relayIP;
+ this.relayPort = relayPort;
+ this.encapsulation = encapsulation;
+ this.proxy = null;
+ }
+
+ /**
+ * Sends the Datagram either through the proxy or directly depending on
+ * current proxy settings and destination address. <BR>
+ *
+ * <B> NOTE: </B> DatagramPacket size should be at least 10 bytes less than
+ * the systems limit.
+ *
+ * <P>
+ * See documentation on java.net.DatagramSocket for full details on how to
+ * use this method.
+ *
+ * @param dp
+ * Datagram to send.
+ * @throws IOException
+ * If error happens with I/O.
+ */
+ public void send(DatagramPacket dp) throws IOException {
+ // If the host should be accessed directly, send it as is.
+ if (!server_mode && proxy.isDirect(dp.getAddress())) {
+ super.send(dp);
+ log.debug("Sending datagram packet directly:");
+ return;
+ }
+
+ final byte[] head = formHeader(dp.getAddress(), dp.getPort());
+ byte[] buf = new byte[head.length + dp.getLength()];
+ final byte[] data = dp.getData();
+
+ // Merge head and data
+ System.arraycopy(head, 0, buf, 0, head.length);
+ // System.arraycopy(data,dp.getOffset(),buf,head.length,dp.getLength());
+ System.arraycopy(data, 0, buf, head.length, dp.getLength());
+
+ if (encapsulation != null) {
+ buf = encapsulation.udpEncapsulate(buf, true);
+ }
+
+ super.send(new DatagramPacket(buf, buf.length, relayIP, relayPort));
+ }
+
+ /**
+ * This method allows to send datagram packets with address type DOMAINNAME.
+ * SOCKS5 allows to specify host as names rather than ip addresses.Using
+ * this method one can send udp datagrams through the proxy, without having
+ * to know the ip address of the destination host.
+ * <p>
+ * If proxy specified for that socket has an option resolveAddrLocally set
+ * to true host will be resolved, and the datagram will be send with address
+ * type IPV4, if resolve fails, UnknownHostException is thrown.
+ *
+ * @param dp
+ * Datagram to send, it should contain valid port and data
+ * @param host
+ * Host name to which datagram should be send.
+ * @throws IOException
+ * If error happens with I/O, or the host can't be resolved when
+ * proxy settings say that hosts should be resolved locally.
+ * @see Socks5Proxy#resolveAddrLocally(boolean)
+ */
+ public void send(DatagramPacket dp, String host) throws IOException {
+ if (proxy.isDirect(host)) {
+ dp.setAddress(InetAddress.getByName(host));
+ super.send(dp);
+ return;
+ }
+
+ if ((proxy).resolveAddrLocally) {
+ dp.setAddress(InetAddress.getByName(host));
+ }
+
+ final byte[] head = formHeader(host, dp.getPort());
+ byte[] buf = new byte[head.length + dp.getLength()];
+ final byte[] data = dp.getData();
+ // Merge head and data
+ System.arraycopy(head, 0, buf, 0, head.length);
+ // System.arraycopy(data,dp.getOffset(),buf,head.length,dp.getLength());
+ System.arraycopy(data, 0, buf, head.length, dp.getLength());
+
+ if (encapsulation != null) {
+ buf = encapsulation.udpEncapsulate(buf, true);
+ }
+
+ super.send(new DatagramPacket(buf, buf.length, relayIP, relayPort));
+ }
+
+ /**
+ * Receives udp packet. If packet have arrived from the proxy relay server,
+ * it is processed and address and port of the packet are set to the address
+ * and port of sending host.<BR>
+ * If the packet arrived from anywhere else it is not changed.<br>
+ * <B> NOTE: </B> DatagramPacket size should be at least 10 bytes bigger
+ * than the largest packet you expect (this is for IPV4 addresses). For
+ * hostnames and IPV6 it is even more.
+ *
+ * @param dp
+ * Datagram in which all relevent information will be copied.
+ */
+ public void receive(DatagramPacket dp) throws IOException {
+ super.receive(dp);
+
+ if (server_mode) {
+ // Drop all datagrams not from relayIP/relayPort
+ final int init_length = dp.getLength();
+ final int initTimeout = getSoTimeout();
+ final long startTime = System.currentTimeMillis();
+
+ while (!relayIP.equals(dp.getAddress())
+ || (relayPort != dp.getPort())) {
+
+ // Restore datagram size
+ dp.setLength(init_length);
+
+ // If there is a non-infinit timeout on this socket
+ // Make sure that it happens no matter how often unexpected
+ // packets arrive.
+ if (initTimeout != 0) {
+ final long passed = System.currentTimeMillis() - startTime;
+ final int newTimeout = initTimeout - (int) passed;
+
+ if (newTimeout <= 0) {
+ throw new InterruptedIOException(
+ "In Socks5DatagramSocket->receive()");
+ }
+ setSoTimeout(newTimeout);
+ }
+
+ super.receive(dp);
+ }
+
+ // Restore timeout settings
+ if (initTimeout != 0) {
+ setSoTimeout(initTimeout);
+ }
+
+ } else if (!relayIP.equals(dp.getAddress())
+ || (relayPort != dp.getPort())) {
+ return; // Recieved direct packet
+ // If the datagram is not from the relay server, return it it as is.
+ }
+
+ byte[] data;
+ data = dp.getData();
+
+ if (encapsulation != null) {
+ data = encapsulation.udpEncapsulate(data, false);
+ }
+
+ // FIXME: What is this?
+ final int offset = 0; // Java 1.1
+ // int offset = dp.getOffset(); //Java 1.2
+
+ final ByteArrayInputStream bIn = new ByteArrayInputStream(data, offset,
+ dp.getLength());
+
+ final ProxyMessage msg = new Socks5Message(bIn);
+ dp.setPort(msg.port);
+ dp.setAddress(msg.getInetAddress());
+
+ // what wasn't read by the Message is the data
+ final int data_length = bIn.available();
+ // Shift data to the left
+ System.arraycopy(data, offset + dp.getLength() - data_length, data,
+ offset, data_length);
+
+ dp.setLength(data_length);
+ }
+
+ /**
+ * Returns port assigned by the proxy, to which datagrams are relayed. It is
+ * not the same port to which other party should send datagrams.
+ *
+ * @return Port assigned by socks server to which datagrams are send for
+ * association.
+ */
+ public int getLocalPort() {
+ if (server_mode) {
+ return super.getLocalPort();
+ }
+ return relayPort;
+ }
+
+ /**
+ * Address assigned by the proxy, to which datagrams are send for relay. It
+ * is not necesseraly the same address, to which other party should send
+ * datagrams.
+ *
+ * @return Address to which datagrams are send for association.
+ */
+ public InetAddress getLocalAddress() {
+ if (server_mode) {
+ return super.getLocalAddress();
+ }
+ return relayIP;
+ }
+
+ /**
+ * Closes datagram socket, and proxy connection.
+ */
+ public void close() {
+ if (!server_mode) {
+ proxy.endSession();
+ }
+ super.close();
+ }
+
+ /**
+ * This method checks wether proxy still runs udp forwarding service for
+ * this socket.
+ * <p>
+ * This methods checks wether the primary connection to proxy server is
+ * active. If it is, chances are that proxy continues to forward datagrams
+ * being send from this socket. If it was closed, most likely datagrams are
+ * no longer being forwarded by the server.
+ * <p>
+ * Proxy might decide to stop forwarding datagrams, in which case it should
+ * close primary connection. This method allows to check, wether this have
+ * been done.
+ * <p>
+ * You can specify timeout for which we should be checking EOF condition on
+ * the primary connection. Timeout is in milliseconds. Specifying 0 as
+ * timeout implies infinity, in which case method will block, until
+ * connection to proxy is closed or an error happens, and then return false.
+ * <p>
+ * One possible scenario is to call isProxyactive(0) in separate thread, and
+ * once it returned notify other threads about this event.
+ *
+ * @param timeout
+ * For how long this method should block, before returning.
+ * @return true if connection to proxy is active, false if eof or error
+ * condition have been encountered on the connection.
+ */
+ public boolean isProxyAlive(int timeout) {
+ if (server_mode) {
+ return false;
+ }
+ if (proxy != null) {
+ try {
+ proxy.proxySocket.setSoTimeout(timeout);
+
+ final int eof = proxy.in.read();
+ if (eof < 0) {
+ return false; // EOF encountered.
+ } else {
+ log.warn("This really should not happen");
+ return true; // This really should not happen
+ }
+
+ } catch (final InterruptedIOException iioe) {
+ return true; // read timed out.
+ } catch (final IOException ioe) {
+ return false;
+ }
+ }
+ return false;
+ }
+
+ // PRIVATE METHODS
+ // ////////////////
+
+ private byte[] formHeader(InetAddress ip, int port) {
+ final Socks5Message request = new Socks5Message(0, ip, port);
+ request.data[0] = 0;
+ return request.data;
+ }
+
+ private byte[] formHeader(String host, int port) {
+ final Socks5Message request = new Socks5Message(0, host, port);
+ request.data[0] = 0;
+ return request.data;
+ }
+
+ /*
+ * ======================================================================
+ *
+ * //Mainly Test functions //////////////////////
+ *
+ * private String bytes2String(byte[] b){ String s=""; char[] hex_digit = {
+ * '0','1','2','3','4','5','6','7','8','9', 'A','B','C','D','E','F'};
+ * for(int i=0;i<b.length;++i){ int i1 = (b[i] & 0xF0) >> 4; int i2 = b[i] &
+ * 0xF; s+=hex_digit[i1]; s+=hex_digit[i2]; s+=" "; } return s; } private
+ * static final void debug(String s){ if(DEBUG) System.out.print(s); }
+ *
+ * private static final boolean DEBUG = true;
+ *
+ *
+ * public static void usage(){ System.err.print(
+ * "Usage: java Socks.SocksDatagramSocket host port [socksHost socksPort]\n"
+ * ); }
+ *
+ * static final int defaultProxyPort = 1080; //Default Port static final
+ * String defaultProxyHost = "www-proxy"; //Default proxy
+ *
+ * public static void main(String args[]){ int port; String host; int
+ * proxyPort; String proxyHost; InetAddress ip;
+ *
+ * if(args.length > 1 && args.length < 5){ try{
+ *
+ * host = args[0]; port = Integer.parseInt(args[1]);
+ *
+ * proxyPort =(args.length > 3)? Integer.parseInt(args[3]) :
+ * defaultProxyPort;
+ *
+ * host = args[0]; ip = InetAddress.getByName(host);
+ *
+ * proxyHost =(args.length > 2)? args[2] : defaultProxyHost;
+ *
+ * Proxy.setDefaultProxy(proxyHost,proxyPort); Proxy p =
+ * Proxy.getDefaultProxy(); p.addDirect("lux");
+ *
+ *
+ * DatagramSocket ds = new Socks5DatagramSocket();
+ *
+ *
+ * BufferedReader in = new BufferedReader( new
+ * InputStreamReader(System.in)); String s;
+ *
+ * System.out.print("Enter line:"); s = in.readLine();
+ *
+ * while(s != null){ byte[] data = (s+"\r\n").getBytes(); DatagramPacket dp
+ * = new DatagramPacket(data,0,data.length, ip,port);
+ * System.out.println("Sending to: "+ip+":"+port); ds.send(dp); dp = new
+ * DatagramPacket(new byte[1024],1024);
+ *
+ * System.out.println("Trying to recieve on port:"+ ds.getLocalPort());
+ * ds.receive(dp); System.out.print("Recieved:\n"+
+ * "From:"+dp.getAddress()+":"+dp.getPort()+ "\n\n"+ new
+ * String(dp.getData(),dp.getOffset(),dp.getLength())+"\n" );
+ * System.out.print("Enter line:"); s = in.readLine();
+ *
+ * } ds.close(); System.exit(1);
+ *
+ * }catch(SocksException s_ex){ System.err.println("SocksException:"+s_ex);
+ * s_ex.printStackTrace(); System.exit(1); }catch(IOException io_ex){
+ * io_ex.printStackTrace(); System.exit(1); }catch(NumberFormatException
+ * num_ex){ usage(); num_ex.printStackTrace(); System.exit(1); }
+ *
+ * }else{ usage(); } }
+ */
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/Socks5Message.java b/src/com/runjva/sourceforge/jsocks/protocol/Socks5Message.java
new file mode 100644
index 0000000..cb62938
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/Socks5Message.java
@@ -0,0 +1,330 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * SOCKS5 request/response message.
+ */
+
+class Socks5Message extends ProxyMessage {
+ /** Address type of given message */
+ public int addrType;
+
+ byte[] data;
+
+ private Logger log = LoggerFactory.getLogger(Socks5Message.class);
+
+ /**
+ * Server error response.
+ *
+ * @param cmd
+ * Error code.
+ */
+ public Socks5Message(int cmd) {
+ super(cmd, null, 0);
+ data = new byte[3];
+ data[0] = SOCKS_VERSION; // Version.
+ data[1] = (byte) cmd; // Reply code for some kind of failure.
+ data[2] = 0; // Reserved byte.
+ }
+
+ /**
+ * Construct client request or server response.
+ *
+ * @param cmd
+ * - Request/Response code.
+ * @param ip
+ * - IP field.
+ * @paarm port - port field.
+ */
+ public Socks5Message(int cmd, InetAddress ip, int port) {
+ super(cmd, ip, port);
+
+ if (ip == null) {
+ this.host = "0.0.0.0";
+ } else {
+ this.host = ip.getHostName();
+ }
+
+ this.version = SOCKS_VERSION;
+
+ byte[] addr;
+
+ if (ip == null) {
+ addr = new byte[4];
+ addr[0] = addr[1] = addr[2] = addr[3] = 0;
+ } else {
+ addr = ip.getAddress();
+ }
+
+ if (addr.length == 4) {
+ addrType = SOCKS_ATYP_IPV4;
+ } else {
+ addrType = SOCKS_ATYP_IPV6;
+ }
+
+ data = new byte[6 + addr.length];
+ data[0] = (byte) SOCKS_VERSION; // Version
+ data[1] = (byte) command; // Command
+ data[2] = (byte) 0; // Reserved byte
+ data[3] = (byte) addrType; // Address type
+
+ // Put Address
+ System.arraycopy(addr, 0, data, 4, addr.length);
+ // Put port
+ data[data.length - 2] = (byte) (port >> 8);
+ data[data.length - 1] = (byte) (port);
+ }
+
+ /**
+ * Construct client request or server response.
+ *
+ * @param cmd
+ * - Request/Response code.
+ * @param hostName
+ * - IP field as hostName, uses ADDR_TYPE of HOSTNAME.
+ * @paarm port - port field.
+ */
+ public Socks5Message(int cmd, String hostName, int port) {
+ super(cmd, null, port);
+ this.host = hostName;
+ this.version = SOCKS_VERSION;
+
+ log.debug("Doing ATYP_DOMAINNAME");
+
+ addrType = SOCKS_ATYP_DOMAINNAME;
+ final byte addr[] = hostName.getBytes();
+
+ data = new byte[7 + addr.length];
+ data[0] = (byte) SOCKS_VERSION; // Version
+ data[1] = (byte) command; // Command
+ data[2] = (byte) 0; // Reserved byte
+ data[3] = (byte) SOCKS_ATYP_DOMAINNAME; // Address type
+ data[4] = (byte) addr.length; // Length of the address
+
+ // Put Address
+ System.arraycopy(addr, 0, data, 5, addr.length);
+ // Put port
+ data[data.length - 2] = (byte) (port >> 8);
+ data[data.length - 1] = (byte) (port);
+ }
+
+ /**
+ * Initialises Message from the stream. Reads server response from given
+ * stream.
+ *
+ * @param in
+ * Input stream to read response from.
+ * @throws SocksException
+ * If server response code is not SOCKS_SUCCESS(0), or if any
+ * error with protocol occurs.
+ * @throws IOException
+ * If any error happens with I/O.
+ */
+ public Socks5Message(InputStream in) throws SocksException, IOException {
+ this(in, true);
+ }
+
+ /**
+ * Initialises Message from the stream. Reads server response or client
+ * request from given stream.
+ *
+ * @param in
+ * Input stream to read response from.
+ * @param clinetMode
+ * If true read server response, else read client request.
+ * @throws SocksException
+ * If server response code is not SOCKS_SUCCESS(0) and reading
+ * in client mode, or if any error with protocol occurs.
+ * @throws IOException
+ * If any error happens with I/O.
+ */
+ public Socks5Message(InputStream in, boolean clientMode)
+ throws SocksException, IOException {
+
+ read(in, clientMode);
+ }
+
+ /**
+ * Initialises Message from the stream. Reads server response from given
+ * stream.
+ *
+ * @param in
+ * Input stream to read response from.
+ * @throws SocksException
+ * If server response code is not SOCKS_SUCCESS(0), or if any
+ * error with protocol occurs.
+ * @throws IOException
+ * If any error happens with I/O.
+ */
+ public void read(InputStream in) throws SocksException, IOException {
+ read(in, true);
+ }
+
+ /**
+ * Initialises Message from the stream. Reads server response or client
+ * request from given stream.
+ *
+ * @param in
+ * Input stream to read response from.
+ * @param clinetMode
+ * If true read server response, else read client request.
+ * @throws SocksException
+ * If server response code is not SOCKS_SUCCESS(0) and reading
+ * in client mode, or if any error with protocol occurs.
+ * @throws IOException
+ * If any error happens with I/O.
+ */
+ public void read(InputStream in, boolean clientMode) throws SocksException,
+ IOException {
+
+ data = null;
+ ip = null;
+
+ final DataInputStream di = new DataInputStream(in);
+
+ version = di.readUnsignedByte();
+ command = di.readUnsignedByte();
+
+ if (clientMode && (command != 0)) {
+ throw new SocksException(command);
+ }
+
+ di.readUnsignedByte();
+ addrType = di.readUnsignedByte();
+
+ byte addr[];
+
+ switch (addrType) {
+ case SOCKS_ATYP_IPV4:
+ addr = new byte[4];
+ di.readFully(addr);
+ host = bytes2IPV4(addr, 0);
+ break;
+ case SOCKS_ATYP_IPV6:
+ addr = new byte[SOCKS_IPV6_LENGTH];// I believe it is 16 bytes,huge!
+ di.readFully(addr);
+ host = bytes2IPV6(addr, 0);
+ break;
+ case SOCKS_ATYP_DOMAINNAME:
+ log.debug("Reading ATYP_DOMAINNAME");
+ addr = new byte[di.readUnsignedByte()];// Next byte shows the length
+ di.readFully(addr);
+ host = new String(addr);
+ break;
+ default:
+ throw (new SocksException(SocksProxyBase.SOCKS_JUST_ERROR));
+ }
+
+ port = di.readUnsignedShort();
+
+ if ((addrType != SOCKS_ATYP_DOMAINNAME) && doResolveIP) {
+ try {
+ ip = InetAddress.getByName(host);
+ } catch (final UnknownHostException uh_ex) {
+ }
+ }
+ }
+
+ /**
+ * Writes the message to the stream.
+ *
+ * @param out
+ * Output stream to which message should be written.
+ */
+ public void write(OutputStream out) throws SocksException, IOException {
+ if (data == null) {
+ Socks5Message msg;
+
+ if (addrType == SOCKS_ATYP_DOMAINNAME) {
+ msg = new Socks5Message(command, host, port);
+ } else {
+ if (ip == null) {
+ try {
+ ip = InetAddress.getByName(host);
+ } catch (final UnknownHostException uh_ex) {
+ throw new SocksException(
+ SocksProxyBase.SOCKS_JUST_ERROR);
+ }
+ }
+ msg = new Socks5Message(command, ip, port);
+ }
+ data = msg.data;
+ }
+ out.write(data);
+ }
+
+ /**
+ * Returns IP field of the message as IP, if the message was created with
+ * ATYP of HOSTNAME, it will attempt to resolve the hostname, which might
+ * fail.
+ *
+ * @throws UnknownHostException
+ * if host can't be resolved.
+ */
+ public InetAddress getInetAddress() throws UnknownHostException {
+ if (ip != null) {
+ return ip;
+ }
+
+ return (ip = InetAddress.getByName(host));
+ }
+
+ /**
+ * Returns string representation of the message.
+ */
+ public String toString() {
+ // FIXME: Single line version, please.
+ final String s = "Socks5Message:" + "\n" + "VN " + version + "\n"
+ + "CMD " + command + "\n" + "ATYP " + addrType + "\n"
+ + "ADDR " + host + "\n" + "PORT " + port + "\n";
+ return s;
+ }
+
+ /**
+ *Wether to resolve hostIP returned from SOCKS server that is wether to
+ * create InetAddress object from the hostName string
+ */
+ static public boolean resolveIP() {
+ return doResolveIP;
+ }
+
+ /**
+ *Wether to resolve hostIP returned from SOCKS server that is wether to
+ * create InetAddress object from the hostName string
+ *
+ * @param doResolve
+ * Wether to resolve hostIP from SOCKS server.
+ *@return Previous value.
+ */
+ static public boolean resolveIP(boolean doResolve) {
+ final boolean old = doResolveIP;
+ doResolveIP = doResolve;
+ return old;
+ }
+
+ /*
+ * private static final void debug(String s){ if(DEBUG) System.out.print(s);
+ * } private static final boolean DEBUG = false;
+ */
+
+ // SOCKS5 constants
+ public static final int SOCKS_VERSION = 5;
+
+ public static final int SOCKS_ATYP_IPV4 = 0x1; // Where is 2??
+ public static final int SOCKS_ATYP_DOMAINNAME = 0x3; // !!!!rfc1928
+ public static final int SOCKS_ATYP_IPV6 = 0x4;
+
+ public static final int SOCKS_IPV6_LENGTH = 16;
+
+ static boolean doResolveIP = true;
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/Socks5Proxy.java b/src/com/runjva/sourceforge/jsocks/protocol/Socks5Proxy.java
new file mode 100644
index 0000000..7400aa6
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/Socks5Proxy.java
@@ -0,0 +1,295 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.SocketException;
+import java.net.UnknownHostException;
+import java.util.Enumeration;
+import java.util.Hashtable;
+
+/**
+ * SOCKS5 Proxy.
+ */
+
+public class Socks5Proxy extends SocksProxyBase implements Cloneable {
+
+ // Data members
+ private Hashtable<Integer, Authentication> authMethods = new Hashtable<Integer, Authentication>();
+ private int selectedMethod;
+
+ boolean resolveAddrLocally = true;
+ UDPEncapsulation udp_encapsulation = null;
+
+ // Public Constructors
+ // ====================
+
+ /**
+ * Creates SOCKS5 proxy.
+ *
+ * @param p
+ * Proxy to use to connect to this proxy, allows proxy chaining.
+ * @param proxyHost
+ * Host on which a Proxy server runs.
+ * @param proxyPort
+ * Port on which a Proxy server listens for connections.
+ * @throws UnknownHostException
+ * If proxyHost can't be resolved.
+ */
+ public Socks5Proxy(SocksProxyBase p, String proxyHost, int proxyPort)
+ throws UnknownHostException {
+
+ super(p, proxyHost, proxyPort);
+ version = 5;
+ setAuthenticationMethod(0, new AuthenticationNone());
+ }
+
+ /**
+ * Creates SOCKS5 proxy.
+ *
+ * @param proxyHost
+ * Host on which a Proxy server runs.
+ * @param proxyPort
+ * Port on which a Proxy server listens for connections.
+ * @throws UnknownHostException
+ * If proxyHost can't be resolved.
+ */
+ public Socks5Proxy(String proxyHost, int proxyPort)
+ throws UnknownHostException {
+ this(null, proxyHost, proxyPort);
+ }
+
+ /**
+ * Creates SOCKS5 proxy.
+ *
+ * @param p
+ * Proxy to use to connect to this proxy, allows proxy chaining.
+ * @param proxyIP
+ * Host on which a Proxy server runs.
+ * @param proxyPort
+ * Port on which a Proxy server listens for connections.
+ */
+ public Socks5Proxy(SocksProxyBase p, InetAddress proxyIP, int proxyPort) {
+ super(p, proxyIP, proxyPort);
+ version = 5;
+ setAuthenticationMethod(0, new AuthenticationNone());
+ }
+
+ /**
+ * Creates SOCKS5 proxy.
+ *
+ * @param proxyIP
+ * Host on which a Proxy server runs.
+ * @param proxyPort
+ * Port on which a Proxy server listens for connections.
+ */
+ public Socks5Proxy(InetAddress proxyIP, int proxyPort) {
+ this(null, proxyIP, proxyPort);
+ }
+
+ // Public instance methods
+ // ========================
+
+ /**
+ * Wether to resolve address locally or to let proxy do so.
+ * <p>
+ * SOCKS5 protocol allows to send host names rather then IPs in the
+ * requests, this option controls wether the hostnames should be send to the
+ * proxy server as names, or should they be resolved locally.
+ *
+ * @param doResolve
+ * Wether to perform resolution locally.
+ * @return Previous settings.
+ */
+ public boolean resolveAddrLocally(boolean doResolve) {
+ final boolean old = resolveAddrLocally;
+ resolveAddrLocally = doResolve;
+ return old;
+ }
+
+ /**
+ * Get current setting on how the addresses should be handled.
+ *
+ * @return Current setting for address resolution.
+ * @see Socks5Proxy#resolveAddrLocally(boolean doResolve)
+ */
+ public boolean resolveAddrLocally() {
+ return resolveAddrLocally;
+ }
+
+ /**
+ * Adds another authentication method.
+ *
+ * @param methodId
+ * Authentication method id, see rfc1928
+ * @param method
+ * Implementation of Authentication
+ * @see Authentication
+ */
+ public boolean setAuthenticationMethod(int methodId, Authentication method) {
+ if ((methodId < 0) || (methodId > 255)) {
+ return false;
+ }
+ if (method == null) {
+ // Want to remove a particular method
+ return (authMethods.remove(new Integer(methodId)) != null);
+ } else {// Add the method, or rewrite old one
+ authMethods.put(new Integer(methodId), method);
+ }
+ return true;
+ }
+
+ /**
+ * Get authentication method, which corresponds to given method id
+ *
+ * @param methodId
+ * Authentication method id.
+ * @return Implementation for given method or null, if one was not set.
+ */
+ public Authentication getAuthenticationMethod(int methodId) {
+ final Object method = authMethods.get(new Integer(methodId));
+ if (method == null) {
+ return null;
+ }
+ return (Authentication) method;
+ }
+
+ /**
+ * Creates a clone of this Proxy. clone() returns an
+ */
+ @SuppressWarnings("unchecked")
+ public Object clone() {
+ final Socks5Proxy newProxy = new Socks5Proxy(proxyIP, proxyPort);
+
+ final Object o = this.authMethods.clone();
+ newProxy.authMethods = (Hashtable<Integer, Authentication>) o;
+
+ newProxy.directHosts = (InetRange) directHosts.clone();
+ newProxy.resolveAddrLocally = resolveAddrLocally;
+ newProxy.chainProxy = chainProxy;
+ return newProxy;
+ }
+
+ // Public Static(Class) Methods
+ // ==============================
+
+ // Protected Methods
+ // =================
+
+ protected SocksProxyBase copy() {
+ final Socks5Proxy copy = new Socks5Proxy(proxyIP, proxyPort);
+
+ copy.authMethods = this.authMethods; // same Hash, no copy
+ copy.directHosts = this.directHosts;
+ copy.chainProxy = this.chainProxy;
+ copy.resolveAddrLocally = this.resolveAddrLocally;
+ return copy;
+ }
+
+ /**
+ *
+ *
+ */
+ protected void startSession() throws SocksException {
+ super.startSession();
+ Authentication auth;
+ final Socket ps = proxySocket; // The name is too long
+
+ try {
+
+ final byte nMethods = (byte) authMethods.size(); // Number of
+ // methods
+
+ final byte[] buf = new byte[2 + nMethods]; // 2 is for VER,NMETHODS
+ buf[0] = (byte) version;
+ buf[1] = nMethods; // Number of methods
+ int i = 2;
+
+ final Enumeration<Integer> ids = authMethods.keys();
+ while (ids.hasMoreElements()) {
+ buf[i++] = (byte) ids.nextElement().intValue();
+ }
+
+ out.write(buf);
+ out.flush();
+
+ final int versionNumber = in.read();
+ selectedMethod = in.read();
+
+ if ((versionNumber < 0) || (selectedMethod < 0)) {
+ // EOF condition was reached
+ endSession();
+ final String s = "Connection to proxy lost.";
+ throw new SocksException(SOCKS_PROXY_IO_ERROR, s);
+ }
+
+ if (versionNumber < version) {
+ // What should we do??
+ }
+
+ if (selectedMethod == 0xFF) { // No method selected
+ ps.close();
+ throw (new SocksException(SOCKS_AUTH_NOT_SUPPORTED));
+ }
+
+ auth = getAuthenticationMethod(selectedMethod);
+ if (auth == null) {
+ // This shouldn't happen, unless method was removed by other
+ // thread, or the server stuffed up
+ final String s = "Specified Authentication not found!";
+ throw new SocksException(SOCKS_JUST_ERROR, s);
+ }
+
+ final Object[] in_out;
+ in_out = auth.doSocksAuthentication(selectedMethod, ps);
+
+ if (in_out == null) {
+ // Authentication failed by some reason
+ throw (new SocksException(SOCKS_AUTH_FAILURE));
+ }
+
+ /*
+ * Most authentication methods are expected to return simply the
+ * input/output streams associated with the socket. However if the
+ * auth. method requires some kind of encryption/decryption being
+ * done on the connection it should provide classes to handle I/O.
+ */
+
+ in = (InputStream) in_out[0];
+ out = (OutputStream) in_out[1];
+ if (in_out.length > 2) {
+ udp_encapsulation = (UDPEncapsulation) in_out[2];
+ }
+
+ } catch (final SocksException s_ex) {
+ throw s_ex;
+ } catch (final UnknownHostException uh_ex) {
+ throw new SocksException(SOCKS_PROXY_NO_CONNECT, uh_ex);
+ } catch (final SocketException so_ex) {
+ throw new SocksException(SOCKS_PROXY_NO_CONNECT, so_ex);
+ } catch (final IOException io_ex) {
+ throw new SocksException(SOCKS_PROXY_IO_ERROR, io_ex);
+ }
+ }
+
+ protected ProxyMessage formMessage(int cmd, InetAddress ip, int port) {
+ return new Socks5Message(cmd, ip, port);
+ }
+
+ protected ProxyMessage formMessage(int cmd, String host, int port)
+ throws UnknownHostException {
+ if (resolveAddrLocally) {
+ return formMessage(cmd, InetAddress.getByName(host), port);
+ } else {
+ return new Socks5Message(cmd, host, port);
+ }
+ }
+
+ protected ProxyMessage formMessage(InputStream in) throws SocksException,
+ IOException {
+ return new Socks5Message(in);
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/SocksException.java b/src/com/runjva/sourceforge/jsocks/protocol/SocksException.java
new file mode 100644
index 0000000..a651597
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/SocksException.java
@@ -0,0 +1,111 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+/**
+ * Exception thrown by various socks classes to indicate errors with protocol or
+ * unsuccessfull server responses.
+ */
+public class SocksException extends java.io.IOException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * Construct a SocksException with given errorcode.
+ * <p>
+ * Tries to look up message which corresponds to this error code.
+ *
+ * @param errCode
+ * Error code for this exception.
+ */
+ public SocksException(int errCode) {
+ this.errCode = errCode;
+ lookupErrorString(errCode);
+ }
+
+ private void lookupErrorString(int errCode) {
+ if ((errCode >> 16) == 0) {
+ if (errCode <= serverReplyMessage.length) {
+ errString = serverReplyMessage[errCode];
+ } else {
+ errString = UNASSIGNED_ERROR_MESSAGE;
+ }
+ } else {
+ // Local error
+ errCode = (errCode >> 16) - 1;
+ if (errCode <= localErrorMessage.length) {
+ errString = localErrorMessage[errCode];
+ } else {
+ errString = UNASSIGNED_ERROR_MESSAGE;
+ }
+ }
+ }
+
+ /**
+ * Construct a SocksException with given error code, and a Throwable cause
+ *
+ * @param errCode
+ * @param t
+ * Nested exception for debugging purposes.
+ */
+ public SocksException(int errCode, Throwable t) {
+ super(t); // Java 1.6+
+ this.errCode = errCode;
+ lookupErrorString(errCode);
+ }
+
+ /**
+ * Constructs a SocksException with given error code and message.
+ *
+ * @param errCode
+ * Error code.
+ * @param errString
+ * Error Message.
+ */
+ public SocksException(int errCode, String errString) {
+ this.errCode = errCode;
+ this.errString = errString;
+ }
+
+ public SocksException(int errCode, String string, Throwable t) {
+ super(string, t); // Java 1.6+
+ this.errCode = errCode;
+ this.errString = string;
+ }
+
+ /**
+ * Get the error code associated with this exception.
+ *
+ * @return Error code associated with this exception.
+ */
+ public int getErrorCode() {
+ return errCode;
+ }
+
+ /**
+ * Get human readable representation of this exception.
+ *
+ * @return String represntation of this exception.
+ */
+ public String toString() {
+ return errString;
+ }
+
+ static final String UNASSIGNED_ERROR_MESSAGE = "Unknown error message";
+
+ static final String serverReplyMessage[] = { "Succeeded",
+ "General SOCKS server failure",
+ "Connection not allowed by ruleset", "Network unreachable",
+ "Host unreachable", "Connection refused", "TTL expired",
+ "Command not supported", "Address type not supported" };
+
+ static final String localErrorMessage[] = { "SOCKS server not specified",
+ "Unable to contact SOCKS server", "IO error",
+ "None of Authentication methods are supported",
+ "Authentication failed", "General SOCKS fault" };
+
+ String errString;
+ int errCode;
+
+}// End of SocksException class
+
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/SocksProxyBase.java b/src/com/runjva/sourceforge/jsocks/protocol/SocksProxyBase.java
new file mode 100644
index 0000000..ebf4fdb
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/SocksProxyBase.java
@@ -0,0 +1,543 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InterruptedIOException;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+/**
+ * Abstract class Proxy, base for classes Socks4Proxy and Socks5Proxy. Defines
+ * methods for specifying default proxy, to be used by all classes of this
+ * package.
+ */
+
+public abstract class SocksProxyBase {
+
+ // Data members
+ protected InetRange directHosts = new InetRange();
+
+ protected InetAddress proxyIP = null;
+ protected String proxyHost = null;
+ protected int proxyPort;
+ protected Socket proxySocket = null;
+
+ protected InputStream in;
+ protected OutputStream out;
+
+ protected int version;
+
+ protected SocksProxyBase chainProxy = null;
+
+ // Protected static/class variables
+ protected static SocksProxyBase defaultProxy = null;
+
+ // Constructors
+ // ====================
+ SocksProxyBase(SocksProxyBase chainProxy, String proxyHost, int proxyPort)
+ throws UnknownHostException {
+ this.chainProxy = chainProxy;
+ this.proxyHost = proxyHost;
+
+ if (chainProxy == null) {
+ this.proxyIP = InetAddress.getByName(proxyHost);
+ }
+
+ this.proxyPort = proxyPort;
+ }
+
+ SocksProxyBase(String proxyHost, int proxyPort) throws UnknownHostException {
+ this(null, proxyHost, proxyPort);
+ }
+
+ SocksProxyBase(SocksProxyBase chainProxy, InetAddress proxyIP, int proxyPort) {
+ this.chainProxy = chainProxy;
+ this.proxyIP = proxyIP;
+ this.proxyPort = proxyPort;
+ }
+
+ SocksProxyBase(InetAddress proxyIP, int proxyPort) {
+ this(null, proxyIP, proxyPort);
+ }
+
+ SocksProxyBase(SocksProxyBase p) {
+ this.proxyIP = p.proxyIP;
+ this.proxyPort = p.proxyPort;
+ this.version = p.version;
+ this.directHosts = p.directHosts;
+ }
+
+ // Public instance methods
+ // ========================
+
+ /**
+ * Get the port on which proxy server is running.
+ *
+ * @return Proxy port.
+ */
+ public int getPort() {
+ return proxyPort;
+ }
+
+ /**
+ * Get the ip address of the proxy server host.
+ *
+ * @return Proxy InetAddress.
+ */
+ public InetAddress getInetAddress() {
+ return proxyIP;
+ }
+
+ /**
+ * Adds given ip to the list of direct addresses. This machine will be
+ * accessed without using proxy.
+ */
+ public void addDirect(InetAddress ip) {
+ directHosts.add(ip);
+ }
+
+ /**
+ * Adds host to the list of direct addresses. This machine will be accessed
+ * without using proxy.
+ */
+ public boolean addDirect(String host) {
+ return directHosts.add(host);
+ }
+
+ /**
+ * Adds given range of addresses to the lsit of direct addresses, machines
+ * within this range will be accessed without using proxy.
+ */
+ public void addDirect(InetAddress from, InetAddress to) {
+ directHosts.add(from, to);
+ }
+
+ /**
+ * Sets given InetRange as the list of direct address, previous list will be
+ * discarded, any changes done previously with addDirect(Inetaddress) will
+ * be lost. The machines in this range will be accessed without using proxy.
+ *
+ * @param ir
+ * InetRange which should be used to look up direct addresses.
+ * @see InetRange
+ */
+ public void setDirect(InetRange ir) {
+ directHosts = ir;
+ }
+
+ /**
+ * Get the list of direct hosts.
+ *
+ * @return Current range of direct address as InetRange object.
+ * @see InetRange
+ */
+ public InetRange getDirect() {
+ return directHosts;
+ }
+
+ /**
+ * Check wether the given host is on the list of direct address.
+ *
+ * @param host
+ * Host name to check.
+ * @return true if the given host is specified as the direct addresses.
+ */
+ public boolean isDirect(String host) {
+ return directHosts.contains(host);
+ }
+
+ /**
+ * Check wether the given host is on the list of direct addresses.
+ *
+ * @param host
+ * Host address to check.
+ * @return true if the given host is specified as the direct address.
+ */
+ public boolean isDirect(InetAddress host) {
+ return directHosts.contains(host);
+ }
+
+ /**
+ * Set the proxy which should be used to connect to given proxy.
+ *
+ * @param chainProxy
+ * Proxy to use to connect to this proxy.
+ */
+ public void setChainProxy(SocksProxyBase chainProxy) {
+ this.chainProxy = chainProxy;
+ }
+
+ /**
+ * Get proxy which is used to connect to this proxy.
+ *
+ * @return Proxy which is used to connect to this proxy, or null if proxy is
+ * to be contacted directly.
+ */
+ public SocksProxyBase getChainProxy() {
+ return chainProxy;
+ }
+
+ /**
+ * Get string representation of this proxy.
+ *
+ * @returns string in the form:proxyHost:proxyPort \t Version versionNumber
+ */
+ public String toString() {
+ return ("" + proxyIP.getHostName() + ":" + proxyPort + "\tVersion " + version);
+ }
+
+ // Public Static(Class) Methods
+ // ==============================
+
+ /**
+ * Sets SOCKS4 proxy as default.
+ *
+ * @param hostName
+ * Host name on which SOCKS4 server is running.
+ * @param port
+ * Port on which SOCKS4 server is running.
+ * @param user
+ * Username to use for communications with proxy.
+ */
+ public static void setDefaultProxy(String hostName, int port, String user)
+ throws UnknownHostException {
+ defaultProxy = new Socks4Proxy(hostName, port, user);
+ }
+
+ /**
+ * Sets SOCKS4 proxy as default.
+ *
+ * @param ipAddress
+ * Host address on which SOCKS4 server is running.
+ * @param port
+ * Port on which SOCKS4 server is running.
+ * @param user
+ * Username to use for communications with proxy.
+ */
+ public static void setDefaultProxy(InetAddress ipAddress, int port,
+ String user) {
+ defaultProxy = new Socks4Proxy(ipAddress, port, user);
+ }
+
+ /**
+ * Sets SOCKS5 proxy as default. Default proxy only supports
+ * no-authentication.
+ *
+ * @param hostName
+ * Host name on which SOCKS5 server is running.
+ * @param port
+ * Port on which SOCKS5 server is running.
+ */
+ public static void setDefaultProxy(String hostName, int port)
+ throws UnknownHostException {
+ defaultProxy = new Socks5Proxy(hostName, port);
+ }
+
+ /**
+ * Sets SOCKS5 proxy as default. Default proxy only supports
+ * no-authentication.
+ *
+ * @param ipAddress
+ * Host address on which SOCKS5 server is running.
+ * @param port
+ * Port on which SOCKS5 server is running.
+ */
+ public static void setDefaultProxy(InetAddress ipAddress, int port) {
+ defaultProxy = new Socks5Proxy(ipAddress, port);
+ }
+
+ /**
+ * Sets default proxy.
+ *
+ * @param p
+ * Proxy to use as default proxy.
+ */
+ public static void setDefaultProxy(SocksProxyBase p) {
+ defaultProxy = p;
+ }
+
+ /**
+ * Get current default proxy.
+ *
+ * @return Current default proxy, or null if none is set.
+ */
+ public static SocksProxyBase getDefaultProxy() {
+ return defaultProxy;
+ }
+
+ /**
+ * Parses strings in the form: host[:port:user:password], and creates proxy
+ * from information obtained from parsing.
+ * <p>
+ * Defaults: port = 1080.<br>
+ * If user specified but not password, creates Socks4Proxy, if user not
+ * specified creates Socks5Proxy, if both user and password are speciefied
+ * creates Socks5Proxy with user/password authentication.
+ *
+ * @param proxy_entry
+ * String in the form host[:port:user:password]
+ * @return Proxy created from the string, null if entry was somehow
+ * invalid(host unknown for example, or empty string)
+ */
+ public static SocksProxyBase parseProxy(String proxy_entry) {
+
+ String proxy_host;
+ int proxy_port = 1080;
+ String proxy_user = null;
+ String proxy_password = null;
+ SocksProxyBase proxy;
+
+ final java.util.StringTokenizer st = new java.util.StringTokenizer(
+ proxy_entry, ":");
+ if (st.countTokens() < 1) {
+ return null;
+ }
+
+ proxy_host = st.nextToken();
+ if (st.hasMoreTokens()) {
+ try {
+ proxy_port = Integer.parseInt(st.nextToken().trim());
+ } catch (final NumberFormatException nfe) {
+ }
+ }
+
+ if (st.hasMoreTokens()) {
+ proxy_user = st.nextToken();
+ }
+
+ if (st.hasMoreTokens()) {
+ proxy_password = st.nextToken();
+ }
+
+ try {
+ if (proxy_user == null) {
+ proxy = new Socks5Proxy(proxy_host, proxy_port);
+ } else if (proxy_password == null) {
+ proxy = new Socks4Proxy(proxy_host, proxy_port, proxy_user);
+ } else {
+ proxy = new Socks5Proxy(proxy_host, proxy_port);
+ final UserPasswordAuthentication upa = new UserPasswordAuthentication(
+ proxy_user, proxy_password);
+
+ ((Socks5Proxy) proxy).setAuthenticationMethod(
+ UserPasswordAuthentication.METHOD_ID, upa);
+ }
+ } catch (final UnknownHostException uhe) {
+ return null;
+ }
+
+ return proxy;
+ }
+
+ // Protected Methods
+ // =================
+
+ protected void startSession() throws SocksException {
+ try {
+ if (chainProxy == null) {
+ proxySocket = new Socket(proxyIP, proxyPort);
+ } else if (proxyIP != null) {
+ proxySocket = new SocksSocket(chainProxy, proxyIP, proxyPort);
+ } else {
+ proxySocket = new SocksSocket(chainProxy, proxyHost, proxyPort);
+ }
+
+ in = proxySocket.getInputStream();
+ out = proxySocket.getOutputStream();
+ } catch (final SocksException se) {
+ throw se;
+ } catch (final IOException io_ex) {
+ throw new SocksException(SOCKS_PROXY_IO_ERROR, "" + io_ex);
+ }
+ }
+
+ /**
+ * Create a copy of this proxy for use by individual threads.
+ *
+ * @return proxy
+ */
+ protected abstract SocksProxyBase copy();
+
+ protected abstract ProxyMessage formMessage(int cmd, InetAddress ip,
+ int port);
+
+ protected abstract ProxyMessage formMessage(int cmd, String host, int port)
+ throws UnknownHostException;
+
+ protected abstract ProxyMessage formMessage(InputStream in)
+ throws SocksException, IOException;
+
+ protected ProxyMessage connect(InetAddress ip, int port)
+ throws SocksException {
+ try {
+ startSession();
+ final ProxyMessage request = formMessage(SOCKS_CMD_CONNECT, ip,
+ port);
+ return exchange(request);
+ } catch (final SocksException se) {
+ endSession();
+ throw se;
+ }
+ }
+
+ protected ProxyMessage connect(String host, int port)
+ throws UnknownHostException, SocksException {
+ try {
+ startSession();
+ final ProxyMessage request = formMessage(SOCKS_CMD_CONNECT, host,
+ port);
+ return exchange(request);
+ } catch (final SocksException se) {
+ endSession();
+ throw se;
+ }
+ }
+
+ protected ProxyMessage bind(InetAddress ip, int port) throws SocksException {
+ try {
+ startSession();
+ final ProxyMessage request = formMessage(SOCKS_CMD_BIND, ip, port);
+ return exchange(request);
+ } catch (final SocksException se) {
+ endSession();
+ throw se;
+ }
+ }
+
+ protected ProxyMessage bind(String host, int port)
+ throws UnknownHostException, SocksException {
+ try {
+ startSession();
+ final ProxyMessage request = formMessage(SOCKS_CMD_BIND, host, port);
+ return exchange(request);
+ } catch (final SocksException se) {
+ endSession();
+ throw se;
+ }
+ }
+
+ protected ProxyMessage accept() throws IOException, SocksException {
+ ProxyMessage msg;
+ try {
+ msg = formMessage(in);
+ } catch (final InterruptedIOException iioe) {
+ throw iioe;
+ } catch (final IOException io_ex) {
+ endSession();
+ throw new SocksException(SOCKS_PROXY_IO_ERROR,
+ "While Trying accept:" + io_ex);
+ }
+ return msg;
+ }
+
+ protected ProxyMessage udpAssociate(InetAddress ip, int port)
+ throws SocksException {
+ try {
+ startSession();
+ final ProxyMessage request = formMessage(SOCKS_CMD_UDP_ASSOCIATE,
+ ip, port);
+ if (request != null) {
+ return exchange(request);
+ }
+ } catch (final SocksException se) {
+ endSession();
+ throw se;
+ }
+ // Only get here if request was null
+ endSession();
+ throw new SocksException(SOCKS_METHOD_NOTSUPPORTED,
+ "This version of proxy does not support UDP associate, use version 5");
+ }
+
+ protected ProxyMessage udpAssociate(String host, int port)
+ throws UnknownHostException, SocksException {
+ try {
+ startSession();
+ final ProxyMessage request = formMessage(SOCKS_CMD_UDP_ASSOCIATE,
+ host, port);
+ if (request != null) {
+ return exchange(request);
+ }
+ } catch (final SocksException se) {
+ endSession();
+ throw se;
+ }
+ // Only get here if request was null
+ endSession();
+ throw new SocksException(SOCKS_METHOD_NOTSUPPORTED,
+ "This version of proxy does not support UDP associate, use version 5");
+ }
+
+ protected void endSession() {
+ try {
+ if (proxySocket != null) {
+ proxySocket.close();
+ }
+ proxySocket = null;
+ } catch (final IOException io_ex) {
+ }
+ }
+
+ /**
+ *Sends the request to SOCKS server
+ */
+ protected void sendMsg(ProxyMessage msg) throws SocksException, IOException {
+ msg.write(out);
+ }
+
+ /**
+ * Reads the reply from the SOCKS server
+ */
+ protected ProxyMessage readMsg() throws SocksException, IOException {
+ return formMessage(in);
+ }
+
+ /**
+ *Sends the request reads reply and returns it throws exception if
+ * something wrong with IO or the reply code is not zero
+ */
+ protected ProxyMessage exchange(ProxyMessage request) throws SocksException {
+ ProxyMessage reply;
+ try {
+ request.write(out);
+ reply = formMessage(in);
+ } catch (final SocksException s_ex) {
+ throw s_ex;
+ } catch (final IOException ioe) {
+ throw (new SocksException(SOCKS_PROXY_IO_ERROR, "" + ioe));
+ }
+ return reply;
+ }
+
+ // Private methods
+ // ===============
+
+ // Constants
+
+ public static final int SOCKS_SUCCESS = 0;
+ public static final int SOCKS_FAILURE = 1;
+ public static final int SOCKS_BADCONNECT = 2;
+ public static final int SOCKS_BADNETWORK = 3;
+ public static final int SOCKS_HOST_UNREACHABLE = 4;
+ public static final int SOCKS_CONNECTION_REFUSED = 5;
+ public static final int SOCKS_TTL_EXPIRE = 6;
+ public static final int SOCKS_CMD_NOT_SUPPORTED = 7;
+ public static final int SOCKS_ADDR_NOT_SUPPORTED = 8;
+
+ public static final int SOCKS_NO_PROXY = 1 << 16;
+ public static final int SOCKS_PROXY_NO_CONNECT = 2 << 16;
+ public static final int SOCKS_PROXY_IO_ERROR = 3 << 16;
+ public static final int SOCKS_AUTH_NOT_SUPPORTED = 4 << 16;
+ public static final int SOCKS_AUTH_FAILURE = 5 << 16;
+ public static final int SOCKS_JUST_ERROR = 6 << 16;
+
+ public static final int SOCKS_DIRECT_FAILED = 7 << 16;
+ public static final int SOCKS_METHOD_NOTSUPPORTED = 8 << 16;
+
+ static final int SOCKS_CMD_CONNECT = 0x1;
+ static final int SOCKS_CMD_BIND = 0x2;
+ static final int SOCKS_CMD_UDP_ASSOCIATE = 0x3;
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/SocksServerSocket.java b/src/com/runjva/sourceforge/jsocks/protocol/SocksServerSocket.java
new file mode 100644
index 0000000..7153a13
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/SocksServerSocket.java
@@ -0,0 +1,238 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.SocketException;
+import java.net.UnknownHostException;
+
+/**
+ * SocksServerSocket allows to accept connections from one particular host
+ * through the SOCKS4 or SOCKS5 proxy.
+ */
+public class SocksServerSocket extends ServerSocket {
+ // Data members
+ protected SocksProxyBase proxy;
+ protected String localHost;
+ protected InetAddress localIP;
+ protected int localPort;
+
+ boolean doing_direct = false;
+ InetAddress remoteAddr;
+
+ /**
+ * Creates ServerSocket capable of accepting one connection through the
+ * firewall, uses default Proxy.
+ *
+ * @param host
+ * Host from which the connection should be recieved.
+ *@param port
+ * Port number of the primary connection.
+ */
+ public SocksServerSocket(String host, int port) throws SocksException,
+ UnknownHostException, IOException {
+ this(SocksProxyBase.defaultProxy, host, port);
+ }
+
+ /**
+ *Creates ServerSocket capable of accepting one connection through the
+ * firewall, uses given proxy.
+ *
+ * @param p
+ * Proxy object to use.
+ *@param host
+ * Host from which the connection should be recieved.
+ *@param port
+ * Port number of the primary connection.
+ */
+ public SocksServerSocket(SocksProxyBase p, String host, int port)
+ throws SocksException, UnknownHostException, IOException {
+
+ super(0);
+ if (p == null) {
+ throw new SocksException(SocksProxyBase.SOCKS_NO_PROXY);
+ }
+ // proxy=p;
+ proxy = p.copy();
+ if (proxy.isDirect(host)) {
+ remoteAddr = InetAddress.getByName(host);
+ proxy = null;
+ doDirect();
+ } else {
+ processReply(proxy.bind(host, port));
+ }
+ }
+
+ /**
+ * Creates ServerSocket capable of accepting one connection through the
+ * firewall, uses default Proxy.
+ *
+ * @param ip
+ * Host from which the connection should be recieved.
+ *@param port
+ * Port number of the primary connection.
+ */
+ public SocksServerSocket(InetAddress ip, int port) throws SocksException,
+ IOException {
+ this(SocksProxyBase.defaultProxy, ip, port);
+ }
+
+ /**
+ *Creates ServerSocket capable of accepting one connection through the
+ * firewall, uses given proxy.
+ *
+ * @param p
+ * Proxy object to use.
+ *@param ip
+ * Host from which the connection should be recieved.
+ *@param port
+ * Port number of the primary connection.
+ */
+ public SocksServerSocket(SocksProxyBase p, InetAddress ip, int port)
+ throws SocksException, IOException {
+ super(0);
+
+ if (p == null) {
+ throw new SocksException(SocksProxyBase.SOCKS_NO_PROXY);
+ }
+ this.proxy = p.copy();
+
+ if (proxy.isDirect(ip)) {
+ remoteAddr = ip;
+ doDirect();
+ } else {
+ processReply(proxy.bind(ip, port));
+ }
+ }
+
+ /**
+ * Accepts the incoming connection.
+ */
+ public Socket accept() throws IOException {
+ Socket s;
+
+ if (!doing_direct) {
+ if (proxy == null) {
+ return null;
+ }
+
+ final ProxyMessage msg = proxy.accept();
+ s = msg.ip == null ? new SocksSocket(msg.host, msg.port, proxy)
+ : new SocksSocket(msg.ip, msg.port, proxy);
+ // Set timeout back to 0
+ proxy.proxySocket.setSoTimeout(0);
+ if (ProxyServer.vpnService != null)
+ ProxyServer.vpnService.protect(proxy.proxySocket);
+
+ } else { // Direct Connection
+
+ // Mimic the proxy behaviour,
+ // only accept connections from the speciefed host.
+ while (true) {
+ s = super.accept();
+ if (s.getInetAddress().equals(remoteAddr)) {
+ // got the connection from the right host
+ // Close listenning socket.
+ break;
+ } else {
+ s.close(); // Drop all connections from other hosts
+ }
+ }
+
+ }
+ proxy = null;
+ // Return accepted socket
+ return s;
+ }
+
+ /**
+ * Closes the connection to proxy if socket have not been accepted, if the
+ * direct connection is used, closes direct ServerSocket. If the client
+ * socket have been allready accepted, does nothing.
+ */
+ public void close() throws IOException {
+ super.close();
+ if (proxy != null) {
+ proxy.endSession();
+ }
+ proxy = null;
+ }
+
+ /**
+ * Get the name of the host proxy is using to listen for incoming
+ * connection.
+ * <P>
+ * Usefull when address is returned by proxy as the hostname.
+ *
+ * @return the hostname of the address proxy is using to listen for incoming
+ * connection.
+ */
+ public String getHost() {
+ return localHost;
+ }
+
+ /**
+ * Get address assigned by proxy to listen for incomming connections, or the
+ * local machine address if doing direct connection.
+ */
+ public InetAddress getInetAddress() {
+ if (localIP == null) {
+ try {
+ localIP = InetAddress.getByName(localHost);
+ } catch (final UnknownHostException e) {
+ return null;
+ }
+ }
+ return localIP;
+ }
+
+ /**
+ * Get port assigned by proxy to listen for incoming connections, or the
+ * port chosen by local system, if accepting directly.
+ */
+ public int getLocalPort() {
+ return localPort;
+ }
+
+ /**
+ * Set Timeout.
+ *
+ * @param timeout
+ * Amount of time in milliseconds, accept should wait for
+ * incoming connection before failing with exception. Zero
+ * timeout implies infinity.
+ */
+ public void setSoTimeout(int timeout) throws SocketException {
+ super.setSoTimeout(timeout);
+ if (!doing_direct) {
+ proxy.proxySocket.setSoTimeout(timeout);
+ }
+ }
+
+ // Private Methods
+ // ////////////////
+
+ private void processReply(ProxyMessage reply) throws SocksException {
+ localPort = reply.port;
+ /*
+ * If the server have assigned same host as it was contacted on it might
+ * return an address of all zeros
+ */
+ if (reply.host.equals("0.0.0.0")) {
+ localIP = proxy.proxyIP;
+ localHost = localIP.getHostName();
+ } else {
+ localHost = reply.host;
+ localIP = reply.ip;
+ }
+ }
+
+ private void doDirect() {
+ doing_direct = true;
+ localPort = super.getLocalPort();
+ localIP = super.getInetAddress();
+ localHost = localIP.getHostName();
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/SocksSocket.java b/src/com/runjva/sourceforge/jsocks/protocol/SocksSocket.java
new file mode 100644
index 0000000..674d24e
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/SocksSocket.java
@@ -0,0 +1,389 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.SocketException;
+import java.net.UnknownHostException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * SocksSocket tryies to look very similar to normal Socket, while allowing
+ * connections through the SOCKS4 or 5 proxy. To use this class you will have to
+ * identify proxy you need to use, Proxy class allows you to set default proxy,
+ * which will be used by all Socks aware sockets. You can also create either
+ * Socks4Proxy or Socks5Proxy, and use them by passing to the appropriate
+ * constructors.
+ * <P>
+ * Using Socks package can be as easy as that:
+ *
+ * <pre>
+ * <tt>
+ *
+ * import Socks.*;
+ * ....
+ *
+ * try{
+ * //Specify SOCKS5 proxy
+ * Proxy.setDefaultProxy("socks-proxy",1080);
+ *
+ * //OR you still use SOCKS4
+ * //Code below uses SOCKS4 proxy
+ * //Proxy.setDefaultProxy("socks-proxy",1080,userName);
+ *
+ * Socket s = SocksSocket("some.host.of.mine",13);
+ * readTimeFromSock(s);
+ * }catch(SocksException sock_ex){
+ * //Usually it will turn in more or less meaningfull message
+ * System.err.println("SocksException:"+sock_ex);
+ * }
+ *
+ * </tt>
+ * </pre>
+ *<P>
+ * However if the need exist for more control, like resolving addresses
+ * remotely, or using some non-trivial authentication schemes, it can be done.
+ */
+
+public class SocksSocket extends Socket {
+ // Data members
+ protected SocksProxyBase proxy;
+ protected String localHost, remoteHost;
+ protected InetAddress localIP, remoteIP;
+ protected int localPort, remotePort;
+
+ private Socket directSock = null;
+ private Logger log = LoggerFactory.getLogger(SocksSocket.class);
+
+ /**
+ * Tryies to connect to given host and port using default proxy. If no
+ * default proxy speciefied it throws SocksException with error code
+ * SOCKS_NO_PROXY.
+ *
+ * @param host
+ * Machine to connect to.
+ * @param port
+ * Port to which to connect.
+ * @see SocksSocket#SocksSocket(SocksProxyBase,String,int)
+ * @see Socks5Proxy#resolveAddrLocally
+ */
+ public SocksSocket(String host, int port) throws SocksException,
+ UnknownHostException {
+ this(SocksProxyBase.defaultProxy, host, port);
+ }
+
+ /**
+ * Connects to host port using given proxy server.
+ *
+ * @param p
+ * Proxy to use.
+ * @param host
+ * Machine to connect to.
+ * @param port
+ * Port to which to connect.
+ * @throws UnknownHostException
+ * If one of the following happens:
+ * <ol>
+ *
+ * <li>Proxy settings say that address should be resolved
+ * locally, but this fails.
+ * <li>Proxy settings say that the host should be contacted
+ * directly but host name can't be resolved.
+ * </ol>
+ * @throws SocksException
+ * If one of the following happens:
+ * <ul>
+ * <li>Proxy is is null.
+ * <li>Proxy settings say that the host should be contacted
+ * directly but this fails.
+ * <li>Socks Server can't be contacted.
+ * <li>Authentication fails.
+ * <li>Connection is not allowed by the SOCKS proxy.
+ * <li>SOCKS proxy can't establish the connection.
+ * <li>Any IO error occured.
+ * <li>Any protocol error occured.
+ * </ul>
+ * @throws IOexception
+ * if anything is wrong with I/O.
+ * @see Socks5Proxy#resolveAddrLocally
+ */
+ public SocksSocket(SocksProxyBase p, String host, int port)
+ throws SocksException, UnknownHostException {
+
+ if (p == null) {
+ throw new SocksException(SocksProxyBase.SOCKS_NO_PROXY);
+ }
+ // proxy=p;
+ proxy = p.copy();
+ remoteHost = host;
+ remotePort = port;
+ if (proxy.isDirect(host)) {
+ remoteIP = InetAddress.getByName(host);
+ doDirect();
+ } else {
+ processReply(proxy.connect(host, port));
+ }
+ }
+
+ /**
+ * Tryies to connect to given ip and port using default proxy. If no default
+ * proxy speciefied it throws SocksException with error code SOCKS_NO_PROXY.
+ *
+ * @param ip
+ * Machine to connect to.
+ * @param port
+ * Port to which to connect.
+ * @see SocksSocket#SocksSocket(SocksProxyBase,String,int)
+ */
+ public SocksSocket(InetAddress ip, int port) throws SocksException {
+ this(SocksProxyBase.defaultProxy, ip, port);
+ }
+
+ /**
+ * Connects to given ip and port using given Proxy server.
+ *
+ * @param p
+ * Proxy to use.
+ * @param ip
+ * Machine to connect to.
+ * @param port
+ * Port to which to connect.
+ */
+ public SocksSocket(SocksProxyBase p, InetAddress ip, int port)
+ throws SocksException {
+ if (p == null) {
+ throw new SocksException(SocksProxyBase.SOCKS_NO_PROXY);
+ }
+ this.proxy = p.copy();
+ this.remoteIP = ip;
+ this.remotePort = port;
+ this.remoteHost = ip.getHostName();
+ if (proxy.isDirect(remoteIP)) {
+ doDirect();
+ } else {
+ processReply(proxy.connect(ip, port));
+ }
+ }
+
+ /**
+ * These 2 constructors are used by the SocksServerSocket. This socket
+ * simply overrides remoteHost, remotePort
+ */
+ protected SocksSocket(String host, int port, SocksProxyBase proxy) {
+ this.remotePort = port;
+ this.proxy = proxy;
+ this.localIP = proxy.proxySocket.getLocalAddress();
+ this.localPort = proxy.proxySocket.getLocalPort();
+ this.remoteHost = host;
+ }
+
+ protected SocksSocket(InetAddress ip, int port, SocksProxyBase proxy) {
+ remoteIP = ip;
+ remotePort = port;
+ this.proxy = proxy;
+ this.localIP = proxy.proxySocket.getLocalAddress();
+ this.localPort = proxy.proxySocket.getLocalPort();
+ remoteHost = remoteIP.getHostName();
+ }
+
+ /**
+ * Same as Socket
+ */
+ public void close() throws IOException {
+ if (proxy != null) {
+ proxy.endSession();
+ }
+ proxy = null;
+ }
+
+ /**
+ * Same as Socket
+ */
+ public InputStream getInputStream() {
+ return proxy.in;
+ }
+
+ /**
+ * Same as Socket
+ */
+ public OutputStream getOutputStream() {
+ return proxy.out;
+ }
+
+ /**
+ * Same as Socket
+ */
+ public int getPort() {
+ return remotePort;
+ }
+
+ /**
+ * Returns remote host name, it is usefull in cases when addresses are
+ * resolved by proxy, and we can't create InetAddress object.
+ *
+ * @return The name of the host this socket is connected to.
+ */
+ public String getHost() {
+ return remoteHost;
+ }
+
+ /**
+ * Get remote host as InetAddress object, might return null if addresses are
+ * resolved by proxy, and it is not possible to resolve it locally
+ *
+ * @return Ip address of the host this socket is connected to, or null if
+ * address was returned by the proxy as DOMAINNAME and can't be
+ * resolved locally.
+ */
+ public InetAddress getInetAddress() {
+ if (remoteIP == null) {
+ try {
+ remoteIP = InetAddress.getByName(remoteHost);
+ } catch (final UnknownHostException e) {
+ return null;
+ }
+ }
+ return remoteIP;
+ }
+
+ /**
+ * Get the port assigned by the proxy for the socket, not the port on locall
+ * machine as in Socket.
+ *
+ * @return Port of the socket used on the proxy server.
+ */
+ public int getLocalPort() {
+ return localPort;
+ }
+
+ /**
+ * Get address assigned by proxy to make a remote connection, it might be
+ * different from the host specified for the proxy. Can return null if socks
+ * server returned this address as hostname and it can't be resolved
+ * locally, use getLocalHost() then.
+ *
+ * @return Address proxy is using to make a connection.
+ */
+ public InetAddress getLocalAddress() {
+ if (localIP == null) {
+ try {
+ localIP = InetAddress.getByName(localHost);
+ } catch (final UnknownHostException e) {
+ return null;
+ }
+ }
+ return localIP;
+ }
+
+ /**
+ * Get name of the host, proxy has assigned to make a remote connection for
+ * this socket. This method is usefull when proxy have returned address as
+ * hostname, and we can't resolve it on this machine.
+ *
+ * @return The name of the host proxy is using to make a connection.
+ */
+ public String getLocalHost() {
+ return localHost;
+ }
+
+ /**
+ * Same as socket.
+ */
+ public void setSoLinger(boolean on, int val) throws SocketException {
+ proxy.proxySocket.setSoLinger(on, val);
+ }
+
+ /**
+ * Same as socket.
+ */
+ public int getSoLinger(int timeout) throws SocketException {
+ return proxy.proxySocket.getSoLinger();
+ }
+
+ /**
+ * Same as socket.
+ */
+ public void setSoTimeout(int timeout) throws SocketException {
+ proxy.proxySocket.setSoTimeout(timeout);
+ }
+
+ /**
+ * Same as socket.
+ */
+ public int getSoTimeout(int timeout) throws SocketException {
+ return proxy.proxySocket.getSoTimeout();
+ }
+
+ /**
+ * Same as socket.
+ */
+ public void setTcpNoDelay(boolean on) throws SocketException {
+ proxy.proxySocket.setTcpNoDelay(on);
+ }
+
+ /**
+ * Same as socket.
+ */
+ public boolean getTcpNoDelay() throws SocketException {
+ return proxy.proxySocket.getTcpNoDelay();
+ }
+
+ /**
+ * Get string representation of the socket.
+ */
+ public String toString() {
+ if (directSock != null) {
+ return "Direct connection:" + directSock;
+ }
+ StringBuffer sb = new StringBuffer();
+ sb.append("Proxy:");
+ sb.append(proxy);
+ sb.append(";");
+ sb.append("addr:");
+ sb.append(remoteHost);
+ sb.append(",port:");
+ sb.append(remotePort);
+ sb.append(",localport:");
+ sb.append(localPort);
+ return sb.toString();
+
+ }
+
+ // Private Methods
+ // ////////////////
+
+ private void processReply(ProxyMessage reply) throws SocksException {
+ localPort = reply.port;
+ /*
+ * If the server have assigned same host as it was contacted on it might
+ * return an address of all zeros
+ */
+ if (reply.host.equals("0.0.0.0")) {
+ localIP = proxy.proxyIP;
+ localHost = localIP.getHostName();
+ } else {
+ localHost = reply.host;
+ localIP = reply.ip;
+ }
+ }
+
+ private void doDirect() throws SocksException {
+ try {
+ log.debug("IP: {}_{}", remoteIP, remotePort);
+ directSock = new Socket(remoteIP, remotePort);
+ proxy.out = directSock.getOutputStream();
+ proxy.in = directSock.getInputStream();
+ proxy.proxySocket = directSock;
+ localIP = directSock.getLocalAddress();
+ localPort = directSock.getLocalPort();
+ } catch (final IOException io_ex) {
+ final int errCode = SocksProxyBase.SOCKS_DIRECT_FAILED;
+ throw new SocksException(errCode, "Direct connect failed:", io_ex);
+ }
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/UDPEncapsulation.java b/src/com/runjva/sourceforge/jsocks/protocol/UDPEncapsulation.java
new file mode 100644
index 0000000..eaa4614
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/UDPEncapsulation.java
@@ -0,0 +1,33 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+/**
+ * This interface provides for datagram encapsulation for SOCKSv5 protocol.
+ * <p>
+ * SOCKSv5 allows for datagrams to be encapsulated for purposes of integrity
+ * and/or authenticity. How it should be done is aggreed during the
+ * authentication stage, and is authentication dependent. This interface is
+ * provided to allow this encapsulation.
+ *
+ * @see Authentication
+ */
+public interface UDPEncapsulation {
+
+ /**
+ * This method should provide any authentication depended transformation on
+ * datagrams being send from/to the client.
+ *
+ * @param data
+ * Datagram data (including any SOCKS related bytes), to be
+ * encapsulated/decapsulated.
+ * @param out
+ * Wether the data is being send out. If true method should
+ * encapsulate/encrypt data, otherwise it should decapsulate/
+ * decrypt data.
+ * @throw IOException if for some reason data can be transformed correctly.
+ * @return Should return byte array containing data after transformation. It
+ * is possible to return same array as input, if transformation only
+ * involves bit mangling, and no additional data is being added or
+ * removed.
+ */
+ byte[] udpEncapsulate(byte[] data, boolean out) throws java.io.IOException;
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/UDPRelayServer.java b/src/com/runjva/sourceforge/jsocks/protocol/UDPRelayServer.java
new file mode 100644
index 0000000..08bc723
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/UDPRelayServer.java
@@ -0,0 +1,231 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+import java.io.IOException;
+import java.io.InterruptedIOException;
+import java.net.DatagramPacket;
+import java.net.DatagramSocket;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.runjva.sourceforge.jsocks.server.ServerAuthenticator;
+
+/**
+ * UDP Relay server, used by ProxyServer to perform udp forwarding.
+ */
+class UDPRelayServer implements Runnable {
+
+ DatagramSocket client_sock;
+ DatagramSocket remote_sock;
+
+ Socket controlConnection;
+
+ int relayPort;
+ InetAddress relayIP;
+
+ Thread pipe_thread1, pipe_thread2;
+ Thread master_thread;
+
+ ServerAuthenticator auth;
+
+ long lastReadTime;
+
+ static Logger log = LoggerFactory.getLogger(UDPRelayServer.class);
+ static SocksProxyBase proxy = null;
+ static int datagramSize = 0xFFFF;// 64K, a bit more than max udp size
+ static int iddleTimeout = 180000;// 3 minutes
+
+ /**
+ * Constructs UDP relay server to communicate with client on given ip and
+ * port.
+ *
+ * @param clientIP
+ * Address of the client from whom datagrams will be recieved and
+ * to whom they will be forwarded.
+ * @param clientPort
+ * Clients port.
+ * @param master_thread
+ * Thread which will be interrupted, when UDP relay server
+ * stoppes for some reason.
+ * @param controlConnection
+ * Socket which will be closed, before interrupting the master
+ * thread, it is introduced due to a bug in windows JVM which
+ * does not throw InterruptedIOException in threads which block
+ * in I/O operation.
+ */
+ public UDPRelayServer(InetAddress clientIP, int clientPort,
+ Thread master_thread, Socket controlConnection,
+ ServerAuthenticator auth) throws IOException {
+
+ this.master_thread = master_thread;
+ this.controlConnection = controlConnection;
+ this.auth = auth;
+
+ client_sock = new Socks5DatagramSocket(true,
+ auth.getUdpEncapsulation(), clientIP, clientPort);
+
+ relayPort = client_sock.getLocalPort();
+ relayIP = client_sock.getLocalAddress();
+
+ if (relayIP.getHostAddress().equals("0.0.0.0")) {
+ relayIP = InetAddress.getLocalHost();
+ }
+
+ if (proxy == null) {
+ remote_sock = new DatagramSocket();
+ } else {
+ remote_sock = new Socks5DatagramSocket(proxy, 0, null);
+ }
+ }
+
+ // Public methods
+ // ///////////////
+
+ /**
+ * Sets the timeout for UDPRelay server.<br>
+ * Zero timeout implies infinity.<br>
+ * Default timeout is 3 minutes.
+ */
+
+ static public void setTimeout(int timeout) {
+ iddleTimeout = timeout;
+ }
+
+ /**
+ * Sets the size of the datagrams used in the UDPRelayServer.<br>
+ * Default size is 64K, a bit more than maximum possible size of the
+ * datagram.
+ */
+ static public void setDatagramSize(int size) {
+ datagramSize = size;
+ }
+
+ /**
+ * Port to which client should send datagram for association.
+ */
+ public int getRelayPort() {
+ return relayPort;
+ }
+
+ /**
+ * IP address to which client should send datagrams for association.
+ */
+ public InetAddress getRelayIP() {
+ return relayIP;
+ }
+
+ /**
+ * Starts udp relay server. Spawns two threads of execution and returns.
+ */
+ public void start() throws IOException {
+ remote_sock.setSoTimeout(iddleTimeout);
+ client_sock.setSoTimeout(iddleTimeout);
+
+ log.info("Starting UDP relay server on {}:{}", relayIP, relayPort);
+ log.info("Remote socket {}:{}", remote_sock.getLocalAddress(),
+ remote_sock.getLocalPort());
+
+ pipe_thread1 = new Thread(this, "pipe1");
+ pipe_thread2 = new Thread(this, "pipe2");
+
+ lastReadTime = System.currentTimeMillis();
+
+ pipe_thread1.start();
+ pipe_thread2.start();
+ }
+
+ /**
+ * Stops Relay server.
+ * <p>
+ * Does not close control connection, does not interrupt master_thread.
+ */
+ public synchronized void stop() {
+ master_thread = null;
+ controlConnection = null;
+ abort();
+ }
+
+ // Runnable interface
+ // //////////////////
+ public void run() {
+ try {
+ if (Thread.currentThread().getName().equals("pipe1")) {
+ pipe(remote_sock, client_sock, false);
+ } else {
+ pipe(client_sock, remote_sock, true);
+ }
+ } catch (final IOException ioe) {
+ } finally {
+ abort();
+ log.info("UDP Pipe thread " + Thread.currentThread().getName()
+ + " stopped.");
+ }
+
+ }
+
+ // Private methods
+ // ///////////////
+ private synchronized void abort() {
+ if (pipe_thread1 == null) {
+ return;
+ }
+
+ log.info("Aborting UDP Relay Server");
+
+ remote_sock.close();
+ client_sock.close();
+
+ if (controlConnection != null) {
+ try {
+ controlConnection.close();
+ } catch (final IOException ioe) {
+ }
+ }
+
+ if (master_thread != null) {
+ master_thread.interrupt();
+ }
+
+ pipe_thread1.interrupt();
+ pipe_thread2.interrupt();
+
+ pipe_thread1 = null;
+ }
+
+ private void pipe(DatagramSocket from, DatagramSocket to, boolean out)
+ throws IOException {
+ final byte[] data = new byte[datagramSize];
+ final DatagramPacket dp = new DatagramPacket(data, data.length);
+
+ while (true) {
+ try {
+ from.receive(dp);
+ lastReadTime = System.currentTimeMillis();
+
+ if (auth.checkRequest(dp, out)) {
+ to.send(dp);
+ }
+
+ } catch (final UnknownHostException uhe) {
+ log.info("Dropping datagram for unknown host");
+ } catch (final InterruptedIOException iioe) {
+ // log("Interrupted: "+iioe);
+ // If we were interrupted by other thread.
+ if (iddleTimeout == 0) {
+ return;
+ }
+
+ // If last datagram was received, long time ago, return.
+ final long timeSinceRead = System.currentTimeMillis()
+ - lastReadTime;
+ if (timeSinceRead >= iddleTimeout - 100) {
+ return;
+ }
+ }
+ dp.setLength(data.length);
+ }
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/protocol/UserPasswordAuthentication.java b/src/com/runjva/sourceforge/jsocks/protocol/UserPasswordAuthentication.java
new file mode 100644
index 0000000..2d5e600
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/protocol/UserPasswordAuthentication.java
@@ -0,0 +1,91 @@
+package com.runjva.sourceforge.jsocks.protocol;
+
+/**
+ * SOCKS5 User Password authentication scheme.
+ */
+public class UserPasswordAuthentication implements Authentication {
+
+ /** SOCKS ID for User/Password authentication method */
+ public final static int METHOD_ID = 2;
+
+ String userName, password;
+ byte[] request;
+
+ /**
+ * Create an instance of UserPasswordAuthentication.
+ *
+ * @param userName
+ * User Name to send to SOCKS server.
+ * @param password
+ * Password to send to SOCKS server.
+ */
+ public UserPasswordAuthentication(String userName, String password) {
+ this.userName = userName;
+ this.password = password;
+ formRequest();
+ }
+
+ /**
+ * Get the user name.
+ *
+ * @return User name.
+ */
+ public String getUser() {
+ return userName;
+ }
+
+ /**
+ * Get password
+ *
+ * @return Password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * Does User/Password authentication as defined in rfc1929.
+ *
+ * @return An array containnig in, out streams, or null if authentication
+ * fails.
+ */
+ public Object[] doSocksAuthentication(int methodId,
+ java.net.Socket proxySocket) throws java.io.IOException {
+
+ if (methodId != METHOD_ID) {
+ return null;
+ }
+
+ final java.io.InputStream in = proxySocket.getInputStream();
+ final java.io.OutputStream out = proxySocket.getOutputStream();
+
+ out.write(request);
+ final int version = in.read();
+ if (version < 0) {
+ return null; // Server closed connection
+ }
+ final int status = in.read();
+ if (status != 0) {
+ return null; // Server closed connection, or auth failed.
+ }
+
+ return new Object[] { in, out };
+ }
+
+ // Private methods
+ // ////////////////
+
+ /** Convert UserName password in to binary form, ready to be send to server */
+ private void formRequest() {
+ final byte[] user_bytes = userName.getBytes();
+ final byte[] password_bytes = password.getBytes();
+
+ request = new byte[3 + user_bytes.length + password_bytes.length];
+ request[0] = (byte) 1;
+ request[1] = (byte) user_bytes.length;
+ System.arraycopy(user_bytes, 0, request, 2, user_bytes.length);
+ request[2 + user_bytes.length] = (byte) password_bytes.length;
+ System.arraycopy(password_bytes, 0, request, 3 + user_bytes.length,
+ password_bytes.length);
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/Ident.java b/src/com/runjva/sourceforge/jsocks/server/Ident.java
new file mode 100644
index 0000000..7193f79
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/Ident.java
@@ -0,0 +1,176 @@
+package com.runjva.sourceforge.jsocks.server;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.InterruptedIOException;
+import java.net.ConnectException;
+import java.net.Socket;
+import java.util.StringTokenizer;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Class Ident provides means to obtain user name of the owner of the socket on
+ * remote machine, providing remote machine runs identd daemon.
+ * <p>
+ * To use it: <tt><pre>
+ Socket s = ss.accept();
+ Ident id = new Ident(s);
+ if(id.successful) goUseUser(id.userName);
+ else handleIdentError(id.errorCode,id.errorMessage)
+ </pre></tt>
+ */
+public class Ident {
+
+ Logger log = LoggerFactory.getLogger(Ident.class);
+
+ /** Error Message can be null. */
+ public String errorMessage;
+
+ /** Host type as returned by daemon, can be null, if error happened */
+ public String hostType;
+
+ /** User name as returned by the identd daemon, or null, if it failed */
+ public String userName;
+
+ /**
+ * If this is true then userName and hostType contain valid values. Else
+ * errorCode contain the error code, and errorMessage contains the
+ * corresponding message.
+ */
+ public boolean successful;
+
+ /** Error code */
+ public int errorCode;
+
+ /** Identd on port 113 can't be contacted */
+ public static final int ERR_NO_CONNECT = 1;
+
+ /** Connection timed out */
+ public static final int ERR_TIMEOUT = 2;
+
+ /**
+ * Identd daemon responded with ERROR, in this case errorMessage contains
+ * the string explanation, as send by the daemon.
+ */
+ public static final int ERR_PROTOCOL = 3;
+
+ /**
+ * When parsing server response protocol error happened.
+ */
+ public static final int ERR_PROTOCOL_INCORRECT = 4;
+
+ /**
+ * Maximum amount of time we should wait before dropping the connection to
+ * identd server.Setting it to 0 implies infinit timeout.
+ */
+ public static final int connectionTimeout = 10000;
+
+ /**
+ * Constructor tries to connect to Identd daemon on the host of the given
+ * socket, and retrieve user name of the owner of given socket connection on
+ * remote machine. After constructor returns public fields are initialised
+ * to whatever the server returned.
+ * <p>
+ * If user name was successfully retrieved successful is set to true, and
+ * userName and hostType are set to whatever server returned. If however for
+ * some reason user name was not obtained, successful is set to false and
+ * errorCode contains the code explaining the reason of failure, and
+ * errorMessage contains human readable explanation.
+ * <p>
+ * Constructor may block, for a while.
+ *
+ * @param s
+ * Socket whose ownership on remote end should be obtained.
+ */
+ public Ident(Socket s) {
+ Socket sock = null;
+ successful = false; // We are pessimistic
+
+ try {
+ sock = new Socket(s.getInetAddress(), 113);
+ sock.setSoTimeout(connectionTimeout);
+ final byte[] request = ("" + s.getPort() + " , " + s.getLocalPort() + "\r\n")
+ .getBytes();
+
+ sock.getOutputStream().write(request);
+
+ final BufferedReader in = new BufferedReader(new InputStreamReader(
+ sock.getInputStream()));
+
+ parseResponse(in.readLine());
+
+ } catch (final InterruptedIOException iioe) {
+ errorCode = ERR_TIMEOUT;
+ errorMessage = "Connection to identd timed out.";
+ } catch (final ConnectException ce) {
+ errorCode = ERR_NO_CONNECT;
+ errorMessage = "Connection to identd server failed.";
+
+ } catch (final IOException ioe) {
+ errorCode = ERR_NO_CONNECT;
+ errorMessage = "" + ioe;
+ } finally {
+ try {
+ if (sock != null) {
+ sock.close();
+ }
+ } catch (final IOException ioe) {
+ log.warn("Could not close socket", ioe);
+ }
+ }
+ }
+
+ private void parseResponse(String response) {
+ if (response == null) {
+ errorCode = ERR_PROTOCOL_INCORRECT;
+ errorMessage = "Identd server closed connection.";
+ return;
+ }
+
+ final StringTokenizer st = new StringTokenizer(response, ":");
+ if (st.countTokens() < 3) {
+ errorCode = ERR_PROTOCOL_INCORRECT;
+ errorMessage = "Can't parse server response.";
+ return;
+ }
+
+ st.nextToken(); // Discard first token, it's basically what we have send
+ final String command = st.nextToken().trim().toUpperCase();
+
+ if (command.equals("USERID") && (st.countTokens() >= 2)) {
+ successful = true;
+ hostType = st.nextToken().trim();
+ userName = st.nextToken("").substring(1);// Get all that is left
+ } else if (command.equals("ERROR")) {
+ errorCode = ERR_PROTOCOL;
+ errorMessage = st.nextToken();
+ } else {
+ errorCode = ERR_PROTOCOL_INCORRECT;
+ System.out.println("Opa!");
+ errorMessage = "Can't parse server response.";
+ }
+
+ }
+
+ // /////////////////////////////////////////////
+ // USED for Testing
+ /*
+ * public static void main(String[] args) throws IOException{
+ *
+ * Socket s = null; s = new Socket("gp101-16", 1391);
+ *
+ * Ident id = new Ident(s); if(id.successful){
+ * System.out.println("User: "+id.userName);
+ * System.out.println("HostType: "+id.hostType); }else{
+ * System.out.println("ErrorCode: "+id.errorCode);
+ * System.out.println("ErrorMessage: "+id.errorMessage);
+ *
+ * }
+ *
+ * if(s!= null) s.close(); } //
+ */
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/IdentAuthenticator.java b/src/com/runjva/sourceforge/jsocks/server/IdentAuthenticator.java
new file mode 100644
index 0000000..70e2593
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/IdentAuthenticator.java
@@ -0,0 +1,182 @@
+package com.runjva.sourceforge.jsocks.server;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.runjva.sourceforge.jsocks.protocol.InetRange;
+import com.runjva.sourceforge.jsocks.protocol.ProxyMessage;
+
+/**
+ * An implementation of socks.ServerAuthentication which provides simple
+ * authentication based on the host from which the connection is made and the
+ * name of the user on the remote machine, as reported by identd daemon on the
+ * remote machine.
+ * <p>
+ * It can also be used to provide authentication based only on the contacting
+ * host address.
+ */
+
+public class IdentAuthenticator extends ServerAuthenticatorBase {
+ /** Vector of InetRanges */
+ Vector<InetRange> hosts;
+
+ /** Vector of user hashes */
+ Vector<Hashtable<?, ?>> users;
+
+ String user;
+
+ /**
+ * Constructs empty IdentAuthenticator.
+ */
+ public IdentAuthenticator() {
+ hosts = new Vector<InetRange>();
+ users = new Vector<Hashtable<?, ?>>();
+ }
+
+ /**
+ * Used to create instances returned from startSession.
+ *
+ * @param in
+ * Input stream.
+ * @param out
+ * OutputStream.
+ * @param user
+ * Username associated with this connection,could be null if name
+ * was not required.
+ */
+ IdentAuthenticator(InputStream in, OutputStream out, String user) {
+ super(in, out);
+ this.user = user;
+ }
+
+ /**
+ * Adds range of addresses from which connection is allowed. Hashtable users
+ * should contain user names as keys and anything as values (value is not
+ * used and will be ignored).
+ *
+ * @param hostRange
+ * Range of ip addresses from which connection is allowed.
+ * @param users
+ * Hashtable of users for whom connection is allowed, or null to
+ * indicate that anybody is allowed to connect from the hosts
+ * within given range.
+ */
+ public synchronized void add(InetRange hostRange, Hashtable<?, ?> users) {
+ this.hosts.addElement(hostRange);
+ this.users.addElement(users);
+ }
+
+ /**
+ * Grants permission only to those users, who connect from one of the hosts
+ * registered with add(InetRange,Hashtable) and whose names, as reported by
+ * identd daemon, are listed for the host the connection came from.
+ */
+ public ServerAuthenticator startSession(Socket s) throws IOException {
+
+ final int ind = getRangeIndex(s.getInetAddress());
+ String user = null;
+
+ // System.out.println("getRangeReturned:"+ind);
+
+ if (ind < 0) {
+ return null; // Host is not on the list.
+ }
+
+ final ServerAuthenticator serverAuthenticator = super.startSession(s);
+ final ServerAuthenticatorBase auth = (ServerAuthenticatorBase) serverAuthenticator;
+
+ // System.out.println("super.startSession() returned:"+auth);
+ if (auth == null) {
+ return null;
+ }
+
+ // do the authentication
+
+ final Hashtable<?, ?> user_names = users.elementAt(ind);
+
+ if (user_names != null) { // If need to do authentication
+ Ident ident;
+ ident = new Ident(s);
+ // If can't obtain user name, fail
+ if (!ident.successful) {
+ return null;
+ }
+ // If user name is not listed for this address, fail
+ if (!user_names.containsKey(ident.userName)) {
+ return null;
+ }
+ user = ident.userName;
+ }
+ return new IdentAuthenticator(auth.in, auth.out, user);
+
+ }
+
+ /**
+ * For SOCKS5 requests allways returns true. For SOCKS4 requests checks
+ * wether the user name supplied in the request corresponds to the name
+ * obtained from the ident daemon.
+ */
+ public boolean checkRequest(ProxyMessage msg, java.net.Socket s) {
+ // If it's version 5 request, or if anybody is permitted, return true;
+ if ((msg.version == 5) || (user == null)) {
+ return true;
+ }
+
+ if (msg.version != 4) {
+ return false; // Who knows?
+ }
+
+ return user.equals(msg.user);
+ }
+
+ /** Get String representaion of the IdentAuthenticator. */
+ public String toString() {
+ String s = "";
+
+ for (int i = 0; i < hosts.size(); ++i) {
+ s += "(Range:" + hosts.elementAt(i) + "," + //
+ " Users:" + userNames(i) + ") ";
+ }
+ return s;
+ }
+
+ // Private Methods
+ // ////////////////
+ private int getRangeIndex(InetAddress ip) {
+ int index = 0;
+ final Enumeration<InetRange> enumx = hosts.elements();
+ while (enumx.hasMoreElements()) {
+ final InetRange ir = enumx.nextElement();
+ if (ir.contains(ip)) {
+ return index;
+ }
+ index++;
+ }
+ return -1; // Not found
+ }
+
+ private String userNames(int i) {
+ if (users.elementAt(i) == null) {
+ return "Everybody is permitted.";
+ }
+
+ final Enumeration<?> enumx = ((Hashtable<?, ?>) users.elementAt(i))
+ .keys();
+ if (!enumx.hasMoreElements()) {
+ return "";
+ }
+ String s = enumx.nextElement().toString();
+ while (enumx.hasMoreElements()) {
+ s += "; " + enumx.nextElement();
+ }
+
+ return s;
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticator.java b/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticator.java
new file mode 100644
index 0000000..3014a92
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticator.java
@@ -0,0 +1,126 @@
+package com.runjva.sourceforge.jsocks.server;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.DatagramPacket;
+import java.net.Socket;
+
+import com.runjva.sourceforge.jsocks.protocol.ProxyMessage;
+import com.runjva.sourceforge.jsocks.protocol.UDPEncapsulation;
+
+/**
+ * Classes implementing this interface should provide socks server with
+ * authentication and authorization of users.
+ **/
+public interface ServerAuthenticator {
+
+ /**
+ * This method is called when a new connection accepted by the server.
+ * <p>
+ * At this point no data have been extracted from the connection. It is
+ * responsibility of this method to ensure that the next byte in the stream
+ * after this method have been called is the first byte of the socks request
+ * message. For SOCKSv4 there is no authentication data and the first byte
+ * in the stream is part of the request. With SOCKSv5 however there is an
+ * authentication data first. It is expected that implementaions will
+ * process this authentication data.
+ * <p>
+ * If authentication was successful an instance of ServerAuthentication
+ * should be returned, it later will be used by the server to perform
+ * authorization and some other things. If authentication fails null should
+ * be returned, or an exception may be thrown.
+ *
+ * @param s
+ * Accepted Socket.
+ * @return An instance of ServerAuthenticator to be used for this connection
+ * or null
+ */
+ ServerAuthenticator startSession(Socket s) throws IOException;
+
+ /**
+ * This method should return input stream which should be used on the
+ * accepted socket.
+ * <p>
+ * SOCKSv5 allows to have multiple authentication methods, and these methods
+ * might require some kind of transformations being made on the data.
+ * <p>
+ * This method is called on the object returned from the startSession
+ * function.
+ */
+ InputStream getInputStream();
+
+ /**
+ * This method should return output stream to use to write to the accepted
+ * socket.
+ * <p>
+ * SOCKSv5 allows to have multiple authentication methods, and these methods
+ * might require some kind of transformations being made on the data.
+ * <p>
+ * This method is called on the object returned from the startSession
+ * function.
+ */
+ OutputStream getOutputStream();
+
+ /**
+ * This method should return UDPEncapsulation, which should be used on the
+ * datagrams being send in/out.
+ * <p>
+ * If no transformation should be done on the datagrams, this method should
+ * return null.
+ * <p>
+ * This method is called on the object returned from the startSession
+ * function.
+ */
+
+ UDPEncapsulation getUdpEncapsulation();
+
+ /**
+ * This method is called when a request have been read.
+ * <p>
+ * Implementation should decide wether to grant request or not. Returning
+ * true implies granting the request, false means request should be
+ * rejected.
+ * <p>
+ * This method is called on the object returned from the startSession
+ * function.
+ *
+ * @param msg
+ * Request message.
+ * @return true to grant request, false to reject it.
+ */
+ boolean checkRequest(ProxyMessage msg);
+
+ /**
+ * This method is called when datagram is received by the server.
+ * <p>
+ * Implementaions should decide wether it should be forwarded or dropped. It
+ * is expecteed that implementation will use datagram address and port
+ * information to make a decision, as well as anything else. Address and
+ * port of the datagram are always correspond to remote machine. It is
+ * either destination or source address. If out is true address is
+ * destination address, else it is a source address, address of the machine
+ * from which datagram have been received for the client.
+ * <p>
+ * Implementaions should return true if the datagram is to be forwarded, and
+ * false if the datagram should be dropped.
+ * <p>
+ * This method is called on the object returned from the startSession
+ * function.
+ *
+ * @param out
+ * If true the datagram is being send out(from the client),
+ * otherwise it is an incoming datagram.
+ * @return True to forward datagram false drop it silently.
+ */
+ boolean checkRequest(DatagramPacket dp, boolean out);
+
+ /**
+ * This method is called when session is completed. Either due to normal
+ * termination or due to any error condition.
+ * <p>
+ * This method is called on the object returned from the startSession
+ * function.
+ */
+ void endSession();
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticatorBase.java b/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticatorBase.java
new file mode 100644
index 0000000..79acd58
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticatorBase.java
@@ -0,0 +1,187 @@
+package com.runjva.sourceforge.jsocks.server;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.PushbackInputStream;
+import java.net.Socket;
+
+import com.runjva.sourceforge.jsocks.protocol.ProxyMessage;
+import com.runjva.sourceforge.jsocks.protocol.UDPEncapsulation;
+
+/**
+ * An implementation of ServerAuthenticator, which does <b>not</b> do any
+ * authentication.
+ * <P>
+ * <FONT size="+3" color ="FF0000"> Warning!!</font><br>
+ * Should not be used on machines which are not behind the firewall.
+ * <p>
+ * It is only provided to make implementing other authentication schemes easier.
+ * <br>
+ * For Example: <tt><pre>
+ class MyAuth extends socks.server.ServerAuthenticator{
+ ...
+ public ServerAuthenticator startSession(java.net.Socket s){
+ if(!checkHost(s.getInetAddress()) return null;
+ return super.startSession(s);
+ }
+
+ boolean checkHost(java.net.Inetaddress addr){
+ boolean allow;
+ //Do it somehow
+ return allow;
+ }
+ }
+</pre></tt>
+ */
+public abstract class ServerAuthenticatorBase implements ServerAuthenticator {
+
+ static final byte[] socks5response = { 5, 0 };
+
+ InputStream in;
+ OutputStream out;
+
+ /**
+ * Creates new instance of the ServerAuthenticatorNone.
+ */
+ public ServerAuthenticatorBase() {
+ this.in = null;
+ this.out = null;
+ }
+
+ /**
+ * Constructs new ServerAuthenticatorNone object suitable for returning from
+ * the startSession function.
+ *
+ * @param in
+ * Input stream to return from getInputStream method.
+ * @param out
+ * Output stream to return from getOutputStream method.
+ */
+ public ServerAuthenticatorBase(InputStream in, OutputStream out) {
+ this.in = in;
+ this.out = out;
+ }
+
+ /**
+ * Grants access to everyone.Removes authentication related bytes from the
+ * stream, when a SOCKS5 connection is being made, selects an authentication
+ * NONE.
+ */
+ public ServerAuthenticator startSession(Socket s) throws IOException {
+
+ final PushbackInputStream in = new PushbackInputStream(s
+ .getInputStream());
+ final OutputStream out = s.getOutputStream();
+
+ final int version = in.read();
+ if (version == 5) {
+ if (!selectSocks5Authentication(in, out, 0)) {
+ return null;
+ }
+ } else if (version == 4) {
+ // Else it is the request message already, version 4
+ in.unread(version);
+ } else {
+ return null;
+ }
+
+ return new ServerAuthenticatorNone(in, out);
+ }
+
+ /**
+ * Get input stream.
+ *
+ * @return Input stream speciefied in the constructor.
+ */
+ public InputStream getInputStream() {
+ return in;
+ }
+
+ /**
+ * Get output stream.
+ *
+ * @return Output stream speciefied in the constructor.
+ */
+ public OutputStream getOutputStream() {
+ return out;
+ }
+
+ /**
+ * Allways returns null.
+ *
+ * @return null
+ */
+ public UDPEncapsulation getUdpEncapsulation() {
+ return null;
+ }
+
+ /**
+ * Allways returns true.
+ */
+ public boolean checkRequest(ProxyMessage msg) {
+ return true;
+ }
+
+ /**
+ * Allways returns true.
+ */
+ public boolean checkRequest(java.net.DatagramPacket dp, boolean out) {
+ return true;
+ }
+
+ /**
+ * Does nothing.
+ */
+ public void endSession() {
+ }
+
+ /**
+ * Convinience routine for selecting SOCKSv5 authentication.
+ * <p>
+ * This method reads in authentication methods that client supports, checks
+ * wether it supports given method. If it does, the notification method is
+ * written back to client, that this method have been chosen for
+ * authentication. If given method was not found, authentication failure
+ * message is send to client ([5,FF]).
+ *
+ * @param in
+ * Input stream, version byte should be removed from the stream
+ * before calling this method.
+ * @param out
+ * Output stream.
+ * @param methodId
+ * Method which should be selected.
+ * @return true if methodId was found, false otherwise.
+ */
+ static public boolean selectSocks5Authentication(InputStream in,
+ OutputStream out, int methodId) throws IOException {
+
+ final int num_methods = in.read();
+ if (num_methods <= 0) {
+ return false;
+ }
+ final byte method_ids[] = new byte[num_methods];
+ final byte response[] = new byte[2];
+ boolean found = false;
+
+ response[0] = (byte) 5; // SOCKS version
+ response[1] = (byte) 0xFF; // Not found, we are pessimistic
+
+ int bread = 0; // bytes read so far
+ while (bread < num_methods) {
+ bread += in.read(method_ids, bread, num_methods - bread);
+ }
+
+ for (int i = 0; i < num_methods; ++i) {
+ if (method_ids[i] == methodId) {
+ found = true;
+ response[1] = (byte) methodId;
+ break;
+ }
+ }
+
+ out.write(response);
+ return found;
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticatorNone.java b/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticatorNone.java
new file mode 100644
index 0000000..0e97677
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/ServerAuthenticatorNone.java
@@ -0,0 +1,16 @@
+package com.runjva.sourceforge.jsocks.server;
+
+import java.io.InputStream;
+import java.io.OutputStream;
+
+/**
+ * Simplest possible ServerAuthenticator implementation. Extends common base.
+ *
+ */
+public class ServerAuthenticatorNone extends ServerAuthenticatorBase {
+
+ public ServerAuthenticatorNone(InputStream in, OutputStream out) {
+ super(in, out);
+ }
+
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/UserPasswordAuthenticator.java b/src/com/runjva/sourceforge/jsocks/server/UserPasswordAuthenticator.java
new file mode 100644
index 0000000..82980f2
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/UserPasswordAuthenticator.java
@@ -0,0 +1,82 @@
+package com.runjva.sourceforge.jsocks.server;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.Socket;
+
+/**
+ * This class implements SOCKS5 User/Password authentication scheme as defined
+ * in rfc1929,the server side of it. (see docs/rfc1929.txt)
+ */
+public class UserPasswordAuthenticator extends ServerAuthenticatorBase {
+
+ static final int METHOD_ID = 2;
+
+ UserValidation validator;
+
+ /**
+ * Construct a new UserPasswordAuthentication object, with given
+ * UserVlaidation scheme.
+ *
+ * @param v
+ * UserValidation to use for validating users.
+ */
+ public UserPasswordAuthenticator(UserValidation validator) {
+ this.validator = validator;
+ }
+
+ public ServerAuthenticator startSession(Socket s) throws IOException {
+ final InputStream in = s.getInputStream();
+ final OutputStream out = s.getOutputStream();
+
+ if (in.read() != 5) {
+ return null; // Drop non version 5 messages.
+ }
+
+ if (!selectSocks5Authentication(in, out, METHOD_ID)) {
+ return null;
+ }
+ if (!doUserPasswordAuthentication(s, in, out)) {
+ return null;
+ }
+
+ return new ServerAuthenticatorNone(in, out);
+ }
+
+ // Private Methods
+ // ////////////////
+
+ private boolean doUserPasswordAuthentication(Socket s, InputStream in,
+ OutputStream out) throws IOException {
+ final int version = in.read();
+ if (version != 1) {
+ return false;
+ }
+
+ final int ulen = in.read();
+ if (ulen < 0) {
+ return false;
+ }
+
+ final byte[] user = new byte[ulen];
+ in.read(user);
+ final int plen = in.read();
+ if (plen < 0) {
+ return false;
+ }
+ final byte[] password = new byte[plen];
+ in.read(password);
+
+ if (validator.isUserValid(new String(user), new String(password), s)) {
+ // System.out.println("user valid");
+ out.write(new byte[] { 1, 0 });
+ } else {
+ // System.out.println("user invalid");
+ out.write(new byte[] { 1, 1 });
+ return false;
+ }
+
+ return true;
+ }
+}
diff --git a/src/com/runjva/sourceforge/jsocks/server/UserValidation.java b/src/com/runjva/sourceforge/jsocks/server/UserValidation.java
new file mode 100644
index 0000000..c4f7770
--- /dev/null
+++ b/src/com/runjva/sourceforge/jsocks/server/UserValidation.java
@@ -0,0 +1,24 @@
+package com.runjva.sourceforge.jsocks.server;
+
+/**
+ * Interface which provides for user validation, based on user name password and
+ * where it connects from.
+ */
+public interface UserValidation {
+ /**
+ * Implementations of this interface are expected to use some or all of the
+ * information provided plus any information they can extract from other
+ * sources to decide wether given user should be allowed access to SOCKS
+ * server, or whatever you use it for.
+ *
+ * @return true to indicate user is valid, false otherwise.
+ * @param username
+ * User whom implementation should validate.
+ * @param password
+ * Password this user provided.
+ * @param connection
+ * Socket which user used to connect to the server.
+ */
+ boolean isUserValid(String username, String password,
+ java.net.Socket connection);
+}
diff --git a/src/org/torproject/android/Orbot.java b/src/org/torproject/android/Orbot.java
index 95a5f16..0ffdecf 100644
--- a/src/org/torproject/android/Orbot.java
+++ b/src/org/torproject/android/Orbot.java
@@ -13,9 +13,11 @@ import org.torproject.android.service.TorService;
import org.torproject.android.service.TorServiceConstants;
import org.torproject.android.service.TorServiceUtils;
import org.torproject.android.settings.SettingsPreferences;
+import org.torproject.android.vpn.OrbotVpnService;
import org.torproject.android.wizard.ChooseLocaleWizardActivity;
import org.torproject.android.wizard.TipsAndTricks;
+import android.annotation.TargetApi;
import android.app.AlertDialog;
import android.app.ProgressDialog;
import android.content.ComponentName;
@@ -32,6 +34,8 @@ import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.res.Configuration;
import android.net.Uri;
+import android.net.VpnService;
+import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.IBinder;
@@ -412,6 +416,10 @@ public class Orbot extends ActionBarActivity implements TorConstants, OnLongClic
}
+ else if (item.getItemId() == R.id.menu_vpn)
+ {
+ this.startVpnService();
+ }
return true;
}
@@ -782,9 +790,18 @@ public class Orbot extends ActionBarActivity implements TorConstants, OnLongClic
startActivityForResult(new Intent(this, SettingsPreferences.class), 1);
}
+ private final static int REQUEST_VPN = 8888;
-
-
+ @TargetApi(Build.VERSION_CODES.ICE_CREAM_SANDWICH)
+ public void startVpnService () {
+ Intent intent = VpnService.prepare(this);
+ if (intent != null) {
+ startActivityForResult(intent, REQUEST_VPN);
+ } else {
+ onActivityResult(REQUEST_VPN, RESULT_OK, null);
+ }
+ }
+
@Override
protected void onActivityResult(int request, int response, Intent data) {
@@ -827,6 +844,11 @@ public class Orbot extends ActionBarActivity implements TorConstants, OnLongClic
}
}
+ else if (request == REQUEST_VPN && response == RESULT_OK)
+ {
+ Intent intent = new Intent(this, OrbotVpnService.class);
+ startService(intent);
+ }
}
@@ -1207,7 +1229,6 @@ public class Orbot extends ActionBarActivity implements TorConstants, OnLongClic
private final ServiceConnection mConnection = new ServiceConnection() {
-
public void onServiceConnected(ComponentName className,
IBinder service) {
diff --git a/src/org/torproject/android/vpn/OrbotVpnService.java b/src/org/torproject/android/vpn/OrbotVpnService.java
new file mode 100644
index 0000000..1d06723
--- /dev/null
+++ b/src/org/torproject/android/vpn/OrbotVpnService.java
@@ -0,0 +1,239 @@
+/*
+ * Copyright (C) 2011 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.torproject.android.vpn;
+
+import java.net.DatagramSocket;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.UnknownHostException;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+import java.util.Locale;
+
+import org.torproject.android.service.TorServiceConstants;
+
+import android.annotation.TargetApi;
+import android.app.PendingIntent;
+import android.content.Intent;
+import android.net.VpnService;
+import android.os.Build;
+import android.os.Handler;
+import android.os.Message;
+import android.os.ParcelFileDescriptor;
+import android.util.Log;
+import android.widget.Toast;
+
+import com.runjva.sourceforge.jsocks.protocol.ProxyServer;
+import com.runjva.sourceforge.jsocks.server.ServerAuthenticatorNone;
+
+ at TargetApi(Build.VERSION_CODES.ICE_CREAM_SANDWICH)
+public class OrbotVpnService extends VpnService implements Handler.Callback {
+ private static final String TAG = "OrbotVpnService";
+
+ private PendingIntent mConfigureIntent;
+
+ private Handler mHandler;
+ private Thread mThread;
+
+ private String mSessionName = "OrbotVPN";
+ private ParcelFileDescriptor mInterface;
+
+ private int mSocksProxyPort = 9999;
+ private ProxyServer mProxyServer;
+
+ private boolean mKeepRunning = true;
+
+ @Override
+ public int onStartCommand(Intent intent, int flags, int startId) {
+ // The handler is only used to show messages.
+ if (mHandler == null) {
+ mHandler = new Handler(this);
+ }
+
+ // Stop the previous session by interrupting the thread.
+ if (mThread != null) {
+ mThread.interrupt();
+ }
+
+ startSocksBypass ();
+ setupTun2Socks();
+
+ return START_STICKY;
+ }
+
+ private void startSocksBypass ()
+ {
+ Thread thread = new Thread ()
+ {
+ public void run ()
+ {
+
+ try {
+ mProxyServer = new ProxyServer(new ServerAuthenticatorNone(null, null));
+ mProxyServer.setVpnService(OrbotVpnService.this);
+ mProxyServer.start(mSocksProxyPort, 5, InetAddress.getLocalHost());
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+ };
+
+ thread.start();
+ }
+
+ @Override
+ public void onDestroy() {
+ if (mThread != null) {
+ mKeepRunning = false;
+ mThread.interrupt();
+ }
+
+ if (mProxyServer != null)
+ mProxyServer.stop();
+ }
+
+ @Override
+ public boolean handleMessage(Message message) {
+ if (message != null) {
+ Toast.makeText(this, message.what, Toast.LENGTH_SHORT).show();
+ }
+ return true;
+ }
+
+
+ private void setupTun2Socks() {
+
+ if (mInterface == null)
+ {
+ // Set the locale to English (or probably any other language that^M
+ // uses Hindu-Arabic (aka Latin) numerals).^M
+ // We have found that VpnService.Builder does something locale-dependent^M
+ // internally that causes errors when the locale uses its own numerals^M
+ // (i.e., Farsi and Arabic).^M
+ Locale.setDefault(new Locale("en"));
+
+ Builder builder = new Builder();
+
+ builder.setMtu(3000);
+ builder.addAddress("10.0.0.1",8);
+ builder.setSession("OrbotVPN");
+ builder.addRoute("0.0.0.0",0);
+ builder.addRoute("10.0.0.0",8);
+ //builder.addDnsServer("10.0.0.2");
+ builder.addDnsServer("127.0.0.1");
+ // Close the old interface since the parameters have been changed.
+ try {
+ mInterface.close();
+ } catch (Exception e) {
+ // ignore
+ }
+
+
+ // Create a new interface using the builder and save the parameters.
+ mInterface = builder.setSession(mSessionName)
+ .setConfigureIntent(mConfigureIntent)
+ .establish();
+
+ Tun2Socks.Start(mInterface, 3000, "10.0.0.2", "255.255.255.0", "localhost:" + TorServiceConstants.PORT_SOCKS_DEFAULT, null, true);
+ }
+ }
+
+ private void debugPacket(ByteBuffer packet)
+ {
+
+ int buffer = packet.get();
+ int version;
+ int headerlength;
+ version = buffer >> 4;
+ headerlength = buffer & 0x0F;
+ headerlength *= 4;
+ Log.d(TAG, "IP Version:"+version);
+ Log.d(TAG, "Header Length:"+headerlength);
+
+ String status = "";
+ status += "Header Length:"+headerlength;
+
+ buffer = packet.get(); //DSCP + EN
+ buffer = packet.getChar(); //Total Length
+
+ Log.d(TAG, "Total Length:"+buffer);
+
+ buffer = packet.getChar(); //Identification
+ Log.d(TAG, "Identification:"+buffer);
+
+ buffer = packet.getChar(); //Flags + Fragment Offset
+ buffer = packet.get(); //Time to Live
+ buffer = packet.get(); //Protocol
+
+ Log.d(TAG, "Protocol:"+buffer);
+
+ status += " Protocol:"+buffer;
+
+ buffer = packet.getChar(); //Header checksum
+
+ String sourceIP = "";
+ buffer = packet.get(); //Source IP 1st Octet
+ sourceIP += buffer;
+ sourceIP += ".";
+
+ buffer = packet.get(); //Source IP 2nd Octet
+ sourceIP += buffer;
+ sourceIP += ".";
+
+ buffer = packet.get(); //Source IP 3rd Octet
+ sourceIP += buffer;
+ sourceIP += ".";
+
+ buffer = packet.get(); //Source IP 4th Octet
+ sourceIP += buffer;
+
+ Log.d(TAG, "Source IP:"+sourceIP);
+
+ status += " Source IP:"+sourceIP;
+
+ String destIP = "";
+ buffer = packet.get(); //Destination IP 1st Octet
+ destIP += buffer;
+ destIP += ".";
+
+ buffer = packet.get(); //Destination IP 2nd Octet
+ destIP += buffer;
+ destIP += ".";
+
+ buffer = packet.get(); //Destination IP 3rd Octet
+ destIP += buffer;
+ destIP += ".";
+
+ buffer = packet.get(); //Destination IP 4th Octet
+ destIP += buffer;
+
+ Log.d(TAG, "Destination IP:"+destIP);
+
+ status += " Destination IP:"+destIP;
+ /*
+ msgObj = mHandler.obtainMessage();
+ msgObj.obj = status;
+ mHandler.sendMessage(msgObj);
+ */
+
+ //Log.d(TAG, "version:"+packet.getInt());
+ //Log.d(TAG, "version:"+packet.getInt());
+ //Log.d(TAG, "version:"+packet.getInt());
+
+ }
+
+}
diff --git a/src/org/torproject/android/vpn/Tun2Socks.java b/src/org/torproject/android/vpn/Tun2Socks.java
new file mode 100644
index 0000000..b921631
--- /dev/null
+++ b/src/org/torproject/android/vpn/Tun2Socks.java
@@ -0,0 +1,124 @@
+package org.torproject.android.vpn;
+
+/*
+ * Copyright (c) 2013, Psiphon Inc.
+ * All rights reserved.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import java.net.DatagramSocket;
+import java.net.Socket;
+
+import android.annotation.TargetApi;
+import android.os.Build;
+import android.os.ParcelFileDescriptor;
+
+ at TargetApi(Build.VERSION_CODES.HONEYCOMB_MR1)
+public class Tun2Socks
+{
+ public static interface IProtectSocket
+ {
+ boolean doVpnProtect(Socket socket);
+ boolean doVpnProtect(DatagramSocket socket);
+ };
+
+
+ private static Thread mThread;
+ private static ParcelFileDescriptor mVpnInterfaceFileDescriptor;
+ private static int mVpnInterfaceMTU;
+ private static String mVpnIpAddress;
+ private static String mVpnNetMask;
+ private static String mSocksServerAddress;
+ private static String mUdpgwServerAddress;
+ private static boolean mUdpgwTransparentDNS;
+
+ // Note: this class isn't a singleton, but you can't run more
+ // than one instance due to the use of global state (the lwip
+ // module, etc.) in the native code.
+
+ public static synchronized void Start(
+ ParcelFileDescriptor vpnInterfaceFileDescriptor,
+ int vpnInterfaceMTU,
+ String vpnIpAddress,
+ String vpnNetMask,
+ String socksServerAddress,
+ String udpgwServerAddress,
+ boolean udpgwTransparentDNS)
+ {
+
+
+ Stop();
+
+ mVpnInterfaceFileDescriptor = vpnInterfaceFileDescriptor;
+ mVpnInterfaceMTU = vpnInterfaceMTU;
+ mVpnIpAddress = vpnIpAddress;
+ mVpnNetMask = vpnNetMask;
+ mSocksServerAddress = socksServerAddress;
+ mUdpgwServerAddress = udpgwServerAddress;
+ mUdpgwTransparentDNS = udpgwTransparentDNS;
+
+ mThread = new Thread(new Runnable()
+ {
+ @Override
+ public void run()
+ {
+ runTun2Socks(
+ mVpnInterfaceFileDescriptor.detachFd(),
+ mVpnInterfaceMTU,
+ mVpnIpAddress,
+ mVpnNetMask,
+ mSocksServerAddress,
+ mUdpgwServerAddress,
+ mUdpgwTransparentDNS ? 1 : 0);
+
+ }
+ });
+ mThread.start();
+ }
+
+ public static synchronized void Stop()
+ {
+ if (mThread != null)
+ {
+ terminateTun2Socks();
+ try
+ {
+ mThread.join();
+ }
+ catch (InterruptedException e)
+ {
+ Thread.currentThread().interrupt();
+ }
+ mThread = null;
+ }
+ }
+
+ private native static int runTun2Socks(
+ int vpnInterfaceFileDescriptor,
+ int vpnInterfaceMTU,
+ String vpnIpAddress,
+ String vpnNetMask,
+ String socksServerAddress,
+ String udpgwServerAddress,
+ int udpgwTransparentDNS);
+
+ private native static void terminateTun2Socks();
+
+ static
+ {
+ System.loadLibrary("tun2socks");
+ }
+}
\ No newline at end of file
More information about the tor-commits
mailing list