[Pkg-gnupg-commit] [libassuan] 04/10: New feature to test for SOCKS5 proxy availability.
Eric Dorland
eric at moszumanska.debian.org
Fri Dec 4 19:05:08 UTC 2015
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libassuan.
commit 05ac2dc5c77fa4b87e98508c1b15fd254806b1ce
Author: Werner Koch <wk at gnupg.org>
Date: Fri Nov 27 11:54:52 2015 +0100
New feature to test for SOCKS5 proxy availability.
* src/assuan-socket.c (socks5_connect): Add special treatment for
empty hostnames.
(_assuan_sock_connect_byname): Add feature to test for proxy
availibility.
* tests/socks5.c (main): Add option --have-proxy.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
NEWS | 3 +++
doc/assuan.texi | 7 ++++++-
src/assuan-socket.c | 28 ++++++++++++++++++++++++----
tests/socks5.c | 34 ++++++++++++++++++++++++++++++++--
4 files changed, 65 insertions(+), 7 deletions(-)
diff --git a/NEWS b/NEWS
index 7168207..a7e4237 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ Noteworthy changes in version 2.4.2 (unreleased) [C7/A7/R_]
* The nPth version of the connect system hook does now wrap the call
with npth_unprotec/npth_protect to avoid blocking during a connect.
+ * Add feature to assuan_sock_connect_byname to test for SOCKS5
+ availability.
+
Noteworthy changes in version 2.4.1 (2015-11-23) [C7/A7/R1]
------------------------------------------------
diff --git a/doc/assuan.texi b/doc/assuan.texi
index 131ffc1..aae3de7 100644
--- a/doc/assuan.texi
+++ b/doc/assuan.texi
@@ -1995,7 +1995,12 @@ current implementation requires that @var{flags} has either
new TCP STREAM socket is returned; on error @code{ASSUAN_INVALID_FD}
and ERRNO set. If @var{credentials} is not @code{NULL}, it is a
string used for password based SOCKS authentication. Username and
-password are separated by a colon. @var{reserved} should be 0.
+password are separated by a colon. @var{reserved} should be 0. To
+test whether the proxy is available @var{host} and @var{port} may be
+given as NULL/0: If the proxy is available the function returns a
+valid socket which is in the state after credentials sub-negotiation.
+The caller now knows that the SOCKS proxy is available and has been
+authenticated; normally the caller closes the socket then.
@end deftypefun
diff --git a/src/assuan-socket.c b/src/assuan-socket.c
index bb0e610..d5e4ee4 100644
--- a/src/assuan-socket.c
+++ b/src/assuan-socket.c
@@ -814,6 +814,13 @@ socks5_connect (assuan_context_t ctx, assuan_fd_t sock,
}
}
+ if (hostname && !*hostname && !hostport)
+ {
+ /* Empty hostname given. Stop right here to allow the caller to
+ do the actual proxy request. */
+ return 0;
+ }
+
/* Send request details (rfc-1928, 4). */
buffer[0] = 5; /* VER */
buffer[1] = 1; /* CMD = CONNECT */
@@ -1059,11 +1066,13 @@ _assuan_sock_connect (assuan_context_t ctx, assuan_fd_t sockfd,
/* Connect to HOST specified as host name on PORT. The current
implementation requires that either the flags ASSUAN_SOCK_SOCKS or
- ASSUAN_SOCK_TOR are give in FLAGS. On success a new socket is
+ ASSUAN_SOCK_TOR are given in FLAGS. On success a new socket is
returned; on error ASSUAN_INVALID_FD is returned and ERRNO set. If
CREDENTIALS is not NULL, it is a string used for password based
- authentication. Username and password are separated by a
- colon. RESERVED must be 0. */
+ authentication. Username and password are separated by a colon.
+ RESERVED must be 0. By passing HOST and PORT as 0 the function can
+ be used to check for proxy availability: If the proxy is available
+ a socket will be returned which the caller should then close. */
assuan_fd_t
_assuan_sock_connect_byname (assuan_context_t ctx, const char *host,
unsigned short port, int reserved,
@@ -1082,12 +1091,23 @@ _assuan_sock_connect_byname (assuan_context_t ctx, const char *host,
return ASSUAN_INVALID_FD;
}
+ if (host && !*host)
+ {
+ /* Error out early on an empty host name. See below. */
+ gpg_err_set_errno (EINVAL);
+ return ASSUAN_INVALID_FD;
+ }
+
fd = _assuan_sock_new (ctx, AF_INET, SOCK_STREAM, 0);
if (fd == ASSUAN_INVALID_FD)
return fd;
+ /* For HOST being NULL we pass an empty string which indicates to
+ socks5_connect to stop midway during the proxy negotiation. Note
+ that we can't pass NULL directly as this indicates IP address
+ mode to the called function. */
if (socks5_connect (ctx, fd, socksport,
- credentials, host, port, NULL, 0))
+ credentials, host? host:"", port, NULL, 0))
{
int save_errno = errno;
assuan_sock_close (fd);
diff --git a/tests/socks5.c b/tests/socks5.c
index 7ab0438..b3754b8 100644
--- a/tests/socks5.c
+++ b/tests/socks5.c
@@ -53,6 +53,7 @@ main (int argc, char **argv)
int only_v6 = 0;
int only_v4 = 0;
int use_tor = 0;
+ int opt_have_proxy = 0;
int disable_socks = 0;
int opt_byname = 0;
const char *user = NULL;
@@ -87,6 +88,7 @@ main (int argc, char **argv)
" --inet6-only Use only IPv6\n"
" --inet4-only Use only IPv4\n"
" --disable-socks Connect w/o SOCKS\n"
+ " --have-proxy Check whether the proxy is available\n"
" --byname Use assuan_sock_connect_byname\n"
" --user STRING Use STRING as user for authentication\n"
" --pass STRING Use STRING as password for authentication\n"
@@ -128,6 +130,11 @@ main (int argc, char **argv)
opt_byname = 1;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--have-proxy"))
+ {
+ opt_have_proxy = 1;
+ argc--; argv++;
+ }
else if (!strcmp (*argv, "--user"))
{
argc--; argv++;
@@ -153,7 +160,7 @@ main (int argc, char **argv)
}
}
- if (argc != 2)
+ if (argc != 2 && !opt_have_proxy)
{
fputs ("usage: socks5 HOST PORT\n", stderr);
exit (1);
@@ -175,7 +182,30 @@ main (int argc, char **argv)
use_tor? "TOR": "SOCKS", gpg_strerror (err));
}
- if (opt_byname)
+ if (opt_have_proxy)
+ {
+ char *cred;
+
+ if (user || pass)
+ cred = xstrconcat (user?user:"", ":", pass, NULL);
+ else
+ cred = NULL;
+
+ sock = assuan_sock_connect_byname
+ (NULL, 0, 0, cred, use_tor? ASSUAN_SOCK_TOR : ASSUAN_SOCK_SOCKS);
+ if (sock == ASSUAN_INVALID_FD)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("SOCKS proxy is not available (%s)\n", gpg_strerror (err));
+ exit (1);
+ }
+ xfree (cred);
+ assuan_sock_close (sock);
+ if (verbose)
+ log_info ("SOCKS proxy available\n");
+ exit (0);
+ }
+ else if (opt_byname)
{
unsigned short port;
char *cred;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/libassuan.git
More information about the Pkg-gnupg-commit
mailing list